Collection of scripts which maybe helpful for engagements. Made and should work in Kali.

Work in progress, some bad coding out there. :D

Setup.sh

Script to set up additional tools and dependencies on kali/debian based systems. Useful for a quick out of the box deployment for Kali Linux on a physical machine or VM.

Metasploit Payloads

• bind_metgen.sh Script to generate automatically bind meterpreter payloads from metasploit and launch multihandler against target. Will move payload to /var/www and start apache for delivery

• reverse_metgen.sh Same as above for reverse shell. Works better.

Scanning Self explanatory, scripts to invoke nikto, ssl and run scans against targets and ports, saving results separately in a format ip.port.tool

• ssl-cipher.sh
• nikto-scan.sh
• scan.sh # maybe to integrate the above WIP

Nmap Scanning

• nmap-full.sh #Automates nmap scans WIP
• open.sh # reads from a nmap file and displays open ports and ports in a format to be fed in Nessus
• vlancheck.sh # quick nmap wrapper to check ports and hosts accessible from one VLAN to another VLAN

Metasploit

Scripts to invoke psexec and known metasploit remote code exploits for quick execution

• psfetch.sh
• fetch.sh
• autometerpreter.rc # resource for meterpreter to run after establish a session. It is generated from fetch.sh
• mass_smart.rc # resource to run for every meterpreter session

Wrappers

Wrapper to invoke tools such as medusa

• medusa.sh

Windows Command Line

• domainbrute.bat # Command line script to perform intelligent bf attack

Web Attacks

• myshell.php # web shell tested and working on linux hosts.