A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
License: MIT License
Ohai, tried this on a vanilla kali 2019.4 and encountered some prequisites missing.
Docker debian keyring required else docker-ce cannot be installed trough apt
apt install -y debian-keyring
lanmaster53 recon-ng repo is no more on bitbucket, it is on github instead line 266
https://github.com/lanmaster53/recon-ng
mitmproxy 5.0.0.dev0 has requirement certifi 2017.7.27.1 + ldap3 2.5.1 which is incompatible.
apt install -y tox
pip3 install -U pip
pip3 install mitmproxy
or
apt install -y mitmproxy
ruby mysql error Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
apt install -y libmariadb-dev
screenshot util in ~/tools/web/httpscreenshot - Failed building wheel for m2crypto with pip
apt install -y python-m2crypt
s3 has a bunch of depency errors
Everything else is straight forward. Thanks for sharing your pentest arsenal. Highly appreciated :)
This is a goldmine of useful scripts, thank you!
May I suggest that you add a license to the repository so that we may use it legally?
Feel free to close if you don't want to add a license ๐
As I understand it's not good to add the additional tools to your awesome scripts and I want to just mention the https://xon.sh shell here because it's awesome tool to write pentest scripts both using the shell and python. Thanks!
Very interesting approach. I made some improvements.
' with " to be consistent, so we can easily put the query inside quotes.$ cypher-shell -u neo4j -p XXXXX --encryption false -P "domain => 'mydomain.local'" "$(cat general-query)"
Result:
MATCH (u:User) WHERE toLower(u.name) ENDS WITH $domain RETURN "Users in total" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: false}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Disabled Users" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, allowedtodelegate: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Allowed to Delegate" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, unconstraineddelegation: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Unconstrained Delegation" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, admincount: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Admin Count = 1" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, hasspn: True}) WHERE toLower(u.name) ENDS WITH $domain AND NOT u.name STARTS WITH "KRBTGT" RETURN "Kerberoastable & Enabled Users" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: false, hasspn: True}) WHERE toLower(u.name) ENDS WITH $domain AND NOT u.name STARTS WITH "KRBTGT" RETURN "Kerberoastable & Disabled Users" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, passwordnotreqd: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Password Not Required" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, pwdneverexpires: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Password Never Expires" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true, dontreqpreauth: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Enabled Users with Dont Require Pre-Authentication (ASREP roastable)" AS what, count(u) AS number UNION ALL
MATCH (u:User {enabled: true}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.pwdlastset) }) AS pwdlastset, duration.inDays(datetime({ epochSeconds:toInteger(u.pwdlastset) }), date()).days AS days_since_pwdlastset, datetime({ epochSeconds:toInteger(u.lastlogon) }) AS lastlogon, duration.inDays(datetime({ epochSeconds:toInteger(u.lastlogon) }), date()).days AS days_since_lastlogon WHERE days_since_pwdlastset > 90 AND days_since_lastlogon < 7 RETURN "Enabled Users pwdlastset > 90 days and lastlogon < 7 days" AS what, count(name) AS number UNION ALL
MATCH (u:User {enabled: true}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.pwdlastset) }) AS pwdlastset, duration.inDays(datetime({ epochSeconds:toInteger(u.pwdlastset) }), date()).days AS days_since_pwdlastset WHERE days_since_pwdlastset > 90 RETURN "Enabled Users pwdlastset > 90 days" AS what, count(name) AS number UNION ALL
MATCH (u:User {enabled: true}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.lastlogon) }) AS lastlogon, duration.inDays(datetime({ epochSeconds:toInteger(u.lastlogon) }), date()).days AS days_since_lastlogon WHERE days_since_lastlogon > 90 RETURN "Enabled Users lastlogon > 180 days" AS what, count(name) AS number UNION ALL
MATCH (u:User {enabled: false}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.pwdlastset) }) AS pwdlastset, duration.inDays(datetime({ epochSeconds:toInteger(u.pwdlastset) }), date()).days AS days_since_pwdlastset, datetime({ epochSeconds:toInteger(u.lastlogon) }) AS lastlogon, duration.inDays(datetime({ epochSeconds:toInteger(u.lastlogon) }), date()).days AS days_since_lastlogon WHERE days_since_pwdlastset > 90 AND days_since_lastlogon < 7 RETURN "Disabled Users pwdlastset > 90 days and lastlogon < 7 days" AS what, count(name) AS number UNION ALL
MATCH (u:User {enabled: false}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.pwdlastset) }) AS pwdlastset, duration.inDays(datetime({ epochSeconds:toInteger(u.pwdlastset) }), date()).days AS days_since_pwdlastset WHERE days_since_pwdlastset > 90 RETURN "Disabled Users pwdlastset > 90 days" AS what, count(name) AS number UNION ALL
MATCH (u:User {enabled: false}) WHERE toLower(u.name) ENDS WITH $domain AND u.pwdlastset > 0 AND u.lastlogon > 0 WITH u.name AS name, u.description AS description, u.enabled AS enabled, datetime({ epochSeconds:toInteger(u.lastlogon) }) AS lastlogon, duration.inDays(datetime({ epochSeconds:toInteger(u.lastlogon) }), date()).days AS days_since_lastlogon WHERE days_since_lastlogon > 90 RETURN "Disabled Users lastlogon > 180 days" AS what, count(name) AS number UNION ALL
MATCH (u:Computer) WHERE toLower(u.name) ENDS WITH $domain RETURN "Computers in total" AS what, count(u) AS number UNION ALL
MATCH (u:Group) WHERE toLower(u.name) ENDS WITH $domain RETURN "Groups in total" AS what, count(u) AS number UNION ALL
MATCH (u:Domain) WHERE toLower(u.name) ENDS WITH $domain RETURN "Domains in total" AS what, count(u) AS number UNION ALL
MATCH (u:OU) WHERE toLower(u.name) ENDS WITH $domain RETURN "OUs in total" AS what, count(u) AS number UNION ALL
MATCH (u:GPO) WHERE toLower(u.name) ENDS WITH $domain RETURN "GPOs in total" AS what, count(u) AS number UNION ALL
MATCH (u {admincount: True}) WHERE toLower(u.name) ENDS WITH $domain RETURN "adminCount=1" AS what, count(u) AS number UNION ALL
MATCH (u) WHERE toLower(u.name) ENDS WITH $domain AND u.userpassword =~ ".+" RETURN "userPassword Not Empty" AS what, count(u) AS number UNION ALL
MATCH (u:Computer {unconstraineddelegation: True})-[:MemberOf]->(g:Group) WHERE toLower(u.name) ENDS WITH $domain AND (NOT g.objectid ENDS WITH "-516") AND (NOT u.distinguishedname CONTAINS "Domain Controllers") RETURN "Unconstrained Delegation Computers" AS what, count(u) AS number UNION ALL
MATCH (u {owned: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "Owned Principals" AS what, count(u) AS number UNION ALL
MATCH (u {highvalue: true}) WHERE toLower(u.name) ENDS WITH $domain RETURN "High Value" AS what, count(u) AS number
Some typo in Line 74 in prepare-kali.sh disrupts progressing.
Maybe also good to find some workaround for python2 obso"del"etion to get it to work on Kali Linux 2021.1
You may also have some inconsistence in using " and ' for echoing special chars. Just my 2 cents.
Cheers mate ;)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.