Offensive Security

Penetration Testing

Damn Vulnerable iOS App (DVIA) on SecurityListing: iOS application for testing iOS penetration testing skills in a legal environment.

Offensive Security

Cobalt Strike HTTP C2 Redirectors with Apache mod_rewrite on SecurityListing: Using Apache mod_rewrite as a redirector to filter C2 traffic for Cobalt Strike servers.

Offensive Security

Brute Ratel C4 on SecurityListing: Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.

Offensive Security

DorkSearch on SecurityListing: An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.

Vulnerability Assessment

Kali on SecurityListing: Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.

Offensive Security

CBRX AI Red Teaming on SecurityListing: Offensive security testing service for LLM applications and AI systems

Penetration Testing

PentesterLab PRO on SecurityListing: Online platform offering 700+ hands-on web security exercises and training

Offensive Security

xargs on SecurityListing: A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.

Offensive Security

ParrotSec on SecurityListing: Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

Penetration Testing

PoshC2 on SecurityListing: A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.

Offensive Security

Combatting Incident Responders with Apache mod_rewrite on SecurityListing: Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.

Penetration Testing

BeEF on SecurityListing: BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.

Offensive Security

Lab of a Penetration Tester: Week of Evading Microsoft ATA on SecurityListing: A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection

Offensive Security

TechTarget on SecurityListing: Sysreptor provides a customizable security reporting solution for penetration testers and red teamers.

Offensive Security

GNU Netcat on SecurityListing: A featured networking utility for reading and writing data across network connections with advanced capabilities.

Offensive Security

Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32 on SecurityListing: Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32

Offensive Security

DNS Tunnelling on SecurityListing: A technique to encode data within DNS queries for covert communication channels.

Offensive Security

Proxmark III on SecurityListing: A tool for testing and analyzing RFID and NFC tags, allowing users to read and write data, and perform various attacks and tests.

Offensive Security

Aircrack-ng on SecurityListing: A complete suite of tools for assessing WiFi network security with capabilities for monitoring, attacking, testing, and cracking.

Offensive Security

Covert Red Team Attack Infrastructure on SecurityListing: Back-end component for red team operations with crucial design considerations.

Offensive Security

Daniel Miessler/Unsupervised Learning on SecurityListing: Sysreptor offers a customizable reporting solution for offensive security assessments.

Offensive Security

DVWA - Brute Force (High Level) - Anti-CSRF Tokens on SecurityListing: A guide to brute forcing DVWA on the high security level with anti-CSRF tokens

Offensive Security

How to Write Malleable C2 Profiles for Cobalt Strike on SecurityListing: Learn how to create new Malleable C2 profiles for Cobalt Strike to avoid detection and signatured toolset

Offensive Security

Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts on SecurityListing: A blog post about bypassing AppLocker using PowerShell diagnostic scripts

Offensive Security

Threatpost on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming.

Penetration Testing

Cobalt Strike's ExternalC2 framework on SecurityListing: A specification/framework for extending default C2 communication channels in Cobalt Strike

Offensive Security

Ophcrack on SecurityListing: Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.

Penetration Testing

ExploitDB on SecurityListing: A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.

Offensive Security

DiskShadow on SecurityListing: A tool that exposes the functionality of the Volume Shadow Copy Service (VSS) for creation, enumeration, and manipulation of volume shadow copies, with features for persistence and evasion.

Offensive Security

Reversing and Exploiting ARM Binaries: rwthCTF Trafman on SecurityListing: A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

Offensive Security

State of Security on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Offensive Security

Abusing DCOM For Yet Another Lateral Movement Technique on SecurityListing: An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.

Offensive Security

Caldera on SecurityListing: Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

Offensive Security

bohops Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence on SecurityListing: A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence

Offensive Security

Empire Communication Profiles on SecurityListing: Customize Empire's GET request URIs, user agent, and headers for evading detection and masquerading as other applications.

Offensive Security

Operating System Based Redirection with Apache mod_rewrite on SecurityListing: Detect users' operating systems and perform redirection with Apache mod_rewrite.

Offensive Security

Java Decompiler Online on SecurityListing: Online Java decompiler tool with support for modern Java features.

Offensive Security

PTJunior on SecurityListing: AI agent that autonomously discovers, exploits, and documents vulnerabilities.

Offensive Security

LockBoxx on SecurityListing: Introduction to using GScript for Red Teams

Penetration Testing

Randomized Malleable C2 Profiles Made Easy on SecurityListing: Tool for randomizing Cobalt Strike Malleable C2 profiles to evade static, signature-based detection controls.

