Commit Graph

437 Commits

Author SHA1 Message Date
David Fentz
d3a296486e
Update Cloud - AWS Pentest.md
Added a reference to Cloudgoat in the Training section of the AWS pentesting docs.
2022-05-05 08:48:55 -07:00
Moayad Almalat
8a6e8b8f05
Update Cobalt Strike - Cheatsheet.md
Update Cobalt Strike user Guide to the latest version.
2022-04-25 15:18:04 +02:00
Swissky
5a89c6a5ca Windows Management Instrumentation Event Subscription 2022-04-24 15:01:18 +02:00
Swissky
b0d05faded TruffleHog examples + Cortex XDR disable 2022-04-14 09:42:15 +02:00
Swissky
89f0b93d43 Elastic EDR + VM Persistence 2022-03-27 19:50:33 +02:00
Swissky
d40e055629 Golden GMSA + Scheduled Task 2022-03-15 11:15:44 +01:00
Swissky
4abd52697f MSSQL Agent Command Execution 2022-03-10 11:05:17 +01:00
Swissky
540d3ca399 Vajra + MSSQL hashes 2022-03-05 18:31:15 +01:00
Swissky
521975a05c AV Removal + Cobalt SleepKit 2022-03-01 23:01:25 +01:00
Swissky
3e3562e553 ESC3 - Misconfigured Enrollment Agent Templates + Certipy v2 2022-02-20 13:15:28 +01:00
Swissky
71dcfd5ca7 ADCS ESC7 Shell + Big Query SQL 2022-02-18 14:50:38 +01:00
brightio
d36f98b4ca
Update LinPEAS links 2022-01-31 12:16:29 +01:00
Swissky
0b5c5acb87 ESC7 - Vulnerable Certificate Authority Access Control 2022-01-30 23:41:31 +01:00
Eslam Salem
d7e357f53a fix rm bug in netcat reverseshell on OpenBSD & BusyBox 2022-01-29 17:19:30 +02:00
clem9669
05a77e06fc
Update Active Directory Attack.md
Updating the scanner modules for PingCastle.exe
2022-01-26 13:13:11 +00:00
Alexandre ZANNI
a397a3d643
add revshellgen and merge to tools section 2022-01-22 23:08:25 +01:00
Alexandre ZANNI
a077ceab7c
add tools section 2022-01-22 22:57:37 +01:00
clem9669
76ec08cfb4
Update Active Directory Attack.md
Correcting typo
Removing dead website
Adjusting techniques
2022-01-18 22:52:58 +01:00
Swissky
f0085e158b
Removing potential DMCA material 2022-01-05 22:22:08 +01:00
clem9669
4642dd44fc
Update Hash Cracking.md
Hey 👋 
Updating content with more information and more accurate resources.
2022-01-05 18:25:31 +00:00
Swissky
dfe830d183 RODC - Read Only Domain Controller Compromise 2022-01-04 21:11:26 +01:00
Swissky
b5df6e1447 ESC6 - EDITF_ATTRIBUTESUBJECTALTNAME2 + Golden Certificate 2022-01-01 20:42:58 +01:00
Swissky
c9ef8f7f49 Graftcp Cheatsheet 2021-12-29 18:16:26 +01:00
Swissky
8411a0640d ESC4 - Access Control Vulnerabilities 2021-12-29 15:00:22 +01:00
Swissky
27768783ff Merge branch 'master' of https://github.com/swisskyrepo/PayloadsAllTheThings 2021-12-29 14:52:20 +01:00
Swissky
e3fb516747 MAQ + WEBDAV 2021-12-29 14:48:42 +01:00
Alexandre ZANNI
a430cfcc4e
update PowerGPOAbuse task command 2021-12-22 16:09:07 +01:00
Swissky
0d6d6049ce AD + Log4shell + Windows Startup 2021-12-16 09:52:51 +01:00
Swissky
5714b9c9d7 samAccountName spoofing + Java RMI 2021-12-13 20:42:31 +01:00
Swissky
10974722b1 BloodHound Custom Queries + MSSQL CLR 2021-12-12 23:04:35 +01:00
CravateRouge
8da5f36f85
Add alternatives for AD ACL abuse from Linux 2021-11-15 17:36:05 +01:00
Swissky
3366f5eaac
Merge pull request #445 from NirLevy98/reverse_shell_delete-unused-imports
Delete unused import
2021-11-07 21:16:37 +01:00
Swissky
7d9dd6806e Powershell Cheatsheet 2021-11-06 19:14:47 +01:00
Swissky
1c8067a150 Relaying with WebDav Trick + Shadow Credential 2021-10-30 21:04:23 +02:00
Swissky
e3373dd108 UnPAC The Hash + MachineKeys.txt 2021-10-26 21:56:39 +02:00
Swissky
1a3058f40c Device Code Phish 2021-10-24 20:07:46 +02:00
Nir
4207479cce Delete unused imports 2021-10-16 11:33:38 +03:00
Markus
6584df310f
Update Windows - Persistence.md
Add example to `disable windows defender` which uses MpCmdRun.exe to reset the current definitions. I recently used this and it was sufficient, that defender did not recognize previously flagged malicious files. It is quite helpful in case, that Set-MpPreference is not present or that the attacker is not allowed to adjust the service.
