mirror of
https://github.com/enaqx/awesome-pentest.git
synced 2025-01-09 22:19:29 -05:00
New section for privesc tools, remove trailing whitespace.
This commit is contained in:
parent
bd4e52fab6
commit
d5bc3fcc83
14
README.md
14
README.md
@ -1,6 +1,6 @@
|
|||||||
# Awesome Penetration Testing [![Awesome](https://awesome.re/badge-flat2.svg)](https://awesome.re)
|
# Awesome Penetration Testing [![Awesome](https://awesome.re/badge-flat2.svg)](https://awesome.re)
|
||||||
|
|
||||||
> A collection of awesome penetration testing resources.
|
> A collection of awesome penetration testing and offensive cybersecurity resources.
|
||||||
|
|
||||||
[Penetration testing](https://en.wikipedia.org/wiki/Penetration_test) is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities.
|
[Penetration testing](https://en.wikipedia.org/wiki/Penetration_test) is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities.
|
||||||
|
|
||||||
@ -70,6 +70,7 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
|
|||||||
* [Operating System Distributions](#operating-system-distributions)
|
* [Operating System Distributions](#operating-system-distributions)
|
||||||
* [Periodicals](#periodicals)
|
* [Periodicals](#periodicals)
|
||||||
* [Physical Access Tools](#physical-access-tools)
|
* [Physical Access Tools](#physical-access-tools)
|
||||||
|
* [Privilege Escalation Tools](#privilege-escalation-tools)
|
||||||
* [Reverse Engineering Tools](#reverse-engineering-tools)
|
* [Reverse Engineering Tools](#reverse-engineering-tools)
|
||||||
* [Security Education Courses](#security-education-courses)
|
* [Security Education Courses](#security-education-courses)
|
||||||
* [Side-channel Tools](#side-channel-tools)
|
* [Side-channel Tools](#side-channel-tools)
|
||||||
@ -165,6 +166,13 @@ See also [DEF CON Suggested Reading](https://www.defcon.org/html/links/book-list
|
|||||||
* [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE)
|
* [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE)
|
||||||
* [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
|
* [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
|
||||||
|
|
||||||
|
### Privilege Escalation Tools
|
||||||
|
|
||||||
|
* [Active Directory and Privilege Escalation (ADAPE)](https://github.com/hausec/ADAPE-Script) - Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
|
||||||
|
* [LinEnum](https://github.com/rebootuser/LinEnum) - Scripted local Linux enumeration and privilege escalation checker useful for auditing a host and during CTF gaming.
|
||||||
|
* [Postenum](https://github.com/mbahadou/postenum) - Shell script used for enumerating possible privilege escalation opportunities on a local GNU/Linux system.
|
||||||
|
* [unix-privesc-check](https://github.com/pentestmonkey/unix-privesc-check) - Shell script to check for simple privilege escalation vectors on UNIX systems.
|
||||||
|
|
||||||
### Reverse Engineering Books
|
### Reverse Engineering Books
|
||||||
|
|
||||||
* [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386)
|
* [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386)
|
||||||
@ -292,12 +300,9 @@ See also [DEF CON Suggested Reading](https://www.defcon.org/html/links/book-list
|
|||||||
## GNU/Linux Utilities
|
## GNU/Linux Utilities
|
||||||
|
|
||||||
* [Hwacha](https://github.com/n00py/Hwacha) - Post-exploitation tool to quickly execute payloads via SSH on one or more Linux systems simultaneously.
|
* [Hwacha](https://github.com/n00py/Hwacha) - Post-exploitation tool to quickly execute payloads via SSH on one or more Linux systems simultaneously.
|
||||||
* [LinEnum](https://github.com/rebootuser/LinEnum) - Scripted local Linux enumeration and privilege escalation checker useful for auditing a host and during CTF gaming.
|
|
||||||
* [Linux Exploit Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Heuristic reporting on potentially viable exploits for a given GNU/Linux system.
|
* [Linux Exploit Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Heuristic reporting on potentially viable exploits for a given GNU/Linux system.
|
||||||
* [Lynis](https://cisofy.com/lynis/) - Auditing tool for UNIX-based systems.
|
* [Lynis](https://cisofy.com/lynis/) - Auditing tool for UNIX-based systems.
|
||||||
* [Postenum](https://github.com/mbahadou/postenum) - Shell script used for enumerating possible privilege escalation opportunities on a local GNU/Linux system.
|
|
||||||
* [checksec.sh](https://www.trapkit.de/tools/checksec.html) - Shell script designed to test what standard Linux OS and PaX security features are being used.
|
* [checksec.sh](https://www.trapkit.de/tools/checksec.html) - Shell script designed to test what standard Linux OS and PaX security features are being used.
|
||||||
* [unix-privesc-check](https://github.com/pentestmonkey/unix-privesc-check) - Shell script to check for simple privilege escalation vectors on UNIX systems.
|
|
||||||
|
|
||||||
## Hash Cracking Tools
|
## Hash Cracking Tools
|
||||||
|
|
||||||
@ -812,7 +817,6 @@ See also [awesome-reversing](https://github.com/tylerha97/awesome-reversing).
|
|||||||
|
|
||||||
## Windows Utilities
|
## Windows Utilities
|
||||||
|
|
||||||
* [Active Directory and Privilege Escalation (ADAPE)](https://github.com/hausec/ADAPE-Script) - Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
|
|
||||||
* [Bloodhound](https://github.com/adaptivethreat/Bloodhound/wiki) - Graphical Active Directory trust relationship explorer.
|
* [Bloodhound](https://github.com/adaptivethreat/Bloodhound/wiki) - Graphical Active Directory trust relationship explorer.
|
||||||
* [Commando VM](https://github.com/fireeye/commando-vm) - Automated installation of over 140 Windows software packages for penetration testing and red teaming.
|
* [Commando VM](https://github.com/fireeye/commando-vm) - Automated installation of over 140 Windows software packages for penetration testing and red teaming.
|
||||||
* [Covenant](https://github.com/cobbr/Covenant) - ASP.NET Core application that serves as a collaborative command and control platform for red teamers.
|
* [Covenant](https://github.com/cobbr/Covenant) - ASP.NET Core application that serves as a collaborative command and control platform for red teamers.
|
||||||
|
Loading…
Reference in New Issue
Block a user