Skip to content

Dlat/pentest-tools

BranchesTags
 
 

Repository files navigation

pentest-tools

big-ip-decode.rb:

Connect to a server and try to decode BIGipServer cookie for internal IP

Example: big-ip-decode.rb 192.168.1.1 443

burp_loader.rb:

Loads each line of the supplied file into burp targets list (GET request through proxy)

Usage: burp_loader.rb [options]
-f, --file FILENAME              A line separate file of targets
-q, --quiet                      Disable verbose messages
-h, --help                       Display this screen

Example: burp_loader.rb -f urls.txt

cisco-ike-frag-test.rb:

Try to establish an IKE session with Cisco ASA and look for a response to fragmented message

Example usage:
	$ sudo ./cisco-ike-frag-test.rb 192.168.1.1
	[+] Sending IKE Initialization packet to 192.168.1.1
	[+] Session established, using Responder SPI: 9746b216c3d865ff
	[+] Sending IKE Fragmentation packets...
	[!] Recieved INVALID-SYNTAX notification
	
	[!] 192.168.1.1 is VULNERABLE

ipsort.rb:

Perform a numeric sort for a line-separated file of IP addresses.

Example: ipsort.rb ips.txt

nessus_parse.rb:

Parses a Nessus XML output file and lists findings for each host sorted by CVSS.

Usage: nessus_list.rb [options]
    -f, --file FILENAME              Nessus XML output file
    -i, --ignore                     Ignore Info findings (CVSS: 0)
    -c, --color                      Colorize findings by severity
    -h, --help                       Display this screen

Example: nessus_parse.rb -i -f file.nessus

net_discovery_reporter.rb:

Creates a Word Docx table populated with open ports from nmap/masscan XML files.

Usage: net_discovery_reporter.rb [options]
    -f, --file FILENAME,FILENAME2    Nmap XML file (singular, or a comma-separated list)
    -d, --dir PATH                   Directory of Nmap XML files
    -t, --targets FILENAME           Line separated file of targets to include in table
    -v, --verbose                    Enable verbose messages
    -h, --help                       Display this screen

Example: net_discovery_reporter.rb -d ./

openedge.rb:

Ruby implementation of Progress OpenEdge's PBKDF stored function for creating AES cipher keys from cleartext. Requires: rbkb

Usage: openedge.rb

Example:
$ ./openedge.rb
Cleartext password:
SamplePassword

Master Key (base64 encoded):
EdzQswl4w2DwE2Tg3XqxKheY35OPyDF+GbYqVd3RSVA=

Master Key (hex):
11dcd0b30978c360f01364e0dd7ab12a1798df938fc8317e19b62a55ddd14950

sonicwall_selenium.rb:

Use selenium to attack sonicwall login with wordlist through Firefox, since the login performs client-side JS crypto that most tools can't emulate easily. Mostly a one-off tool. Modify the source with target info, wordlist, etc.

Example: sonicwall_selenium.rb

About

Small collection of tools I've written for use on pentest's

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Ruby 96.5%
  • Shell 3.5%