HackTricks-wiki / hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
β9,043Updated last week
Related projects β
Alternatives and complementary repositories for hacktricks
- π― Cross Site Scripting ( XSS ) Vulnerability Payload Listβ6,379Updated 4 months ago
- π― Command Injection Payload Listβ3,008Updated 4 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)β16,139Updated 2 weeks ago
- Monitor linux processes without root permissionsβ4,961Updated last year
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systemsβ10,908Updated 3 weeks ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)β7,105Updated last week
- Red Teaming Tactics and Techniquesβ4,065Updated 2 months ago
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.β5,167Updated 5 months ago
- π― SQL Injection Payload Listβ5,002Updated 4 months ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.β9,106Updated 2 months ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β5,106Updated 3 months ago
- A swiss army knife for pentesting networksβ8,457Updated 11 months ago
- This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.β3,300Updated last year
- List of Awesome Red Teaming Resourcesβ6,908Updated 10 months ago
- A Workflow Engine for Offensive Securityβ5,344Updated 5 months ago
- Fast web fuzzer written in Goβ12,711Updated 4 months ago
- Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)β3,055Updated 2 weeks ago
- Scripted Local Linux Enumeration & Privilege Escalation Checksβ7,040Updated last year
- A collection of custom security tools for quick needs.β3,152Updated last year
- Gather and update all available and newest CVEs with their PoC.β6,587Updated this week
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.β5,678Updated last month
- A list of interesting payloads, tips and tricks for bug bounty hunters.β5,945Updated last year
- The ultimate WinRM shell for hacking/pentestingβ4,542Updated 3 weeks ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,057Updated last month
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies andβ¦β3,684Updated 3 years ago
- Web application fuzzerβ5,968Updated 3 months ago
- A script that you can run in the background!β2,732Updated 3 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β5,745Updated this week
- A fast, simple, recursive content discovery tool written in Rust.β5,965Updated 2 months ago
- π‘ PoC auto collect from GitHub. β οΈ Be careful Malware.β6,531Updated this week