br3ach3r-fff's repositories
awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
windows-privesc-check
Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
linux-kernel-exploits
linux-kernel-exploits Linux平台提权漏洞集合
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
Active-Directory-Wordlists
Active Directory Wordlists
post-exploitation
Post Exploitation Collection
awesome-oscp
A curated list of awesome OSCP resources
Empire
Empire is a PowerShell and Python post-exploitation agent.
freepbx-shell-admin-module
FreePBX PHP Web Shell Admin Module
Bruteforce-Centreon-IT-and-Networking-monitoring-tool
Bruteforce Centreon IT and Networking monitoring tool
NotesForGPEN
Notes For GPEN Certification
oscp-1
oscp study
ShellPop
Pop shells like a master.
OSCP-Prep-1
A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
nc.exe
Netcat for windows 32/64 bit
office-exploits
office-exploits Office漏洞集合 https://www.sec-wiki.com
juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
cctc-public
Cyber Common Technical Core Public Mirror
Sherlock
PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
rtfm
A database of common, interesting or useful commands, in one handy referable form
check_ioc
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response). For more information on the script and the logic behind it, check out https://www.linuxincluded.com/uncovering-indicators-of-compromise.
CVE-2017-7494
Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
bashbunny-payloads
Payloads for the Hak5 Bash Bunny
WebShell-2
Webshell
webappdefaultsdb
A DB of known Web Application Admin URLS, Username/Password Combos and Exploits