Commit Graph

311 Commits

Author SHA1 Message Date
Swissky
ab0e487500 Cobalt Strike spunner + pivotnacci 2021-06-27 23:58:13 +02:00
leongross
e31de3dd6b
Update Subdomains Enumeration.md 2021-06-25 09:17:27 +02:00
Swissky
85a7ac8a76 Shadow Credentials + AD CS Relay + SSSD KCM 2021-06-24 15:26:05 +02:00
Swissky
a723a34449 PS Transcript + PPLdump.exe 2021-05-06 18:26:00 +02:00
soka
a4bdabea83 Add AWS DynamoDB enumeration 2021-04-30 21:44:21 +02:00
Swissky
1592756f9c
Merge pull request #348 from pswalia2u/patch-1
Update Reverse Shell Cheatsheet.md
2021-04-26 10:05:59 +02:00
Swissky
08b59f2856 AD update CME+DCOM 2021-04-21 22:27:07 +02:00
Ryan Montgomery
7ae038d919
Update Reverse Shell Cheatsheet.md
Added: Automatic Reverse Shell Generator
2021-04-18 10:50:41 -04:00
clem9669
7a564cb859
Update Linux - Privilege Escalation.md
Fixing Markdow URL typo in writable network-scripts section
2021-04-15 10:07:43 +00:00
Micah Van Deusen
f23de13d96
Added method to read gMSA 2021-04-10 10:58:05 -05:00
Ricardo
604618ed41
Improve Ruby reverse shell
Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.
2021-04-02 16:36:58 -04:00
secnigma
059a866fd2
Added Netcat BusyBox
Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.
2021-04-01 13:27:20 +05:30
pswalia2u
209380740b
Update Reverse Shell Cheatsheet.md
Added new Bash TCP reverse shell
2021-03-28 18:58:07 +05:30
Swissky
0443babe35 Relay + MSSQL Read File 2021-03-25 18:25:02 +01:00
Swissky
f6b9d63bf8 DCOM exploitation and MSSQL CLR 2021-03-24 22:26:23 +01:00
Swissky
bd2166027e GMSA Password + Dart Reverse Shell 2021-03-24 12:44:35 +01:00
cosmin-bianu
13d54a5c24
Fixed Java payload
- Declared variables
- Added semicolons at the end of each line
- Fixed the bash command
2021-03-12 13:20:15 +02:00
c14dd49h
ca28c69e67
Update Active Directory Attack.md 2021-02-26 14:14:10 +01:00
Swissky
8d31b7240b Office Attacks 2021-02-21 20:17:57 +01:00
mpgn
d1c23c5863
Unload the service mimi 2021-02-17 12:21:16 +01:00
mpgn
9be371d793
add mimikatz command to protect a process again after removing the protection
fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)
2021-02-17 12:15:47 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
Jakub 'unknow' Mrugalski
9244fe0480
[typo] changed sshs_config to sshd_config 2021-02-05 12:24:49 +01:00
Swissky
092083af5c AD - Printer Bug + Account Lock 2021-01-29 22:10:22 +01:00
PinkDev1
93769768e2
Added EoP - $PATH Interception 2021-01-28 19:45:54 +00:00
Swissky
01aadf3a44 Alternate Data Stream 2021-01-13 10:22:59 +01:00
lanjelot
5cfa93f98b Add new cloudsplaining tool to AWS Pentest page 2021-01-12 22:59:37 +11:00
Swissky
3a6ac550b8 DSRM Admin 2021-01-08 23:41:50 +01:00
Tim Gates
7846225bfd
docs: fix simple typo, accound -> account
There is a small typo in Methodology and Resources/Active Directory Attack.md.

Should read `account` rather than `accound`.
2020-12-23 09:16:40 +11:00
Swissky
16b207eb0b LAPS Password 2020-12-20 21:45:41 +01:00
Swissky
67752de6e9 Bronze Bit Attack 2020-12-18 22:38:30 +01:00
lanjelot
e0c745cbf4 Fix AWS duplicated tool enumerate-iam 2020-12-18 22:52:21 +11:00
lanjelot
4b9baf37d3 Add dufflebag tool and cleanup 2020-12-18 22:45:07 +11:00
Swissky
f7e8f515a5 Application Escape and Breakout 2020-12-17 08:56:58 +01:00
lanjelot
4c18e29a6b Fix links and duplicated nmap and massscan examples 2020-12-13 04:50:59 +11:00
Swissky
73fdd6e218 Mimikatz - Elevate token with LSA protection 2020-12-09 23:33:40 +01:00
Swissky
19a2950b8d AMSI + Trust 2020-12-08 14:31:01 +01:00
Swissky
78cc68674b
Merge pull request #296 from brnhrd/patch-1
Fix table of contents
2020-12-07 17:21:02 +01:00
Swissky
f48ee0bca5 Deepce - Docker Enumeration, Escalation of Privileges and Container Escapes 2020-12-06 18:59:43 +01:00
Swissky
27050f6dd8 MSSQL Server Cheatsheet 2020-12-05 11:37:34 +01:00
Swissky
e13f152b74 AD - Recon 2020-12-02 18:43:13 +01:00
brnhrd
15e44bdfe6
Fix table of contents 2020-12-02 14:19:59 +01:00
lanjelot
bca107cc64 Move duplicated tool references into one place 2020-11-30 01:38:04 +11:00
lanjelot
10e6c075f7 Add tool nccgroup/s3_objects_check 2020-11-30 01:17:15 +11:00
Swissky
b918095775 AzureHound 2020-11-24 12:41:34 +01:00
Abass Sesay
95b07c9e3e
Sorted the list of revshell options
Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)
2020-11-14 09:20:49 -08:00
Swissky
bd184487e5 NTLM Hashcat 2020-11-06 16:20:03 +01:00
Swissky
1137bfca8d Remote Desktop Services Shadowing 2020-10-30 21:10:00 +01:00
Gorgamite
f9389d708b
Added winPEAS to windows privilege escalation tool
WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
It doesn't auto exploit, but it's rather thorough and effective.
2020-10-29 03:57:40 -07:00
Swissky
db533aabd4
Merge pull request #280 from Gorgamite/master
Added LinPEAS to Linux Privesc.
2020-10-29 11:56:44 +01:00