A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Search for Unix binaries that can be exploited to bypass system security restrictions.

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

Automation for internal Windows Penetrationtest / AD-Security

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

Cheatsheet to exploit and learn SQL Injection.

Wordlists and passwords handcrafted with ♥

Offensive Reverse Shell (Cheat Sheet)

Terribad PrivEsc enumeration script for Windows systems

一款适用于红蓝对抗中的仿真钓鱼系统

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)