#速查表 cheatsheets#One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
翻译 - 所有默认凭据的一个地方,可以帮助蓝色/红色团队成员活动查找具有默认密码password️的设备
#夺旗赛 (CTF) 和网络安全资源#Red Teaming Tactics and Techniques
翻译 - 红队战术与技巧
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
翻译 - :orange_book:Markdown中的OSCP考试报告模板
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
翻译 - BigBountyRecon工具利用58种不同的技术,使用了各种Google工具和开源工具,以加快对目标组织的初步侦查过程。
C2/post-exploitation framework
翻译 - C2 /开发后框架
Leaked pentesting manuals given to Conti ransomware crooks
翻译 - 泄露给 Conti 勒索软件骗子的渗透测试手册
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
#Awesome#Awesome list of keywords and artifacts for Threat Hunting sessions
PHP shells that work on Linux OS, macOS, and Windows OS.
翻译 - PHP反向Shell脚本。适用于Linux OS,macOS和Windows OS。
RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities
翻译 - RMIScout使用单词列表和蛮力策略来枚举Java RMI函数并利用RMI参数解组漏洞
A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced...
/root/.ssh/authorized_keys evil file watchdog with ebpf tracepoint hook.
Compiled tools for internal assessments
#安全#GUI based offensive penetration testing tool (Open Source)
翻译 - 进攻渗透测试工具(开放源代码)