Tools for everything

Hacktricks

HackTricks - HackTricks

Cloud Hacktricks

AWS Pentesting - HackTricks Cloud

Payloads

1. Payload all the things (Web and API pentest) : https://swisskyrepo.github.io/PayloadsAllTheThings/
2. Internet all the things (Cheetsheets for internal and AD pentest): https://swisskyrepo.github.io/InternalAllTheThings/

Enumeration

1. subdomain finder - https://crt.sh/ Can be invoked using curl:

   curl -s https://crt.sh/\?q\=inlanefreight.com\&output\=json | jq .

   To sort out unique subdomains:

   curl -s https://crt.sh/\?q\=inlanefreight.com\&output\=json | jq . | grep name | cut -d":" -f2 | grep -v "CN=" | cut -d'"' -f2 | awk '{gsub(/\\n/,"\n");}1;' | sort -u

Privilege Escalation

1. Linux:

   1. LinEnum: https://github.com/rebootuser/LinEnum
   2. linpeas.sh: curl -L https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh | sh

   3. linuxprivchecker (python script for linux enumeration): https://github.com/sleventyeleven/linuxprivchecker
   4. Linux priv esc checklist: https://book.hacktricks.wiki/en/linux-hardening/linux-privilege-escalation-checklist.html
   5. https://gtfobins.github.io/
2. Windows:

   1. winpeas: https://github.com/peass-ng/PEASS-ng/tree/master/winPEAS
   2. Windows priv esc checklist: https://book.hacktricks.wiki/en/windows-hardening/checklist-windows-privilege-escalation.html
   3. Seatbelt (C# code): https://github.com/GhostPack/Seatbelt
   4. JAWS (powershell): https://github.com/411Hall/JAWS
   5. https://lolbas-project.github.io/#

Playgrounds

1. OWASP Juice Shop - Modern web app based on node.js, angular etc with OWASP Top 10: https://owasp.org/www-project-juice-shop/
2. DVWA - Damn Vulnerable Web Application - Older web app for legacy attacks: https://github.com/digininja/DVWA
3. Metasploitable3 - Upgraded metasploitable2 version: https://github.com/rapid7/metasploitable3
4. Portswigger web academy - https://portswigger.net/web-security
5. Under and Over the wire - For Linux command line and windows powershell mastery https://underthewire.tech/wargames https://overthewire.org/wargames/

Terminal improvements (coz, eh, default— eh!)

1. tmux - https://github.com/tmux/tmux

   1. Small tmux cheatsheet -

   2. CTRL + B (Hereby referred to as the prefix)

   3. prefix + shift + % (Open a new terminal vertically side by side)

   4. prefix + shift + " (Open a new terminal horizontally downwards)

   5. prefix + arrow buttons <up/down/left/right> (interact with a specific terminal window)

   6. prefix + c (new terminal tab)

   7. prefix + <number> (go to a particular terminal tab)

   8. prefix + shift + <number> (Create a new terminal <tab number> and send a terminal window to a particular terminal tab)

Videos/Channels I refer to

1. Old retired HTb boxes - Ippsec

IppSecYouTube

1. John Hammond

John HammondYouTube

1. Rana Khalil - Portswigger videos explanation

Rana KhalilYouTube