dostackbufferoverflowgood
GOAD
Our great sponsors
dostackbufferoverflowgood | GOAD | |
---|---|---|
13 | 20 | |
1,379 | 4,298 | |
- | 8.9% | |
0.0 | 9.0 | |
about 3 years ago | 7 days ago | |
C | PowerShell | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dostackbufferoverflowgood
-
Pre-OSCP Knowledge
This one: https://github.com/justinsteven/dostackbufferoverflowgood
-
BOF Learning Resources?
IDK if the type of BOF has changed since I did it, but https://github.com/justinsteven/dostackbufferoverflowgood was VERY helpful to me.
- Need resources for BO and AD study
-
Asking for help
A topic that many start with is buffer overflows so there are a lot of tutorials it. Maybe start there. A resource on learning that topic that I liked is https://github.com/justinsteven/dostackbufferoverflowgood
-
Important PWK Machines
Master buffer overflows so you can get 25 points out the gate, while you're scanning the other boxes (Yeh...that was a pro tip 😁). Justin Stevens will set you right. https://github.com/justinsteven/dostackbufferoverflowgood/blob/master/dostackbufferoverflowgood_tutorial.md
-
BOF in Proving Grounds?
Completing this https://github.com/justinsteven/dostackbufferoverflowgood a few times (the YouTube video is fun and informative to watch too) and a methodical script template that a friend crafted and taught me to use got me over on the BOF. PG and THM didn't exist when I did my last attempt but I would certainly use them if I was taking the exam today. All the best!
-
BOF - Where do I Practice(outside the lab)?
dotackbufferoverflowgood - If you’re interested to get a more in-depth understanding of BoF in order to better apply it in a wider variety of scenarios, do check out https://github.com/justinsteven/dostackbufferoverflowgood. Replicate the PDF step-by-step, you’ll learn a lot from this. It also goes through interesting payloads other than the typical reverse shell we normally use.
- For whatever reason, I am having a lot of trouble grasping buffer overflows. What is your favorite resource/video that spelled it out for you when you learned?
- Linux Buffer Overflow on OSCP exam?
-
Tib3rius Tryhackme for BOF of OSCP?
DoStackBufferOverFlowGood: https://github.com/justinsteven/dostackbufferoverflowgood
GOAD
- Failed the OSCP 😞
-
Ethical Hacking / Pentest Lab
Here is one project that is built out to build a domain environment: https://github.com/Orange-Cyberdefense/GOAD
-
Interview preparation guide for AD pentesting?
Have a look at https://github.com/Orange-Cyberdefense/GOAD. You can learn a lot of AD pentesting techniques there. Should be enough for entering any AD related role.
- Can anyone describe their red team infrastructure?
-
OSCP AD labs
OSCP AD environment is not a hard one but just to make yourself comfortable, I would recommend you to try this awesome lab with almost every scenario and tool: Game of Active Directory: https://github.com/Orange-Cyberdefense/GOAD
-
Help setting up an AD test lab in proxmox for thesis
I have already considered using an automated script like https://github.com/Orange-Cyberdefense/GOAD but I do not see support for Proxmox.
- Uvod v enumeracijo AD okolja
- Git for TF scripts to build lab env?
-
AD test environment
https://github.com/Orange-Cyberdefense/GOAD is a great for learning AD
-
Active Directory Security Tools
GameOfAD - vulnerable AD environment - https://github.com/Orange-Cyberdefense/GOAD
What are some alternatives?
OSCP-BoF - This is a walkthrough about understanding the #BoF machine present in the #OSCP exam.
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Buffer-Overflow-Exploit-Development-Practice - Good For OSCP Training
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux
BadBlood - BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
PWK-OSCP-Preparation-Roadmap - Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
Splunk-In-The-Cloud-Setup - How-to on setting up splunk in Azure
Privilege_Escalation
red_team_attack_lab - Red Team Attack Lab for TTP testing & research
OSCE - Some exploits, which I’ve created during my OSCE preparation.
Responder - Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.