SUID3NUM
OSCP-BoF
SUID3NUM | OSCP-BoF | |
---|---|---|
2 | 2 | |
577 | 64 | |
- | - | |
0.0 | 0.0 | |
over 2 years ago | almost 3 years ago | |
Python | Python | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SUID3NUM
OSCP-BoF
-
For whatever reason, I am having a lot of trouble grasping buffer overflows. What is your favorite resource/video that spelled it out for you when you learned?
And then once you get the concepts, https://github.com/3isenHeiM/OSCP-BoF for the practical methodology (I'm the author).
- 1st attempt, 80+ points. My experience and some unpopular opinions inside.
What are some alternatives?
pywerview - A (partial) Python rewriting of PowerSploit's PowerView
dostackbufferoverflowgood
msdat - MSDAT: Microsoft SQL Database Attacking Tool
zenith - Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
LibreQoS - A Quality of Experience and Smart Queue Management system for ISPs. Leverage CAKE to improve network responsiveness, enforce bandwidth plans, and reduce bufferbloat.
raptor_infiltrate20 - #INFILTRATE20 raptor's party pack.
Vulnnr - Vulnnr - Vulnerability Scanner And Mass Exploiter, created for pentesting.
TireFire - Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
GTFONow - Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
try-harder - "Try Harder" is a cybersecurity retro game designed to simulate 100 real-world scenarios that will help you prepare for the Offensive Security Certified Professional (OSCP) exam, all while offering an immersive experience and retro aesthetic. Enter Real commands correctly, move to the next host, and get a point. Can you get 100?
odat - ODAT: Oracle Database Attacking Tool
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.