Pinned Repositories
Automating-Metasploit-with-Bash
PSP
Red-Team-Essentials
This repo will contain some basic pentest/RT commands.
SLAE
This section will contain assignments for completing SLAE 32 bit exam requirements .
Thick-Client-Pentesting
hexachordanu's Repositories
hexachordanu/Red-Team-Essentials
This repo will contain some basic pentest/RT commands.
hexachordanu/Thick-Client-Pentesting
hexachordanu/PSP
hexachordanu/ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
hexachordanu/aiosmb
Fully asynchronous SMB library written in pure python
hexachordanu/at-ps
Adversary Tactics - PowerShell Training
hexachordanu/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
hexachordanu/BetaFast
Vulnerable thick client applications used as examples in the Introduction to Hacking Desktop Applications blog series
hexachordanu/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
hexachordanu/cloud_ip_ranges
Identify IP addresses owned by public cloud providers
hexachordanu/container-security-checklist
Checklist for container security - devsecops practices
hexachordanu/CORS_vulnerable_Lab-Without_Database
hexachordanu/eBook-BypassingAVsByCSharp
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
hexachordanu/Empire
Empire is a PowerShell and Python post-exploitation agent.
hexachordanu/InveighZero
Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 spoofer/man-in-the-middle tool
hexachordanu/Invoke-Recon
Powershell script helping for domain enumeration - Written while doing the 'Advanced Red Team' lab from pentesteracademy
hexachordanu/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
hexachordanu/MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
hexachordanu/OneListForAll
Rockyou for web fuzzing
hexachordanu/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
hexachordanu/Pentest-Scripts-Py3
This repo will contain tutorials for scripting in python and how various modules can be used by pentesters in their task automation / exploit writing.
hexachordanu/phpass_crack
A password cracker for Portable PHP password hashes
hexachordanu/Random
hexachordanu/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
hexachordanu/resolvers
The most exhaustive list of reliable DNS resolvers.
hexachordanu/SecurityTips
hexachordanu/SharpEDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
hexachordanu/SonarSearch
A MongoDB importer and API for Project Sonars DNS datasets
hexachordanu/trufflehog
Find and verify credentials
hexachordanu/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab