Astra Kernel :verified: · @AstraKernel
895 followers · 942 posts · Server infosec.exchangeβ¨ Cheatsheets for Pentesting
π A collection of snippets of codes and commands to make your life easier!
https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
#infosec #pentesters #redteaming #redteamtips #networksecurity
#infosec #pentesters #redteaming #redteamtips #networksecurity
Astra Kernel :verified: · @AstraKernel
866 followers · 912 posts · Server infosec.exchange
πͺ² Bypassing OGNL sandboxes for fun and charities
π OGNL injections led to some serious remote code execution (RCE) vulnerabilities
https://github.blog/2023-01-27-bypassing-ognl-sandboxes-for-fun-and-charities/
#infosec #bugbountytips #redteamtips #pentesters
Punchdrunktux β :verified: · @punchdrunktux
119 followers · 37 posts · Server infosec.exchangeReady your beacons, red teamers!
Execute unmanaged Windows executables in CobaltStrike Beacons. Not just for .Net any longer.
#pentesting #redteam #redteamtips
https://github.com/Octoberfest7/Inline-Execute-PE
#pentesting #redteam #redteamtips
Astra Kernel :verified: · @AstraKernel
825 followers · 857 posts · Server infosec.exchange
πͺ² GraphQL exploitation β All you need to know
π A Damn Vulnerable GraphQL Web Application:
https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application
#redteamtips #redteaming #pentesters #bugbountytips #BugBounty #appsec #graphql #infosec
#redteamtips #redteaming #pentesters #bugbountytips #bugbounty #appsec #graphql #infosec
Astra Kernel :verified: · @AstraKernel
818 followers · 848 posts · Server infosec.exchange
Home Grown Red Team: Using LNK Files To Bypass Applocker
#infosec #redteam #pentesting #redteamtips
Punchdrunktux β :verified: · @punchdrunktux
111 followers · 60 posts · Server infosec.exchangeRed Team Maturity Model
A standardized, community-informed Capability Maturity Model to measure, report on, and plan for internal Red Team maturity
Astra Kernel :verified: · @AstraKernel
780 followers · 811 posts · Server infosec.exchange
π₯οΈ Kerbrute tool
π Enumerate valid AD user accounts that use Kerberos pre-authentication
π Password bruteforce,username enumeration,password spray
GitHub repo:
https://github.com/ropnop/kerbrute
Detailed guide:
https://www.hackingarticles.in/a-detailed-guide-on-kerbrute/
#kerberos #pentesting #redteaming #redteamtips #kali #kalilinux #infosec
#kerberos #pentesting #redteaming #redteamtips #kali #kalilinux #infosec
Astra Kernel :verified: · @AstraKernel
750 followers · 775 posts · Server infosec.exchange
β¨ PowerShell script that weaponizes Putty to do SSH bruteforcing
π A wrapper script which uses PuTTY clients (either putty.exe or plink.exe) to perform SSH login bruteforce attacks
https://github.com/InfosecMatter/SSH-PuTTY-login-bruteforcer
#infosec #redteam #pentesting #redteamtips #pentesters
Astra Kernel :verified: · @AstraKernel
730 followers · 763 posts · Server infosec.exchangeReflective DLL Injection
https://www.ired.team/offensive-security/code-injection-process-injection/reflective-dll-injection
#redteam #pentesting #redteamtips
Astra Kernel :verified: · @AstraKernel
697 followers · 737 posts · Server infosec.exchange
β¨The Journey to Becoming an OSCP
ποΈCore Skill Areas
π Operating Systems
π Networking
π Web
π Programming
https://benheater.com/journey-to-oscp/
#oscp #passingoscp #oscpprep #offsec #infosec #cybersecurity #Pentesting #redteamtips #bugbountytips
#oscp #passingoscp #OSCPPrep #offsec #infosec #cybersecurity #pentesting #redteamtips #bugbountytips
Astra Kernel :verified: · @AstraKernel
673 followers · 709 posts · Server infosec.exchange
Spice up your persistence: loading PHP extensions from memory
https://adepts.of0x.cc/dlopen-from-memory-php/
π Question to #blueteam, how you will detect or prevent this from happening?
#redteamtips #redteam #Pentesting #infosec #php #websec #persistence
#blueteam #redteamtips #redteam #pentesting #infosec #php #websec #persistence
Astra Kernel :verified: · @AstraKernel
604 followers · 637 posts · Server infosec.exchangeβ¨ Avoiding Detection with Shellcode Mutator
βΆοΈ Mutates exploit source code without affecting its functionality, changing its signature and making it harder to reliably detect as malicious
Repository:
https://github.com/nettitude/ShellcodeMutator
Article:
https://labs.nettitude.com/blog/shellcode-source-mutations/
#shellcode #redteaming #pentesters #redteamtips #infosec #exploitation #binaryexploitation
#shellcode #redteaming #pentesters #redteamtips #infosec #exploitation #binaryexploitation
Astra Kernel :verified: · @AstraKernel
598 followers · 624 posts · Server infosec.exchange
Cheat sheet for Advanced SQL injection:
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
#sqlinjection #bugbounty #bugbountytips #infosec #sqli #redteamtips
#sqlinjection #bugbounty #bugbountytips #infosec #sqli #redteamtips
Astra Kernel :verified: · @AstraKernel
577 followers · 588 posts · Server infosec.exchange
GitHub repo on Tips and Tutorials for Bug Bounty and also Penetration Tests.
#bugbountytips #bugbounty #pentesters #redteamtips #infosec
Astra Kernel :verified: · @AstraKernel
535 followers · 566 posts · Server infosec.exchange
New Powershell obfuscaiton tool bypass Anti-Virus:
#redteam #redteamtips #infosec #avbypass #pentesters
Astra Kernel :verified: · @AstraKernel
451 followers · 501 posts · Server infosec.exchange
#OffensiveRust:
Rust Weaponization for Red Team Engagements.
https://github.com/trickster0/OffensiveRust
#rust #rustlang #rustaceans #rustprogramming #infosec #redteamtips #offensivesecurity
#offensiverust #rust #rustlang #rustaceans #rustprogramming #infosec #redteamtips #offensivesecurity
Ollie Whitehouse · @ollie_whitehouse
464 followers · 62 posts · Server infosec.exchange
Astra Kernel :verified: · @AstraKernel
229 followers · 332 posts · Server infosec.exchange
15 Ways to Bypass the PowerShell Execution Policy -without having local administrator rights on the system
βΆοΈ By default, PowerShell prevents execution of PowerShell scripts
βΆοΈ This can be a hurdle for #pentesters, sysadmins
https://www.netspi.com/blog/technical/network-penetration-testing/15-ways-to-bypass-the-powershell-execution-policy/
#pentesters #infosec #redteamtips
Astra Kernel :verified_paw: · @AstraKernel
192 followers · 288 posts · Server infosec.exchangeRed Team lab automation:
Setting up a windows machine for practicing - Using Packer, Terraform, and Ansible
https://www.pentestpartners.com/security-blog/red-team-lab-automation/
#pentesting #redteam #redteamtips #pentesterslab
Astra Kernel :verified_paw: · @AstraKernel
192 followers · 287 posts · Server infosec.exchangeRed Team lab automation:
Setting up a windows machine for practicing - Using Packer, Terraform, and Ansible
https://www.pentestpartners.com/security-blog/red-team-lab-automation/
#pentesting #redteam #redteamtips #pentesterslab