Swissky
|
11fc6e4bc5
|
NTLM relay + MS08-068
|
2019-10-20 22:09:36 +02:00 |
|
Hi15358
|
b54142c3a2
|
Update Reverse Shell Cheatsheet.md
|
2019-10-21 02:35:13 +08:00 |
|
Swissky
|
ed252df92e
|
krb5.keytab + credential use summary
|
2019-10-20 13:25:06 +02:00 |
|
Swissky
|
7159a3ded3
|
RODC dcsync note + Dumping AD Domain summary
|
2019-10-18 00:07:09 +02:00 |
|
OOP
|
f0af3b4f4d
|
Update Active Directory Attack.md
|
2019-10-15 23:18:07 +07:00 |
|
Swissky
|
357658371f
|
SSRF URL for Google Cloud
|
2019-10-06 20:59:58 +02:00 |
|
Mark
|
3fb2a9006f
|
Add Spyse to network discovery
1. spyse itself
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
|
2019-09-30 15:26:26 +04:00 |
|
Swissky
|
3221197b1e
|
RCE vBulletin + findomain
|
2019-09-26 20:41:01 +02:00 |
|
Swissky
|
742e3204d3
|
SharpPersist - Windows Persistence
|
2019-09-13 17:38:23 +02:00 |
|
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
|
Swissky
|
2b1900e046
|
PrivEsc - sudoers + Upload PHP
|
2019-09-02 12:36:40 +02:00 |
|
Swissky
|
3ca07aeb7a
|
Docker Privesc - Unix socket
|
2019-08-30 17:25:07 +02:00 |
|
Alexandre ZANNI
|
72c54b5c1b
|
add missing backtick
|
2019-08-29 09:49:09 +02:00 |
|
Swissky
|
bb305d0183
|
Network Discovery - Masscan update
|
2019-08-29 01:08:26 +02:00 |
|
Swissky
|
6c161f26b2
|
JWT None alternative + MS15-051
|
2019-08-22 23:03:48 +02:00 |
|
David B
|
3fd0791c2a
|
Update Linux - Privilege Escalation.md
Adding a tool that helps with privilege escalation on linux through SUDO.
|
2019-08-19 00:55:30 +02:00 |
|
Swissky
|
8dffb59ac5
|
Pspy + Silver Ticket + MSSQL connect
|
2019-08-18 22:24:48 +02:00 |
|
Swissky
|
4a176615fe
|
CORS Misconfiguration
|
2019-08-18 12:08:51 +02:00 |
|
Swissky
|
b6697d8595
|
SSRF SVG + Windows Token getsystem
|
2019-08-15 18:21:06 +02:00 |
|
Swissky
|
bd449e9cea
|
XSS PostMessage
|
2019-08-03 23:22:14 +02:00 |
|
Swissky
|
6baa446144
|
Directory Traversal CVE 2018 Spring
|
2019-07-27 13:02:16 +02:00 |
|
Swissky
|
98124178db
|
EoP - Juicy Potato
|
2019-07-26 15:29:34 +02:00 |
|
Swissky
|
657823a353
|
PTH Mitigation + Linux Smart Enumeration
|
2019-07-26 14:24:58 +02:00 |
|
Swissky
|
f6c0f226af
|
PXE boot attack
|
2019-07-25 14:08:32 +02:00 |
|
Swissky
|
859695e2be
|
Update PrivExchange based on chryzsh blog post
|
2019-07-24 14:10:58 +02:00 |
|
Swissky
|
a14b3af934
|
Active Directory - Resource Based Constrained Delegation
|
2019-07-22 21:45:50 +02:00 |
|
Swissky
|
45af613fd9
|
Active Directory - Unconstrained delegation
|
2019-07-17 23:17:35 +02:00 |
|
Swissky
|
13ba72f124
|
GraphQL + RDP Bruteforce + PostgreSQL RCE
|
2019-07-01 23:29:29 +02:00 |
|
Swissky
|
46780de750
|
PostgreSQL rewrite + LFI SSH
|
2019-06-29 19:23:34 +02:00 |
