Swissky
c9d0878817
Kerberos Tickets Dump, Convert, Replay
2023-02-21 23:21:22 +01:00
Swissky
2a65b59c01
RODC + PAM Trusts
2023-02-20 18:44:44 +01:00
Swissky
a38701a7e2
MOTD + SpEL injection
2023-02-20 17:21:43 +01:00
Swissky
cedf4aa9f6
Office Default Passwords + SMBExec
2023-02-17 12:01:52 +01:00
Swissky
8442b304c9
SMBExec + Refresh & Access Token Azure
2023-02-15 17:03:49 +01:00
Swissky
ae46ac0338
WMIExec + SharpSCCM
2023-02-15 12:33:20 +01:00
Swissky
36e135776f
AD Groups + PowerShell Defenses
2023-02-14 15:13:41 +01:00
Swissky
f1a85f22b9
Windows Defenses
2023-02-12 18:17:09 +01:00
Swissky
9a511046ae
GPO update timing
2023-02-11 20:29:32 +01:00
Swissky
c08949fdc2
Github Pages Trigger
2023-02-11 20:22:28 +01:00
Swissky
14cc88371d
WSL + RDP Passwords + MSPaint Escape
2023-02-11 17:49:55 +01:00
Swissky
ccae5a6e09
Credentials Rework
2023-02-11 12:07:25 +01:00
Shantanu Kale
b03250a4f6
Add Training, AzureGoat
2023-02-01 09:48:26 +05:30
Shantanu Kale
ce40e39dcc
Add AWSGoat
2023-02-01 09:46:13 +05:30
CravateRouge
a8bef1873a
Add PrintNightmare exploit using WebDAV
2023-01-23 17:06:05 +01:00
CravateRouge
230f8c3688
Add SSL MITM using OpenSSL
2023-01-19 16:33:11 +01:00
Swissky
1a9bfdd86f
Merge pull request #614 from Darktortue/patch-zerologon
...
Added zerologon authentication relay technique
2023-01-10 21:11:43 +01:00
Darktortue
8caba394d5
Added zerologon authentication relay technique
2023-01-10 11:23:45 +01:00
Swissky
b27ba26af9
Merge pull request #609 from m3dsec/patch-1
...
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.
2023-01-10 11:06:07 +01:00
Jérémy LARDENOIS
3a97ad3f41
fix: remove docker metasploit installation
2023-01-10 08:51:28 +01:00
Swissky
d4742a9688
SOCKS Compatibility Table + CORS
2023-01-05 01:50:11 +01:00
m3dsec
834c6bca20
Update bloodyAD.py when enabling DONT_REQ_PREAUTH for ASREPRoast attack.
2023-01-01 14:24:57 +01:00
Swissky
5190829ab4
RustHound Examples
2022-12-30 11:01:31 +01:00
hackprogrammatic
749420fdd2
Update Cloud - AWS Pentest.md
...
spelling errors, update allows users to easily copy/paste
2022-12-07 22:47:41 -06:00
Swissky
d67ec2469c
SCCM Shares
2022-12-04 11:38:19 +01:00
Swissky
cbb2137f3b
ESC11 - Relay NTLM to ICPR
2022-11-21 10:48:27 +01:00
Swissky
2ed3c03e78
Kubernetes Pentest
2022-11-18 13:00:11 +01:00
Swissky
5966c3a21b
NTDS Reversible Encryption
2022-11-11 14:52:56 +01:00
CravateRouge
95e989f5a1
Add application endpoint enumeration
2022-11-07 11:47:47 +01:00
Swissky
e5ea12a3ca
Active Directory Federation Services
2022-11-07 10:10:33 +01:00
Swissky
3e9ef2efbe
ADFS Golden SAML
2022-11-07 10:10:21 +01:00
Swissky
0212830fb4
Merge pull request #599 from CravateRouge/patch-5
...
Fix broken link not compatible with MkDocs
2022-11-06 12:34:56 +01:00
CravateRouge
c14392731c
Fix broken link not compatible with MkDocs
2022-11-06 12:12:36 +01:00
CravateRouge
e5a18a72c2
findstr ignore error and print results in file
2022-11-06 11:58:00 +01:00
Swissky
c17ae602fc
Merge pull request #596 from CravateRouge/patch-2
...
