:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Linux enumeration tool for pentesting and CTFs with verbosity levels

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

📜 Yet another collection of wordlists

Writeups for HacktheBox 'boot2root' machines

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

Penelope Shell Handler

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

:key: Hash type identifier (CLI & lib)

Autonomous Privilege Escalation using AI

My own OSCP guide

CTF Cheat Sheet + Writeups / Files for some of the Security CTFs that I've done

HackTheBox Certified Penetration Tester Specialist Cheatsheet

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs

Notes Taken for HTB Machines & InfoSec Community.

Hack The Box CPTS, CWES, CDSA, CWEE, CAPE, CJCA Exam and Lab Reporting / Note-Taking Tool

Execute commands interactively on remote Windows machines using the WinRM protocol (just faster)

A living document for penetration testing and offensive security.

A modular framework for benchmarking LLMs and agentic strategies on security challenges across HackTheBox, TryHackMe, PortSwigger Labs, Cybench, picoCTF and more.

Cliente de terminal hecho en Bash ideal para trabajar cómodamente desde consola sobre la plataforma de HackTheBox.

Writeups for the machines on ethical hacking site Hack the Box

Hawkeye filesystem analysis tool

A list of all Active Directory machines from HackTheBox

No description available