A collection of links related to Linux kernel security and exploitation
翻译 - 一堆与Linux内核开发有关的链接
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
翻译 - 不会吸的信息安全参考
一个攻防知识仓库 Red Teaming and Offensive Security
#夺旗赛 (CTF) 和网络安全资源# This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
翻译 - 此备忘单旨在面向CTF玩家和初学者,以帮助他们通过示例了解权限提升的基础。
Privilege Escalation Enumeration Script for Windows
翻译 - Windows的特权升级枚举脚本
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
翻译 - 从Windows服务帐户到NT AUTHORITY \ SYSTEM的糖化版本的RottenPotatoNG,带有一点汁液,即另一个本地特权升级工具。
#夺旗赛 (CTF) 和网络安全资源# A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
翻译 - WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and t...
翻译 - 特权升级枚举工具包(64/32),具有Web API集成的快速,智能枚举。掌握自己的发现
A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.
elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative
Bypass UAC at any level by abusing the Program Compatibility Assistant with RPC, WDI, and more Windows components
翻译 - 通过滥用程序兼容性助手与 RPC、WDI 和更多 Windows 组件来绕过任何级别的 UAC
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM
翻译 - 武器化任意文件/目录删除错误以获取NT AUTHORITY \ SYSTEM
Python library and client for token manipulations and impersonations for privilege escalation on Windows
翻译 - Python库和客户端,用于令牌操作和模拟,用于在Windows上进行特权升级