Pentest Lab Logo

Pentest Lab

2
Free
Visit Website

This local pentest lab leverages docker compose to spin up multiple victim services and an attacker service running Kali Linux. If you run this lab for the first time it will take some time to download all the different docker images. Executed commands: - ./lab.sh --help - ./lab.sh --check-dependencies - ./lab.sh --up --all-services - ./lab.sh --info - ./lab.sh --overview all - ssh root@kali -o "UserKnownHostsFile /dev/null" - ./lab.sh --down Usage: The lab should work out of the box if all needed dependencies are installed. At startup, the lab will run a dependency check. Start the lab: - git clone https://github.com/oliverwiegers/pentest_lab - cd pentest_lab - ./lab.sh -u By default, the lab will start all victim services and one red team service. Other services can be started and added. More information on this down on this below. For further usage information, consider reading the help message shown by ./lab.sh -h | --help. Dependencies: - bash - find - sed - yq (The Python version. Not yq-go.) - docker - docker-compose The lab has a built-in dependency check which runs.

FEATURES

ALTERNATIVES

High-performant, coroutines-driven, and fully customisable Low & Slow load generator for real-world pentesting with undetectability through Tor.

Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.

Stealing Signatures and Making One Invalid Signature at a Time.

Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.

A simple file format fuzzer for Android that can fuzz multiple readers at once

A black-box obfuscation tool for Android apps with Android App Bundle support.

A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.

An open-source intelligence collection, research, and artifact management tool inspired by SpiderFoot, Harpoon, and DataSploit.