Commit Graph

193 Commits

Author SHA1 Message Date
Swissky
11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358
b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky
ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky
7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
OOP
f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky
357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Mark
3fb2a9006f
Add Spyse to network discovery
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
2019-09-30 15:26:26 +04:00
Swissky
3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky
742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky
5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky
2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky
3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Alexandre ZANNI
72c54b5c1b
add missing backtick 2019-08-29 09:49:09 +02:00
Swissky
bb305d0183 Network Discovery - Masscan update 2019-08-29 01:08:26 +02:00
Swissky
6c161f26b2 JWT None alternative + MS15-051 2019-08-22 23:03:48 +02:00
David B
3fd0791c2a
Update Linux - Privilege Escalation.md
Adding a tool that helps with privilege escalation on linux through SUDO.
2019-08-19 00:55:30 +02:00
Swissky
8dffb59ac5 Pspy + Silver Ticket + MSSQL connect 2019-08-18 22:24:48 +02:00
Swissky
4a176615fe CORS Misconfiguration 2019-08-18 12:08:51 +02:00
Swissky
b6697d8595 SSRF SVG + Windows Token getsystem 2019-08-15 18:21:06 +02:00
Swissky
bd449e9cea XSS PostMessage 2019-08-03 23:22:14 +02:00
Swissky
6baa446144 Directory Traversal CVE 2018 Spring 2019-07-27 13:02:16 +02:00
Swissky
98124178db EoP - Juicy Potato 2019-07-26 15:29:34 +02:00
Swissky
657823a353 PTH Mitigation + Linux Smart Enumeration 2019-07-26 14:24:58 +02:00
Swissky
f6c0f226af PXE boot attack 2019-07-25 14:08:32 +02:00
Swissky
859695e2be Update PrivExchange based on chryzsh blog post 2019-07-24 14:10:58 +02:00
Swissky
a14b3af934 Active Directory - Resource Based Constrained Delegation 2019-07-22 21:45:50 +02:00
Swissky
45af613fd9 Active Directory - Unconstrained delegation 2019-07-17 23:17:35 +02:00
Swissky
13ba72f124 GraphQL + RDP Bruteforce + PostgreSQL RCE 2019-07-01 23:29:29 +02:00
Swissky
46780de750 PostgreSQL rewrite + LFI SSH 2019-06-29 19:23:34 +02:00
Swissky
144b3827ab MS14-068 + /etc/security/opasswd 2019-06-29 17:55:13 +02:00
Swissky
9be62677b6 Add root user + PHP null byte version 2019-06-24 00:21:39 +02:00
Swissky
9745e67465 HQL Injection + references update 2019-06-16 23:45:52 +02:00
Dan Borges
24a05c7098
Update Windows - Privilege Escalation.md 2019-06-11 11:51:09 -07:00
Swissky
8cec2e0ca3 Linux PrivEsc - Writable files 2019-06-10 11:09:02 +02:00
Swissky
94a60b43d6 Writable /etc/sudoers + Meterpreter autoroute 2019-06-10 11:00:54 +02:00
Swissky
a85fa5af28 Local File Include : rce via mail + kadimus 2019-06-10 00:05:47 +02:00
Swissky
5d4f65720a PrivEsc - Common Exploits 2019-06-09 20:53:41 +02:00
Swissky
e8cd11f88f plink + sshuttle : Network Pivoting Techniques 2019-06-09 18:13:15 +02:00
Swissky
adcea1a913 Linux PrivEsc + SSH persistency 2019-06-09 16:05:44 +02:00
Swissky
f5a8a6b62f Meterpreter shell 2019-06-09 14:26:14 +02:00
Swissky
93f6c03b54 GraphQL + LXD/etc/passwd PrivEsc + Win firewall 2019-06-09 13:46:40 +02:00
Swissky
f88da43e1c SQL informationschema.processlist + UPNP warning + getcap -ep 2019-05-25 18:19:08 +02:00
Swissky
9c2e63818f XSS without parenthesis, semi-colon + Lontara 2019-05-15 21:55:17 +02:00
Swissky
b81df17589 RFI - Windows SMB allow_url_include = "Off" 2019-05-12 22:23:55 +02:00
Swissky
bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky
765c615efe XSS injection Summary + MSF web delivery 2019-05-12 14:22:48 +02:00
Swissky
9dfd7835ea mitm6 + ntlmrelayx 2019-04-21 14:08:18 +02:00
Swissky
13864bde04 GoGitDumper + MySQL summary rewrite 2019-04-15 00:49:56 +02:00
Swissky
b4633bbb66 sudo_inject + SSTI FreeMarker + Lin PrivEsc passwords 2019-04-14 21:01:14 +02:00
Swissky
c66197903f MYSQL Truncation attack + Windows search where 2019-04-14 19:46:34 +02:00
Swissky
546ecd0e36 Linux Privesc - /etc/passwd writable 2019-04-07 23:40:36 +02:00
