This developed shellcode checks whether the sudo running on the operating system has the current public vulnerability.

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.

Basics required for anyone to enter into the world of InfoSec

A cheetsheet for things that you might need often

Description and example of using pwntools

Notes Taken for HTB Machines & InfoSec Community.

This cheatsheet is aimed at the OSCP aspirants to help them understand the various methods of Escalating Privilege on Linux based Machines and CTFs with examples.

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".

This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

The entire walkthrough of all my resolved TryHackMe rooms

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Make any web page a desktop application

Generate common Reverse Shells for Pentesting

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

Automatic SSRF fuzzer and exploitation tool

Practise using tools such as dirbuster, hydra, nmap, nikto and metasploit

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

A collection of various capture the flag event write-ups and anomalies

Hackthebox, Vulnhub, TryHackMe and Real World PenTest

This script is intended to automate your reconnaissance process in an organized fashion

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

Linux enumeration tool for pentesting and CTFs with verbosity levels

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

My own OSCP guide

Twitter Trends history explorer app. Trending topics can be explored by date and location. Backend served with Lambda Function (NodeJS) from AWS. Frontend made with VueJS. Twitter API queried with …

A list of public penetration test reports published by several consulting firms and academic security groups.