Swissky
0443babe35
Relay + MSSQL Read File
2021-03-25 18:25:02 +01:00
Swissky
f6b9d63bf8
DCOM exploitation and MSSQL CLR
2021-03-24 22:26:23 +01:00
Swissky
bd2166027e
GMSA Password + Dart Reverse Shell
2021-03-24 12:44:35 +01:00
cosmin-bianu
13d54a5c24
Fixed Java payload
...
- Declared variables
- Added semicolons at the end of each line
- Fixed the bash command
2021-03-12 13:20:15 +02:00
c14dd49h
ca28c69e67
Update Active Directory Attack.md
2021-02-26 14:14:10 +01:00
Swissky
8d31b7240b
Office Attacks
2021-02-21 20:17:57 +01:00
mpgn
d1c23c5863
Unload the service mimi
2021-02-17 12:21:16 +01:00
mpgn
9be371d793
add mimikatz command to protect a process again after removing the protection
...
fe4e984055/mimikatz/modules/kuhl_m_kernel.c (L99)
2021-02-17 12:15:47 +01:00
Valentín Blanco
73f6ab940c
Update Windows - Privilege Escalation.md
...
Adding WES-NG which is a great and updated replacement for Windows-Exploit-Suggester.
2021-02-10 15:52:41 +01:00
Jakub 'unknow' Mrugalski
9244fe0480
[typo] changed sshs_config to sshd_config
2021-02-05 12:24:49 +01:00
Swissky
092083af5c
AD - Printer Bug + Account Lock
2021-01-29 22:10:22 +01:00
PinkDev1
93769768e2
Added EoP - $PATH Interception
2021-01-28 19:45:54 +00:00
Swissky
01aadf3a44
Alternate Data Stream
2021-01-13 10:22:59 +01:00
lanjelot
5cfa93f98b
Add new cloudsplaining tool to AWS Pentest page
2021-01-12 22:59:37 +11:00
Swissky
3a6ac550b8
DSRM Admin
2021-01-08 23:41:50 +01:00
Tim Gates
7846225bfd
docs: fix simple typo, accound -> account
...
There is a small typo in Methodology and Resources/Active Directory Attack.md.
Should read `account` rather than `accound`.
2020-12-23 09:16:40 +11:00
Swissky
16b207eb0b
LAPS Password
2020-12-20 21:45:41 +01:00
Swissky
67752de6e9
Bronze Bit Attack
2020-12-18 22:38:30 +01:00
lanjelot
e0c745cbf4
Fix AWS duplicated tool enumerate-iam
2020-12-18 22:52:21 +11:00
lanjelot
4b9baf37d3
Add dufflebag tool and cleanup
2020-12-18 22:45:07 +11:00
Swissky
f7e8f515a5
Application Escape and Breakout
2020-12-17 08:56:58 +01:00
lanjelot
4c18e29a6b
Fix links and duplicated nmap and massscan examples
2020-12-13 04:50:59 +11:00
Swissky
73fdd6e218
Mimikatz - Elevate token with LSA protection
2020-12-09 23:33:40 +01:00
Swissky
19a2950b8d
AMSI + Trust
2020-12-08 14:31:01 +01:00
Swissky
78cc68674b
Merge pull request #296 from brnhrd/patch-1
...
Fix table of contents
2020-12-07 17:21:02 +01:00
Swissky
f48ee0bca5
Deepce - Docker Enumeration, Escalation of Privileges and Container Escapes
2020-12-06 18:59:43 +01:00
Swissky
27050f6dd8
MSSQL Server Cheatsheet
2020-12-05 11:37:34 +01:00
Swissky
e13f152b74
AD - Recon
2020-12-02 18:43:13 +01:00
brnhrd
15e44bdfe6
Fix table of contents
2020-12-02 14:19:59 +01:00
lanjelot
bca107cc64
Move duplicated tool references into one place
2020-11-30 01:38:04 +11:00
lanjelot
10e6c075f7
Add tool nccgroup/s3_objects_check
2020-11-30 01:17:15 +11:00
Swissky
b918095775
AzureHound
2020-11-24 12:41:34 +01:00
Abass Sesay
95b07c9e3e
Sorted the list of revshell options
...
Miniscule change because it was grinding my grinding my gears that the list is not sorted :-)
2020-11-14 09:20:49 -08:00
Swissky
bd184487e5
NTLM Hashcat
2020-11-06 16:20:03 +01:00
Swissky
1137bfca8d
Remote Desktop Services Shadowing
2020-10-30 21:10:00 +01:00
Gorgamite
f9389d708b
Added winPEAS to windows privilege escalation tool
...
WinPEAS is a really thorough privesc enumeration tool for windows, you can find it here: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS/winPEASexe
It doesn't auto exploit, but it's rather thorough and effective.
2020-10-29 03:57:40 -07:00
Swissky
db533aabd4
Merge pull request #280 from Gorgamite/master
...
Added LinPEAS to Linux Privesc.
2020-10-29 11:56:44 +01:00
Gorgamite
ff3b45e0b7
Added LinPEAS to Linux Privesc.
...
I very strongly recommend adding LinPEAS to the enumeration tools. LinPEAS is arguably the best linux privesc enumeration tool out there. If you haven't used it, I'd try it out. It highlights all relevant information with color coded text, and you can pass it parameters to control the thoroughness of the scan. You should add WinPEAS for windows privesc as well.
2020-10-29 03:50:05 -07:00
Gorgamite
1b69a3ef73
Update Linux - Privilege Escalation.md
2020-10-29 03:22:08 -07:00
Vincent Gilles
0b90094002
Fix(Docs): Correcting typos on the repo
2020-10-17 22:52:35 +02:00
marcan2020
693349da56
Add Python bind shell
2020-10-17 14:52:36 -04:00
Swissky
5a1ae58a59
Sticky Notes Windows + Cobalt SMB
2020-10-16 11:35:15 +02:00
Swissky
3368084b2d
CS Beacon - SMB Error Code
2020-10-15 17:22:00 +02:00
Swissky
b32f4754d7
Keytab + schtasks
2020-10-15 12:35:05 +02:00
Swissky
913f2d2381
Merge pull request #253 from yoavbls/add-cloudflared
...
Use cloudflared to expose internal services
2020-10-09 10:34:26 +02:00
Swissky
0f098c8a2c
Merge pull request #251 from ritiksahni/patch-1
...
Removed broken link
2020-10-09 10:33:43 +02:00
Swissky
c9be68f0a1
Privilege File Write - Update
2020-10-08 16:51:11 +02:00
Swissky
0df0cc9cf8
Privileged File Write
2020-10-08 16:39:25 +02:00
Swissky
52b0cd6030
Ligolo Reverse Tunneling
2020-10-08 11:23:12 +02:00
YoavB
dbddc717af
Use cloudflared to expose internal service
2020-10-03 22:34:28 +03:00