Frameworks information gathering tool Social Engineering Tools Vulnerability scanner

pentest tools

pentest tools, hacking tools
Written by Mubassir patel

pentest-tools

pentest tools(pen testing) is a collection of useful and best penetration testing tool. Pentest tools script will download every useful tool. This is a bunch of pentest-tools(Frmework for penetration testers) using this we can take over the control on the target system. This is a best tool for vulnerability scan and we can also use this as a network mapper.

Pentest-tools usage:

big-ip-decode.rb:

Connect to a server and try to decode BIGipServer cookie for internal IP

Example: big-ip-decode.rb 192.168.1.1 443

burp_loader.rb:

Loads each line of the supplied file into burp targets list (GET request through proxy)

Usage: burp_loader.rb [options]
-f, --file FILENAME              A line separate file of targets
-q, --quiet                      Disable verbose messages
-h, --help                       Display this screen

Example: burp_loader.rb -f urls.txt

cisco-ike-frag-test.rb:

Try to establish an IKE session with Cisco ASA and look for a response to fragmented message

Example usage:
	$ sudo ./cisco-ike-frag-test.rb 192.168.1.1
	[+] Sending IKE Initialization packet to 192.168.1.1
	[+] Session established, using Responder SPI: 9746b216c3d865ff
	[+] Sending IKE Fragmentation packets...
	[!] Recieved INVALID-SYNTAX notification
	
	[!] 192.168.1.1 is VULNERABLE

ipsort.rb:

Perform a numeric sort for a line-separated file of IP addresses.

Example: ipsort.rb ips.txt

nessus_parse.rb:

Parses a Nessus XML output file and lists findings for each host sorted by CVSS.

Usage: nessus_list.rb [options]
    -f, --file FILENAME              Nessus XML output file
    -i, --ignore                     Ignore Info findings (CVSS: 0)
    -c, --color                      Colorize findings by severity
    -h, --help                       Display this screen

Example: nessus_parse.rb -i -f file.nessus

net_discovery_reporter.rb:

Creates a Word Docx table populated with open ports from nmap/masscan XML files.

Usage: net_discovery_reporter.rb [options]
    -f, --file FILENAME,FILENAME2    Nmap XML file (singular, or a comma-separated list)
    -d, --dir PATH                   Directory of Nmap XML files
    -t, --targets FILENAME           Line separated file of targets to include in table
    -v, --verbose                    Enable verbose messages
    -h, --help                       Display this screen

Example: net_discovery_reporter.rb -d ./

openedge.rb:

Ruby implementation of Progress OpenEdge’s PBKDF stored function for creating AES cipher keys from cleartext. Requires: rbkb

Usage: openedge.rb

Example:
$ ./openedge.rb
Cleartext password:
SamplePassword

Master Key (base64 encoded):
EdzQswl4w2DwE2Tg3XqxKheY35OPyDF+GbYqVd3RSVA=

Master Key (hex):
11dcd0b30978c360f01364e0dd7ab12a1798df938fc8317e19b62a55ddd14950

sonicwall_selenium.rb:

Use selenium to attack sonicwall login with wordlist through Firefox, since the login performs client-side JS crypto that most tools can’t emulate easily. Mostly a one-off tool. Modify the source with target info, wordlist, etc.

Example: sonicwall_selenium.rb top pentest tools

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment