A collection of personal scripts used in hacking excercises. Consider a majority of them in beta- useable but I will probably improve them as time goes on. :) There's also some notes on web app and OS vulnerabilties, in addition to pointers for useful commands etc. https://c-cracks.tumblr.com/
Please note that bugs will come and go due to constant development- it's worth checking back if you've discovered a bug or addressing it yourself as I will only notice it when using the script (which at present isn't much as I mass scanned some targets a few weeks ago.)
- Performs an Nmap scan on the provided IP and further Wfuzz and Nikto scans on discovered web servers (per port found to be a web server)
- Very basic in nature and I'm sure there's more intuitive tools out there; I'm building my own collection of scan automation tools.
- Coming along but I'm experiencing performance issues around the nmap scan- it's commonly hanging for me. Feel free to tweak this for your needs; I'll be working on this soon.
- Automation of info gathering for Linux privilege escalation
- Can be used even if upload to the victim isn't possible as a reference
- Sends requests under different methods to the provided URL
- Appearance of the output leaves alot to be desired; as long as it's clear where each request ends I don't mind. xD
- Brute force web applications with cURL
- Handles GET and POST requests currently with the options to add cookies and/or headers to the request
- POST has been tested thoroughly against the VM Mr Robot with the right credentials being discovered and I have also tested the addition of headers and/or cookies.