pmsosa
Follow
Stars
A Python script to test a web page on visual accessibility based on six testing criteria
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Powerful framework for rogue access point attack.
EAP_buster is a simple bash script that lists what EAP methods are supported by the RADIUS server behind a WPA-Enterprise access point
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
The best checklists for keeping you on track when attempting the OSCP exam.
Six Degrees of Domain Admin
PowerSploit - A PowerShell Post-Exploitation Framework
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Abusing impersonation privileges through the "Printer Bug"
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Cheap & Nasty Wordpress Command Execution Shell
A collection of commands and tools used for conducting enumeration during my OSCP journey
rdp-sec-check is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services)
Remote password generator for HP StoreVirtual systems