arsenal
reconmap
Our great sponsors
arsenal | reconmap | |
---|---|---|
9 | 4 | |
2,982 | 405 | |
1.9% | 0.2% | |
7.4 | 5.4 | |
17 days ago | 3 months ago | |
Python | JavaScript | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
arsenal
- HackersToolKit.co - One-Stop Shop for Tool Commands for CTFs, bug bounty, and Penetration Testing
- The road to round 2 (so far)
-
Where can I find the best AD notes / cheatsheet for every situation :) ?
That AD Enum mindmap is here. I haven't tried adPEAS yet. But this was recommended many many times. Check. (:
- Orange-Cyberdefense/arsenal: inventory and launcher for hacking programs
- Arsenal
- GitHub - Orange-Cyberdefense/arsenal: Arsenal is just a quick inventory and launcher for hacking programs
-
Reconmap 1.5.0 release notes
900s new commands were imported from the awesome https://github.com/Orange-Cyberdefense/arsenal project into Reconmap. This pushed us to add pagination, better search, sorting and so on to the command pages as it was otherwise impossible to find the right security command amongst the long list.
-
Just failed the new format. General thoughts.
I'm really interested in feedback of those that tried "everything" to laterally move in the domain sets but failed. Have you tried everything from this mindmap for example? Much of that is out of scope on OSCP but will help you learn more about the mindset of moving in a domain.
- Pentesting AD Mindmap
reconmap
-
Reconmap 2.0.0 release notes
Please stay in touch by joining gitter, leaving ideas in the discussion board or opening tickets for bug reports.
-
Reconmap 1.5.0 release notes
The 963 commands from Orange Cyberdefense are not loaded into Reconmap instances by default, but you can import them taking the file that we published openly (like everything we do) here.
-
Happy new year and release notes
If you like what we do for security pros and teams including yours, consider supporting us with an star on Github, sponsoring us (also on Github) or paying for a subscription to our SaaS.
-
Reconmap release notes (0.9.5)
If you like to support this project, don't forget to star us on Github. Thanks!
What are some alternatives?
adPEAS - Powershell tool to automate Active Directory enumeration.
pwndoc - Pentest Report Generator
RedTeaming_CheatSheet - Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
Damn-Vulnerable-GraphQL-Application - Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
StegCloak - Hide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
packages
DumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
kashz-jewels - Gitbook: kashz-Jewels
Cameradar - Cameradar hacks its way into RTSP videosurveillance cameras
k8s-deployment - Reconmap Kubernetes deployment files
github-actions-goat - GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment