Need help with pentest_scripts?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

135 Stars 25 Forks 14 Commits 0 Opened issues


penetration testing scripts

Services available


Need anything else?

Contributors list

# 469,749
3 commits


Scripts I've put together to help during penetration tests.

  • - takes a list of full names (as generated by TheHarvester or and converts them into various common email conventions. Attempts to sanitize the names to a "Firstname Lastname" format.

  • - using a google cse api key, use Google Dorks/Advanced Operators to retreive employee names from GitHub. Sanitize and dump to a list. [ Currently Deprecated ]

  • - converts the contents of an OSX .plist file to a crackable password hash. Use Hashcat mode 7100 with the --username flag to crack. Without the -u flag, it dumps all password hashes. Requires root or sudo.

  • - a simple postgres brute-forcing tool. Currently supports only a single username at a time.

  • - a simple tool for directory brute-forcing when all requests return "200 OK". Excludes a range of response sizes and returns all others as valid path directories.

  • - Uses arp to get the IPv6 address of an IPv6 host. Note that ICMP must be enabled for the tool to work.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.