|
Swissky
|
144b3827ab
|
MS14-068 + /etc/security/opasswd
|
2019-06-29 17:55:13 +02:00 |
|
Swissky
|
9be62677b6
|
Add root user + PHP null byte version
|
2019-06-24 00:21:39 +02:00 |
|
Swissky
|
9745e67465
|
HQL Injection + references update
|
2019-06-16 23:45:52 +02:00 |
|
Dan Borges
|
24a05c7098
|
Update Windows - Privilege Escalation.md
|
2019-06-11 11:51:09 -07:00 |
|
Swissky
|
8cec2e0ca3
|
Linux PrivEsc - Writable files
|
2019-06-10 11:09:02 +02:00 |
|
Swissky
|
94a60b43d6
|
Writable /etc/sudoers + Meterpreter autoroute
|
2019-06-10 11:00:54 +02:00 |
|
Swissky
|
a85fa5af28
|
Local File Include : rce via mail + kadimus
|
2019-06-10 00:05:47 +02:00 |
|
Swissky
|
5d4f65720a
|
PrivEsc - Common Exploits
|
2019-06-09 20:53:41 +02:00 |
|
Swissky
|
e8cd11f88f
|
plink + sshuttle : Network Pivoting Techniques
|
2019-06-09 18:13:15 +02:00 |
|
Swissky
|
adcea1a913
|
Linux PrivEsc + SSH persistency
|
2019-06-09 16:05:44 +02:00 |
|
Swissky
|
f5a8a6b62f
|
Meterpreter shell
|
2019-06-09 14:26:14 +02:00 |
|
Swissky
|
93f6c03b54
|
GraphQL + LXD/etc/passwd PrivEsc + Win firewall
|
2019-06-09 13:46:40 +02:00 |
|
Swissky
|
f88da43e1c
|
SQL informationschema.processlist + UPNP warning + getcap -ep
|
2019-05-25 18:19:08 +02:00 |
|
Swissky
|
9c2e63818f
|
XSS without parenthesis, semi-colon + Lontara
|
2019-05-15 21:55:17 +02:00 |
|
Swissky
|
b81df17589
|
RFI - Windows SMB allow_url_include = "Off"
|
2019-05-12 22:23:55 +02:00 |
|
Swissky
|
bab04f8587
|
Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp
|
2019-05-12 21:34:09 +02:00 |
|
Swissky
|
765c615efe
|
XSS injection Summary + MSF web delivery
|
2019-05-12 14:22:48 +02:00 |
|
Swissky
|
9dfd7835ea
|
mitm6 + ntlmrelayx
|
2019-04-21 14:08:18 +02:00 |
|
Swissky
|
13864bde04
|
GoGitDumper + MySQL summary rewrite
|
2019-04-15 00:49:56 +02:00 |
|
Swissky
|
b4633bbb66
|
sudo_inject + SSTI FreeMarker + Lin PrivEsc passwords
|
2019-04-14 21:01:14 +02:00 |
|
Swissky
|
c66197903f
|
MYSQL Truncation attack + Windows search where
|
2019-04-14 19:46:34 +02:00 |
|
Swissky
|
546ecd0e36
|
Linux Privesc - /etc/passwd writable
|
2019-04-07 23:40:36 +02:00 |
|
Alex Zeecka
|
4b79b865c9
|
--dc-ip to -dc-ip for psexec cmd
|
2019-04-03 10:45:45 +02:00 |
|
Swissky
|
187762fac5
|
Fix typo in reverse shell
|
2019-04-02 22:45:08 +02:00 |
|
Swissky
|
3af87ddf98
|
Reverse shell summary + golang
|
2019-04-02 22:43:44 +02:00 |
|
kisec
|
1eb57ad919
|
Reverse shell Golang
|
2019-04-01 12:01:45 +09:00 |
|
Swissky
|
289fa8c22b
|
PrivEsc - Linux Task
|
2019-03-31 15:05:13 +02:00 |
|
Swissky
|
90b182f10f
|
AD references - Blog Post + SSTI basic config item
|
2019-03-24 16:26:00 +01:00 |
|
Swissky
|
a509909561
|
PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources
|
2019-03-24 16:00:27 +01:00 |
|
Swissky
|
5d1b8bca79
|
SAML exploitation + ASREP roasting + Kerbrute
|
2019-03-24 13:16:23 +01:00 |
|
Swissky
|
e9489f0768
|
Linux Priv Esc - minor update
|
2019-03-18 23:19:36 +01:00 |
|
Swissky
|
e5090f2797
|
Bazaar - version control system
|
2019-03-15 23:27:14 +01:00 |
|
Swissky
|
ec61e99334
|
Linux - PrivEsc typo
|
2019-03-08 20:09:01 +01:00 |
|
Swissky
|
b22fd26800
|
Linux PrivEsc - LXD Group
|
2019-03-07 15:27:54 +01:00 |
|
Swissky
|
68df152fd3
|
Linux PrivEsc - Wildcard/NFS/Sudo
|
2019-03-07 15:09:06 +01:00 |
|
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
|
Swissky
|
21d1fe7eee
|
Fix name - Part 1
|
2019-03-07 00:07:14 +01:00 |
|
Swissky
|
450de2c90f
|
Typo fix
|
2019-03-04 19:40:34 +01:00 |
|
Swissky
|
e36b15a6d7
|
Windows PrivEsc - Table of content update
|
2019-03-03 20:05:27 +01:00 |
|
Swissky
|
ecadcf3d0f
|
Windows PrivEsc - Full rewrite
|
2019-03-03 20:01:25 +01:00 |
|
Swissky
|
2d5b4f2193
|
Meterpreter generate + LaTeK XSS + Ruby Yaml
|
2019-03-03 16:31:17 +01:00 |
|
Swissky
|
6d2cd684fa
|
Web cache deception resources update
|
2019-03-01 17:49:19 +01:00 |
|
Swissky
|
70225232c9
|
Polyglot Command Injection + XSS HTML file
|
2019-02-28 00:36:53 +01:00 |
|
Swissky
|
a58a8113d1
|
Linux capabilities - setuid + read / Docker group privesc
|
2019-02-26 17:24:10 +01:00 |
|
Swissky
|
78c882fb34
|
Jenkins Grrovy + MSSQL UNC + PostgreSQL list files
|
2019-02-17 20:02:16 +01:00 |
|
Swissky
|
f2273f5cce
|
PrivExchange attack
|
2019-02-10 19:51:54 +01:00 |
|
Swissky
|
8c1c35789d
|
SQLmap tamper update
|
2019-02-10 19:07:27 +01:00 |
|
Swissky
|
1c37517bf3
|
.git/index file parsing + fix CSRF payload typo
|
2019-02-07 23:33:47 +01:00 |
|
Swissky
|
b9f2fe367c
|
Bugfix - Errors in stashed changes
|
2019-01-28 20:27:45 +01:00 |
|
ThunderSon
|
99857a714f
|
fead: add powerless repo to the tools
|
2019-01-27 20:13:06 +02:00 |
|
Swissky
|
e07a654080
|
Command injection renamed + sudo/doas privesc
|
2019-01-22 21:45:41 +01:00 |
|
Swissky
|
4db45a263a
|
MSSQL union based + Windows Runas
|
2019-01-20 16:41:46 +01:00 |
|
Swissky
|
3bcd3d1b3c
|
SUID & Capabilities
|
2019-01-13 22:05:39 +01:00 |
|
Swissky
|
2e3aef1a19
|
Shell IPv6 + Sandbox credential
|
2019-01-07 18:15:45 +01:00 |
|
Swissky
|
e480c9358d
|
SQL wildcard '_' + CSV injection reverse shell
|
2018-12-26 01:02:17 +01:00 |
|
Swissky
|
bd97c0be86
|
README update + Typo fix in Active Directory
|
2018-12-25 20:41:43 +01:00 |
|
Swissky
|
d57d59eca7
|
NTLMv2 hash capturing, cracking, replaying
|
2018-12-25 20:35:39 +01:00 |
|
Swissky
|
d5478d1fd6
|
AWS Pacu and sections + Kerberoasting details
|
2018-12-25 19:38:37 +01:00 |
