├── .gitignore ├── README.md ├── bypass └── amsi-bypass.ps1 ├── dev ├── bruteforce │ ├── .gitignore │ ├── java │ │ ├── pom.xml │ │ └── src │ │ │ ├── BruteForce.java │ │ │ └── Permutation.java │ └── javascript │ │ └── brute_force_with_permutation.js ├── shell │ ├── lin_reverse_shell.c │ ├── lin_reverse_tcp_shell.c │ ├── lin_shell_bind_tcp.c │ └── uid_gid_root_shell.c └── urls │ └── uniqurls.py ├── exploits ├── egg_hunter.c ├── js_keylogger │ ├── formscapture.js │ ├── key.php │ └── keylogger.js └── rce_phpmailer_exim.py ├── fingerprint ├── .gitignore ├── haveibeenpwned.sh ├── mail │ └── smtpvrfy.py ├── web │ ├── cors │ │ ├── config.json │ │ └── cors.py │ ├── git.sh │ ├── knocktone │ │ ├── .gitignore │ │ ├── config.json │ │ ├── knocktone.py │ │ └── utils │ │ │ ├── __init__.py │ │ │ ├── common.py │ │ │ └── config.py │ ├── pillage.sh │ └── versionchecker.sh └── windows │ ├── ncat64.exe │ └── nmap64.exe ├── forensic └── lnk-parse-1.0.pl ├── network ├── mitm │ ├── README.md │ ├── https_strip.filter │ └── phishing.sh └── pivot │ └── windows │ ├── plink32.exe │ └── plink64.exe ├── payloads └── swagger_xss_1.json ├── privesc ├── msf │ ├── met_rev_443.rc │ ├── met_rev_8080.rc │ ├── pivot.rc │ ├── postexp.rc │ ├── postexpdomain.rc │ └── privesc.rc └── windows │ ├── Microsoft.ActiveDirectory.Management.dll │ ├── Set-LHSTokenPrivilege.ps1 │ ├── accesschk-XP.exe │ ├── accesschk.exe │ ├── accesschk64.exe │ ├── nc.exe │ ├── nc64.exe │ ├── privesc.bat │ ├── procdump.exe │ ├── procdump64.exe │ ├── win_user_add.c │ └── wmic_info.bat └── wordlists ├── eventjs.txt └── payloads_xss.txt /.gitignore: -------------------------------------------------------------------------------- 1 | *.pyc 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/README.md -------------------------------------------------------------------------------- /bypass/amsi-bypass.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/bypass/amsi-bypass.ps1 -------------------------------------------------------------------------------- /dev/bruteforce/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/bruteforce/.gitignore -------------------------------------------------------------------------------- /dev/bruteforce/java/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/bruteforce/java/pom.xml -------------------------------------------------------------------------------- /dev/bruteforce/java/src/BruteForce.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/bruteforce/java/src/BruteForce.java -------------------------------------------------------------------------------- /dev/bruteforce/java/src/Permutation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/bruteforce/java/src/Permutation.java -------------------------------------------------------------------------------- /dev/bruteforce/javascript/brute_force_with_permutation.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/bruteforce/javascript/brute_force_with_permutation.js -------------------------------------------------------------------------------- /dev/shell/lin_reverse_shell.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/shell/lin_reverse_shell.c -------------------------------------------------------------------------------- /dev/shell/lin_reverse_tcp_shell.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/shell/lin_reverse_tcp_shell.c -------------------------------------------------------------------------------- /dev/shell/lin_shell_bind_tcp.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/shell/lin_shell_bind_tcp.c -------------------------------------------------------------------------------- /dev/shell/uid_gid_root_shell.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/shell/uid_gid_root_shell.c -------------------------------------------------------------------------------- /dev/urls/uniqurls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/dev/urls/uniqurls.py -------------------------------------------------------------------------------- /exploits/egg_hunter.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/exploits/egg_hunter.c -------------------------------------------------------------------------------- /exploits/js_keylogger/formscapture.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/exploits/js_keylogger/formscapture.js -------------------------------------------------------------------------------- /exploits/js_keylogger/key.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/exploits/js_keylogger/key.php -------------------------------------------------------------------------------- /exploits/js_keylogger/keylogger.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/exploits/js_keylogger/keylogger.js -------------------------------------------------------------------------------- /exploits/rce_phpmailer_exim.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/exploits/rce_phpmailer_exim.py -------------------------------------------------------------------------------- /fingerprint/.gitignore: -------------------------------------------------------------------------------- 1 | recon*.log 2 | *.txt 3 | *.out 4 | -------------------------------------------------------------------------------- /fingerprint/haveibeenpwned.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/haveibeenpwned.sh -------------------------------------------------------------------------------- /fingerprint/mail/smtpvrfy.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/mail/smtpvrfy.py -------------------------------------------------------------------------------- /fingerprint/web/cors/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/cors/config.json -------------------------------------------------------------------------------- /fingerprint/web/cors/cors.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/cors/cors.py -------------------------------------------------------------------------------- /fingerprint/web/git.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/git.sh -------------------------------------------------------------------------------- /fingerprint/web/knocktone/.gitignore: -------------------------------------------------------------------------------- 1 | hosts.json 2 | -------------------------------------------------------------------------------- /fingerprint/web/knocktone/config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/knocktone/config.json -------------------------------------------------------------------------------- /fingerprint/web/knocktone/knocktone.