PentestManager is a productivity toolkit designed to simplify the workflow of penetration testing packed with aliases, functions, and scripts.
- Clone the repository:
git clone https://github.com/P-ict0/PentestManager.git
cd PentestManager
cp pentest_aliases.sh ~/.pentest_aliases- Add the following lines to your
~/.zshrc:
if [ -f "$HOME/.pentest_aliases" ]; then
. "$HOME/.pentest_aliases"
fiThis tool provides:
- Bookkeeping of targets, IPs, users, passwords, and credentials.
- Shell aliases for faster operations.
- Other pentest workflows with automation scripts.
Here’s an overview of the main commands and aliases included in PentestManager:
sb # Reloads the shell configuration.
crackjohn <file> # Uses john with the RockYou wordlist to crack hashes.
crack <file> # Uses hashcat with the RockYou wordlist and rule64 for cracking hashes.
rev <port> # Starts a reverse shell listener (nc) on the specified port.init_target <name> # Initializes a new target directory structure within the cwd.
set_target <path> # Sets the current target.
get_target # Displays the current target.This will create a directory structure like this:
target
├── enum/
├── exploits/
├── loot/
│ ├── creds_commented.txt
│ ├── creds.txt (copy of creds_commented.txt without comments)
│ ├── hashes/
│ ├── ip.txt
│ ├── passwords_commented.txt
│ ├── passwords.txt (copy of passwords_commented.txt without comments)
│ ├── usersandpasses.txt (combination of users.txt and passwords.txt)
│ ├── users_commented.txt
│ └── users.txt (copy of users_commented.txt without comments)
└── www/ (to open a web server and host files)
Note: You can run these commands from anythere in the filesystem, it will still get the IP of the current target
set_ip <ip_address> # Assigns an IP address to the current target.
get_ip [target] # IP address of current or specified target.Note: You can run these commands from anythere in the filesystem, it will still save or retrieve data from the current target
add_user <username> [comment] # Adds a user to the target's user list.
add_pass <password> [comment] # Adds a password to the target's password list.
add_creds <username> <password> [comment] # Adds a username:password pair to the credentials list.
get_users [target] # Displays users for the current or specified target.
get_passes [target] # Displays passwords for the current or specified target.
get_creds [target] # Displays credentials for the current or specified target.
clear_loot # Empties the user, passwords and creds files for the current target.extract_ports "<nmap_output>" # Extracts open ports from nmap output and copies them to the clipboard.
# e.g. extract_ports "53/tcp open domain syn-ack ttl 125
# 88/tcp open kerberos-sec syn-ack ttl 125
# 135/tcp open msrpc syn-ack ttl 125
#
# >> Output: 53,88,135ve # Creates a Python virtual environment.
va # Activates the Python virtual environment.
vd # Deactivates the Python virtual environment.
vu # Updates pip, setuptools, and wheel in the virtual environment.
vr # Installs dependencies from requirements.txt.
init_venv # Initializes a new Python virtual environment (alias for ve && va && vu && vr).This project is licensed under the MIT License. See the LICENSE file for details.
- Extracting specific port information from nmap output.
- More functions to add hashes, etc.