Penetration testers rely heavily on the open source community for developing tools and techniques for performing our jobs. In the spirit of sharing back with the open source community, we release many of the tools and exploits that our team has written under the GPL license on Github. We hope you find these tools useful – feel free to submit any improvements, suggestions, comments, or criticisms back to us.
The IS Audits github code repository can be found at https://github.com/isaudits/.
Repositories released to the public currently include:
- pasv-agrsv – Automation script for passive / OSINT recon on a domain
- autoenum – Nmap enumeration and script scanning automation utility
- scripts – a collection of miscellaneous scripts, most of which involve automating recurring tasks
- msf – Python class for simplifying execution of Metasploit commands
- crack – Python XMLRPC client-server application for cracking various password hashes. Hash files are uploaded to the server from the client application, cracked by the server, and results are returned back to the client. This is a fork of an application written by Stephen Haywood (aka AverageSecurityGuy). Master source code is maintained at https://github.com/averagesecurityguy/crack/ and all changes made by IS Audits are submitted back for merging into the master branch.