ABOUT
This book as a collection of useful commands and techniques that I find useful when penetration testing. This repository is synced to my personal Penetration Testing notebook. This repository also contains several penetration testing scripts that I wrote. Those scripts will not be visible from the GitBook, but feel free to visit my GitHub if you are interested.
Please keep in mind that this single repository is posted in a few different locations. My website, Github, and Gitbook. If there are some notes that seem odd, self referential, or redundant, please keep that in mind.
Check out my website: https://f1shh.dev/
Penetration Testing Scripts
Web Bruteforcer
Script to brute force web credentials. Can take in cookie and header parameters. Can also be easily configured to make either a post or get request. Implements concurrency, so you may get rate limited when using this tool. You may want to go with a more robust tool such as Hydra or Burpsuite for more advanced brute-forcing. A guide to use those tools is conveniently included in this repository.
install.sh
Install.sh is a script that I use to bootstrap the TryHackMe AttackBox. It installs common scripts and programs that are not installed by default. The TryHackMe AttackBox already comes with a ton of useful tools, so this is by no means a comprehensive pen-testing tool bootstrap script.
linkScrape.py
Script to grab all links on a webpage using python requests and BeautifulSoup.
Last updated
