arsenal
kashz-jewels
Our great sponsors
| arsenal | kashz-jewels | |
|---|---|---|
| 9 | 3 | |
| 2,982 | 13 | |
| 1.9% | - | |
| 7.4 | 5.1 | |
| 17 days ago | 11 days ago | |
| Python | ||
| GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
arsenal
- HackersToolKit.co - One-Stop Shop for Tool Commands for CTFs, bug bounty, and Penetration Testing
- The road to round 2 (so far)
-
Where can I find the best AD notes / cheatsheet for every situation :) ?
That AD Enum mindmap is here. I haven't tried adPEAS yet. But this was recommended many many times. Check. (:
- Orange-Cyberdefense/arsenal: inventory and launcher for hacking programs
- Arsenal
- GitHub - Orange-Cyberdefense/arsenal: Arsenal is just a quick inventory and launcher for hacking programs
-
Reconmap 1.5.0 release notes
900s new commands were imported from the awesome https://github.com/Orange-Cyberdefense/arsenal project into Reconmap. This pushed us to add pagination, better search, sorting and so on to the command pages as it was otherwise impossible to find the right security command amongst the long list.
-
Just failed the new format. General thoughts.
I'm really interested in feedback of those that tried "everything" to laterally move in the domain sets but failed. Have you tried everything from this mindmap for example? Much of that is out of scope on OSCP but will help you learn more about the mindset of moving in a domain.
- Pentesting AD Mindmap
kashz-jewels
- The road to round 2 (so far)
-
Just submitted the Exam Report. 70 points. My Thoughts and Journey.
Credits to the creator of these resources - Tib3rius Privilege Escalation Courses (Windows & Linux) - Tib3rius AutoRecon: https://github.com/Tib3rius/AutoRecon - https://github.com/mchern1kov/pentest-everything - https://kashz.gitbook.io/kashz-jewels/ - https://book.hacktricks.xyz/
-
Passed OSCP - My thoughts!
Definitely went through several forms of factoring to where it is now, but yeah. I'm pretty happy with it. If you think I've missed or wana update something.Submit PR @ https://github.com/iamkashz/oscp-jewels
What are some alternatives?
reconmap - Vulnerability assessment and penetration testing automation and reporting platform for teams.
awesome-oscp - A curated list of awesome OSCP resources
adPEAS - Powershell tool to automate Active Directory enumeration.
awesome-privilege-escalation - A curated list of awesome privilege escalation
RedTeaming_CheatSheet - Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
AutoRecon - AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
pentest-everything - This is my penetration testing cheatsheet
packages
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
reporting-template - Reporting template for OSCP, VHL and more.