Arsenal is just a quick inventory, reminder and launcher for pentest commands.
This project written by pentesters for pentesters simplify the use of all the hard-to-remember commands
In arsenal you can search for a command, select one and it’s prefilled directly in your terminal. This functionality is independent of the shell used.
Indeed arsenal emulates real user input (with TTY arguments and IOCTL) so arsenal works with all shells and your commands will be in the history.
You have to enter arguments if needed, but arsenal supports global variables.
For example, during a pentest we can set the variable ip
to prefill all commands using an ip with the right one.
To do that you just have to enter the following command in arsenal:
>set ip=10.10.10.10
Authors:
This project is inspired by navi because the original version was in bash and too hard to understand to add features
<argument|default_value>
python3 -m pip install arsenal-cli
alias a='arsenal'
)arsenal
git clone https://github.com/Orange-Cyberdefense/arsenal.git
cd arsenal
python3 -m pip install -r requirements.txt
./run
Inside your .bashrc or .zshrc add the path to run
to help you do that you could launch the addalias.sh script
./addalias.sh
Also if you are an Arch user you can install from the AUR:
git clone https://aur.archlinux.org/arsenal.git
cd arsenal
makepkg -si
Or with an AUR helper like yay:
yay -S arsenal
./run -t # if you launch arsenal in a tmux window with one pane, it will split the window and send the command to the otherpane without quitting arsenal
# if the window is already splited the command will be send to the other pane without quitting arsenal
./run -t -e # just like the -t mode but with direct execution in the other pane without quitting arsenal
You could add your own cheatsheets insode the my_cheats folder or in the ~/.cheats folder.
You could also add additional paths to the file <arsenal_home>/arsenal/modules/config.py
, arsenal reads .md
(MarkDown) and .rst
(RestructuredText).
CHEATS_PATHS = [
join(BASEPATH, "cheats"), # DEFAULT
join(HOMEPATH, "docs/my_cheats")
]
Cheatsheets examples are in <arsenal_home>/cheats
: README.md
and README.rst
If you got on error on color init try :
export TERM='xterm-256color'
—
If you have the following exception when running Arsenal:
ImportError: cannot import name 'FullLoader'
First, check that requirements are installed:
pip install -r requirements.txt
If the exception is still there:
pip install -U PyYAML
—
If you encounter an exception similar to the following (contains TIOCSTI in strace) when running Arsenal:
[...]
fcntl.ioctl(stdin, termios.TIOCSTI, c)
OSError: [Errno 5] Input/output error
Then you may need to re-enable TIOCSTI:
sudo sysctl -w dev.tty.legacy_tiocsti=1
Active directory mindmap
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…