Pentest Entry Scripts

A collection of ready-to-use scripts to do recon and penetration testing on targets. Use ONLY on own or authorized systems.

How to use

These scripts should be executed in order.

git clone https://github.com/loviuz/pentest-entry-scripts.git
cd pentest-entry-scripts/
chmod +x *.sh```

Edit the config file to configure the host to scan:

# Target domain (only domain, without http)
host="127.0.0.1"

# Target protocol ("http" or "https")
protocol="http"

# Target path (starting with /)
path="/DVWA/"

# Select the browser to use for viewing scan results
browser="firefox"

# If you need a cookie, please specificy it here
cookie=""

Launch every scripts, and enjoy :-)

./0-prepare.sh
./1-recon.sh
./2-web-discovery.sh

Software used

Nmap: full network with discovery and vuln scripts

Gobuster: discovery a lot of possible subdirectories

Nikto: performs some basic vulnerability checks

DAVtest: tests if the URL support DAV protocol and some known vulnerabilities

Parsero: checks robots.txt file for some juicy info

Blackwidow: link spider with injection test (XSS, LFI and SQLi)

Wordlists from SecLists

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
.gitignore		.gitignore
0-prepare.sh		0-prepare.sh
1-recon.sh		1-recon.sh
2-web-discovery.sh		2-web-discovery.sh
LICENSE		LICENSE
README.md		README.md
config		config

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Pentest Entry Scripts

How to use

Software used

About

Languages

License

loviuz/pentest-entry-scripts

Folders and files

Latest commit

History

Repository files navigation

Pentest Entry Scripts

How to use

Software used

About

Topics

Resources

License

Stars

Watchers

Forks

Languages