lanceae

Pinned Repositories

A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
00
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
00
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Language:Jinja00
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
00
arsenal
Arsenal is just a quick inventory and launcher for hacking programs
Language:Python00
awesome-bugbounty-tools
A curated list of various bug bounty tools
0 0 00
awesome-honeypots
an awesome list of honeypot resources
Language:Python0 0 00
Awesome-RedTeam-Cheatsheet
Active Directory & Red-Team Cheat-Sheet in constant expansion.
Language:Go0 0 00
awesome-security-collection
1000+ Github Security Resource Collection Repos.
00

lanceae's Repositories

lanceae/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
lanceae/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
lanceae/ConfigTemplates
Collection of configuration files that can be used as good starting points to secure different services and tools
lanceae/Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
lanceae/hashcat-rule
Rule for hashcat or john. Aiming to crack how people generate their password
lanceae/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
lanceae/linux-baseline
DevSec Linux Baseline - InSpec Profile
lanceae/ssh-baseline
DevSec SSH Baseline - InSpec Profile
lanceae/ServiceMove-BOF
New lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution.
lanceae/External-Pentest-Checklist
lanceae/awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
lanceae/ShadowCoerce
MS-FSRVP coercion abuse PoC
lanceae/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
lanceae/Pholus
A multicast DNS and DNS Service Discovery Security Assessment Tool
lanceae/smbmap
SMBMap is a handy SMB enumeration tool - here with Kerberos support
lanceae/hardening
Repository of Hardening Guides
lanceae/passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
lanceae/Optimised-hashcat-Rule
OneRuleToRuleThemAll... hashcat optimised rule
lanceae/go-windapsearch
Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
lanceae/breach-parse
A tool for parsing breached passwords
lanceae/rbcd-attack
Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket
lanceae/rs
Pentestmonkey reverse shell auto generator - Hackthebox/OSCP/Pentest/LABExp
lanceae/OSCP-Priv-Esc
Mind maps / flow charts to help with privilege escalation on the OSCP.
lanceae/XSS-Payloads
Collection of XSS Payloads for fun and profit
lanceae/chisel
A fast TCP tunnel over HTTP
lanceae/sec-tool-list
More than 21K security related open source tools, sorted by star count. Both in markdown and json format.
lanceae/Beginner-Network-Pentesting
Notes for Beginner Network Pentesting Course
lanceae/the-practical-linux-hardening-guide
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
lanceae/ssh-honeypot
Fake sshd that logs ip addresses, usernames, and passwords.
lanceae/awesome-shell-1
A curated list of awesome Shell frameworks, libraries and software.