Commit graph

4441 commits

Author SHA1 Message Date
Sébastien Copin
30cbf6ebc7 Add Pentesting IBM MQ (1414) 2023-10-12 01:08:45 +02:00
Carlos Polop
8187d65dfa
Merge pull request #720 from abdelrahman-essawy/master
fix: typo in physical-attacks
2023-10-12 00:55:02 +02:00
Carlos Polop
6b6da2aa1d
Merge pull request #719 from nuts7/certutil-ntlmcoerce-newtech
Add NTLM auth coerce technique (certutil.exe)
2023-10-12 00:46:14 +02:00
Carlos Polop
a0e0e09d85
Merge pull request #717 from IamLeandrooooo/patch-1
Adding SQL Server Linked Servers Passwords Attack
2023-10-12 00:45:28 +02:00
Carlos Polop
adac2ecf68
Merge pull request #716 from stoeps13/patch-1
Update references.md - Link dead
2023-10-12 00:43:17 +02:00
Carlos Polop
63cb4f1b0d
Merge pull request #715 from samiy803/patch-1
Fix typo. Change detencion -> detection
2023-10-12 00:01:32 +02:00
Carlos Polop
5e9364bcf4
Merge pull request #714 from nuts7/kerberoast-without-preauth
Add Kerberoasting w/o domain account
2023-10-12 00:01:12 +02:00
Carlos Polop
724f7df3f4
Merge pull request #713 from badr-elmazaz/patch-2
Corrected a typo 'Sing' -> 'Sign'
2023-10-11 23:29:14 +02:00
Carlos Polop
0c070eadc0
Merge pull request #711 from Sandr0x00/master
Fixed minor formatting issues in Linux Environment Variables
2023-10-11 23:27:57 +02:00
Carlos Polop
d7f82e9005
Merge pull request #710 from kibatche/master
Update file-upload.md / Replace cStringIO by io
2023-10-11 23:27:32 +02:00
Carlos Polop
86ee61220f
Merge pull request #709 from nuts7/add-big-references
Add some references
2023-10-11 23:00:23 +02:00
Carlos Polop
e5a76ef436
Merge pull request #708 from jiniljeil/patch-1
Fix typo in http-request-smuggling
2023-10-11 23:00:14 +02:00
nuts7
6a6ccd91d1 Add NTLM auth coerce technique (certutil.exe)
This commit add a new NTLM authentication coerce technique with the certutil.exe lolbin (Microsoft-signed binary)
2023-10-11 17:47:02 +00:00
Abdelrahman Essawy
8633e31de0 fix: typo in physical-attacks 2023-10-11 19:39:50 +03:00
CPol
72ea940de7
GITBOOK-4117: change request with no subject merged in GitBook 2023-10-10 17:58:22 +00:00
CPol
c28eda5a9e
GITBOOK-4116: change request with no subject merged in GitBook 2023-10-10 17:45:58 +00:00
Leandro
a3d33f13c3
Adding SQL Server Linked Servers Passwords Attack
Adding a section to the pentesting-mssql-microsoft-sql-server playbook where SQL Server Linked Servers Passwords Attack is detailed with information and scripts to handle the needed configurations. Also a script for the extraction and decryption of the passwords is added.
Furthermore, additional information is provided to better understand the attack.
2023-10-09 20:52:49 +01:00
CPol
4e747159b1
GITBOOK-4115: change request with no subject merged in GitBook 2023-10-09 19:38:55 +00:00
Christoph Stoettner
e188194f71
Update references.md - Link dead
https://www.lifeoverpentest.com/ forwards to a gaming or sport page, the linked document is no longer available.
2023-10-09 13:41:35 +02:00
CPol
06502cc441
GITBOOK-4114: change request with no subject merged in GitBook 2023-10-09 11:31:29 +00:00
Sami Yousef
77ddbb3738
Fix typo. Change detencion -> detection 2023-10-09 03:02:16 -04:00
nuts7
c10d59667f Add Kerberoasting w/o domain account
This commit add a Kerberoasting technique without domain account/credentials just a user without pre-authentication (AS_REP Roastable)
2023-10-06 12:11:57 +00:00
Badr El Mazaz
e7239a7410
Corrected a typo 'Sing' -> 'Sign' 2023-10-06 11:16:52 +02:00
CPol
3c814157ac
GITBOOK-4113: change request with no subject merged in GitBook 2023-10-05 22:21:18 +00:00
CPol
1b438ba055
GITBOOK-4112: change request with no subject merged in GitBook 2023-10-05 19:58:20 +00:00
CPol
aafdb7f10e
GITBOOK-4111: change request with no subject merged in GitBook 2023-10-05 14:47:43 +00:00
CPol
bce38a19cf
GITBOOK-4110: change request with no subject merged in GitBook 2023-10-05 10:00:26 +00:00
CPol
d6f717de16
GITBOOK-4109: change request with no subject merged in GitBook 2023-10-04 22:43:22 +00:00
CPol
7f25eb4d37
GITBOOK-4108: change request with no subject merged in GitBook 2023-10-04 15:51:37 +00:00
CPol
cda07dd813
GITBOOK-4107: change request with no subject merged in GitBook 2023-10-02 17:20:33 +00:00
CPol
af6d74b742
GITBOOK-4106: change request with no subject merged in GitBook 2023-10-01 18:04:16 +00:00
CPol
18588f98f4
GITBOOK-4105: change request with no subject merged in GitBook 2023-09-30 18:15:43 +00:00
CPol
0cd8734cc5
GITBOOK-4104: change request with no subject merged in GitBook 2023-09-29 15:36:01 +00:00
CPol
c1737e155b
GITBOOK-4103: change request with no subject merged in GitBook 2023-09-28 22:52:07 +00:00
CPol
7cba6680cd
GITBOOK-4102: change request with no subject merged in GitBook 2023-09-28 21:12:41 +00:00
CPol
fb5442de0f
GITBOOK-4101: change request with no subject merged in GitBook 2023-09-28 20:06:38 +00:00
CPol
1a337f9d53
GITBOOK-4101: change request with no subject merged in GitBook 2023-09-28 20:05:35 +00:00
CPol
261348bb2c
GITBOOK-4100: change request with no subject merged in GitBook 2023-09-28 15:09:34 +00:00
CPol
0f71366fa2
GITBOOK-4098: change request with no subject merged in GitBook 2023-09-27 09:24:02 +00:00
CPol
6822e550ab
GITBOOK-4097: change request with no subject merged in GitBook 2023-09-26 23:39:35 +00:00
CPol
7d1cde6b91
GITBOOK-4096: change request with no subject merged in GitBook 2023-09-26 11:09:53 +00:00
CPol
526d927d6a
GITBOOK-4095: change request with no subject merged in GitBook 2023-09-25 23:58:37 +00:00
sandr0
de91eedea8 Fixed minor formatting issues 2023-09-25 21:16:51 +02:00
CPol
cccca3aaf4
GITBOOK-4094: change request with no subject merged in GitBook 2023-09-25 17:41:06 +00:00
kibatche
86f9653abf
Update file-upload.md / Replace cStringIO by io
Originally, I wrote the script for the little trick "Decompress with a different name" with the module "cStringIo". I don't remember why exactly, but when tested again at home to write about this stuff, I found that cStringIo is not present anymore on python3. It works with python2.7, but `io` is better because it works with both modules.

