Pinned Repositories
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Active-Directory-Exploitation-Cheat-Sheet-1
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AD-Pentest-Notes
用于记录内网渗透(域渗透)学习 :-)
ashx_webshell
".ashx" Web Shell
Awesome-Advanced-Windows-Exploitation-References
List of Awesome Advanced Windows Exploitation References
BadPotato
Windows 权限提升 BadPotato
DNSStager
Hide your payload in DNS
Public-AD-Scripts
AD Scripts
phong1337's Repositories
phong1337/DNSStager
Hide your payload in DNS
phong1337/Public-AD-Scripts
AD Scripts
phong1337/Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
phong1337/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
phong1337/clash
A rule-based tunnel in Go.
phong1337/CORS_vulnerable_Lab-Without_Database
phong1337/Cryptanalysis
This is my personal (big) recopilation about cryptanalysis, crypto tools and challenges
phong1337/CVE-2021-39115
Template Injection in Email Templates leads to code execution on Jira Service Management Server
phong1337/Exploit-Dev-OSCE
Exploit Development, backdooring PE, bypassing Anti-Virus (AV), assembly shellcoding
phong1337/GOAD
game of active directory
phong1337/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
phong1337/marshalsec
phong1337/nopowershell
PowerShell rebuilt in C# for Red Teaming purposes
phong1337/OSCE-Complete-Guide
OSWE, OSEP, OSED
phong1337/osed-scripts
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
phong1337/pentest-notes-1
👹 :japanese_ogre: :japanese_ogre:
phong1337/PentestNote
一些渗透姿势记录
phong1337/petereport
PeTeReport is an open-source application vulnerability reporting tool.
phong1337/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
phong1337/ProxyVulns
[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.
phong1337/pwn_jenkins
Notes about attacking Jenkins servers
phong1337/RustScan
🤖 The Modern Port Scanner 🤖
phong1337/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
phong1337/SourceCodeReview
Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.
phong1337/v2ray-core
A platform for building proxies to bypass network restrictions.
phong1337/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
phong1337/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
phong1337/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
phong1337/weird_proxies
Reverse proxies cheatsheet
phong1337/Windows-AD-environment-related
This Repository contains the stuff related to windows Active directory environment exploitation