2021-10-14 08:53:25 +02:00
marcan2020
39a89e937a
Update breakout techniques
- Add a section on unassociated protocols
- Add paths to access filesystem via the address bar
- Fix Stick Keys link
- Fix Task Manager shortcut
- Add reference to HackTricks
2021-10-11 13:53:19 -04:00
Markus
d1345b0016
Update Hash Cracking Methodology
Add some structure to add additional tools.
Fix some typo.
Add online resources for cracking password hashes.
2021-10-11 17:08:46 +02:00
Swissky
883c35a9e5 Hash Cracking v0.1 2021-10-10 23:05:01 +02:00
p0dalirius
09b1b8984a Update Active Directory Attack.md 2021-10-06 09:05:49 +02:00
p0dalirius
8045496946 Update Active Directory Attack.md 2021-10-06 08:59:13 +02:00
p0dalirius
19b4bee7a0 Update Active Directory Attack.md 2021-10-06 08:54:16 +02:00
p0dalirius
e0b8bee5a6 Update Active Directory Attack.md 2021-10-06 08:45:44 +02:00
p0dalirius
25b6003229 Update Active Directory Attack.md 2021-10-06 08:29:59 +02:00
p0dalirius
ee53c960f0 Update Active Directory Attack.md 2021-10-06 08:24:51 +02:00
p0dalirius
6d816c6e4b Update Active Directory Attack.md 2021-10-06 08:23:07 +02:00
Podalirius
286b7c507e
Update Active Directory Attack.md 2021-10-06 08:15:51 +02:00
Swissky
000d1f9260
Merge pull request #426 from CravateRouge/patch-2
Add python check for ZeroLogon
2021-10-01 00:58:58 +02:00
CravateRouge
52d83bea5f
Add python check for ZeroLogon 2021-09-30 23:38:48 +02:00
CravateRouge
1cdd284f5b
Add Linux alternatives for GenericWrite abuse 2021-09-30 22:17:20 +02:00
Swissky
d2f63406cd IIS + Certi + NetNTLMv1 2021-09-16 17:45:29 +02:00
Swissky
3af70155e2 DCOM Exec Impacket 2021-09-07 14:48:57 +02:00
Swissky
23438cc68e Mitigation NTLMv1 2021-09-07 10:22:39 +02:00
Swissky
c8076e99c9 Net-NTLMv1 + DriverPrinter 2021-09-06 20:58:44 +02:00
Swissky
0f94adafe5 ESC2 + Windows Search Connectors - Windows Library Files 2021-09-01 14:10:53 +02:00
Swissky
f89597725a
Merge pull request #416 from Bort-Millipede/master
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…
2021-08-25 22:17:53 +02:00
Swissky
69b99826d2 AD CS Attacks 2021-08-25 22:14:44 +02:00
Jeffrey Cap
9bde75b32d Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload 2021-08-23 14:41:40 -05:00
Swissky
fde99044c5 CS NTLM Relay 2021-08-22 23:03:02 +02:00
Swissky
87be30d3b2 DB2 Injection + ADCS 2021-08-10 23:00:19 +02:00
Swissky
7ab7664469
Merge pull request #399 from Bort-Millipede/master
New/Updated Python Linux Reverse Shells
2021-07-31 11:26:36 +02:00
Jeffrey Cap
37e69b6162 Revised Linux Python Reverse Shells; Added New Linux Python Reverse Shells 2021-07-26 20:55:49 -05:00
Swissky
d9d4a54d03 RemotePotato0 + HiveNightmare 2021-07-26 21:25:56 +02:00
M4x
9086ff9d03
add missing header file 2021-07-26 16:04:39 +08:00
Swissky
3a4bd97762 AD CS - Mimikatz / Rubeus 2021-07-25 11:40:19 +02:00
Swissky
44735975a5 Active Directory update 2021-07-12 20:45:16 +02:00
Swissky
175c676f1e Tmux PrivEsc + PrintNightmare update 2021-07-12 14:42:18 +02:00
Alexandre ZANNI
e2ff22b136
add CVE-2021-34527 + It Was All A Dream scanner 2021-07-08 10:40:01 +02:00
Swissky
2f8fc7bbb9 PrintNightmare - Mimikatz 2021-07-05 21:57:14 +02:00
Swissky
459f4c03fc Dependency Confusion + LDAP 2021-07-04 13:32:32 +02:00
Sean R. Abraham
1fcbd576fe
Fix typo in Linux - Persistence.md 2021-07-02 16:18:35 -06:00
Sameer Bhatt (debugger)
0b8293b135
Added Reverse Shell using Telnet
Added Reverse Shell using Telnet.
