Skip to content

Instantly share code, notes, and snippets.

@songwutk

songwutk/gcp-pentools.sh

Last active December 9, 2025 03:25
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save songwutk/44683a5de2c78ce70761bdfe21ccf28c to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save songwutk/44683a5de2c78ce70761bdfe21ccf28c to your computer and use it in GitHub Desktop.
Download ZIP
GCP Pentest tools
Raw
gcp-pentools.sh
#!/bin/bash
# สีสำหรับ Output
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo -e "${BLUE}======================================================${NC}"
echo -e "${BLUE} Google Cloud Pentest Setup (Optimized) ${NC}"
echo -e "${BLUE}======================================================${NC}"
# 1. Update System
echo -e "${YELLOW}[+] Updating & Upgrading System...${NC}"
sudo apt update && sudo apt upgrade -y
# 2. Install Essential Utilities
echo -e "${YELLOW}[+] Installing System Utilities...${NC}"
sudo apt install -y htop screen tmux net-tools whois netcat-openbsd socat curl wget git vim nano p7zip-full build-essential libssl-dev libffi-dev zlib1g-dev dnsutils iputils-ping
# 3. Language Environments (ตัด Java ออกเพราะไม่ได้ใช้ DirBuster แล้ว)
echo -e "${YELLOW}[+] Setting up Language Environments (Python, Ruby, Perl, Go)...${NC}"
sudo apt install -y python3-dev python3-pip python3-venv pipx ruby-dev perl libwww-perl libxml2 libxml2-dev libxslt1-dev golang
ensurepath
# 4. Install Exploit Database
echo -e "${YELLOW}[+] Installing ExploitDB...${NC}"
if [ ! -d "/usr/share/exploitdb" ]; then
sudo git clone https://github.com/offensive-security/exploitdb.git /usr/share/exploitdb
sudo ln -sf /usr/share/exploitdb/searchsploit /usr/local/bin/searchsploit
else
echo -e "${GREEN}ExploitDB already installed.${NC}"
fi
# 5. Core Pentest Tools
echo -e "${YELLOW}[+] Installing Core Tools (Nmap, Hydra, Sqlmap, Gobuster, Dirb)...${NC}"
# เก็บ dirb ไว้เป็น backup เผื่อ gobuster มีปัญหา (ตัวเล็กนิดเดียว)
sudo apt install -y nmap sqlmap hydra gobuster dirb
# 6. Manual Install: Nikto
echo -e "${YELLOW}[+] Installing Nikto (Manual)...${NC}"
cd ~
if [ ! -d "nikto" ]; then
git clone https://github.com/sullo/nikto.git
sudo ln -sf ~/nikto/program/nikto.pl /usr/local/bin/nikto
else
echo "Nikto already exists."
fi
# 7. Manual Install: SecLists
echo -e "${YELLOW}[+] Installing SecLists (Manual - Large Download)...${NC}"
sudo mkdir -p /usr/share/seclists
if [ -z "$(ls -A /usr/share/seclists)" ]; then
sudo git clone --depth 1 https://github.com/danielmiessler/SecLists.git /usr/share/seclists
else
echo "SecLists already exists."
fi
mkdir -p ~/wordlists
ln -sf /usr/share/seclists ~/wordlists/SecLists
# 8. Metasploit Framework
echo -e "${YELLOW}[+] Installing Metasploit Framework...${NC}"
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
chmod 755 msfinstall
sudo ./msfinstall
rm msfinstall
# 9. Specialized Web Scanners & Frameworks
echo -e "${YELLOW}[+] Installing Web CMS Scanners...${NC}"
# 9.1 WPScan
sudo gem install wpscan
# 9.2 CMSMap
cd ~
if [ ! -d "CMSmap" ]; then
git clone https://github.com/Dionach/CMSmap.git
cd CMSmap
pip3 install -r requirements.txt --break-system-packages 2>/dev/null || pip3 install -r requirements.txt
cd ~
fi
# 9.3 JoomScan
cd ~
if [ ! -d "joomscan" ]; then
git clone https://github.com/rezasp/joomscan.git
chmod +x joomscan/joomscan.pl
fi
# ==========================================
# 9.4 (NEW) CMS-Exploit-Framework
# ==========================================
echo -e "${YELLOW}[+] Installing CMS-Exploit-Framework...${NC}"
cd ~
if [ ! -d "CMS-Exploit-Framework" ]; then
git clone https://github.com/1337-server/CMS-Exploit-Framework.git
cd CMS-Exploit-Framework
chmod +x cms-exploit-framework.sh
# สร้าง Alias ให้เรียกใช้ง่ายๆ
echo "alias cms-exploit='cd ~/CMS-Exploit-Framework && ./cms-exploit-framework.sh'" >> ~/.bashrc
cd ~
else
echo "CMS-Exploit-Framework already exists."
fi
# ==========================================
# 9.5 (BONUS) CMSeeK (Modern CMS Detection)
# ==========================================
echo -e "${YELLOW}[+] Installing CMSeeK (Best for Detection)...${NC}"
cd ~
if [ ! -d "CMSeeK" ]; then
git clone https://github.com/Tuhinshubhra/CMSeeK.git
cd CMSeeK
pip3 install -r requirements.txt --break-system-packages 2>/dev/null || pip3 install -r requirements.txt
cd ~
fi
# 10. Python Tools via pipx
echo -e "${YELLOW}[+] Installing Impacket & Droopescan...${NC}"
pipx install impacket
pipx install droopescan
# 11. Final Configs (.bashrc aliases)
echo -e "${YELLOW}[+] Configuring Aliases...${NC}"
if ! grep -q "alias joomscan" ~/.bashrc; then
echo "alias joomscan='perl ~/joomscan/joomscan.pl'" >> ~/.bashrc
fi
if ! grep -q "alias cmsmap" ~/.bashrc; then
echo "alias cmsmap='python3 ~/CMSmap/cmsmap.py'" >> ~/.bashrc
fi
if ! grep -q "alias cmseek" ~/.bashrc; then
echo "alias cmseek='python3 ~/CMSeeK/cmseek.py'" >> ~/.bashrc
fi
echo -e "${GREEN}======================================================${NC}"
echo -e "${GREEN} SETUP COMPLETE! ${NC}"
echo -e "${GREEN}======================================================${NC}"
echo -e "คำแนะนำ:"
echo -e "1. รันคำสั่ง ${BLUE}source ~/.bashrc${NC} เพื่อโหลด Alias ใหม่"
echo -e "2. ทดสอบเครื่องมือ:"
echo -e " - ${BLUE}cms-exploit${NC} : เปิดเมนู CMS Exploit Framework"
echo -e " - ${BLUE}cmseek${NC} : รัน CMSeeK (แนะนำให้ลองใช้ก่อน exploit)"
echo -e " - ${BLUE}gobuster${NC} : ใช้แทน DirBuster"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment