hackthebox

⬆ ☠ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Linux enumeration tool for pentesting and CTFs with verbosity levels

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Writeups for HacktheBox 'boot2root' machines

📜 Yet another collection of wordlists

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Penelope Shell Handler

🔑 Hash type identifier (CLI & lib)

Autonomous Privilege Escalation using AI

My own OSCP guide

CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs that I've done

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

A living document for penetration testing and offensive security.

Hack The Box CPTS, CWES, CDSA, CWEE, CAPE, CJCA Exam and Lab Reporting / Note-Taking Tool

Execute commands interactively on remote Windows machines using the WinRM protocol