All Projects → ffffffff0x → Aboutsecurity

ffffffff0x / Aboutsecurity

A list of payload and bypass lists for penetration testing and red team infrastructure build.

Projects that are alternatives of or similar to Aboutsecurity

Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+19724.7%)
Mutual labels:  cheatsheet, methodology, hacking, pentest, redteam, payload, bypass
Payloads
Git All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1624.1%)
Mutual labels:  hacking, pentest, payload
Oscp Prep
my oscp prep collection
Stars: ✭ 105 (-36.75%)
Mutual labels:  cheatsheet, methodology, hacking
Offensive-Reverse-Shell-Cheat-Sheet
Offensive Reverse Shell (Cheat Sheet)
Stars: ✭ 138 (-16.87%)
Mutual labels:  cheatsheet, pentest, redteam
NewNtdllBypassInlineHook CSharp
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
Stars: ✭ 35 (-78.92%)
Mutual labels:  pentest, bypass, redteam
Pentest Guide
Penetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+692.77%)
Mutual labels:  pentest, payload, bypass
HellgateLoader CSharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Stars: ✭ 73 (-56.02%)
Mutual labels:  pentest, bypass, redteam
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+2413.86%)
Mutual labels:  hacking, pentest, bypass
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+336.75%)
Mutual labels:  hacking, pentest, redteam
Nac bypass
Script collection to bypass Network Access Control (NAC, 802.1x)
Stars: ✭ 79 (-52.41%)
Mutual labels:  pentest, redteam, bypass
Collection Document
Collection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+735.54%)
Mutual labels:  hacking, pentest, redteam
Xg2xg
by ex-googlers, for ex-googlers - a lookup table of similar tech & services
Stars: ✭ 10,218 (+6055.42%)
Mutual labels:  cheatsheet, infrastructure
Sippts
Set of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-30.12%)
Mutual labels:  hacking, pentest
Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-1.81%)
Mutual labels:  hacking, pentest
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1074.1%)
Mutual labels:  cheatsheet, pentest
Shodan Dorks
Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-28.92%)
Mutual labels:  hacking, pentest
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-27.11%)
Mutual labels:  hacking, payload
Entropy
Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-24.1%)
Mutual labels:  hacking, payload
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1006.63%)
Mutual labels:  hacking, redteam
Hacker Container
Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-36.75%)
Mutual labels:  hacking, pentest

English | 简体中文



Manual

  • Dic
    • Auth : Certified dictionaries
      • Accounts and passwords.
    • Network : network (computing)
      • Excluded private IP segments, local IP segments, list of dns servers.
    • Port : Port Dictionary
      • Following the idea of port penetration, the service blast points carried by different ports are used as dictionary content.
    • Regular : Dictionary of rules
      • Various rules, arrangement of dictionaries.
    • Web : Web Dictionaries
      • As the name implies, burstable points that appear during web penetration serve as dictionary content.
  • Payload
    • Burp
    • CORS
    • email
    • Format
    • LFI
    • OOB
    • SQL-Inj
    • SSI
    • XSS
    • XXE
  • VPS
    • Debian~ - Debian system infrastructure configuration.
    • Kali - Kali system infrastructure configuration.
    • RedHat~ - RedHat system infrastructure configuration.
  • CheatSheet : Directly copy a pair during penetration testing for reference, information logging, teamwork, reporting, etc.

CONTRIBUTORS&Thanks


Disclaimer&License

  • This work is licensed under a CC BY-SA 4.0.
    • Share — copy and redistribute the material in any medium or format
    • Adapt — remix, transform, and build upon the material for any purpose, even commercially.
    • Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
    • ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
    • No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
  • Note: All documents in this project are for study and research purposes only, please do not use the documents in the project for illegal purposes, any negative impact caused by anyone has nothing to do with me.
  • Note: Downloading this repository will most likely result in your anti-virus software reporting viruses, please whitelist the project path. There are no malicious files in this project, however, due to the risk of local files containing attacks, it is not recommended to store these files on servers or other critical systems.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].