OSCP-BoF
SUID3NUM
Our great sponsors
OSCP-BoF | SUID3NUM | |
---|---|---|
2 | 2 | |
64 | 577 | |
- | - | |
0.0 | 0.0 | |
almost 3 years ago | over 2 years ago | |
Python | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OSCP-BoF
-
For whatever reason, I am having a lot of trouble grasping buffer overflows. What is your favorite resource/video that spelled it out for you when you learned?
And then once you get the concepts, https://github.com/3isenHeiM/OSCP-BoF for the practical methodology (I'm the author).
- 1st attempt, 80+ points. My experience and some unpopular opinions inside.
SUID3NUM
What are some alternatives?
dostackbufferoverflowgood
pywerview - A (partial) Python rewriting of PowerSploit's PowerView
zenith - Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
msdat - MSDAT: Microsoft SQL Database Attacking Tool
raptor_infiltrate20 - #INFILTRATE20 raptor's party pack.
LibreQoS - A Quality of Experience and Smart Queue Management system for ISPs. Leverage CAKE to improve network responsiveness, enforce bandwidth plans, and reduce bufferbloat.
TireFire - Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
try-harder - "Try Harder" is a cybersecurity retro game designed to simulate 100 real-world scenarios that will help you prepare for the Offensive Security Certified Professional (OSCP) exam, all while offering an immersive experience and retro aesthetic. Enter Real commands correctly, move to the next host, and get a point. Can you get 100?
GTFONow - Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
odat - ODAT: Oracle Database Attacking Tool