ch0ic3/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 18:36:10 +00:00

Author	SHA1	Message	Date
Swissky	d40e055629	Golden GMSA + Scheduled Task	2022-03-15 11:15:44 +01:00
Swissky	4abd52697f	MSSQL Agent Command Execution	2022-03-10 11:05:17 +01:00
Swissky	540d3ca399	Vajra + MSSQL hashes	2022-03-05 18:31:15 +01:00
Swissky	521975a05c	AV Removal + Cobalt SleepKit	2022-03-01 23:01:25 +01:00
Swissky	3e3562e553	ESC3 - Misconfigured Enrollment Agent Templates + Certipy v2	2022-02-20 13:15:28 +01:00
Swissky	71dcfd5ca7	ADCS ESC7 Shell + Big Query SQL	2022-02-18 14:50:38 +01:00
brightio	d36f98b4ca	Update LinPEAS links	2022-01-31 12:16:29 +01:00
Swissky	0b5c5acb87	ESC7 - Vulnerable Certificate Authority Access Control	2022-01-30 23:41:31 +01:00
Eslam Salem	d7e357f53a	fix rm bug in netcat reverseshell on OpenBSD & BusyBox	2022-01-29 17:19:30 +02:00
clem9669	05a77e06fc	Update Active Directory Attack.md Updating the scanner modules for PingCastle.exe	2022-01-26 13:13:11 +00:00
Alexandre ZANNI	a397a3d643	add revshellgen and merge to tools section	2022-01-22 23:08:25 +01:00
Alexandre ZANNI	a077ceab7c	add tools section	2022-01-22 22:57:37 +01:00
clem9669	76ec08cfb4	Update Active Directory Attack.md Correcting typo Removing dead website Adjusting techniques	2022-01-18 22:52:58 +01:00
Swissky	f0085e158b	Removing potential DMCA material	2022-01-05 22:22:08 +01:00
clem9669	4642dd44fc	Update Hash Cracking.md Hey 👋 Updating content with more information and more accurate resources.	2022-01-05 18:25:31 +00:00
Swissky	dfe830d183	RODC - Read Only Domain Controller Compromise	2022-01-04 21:11:26 +01:00
Swissky	b5df6e1447	ESC6 - EDITF_ATTRIBUTESUBJECTALTNAME2 + Golden Certificate	2022-01-01 20:42:58 +01:00
Swissky	c9ef8f7f49	Graftcp Cheatsheet	2021-12-29 18:16:26 +01:00
Swissky	8411a0640d	ESC4 - Access Control Vulnerabilities	2021-12-29 15:00:22 +01:00
Swissky	27768783ff	Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings	2021-12-29 14:52:20 +01:00
Swissky	e3fb516747	MAQ + WEBDAV	2021-12-29 14:48:42 +01:00
Alexandre ZANNI	a430cfcc4e	update PowerGPOAbuse task command	2021-12-22 16:09:07 +01:00
Swissky	0d6d6049ce	AD + Log4shell + Windows Startup	2021-12-16 09:52:51 +01:00
Swissky	5714b9c9d7	samAccountName spoofing + Java RMI	2021-12-13 20:42:31 +01:00
Swissky	10974722b1	BloodHound Custom Queries + MSSQL CLR	2021-12-12 23:04:35 +01:00
CravateRouge	8da5f36f85	Add alternatives for AD ACL abuse from Linux	2021-11-15 17:36:05 +01:00
Swissky	3366f5eaac	Merge pull request #445 from NirLevy98/reverse_shell_delete-unused-imports Delete unused import	2021-11-07 21:16:37 +01:00
Swissky	7d9dd6806e	Powershell Cheatsheet	2021-11-06 19:14:47 +01:00
Swissky	1c8067a150	Relaying with WebDav Trick + Shadow Credential	2021-10-30 21:04:23 +02:00
Swissky	e3373dd108	UnPAC The Hash + MachineKeys.txt	2021-10-26 21:56:39 +02:00
Swissky	1a3058f40c	Device Code Phish	2021-10-24 20:07:46 +02:00
Nir	4207479cce	Delete unused imports	2021-10-16 11:33:38 +03:00
Markus	6584df310f	Update Windows - Persistence.md Add example to `disable windows defender` which uses MpCmdRun.exe to reset the current definitions. I recently used this and it was sufficient, that defender did not recognize previously flagged malicious files. It is quite helpful in case, that Set-MpPreference is not present or that the attacker is not allowed to adjust the service.	2021-10-14 08:53:25 +02:00
