Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+4565.22%)
machinescliThis tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.
Stars: ✭ 34 (+47.83%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+1147.83%)
writeupsWriteups for vulnerable machines.
Stars: ✭ 110 (+378.26%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+29821.74%)
PywerviewA (partial) Python rewriting of PowerSploit's PowerView
Stars: ✭ 292 (+1169.57%)
OscprepoA list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Stars: ✭ 1,916 (+8230.43%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (+608.7%)
Ctf DifficultyThis cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Stars: ✭ 338 (+1369.57%)
CTF-Script-And-Template-Thrift-Shop[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…
Stars: ✭ 38 (+65.22%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+517.39%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+3269.57%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (+165.22%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+86.96%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+3395.65%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+36634.78%)
Suid3numA standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
Stars: ✭ 342 (+1386.96%)
oscpMy notebook for OSCP Lab
Stars: ✭ 22 (-4.35%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+3752.17%)
Oscp Ctfoscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.
Stars: ✭ 62 (+169.57%)
SsrfmapAutomatic SSRF fuzzer and exploitation tool
Stars: ✭ 1,344 (+5743.48%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (+695.65%)
MyJWTA cli for cracking, testing vulnerabilities on Json Web Token(JWT)
Stars: ✭ 92 (+300%)
flydnsRelated subdomains finder
Stars: ✭ 29 (+26.09%)
Linux Smart EnumerationLinux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+8404.35%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (+191.3%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (+108.7%)
HTB-writeupPassword-protected writeups of HTB platform (challenges and boxes) https://cesena.github.io/
Stars: ✭ 21 (-8.7%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (+1126.09%)
redshellguidepython script allow red teaming , hackthebox Pwners , OSCP lovers to shorten their time by these useful shells
Stars: ✭ 32 (+39.13%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+16052.17%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (+2939.13%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (+339.13%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+1856.52%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+839.13%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+669.57%)
Pentest LabPentest Lab on OpenStack with Heat, Chef provisioning and Docker
Stars: ✭ 353 (+1434.78%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+821.74%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (+3178.26%)
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.
Stars: ✭ 610 (+2552.17%)
GraphqlmapGraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.
Stars: ✭ 434 (+1786.96%)
Privilege EscalationThis cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Stars: ✭ 2,117 (+9104.35%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (+465.22%)
Vulnhub Ctf WriteupsThis cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (+1500%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (+17.39%)
Pentest-Service-EnumerationSuggests programs to run against services found during the enumeration phase of a Pentest
Stars: ✭ 80 (+247.83%)
exploitsExploits developed by me.
Stars: ✭ 35 (+52.17%)
2017-qualsTasks from CTFZone 2017 quals
Stars: ✭ 13 (-43.48%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (+352.17%)
winallenumThis powershell script has got to run in remote hacked windows host, even for pivoting
Stars: ✭ 13 (-43.48%)
Enum.pyA tool to enumerate network services
Stars: ✭ 23 (+0%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (+104.35%)