Tools

In this page you will find a list of tools and scripts that I believe to be useful for the community and can provide benefit to developers and administrators to strengthen their defences or plainly make the life of a pentester much easier.

  • LinEnum: This is a really useful script for identifying potential files and paths on Linux environments, that could result in privilege escalation.
    You can find it here: https://github.com/rebootuser/LinEnum
  • TinyMet: A miniscule meterpreter stager (only 4KB) that can be changed on the fly to use different payloads (reverse_tcp, bind_tcp, reverse_http) or targets.
    You can find it here: https://github.com/SherifEldeeb/TinyMet

  • iFunbox: One of the main tools I use during iOS application tests. It allows to quickly browse the filesystem of the iOS device, and identify any sensitive information that may be stored inside the application’s folder. It also allows opening directly plist files in XML format and create a USB tunnel between the host and a jailbroken device. I would advice to use the classic version, as the newer version’s interface is quite “busy”.
    You can find it here: http://www.i-funbox.com/