marcan2020	39a89e937a	Update breakout techniques - Add a section on unassociated protocols - Add paths to access filesystem via the address bar - Fix Stick Keys link - Fix Task Manager shortcut - Add reference to HackTricks	2021-10-11 13:53:19 -04:00
Markus	d1345b0016	Update Hash Cracking Methodology Add some structure to add additional tools. Fix some typo. Add online resources for cracking password hashes.	2021-10-11 17:08:46 +02:00
Swissky	883c35a9e5	Hash Cracking v0.1	2021-10-10 23:05:01 +02:00
p0dalirius	09b1b8984a	Update Active Directory Attack.md	2021-10-06 09:05:49 +02:00
p0dalirius	8045496946	Update Active Directory Attack.md	2021-10-06 08:59:13 +02:00
p0dalirius	19b4bee7a0	Update Active Directory Attack.md	2021-10-06 08:54:16 +02:00
p0dalirius	e0b8bee5a6	Update Active Directory Attack.md	2021-10-06 08:45:44 +02:00
p0dalirius	25b6003229	Update Active Directory Attack.md	2021-10-06 08:29:59 +02:00
p0dalirius	ee53c960f0	Update Active Directory Attack.md	2021-10-06 08:24:51 +02:00
p0dalirius	6d816c6e4b	Update Active Directory Attack.md	2021-10-06 08:23:07 +02:00
Podalirius	286b7c507e	Update Active Directory Attack.md	2021-10-06 08:15:51 +02:00
Swissky	000d1f9260	Merge pull request #426 from CravateRouge/patch-2 Add python check for ZeroLogon	2021-10-01 00:58:58 +02:00
CravateRouge	52d83bea5f	Add python check for ZeroLogon	2021-09-30 23:38:48 +02:00
CravateRouge	1cdd284f5b	Add Linux alternatives for GenericWrite abuse	2021-09-30 22:17:20 +02:00
Swissky	d2f63406cd	IIS + Certi + NetNTLMv1	2021-09-16 17:45:29 +02:00
Swissky	3af70155e2	DCOM Exec Impacket	2021-09-07 14:48:57 +02:00
Swissky	23438cc68e	Mitigation NTLMv1	2021-09-07 10:22:39 +02:00
Swissky	c8076e99c9	Net-NTLMv1 + DriverPrinter	2021-09-06 20:58:44 +02:00
Swissky	0f94adafe5	ESC2 + Windows Search Connectors - Windows Library Files	2021-09-01 14:10:53 +02:00
Swissky	f89597725a	Merge pull request #416 from Bort-Millipede/master Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…	2021-08-25 22:17:53 +02:00
Swissky	69b99826d2	AD CS Attacks	2021-08-25 22:14:44 +02:00
Jeffrey Cap	9bde75b32d	Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload	2021-08-23 14:41:40 -05:00
Swissky	fde99044c5	CS NTLM Relay	2021-08-22 23:03:02 +02:00
Swissky	87be30d3b2	DB2 Injection + ADCS	2021-08-10 23:00:19 +02:00
Swissky	7ab7664469	Merge pull request #399 from Bort-Millipede/master New/Updated Python Linux Reverse Shells	2021-07-31 11:26:36 +02:00
Jeffrey Cap	37e69b6162	Revised Linux Python Reverse Shells; Added New Linux Python Reverse Shells	2021-07-26 20:55:49 -05:00
Swissky	d9d4a54d03	RemotePotato0 + HiveNightmare	2021-07-26 21:25:56 +02:00
M4x	9086ff9d03	add missing header file	2021-07-26 16:04:39 +08:00
Swissky	3a4bd97762	AD CS - Mimikatz / Rubeus	2021-07-25 11:40:19 +02:00
Swissky	44735975a5	Active Directory update	2021-07-12 20:45:16 +02:00
Swissky	175c676f1e	Tmux PrivEsc + PrintNightmare update	2021-07-12 14:42:18 +02:00
Alexandre ZANNI	e2ff22b136	add CVE-2021-34527 + It Was All A Dream scanner	2021-07-08 10:40:01 +02:00
Swissky	2f8fc7bbb9	PrintNightmare - Mimikatz	2021-07-05 21:57:14 +02:00
Swissky	459f4c03fc	Dependency Confusion + LDAP	2021-07-04 13:32:32 +02:00
