Skip to content

tijldeneut/Security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

232 Commits
DumpSomeHashes
DumpSomeHashes
 
 
Fingerprinters
Fingerprinters
 
 
VMware
VMware
 
 
kaliScripts
kaliScripts
 
 
ArpEnum.py
ArpEnum.py
 
 
CVE-2018-1207.py
CVE-2018-1207.py
 
 
CVE-2019-6693.py
CVE-2019-6693.py
 
 
CVE-2020-0688.py
CVE-2020-0688.py
 
 
CVE-2020-11108.py
CVE-2020-11108.py
 
 
CVE-2020-12720.py
CVE-2020-12720.py
 
 
CVE-2020-3952.py
CVE-2020-3952.py
 
 
CVE-2021-2109.py
CVE-2021-2109.py
 
 
CVE-2021-21972.py
CVE-2021-21972.py
 
 
CVE-2021-35464.py
CVE-2021-35464.py
 
 
CVE-2021-43798.py
CVE-2021-43798.py
 
 
CVE-2023-3519-Checker.py
CVE-2023-3519-Checker.py
 
 
CVE-2023-48795-Checker.py
CVE-2023-48795-Checker.py
 
 
CVE-2024-38063-Checker.py
CVE-2024-38063-Checker.py
 
 
CVE-2024-38063-DOS.py
CVE-2024-38063-DOS.py
 
 
EntraIDMFAPoker.py
EntraIDMFAPoker.py
 
 
FortiGate-Live-IOC-Checker.py
FortiGate-Live-IOC-Checker.py
 
 
IPMI-Scan-Hashes.py
IPMI-Scan-Hashes.py
 
 
Live_Browser_Password_Dumper.py
Live_Browser_Password_Dumper.py
 
 
NessusDownload.py
NessusDownload.py
 
 
NessusGetHomeCode.py
NessusGetHomeCode.py
 
 
README.md
README.md
 
 
SubnetScanner.py
SubnetScanner.py
 
 
ms17-010-m4ss-sc4nn3r.py
ms17-010-m4ss-sc4nn3r.py
 
 
rdpstrip.py
rdpstrip.py
 
 
smb-vuln-cve-2020-0796.nse
smb-vuln-cve-2020-0796.nse
 
 
snmpAutoenum.py
snmpAutoenum.py
 
 

Repository files navigation

GeneralSecurityScripts

--> Please note, unless mentioned otherwise, all scripts work on both Linux and Windows

  • ArpEnum.py: Quickly find hosts on a local network via ARP
  • CVE-2018-1207.py: iDRAC: RCE for Integrated Dell Remote Access Console
  • CVE-2019-6693.py: FortiGate: Native authenticated information retrieval (clear text passwords) for unaltered FortiGate devices (0-day)
  • CVE-2020-0688.py: MS Exchange Server: Native scanner and exploit (no extra's required) for Authenticated RCE/LPE (as System), mirror: https://www.exploit-db.com/exploits/48153
  • CVE-2020-11108.py: Pi-hole: Native exploit script for Pi-hole 4.4.0 (Pi-hole v4.4.0-g9e49077, Web v4.3.3,v4.3.2-1-g4f824be, FTL v5.0) for web authenticated RCE + LPE, mirror: https://www.exploit-db.com/exploits/48519
  • CVE-2020-12720.py: Native exploit script for vBulletin v5.6.1 (might also work on older versions of v5) for Admin Account takeover using SQLi plus authenticated RCE, mirror: https://www.exploit-db.com/exploits/48472
  • CVE-2020-3952.py: Native exploit script for vCenter Server 6.7 random user adding and escalation (Authentication Bypass), mirror: https://www.exploit-db.com/exploits/48535
  • CVE-2021-2109.py: Exploit script for WebLogic 14.1.1.0 and JDK's under 6u201, 7u191, 8u182 & 11.0.1 (Authenticated RCE), mirror: https://www.exploit-db.com/exploits/49461
  • CVE-2021-21972.py: Exploit & checker for VMware vCenter Unauthenticated Upload & RCE, should work in one way or another against vCenter Server 6.5 up to 7.0 (newer versions untested), mirror: https://www.exploit-db.com/exploits/49602
  • CVE-2021-35464.py: ForgeRock Access Manager, Unauthenticated RCE, mirror: https://www.exploit-db.com/exploits/50131
  • CVE-2023-3519-Checker.py: Verify a list of Citrix Netscaler URL's for vulnerability checks
  • CVE-2023-48795-Checker.py: SSH Terrapin Checker, verifies presence of specific protocols
  • CVE-2024-38063-Checker.py: Windows IPv6 vulnerability checker, not 100% reliable yet
  • CVE-2024-38063-DOS.py: Windows IPv6 vulnerability exploiter, Denial-Of-Service, mirror: https://www.exploit-db.com/exploits/52075
  • EntraIDMFAPoker.py: Verifies for given username/password of MFA is réally enabled on several known EntraID resources
  • FortiGate-Live-IOC-Checker.py: Given correct credentials, this script verifies files and dates for known IOC's for COATHANGER and CVE-2022-42475
  • IPMI-Scan-Hashes.py: Multi-threaded and automated scanner for finding IPMI systems on a subnet and dumping hashes unauthenticated
  • Live_Browser_Password_Dumper.py: Python3 script to dump/export credentials from Chrome, Edge (new) and Opera, (pip3 install pycryptodome pypiwin32)
  • DownloadNessus.py: Automated script for downloading the most recent Nessus version (Linux version only)
  • NessusGetHomeCode.py: Automated registration for Nessus Home Feed license
  • SubnetScanner.py: This script tries to find reachable subnets on a given network
  • ms17-010-m4ss-sc4nn3r.py: Python3 version of official MS17-010 scanner by Claudio Vivian
  • rdpstrip.py: Automated MitM script for non-NLA Remote Desktop sessions (python2-only)
  • smb-vuln-cve-2020-0796.nse: NSE script updated for Nmap 7.92, officially by psc4re

Folders:

  • DumpSomeHashes: Two scripts to demonstrate how Windows retrieves hashes from the registry, also works on Windows 10 >v1607 (AES Encryption)
  • VMware: Automated, multi-threaded VMware enumeration scanner, including OPSEC safe, critical vulnerability detections, and some decryption scripts
  • kaliScripts: some easy-to-use scripts for Kali
  • Fingerprinters:
    • cups-fingerprinter.py: Multi-threaded and native scanner to get versions of CUPS (UDP/631) (Has Server & Scanning component, can be run separately)
    • rsync-fingerprinter.py: Multi-threaded and native scanner to get versions of RSYNC (TCP/873), includes vulnerability scanning and listing modules (shares)
    • SSH-fingerprinter.py: Multi-threaded scanner for SSH services, shows banners and scans for critical vulnerabilities
    • snmpAutoenum.py: Automated, multi-threaded SNMP scanner, including parsing with configurable rules
    • Exchange-fingerprinter.py: Grab the version number from any reachable Exchange server and OPSEC safe, critical vulnerability detections
    • iDRAC-fingerprinter.py: Version enumerator for iDRAC systems (currently iDRAC8 & iDRAC9) including OPSEC safe, critical vulnerability detections
    • Zabbix-fingerprinter.py: Multi-threaded and native scanner to get versions of Zabbix (HTTP) including some vulnerability scanning

About

General Security Scripts

Resources

Readme
Activity

Stars

136 stars

Watchers

13 watching

Forks

41 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages