HackTricks-wiki / hacktricksLinks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
β10,249Updated this week
Alternatives and similar repositories for hacktricks
Users that are interested in hacktricks are comparing it to the libraries listed below
Sorting:
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)β18,136Updated 3 weeks ago
- π― Cross Site Scripting ( XSS ) Vulnerability Payload Listβ7,409Updated last year
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.β5,654Updated 2 months ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.β9,745Updated 3 weeks ago
- This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.β3,466Updated 2 years ago
- Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)β3,522Updated 2 months ago
- RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher dataβ6,326Updated last week
- Red Teaming Tactics and Techniquesβ4,349Updated last year
- The all-in-one browser extension for offensive security professionals πβ6,231Updated 7 months ago
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systemsβ11,995Updated 9 months ago
- Monitor linux processes without root permissionsβ5,606Updated 2 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checksβ7,549Updated last year
- Impacket is a collection of Python classes for working with network protocols.β14,739Updated this week
- Fast web fuzzer written in Goβ14,476Updated 3 months ago
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.β6,225Updated 5 months ago
- Web application fuzzerβ6,256Updated last year
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.β8,652Updated last year
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β6,661Updated 2 months ago
- One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password π‘οΈβ6,192Updated 2 weeks ago
- A list of useful payloads and bypass for Web Application Security and Pentest/CTFβ69,295Updated last week
- Directory/File, DNS and VHost busting tool written in Goβ12,340Updated last week
- List of Awesome Red Teaming Resourcesβ7,436Updated last year
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,035Updated 3 months ago
- Some setup scripts for security research tools.β9,017Updated this week
- Adversary Emulation Frameworkβ9,824Updated last month
- Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam reportβ3,848Updated 3 weeks ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,099Updated 5 months ago
- In-depth attack surface mapping and asset discoveryβ13,437Updated 2 weeks ago
- π― Command Injection Payload Listβ3,465Updated last year
- A fast, simple, recursive content discovery tool written in Rust.β6,878Updated last week