ch0ic3/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-19 10:56:10 +00:00

Author	SHA1	Message	Date
Swissky	e3fb516747	MAQ + WEBDAV	2021-12-29 14:48:42 +01:00
Alexandre ZANNI	a430cfcc4e	update PowerGPOAbuse task command	2021-12-22 16:09:07 +01:00
Swissky	0d6d6049ce	AD + Log4shell + Windows Startup	2021-12-16 09:52:51 +01:00
Swissky	5714b9c9d7	samAccountName spoofing + Java RMI	2021-12-13 20:42:31 +01:00
Swissky	10974722b1	BloodHound Custom Queries + MSSQL CLR	2021-12-12 23:04:35 +01:00
CravateRouge	8da5f36f85	Add alternatives for AD ACL abuse from Linux	2021-11-15 17:36:05 +01:00
Swissky	3366f5eaac	Merge pull request #445 from NirLevy98/reverse_shell_delete-unused-imports Delete unused import	2021-11-07 21:16:37 +01:00
Swissky	7d9dd6806e	Powershell Cheatsheet	2021-11-06 19:14:47 +01:00
Swissky	1c8067a150	Relaying with WebDav Trick + Shadow Credential	2021-10-30 21:04:23 +02:00
Swissky	e3373dd108	UnPAC The Hash + MachineKeys.txt	2021-10-26 21:56:39 +02:00
Swissky	1a3058f40c	Device Code Phish	2021-10-24 20:07:46 +02:00
Nir	4207479cce	Delete unused imports	2021-10-16 11:33:38 +03:00
Markus	6584df310f	Update Windows - Persistence.md Add example to `disable windows defender` which uses MpCmdRun.exe to reset the current definitions. I recently used this and it was sufficient, that defender did not recognize previously flagged malicious files. It is quite helpful in case, that Set-MpPreference is not present or that the attacker is not allowed to adjust the service.	2021-10-14 08:53:25 +02:00
marcan2020	39a89e937a	Update breakout techniques - Add a section on unassociated protocols - Add paths to access filesystem via the address bar - Fix Stick Keys link - Fix Task Manager shortcut - Add reference to HackTricks	2021-10-11 13:53:19 -04:00
Markus	d1345b0016	Update Hash Cracking Methodology Add some structure to add additional tools. Fix some typo. Add online resources for cracking password hashes.	2021-10-11 17:08:46 +02:00
Swissky	883c35a9e5	Hash Cracking v0.1	2021-10-10 23:05:01 +02:00
p0dalirius	09b1b8984a	Update Active Directory Attack.md	2021-10-06 09:05:49 +02:00
p0dalirius	8045496946	Update Active Directory Attack.md	2021-10-06 08:59:13 +02:00
p0dalirius	19b4bee7a0	Update Active Directory Attack.md	2021-10-06 08:54:16 +02:00
p0dalirius	e0b8bee5a6	Update Active Directory Attack.md	2021-10-06 08:45:44 +02:00
p0dalirius	25b6003229	Update Active Directory Attack.md	2021-10-06 08:29:59 +02:00
p0dalirius	ee53c960f0	Update Active Directory Attack.md	2021-10-06 08:24:51 +02:00
p0dalirius	6d816c6e4b	Update Active Directory Attack.md	2021-10-06 08:23:07 +02:00
Podalirius	286b7c507e	Update Active Directory Attack.md	2021-10-06 08:15:51 +02:00
Swissky	000d1f9260	Merge pull request #426 from CravateRouge/patch-2 Add python check for ZeroLogon	2021-10-01 00:58:58 +02:00
CravateRouge	52d83bea5f	Add python check for ZeroLogon	2021-09-30 23:38:48 +02:00
CravateRouge	1cdd284f5b	Add Linux alternatives for GenericWrite abuse	2021-09-30 22:17:20 +02:00
Swissky	d2f63406cd	IIS + Certi + NetNTLMv1	2021-09-16 17:45:29 +02:00
Swissky	3af70155e2	DCOM Exec Impacket	2021-09-07 14:48:57 +02:00
Swissky	23438cc68e	Mitigation NTLMv1	2021-09-07 10:22:39 +02:00
Swissky	c8076e99c9	Net-NTLMv1 + DriverPrinter	2021-09-06 20:58:44 +02:00
Swissky	0f94adafe5	ESC2 + Windows Search Connectors - Windows Library Files	2021-09-01 14:10:53 +02:00
