Arsenal is only a fast stock, reminder and launcher for pentest instructions.
This venture written by pentesters for pentesters simplify the usage of all of the hard-to-remember instructions
In arsenal you may seek for a command, choose one and it is prefilled immediately in your terminal. This performance is impartial of the shell used. Certainly arsenal emulates actual person enter (with TTY arguments and IOCTL) so arsenal works with all shells and your instructions will probably be within the historical past.
It’s a must to enter arguments if wanted, however arsenal helps world variables.
For instance, throughout a pentest we will set the variable ip to prefill all instructions utilizing an ip with the precise one.
To do this you simply need to enter the next command in arsenal:
Authors:
This venture is impressed by navi (https://github.com/denisidoro/navi) as a result of the unique model was in bash and too arduous to know so as to add options
Arsenal new options
- New colours
- Add tmux new pane assist (with -t)
- Add default values in cheatsheets instructions with
<argument|default_value> - Help description inside cheatsheets
- New classes and Tags
- New cheatsheets
- Add yml assist (thx @0xswitch )
- Add fzf assist with ctrl+t (thx @mgp25)
Set up & Launch
python3 -m pip set up arsenal-cli
- run (we additionally recommendation you so as to add this alias :
alias a="arsenal")
git clone https://github.com/Orange-Cyberdefense/arsenal.git
cd arsenal
python3 -m pip set up -r necessities.txt
./run
Inside your .bashrc or .zshrc add the trail to run that will help you try this you may launch the addalias.sh script
- Additionally if you’re an Arch person you may set up from the AUR:
git clone https://aur.archlinux.org/arsenal.git
cd arsenal
makepkg -si- Or with an AUR helper like yay:
Launch in tmux mode
./run -t #Â when you launch arsenal in a tmux window with one pane, it'll cut up the window and ship the command to the otherpane with out quitting arsenal
#Â if the window is already splited the command will probably be ship to the opposite pane with out quitting arsenal
./run -t -e # identical to the -t mode however with direct execution within the different pane with out quitting arsenal
Add exterior cheatsheets
You would add your personal cheatsheets insode the my_cheats folder or within the ~/.cheats folder.
You would additionally add extra paths to the file <arsenal_home>/arsenal/modules/config.py, arsenal reads .md (MarkDown) and .rst (RestructuredText).
<arsenal_home>/cheats: README.md and README.rst
Troubleshooting
In the event you bought on error on shade init attempt :
export TERM='xterm-256color'
—
In case you have the next exception when working Arsenal:
ImportError: can not import title 'FullLoader'
First, examine that necessities are put in:
pip set up -r necessities.txt
If the exception continues to be there:
Mindmap
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
TODO cheatsheets
reverse shell
whitebox evaluation grep regex
Instruments
smb
kerberos & AD
MITM
Unserialize
bruteforce & cross cracking
scan
fuzz
DNS
rpc
netbios-ssn
sql
oracle
mysql
nfs
rdp
mssql
winrm
redis
postgres
vnc
x11
ldap
https
internet
app internet