2021-07-01 20:29:56 +05:30
Swissky
80816aee31 PrintNightmare - #385 2021-07-01 14:40:03 +02:00
Swissky
4e95162dc3 BadPwdCount attribute + DNS 2021-06-28 22:08:06 +02:00
Swissky
ab0e487500 Cobalt Strike spunner + pivotnacci 2021-06-27 23:58:13 +02:00
leongross
e31de3dd6b
Update Subdomains Enumeration.md 2021-06-25 09:17:27 +02:00
Swissky
85a7ac8a76 Shadow Credentials + AD CS Relay + SSSD KCM 2021-06-24 15:26:05 +02:00
Swissky
a723a34449 PS Transcript + PPLdump.exe 2021-05-06 18:26:00 +02:00
soka
a4bdabea83 Add AWS DynamoDB enumeration 2021-04-30 21:44:21 +02:00
Swissky
1592756f9c
Merge pull request #348 from pswalia2u/patch-1
Update Reverse Shell Cheatsheet.md
2021-04-26 10:05:59 +02:00
Swissky
08b59f2856 AD update CME+DCOM 2021-04-21 22:27:07 +02:00
Ryan Montgomery
7ae038d919
Update Reverse Shell Cheatsheet.md
Added: Automatic Reverse Shell Generator
2021-04-18 10:50:41 -04:00
clem9669
7a564cb859
Update Linux - Privilege Escalation.md
Fixing Markdow URL typo in writable network-scripts section
2021-04-15 10:07:43 +00:00
Micah Van Deusen
f23de13d96
Added method to read gMSA 2021-04-10 10:58:05 -05:00
Ricardo
604618ed41
Improve Ruby reverse shell
Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.
2021-04-02 16:36:58 -04:00
secnigma
059a866fd2
Added Netcat BusyBox
Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.
2021-04-01 13:27:20 +05:30
pswalia2u
209380740b
Update Reverse Shell Cheatsheet.md
Added new Bash TCP reverse shell
2021-03-28 18:58:07 +05:30
Swissky
0443babe35 Relay + MSSQL Read File 2021-03-25 18:25:02 +01:00
Swissky
f6b9d63bf8 DCOM exploitation and MSSQL CLR 2021-03-24 22:26:23 +01:00
Swissky
bd2166027e GMSA Password + Dart Reverse Shell 2021-03-24 12:44:35 +01:00
cosmin-bianu
13d54a5c24
Fixed Java payload
- Declared variables
- Added semicolons at the end of each line
- Fixed the bash command
2021-03-12 13:20:15 +02:00
c14dd49h
ca28c69e67
Update Active Directory Attack.md 2021-02-26 14:14:10 +01:00
Swissky
8d31b7240b Office Attacks 2021-02-21 20:17:57 +01:00
mpgn
d1c23c5863
Unload the service mimi 2021-02-17 12:21:16 +01:00
mpgn
9be371d793
add mimikatz command to protect a process again after removing the protection
fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)
2021-02-17 12:15:47 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
Jakub 'unknow' Mrugalski
9244fe0480
[typo] changed sshs_config to sshd_config 2021-02-05 12:24:49 +01:00
Swissky
092083af5c AD - Printer Bug + Account Lock 2021-01-29 22:10:22 +01:00