And, I wrote " we can reuse the previous script". That's not true haha !

I think this is better to keep consistency with your previous work, and have more compatibility with different python version.

Let me know if it's ok for you. Thanks !
2023-09-25 18:02:57 +02:00
CPol
28f1175b58
GITBOOK-4093: change request with no subject merged in GitBook 2023-09-25 00:55:55 +00:00
CPol
afd72865a1
GITBOOK-4092: change request with no subject merged in GitBook 2023-09-24 09:51:34 +00:00
nuts7
f22d76762b Add some references
Added some big references in cybersecurity: TheHackerRecipes, PayloadsAllTheThings, GTFOBins, Awesome-RedTeam-Cheatsheet,Active-Directory-Exploitation-Cheat-Sheet, hideandsec.sh blog, cheatsheet by haax,infosecwriteups, Exploit-DB, WADComs, LOLBAS, Pentest Book, hackingarticles, pentesterlab blog, ippsec search engine
2023-09-22 01:32:19 +02:00
Jinil Kim
4e887c2998
Fix typo in http-request-smuggling
Fix typo from lentgh to length in pentesting-web/http-request-smuggling
2023-09-21 08:56:51 +09:00
Jinil Kim
2d9e6fd60c
Fix typo in http-request-smuggling
Fix typo from lenght to length
2023-09-21 08:45:08 +09:00