December 20, 2011, pentestmonkey · A long time ago, I started writing a tool to look for local privilege escalation vectors on Windows systems – e.g. weak permissions on files, directories, service registy keys. I never quite got round to finishing it, but the project could still be useful ...

See this blog post for download link and installation instructions.

pentestmonkey has 21 repositories available. Follow their code on GitHub.

Contribute to pentestmonkey/php-reverse-shell development by creating an account on GitHub.

If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell · If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing ...

Version 1.1 of the Yaptest Frontend is now available. Download it here. There are three main improvements to the interface: The “Ports” page now displays Nmap version and service information when it’s available.

pentestmonkey · Taking the monkey work out of pentesting · Site News · Blog · Tools · Yaptest · Cheat Sheets · Contact · This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PHP. Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser.

pentestmonkey · Taking the monkey work out of pentesting · Site News · Blog · Tools · Yaptest · Cheat Sheets · Contact · Some useful syntax reminders for SQL Injection into Informix databases… · SQL Injection cheatsheet, database, informix, 0 · Some useful syntax reminders for SQL Injection into MSSQL databases…

Home / Pentestmonkey · 24 Dec · Pentester · Privilege Escalation,Skills · Tags: pentestmonkey · no comments · Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g.

unix-privesc-check v1.4 can be downloaded here.

Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems - pentestmonkey/windows-privesc-check

This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PHP, you want an interactive shell, but the Firewall is doing proper egress and ingress filtering – so bindshells and reverse shells won’t work.

File management, so you can explore ... upload / download files. Ensuring the backdoor isn’t detected by current AV products · This is a lofty goal and I hope the project is a success. Being from a network-based pentesting background, I was most inspired by the idea of getting a reverse shell. I’ve written working prototypes for PERL and PHP: http://pentestmonkey.net/tools...

Automatically exported from code.google.com/p/unix-privesc-check - pentestmonkey/unix-privesc-check

open and streamsetblocking require PHP version 4.3+, or 5+ // Use of streamselect() on file descriptors returned by proc_open() will fail and return FALSE under Windows. // Some compile-time options are needed for daemonisation (like pcntl, posix). These are rarely available. // // Usage // ----- // See http://pentestmonkey.net/tools/php-reverse-shell if you get stuck.

pentestmonkey · Taking the monkey ... relaying of queries through another finger server. Recent changes are detailed in the CHANGELOG. Download finger-user-enum v1.0 here....

Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server. - pentestmonkey/finger-user-enum