LogoLogo
  • Intro
  • Pre-engagement
  • General methodology
  • OSCP Templates
  • Recon
    • Active
    • Passive OSINT
  • Attack Types
  • Network
    • Linux
    • Windows
    • Active Directory Enumeration
  • Shells
  • Port Forwarding / SSH Tunneling
  • Transferring files
  • Web
  • SQL
  • Password cracking
    • Brute Force - CheatSheet
  • Useful Linux Commands
  • Android
  • Buffer Overflow
  • TCP Dump and Wireshark Commands
  • Cloud Pentesting
    • SQL vs NoSQL Cheetsheet Cloud
    • AWS cli cheatsheet
    • Tools to install
    • Enumeration
    • Cloudgoat
  • Privilege Escalation
    • Linux
      • Loot
    • Windows
      • Loot
  • Kali Configuration
    • My bash Profile Files
    • Terminator Configuration
    • Tmux Configuration
    • Fish Config
    • Useful things to Install
    • VSCode Configuration
  • Automated
    • Tools
  • Videos
    • My Youtube Channel
    • IppSec Videos
    • The Cyber Mentor
  • VMs Similar to OSCP
    • Machines Similar to OSCP
  • Search Ippsec's Videos
    • Search Ippsec's Videos
  • Pcap Analysis
    • Pcap analysis
    • RegEx
  • MSFvenom Cheetsheet
  • Support me
  • Donate
Powered by GitBook
On this page
  • Hotwax
  • Enum4LinuxPy
  • grc - frontend for generic colouriser grcat

Was this helpful?

  1. Kali Configuration

Useful things to Install

Hotwax

https://github.com/BrashEndeavours/hotwax

Hotwax is a script to provision a set of extra pentesting tools onto a Kali Linux machine in a consistent manner.

Tools updated:

Samba 4.10.8 (smbclient,rpcclient,nmblookup - Patched to fix issues with polenum, enum4linux, and restoring smbclient connection output.
enum4linux - Fix minor parsing issues. Updates temporarily included by BrashEndeavours fork, until PR is merged.

Tools installed:

AutoRecon - AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
chisel - A fast TCP tunnel over HTTP
gobuster - Directory/File, DNS and VHost busting tool written in Go
LinEnum - Local Linux Enumeration & Privilege Escalation Script
nishang - Framework and collection of scripts and payloads which enables usage of PowerShell for penetration testing.
One-Lin3r - On demand one-liners that aid in penetration testing operations, privilege escalation and more
PowerSploit - Collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment.
proxychains-ng - proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project.
pspy - Monitor linux processes without root permissions.
SecLists - Collection of usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and more.
sherlock - Find usernames across social networks.
sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
webshell - This is a webshell open source project.
Windows PHP Reverse Shell - Simple php reverse shell implemented using binary, based on an webshell.
OSCP Exam Report Template - Modified template for the OSCP Exam

Check out One-Lin3r it's particularly useful

To enable access to script from any directory, example below

ln -n ~/go/bin/hakrawler /usr/local/bin/

Enum4LinuxPy

https://github.com/0v3rride/Enum4LinuxPy

The original Perl version has a number of outstanding issues that have been open for over a year and have not been addressed. This results in mangled output, errors, etc.

grc - frontend for generic colouriser grcat

apt install grc
alias nmap='grc nmap'

Last updated 4 years ago

Was this helpful?