Add AzureHound examples
2022-11-04 16:42:49 +01:00
CravateRouge
18c656f756
Add AzureHound examples
2022-11-04 15:09:39 +01:00
CravateRouge
598751f7c6
Redirect duplicate
2022-11-04 14:43:20 +01:00
CravateRouge
a287736a3a
Add Snaffpoint usage example
2022-11-04 14:15:08 +01:00
Swissky
e556e9ad40
Merge pull request #589 from jaxBCD/patch-2
...
Update Subdomain enumeration
2022-11-03 21:34:48 +01:00
Swissky
3dd7f46717
Update Subdomains Enumeration.md
2022-11-03 21:34:34 +01:00
Swissky
2227472e1c
.NET formatters and POP gadgets
2022-11-03 21:31:50 +01:00
Marcus T
11fbceca31
Add git persistence techniques
...
Adds information about backdooring git configs and git hooks.
2022-10-29 19:37:32 -07:00
Marcus T
501975a330
Add timestomping to Linux evasion techniques
2022-10-26 15:40:03 -04:00
jaxBCD
d999f798d7
Update Subdomain enumeration
2022-10-25 15:44:37 +07:00
Fabian S. Varon Valencia
3adbd70b01
remove not found links
2022-10-24 12:29:59 -05:00
Fabian S. Varon Valencia
b00ba7f38d
replace currento 404 link with 200 time Machine web snapshot
2022-10-24 12:29:32 -05:00
Fabian S. Varon Valencia
9128b183d3
update link URL
2022-10-24 12:28:31 -05:00
Swissky
fe41254fde
XXS Public Example + PHP Filter RCE
2022-10-24 12:05:39 +02:00
Swissky
35ff178624
Merge pull request #587 from abhishekchak52/typo-grammar-fix
...
Typo and grammar fix
2022-10-23 11:20:30 +02:00
Abhishek Chakraborty
37da322136
Typo and grammar fix
2022-10-22 17:47:10 -07:00
nzdjb
c5146f5dc8
feat: Explain ec2:AssociateIamInstanceProfile
...
Add explanation for ec2:AssociateIamInstanceProfile.
Also, fix a typo.
2022-10-23 09:24:08 +13:00
7RU7H
22fe4d16e2
Update Windows -Privilege Escalation - Typo Fix
...
# Line 304 - Typo: `...\CurentControlSet\..` -> `...\CurrentControlSet\..`
2022-10-22 14:27:01 +01:00
Swissky
8df30de938
Remove deadlink
2022-10-21 12:16:32 +02:00
Swissky
2fc3eed8a5
Insecure Randomness
2022-10-17 11:07:33 +02:00
Swissky
8df0f565f3
Sapphire and Diamond Tickets
2022-10-16 20:46:05 +02:00
Swissky
b7043cfedd
Bug Hunting Methodology Update
2022-10-16 00:27:47 +02:00
llamasoft
78ff651643
Add Linux evasion to its own article
...
Linux evasion techniques were previously included as part of persistence,
but the number of techniques are varied enough where it likely should
be its own article.
2022-10-14 17:30:25 -04:00
Swissky
6479c3a400
Merge pull request #574 from sebch-/patch-5
...
Update Active Directory Attack.md
2022-10-12 21:43:44 +02:00
Seb
b809e104e6
Update Active Directory Attack.md
2022-10-12 21:24:47 +02:00
Seb
f18d4991ff
Update Active Directory Attack.md
2022-10-12 19:47:40 +02:00
Seb
5480c40098
Update Hash Cracking.md
2022-10-12 19:29:15 +02:00
Seb
ad5bbd49f1
Update Hash Cracking.md
2022-10-12 18:06:22 +02:00
Swissky
f7a74feaf7
Azure Tools Update
2022-10-12 18:03:49 +02:00
pop3ret
0530c19c88
Update Cloud - AWS Pentest.md
2022-10-09 16:03:33 -03:00
pop3ret
4b4a630085
Changed summary and chapters
...
Changed summary to include the cheatsheet and also changed the format of the cheatsheet to be the same as the original file
2022-10-09 16:01:14 -03:00
Swissky
522b55eec5
Update Cloud - AWS Pentest.md
2022-10-07 10:50:59 +02:00
pop3ret
00189411d4
Merge AWSome Pentesting into Cloud - AWS Pentest
...