Offensive Security

Bastille-Linux on SecurityListing: Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.

Offensive Security

LeakIX on SecurityListing: LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.

Offensive Security

Abusing Exported Functions and Exposed DCOM Interfaces for Pass-Thru Command Execution and Lateral Movement on SecurityListing: A blog post about abusing exported functions and exposed DCOM interfaces for pass-thru command execution and lateral movement

Offensive Security

checkra1n on SecurityListing: Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.

Offensive Security

Loading Alternate Data Stream (ADS) DLL/CPL Binaries to Bypass AppLocker on SecurityListing: Utilizing Alternate Data Streams (ADS) to bypass AppLocker default policies by loading DLL/CPL binaries.

Offensive Security

ARM Assembly and Shellcode on SecurityListing: A comprehensive collection of resources for learning ARM assembly language and shellcode development.

Offensive Security

Proxmark 3 on SecurityListing: The Proxmark III is a versatile device for sniffing, reading, and cloning RFID tags with strong community support.

Offensive Security

Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2) on SecurityListing: A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence

Offensive Security

Reverse Engineering HID iClass Master Keys on SecurityListing: Exploiting a vulnerability in HID iClass system to retrieve master authentication key for cloning cards and changing reader settings.

Offensive Security

Bleeping Computer on SecurityListing: A customizable offensive security reporting solution for pentesters and red teamers to generate detailed reports of their findings and vulnerabilities.

Offensive Security

The Hacker News on SecurityListing: The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.

Offensive Security

Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection on SecurityListing: A guide on using Apache mod_rewrite to strengthen phishing attacks and bypass mobile device restrictions

Offensive Security

WebDAV Covert Channel on SecurityListing: A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.

Offensive Security

The Security Ledger on SecurityListing: Sysreptor offers a customizable reporting solution for pentesters and red teamers to enhance security documentation.

Offensive Security

Tao Security on SecurityListing: Sysreptor provides a customizable reporting platform for pentesters and red teamers to efficiently document security assessments.

Offensive Security

The State of Security by Tripwire on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.

Offensive Security

Theos Red Teaming on SecurityListing: Red teaming service simulating real-world adversary attacks on organizations.

Offensive Security

Vshadow on SecurityListing: A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.

Offensive Security

Workshop Hacking Bluetooth Smart locks on SecurityListing: A workshop on hacking Bluetooth Smart locks, covering architecture, vulnerabilities, and exploitation techniques.

Offensive Security

Yogosha Pentest as a Service on SecurityListing: Platform for on-demand pentests & bug bounties via vetted security researchers

Penetration Testing

tcpkill on SecurityListing: A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.

Offensive Security

Using a SCF file to Gather Hashes on SecurityListing: Abusing SCF files to gather user hashes from an unauthenticated writable Windows-based file share.

Penetration Testing

OWASP Bricks on SecurityListing: Deliberately vulnerable web application for security professionals to practice attack techniques.

Offensive Security

UPX on SecurityListing: UPX is a high-performance executable packer for various executable formats.

Offensive Security

Security Intelligence on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Penetration Testing

ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution on SecurityListing: A technique for social engineering and untrusted command execution using ClickOnce technology

Offensive Security

DDE attack with PowerShell Empire on SecurityListing: Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.

Offensive Security

snmpcheck on SecurityListing: A tool for enumerating information via SNMP protocol.

Offensive Security

Lab of a Penetration Tester: Abusing DNSAdmins privilege for escalation in Active Directory on SecurityListing: Abusing DNSAdmins privilege for escalation in Active Directory

API Security

Windows 7 UAC Whitelist Code-Injection Issue on SecurityListing: Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.

Offensive Security

Troy Hunt on SecurityListing: Sysreptor offers a customizable security reporting solution for penetration testers and red teamers.

Penetration Testing

Serving Random Payloads with Apache mod_rewrite on SecurityListing: A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks

Penetration Testing

PowerUpSQL on SecurityListing: Tool for attacking Active Directory environments through SQL Server access.

Offensive Security

Trust Direction: An Enabler for Active Directory Enumeration and Trust Exploitation on SecurityListing: A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation

Penetration Testing

Wifislax on SecurityListing: GNU/Linux Wireless distribution for security testing with XFCE desktop environment.

Offensive Security

Windows Oneliners for Remote Code Execution on SecurityListing: Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.

Offensive Security

XSS'OR on SecurityListing: Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.

Offensive Security

tcpreplay on SecurityListing: Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.

Penetration Testing

Preparing for Red Team at PRCCDC 2015 on SecurityListing: Preparation process for participating in the Pacific Rim CCDC 2015.