PenTester Scripting is a curated catalog of scripts, tools, and techniques used in penetration testing engagements. The project has been online since 2009, serving as a practical reference for security professionals worldwide.
What You'll Find Here
Our catalog is organized by penetration testing phase, following the standard methodology:
- Discovery — Service discovery, vulnerability scanning, and SSL testing scripts. (12 scripts)
- Post Exploitation — Post-exploitation scripts for maintaining access and pivoting. (1 scripts)
- Exploitation — Exploitation scripts, SQL injection, XSS, and attack tools. (13 scripts)
- Misc — Miscellaneous security scripts and utilities. (4 scripts)
- Mapping — Network mapping, scanning, and enumeration scripts. (14 scripts)
- Reports & Data — Data manipulation, reporting, and analysis scripts. (1 scripts)
- Recon — Reconnaissance scripts and techniques for gathering information about targets. (1 scripts)
Each script entry includes the source code, usage instructions, and context on when and how to use it during an engagement.
Who Is This For
This resource is built for penetration testers, red team operators, bug bounty hunters, and security students. The scripts cover common tasks that come up during authorized security assessments — from initial reconnaissance to post-exploitation.
Responsible Use
All scripts and techniques are provided for authorized security testing and educational purposes only. Always obtain proper authorization before testing systems you do not own. Unauthorized access to computer systems is illegal.
Related Resources
Looking for more security tools?