EZEA
AutoRecon
Our great sponsors
EZEA | AutoRecon | |
---|---|---|
10 | 18 | |
91 | 4,796 | |
- | - | |
1.8 | 5.0 | |
almost 3 years ago | 3 months ago | |
Shell | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
EZEA
- I passed OSCP, and here is how you should(nt) do it
-
5/5 full compromise. Rick Rolled the proctor. ๐
Congrats bro, I personally like notion. And use tilix for terminal segmention. Made a bash script for enumeration: https://github.com/yassirlaaouissi/EZEA
-
Exam in 1 week, any last tips
I have my exam on thr 6th of june, 09:00, amsterdam time. I have the entire public PWK network done, 25 hackthebox machines from TJ Nulls list, 10 BOF machines, an automated enum tool (https://github.com/yassirlaaouissi/EZEA), all of my notes and a healthy amount of failure anxiety for the OSCP Exam. Did most of the boxes without hints, the 5 big ones and some hackthebox machines mostly needed hints on initial foothold for me.
-
Exam in <24 hours - Planning to fail. What do I do, study, or at least research?
I made a nice enum tool, use it: https://github.com/yassirlaaouissi/EZEA
-
Mid OSCP Update #2
The first two weeks of my labtime went to the course material (PDF and video). After that I spent a week or two on making an enumeration tool: https://github.com/yassirlaaouissi/EZEA
-
Tips and resources on pentesting methodology?
Many people make tools based on steps in the methodology. I've made a tool to auromate the enumeration step: https://github.com/yassirlaaouissi/EZEA
-
Just Failed First Attempt - BOF, and then NOTHING - HUH?
This is kinda self advertising, but trust me. It will save you time; I use this tool to enumerate my targets. Have done around 30 PWK boxes and 7 HTB machines with it so far: https://github.com/yassirlaaouissi/EZEA
-
Mid OSCP Update
I have been using my enumeration tool EZEA (https://github.com/yassirlaaouissi/EZEA), and so far I am not disappointed I spent time on it. If anyone has suggestions on how to make this tool better, or on how to practice buffer overflows, please do tell me. Have a nice day!
-
Made a nice OSCP enum tool
Made this tool based on several other tools that can simplify the enumeration proces for OSCP-like environments. Have rooted 8 boxes so far using this tool in 2 weeks time. Here is the link, let me know how you feel about it: https://github.com/yassirlaaouissi/EZEA
-
OSCP tips: Enumeration + time management
I've made an automatic enumerator for myself to prevent timeloss typing all commands from scratch during OSCP. Here it is, let me know what you think about it: https://github.com/yassirlaaouissi/EZEA
AutoRecon
- Failed first attempt with 50pts
- Failed the OSCP ๐
-
Autorecon installation issue
pipx install git+https://github.com/Tib3rius/AutoRecon.git
- All round web scanning tool - add yours to the list!
-
Linux Priv Escalation Scripts
Yeah it's been out for about a year now. Same repo, just a version update. https://github.com/Tib3rius/AutoRecon
-
Update: I passed with 100 points on second attempt AMA
smbmap - I believe so as it is a part of https://github.com/Tib3rius/AutoRecon
-
Resources after nmap scan
It sounds like youโre looking for something like AutoRecon.
-
I passed with 100 points on second attempt AMA
I used AutoRecon (thanks tibs) and PEAS for both linux and windows privesc. But again, the reason I failed the first time was because I relied to heavily on these tools. I really like the disclaimer on the autorecon github:
-
Just officially passed my OSCP with (70 + 10) points
Initial Recon/Exploitation - Initial scan your target with either autorecon (https://github.com/Tib3rius/AutoRecon) or an in-depth nmap scan. Then, for each port, enumerate with commands from hacktricks (https://book.hacktricks.xyz/), (https://fareedfauzi.gitbook.io/oscp-notes/services-enumeration/http-s/enumeration-checklist) and (https://web.archive.org/web/20200309204648/http://0daysecurity.com/penetration-testing/enumeration.html) but you could honestly just get away with hacktricks. If you see any sort of service, CMS, or whatever running, searchsploit it. Sometimes, you might get lucky and find an exploit that you can use or can keep in your back pocket for PE later. If you need help with how to actually do an exploit (https://ippsec.rocks/?#) is your friend. IPPSEC is the GOAT.
-
Just submitted the Exam Report. 70 points. My Thoughts and Journey.
Credits to the creator of these resources - Tib3rius Privilege Escalation Courses (Windows & Linux) - Tib3rius AutoRecon: https://github.com/Tib3rius/AutoRecon - https://github.com/mchern1kov/pentest-everything - https://kashz.gitbook.io/kashz-jewels/ - https://book.hacktricks.xyz/
What are some alternatives?
OSCP-Exam-Report-Template - Modified template for the OSCP Exam and Labs. Used during my passing attempt
nmapAutomator - A script that you can run in the background!
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
OSCP-Priv-Esc - Mind maps / flow charts to help with privilege escalation on the OSCP.
Pentest-Service-Enumeration - Suggests programs to run against services found during the enumeration phase of a Pentest
pentest-everything - This is my penetration testing cheatsheet
alacarte
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
RELY - RELY (Name composed on project members Romy, Esther, Lucille and Yassir) is a python tool developed to help a Digital Forensics Triage procedure on some Microsoft Windows devices.
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)