hackthebox hacktoberfest seclists oscp pentesting-tools

Offensive Security

About

My collection of useful resources, tools and solutions used for Pentesting or security assessments.

htb: contains files and writeups for various hackthebox challenges and machines. Usually the solution is not included ;)
lists: contains various Fuzzing lists used for pentesting
misc: miscallenous files that dont fit anywhere else, f.e. Report template
pdf: Various PDF files, Cheatsheets, writeups and other pdfs worht to look at
scripts: contains helpful scripts mostly used for pentesting but also some other stuff, also contains CVE PoC's and duckyscripts

Originally in this repository I documented my jorney to becoming an Offensive Security Web Expert (OSWE). Currently im using this repository as a one stop shop for all my IT & Security needs.

Tools

(CyberChef) a web app for encryption, encoding, compression and data analysis
(JSNICE) a JavaScript Deobfuscation tool
(boxentriq/code-breaking) various codebreaking and cipher tools
(SSLLabs) Test SSL of any webserver
(deps.dev) Understand your dependencies
(dehashed.com) Leaked Passwords in plaintext

Cheatsheets and misc

cURL cheatsheet

Command	Description
`curl http://lwlx.xyz`	GET request with `cURL`
`curl http://lwlx.xyz -v`	Verbose GET request with `cURL`
`curl http://admin:password@lwlx.xyz/ -vvv`	`cURL` Basic Auth login
`curl -u admin:password http://lwlx.xyz/ -vvv`	Alternate `cURL` Basic Auth login
`curl -u admin:password -L http://lwlx.xyz/`	`cURL` Basic Auth login, follow redirection
`curl -u admin:password 'http://lwlx.xyz/search.php?port_code=us'`	`cURL` GET request with parameter
`curl -d 'username=user&password=pass' -L http://lwlx.xyz/login.php`	POST request with `cURL`
`curl -d 'username=user&password=pass' -L http://lwlx.xyz/login.php -v`	Debugging with `cURL`
`curl -d 'username=user&password=pass' -L --cookie-jar /dev/null http://lwlx.xyz/login.php -v`	Cookie usage with `cURL`
`curl -d 'username=user&password=pass' -L --cookie-jar cookies.txt http://lwlx.xyz/login.php`	`cURL` with cookie file
`curl -H 'Content-Type: application/json' -d '{ "username" : "user", "password" : "pass" }'`	`cURL` specify content type
`curl -X OPTIONS http://lwlx.xyz/ -vv`	`cURL` OPTIONS request
`curl -X PUT -d @test.txt http://lwlx.xyz/test.txt -vv`	File upload with `cURL`
`curl -X DELETE http://lwlx.xyz/test.txt -vv`	DELETE method with `cURL`

shell script brackets cheatsheet

About

Scripts, files, cheatsheets and more used for pentestign and my OSWE exam.

https://dev.lwlx.xyz/

hackthebox hacktoberfest seclists oscp pentesting-tools

Apache License 2.0

Languages

Language:CSS 22.2%Language:ASP.NET 15.5%Language:Handlebars 12.7%Language:C 12.6%Language:HTML 9.8%Language:JavaScript 9.6%Language:Python 7.5%Language:Shell 3.7%Language:PHP 2.4%Language:VBScript 1.4%Language:TeX 0.9%Language:Dockerfile 0.5%Language:Assembly 0.5%Language:Batchfile 0.4%Language:Perl 0.3%Language:Makefile 0.1%Language:Ruby 0.1%Language:Roff 0.0%Language:DIGITAL Command Language 0.0%