GTFONow
svachal
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GTFONow
-
Traitor: Linux privilege escalation made easy
How do you plan to use this universally across compromised systems, if they don't have Go to compile this?
A better solution might be https://github.com/Frissi0n/GTFONow which is written in python without dependencies and supports Py2/3. I would expect this to work on more hosts.
svachal
-
Automate writeup for vulnerable machines
Link for the source repo is in tweet linked in above image descriptions and here.
-
Commandline access for VulnHub, TryHackMe and HackTheBox machines
https://github.com/7h3rAm/svachal - Helps me with automating machine writeups. It has a graphviz wrapper to auto generate these graphs from nested text descriptions. An example killchain here is converted to the following dotfile which is then rendered as the graph above.
What are some alternatives?
Wfetch - Neofetch/pfetch, but for weather
starcli - :sparkles: Browse trending GitHub projects from your command line
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
brotab - Control your browser's tabs from the command line
pwncat - Fancy reverse and bind shell handler
writeups - CTF writeups from The Flat Network Society
SUID3NUM - A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! ( ͡~ ͜ʖ ͡°)
hackthebox - Notes Taken for HTB Machines & InfoSec Community.
PowerHub - A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
reverse-shell-generator - Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
traitor - :arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
writeups - Writeups for vulnerable machines.