-
Notifications
You must be signed in to change notification settings - Fork 0
/
useful-resources.txt
322 lines (218 loc) · 10.1 KB
/
useful-resources.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
# Resources I've managed to gather over the last year
Credits go to the original authors/owners
Free VM to assist in mobile pentesting:
https://mobexler.com/
Custom Mimikatz & revshell in powershell:
https://github.com/HernanRodriguez1/MimikatzFUD
https://github.com/HernanRodriguez1/RevershellTCP_BypassAMSI/blob/main/rshell.ps1
Reverse Shell generator:
https://www.revshells.com/
Windows Defender Hardening:
https://0ut3r.space/2022/03/06/windows-defender/
Generic Hardening:
https://github.com/decalage2/awesome-security-hardening
Smap (passive port scan through shodan):
https://github.com/s0md3v/Smap
Personal Security Checklist:
https://github.com/Lissy93/personal-security-checklist
Web Attacks Cheatsheet:
https://github.com/riramar/Web-Attack-Cheat-Sheet
RCE on WebApps:
https://www.linkedin.com/posts/purabparihar_bugbounty-bugbounties-wapt-activity-6910106100830756864-jnwc?utm_source=linkedin_share&utm_medium=member_desktop_web
Bug Bounty Writeups:
https://writeups.io/
https://pentester.land/list-of-bug-bounty-writeups.html
Windows Exploitation Cheatsheet:
https://wadcoms.github.io/
Burp Match & Replace - Hidden Features:
https://medium.com/@johnssimon_6607/getting-access-to-disabled-hidden-features-with-the-help-of-burp-match-and-replace-e1d7b70d131e
DLL Hijack Automation:
https://github.com/knight0x07/ImpulsiveDLLHijack
Race Condition:
https://arbazhussain.medium.com/race-condition-bypassing-team-limit-b162e777ca3b
Reporting tool made by Pen-testers:
https://github.com/blacklanternsecurity/writehat
365 User Enumeration (no locking):
https://github.com/dievus/Oh365UserFinder
OSWE Notes:
https://drive.google.com/file/d/1KIc_qsRvlWbaUY04ug9_4zEXySx53yGv/view
OSCE3 Complete Guide:
https://github.com/CyberSecurityUP/OSCE-Complete-Guide
AWS Automated Incident Response:
https://github.com/awslabs/aws-automated-incident-response-and-forensics
RDP Session Hijacking (requires DA)
http://www.korznikov.com/2017/03/0-day-or-feature-privilege-escalation.html
Multi Cloud Red Team:
https://www.linkedin.com/posts/joas-antonio-dos-santos_multi-cloud-red-team-pt-1-activity-6909535043103133696-NbOP
CrossLinked (scrap Linkedin users - generate emails):
https://github.com/m8r0wn/CrossLinked
Browser Exploitation on Windows:
https://connormcgarr.github.io/type-confusion-part-1/
CherryTree for Pentesting/OSCP:
https://github.com/CyberSecurityUP/Template-CherryTree-PenTest
SQL Injection Custom payload:
https://www.linkedin.com/posts/jakedmurphy1_hacking-sql-sqlmap-activity-6901533023729184768-CPX4
Advanced SQL Injection Cheatsheet:
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
DotGit (Firefox plugin - search for .git/.svn)
https://github.com/davtur19/DotGit
iHide - new jailbreak bypass tool:
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
ReconFTW:
https://github.com/six2dez/reconftw
CSI Linux VM (for investigations - runs through Tor):
https://csilinux.com/download
Red Team Resources:
https://github.com/threatexpress/red-team-scripts
https://github.com/ZephrFish/Red-Teaming-Toolkit
https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations
Unredacter (undo pixelation):
https://github.com/BishopFox/unredacter
Cloud Pen-testing Cheatsheets:
https://github.com/dafthack/CloudPentestCheatsheets
Security Newsletters:
https://github.com/TalEliyahu/awesome-security-newsletters
Google Dorks:
https://github.com/CorrieOnly/google-dorks
API Security Tips:
https://github.com/inonshk/31-days-of-API-Security-Tips
LinWinPwn AD Enumeration Automation:
https://github.com/lefayjey/linWinPwn
Trufflehog | Scan for exposed keys (AWS,Github etc.)