|
Swissky
|
b9efdb52d3
|
Linux - PrivEsc - First draft
|
2018-12-25 15:51:11 +01:00 |
|
Swissky
|
38c3bfbd9f
|
Windows Priv Esc - Unquoted Path, Password looting and Powershell version
|
2018-12-25 15:19:45 +01:00 |
|
Swissky
|
a6475a19d9
|
Adding references sectio
|
2018-12-24 15:02:50 +01:00 |
|
Swissky
|
b4aff1a826
|
Architecture - Files/Intruder/Images and README + template
|
2018-12-23 00:45:45 +01:00 |
|
Swissky
|
69c1d601fa
|
Kerberoasting + SQLmap write SSH key
|
2018-12-15 00:51:33 +01:00 |
|
Swissky
|
928a454531
|
Blind XSS endpoint + SSRF Google + Nmap subdomains
|
2018-11-25 15:44:17 +01:00 |
|
Swissky
|
1225a9a23d
|
Metasploit Cheatsheet
|
2018-11-24 15:32:44 +01:00 |
|
Swissky
|
565b40d177
|
reGeorg + Meterpreter socks + S3 trick name
|
2018-11-24 13:49:08 +01:00 |
|
Swissky
|
1b2ee3e67a
|
Subdomain enumeration - New Aquatone (Go)
|
2018-11-05 13:45:52 +01:00 |
|
Swissky
|
6bcb43e39c
|
LDAP fix typo + LDAP attributes + LFI filter chaining
|
2018-11-02 13:50:56 +01:00 |
|
Swissky
|
f1eefd2722
|
Script Docker RCE
|
2018-10-18 17:32:01 +02:00 |
|
Swissky
|
35d4139373
|
WebCache param miner file + Reverse shell Python TTY
|
2018-10-08 13:49:50 +02:00 |
|
Swissky
|
f0a8b6f8b8
|
Koadic cheatsheet renamed to "Windows - Post Exploitation"
|
2018-10-04 17:39:55 +02:00 |
|
Swissky
|
9ebf2057c5
|
Koadic Cheatsheet + Linux persistence in startup .desktop file
|
2018-10-04 17:35:57 +02:00 |
|
Swissky
|
747f1d172c
|
Reverse shell python for Windows + Lua + Awk
|
2018-10-02 17:17:03 +02:00 |
|
Swissky
|
824d8c370b
|
Bugfix README + Can I take over xyz
|
2018-10-02 16:57:01 +02:00 |
|
Swissky
|
1c5f8889bd
|
Network Discovery and Subdomains enumerations
|
2018-10-02 16:17:16 +02:00 |
|
Swissky
|
7b49f1b13a
|
PHP Serialization - phpggc
|
2018-10-01 12:30:14 +02:00 |
|
Swissky
|
cce0444245
|
SQL injection - Intruders payloads
|
2018-09-21 18:44:32 +02:00 |
|
Swissky
|
7a80647e63
|
Raw MD5 SQL injection + SSH Konami Code
|
2018-09-10 23:12:29 +02:00 |
|
Swissky
|
beb0ce8c54
|
Linux Persistence + WebLogic RCE
|
2018-09-03 18:41:05 +02:00 |
|
Swissky
|
f612a91bb5
|
LFI via Upload (race condition) + Network Pivot nmap
|
2018-08-26 15:43:26 +02:00 |
|
Swissky
|
b87e14a0ed
|
Markdown formatting - Part 2
|
2018-08-13 12:01:13 +02:00 |
|
Swissky
|
65654f81a4
|
Markdown formatting update
|
2018-08-12 23:30:22 +02:00 |
|
Swissky
|
177c12cb79
|
Multiple update in READMEs + RCE tricks
|
2018-08-12 00:17:58 +02:00 |
|
Swissky
|
644724396f
|
LaTeX display code + XSS location alternative
|
2018-08-01 21:19:18 +02:00 |
|
Swissky
|
93f4bbb19e
|
AD BloodHound + AD Relationship + SSRF Digital Ocean
|
2018-07-15 11:06:43 +02:00 |
|
Swissky
|
cdc3adee51
