Python for Pentesters

A collection of python scripts collected from various sources to help in penetration testing and Red Teams. Examples can be found in their relevant Github accounts.

Python for Pentesters

Overview ##

Getting started with Python for pentesting and red team engagements is fairly easy! This repo is just a small collection of random scripts from various sources.

This code is provided purely for educational purposes. All responsibility for any potential damage or unethical/illegal behavior is solely on the user.

My scripts

bludit-3.9.2_pwd-bruteforce_multi.py: Multithreaded password brute-force tool to get valid password for exploiting CVE-2019-17240

Scripts from other sources

Many scripts written by: Mike Felch (@ustayready) and Joff Thyer (@joff_thyer) of:

pivot_winrm.py: shows how to use Python with winrm to execute commands on a remote machine
cloud_aws_s3.py: search AWS S3 buckets for sensitive filenames
cloud_aws_secrets.py: Dump all the secrets in AWS Secrets Manager
cloud_azure_ad.py: Dumping AzureAD users
cloud_gsuite_backdoor.py: Backdooring G Suite accounts for full access
cloud_gsuite_email.py: Reading GMail emails
crack_jwt.py: Cracking JSON web tokens
live_host_discovery.py: Discovering live hosts on a network
live_port_discovery.py: Discovering open ports on a host
passwords_attack.py: Trying username/password combinations on a web authentication portal
pivot_psremoting.py: Pivoting in a Windows environment using PSRemoting
pivot_wmi.py: Pivoting in a Windows environment using WMI
shodan_search.py: Searching for internet connected devices on Shodan
socket_c2_client.py: C2 socket client
socket_c2_server.py: C2 socket server
web_brute.py: Brute forcing web paths for unknown attack surfaces
web_robots.py: Downloading the robots.txt for URLs
web_sniff.py: Sniffing HTTP packets
web_spa.py: Interacting with a single page app with a headless browser then copying session cookies to the requests library
pymeta.py: Read all files in a directory recursively and extracts metadata from any office documents, and PDFs discovered
powerstrip.py: Strips comments out of a PowerShell script, and writes a file with -stripped as part of the filename
pyinjector.py: Using ctypes to execute shellcode within the same process or inject into a remote process using thread manipulation

Last updated 4 years ago

Python for Pentesters

Overview ##

Getting started with Python for pentesting and red team engagements is fairly easy! This repo is just a small collection of random scripts from various sources.

This code is provided purely for educational purposes. All responsibility for any potential damage or unethical/illegal behavior is solely on the user.

Scripts from other sources

Many scripts written by: Mike Felch (@ustayready) and Joff Thyer (@joff_thyer) of:

pivot_winrm.py: shows how to use Python with winrm to execute commands on a remote machine

cloud_aws_s3.py: search AWS S3 buckets for sensitive filenames

cloud_aws_secrets.py: Dump all the secrets in AWS Secrets Manager

cloud_azure_ad.py: Dumping AzureAD users

cloud_gsuite_backdoor.py: Backdooring G Suite accounts for full access

cloud_gsuite_email.py: Reading GMail emails

crack_jwt.py: Cracking JSON web tokens

live_host_discovery.py: Discovering live hosts on a network

live_port_discovery.py: Discovering open ports on a host

passwords_attack.py: Trying username/password combinations on a web authentication portal

pivot_psremoting.py: Pivoting in a Windows environment using PSRemoting

pivot_wmi.py: Pivoting in a Windows environment using WMI

shodan_search.py: Searching for internet connected devices on Shodan

socket_c2_client.py: C2 socket client

socket_c2_server.py: C2 socket server

web_brute.py: Brute forcing web paths for unknown attack surfaces

web_robots.py: Downloading the robots.txt for URLs

web_sniff.py: Sniffing HTTP packets

web_spa.py: Interacting with a single page app with a headless browser then copying session cookies to the requests library

pymeta.py: Read all files in a directory recursively and extracts metadata from any office documents, and PDFs discovered

powerstrip.py: Strips comments out of a PowerShell script, and writes a file with -stripped as part of the filename

pyinjector.py: Using ctypes to execute shellcode within the same process or inject into a remote process using thread manipulation