Swissky	f89597725a	Merge pull request #416 from Bort-Millipede/master Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…	2021-08-25 22:17:53 +02:00
Swissky	69b99826d2	AD CS Attacks	2021-08-25 22:14:44 +02:00
Jeffrey Cap	9bde75b32d	Expression Language Injection One-Liners; XSS Payload; Fixed Linux Python IPv6 Reverse Shell Payload	2021-08-23 14:41:40 -05:00
Swissky	fde99044c5	CS NTLM Relay	2021-08-22 23:03:02 +02:00
Swissky	87be30d3b2	DB2 Injection + ADCS	2021-08-10 23:00:19 +02:00
Swissky	7ab7664469	Merge pull request #399 from Bort-Millipede/master New/Updated Python Linux Reverse Shells	2021-07-31 11:26:36 +02:00
Jeffrey Cap	37e69b6162	Revised Linux Python Reverse Shells; Added New Linux Python Reverse Shells	2021-07-26 20:55:49 -05:00
Swissky	d9d4a54d03	RemotePotato0 + HiveNightmare	2021-07-26 21:25:56 +02:00
M4x	9086ff9d03	add missing header file	2021-07-26 16:04:39 +08:00
Swissky	3a4bd97762	AD CS - Mimikatz / Rubeus	2021-07-25 11:40:19 +02:00
Swissky	44735975a5	Active Directory update	2021-07-12 20:45:16 +02:00
Swissky	175c676f1e	Tmux PrivEsc + PrintNightmare update	2021-07-12 14:42:18 +02:00
Alexandre ZANNI	e2ff22b136	add CVE-2021-34527 + It Was All A Dream scanner	2021-07-08 10:40:01 +02:00
Swissky	2f8fc7bbb9	PrintNightmare - Mimikatz	2021-07-05 21:57:14 +02:00
Swissky	459f4c03fc	Dependency Confusion + LDAP	2021-07-04 13:32:32 +02:00
Sean R. Abraham	1fcbd576fe	Fix typo in Linux - Persistence.md	2021-07-02 16:18:35 -06:00
Sameer Bhatt (debugger)	0b8293b135	Added Reverse Shell using Telnet Added Reverse Shell using Telnet.	2021-07-01 20:29:56 +05:30
Swissky	80816aee31	PrintNightmare - #385	2021-07-01 14:40:03 +02:00
Swissky	4e95162dc3	BadPwdCount attribute + DNS	2021-06-28 22:08:06 +02:00
Swissky	ab0e487500	Cobalt Strike spunner + pivotnacci	2021-06-27 23:58:13 +02:00
leongross	e31de3dd6b	Update Subdomains Enumeration.md	2021-06-25 09:17:27 +02:00
Swissky	85a7ac8a76	Shadow Credentials + AD CS Relay + SSSD KCM	2021-06-24 15:26:05 +02:00
Swissky	a723a34449	PS Transcript + PPLdump.exe	2021-05-06 18:26:00 +02:00
soka	a4bdabea83	Add AWS DynamoDB enumeration	2021-04-30 21:44:21 +02:00
Swissky	1592756f9c	Merge pull request #348 from pswalia2u/patch-1 Update Reverse Shell Cheatsheet.md	2021-04-26 10:05:59 +02:00
Swissky	08b59f2856	AD update CME+DCOM	2021-04-21 22:27:07 +02:00
Ryan Montgomery	7ae038d919	Update Reverse Shell Cheatsheet.md Added: Automatic Reverse Shell Generator	2021-04-18 10:50:41 -04:00
clem9669	7a564cb859	Update Linux - Privilege Escalation.md Fixing Markdow URL typo in writable network-scripts section	2021-04-15 10:07:43 +00:00
Micah Van Deusen	f23de13d96	Added method to read gMSA	2021-04-10 10:58:05 -05:00
Ricardo	604618ed41	Improve Ruby reverse shell Now the reverse shell supports the "cd" command and maintains persistence when an error is raised.	2021-04-02 16:36:58 -04:00
secnigma	059a866fd2	Added Netcat BusyBox Some embedded systems like busybox won't have mkfifo present; instead, they will have mknod. This updated code can spawn reverse shell in systems that use mknod instead of mkfifo.	2021-04-01 13:27:20 +05:30
pswalia2u	209380740b	Update Reverse Shell Cheatsheet.md Added new Bash TCP reverse shell	2021-03-28 18:58:07 +05:30
Swissky	0443babe35	Relay + MSSQL Read File	2021-03-25 18:25:02 +01:00