https://github.com/trufflesecurity/trufflehog
DarkDump (Search dark web on terminal):
https://github.com/josh0xA/darkdump
Malware Overview tool:
https://github.com/alexandreborges/malwoverview
Privesc with RBCD:
https://www.praetorian.com/blog/red-team-privilege-escalation-rbcd-based-privilege-escalation-part-2/
AV Evasion - Disk is Lava:
https://0xhop.github.io/evasion/2021/05/26/evasion-pt2/
Payload Cradles (Bypass AV):
https://github.com/VirtualAlllocEx/Payload-Download-Cradles
Mip22 Advanced Phishing:
https://github.com/makdosx/mip22
MacOS RedTeam:
https://wojciechregula.blog/tags/macos-red-teaming/
Powershell Enumeration *TRANSLATE (loggedon users etc.)
https://fixmypc.ru/post/kak-naiti-zaloginenykh-polzovatelei-i-aktivnye-sessii-s-powershell/
C2 in Notion:
https://medium.com/@huskyhacks.mk/we-put-a-c2-in-your-notetaking-app-offensivenotion-3e933bace332
AD Visualizer:
https://github.com/lkarlslund/adalanche
EDR Bypassing:
https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44
Malware Sandboxing:
https://www.linkedin.com/posts/shubham-sharmaa_malware-sandboxing-activity-6862307096482897920-RRQ5
Offensive GCP Toolkit:
https://desi-jarvis.medium.com/gcphound-a-swiss-army-knife-offensive-toolkit-for-google-cloud-platform-gcp-fb9e18b959b4
Exflitrate files bit by bit:
https://www.kitploit.com/2021/10/http-protocol-exfil-exfiltrate-files.html?m=1
Kali Weaponizer (automatically install tools):
https://github.com/penetrarnya-tm/WeaponizeKali.sh
Top 25 Account Takeover Reports:
https://corneacristian.medium.com/top-25-account-takeover-bug-bounty-reports-cd855374be14
Compile C# tools for Red team (no VS)
https://github.com/Aetsu/OffensivePipeline
MITRE Attacks techniques:
https://www.linkedin.com/posts/francescofaenzi_mitreattack-windows-mac-activity-6832177917741559808-QrFA
AD Red Team Enumeration Scripts:
https://github.com/n3t1nv4d3/ADRedTeamEnumScript
SSRF Finder:
https://www.kitploit.com/2022/02/ssrfire-automated-ssrf-finder-just-give.html
FinalRecon:
https://github.com/thewhiteh4t/FinalRecon
Intro to Fuzzing (OSEE Prep):
https://www.youtube.com/watch?v=zWBfbJ1ugNo
AV Evasion P1:
https://0xhop.github.io/evasion/2021/04/19/evasion-pt1/
CVE-2021-4034 Exploit:
https://github.com/berdav/CVE-2021-4034
Bypass Windows Defender Attack Surface Reduction
https://www.linkedin.com/posts/recai-a-00878b158_bypass-windows-defender-attack-surface-reduction-activity-6887261033849737216-3FuW
SysmonSimulator: Windows event simulation utility (blue team)
https://github.com/ScarredMonk/SysmonSimulator
Disctopia (Discord Backdoor)
https://github.com/3ct0s/disctopia-c2
Car Security Exploitation:
https://github.com/CaringCaribou/caringcaribou
Robot Hacking Manual:
https://rhm.cybersecurityrobotics.net/
Tunneling Cheatsheet:
https://github.com/twelvesec/port-forwarding
Malware Development for Red teams:
https://github.com/chr0n1k/AH2021Workshop
MFASweep (Identify if MFA is enabled):
https://github.com/dafthack/MFASweep
Powerstistence (scheduled task after compromise)
https://github.com/pi0x73/Powersistence
Bash one-liner for SSH Failed logins:
https://www.linkedin.com/posts/bilalbokhari_bashoneliner-bashshellscripting-bash-activity-6862915878837719040-lkd5
Malware Analysis Series training:
https://www.linkedin.com/posts/aleborges_malware-analysis-series-article-1-activity-6872452831350136832-2Juu