|
PassTheTicket + OpenShare + Tools(CME example)
|
2018-07-08 20:03:40 +02:00 |
|
Swissky
|
76aefd9da2
|
Path traversal refactor + AD cme module msf/empire + IIS web.config
|
2018-07-07 12:04:55 +02:00 |
|
Swissky
|
a7439d812d
|
Windows port forwarding - Netsh
|
2018-06-09 18:56:19 +02:00 |
|
Swissky
|
4ad7c70e89
|
SSRF to XSS + Retail account Windows
|
2018-06-06 00:05:28 +02:00 |
|
Swissky
|
8eb6cb80f9
|
GPP decrypt + SSRF url for cloud providers
|
2018-05-27 22:27:31 +02:00 |
|
Swissky
|
e261836532
|
Windows PrivEsc + SQLi second order + AD DiskShadow
|
2018-05-20 22:10:33 +02:00 |
|
Swissky
|
f1cb7ce50e
|
SQL Cheatsheets - Refactoring part 1
|
2018-05-16 23:33:14 +02:00 |
|
Swissky
|
81eebeaea2
|
AD - Ropnop Tricks
|
2018-05-08 22:11:36 +02:00 |
|
Swissky
|
6a39f25661
|
AD - refactor part 4 (link and src)
|
2018-05-06 19:07:34 +02:00 |
|
Swissky
|
c5bbe88372
|
AD - refactor part3
|
2018-05-05 23:11:17 +02:00 |
|
Swissky
|
1feccf84cb
|
AD refactor - Part 2 : summary
|
2018-05-05 17:41:04 +02:00 |
|
Swissky
|
6869c399d5
|
AD refactoring part1
|
2018-05-05 17:32:19 +02:00 |
|
Swissky
|
2dcffadd46
|
AD - Little fixes and refactor
|
2018-04-28 19:54:32 +02:00 |
|
Swissky
|
cb3b298451
|
Oracle SQL + SQL injection updates (MS SQL/MYSQL/ GENERAL)
|
2018-04-27 23:31:58 +02:00 |
|
Swissky
|
8209d32baf
|
Abstract for methodology
|
2018-04-23 21:22:11 +02:00 |
|
Swissky
|
54661cbd70
|
Bugfix - Tables Token/Brand
|
2018-04-23 20:55:26 +02:00 |
|
Swissky
|
aace268267
|
Payment functionality - International Tests
|
2018-04-23 20:45:54 +02:00 |
|
Swissky
|
02484cee00
|
BUGFIX: API Payment
|
2018-04-23 18:46:09 +02:00 |
|
Swissky
|
9c5eade544
|
Update methodology - Bugfix
|
2018-04-23 18:44:49 +02:00 |
|
Swissky
|
f832022920
|
Drupalgeddon2 update + Payment API in Methodology
|
2018-04-23 18:41:59 +02:00 |
|
Swissky
|
f62d466340
|
Fix Golden Ticket
|
2018-04-15 16:02:27 +02:00 |
|
Swissky
|
b8fbca3347
|
AD Attack - Golden Ticket + SQL/OpenRed/SSRF
|
2018-04-12 23:23:41 +02:00 |
|
Swissky
|
e6b5dfa3de
|
Fix README broken links
|
2018-03-25 23:51:22 +02:00 |
|
Swissky
|
d1f6e8397d
|
Refactoring XSS 0/?
|
2018-03-23 13:53:53 +01:00 |
|
Swissky
|
30019235f8
|
SQLmap tips + Active Directory attacks + SQLite injections
|
2018-03-12 09:17:31 +01:00 |
|
Swissky
|
b87c3fd7ff
|
Traversal Dir + NoSQL major updates + small addons
|
2018-02-15 23:27:42 +01:00 |
|
Swissky
|
3793d91fd4
|
Mimikatz + Credential Windows + XXE update
|
2017-12-06 20:40:29 +01:00 |
|
Swissky
|
2c048f7b52
|
SSRF Ip script + DDL & Execute Windows
|
2017-11-24 09:57:48 +01:00 |
|
Swissky
|
dad26ce5e5
|
More Burp Intruder file - SQLi + Path traversal + XSS
|
2017-08-06 01:12:41 +02:00 |
|