Alex Zeecka
4b79b865c9
--dc-ip to -dc-ip for psexec cmd 2019-04-03 10:45:45 +02:00
Swissky
187762fac5
Fix typo in reverse shell 2019-04-02 22:45:08 +02:00
Swissky
3af87ddf98 Reverse shell summary + golang 2019-04-02 22:43:44 +02:00
kisec
1eb57ad919 Reverse shell Golang 2019-04-01 12:01:45 +09:00
Swissky
289fa8c22b PrivEsc - Linux Task 2019-03-31 15:05:13 +02:00
Swissky
90b182f10f AD references - Blog Post + SSTI basic config item 2019-03-24 16:26:00 +01:00
Swissky
a509909561 PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources 2019-03-24 16:00:27 +01:00
Swissky
5d1b8bca79 SAML exploitation + ASREP roasting + Kerbrute 2019-03-24 13:16:23 +01:00
Swissky
e9489f0768 Linux Priv Esc - minor update 2019-03-18 23:19:36 +01:00
Swissky
e5090f2797 Bazaar - version control system 2019-03-15 23:27:14 +01:00
Swissky
ec61e99334 Linux - PrivEsc typo 2019-03-08 20:09:01 +01:00
Swissky
b22fd26800 Linux PrivEsc - LXD Group 2019-03-07 15:27:54 +01:00
Swissky
68df152fd3 Linux PrivEsc - Wildcard/NFS/Sudo 2019-03-07 15:09:06 +01:00
Swissky
404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00
Swissky
21d1fe7eee Fix name - Part 1 2019-03-07 00:07:14 +01:00
Swissky
450de2c90f Typo fix 2019-03-04 19:40:34 +01:00
Swissky
e36b15a6d7 Windows PrivEsc - Table of content update 2019-03-03 20:05:27 +01:00
Swissky
ecadcf3d0f Windows PrivEsc - Full rewrite 2019-03-03 20:01:25 +01:00
Swissky
2d5b4f2193 Meterpreter generate + LaTeK XSS + Ruby Yaml 2019-03-03 16:31:17 +01:00
Swissky
6d2cd684fa Web cache deception resources update 2019-03-01 17:49:19 +01:00
Swissky
70225232c9 Polyglot Command Injection + XSS HTML file 2019-02-28 00:36:53 +01:00
Swissky
a58a8113d1 Linux capabilities - setuid + read / Docker group privesc 2019-02-26 17:24:10 +01:00
Swissky
78c882fb34 Jenkins Grrovy + MSSQL UNC + PostgreSQL list files 2019-02-17 20:02:16 +01:00
Swissky
f2273f5cce PrivExchange attack 2019-02-10 19:51:54 +01:00
Swissky
8c1c35789d SQLmap tamper update 2019-02-10 19:07:27 +01:00
Swissky
1c37517bf3 .git/index file parsing + fix CSRF payload typo 2019-02-07 23:33:47 +01:00
Swissky
b9f2fe367c Bugfix - Errors in stashed changes 2019-01-28 20:27:45 +01:00
ThunderSon
99857a714f
fead: add powerless repo to the tools 2019-01-27 20:13:06 +02:00
Swissky
e07a654080 Command injection renamed + sudo/doas privesc 2019-01-22 21:45:41 +01:00
Swissky
4db45a263a MSSQL union based + Windows Runas 2019-01-20 16:41:46 +01:00
Swissky
3bcd3d1b3c SUID & Capabilities 2019-01-13 22:05:39 +01:00
Swissky
2e3aef1a19 Shell IPv6 + Sandbox credential 2019-01-07 18:15:45 +01:00
Swissky
e480c9358d SQL wildcard '_' + CSV injection reverse shell 2018-12-26 01:02:17 +01:00
Swissky
bd97c0be86 README update + Typo fix in Active Directory 2018-12-25 20:41:43 +01:00
Swissky
d57d59eca7 NTLMv2 hash capturing, cracking, replaying 2018-12-25 20:35:39 +01:00
Swissky
d5478d1fd6 AWS Pacu and sections + Kerberoasting details 2018-12-25 19:38:37 +01:00
Swissky
b9efdb52d3 Linux - PrivEsc - First draft 2018-12-25 15:51:11 +01:00
Swissky
38c3bfbd9f Windows Priv Esc - Unquoted Path, Password looting and Powershell version 2018-12-25 15:19:45 +01:00
Swissky
a6475a19d9 Adding references sectio 2018-12-24 15:02:50 +01:00
Swissky
b4aff1a826 Architecture - Files/Intruder/Images and README + template 2018-12-23 00:45:45 +01:00
Swissky
69c1d601fa Kerberoasting + SQLmap write SSH key 2018-12-15 00:51:33 +01:00
Swissky
928a454531 Blind XSS endpoint + SSRF Google + Nmap subdomains 2018-11-25 15:44:17 +01:00
Swissky
1225a9a23d Metasploit Cheatsheet 2018-11-24 15:32:44 +01:00
Swissky
565b40d177 reGeorg + Meterpreter socks + S3 trick name 2018-11-24 13:49:08 +01:00
Swissky
1b2ee3e67a Subdomain enumeration - New Aquatone (Go) 2018-11-05 13:45:52 +01:00
Swissky
6bcb43e39c LDAP fix typo + LDAP attributes + LFI filter chaining 2018-11-02 13:50:56 +01:00
Swissky
f1eefd2722 Script Docker RCE 2018-10-18 17:32:01 +02:00
Swissky
35d4139373 WebCache param miner file + Reverse shell Python TTY 2018-10-08 13:49:50 +02:00
Swissky
f0a8b6f8b8 Koadic cheatsheet renamed to "Windows - Post Exploitation" 2018-10-04 17:39:55 +02:00