Find AmazonS3 Buckets - firefox:
https://addons.mozilla.org/en-GB/firefox/addon/s3-bucket-list/
Pwnfox:
https://github.com/yeswehack/PwnFox
Pentest Cheatsheets:
https://hausec.com/pentesting-cheatsheet/
https://hausec.com/2017/10/21/domain-penetration-testing-using-bloodhound-crackmapexec-mimikatz-to-get-domain-admin/
https://hausec.com/2019/03/05/penetration-testing-active-directory-part-i/
https://xedex.gitbook.io/internalpentest/internal-pentest/active-directory/initial-attack-vectors/llmnr-nbt-ns-poisoning/smb-relay
https://bitvijays.github.io/LFF-IPS-P3-Exploitation.html
https://www.windows-commandline.com/add-user-to-domain-group/
https://xedex.gitbook.io/internalpentest/internal-pentest/active-directory/initial-attack-vectors/ipv6-attacks/basic-attack
https://aas-s3curity.gitbook.io/cheatsheet/internalpentest/active-directory/exploitation/exploit-without-account/smb-relay
https://abarrak.gitbook.io/linux-sysops-handbook/#shell-tips-and-tricks
Automate initial foothold Pwn-o-Magic:
https://gist.github.com/braimee/e3e462b634715ae06121c82d49c274e9
Rpivot:
https://artkond.com/2017/03/23/pivoting-guide/#rpivot-1
FI & Uploads:
https://github.com/jhaddix/tbhm/blob/master/07_File_Upload.md
OSCP Guide:
https://sushant747.gitbooks.io/total-oscp-guide/content/list_of_common_ports.html
Patching iOS apps:
https://github.com/sensepost/objection/wiki/Patching-iOS-Applications#preparations---xcode
Iranian APT commands:
https://gist.github.com/MSAdministrator/7a61025263e279a740835da4b205e6d0
Kerberoast no SPNs:
https://swarm.ptsecurity.com/kerberoasting-without-spns/
Autorecon:
https://github.com/Tib3rius/AutoRecon
Top ways to breach Wireless:
https://adam-toscher.medium.com/top-5-ways-i-gained-access-to-your-corporate-wireless-network-lo0tbo0ty-karma-edition-f72e7995aef2
Process Herpaderping:
https://jxy-s.github.io/herpaderping/
Cracking RAR Archives (AttackDefense):
https://attackdefense.com/challengedetailsnoauth?cid=96
Virus Scan (no logging):
https://kleenscan.com/index
Red Rabbit - Post Exploitation for Red Teams:
https://secnhack.in/redrabbit-pentesting-post-exploitation-for-red-team/
Ways to steal Wi-fi Passwords:
https://secnhack.in/multiple-ways-to-steal-wifi-passwords/
Intercept traffic after Android 7:
https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/
Check for leaks:
https://checkleaked.cc/check
Telegram OSINT:
https://start.me/p/YaOYnJ/telegram-osint
Purple Team Course (PDF):
https://www.linkedin.com/posts/chiragh-arora_applied-purple-teaming-activity-6931670526138421248-Ybai
Dumping lsass through Avast:
https://www.linkedin.com/posts/khandelwalshantanu_redteam-pentest-cyber-activity-6931166996965298176-nIKF
Bypass Gmail URL Alert (phishing campaigns):
https://intarna.com/2022/05/15/bypass-gmail-url-alert-by-url/
Kiosk breakout with MS Edge:
https://blog.nviso.eu/2022/05/24/breaking-out-of-windows-kiosks-using-only-microsoft-edge/
Smart Contract Auditing
https://www.notonlyowner.com/learn/intro-security-hacking-smart-contracts-ethereum
AutoPwn
https://github.com/GamehunterKaan/AutoPWN-Suite
Kiosk/ATM Breakout
https://boschko.ca/atm-kiosk-hacking-phd2022/
Froggy Enumeration
https://github.com/iamthefrogy/frogy
Web App Hacking tips:
https://www.webhackingtips.com/