adding scripts

cracking/brute-force-ftp-hydra.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #    This file is part of PenTestKit
-#    Copyright (C) 2017-2018 @maldevel
+#    Copyright (C) 2017-2020 @maldevel
 #    https://github.com/maldevel/PenTestKit
 #
 #    PenTestKit - Useful tools for Penetration Testing.
@@ -21,9 +21,8 @@
 #
 #    For more see the file 'LICENSE' for copying permission.
 
-if [ $# -eq 1 ]; then
-    hydra -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt -e ns -f -t 10 -vV $1 ftp
-EOF
+if [ $# -eq 2 ]; then
+    hydra -v -L /usr/share/seclists/Usernames/top-usernames-shortlist.txt -P /usr/share/seclists/Passwords/darkweb2017-top100.txt -s $2 -e nsr -f -o "ftp_$1_$2_hydra.txt" ftp://$1
 else
-    echo "Please provide the target FTP server."
+    echo "Please provide the target FTP server and its port."
 fi

cracking/brute-force-ftp-medusa.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+#    This file is part of PenTestKit
+#    Copyright (C) 2017-2020 @maldevel
+#    https://github.com/maldevel/PenTestKit
+#
+#    PenTestKit - Useful tools for Penetration Testing.
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    For more see the file 'LICENSE' for copying permission.
+
+if [ $# -eq 2 ]; then
+    medusa -v 4 -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -f -e ns -n $2 -O "ftp_$1_$2_medusa.txt" -M ftp -h $1
+else
+    echo "Please provide the target FTP server and its port."
+fi

cracking/brute-force-rdp-hydra.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #    This file is part of PenTestKit
-#    Copyright (C) 2017-2018 @maldevel
+#    Copyright (C) 2017-2020 @maldevel
 #    https://github.com/maldevel/PenTestKit
 #
 #    PenTestKit - Useful tools for Penetration Testing.
@@ -21,9 +21,8 @@
 #
 #    For more see the file 'LICENSE' for copying permission.
 
-if [ $# -eq 1 ]; then
-    hydra -l john -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt -e ns -f -t 2 -vV rdp://$1
-EOF
+if [ $# -eq 2 ]; then
+    hydra -v -L /usr/share/seclists/Usernames/top-usernames-shortlist.txt -P /usr/share/seclists/Passwords/darkweb2017-top100.txt -s $2 -e nsr -f -t 2 -o "rdp_$1_$2_hydra.txt" rdp://$1
 else
-    echo "Please provide the target RDP server."
+    echo "Please provide the target RDP server and its port."
 fi

cracking/brute-force-smtp-hydra.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #    This file is part of PenTestKit
-#    Copyright (C) 2017-2018 @maldevel
+#    Copyright (C) 2017-2020 @maldevel
 #    https://github.com/maldevel/PenTestKit
 #
 #    PenTestKit - Useful tools for Penetration Testing.
@@ -21,9 +21,8 @@
 #
 #    For more see the file 'LICENSE' for copying permission.
 
-if [ $# -eq 1 ]; then
-    hydra -l $1 -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt -f -t 10 -vV $2 smtp
-EOF
+if [ $# -eq 2 ]; then
+    hydra -v -l $1 -P /usr/share/seclists/Passwords/darkweb2017-top100.txt -s $3 -e nsr -o "smtp_$2_$3_hydra.txt" -f smtp://$2
 else
-    echo "Please provide the target email account and SMTP server."
+    echo "Please provide the target email account, the SMTP server and its port."
 fi

cracking/brute-force-smtp-medusa.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+#    This file is part of PenTestKit
+#    Copyright (C) 2017-2020 @maldevel
+#    https://github.com/maldevel/PenTestKit
+#
+#    PenTestKit - Useful tools for Penetration Testing.
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    For more see the file 'LICENSE' for copying permission.
+
+if [ $# -eq 2 ]; then
+    hydra -v -l $1 -P /usr/share/seclists/Passwords/darkweb2017-top100.txt -s $3 -e nsr -o "smtp_$2_$3_hydra.txt" -f smtp://$2
+    medusa -v 4 -U "/usr/share/seclists/Usernames/top-usernames-shortlist.txt" -P "/usr/share/seclists/Passwords/darkweb2017-top100.txt" -f -e ns -n $2 -O "smtp_$1_$2_medusa.txt" -M smtp -h $1
+else
+    echo "Please provide the target email account, the SMTP server and its port."
+fi

cracking/brute-force-ftps-hydra.sh → web/curl-robots.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #    This file is part of PenTestKit
-#    Copyright (C) 2017-2018 @maldevel
+#    Copyright (C) 2017-2020 @maldevel
 #    https://github.com/maldevel/PenTestKit
 #
 #    PenTestKit - Useful tools for Penetration Testing.
@@ -21,9 +21,9 @@
 #
 #    For more see the file 'LICENSE' for copying permission.
 
-if [ $# -eq 1 ]; then
-    hydra -s 990 -L /usr/share/metasploit-framework/data/wordlists/unix_users.txt -P /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt -e nsr -f -t 10 -vV $1 ftps
-EOF
+
+if [ $# -eq 3 ]; then
+	curl -sSik $1://$2:$3/robots.txt -m 10 2>&1 | tee "$1_$2_$3_robots.txt"
 else
-    echo "Please provide the target FTPS server."
+    echo "Please provide the protocol scheme (http or https), the target server (IP address, hostname or URI) and the port."
 fi

web/html-to-png-screenshot.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+#    This file is part of PenTestKit
+#    Copyright (C) 2017-2020 @maldevel
+#    https://github.com/maldevel/PenTestKit
+#
+#    PenTestKit - Useful tools for Penetration Testing.
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    For more see the file 'LICENSE' for copying permission.
+
+
+if [ $# -eq 3 ]; then
+	wkhtmltoimage --format png $1://$2:$3/ "$1_$2_$3_screenshot.png"
+else
+    echo "Please provide the protocol scheme (http or https), the target server (IP address, hostname or URI) and the port."
+fi

web/web-recon.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+#    This file is part of PenTestKit
+#    Copyright (C) 2017-2020 @maldevel
+#    https://github.com/maldevel/PenTestKit
+#
+#    PenTestKit - Useful tools for Penetration Testing.
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    For more see the file 'LICENSE' for copying permission.
+
+
+if [ $# -eq 3 ]; then
+	whatweb --color=never --no-errors -a 3 -v $1://$2:$3 2>&1 | tee "$1_$2_$3_whatweb.txt"
+else
+    echo "Please provide the protocol scheme (http or https), the target server (IP address, hostname or URI) and the port."
+fi