- https://github.com/david942j/one_gadget
- https://docs.pwntools.com/en/stable/install.html#prerequisites
- https://gef.readthedocs.io/en/master/
- jd-gui (decompiler java)
- jq
- hashcat --force otro.hash /usr/share/wordlists/rockyou.txt
fedora_pentesting is a script to install in a Fedora OS the main tools used in pentesting.
This script can be run on either a native machine or a container.
A series of directories have been defined where programs and scripts will be stored, these directories are
- /opt/pentesting: In this directory is where you install all the programs that require a download of the source code for later compilation.
- /usr/share/wordlists: In this directory you can download the dictionaries
- /usr/share/pentesting: In this directory are downloaded the tools and scripts that do not require installation.
- /usr/local/bin: In this directory you download or link the binaries of the programs so that they can be executed directly
To be able to run the script you only need to download the repository.
git clone https://github.com/procamora/fedora_pentesting.gitThe script requires an argument with the action to be performed. The available actions are the following options:
- install: Installing the basic pentesting packages.
- extra: Installing the extra pentesting packages. Currently this mode only installs ghydra.
- uninstall: Uninstalling the basic pentesting packages.
- unextra: Uninstalling the extra pentesting packages.
- gui: Installing the pentesting packages with graphic environment, such as ZAP Proxy or Burp Suite.
- upgrade: Upgrade the extra pentesting packages (same as install).
The script can be executed by putting sudo to the command or not. If you run it without sudo, the script will ask for the user's password when needed to execute administration commands to install packages or modify permissions.
It is important to tell the sudo command which user is executing it, so that it works correctly with the environment variables of this user.
./fedora_pentesting.sh > install.logYou can use a container with all the tools already installed using docker or podman. The image is located in: https://hub.docker.com/r/procamora/pentesting.
podman run -ti --rm --hostname=pentest -p 2222:22 --name pentest procamora/pentestingWhen the image is started, a shell directly starts up, but it also has SSH enabled with a certificate so that it can be connected or files can be transferred.
ssh -i ssh/id_rsa [email protected] -p 2222Note the user is root and the RSA keys he uses are in the ssh directory of the repository.
In the case of using a container, applications that require a graphical environment such as Burp Suite or ZAP Proxy do not work yet.
| Tools | Description |
|---|---|
| amap | |
| dnsenum | |
| dnsmap | |
| nikto | |
| nmap | |
| finger | |
| openldap-clients | |
| net-snmp-utils | |
| onesixtyone | |
| snmpcheck | |
| smtp-user-enum | |
| finger-user-enum | |
| ftp-user-enum | |
| ident-user-enum | |
| enum4linux | |
| masscan |
| Tools | Description |
|---|---|
| openvas | |
| sqlninja | |
| sslscan | |
| powerfuzzer | |
| sqlmap | |
| Tools | Description |
|---|---|
| aircrack-ng | |
| reaver | |
| kismet | |
| macchanger | |
| Tools | Description |
|---|---|
| wfuzz | |
| skipfish | |
| gobuster | |
| wpscan | |
| dirbpy | |
| whatweb | |
| websploit | |
| recon-ng | |
| joomscan | |
| hURL | |
| davtest | |
| dirsearch | |
| ffuf | |
| dotdotpwn | |
| ZAP | |
| burp |
| Tools | Description |
|---|---|
| exploit-database | |
| revshell | |
| LinEnum | |
| powercat | |
| linux-exploit-suggester | |
| linux-exploit-suggester-2 | |
| linuxprivchecker | |
| knock | |
| peass | |
| metasploit | |
| Veil | |
| pspy | |
| pysecdump | |
| windows-privesc-check | |
| PowerSploit | |
| nishang | |
| watson | |
| BeRoot |
| Tools | Description |
|---|---|
| Tools | Description |
|---|---|
| binwalk | |
| Tools | Description |
|---|---|
| sipvicious | |
| wireshark | |
| tshark | |
| dnschef | |
| bettercap | |
| Tools | Description |
|---|---|
| hashid | |
| hydra | |
| ncrack | |
| ophcrack | |
| exiftool | |
| fcrackzip | |
| creddump7 | |
| CeWL | |
| crunch | |
| gpp-decrypt | |
| patator | |
| hashcat | |
| john | |
| Tools | Description |
|---|---|
| rlwrap | |
| socat | |
| nc | |
| tigervnc | |
| rdesktop | |
| cryptcat | |
| httptunnel | |
| webshells | |
| Tools | Description |
|---|---|
| ltrace | |
| strace | |
| Tools | Description |
|---|---|
| steghide | |
| exiftool | |
| easy_stegoCTF | |
| Tools | Description |
|---|---|
| Tools | Description |
|---|---|
| seclists | |
| rockyou.txt | |
| static-binaries | |
| impacket | |
| pentest | |
- Configurar docker con volumenes
- https://github.com/swisskyrepo/PayloadsAllTheThings