Sean R. Abraham	1fcbd576fe	Fix typo in Linux - Persistence.md	2021-07-02 16:18:35 -06:00
Sameer Bhatt (debugger)	0b8293b135	Added Reverse Shell using Telnet Added Reverse Shell using Telnet.	2021-07-01 20:29:56 +05:30
Swissky	80816aee31	PrintNightmare - #385	2021-07-01 14:40:03 +02:00
Swissky	4e95162dc3	BadPwdCount attribute + DNS	2021-06-28 22:08:06 +02:00
Swissky	ab0e487500	Cobalt Strike spunner + pivotnacci	2021-06-27 23:58:13 +02:00
leongross	e31de3dd6b	Update Subdomains Enumeration.md	2021-06-25 09:17:27 +02:00
Swissky	85a7ac8a76	Shadow Credentials + AD CS Relay + SSSD KCM	2021-06-24 15:26:05 +02:00
Swissky	a723a34449	PS Transcript + PPLdump.exe	2021-05-06 18:26:00 +02:00
soka	a4bdabea83	Add AWS DynamoDB enumeration	2021-04-30 21:44:21 +02:00
Swissky	1592756f9c	Merge pull request #348 from pswalia2u/patch-1 Update Reverse Shell Cheatsheet.md	2021-04-26 10:05:59 +02:00
Swissky	08b59f2856	AD update CME+DCOM	2021-04-21 22:27:07 +02:00
Ryan Montgomery	7ae038d919	Update Reverse Shell Cheatsheet.md Added: Automatic Reverse Shell Generator	2021-04-18 10:50:41 -04:00
clem9669	7a564cb859	Update Linux - Privilege Escalation.md Fixing Markdow URL typo in writable network-scripts section	2021-04-15 10:07:43 +00:00
Micah Van Deusen	f23de13d96	Added method to read gMSA	2021-04-10 10:58:05 -05:00
Ricardo	604618ed41	Improve Ruby reverse shell Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.	2021-04-02 16:36:58 -04:00
secnigma	059a866fd2	Added Netcat BusyBox Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.	2021-04-01 13:27:20 +05:30
pswalia2u	209380740b	Update Reverse Shell Cheatsheet.md Added new Bash TCP reverse shell	2021-03-28 18:58:07 +05:30
Swissky	0443babe35	Relay + MSSQL Read File	2021-03-25 18:25:02 +01:00
Swissky	f6b9d63bf8	DCOM exploitation and MSSQL CLR	2021-03-24 22:26:23 +01:00
Swissky	bd2166027e	GMSA Password + Dart Reverse Shell	2021-03-24 12:44:35 +01:00
cosmin-bianu	13d54a5c24	Fixed Java payload - Declared variables - Added semicolons at the end of each line - Fixed the bash command	2021-03-12 13:20:15 +02:00
c14dd49h	ca28c69e67	Update Active Directory Attack.md	2021-02-26 14:14:10 +01:00
Swissky	8d31b7240b	Office Attacks	2021-02-21 20:17:57 +01:00
mpgn	d1c23c5863	Unload the service mimi	2021-02-17 12:21:16 +01:00
mpgn	9be371d793	add mimikatz command to protect a process again after removing the protection `fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)`	2021-02-17 12:15:47 +01:00
Valentín Blanco	73f6ab940c	Update Windows - Privilege Escalation.md Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.	2021-02-10 15:52:41 +01:00
Jakub 'unknow' Mrugalski	9244fe0480	[typo] changed sshs_config to sshd_config	2021-02-05 12:24:49 +01:00
Swissky	092083af5c	AD - Printer Bug + Account Lock	2021-01-29 22:10:22 +01:00
PinkDev1	93769768e2	Added EoP - $PATH Interception	2021-01-28 19:45:54 +00:00
Swissky	01aadf3a44	Alternate Data Stream	2021-01-13 10:22:59 +01:00
lanjelot	5cfa93f98b	Add new cloudsplaining tool to AWS Pentest page	2021-01-12 22:59:37 +11:00
Swissky	3a6ac550b8	DSRM Admin	2021-01-08 23:41:50 +01:00
Tim Gates	7846225bfd	docs: fix simple typo, accound -> account There is a small typo in Methodology and Resources/Active Directory Attack.md. Should read `account` rather than `accound`.	2020-12-23 09:16:40 +11:00

1 2 3 4 5 ...

432 Commits