Commit Graph

544 Commits

Author SHA1 Message Date
Markus
838d7c8c65
Update Active Directory Attack.md
Change recursive parameter for smbmap as listed in the documentation
2023-12-14 11:56:04 +01:00
Swissky
57703ed7ed plocate and Azure AD updates 2023-12-01 22:21:05 +01:00
enaylal
4684fed4aa add priv esc windows 2023-11-16 23:37:12 +01:00
Swissky
d80068cc1b Privileged File Delete 2023-11-04 15:52:29 +01:00
Swissky
46208ca898 Prompt Injection - RCE payloads 2023-11-01 13:56:38 +01:00
Swissky
ed081d7f29 Vulnerability Reports 2023-10-31 17:45:24 +01:00
Swissky
07cf2831ca AWS Key ID + UAC + Race Condition 2023-10-28 17:31:59 +02:00
Swissky
3ad350b753 Prompts Examples 2023-10-22 17:17:55 +02:00
Swissky
e86f221fe8 Fix typo in MSI installer 2023-10-11 21:05:54 +02:00
Swissky
5556f6ff79 MSI Installer - PrivEsc 2023-10-11 21:03:47 +02:00
Swissky
103f41898b
Merge pull request #663 from cfpadok/develop
feat: add cognito-scanner tool for AWS pentest
2023-10-09 23:19:43 +02:00
Swissky
d142587f28 Race Condition WIP + AD asreproast/kerberoasting 2023-10-01 12:42:20 +02:00
nuts7
0cea24cfcb Add Kerberoasting w/o domain account
This commit add a Kerberoasting technique without domain account/credentials just a user without pre-authentication (AS_REP Roastable)
2023-09-22 13:38:28 +02:00
Swissky
e9fb4f100c Google Web Toolkit 2023-09-19 09:58:22 +02:00
Thigh_GoD
c7549916b8
Update Reverse Shell Cheatsheet.md
Added small quality adjustment.
2023-09-09 03:51:35 +08:00
Thigh_GoD
cf9b9bf70c
Update Reverse Shell Cheatsheet.md
Added in automatic shell upgrade via rustcat.
2023-09-08 21:15:54 +08:00
Swissky
7752ff806f ASPNET Cookieless Bypass 2023-09-02 23:01:10 +02:00
Seth Art
339a51cd0d
Added CloudFox and CloudFoxable 2023-08-30 14:11:11 -04:00
Swissky
53ec79abd0 Initial Access Cheatsheet 2023-08-26 22:01:45 +02:00
Tristan D'audibert
aea130a1ac Add Rust reverse shell for unix 2023-08-21 17:50:11 +02:00
cfgs
538a7b024b feat: add cognito-scanner tool for AWS pentest 2023-08-08 10:41:54 +02:00
Yann CAM (ycam)
e80702d599
More details on NetNTLMv1 + typos
More details on NetNTLMv1 + typos
2023-07-25 11:31:35 +02:00
Yann CAM (ycam)
4336cb1fd5
Update NetNTLMv1 breaking methodology
Add SHuck.Sh/ShuckNT process and details.
2023-07-25 11:11:36 +02:00
Swissky
87e6f55e16 Error Based XXE - Local DTD 2023-07-18 18:23:34 +02:00
mpgn
35b0d672f0
Use new offical CME repository 2023-06-28 10:12:15 +02:00
Swissky
113afae290 AWS EC2 Metadata + SSSD token deobfuscate 2023-06-27 15:45:29 +02:00
Swissky
e9c1ce1c09 AWS Key Patterns 2023-06-22 19:03:06 +02:00
Swissky
b8c803717a WDAC Policy Removal + SSRF domains 2023-05-31 14:18:25 +02:00
Rdbo
83b2d80a56
fixed typos 2023-05-18 01:58:36 +00:00
Swissky
6adfe5d865 GraphQL Batching Attacks 2023-05-15 19:23:07 +02:00
Swissky
5af6a23a2e DPAPI LocalMachine + BitLocker 2023-05-08 17:08:25 +02:00
m3dsec
8156f495fb
Add Kerberos CVE-2022-33679 (RC4 Is Still Considered Harmful) 2023-04-30 21:45:33 +01:00
ZkClown
0f4d747913 Add injection into AD through ldap signing not required and ldap channel binding disabled 2023-04-20 15:38:26 +02:00
ZkClown
8b543c80aa Add network scan with pure bash 2023-04-20 15:21:48 +02:00
ZkClown
2a4ce78080 Add Office execute WinAPI via VBA 2023-04-20 15:00:33 +02:00
ZkClown
47df1695a1 Add Powerhsell Reflection through Delegate Type and Basic HTML Smuggling 2023-04-19 17:59:10 +02:00
Swissky
86cc53244d LOL Drivers 2023-04-07 09:22:07 +02:00
Swissky
30d17b4924 Fix markdown typo ESC1-9 2023-04-05 12:47:47 +02:00
Swissky
0a70636d28 ETW Providers 2023-04-03 10:48:53 +02:00
Swissky
fddd094ee1 LFI iconv and dechunk + ETW + NTDS Dump Rework 2023-03-27 22:38:25 +02:00
Swissky
dd0c23f9a2 ImageMagick Typo 2023-03-19 22:46:56 +01:00
Swissky
723b3213b2 Windows Information Protection 2023-03-18 19:55:43 +01:00
Swissky
d5729888c3 S4U Extension 2023-03-11 17:53:16 +01:00
Swissky
b88457367b Active Directory Integrated DNS 2023-03-11 11:52:52 +01:00
Swissky
f379b60ef1 Web Theme + Credential Guard + PPL 2023-03-10 22:14:22 +01:00
Swissky
e43f1527c0 JWT rework 0.2: jwks + kid + cve 2023-03-07 11:39:39 +01:00
Swissky
2a3d175620 GraphQL and JWT rework v0.1 2023-03-05 12:05:43 +01:00
Swissky
c9d0878817 Kerberos Tickets Dump, Convert, Replay 2023-02-21 23:21:22 +01:00
Swissky
2a65b59c01 RODC + PAM Trusts 2023-02-20 18:44:44 +01:00
Swissky
a38701a7e2 MOTD + SpEL injection 2023-02-20 17:21:43 +01:00