msfvenom payloads

  Use non-staged for netcat listener! E.g. windows/shell_reverse_tcp EXE

DLL

Ps1

PHP

ASPX

[…]

Read More →

Reverse Shell – Cheatsheet

Reverse Shells PowerShell Reverse Shell

Python Reverse Shell

PHP Reverse Shell

Perl Reverse Shell

Bash […]

Read More →

Pivoting

rpivot https://github.com/klsecservices/rpivot Start server listener on port 9999, which creates a socks 4 proxy on 127.0.0.1:1080 upon connection from […]

Read More →

Vulnerability Scanning – WebMap

Web Frontend for NMAP. Source: https://github.com/Rev3rseSecurity/WebMap.git WebMap Install (Docker) Install Docker CE:

Run Nmap Web Frontend: […]

Read More →

Network Mapping – Pingsweep

pingsweep.py

Read More →

Common Windows Utilities

cmdkey /list

accesschk – find writable dirs and files

Look for Weak folder and file permissions

[…]

Read More →

Web Enum

Scan site for for general vulnerabilities and applications

Check supported HTTP Methods 

Check HTTP Vulns with NMAP […]

Read More →

CMS Enum

WordPress

Drupal

  WPSeku https://github.com/m4ll0k/WPSeku

  CMSMap (WP, Drupal, Joomla, Moodle) Install: git clone https://github.com/Dionach/CMSmap cd […]

Read More →