New IS Audits tools repository on Github

Penetration testers rely heavily on the open source community for developing tools and techniques for performing our jobs. In the spirit of sharing back with the open source community, we have released many of the tools and exploits that our team has written under the GPL license on Github. We hope you find these tools useful – feel free to submit any improvements, suggestions, comments, or criticisms back to us.

The IS Audits github code repository can be found at

Repositories released to the public currently include:

  • Scripts – a collection of miscellaneous scripts, most of which involve automating recurring tasks
  • msf – Python class for simplifying execution of Metasploit commands
  • crack – Python XMLRPC client-server application for cracking various password hashes. Hash files are uploaded to the server from the client application, cracked by the server, and results are returned back to the client. This is a fork of an application originally written by Stephen Haywood (aka AverageSecurityGuy). Master source code is maintained at and all changes made by IS Audits are submitted back for merging back into the master branch.