Latest notes for PenTesting- MrLeet


MrLeet provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.

#!/usr/bin/python2.7
# Copyright (c) 2003-2012 CORE Security Technologies
#
# This software is provided under under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# $Id: samrdump.py 592 2012-07-11 16:45:20Z bethus@gmail.com $
#
# Description: DCE/RPC SAMR dumper.
#...


Score: 0


#!/usr/bin/env python

###############################################################################################################
## [Title]: reconscan.py -- a recon/enumeration script
## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift
##----------------------------------------------------------------------------------------------------...


Score: 0


#!/usr/bin/env python
import subprocess
import sys
import os

if len(sys.argv) != 3:
print "Usage: ftprecon.py <ip address> <port>"
sys.exit(0)

ip_address = sys.argv[1].strip()
port = sys.argv[2].strip()
print "INFO: Performing nmap FTP script scan for " + ip_address + ":" + port
FTPSCA...


Score: 0


#!/usr/bin/perl -w
# finger-user-enum - Brute Force Username via Finger Service
# Copyright (C) 2006 pentestmonkey@pentestmonkey.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
# published by the Free Software Foundation.
#
# This program is ...


Score: 0


#!/usr/bin/env python
import subprocess
import sys

if len(sys.argv) != 2:
print "Usage: dnsrecon.py <ip address>"
sys.exit(0)

ip_address = sys.argv[1]
HOSTNAME = "nmblookup -A %s | grep '<00>' | grep -v '<GROUP>' | cut -d' ' -f1" % (ip_address)# grab the hostname...


Score: 0


#!/usr/bin/python

import sys
import os
import subprocess

if len(sys.argv) != 3:
print "Usage: dirbust.py <target url> <scan name>"
sys.exit(0)

url = str(sys.argv[1])
name = str(sys.argv[2])
folders = ["/usr/share/dirb/wordlists", "/usr/share/dirb/wordlists/vulns"]

found = []
print...


Score: 0


#!/bin/bash
#Takes a list of URLs (without trailing slashes) or domains and runs the host command on them, sorting them by IP.
#strip=$(cat $1|sed 's/https\?:\/\///')
cat $1| while read line; do host "$line"; done |grep -E "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"|sort -n -t " " -k 4
...


Score: 0


#!/bin/bash
# linuxenum-btr.sh > privesc-enum.txt seklinde kullanalim
# SCRIPTI /var/tmp DIZINI ALTINDA CALISTIRALIM
# EGER SCRIPTI KULLANICINIZIN HOME DIZINI ALTINDA CALISTIRIRSANIZ KENDINIZE
printf '\n======================================================='
printf '\nTEMEL BILGILER'
printf '\n====================...


Score: 0


#!/bin/bash
strip=$(echo $1|sed 's/https\?:\/\///')
echo ""
echo "##################################################"
host $strip
echo "##################################################"
echo ""
masscan -p1-65535 $(dig +short $strip|grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b"|head -...


Score: 0


#!/usr/bin/env python

# ######################################################################################################################
# This script is based on the script by [Mike Czumak](http://www.securitysift.com/offsec-pwb-oscp/). But it is heavily rewritten, some things have been added, other stuff has been removed. The script is ...


Score: 0