Skip to content
Networking Tools Networking & Pentesting Tools

I Want To...

Find the right script by what you’re trying to do. Click any tool name to see its full documentation.

Recon & Discovery

Section titled “Recon & Discovery”
I want to…CommandTool
Find live hosts on a subnetmake discover-hosts TARGET=192.168.1.0/24nmap
Identify what’s running on open portsmake identify-ports TARGET=<ip>nmap
Survey nearby WiFi networksmake analyze-wifi TARGET=<interface>aircrack-ng
Monitor DNS queries on the networkmake analyze-dnstshark
Enumerate services with Metasploitmake scan-services TARGET=<ip>metasploit

Web Application Testing

Section titled “Web Application Testing”
I want to…CommandTool
Scan a web server for vulnerabilitiesmake scan-web-vulns TARGET=<ip>nmap
Quick web app scan (time-limited)make quick-scan TARGET=<url>skipfish
Scan specific vuln types (SQLi, XSS)make scan-vulns TARGET=<url>nikto
Scan with authentication (cookies/creds)make scan-auth TARGET=<url>nikto
Authenticated web app scanmake scan-auth-app TARGET=<url>skipfish
Scan multiple hosts at oncemake scan-hosts TARGET=<hostfile>nikto

SQL Injection

Section titled “SQL Injection”
I want to…CommandTool
Test parameters for SQL injectionmake test-params TARGET=<url>sqlmap
Dump a database via SQLimake dump-db TARGET=<url>sqlmap
Bypass WAF/IDS with tamper scriptsmake bypass-waf TARGET=<url>sqlmap

Password Cracking

Section titled “Password Cracking”
I want to…CommandTool
Crack Windows NTLM hashes (GPU)make crack-ntlm TARGET=<hashfile>hashcat
Crack web app hashes (MD5/SHA/bcrypt)make crack-web-hashes TARGET=<hashfile>hashcat
Benchmark GPU cracking speedmake benchmark-gpuhashcat
Crack Linux /etc/shadow passwordsmake crack-linux-pwjohn
Crack password-protected archivesmake crack-archive TARGET=<file>john
Identify an unknown hash typemake identify-hash TARGET=<hash>john

WiFi Security

Section titled “WiFi Security”
I want to…CommandTool
Capture a WPA handshakemake capture-handshake TARGET=<interface>aircrack-ng
Crack a captured WPA handshakemake crack-wpa TARGET=<capfile>aircrack-ng
Survey wireless networksmake analyze-wifi TARGET=<interface>aircrack-ng

Network & Traffic Analysis

Section titled “Network & Traffic Analysis”
I want to…CommandTool
Capture HTTP credentials from trafficmake capture-credstshark
Extract files from a packet capturemake extract-files TARGET=<pcap>tshark
Test firewall rules with crafted packetsmake test-firewall TARGET=<ip>hping3
Detect firewall presencemake detect-firewall TARGET=<ip>hping3

Network Diagnostics

Section titled “Network Diagnostics”
I want to…CommandTool
Diagnose DNS resolution issuesmake diagnose-dns TARGET=<domain>dig
Check full connectivity (DNS to TLS)make diagnose-connectivity TARGET=<domain>dig, ping, netcat, curl

Route Tracing & Performance

Section titled “Route Tracing & Performance”
I want to…CommandTool
Trace the network path to a hostmake trace-path TARGET=<host>traceroute
Analyze per-hop latencymake diagnose-latency TARGET=<host>traceroute (mtr)
Compare TCP/ICMP/UDP routesmake compare-routes TARGET=<host>traceroute
Run a full performance diagnosticmake diagnose-performance TARGET=<host>traceroute (mtr)

File Carving & Forensics

Section titled “File Carving & Forensics”
I want to…CommandTool
Recover deleted files from a disk imagemake recover-files TARGET=<image>foremost
Extract specific file types (jpg, pdf, exe)make carve-filetypes TARGET=<image>foremost
Analyze a forensic disk imagemake analyze-forensic TARGET=<image>foremost

Exploitation

Section titled “Exploitation”
I want to…CommandTool
Generate a reverse shell payloadmake gen-payload TARGET=<lhost>metasploit
Set up a reverse shell listenermake setup-listenermetasploit

Running Scripts Directly

Section titled “Running Scripts Directly”

Every script also works standalone:

Terminal window
bash scripts/<tool>/<script>.sh [target] [--help]

Typical Engagement Flow

Section titled “Typical Engagement Flow”
1. Discovery     make discover-hosts TARGET=192.168.1.0/24
1b. Diagnostics  make diagnose-dns TARGET=<domain>
                 make diagnose-connectivity TARGET=<domain>
1c. Route trace  make trace-path TARGET=<host>
                 make diagnose-latency TARGET=<host>
                 make diagnose-performance TARGET=<host>
2. Port scan     make identify-ports TARGET=<ip>
3. Web scan      make scan-web-vulns TARGET=<ip>
                 make scan-vulns TARGET=<url>
4. SQLi test     make test-params TARGET=<url>
5. Crack hashes  make crack-web-hashes TARGET=<hashfile>
6. Report        Check notes/ for detailed documentation

Learning Paths

Section titled “Learning Paths”

Want a guided sequence instead of picking individual tasks? Follow one of the structured learning paths:

  • Reconnaissance — DNS, host discovery, port scanning, traffic analysis, and service enumeration
  • Web App Testing — Find web ports, scan for vulnerabilities, test for SQLi, and crack extracted hashes
  • Network Debugging — DNS diagnostics, connectivity checks, route tracing, firewall testing, HTTP debugging, and packet capture