Merge the notes with the existing one
2022-10-06 13:43:09 -03:00
Alexander Lübeck
576322d475
Fixed invalid hyperlink
2022-10-02 15:58:16 +02:00
Swissky
99a1304af9
Methodology and enumeration rework
2022-10-02 13:13:16 +02:00
Swissky
4ed3e3b6b9
Blind SSTI Jinja
2022-10-02 12:24:39 +02:00
Swissky
72a8556dc9
NodeJS Serialization
2022-09-23 11:21:29 +02:00
Swissky
2d30e22121
DPAPI - Data Protection API
2022-09-23 00:35:34 +02:00
Processus Thief
8d564ff78b
update hekatomb to install with pip
...
hekatomb is now available on pypi to simplify its installation
2022-09-22 16:10:20 +02:00
Processus Thief
885f8bdb8f
Adding Hekatomb.py to DPAPI credentials stealing
...
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations.
Then it will download all DPAPI blob of all users from all computers.
Finally, it will extract domain controller private key through RPC uses it to decrypt all credentials.
More infos here : https://github.com/Processus-Thief/HEKATOMB
2022-09-20 16:56:07 +02:00
Swissky
b6e7210ee0
Merge pull request #501 from fantesykikachu/win-p3-revshell
...
Add Windows Python3 Reverse Shell
2022-09-06 23:23:50 +02:00
CravateRouge
dad7362da6
Update bloodyAD attacks
2022-09-06 19:13:34 +02:00
Swissky
191a72c57e
Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings
2022-09-06 10:05:16 +02:00
Swissky
2be739ea4f
Fixing TGS/ST
2022-09-06 10:03:49 +02:00
Swissky
bdc2d55dd9
Merge pull request #533 from 0xsyr0/patch-1
...
Quick fix for WSUS malicious patch
2022-09-04 20:54:17 +02:00
Swissky
9e2471a472
SCCM Network Account
2022-09-04 20:51:23 +02:00
Swissky
fae02107df
Jetty RCE Credits
2022-09-04 14:24:16 +02:00
Swissky
811863501b
ESC9 - No Security Extension
2022-09-03 12:07:24 +02:00
0xsry0
343d63f79f
Quick fix for WSUS malicious patch
...
Not sure if it is deprecated but by tackling the box Outdated on HTB, the command didn't worked with two `&&`. To concatenate `"net user WSUSDemo Password123! /add ` and `net localgroup administrators WSUSDemo /add\""`, the `^&` is required.
2022-08-24 09:10:55 +02:00
Swissky
fbd7517e04
LFI2RCE - Picture Compression - SOCKS5 CS
2022-08-21 16:38:54 +02:00
Swissky
804920be62
Source Code Management
2022-08-18 10:43:01 +02:00
Swissky
6650c361e7
Capture a network trace with builtin tools
2022-08-15 15:02:29 +02:00
Adham Elmosalamy
1b2471265a
Typo fix
2022-08-08 16:08:55 +04:00
Swissky
7fe0a0475e
Docker Escape cgroup
2022-08-05 12:26:31 +02:00
Swissky
835d6fffe0
Shadow Credentials
2022-08-05 12:00:41 +02:00
Swissky
52e255cb75
Merge pull request #520 from sebch-/patch-1
...
Update Active Directory Attack.md
2022-08-03 19:20:11 +02:00
Spidycodes
bb6c9ed172
typo
2022-08-02 21:48:07 +00:00
Seb
310338b279
Update Active Directory Attack.md
...
Find AD
2022-08-02 15:09:23 +02:00
Swissky
e386a110d9
Find DC
2022-07-27 17:23:30 +02:00
Swissky
fc8fadbb0c
PR Guidelines + User Hunting + HopLa Configuration
2022-06-30 16:33:35 +02:00
fantesykikachu
f6c455d8f9
Windows Python3 Reverse Shell
2022-06-28 06:54:06 +00:00
Marwan Nour
36e417f129
Added DirtyPipe to kernel exploits
...
Fixed some links in the table of contents
2022-06-23 16:55:58 +02:00
Sh0ckFR
a4e43fb24c
Added Thread Stack Spoofer description
2022-06-22 12:11:49 +02:00
Sh0ckFR
4b07c91e7b
Added Sleep Mask Kit Link
2022-06-21 15:52:30 +02:00
Alexandre ZANNI
b831175f99
add english version of the article
2022-06-20 20:31:11 +02:00
Swissky
ad336b4d55
Privileged Access Management (PAM) Trust
2022-06-09 11:30:43 +02:00