Windows-Privilege-Escalation. Windows Privilege Escalation Techniques and Scripts
982Hashcat-Cheatsheet. Hashcat Cheatsheet for OSCP
628Vanquish. Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
516Hydra-Cheatsheet. Hydra Password Cracking Cheetsheet
427MSF-Venom-Cheatsheet. Single Page Cheatsheet for common MSF Venom One Liners
319Bypassing-Web-Application-Firewalls. A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
279Linux-Privilege-Escalation. Tips and Tricks for Linux Priv Escalation
228PasswordDecrypts. Handy Stored Password Decryption Techniques
163FirmwareReverseEngineering. Notes and tools from my experiences reverse engineering firmware
148HackingWithCurl. A list of examples and references of hacking with Bash and the Curl command
56WordListGen. Super Simple Python Word List Generator for Fuzzing and Brute Forcing in Python
55BloodHoundCustomQueries. List of Bloodhound Python Custom Queries which I have found to be handy on engagements
17WindowsShells. Information Repository on Various Methods of getting shell access into a Windows machine
17Powershell-Cheatsheet. Hand list of Powershell commands frequently used during penetration tests
15Active-Directory-Fun. Notes on Active Directory analysis and exploitation
11awesome-pentest-cheat-sheets. Collection of the cheat sheets useful for pentesting
10SQLMapExamples. A list of sample SQL Map Injection Commands
10Wordlust. Wordlust is a Password Base Wordlist for Hashcat Mutator Rules
9WindowsMeterpreterSessionDied. Some exploits are unstable in nature and only allow for a very short shell command window. These scripts can help extend your remote shell session by quickly spawning a new reverse shell.
8MouseJacking. MouseJacking on Kali Linux with CrazyRadio PA
7Directory-Traversal-Toolbox. A few handy scripts for pulling important files off remote machines using a directory traversal or local file include vulnerability.
7OSCP. Collection of things made during my OSCP journey
6OpenSSL-Enc-By-Example. Examples of how to use openssl-enc for symmetric cipher encryption and decryption
5Python_DES_Decryptor. A simple python script for decrypting DES that has been generated by a .NET application
5DirtyStringInjectOneLiner. A one liner dirty string with many common injection techniques
4atomic-red-team. Small and highly portable detection tests based on MITRE's ATT&CK.
4CTF-Walkthroughs. A collection of CTF Walkthroughs
4Windows-Post-Exploitation. Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
4SSH_Sample_Keys. A collection of Public and Private SSH keys for reference purposes
3SILENTTRINITY. A post-exploitation agent powered by Python, IronPython, C#/.NET
2SiteMapMaker. Creates an HTML site map based on a specified base URL and a folder path. Handy for exploring for hidden content in Burp Suite if you have the application’s source code.
2CLISerialFuzzer. Serial Connection CLI Command Jail Break Fuzzer
2KaliTroubleshooting. Handy Tricks for Troubleshooting Kali
2MagicPing. Python 2.7 raw socket ICMP ping to send a embedded message or a magic ping to an endpoint
2XOR_MOAR. Simple Python Utilities Developed During CTF Events For XORing Data
2c2. C2
1SpookFlare. Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
1VR-Industrial-Control-Room. Virtual Reality experience that transports people into an industrial control room environment.
1