Tools

perl-reverse-shell

This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PERL.  Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser.  The script will open an outbound TCP connection from the webserver to a host […]

ftp-user-enum

Username guessing tool for use against the default Solaris ftp service and GNU inetutils ftpd.  Recent changes are detailed in the CHANGELOG. Download ftp-user-enum v1.0 here. SHA1sum: 2fbd86dba9f701627d415ed76100b2768b271862 MD51sum: c19ec3eb1eab6282a16514b51eb5f1c6 User documentation are also avaialble in PDF format.

finger-user-enum

Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server.  Recent changes are detailed in the CHANGELOG. Download finger-user-enum v1.0 here. SHA1sum: 017e214e786df5a25336291acd3b9c8a46b3bd7b MD51sum: f18832f9d2b5210e5f51bd89f44abeee User documentation is also available in PDF format.

smtp-user-enum

Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO.  Recent changes are detailed in the CHANGELOG. Download smtp-user-enum v1.2 here. MD5 and SHA1 checksums are the packages can be downloaded.  They’re based on the package name (below v.v represents the version, e.g. 1.1): http://pentestmonkey.net/tools/smtp-user-enum/smtp-user-enum-v.v-beta.tar.gz.md5 […]

rsh-grind

Basically tries lots of combinations of local and remote usernames to execute commands via RSH. Download SHA1sum: f1b37abb6ad54df775c1cf194ab91fd41d607f1f MD5sum: 2ecae8730f89c697f2512181ded3842f User documentation is also available in PDF format.

dns-grind

Tool for performing lots of DNS queries quickly. Download dns-grind v1.0 here. SHA1sum: db2beb7ca6caf4343f81936d78617f02b87da024 MD5sum: f145a5acf5cc53507d9be147adbe384e User documentation is also available in PDF format.

yapscan

TCP Half-open port scanner / fast ICMP scanner. Some limited support for UDP scans too. It’s beta, but still kinda useful. Download Yapscan v0.7.4-beta as tar.gz. Recent changes are detailed in the CHANGELOG. Update: You’re better off using the SVN copy on google code.  It’s more up to date. MD5 and SHA1 checksums are the […]