Skip to content
/ fedora_pentesting Public

Script to install in a Fedora OS the main tools used in pentesting.

License

GPL-3.0 license
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

procamora/fedora_pentesting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits

.circleci

.circleci

 
 

doc

doc

 
 

ssh

ssh

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

check_tools.sh

check_tools.sh

 
 

entrypoint.sh

entrypoint.sh

 
 

fedora_pentesting.sh

fedora_pentesting.sh

 
 

install.sh

install.sh

 
 

interactive.py

interactive.py

 
 

socat

socat

 
 

Repository files navigation

CircleCI license Maintenance GitHub last commit

TO DO ading

fedora_pentesting

fedora_pentesting is a script to install in a Fedora OS the main tools used in pentesting.

This script can be run on either a native machine or a container.

help

A series of directories have been defined where programs and scripts will be stored, these directories are

  • /opt/pentesting: In this directory is where you install all the programs that require a download of the source code for later compilation.
  • /usr/share/wordlists: In this directory you can download the dictionaries
  • /usr/share/pentesting: In this directory are downloaded the tools and scripts that do not require installation.
  • /usr/local/bin: In this directory you download or link the binaries of the programs so that they can be executed directly

Installation

To be able to run the script you only need to download the repository.

git clone https://github.com/procamora/fedora_pentesting.git

Basic Usage

The script requires an argument with the action to be performed. The available actions are the following options:

  • install: Installing the basic pentesting packages.
  • extra: Installing the extra pentesting packages. Currently this mode only installs ghydra.
  • uninstall: Uninstalling the basic pentesting packages.
  • unextra: Uninstalling the extra pentesting packages.
  • gui: Installing the pentesting packages with graphic environment, such as ZAP Proxy or Burp Suite.
  • upgrade: Upgrade the extra pentesting packages (same as install).

Native machine

The script can be executed by putting sudo to the command or not. If you run it without sudo, the script will ask for the user's password when needed to execute administration commands to install packages or modify permissions.

It is important to tell the sudo command which user is executing it, so that it works correctly with the environment variables of this user.

./fedora_pentesting.sh > install.log

Container docker/podman

You can use a container with all the tools already installed using docker or podman. The image is located in: https://hub.docker.com/r/procamora/pentesting.

podman run -ti --rm --hostname=pentest -p 2222:22 --name pentest procamora/pentesting

When the image is started, a shell directly starts up, but it also has SSH enabled with a certificate so that it can be connected or files can be transferred.

ssh -i ssh/id_rsa root@127.0.0.1 -p 2222

Note the user is root and the RSA keys he uses are in the ssh directory of the repository.

In the case of using a container, applications that require a graphical environment such as Burp Suite or ZAP Proxy do not work yet.

List of tools

information_gathering

Tools Description
amap
dnsenum
dnsmap
nikto
nmap
finger
openldap-clients
net-snmp-utils
onesixtyone
snmpcheck
smtp-user-enum
finger-user-enum
ftp-user-enum
ident-user-enum
enum4linux
masscan

vulnerability_analysis

Tools Description
openvas
sqlninja
sslscan
powerfuzzer
sqlmap

wireless_attacks

Tools Description
aircrack-ng
reaver
kismet
macchanger

web_applications

Tools Description
wfuzz
skipfish
gobuster
wpscan
dirbpy
whatweb
websploit
recon-ng
joomscan
hURL
davtest
dirsearch
ffuf
dotdotpwn
ZAP
burp

exploitation_tools

Tools Description
exploit-database
revshell
LinEnum
powercat
linux-exploit-suggester
linux-exploit-suggester-2
linuxprivchecker
knock
peass
metasploit
Veil
pspy
pysecdump
windows-privesc-check
PowerSploit
nishang
watson
BeRoot

stress_testing

Tools Description

forensics_tools

Tools Description
binwalk

sniffing_spoofing

Tools Description
sipvicious
wireshark
tshark
dnschef
bettercap

password_attacks

Tools Description
hashid
hydra
ncrack
ophcrack
exiftool
fcrackzip
creddump7
CeWL
crunch
gpp-decrypt
patator
hashcat
john

maintaining_access

Tools Description
rlwrap
socat
nc
tigervnc
rdesktop
cryptcat
httptunnel
webshells

reverse_engineering

Tools Description
ltrace
strace

steganography

Tools Description
steghide
exiftool
easy_stegoCTF

reportingtools

Tools Description

Others

Tools Description
seclists
rockyou.txt
static-binaries
impacket
pentest

zsh

Pending

About

Script to install in a Fedora OS the main tools used in pentesting.

Topics

fedora pentesting pentesting-tools podman

Resources

Readme

License

GPL-3.0 license
Activity

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages