This is your work, valued

The Netherlands

Zarcolio

Expert
@Zarcolio

These are scripts I wrote. You might want to string it code for code. Don't worry, be happy

sitedorks. Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.

1k

flipperzero. This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.

496

wwwordlist. Wwwordlist is a wordlist generator for pentesters and bug bounty hunters. It extracts words from HTML, URLs, JS/HTTP/input variables, quoted texts in the text and mail files in order to generate wordlists.

109

grepaddr. Use grepaddr to extract (grep) all kinds of addresses from stdin like URLs (incl. IPv4/IPv6), IP addresses & ranges (IPv4/IPv6), e-mail addresses, MAC addresses.

68

GoogleZorks. Google search queries for searching some kind of information about interesting stuff (OSINT)

11

Wappaligner. Changes the output of Wappalyzer into something human readable. It also provides links to useful websites and a Google query for finding information on vulnerabilities.

10

2cmd. Got a command that doesn't support input files like whois or sqlmap? Use 2cmd to take input from stdin and run each line with the command(s) given in the script file. Comes with lot's of pentest/red teaming/bug bounty/CTF scripts ready to use

8

1pfuscat0r. A tool to automatically generate alternative IP representations, a rewritten version of IPFuscator

7

2ulb. Easy shortcut to make scripts executable and link them from /usr/local/bin

6

rssfeeds. My personal security feeds divided into pentest feeds and other security feeds

6

uniqurl. Use uniqurl to filter only unique content from a list of URLs with stdin, making it usable within piped commands

5

s3-bulk-cp. Copy all files found from AWS S3 bucket to local

5

Free-Security-eBooks. Free Security and Hacking eBooks

5

WinIPFinder. Tries to find IP addresses from within Windows, useful when engaged in an on-prem pentest / red teaming exercise.

3

clio. Different tools that take input from stdin, does some stuff and give output stdout, making them perfect for use in pided commands

3

hardening_guides. A gathered list of hardening guides

3

Dangerous-Windows-Commands. This is a list of built-in Windows executables that are potentially dangerous an could be use by malware or another type of attacker.

3

Nmap. Scripts around Nmap and plugins for Nmap

2

.KaliConfig. A script which install all scripts I want with a fresh Kali

2

Linux-Fixes. When I stumbe across an issues, which I manage to fix, I'll add a solution. A big warning: DON'T JUST EXECUTE THESE SCRIPTS IF YOU DON'T KNOW WAT YOU'RE DOING, IT MIGHT BREAK STUFF!!!

2

kali-additions. My personal additions to Kali Linux

2

hlt. Handy Linux Tools

2

random-name. JavaScript

2

whoami-gui. AutoIt

1

mailgen. Use mailgen to generate bogus e-mail addresses.

1

splitfqdn. Split an FQDN in parts and rearrange its parts

1

ZecList. Some lists I created / gathered and put together / improved

1

reusables. Predominantly contains functions that can be reused.

1

resolves. Takes host names as input and output the host name if it resolves, making it usable in piped commands.

1

useshttp. Takes host names as input (ports and HTTP status code are optional) and outputs the base URL if a GET request is successful, making it usable in piped commands.

1

GetPdfAuthors. Download al files from a website and extract all authors from the PDF files

1

local_connectivity_check. Routes connectivity checks to pi-hole

1

WebCapper. Uitilizes subfinder and cutycapt to retrieve a list of hostnames and create a screenshot if a websites exists @ 80 or 443/TCP

1

smtp_test. PHP

1