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/knocktone/knocktone.py -------------------------------------------------------------------------------- /fingerprint/web/knocktone/utils/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /fingerprint/web/knocktone/utils/common.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/knocktone/utils/common.py -------------------------------------------------------------------------------- /fingerprint/web/knocktone/utils/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/knocktone/utils/config.py -------------------------------------------------------------------------------- /fingerprint/web/pillage.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/pillage.sh -------------------------------------------------------------------------------- /fingerprint/web/versionchecker.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/web/versionchecker.sh -------------------------------------------------------------------------------- /fingerprint/windows/ncat64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/windows/ncat64.exe -------------------------------------------------------------------------------- /fingerprint/windows/nmap64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/fingerprint/windows/nmap64.exe -------------------------------------------------------------------------------- /forensic/lnk-parse-1.0.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/forensic/lnk-parse-1.0.pl -------------------------------------------------------------------------------- /network/mitm/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/network/mitm/README.md -------------------------------------------------------------------------------- /network/mitm/https_strip.filter: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/network/mitm/https_strip.filter -------------------------------------------------------------------------------- /network/mitm/phishing.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/network/mitm/phishing.sh -------------------------------------------------------------------------------- /network/pivot/windows/plink32.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/network/pivot/windows/plink32.exe -------------------------------------------------------------------------------- /network/pivot/windows/plink64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/network/pivot/windows/plink64.exe -------------------------------------------------------------------------------- /payloads/swagger_xss_1.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/payloads/swagger_xss_1.json -------------------------------------------------------------------------------- /privesc/msf/met_rev_443.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/met_rev_443.rc -------------------------------------------------------------------------------- /privesc/msf/met_rev_8080.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/met_rev_8080.rc -------------------------------------------------------------------------------- /privesc/msf/pivot.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/pivot.rc -------------------------------------------------------------------------------- /privesc/msf/postexp.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/postexp.rc -------------------------------------------------------------------------------- /privesc/msf/postexpdomain.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/postexpdomain.rc -------------------------------------------------------------------------------- /privesc/msf/privesc.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/msf/privesc.rc -------------------------------------------------------------------------------- /privesc/windows/Microsoft.ActiveDirectory.Management.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/Microsoft.ActiveDirectory.Management.dll -------------------------------------------------------------------------------- /privesc/windows/Set-LHSTokenPrivilege.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/Set-LHSTokenPrivilege.ps1 -------------------------------------------------------------------------------- /privesc/windows/accesschk-XP.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/accesschk-XP.exe -------------------------------------------------------------------------------- /privesc/windows/accesschk.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/accesschk.exe -------------------------------------------------------------------------------- /privesc/windows/accesschk64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/accesschk64.exe -------------------------------------------------------------------------------- /privesc/windows/nc.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/nc.exe -------------------------------------------------------------------------------- /privesc/windows/nc64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/nc64.exe -------------------------------------------------------------------------------- /privesc/windows/privesc.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/privesc.bat -------------------------------------------------------------------------------- /privesc/windows/procdump.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/procdump.exe -------------------------------------------------------------------------------- /privesc/windows/procdump64.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/procdump64.exe -------------------------------------------------------------------------------- /privesc/windows/win_user_add.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/win_user_add.c -------------------------------------------------------------------------------- /privesc/windows/wmic_info.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/privesc/windows/wmic_info.bat -------------------------------------------------------------------------------- /wordlists/eventjs.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/wordlists/eventjs.txt -------------------------------------------------------------------------------- /wordlists/payloads_xss.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/phackt/pentest/HEAD/wordlists/payloads_xss.txt --------------------------------------------------------------------------------