Swissky	f6b9d63bf8	DCOM exploitation and MSSQL CLR	2021-03-24 22:26:23 +01:00
Swissky	bd2166027e	GMSA Password + Dart Reverse Shell	2021-03-24 12:44:35 +01:00
cosmin-bianu	13d54a5c24	Fixed Java payload - Declared variables - Added semicolons at the end of each line - Fixed the bash command	2021-03-12 13:20:15 +02:00
c14dd49h	ca28c69e67	Update Active Directory Attack.md	2021-02-26 14:14:10 +01:00
Swissky	8d31b7240b	Office Attacks	2021-02-21 20:17:57 +01:00
mpgn	d1c23c5863	Unload the service mimi	2021-02-17 12:21:16 +01:00
mpgn	9be371d793	add mimikatz command to protect a process again after removing the protection `fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)`	2021-02-17 12:15:47 +01:00
Valentín Blanco	73f6ab940c	Update Windows - Privilege Escalation.md Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.	2021-02-10 15:52:41 +01:00
Jakub 'unknow' Mrugalski	9244fe0480	[typo] changed sshs_config to sshd_config	2021-02-05 12:24:49 +01:00
Swissky	092083af5c	AD - Printer Bug + Account Lock	2021-01-29 22:10:22 +01:00
PinkDev1	93769768e2	Added EoP - $PATH Interception	2021-01-28 19:45:54 +00:00
Swissky	01aadf3a44	Alternate Data Stream	2021-01-13 10:22:59 +01:00
lanjelot	5cfa93f98b	Add new cloudsplaining tool to AWS Pentest page	2021-01-12 22:59:37 +11:00
Swissky	3a6ac550b8	DSRM Admin	2021-01-08 23:41:50 +01:00
Tim Gates	7846225bfd	docs: fix simple typo, accound -> account There is a small typo in Methodology and Resources/Active Directory Attack.md. Should read `account` rather than `accound`.	2020-12-23 09:16:40 +11:00
Swissky	16b207eb0b	LAPS Password	2020-12-20 21:45:41 +01:00
Swissky	67752de6e9	Bronze Bit Attack	2020-12-18 22:38:30 +01:00
lanjelot	e0c745cbf4	Fix AWS duplicated tool enumerate-iam	2020-12-18 22:52:21 +11:00
lanjelot	4b9baf37d3	Add dufflebag tool and cleanup	2020-12-18 22:45:07 +11:00
Swissky	f7e8f515a5	Application Escape and Breakout	2020-12-17 08:56:58 +01:00
lanjelot	4c18e29a6b	Fix links and duplicated nmap and massscan examples	2020-12-13 04:50:59 +11:00
Swissky	73fdd6e218	Mimikatz - Elevate token with LSA protection	2020-12-09 23:33:40 +01:00
Swissky	19a2950b8d	AMSI + Trust	2020-12-08 14:31:01 +01:00
Swissky	78cc68674b	Merge pull request #296 from brnhrd/patch-1 Fix table of contents	2020-12-07 17:21:02 +01:00
Swissky	f48ee0bca5	Deepce - Docker Enumeration, Escalation of Privileges and Container Escapes	2020-12-06 18:59:43 +01:00
Swissky	27050f6dd8	MSSQL Server Cheatsheet	2020-12-05 11:37:34 +01:00
Swissky	e13f152b74	AD - Recon	2020-12-02 18:43:13 +01:00
brnhrd	15e44bdfe6	Fix table of contents	2020-12-02 14:19:59 +01:00
lanjelot	bca107cc64	Move duplicated tool references into one place	2020-11-30 01:38:04 +11:00
lanjelot	10e6c075f7	Add tool nccgroup/s3_objects_check	2020-11-30 01:17:15 +11:00
Swissky	b918095775	AzureHound	2020-11-24 12:41:34 +01:00
Abass Sesay	95b07c9e3e	Sorted the list of revshell options Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)	2020-11-14 09:20:49 -08:00
Swissky	bd184487e5	NTLM Hashcat	2020-11-06 16:20:03 +01:00
Swissky	1137bfca8d	Remote Desktop Services Shadowing	2020-10-30 21:10:00 +01:00
Gorgamite	f9389d708b	Added winPEAS to windows privilege escalation tool WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe It doesn't auto exploit, but it's rather thorough and effective.	2020-10-29 03:57:40 -07:00

1 2 3 4 5 ...

412 Commits