AutoRecon
GOAD
| AutoRecon | GOAD | |
|---|---|---|
| 18 | 20 | |
| 4,811 | 4,343 | |
| - | 5.8% | |
| 5.0 | 9.1 | |
| 3 months ago | 7 days ago | |
| Python | PowerShell | |
| GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AutoRecon
- Failed first attempt with 50pts
- Failed the OSCP ๐
-
Autorecon installation issue
pipx install git+https://github.com/Tib3rius/AutoRecon.git
- All round web scanning tool - add yours to the list!
-
Linux Priv Escalation Scripts
Yeah it's been out for about a year now. Same repo, just a version update. https://github.com/Tib3rius/AutoRecon
-
Update: I passed with 100 points on second attempt AMA
smbmap - I believe so as it is a part of https://github.com/Tib3rius/AutoRecon
-
Resources after nmap scan
It sounds like youโre looking for something like AutoRecon.
-
I passed with 100 points on second attempt AMA
I used AutoRecon (thanks tibs) and PEAS for both linux and windows privesc. But again, the reason I failed the first time was because I relied to heavily on these tools. I really like the disclaimer on the autorecon github:
-
Just officially passed my OSCP with (70 + 10) points
Initial Recon/Exploitation - Initial scan your target with either autorecon (https://github.com/Tib3rius/AutoRecon) or an in-depth nmap scan. Then, for each port, enumerate with commands from hacktricks (https://book.hacktricks.xyz/), (https://fareedfauzi.gitbook.io/oscp-notes/services-enumeration/http-s/enumeration-checklist) and (https://web.archive.org/web/20200309204648/http://0daysecurity.com/penetration-testing/enumeration.html) but you could honestly just get away with hacktricks. If you see any sort of service, CMS, or whatever running, searchsploit it. Sometimes, you might get lucky and find an exploit that you can use or can keep in your back pocket for PE later. If you need help with how to actually do an exploit (https://ippsec.rocks/?#) is your friend. IPPSEC is the GOAT.
-
Just submitted the Exam Report. 70 points. My Thoughts and Journey.
Credits to the creator of these resources - Tib3rius Privilege Escalation Courses (Windows & Linux) - Tib3rius AutoRecon: https://github.com/Tib3rius/AutoRecon - https://github.com/mchern1kov/pentest-everything - https://kashz.gitbook.io/kashz-jewels/ - https://book.hacktricks.xyz/
GOAD
- Failed the OSCP ๐
-
Ethical Hacking / Pentest Lab
Here is one project that is built out to build a domain environment: https://github.com/Orange-Cyberdefense/GOAD
-
Interview preparation guide for AD pentesting?
Have a look at https://github.com/Orange-Cyberdefense/GOAD. You can learn a lot of AD pentesting techniques there. Should be enough for entering any AD related role.
- Can anyone describe their red team infrastructure?
-
OSCP AD labs
OSCP AD environment is not a hard one but just to make yourself comfortable, I would recommend you to try this awesome lab with almost every scenario and tool: Game of Active Directory: https://github.com/Orange-Cyberdefense/GOAD
-
Help setting up an AD test lab in proxmox for thesis
I have already considered using an automated script like https://github.com/Orange-Cyberdefense/GOAD but I do not see support for Proxmox.
- Uvod v enumeracijo AD okolja
- Git for TF scripts to build lab env?
-
AD test environment
https://github.com/Orange-Cyberdefense/GOAD is a great for learning AD
-
Active Directory Security Tools
GameOfAD - vulnerable AD environment - https://github.com/Orange-Cyberdefense/GOAD
What are some alternatives?
nmapAutomator - A script that you can run in the background!
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
OSCP-Exam-Report-Template - Modified template for the OSCP Exam and Labs. Used during my passing attempt
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
OSCP-Priv-Esc - Mind maps / flow charts to help with privilege escalation on the OSCP.
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
pentest-everything - This is my penetration testing cheatsheet
Splunk-In-The-Cloud-Setup - How-to on setting up splunk in Azure
EZEA - EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
red_team_attack_lab - Red Team Attack Lab for TTP testing & research
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.