Commit Graph

460 Commits

Author SHA1 Message Date
CravateRouge
a287736a3a
Add Snaffpoint usage example 2022-11-04 14:15:08 +01:00
Swissky
e556e9ad40
Merge pull request #589 from jaxBCD/patch-2
Update Subdomain enumeration
2022-11-03 21:34:48 +01:00
Swissky
3dd7f46717
Update Subdomains Enumeration.md 2022-11-03 21:34:34 +01:00
Swissky
2227472e1c .NET formatters and POP gadgets 2022-11-03 21:31:50 +01:00
Marcus T
11fbceca31
Add git persistence techniques
Adds information about backdooring git configs and git hooks.
2022-10-29 19:37:32 -07:00
Marcus T
501975a330
Add timestomping to Linux evasion techniques 2022-10-26 15:40:03 -04:00
jaxBCD
d999f798d7
Update Subdomain enumeration 2022-10-25 15:44:37 +07:00
Fabian S. Varon Valencia
3adbd70b01 remove not found links 2022-10-24 12:29:59 -05:00
Fabian S. Varon Valencia
b00ba7f38d replace currento 404 link with 200 time Machine web snapshot 2022-10-24 12:29:32 -05:00
Fabian S. Varon Valencia
9128b183d3 update link URL 2022-10-24 12:28:31 -05:00
Swissky
fe41254fde XXS Public Example + PHP Filter RCE 2022-10-24 12:05:39 +02:00
Swissky
35ff178624
Merge pull request #587 from abhishekchak52/typo-grammar-fix
Typo and grammar fix
2022-10-23 11:20:30 +02:00
Abhishek Chakraborty
37da322136
Typo and grammar fix 2022-10-22 17:47:10 -07:00
nzdjb
c5146f5dc8
feat: Explain ec2:AssociateIamInstanceProfile
Add explanation for ec2:AssociateIamInstanceProfile.
Also, fix a typo.
2022-10-23 09:24:08 +13:00
7RU7H
22fe4d16e2
Update Windows -Privilege Escalation - Typo Fix
# Line 304 - Typo: `...\CurentControlSet\..` -> `...\CurrentControlSet\..`
2022-10-22 14:27:01 +01:00
Swissky
8df30de938 Remove deadlink 2022-10-21 12:16:32 +02:00
Swissky
2fc3eed8a5 Insecure Randomness 2022-10-17 11:07:33 +02:00
Swissky
8df0f565f3 Sapphire and Diamond Tickets 2022-10-16 20:46:05 +02:00
Swissky
b7043cfedd Bug Hunting Methodology Update 2022-10-16 00:27:47 +02:00
llamasoft
78ff651643 Add Linux evasion to its own article
Linux evasion techniques were previously included as part of persistence,
but the number of techniques are varied enough where it likely should
be its own article.
2022-10-14 17:30:25 -04:00
Swissky
6479c3a400
Merge pull request #574 from sebch-/patch-5
Update Active Directory Attack.md
2022-10-12 21:43:44 +02:00
Seb
b809e104e6
Update Active Directory Attack.md 2022-10-12 21:24:47 +02:00
Seb
f18d4991ff
Update Active Directory Attack.md 2022-10-12 19:47:40 +02:00
Seb
5480c40098
Update Hash Cracking.md 2022-10-12 19:29:15 +02:00
Seb
ad5bbd49f1
Update Hash Cracking.md 2022-10-12 18:06:22 +02:00
Swissky
f7a74feaf7 Azure Tools Update 2022-10-12 18:03:49 +02:00
pop3ret
0530c19c88
Update Cloud - AWS Pentest.md 2022-10-09 16:03:33 -03:00
pop3ret
4b4a630085
Changed summary and chapters
Changed summary to include the cheatsheet and also changed the format of the cheatsheet to be the same as the original file
2022-10-09 16:01:14 -03:00
Swissky
522b55eec5
Update Cloud - AWS Pentest.md 2022-10-07 10:50:59 +02:00
pop3ret
00189411d4
Merge AWSome Pentesting into Cloud - AWS Pentest
Merge the notes with the existing one
2022-10-06 13:43:09 -03:00
Alexander Lübeck
576322d475 Fixed invalid hyperlink 2022-10-02 15:58:16 +02:00
Swissky
99a1304af9 Methodology and enumeration rework 2022-10-02 13:13:16 +02:00
Swissky
4ed3e3b6b9 Blind SSTI Jinja 2022-10-02 12:24:39 +02:00
Swissky
72a8556dc9 NodeJS Serialization 2022-09-23 11:21:29 +02:00
Swissky
2d30e22121 DPAPI - Data Protection API 2022-09-23 00:35:34 +02:00
Processus Thief
8d564ff78b update hekatomb to install with pip
hekatomb is now available on pypi to simplify its installation
2022-09-22 16:10:20 +02:00
Processus Thief
885f8bdb8f Adding Hekatomb.py to DPAPI credentials stealing
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations.
Then it will download all DPAPI blob of all users from all computers.
Finally, it will extract domain controller private key through RPC uses it to decrypt all credentials.

More infos here : https://github.com/Processus-Thief/HEKATOMB
2022-09-20 16:56:07 +02:00
Swissky
b6e7210ee0
Merge pull request #501 from fantesykikachu/win-p3-revshell
Add Windows Python3 Reverse Shell
2022-09-06 23:23:50 +02:00
CravateRouge
dad7362da6
Update bloodyAD attacks 2022-09-06 19:13:34 +02:00
Swissky
191a72c57e Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2022-09-06 10:05:16 +02:00
Swissky
2be739ea4f Fixing TGS/ST 2022-09-06 10:03:49 +02:00
Swissky
bdc2d55dd9
Merge pull request #533 from 0xsyr0/patch-1
Quick fix for WSUS malicious patch
2022-09-04 20:54:17 +02:00
Swissky
9e2471a472 SCCM Network Account 2022-09-04 20:51:23 +02:00
Swissky
fae02107df Jetty RCE Credits 2022-09-04 14:24:16 +02:00
Swissky
811863501b ESC9 - No Security Extension 2022-09-03 12:07:24 +02:00
0xsry0
343d63f79f
Quick fix for WSUS malicious patch
Not sure if it is deprecated but by tackling the box Outdated on HTB, the command didn't worked with two `&&`. To concatenate  `"net user WSUSDemo Password123! /add ` and `net localgroup administrators WSUSDemo /add\""`, the `^&` is required.
2022-08-24 09:10:55 +02:00
Swissky
fbd7517e04 LFI2RCE - Picture Compression - SOCKS5 CS 2022-08-21 16:38:54 +02:00
Swissky
804920be62 Source Code Management 2022-08-18 10:43:01 +02:00
Swissky
6650c361e7 Capture a network trace with builtin tools 2022-08-15 15:02:29 +02:00
Adham Elmosalamy
1b2471265a
Typo fix 2022-08-08 16:08:55 +04:00