AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. (by Tib3rius)
pentest-everything
This is my penetration testing cheatsheet (by mchern1kov)
Our great sponsors
| AutoRecon | pentest-everything | |
|---|---|---|
| 18 | 2 | |
| 4,811 | 36 | |
| - | - | |
| 5.0 | 6.5 | |
| 3 months ago | over 2 years ago | |
| Python | Python | |
| GNU General Public License v3.0 only | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AutoRecon
Posts with mentions or reviews of AutoRecon.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-06-22.
- Failed first attempt with 50pts
- Failed the OSCP 😞
-
Autorecon installation issue
pipx install git+https://github.com/Tib3rius/AutoRecon.git
- All round web scanning tool - add yours to the list!
-
Linux Priv Escalation Scripts
Yeah it's been out for about a year now. Same repo, just a version update. https://github.com/Tib3rius/AutoRecon
-
Update: I passed with 100 points on second attempt AMA
smbmap - I believe so as it is a part of https://github.com/Tib3rius/AutoRecon
-
Resources after nmap scan
It sounds like you’re looking for something like AutoRecon.
-
I passed with 100 points on second attempt AMA
I used AutoRecon (thanks tibs) and PEAS for both linux and windows privesc. But again, the reason I failed the first time was because I relied to heavily on these tools. I really like the disclaimer on the autorecon github:
-
Just officially passed my OSCP with (70 + 10) points
Initial Recon/Exploitation - Initial scan your target with either autorecon (https://github.com/Tib3rius/AutoRecon) or an in-depth nmap scan. Then, for each port, enumerate with commands from hacktricks (https://book.hacktricks.xyz/), (https://fareedfauzi.gitbook.io/oscp-notes/services-enumeration/http-s/enumeration-checklist) and (https://web.archive.org/web/20200309204648/http://0daysecurity.com/penetration-testing/enumeration.html) but you could honestly just get away with hacktricks. If you see any sort of service, CMS, or whatever running, searchsploit it. Sometimes, you might get lucky and find an exploit that you can use or can keep in your back pocket for PE later. If you need help with how to actually do an exploit (https://ippsec.rocks/?#) is your friend. IPPSEC is the GOAT.
-
Just submitted the Exam Report. 70 points. My Thoughts and Journey.
Credits to the creator of these resources - Tib3rius Privilege Escalation Courses (Windows & Linux) - Tib3rius AutoRecon: https://github.com/Tib3rius/AutoRecon - https://github.com/mchern1kov/pentest-everything - https://kashz.gitbook.io/kashz-jewels/ - https://book.hacktricks.xyz/
pentest-everything
Posts with mentions or reviews of pentest-everything.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-02-12.
-
Just submitted the Exam Report. 70 points. My Thoughts and Journey.
Credits to the creator of these resources - Tib3rius Privilege Escalation Courses (Windows & Linux) - Tib3rius AutoRecon: https://github.com/Tib3rius/AutoRecon - https://github.com/mchern1kov/pentest-everything - https://kashz.gitbook.io/kashz-jewels/ - https://book.hacktricks.xyz/
-
Passed on my 2nd attempt: preparation, attempts and health issues.
My suggestions - Work-life-study balance, of course. Don't try too hard. Take as much time as you need, stay balanced and healthy. Your health is more important than any certification. And stay calm. Really, don't think about it too much, just live your life. - Prepare a cheatsheet for the exam. I know there are many websites with pentester cheatsheets, but I still suggest you to create your own one in which you'd be sure of. Here's what I created: https://github.com/mchern1kov/pentest-everything. Don't worry, Offsec, I made it before even starting the PWK, no materials from the course are used. Again, I suggest you to use mine just as an example and CREATE YOUR OWN.
What are some alternatives?
When comparing AutoRecon and pentest-everything you can also consider the following projects:
nmapAutomator - A script that you can run in the background!
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
OSCP-Exam-Report-Template - Modified template for the OSCP Exam and Labs. Used during my passing attempt
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
OSCP-Priv-Esc - Mind maps / flow charts to help with privilege escalation on the OSCP.
hackthebox - Notes Taken for HTB Machines & InfoSec Community.
EZEA - EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
kashz-jewels - Gitbook: kashz-Jewels
AutoRecon vs nmapAutomator
pentest-everything vs PEASS-ng
AutoRecon vs OSCP-Exam-Report-Template
pentest-everything vs FDsploit
AutoRecon vs OSCP-Priv-Esc
pentest-everything vs hackthebox
AutoRecon vs EZEA
pentest-everything vs Reconnoitre
AutoRecon vs Harbor
pentest-everything vs Interlace
AutoRecon vs PEASS-ng
pentest-everything vs kashz-jewels