Locked Pentest v0.3.2 - create an pentest environment easily and quickly

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

Docker for pentest

Docker for pentest is an image with the more used tools to create a pentest environment easily and quickly.

Features

    OS, networking, developing and pentesting tools installed.
    Connection to HTB (Hack the Box) vpn to access HTB machines.
    Popular wordlists installed: SecLists, dirb, dirbuster, fuzzdb, wfuzz and rockyou.
    Proxy service to send traffic from any browsers and burp suite installed in your local directory.
    Exploit database installed.
    Tool for cracking a password.
    Linux enumeration tools installed.
    Tools installed to discovery services running.
    Tools installed to directory fuzzing.
    Monitor for Linux processes without root permissions
    Zsh shell installed.

Tools installed

Operative system tools

    rdate
    vim
    zsh
    oh-my-zsh
    locate
    cifs-utils
    htop
    gotop

Network tools

    traceroute
    telnet
    net-tools
    iputils-ping
    tcpdump
    openvpn
    whois
    host
    prips
    dig

Developer tools

    git
    curl
    wget
    ruby
    go
    python
    python-pip
    python3
    python3-pip
    php
    aws-cli
    tojson
    nodejs

🔪 Pentest tools
Port scanning

    nmap
    masscan
    ScanPorts created by @s4vitar with some improvements

🔍 Recon

    Subdomains
        Amass
        GoBuster
        Knock
        MassDNS
        Altdns
        spyse
        Sublist3r
        findomain
        subfinder
        spiderfoot
        haktldextract
    Subdomain takeover
        subjack
        SubOver
        tko-subs
    DNS Lookups
        hakrevdns
    📷 Screenshot
        gowitness
        aquatone
    🕸️ Crawler
        hakrawler
        Photon
        gospider
        gau
        otxurls
        waybackurls
    📁 Search directories
        dirsearch
    Fuzzer
        wfuzz
        ffuf
    Web Scanning
        whatweb
        wafw00z
        nikto
        arjun
        httprobe
        striker
        hakcheckurl
    CMS
        wpscan
        joomscan
        droopescan
        cmseek
    Search JS
        LinkFinder
        getJS
        subjs

Wordlist

    cewl
    wordlists:
        wfuzz
        SecList
        Fuzzdb
        Dirbuster
        Dirb
        Rockyou
        all.txt
    crunch

Git repositories

    gitleaks
    gitrob
    gitGraber
    github-search
    GitTools

OWASP

    sqlmap
    XSStrike
    kxss
    dalfox

Brute force

    crowbar
    hydra
    patator
    medusa

Cracking

    hashid
    john the ripper
    hashcat

OS Enumeration

    htbenum
    linux-smart-enumeration
    linenum
    enum4linux
    ldapdomaindump
    PEASS – Privilege Escalation Awesome Scripts SUITE
    Windows Exploit Suggester – Next Generation
    smbmap
    pspy – unprivileged Linux process snooping
    smbclient
    ftp

Exploits

    searchsploit
    Metasploit
    MS17-010
    AutoBlue-MS17-010
    PrivExchange

Windows

    evil-winrm
    impacket
    CrackMapExec
    Nishang
    Juicy Potato
    PowerSploit
    pass-the-hash
    mimikatz
    gpp-decrypt

Reverse shell

    netcat
    rlwrap

Other resources

    pentest-tools from @gwen001
    qsreplace from @tomnomnom

Custom functions

    NmapExtractPorts from @s4vitar

Other services

    apache2
    squid

Changelog v0.3.2

    feat: add rsyslog and fcrackzip
    feat: add texlive-full and latexmk

This is the hidden content, please

• Sign In
• or
• Sign Up