Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

一个攻防知识仓库 Red Teaming and Offensive Security

Offensive Security Tool is a multi-purpose tool designed for conducting offensive security activities, including file exfiltration, reverse shell connections, and privilege escalation. This tool provides cross-platform functionality, supporting both macOS and Windows environments.

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

Modular penetration testing platform that enables you to write, test, and execute exploit code.

Pentesting cheatsheet with tricks and scripts for reconnaissance, enumeration, privesc, and more...

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Speeding up identifying which binaries with a SUID flag may lead to root access

it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.

Fancy reverse and bind shell handler

Security Challenge. Search for various means to pass root on a given server.

ODAT: Oracle Database Attacking Tool

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

Bits and pieces from my personal notes and scripts

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).

AI Powered Privilege Escalation!