A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Dec 4, 2024 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A collection of hacking / penetration testing resources to make you better!
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A collection of links related to Linux kernel security and exploitation
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
📦 Make security testing of K8s, Docker, and Containerd easier.
一个攻防知识仓库 Red Teaming and Offensive Security
Linux enumeration tool for pentesting and CTFs with verbosity levels
Automation for internal Windows Penetrationtest / AD-Security
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Privilege Escalation Enumeration Script for Windows
Fancy reverse and bind shell handler
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Add a description, image, and links to the privilege-escalation topic page so that developers can more easily learn about it.
To associate your repository with the privilege-escalation topic, visit your repo's landing page and select "manage topics."