Publicly accessible notes about my pentesting/red teaming experiments tested on several controlled environments/infrastructures that involve playing with various tools and techniques used by penetration testers and redteamers during a security assessment.
We welcome contributions as github pull requests.
Kudos and thanks for the people who did the hard stuff
Gather information about the Domain name and windows machine running in the network
bash$ cd /usr/share/Responder/tools
bash$ sudo python RunFinger.py -i 192.168.1.1/24
or
bash$ responder-RunFinger
Scanning IP networks for NetBIOS name information.
bash$ sudo nbtscan -v -s : 192.168.1.0/24
Scan the network range based on the SMB information
bash$ cme smb 192.168.1.1/24
Scan all the machine network and save the outputs .
bash$ nmap -p 1-65535 -sV -sS -T4 -oA output target_IP
Intensive Scan (Note recommended):
bash$ nmap -p 1-65535 -Pn -A -oA output target_IP
Scan with enumeration of the running services version :
bash$ nmap -sC -sV -oA output target
Thanks for HIBP and this downloader. At first I was considering using it, but the…
Comprehensive repository for presentation slides from major cybersecurity conferences held in 2023 and 2024. It…
Generate a proxy dll for arbitrary dll, while also loading a user-defined secondary dll. In…
DLL Universal Patcher is a flexible and convenient code patcher that doesn't touch the files…
RustiveDump is a Rust-based tool designed to dump the memory of the lsass.exe process using…
This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool…