My collection of useful resources, tools and solutions used for Pentesting or security assessments.
- htb: contains files and writeups for various hackthebox challenges and machines. Usually the solution is not included ;)
- lists: contains various Fuzzing lists used for pentesting
- misc: miscallenous files that dont fit anywhere else, f.e. Report template
- pdf: Various PDF files, Cheatsheets, writeups and other pdfs worht to look at
- scripts: contains helpful scripts mostly used for pentesting but also some other stuff, also contains CVE PoC's and duckyscripts
Originally in this repository I documented my jorney to becoming an Offensive Security Web Expert (OSWE). Currently im using this repository as a one stop shop for all my IT & Security needs.
- (CyberChef) a web app for encryption, encoding, compression and data analysis
- (JSNICE) a JavaScript Deobfuscation tool
- (boxentriq/code-breaking) various codebreaking and cipher tools
- (SSLLabs) Test SSL of any webserver
- (deps.dev) Understand your dependencies
- (dehashed.com) Leaked Passwords in plaintext
| Command | Description |
|---|---|
curl http://lwlx.xyz |
GET request with cURL |
curl http://lwlx.xyz -v |
Verbose GET request with cURL |
curl http://admin:password@lwlx.xyz/ -vvv |
cURL Basic Auth login |
curl -u admin:password http://lwlx.xyz/ -vvv |
Alternate cURL Basic Auth login |
curl -u admin:password -L http://lwlx.xyz/ |
cURL Basic Auth login, follow redirection |
curl -u admin:password 'http://lwlx.xyz/search.php?port_code=us' |
cURL GET request with parameter |
curl -d 'username=user&password=pass' -L http://lwlx.xyz/login.php |
POST request with cURL |
curl -d 'username=user&password=pass' -L http://lwlx.xyz/login.php -v |
Debugging with cURL |
curl -d 'username=user&password=pass' -L --cookie-jar /dev/null http://lwlx.xyz/login.php -v |
Cookie usage with cURL |
curl -d 'username=user&password=pass' -L --cookie-jar cookies.txt http://lwlx.xyz/login.php |
cURL with cookie file |
curl -H 'Content-Type: application/json' -d '{ "username" : "user", "password" : "pass" }' |
cURL specify content type |
curl -X OPTIONS http://lwlx.xyz/ -vv |
cURL OPTIONS request |
curl -X PUT -d @test.txt http://lwlx.xyz/test.txt -vv |
File upload with cURL |
curl -X DELETE http://lwlx.xyz/test.txt -vv |
DELETE method with cURL |
