# Pentesting Machine

### Operating System

I either use Kali Linux or ParrotOS. Usually cloning the seclists in the home directory and installing any tool I feel needed.

### Tools

The following list is a list of must-have tools I add on top of the already available ones in the distros.

This list will be expanded with time

* exploitdb
* **Oracle-Tools-setup.sh**
* [Impacket MSSQL client and tools](https://github.com/fortra/impacket/tree/master?tab=readme-ov-file#setup)
* [Nuclei](https://github.com/projectdiscovery/nuclei)
* crowbar
* sqsh

### Folder structure

```shell-session
Projects/
└── Acme Company
    ├── EPT
    │   ├── evidence
    │   │   ├── credentials
    │   │   ├── data
    │   │   └── screenshots
    │   ├── logs
    │   ├── scans
    │   ├── scope
    │   └── tools
    └── IPT
        ├── evidence
        │   ├── credentials
        │   ├── data
        │   └── screenshots
        ├── logs
        ├── scans
        ├── scope
        └── tools
```

EPT and IPT stand for External/Internal Penetration Testing

### Note taking app

There are multiple available. I will note here which one I'll stick to using after I have a definitive answer

Possibilities include

| [Cherrytree](https://www.giuspen.com/cherrytree)     | [Visual Studio Code](https://code.visualstudio.com) | [Evernote](https://evernote.com)            |
| ---------------------------------------------------- | --------------------------------------------------- | ------------------------------------------- |
| [Notion](https://www.notion.so)                      | [GitBook](https://www.gitbook.com)                  | [Sublime Text](https://www.sublimetext.com) |
| [Notepad++](https://notepad-plus-plus.org/downloads) | [LogSeq](https://logseq.com/)                       |                                             |

## Oracle-Tools-setup.sh

```bash
#!/bin/bash

sudo apt-get install libaio1 python3-dev alien -y
git clone https://github.com/quentinhardy/odat.git
cd odat/
git submodule init
git submodule update
wget https://download.oracle.com/otn_software/linux/instantclient/2112000/instantclient-basic-linux.x64-21.12.0.0.0dbru.zip
unzip instantclient-basic-linux.x64-21.12.0.0.0dbru.zip
wget https://download.oracle.com/otn_software/linux/instantclient/2112000/instantclient-sqlplus-linux.x64-21.12.0.0.0dbru.zip
unzip instantclient-sqlplus-linux.x64-21.12.0.0.0dbru.zip
export LD_LIBRARY_PATH=instantclient_21_12:$LD_LIBRARY_PATH
export PATH=$LD_LIBRARY_PATH:$PATH
pip3 install cx_Oracle
sudo apt-get install python3-scapy -y
sudo pip3 install colorlog termcolor passlib python-libnmap
sudo apt-get install build-essential libgmp-dev -y
pip3 install pycryptodome
```

Test with `./odat.py -h`