backlion's Projects
OSCP cheet sheet
OSCP All Tools are Here ...!! ***
Scripts and things that I have created when I was doing OSCP.
An archive of everything related to OSCP
oscp study related
List of Stuff I did to get through the OSCP :D
Kali Linux Offensive Security Certified Professional Survival Exam Guide
Utils scripts for various OSCP operations
These are my notes for OSCP preparation. Hope you'll find them useful.
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder.
OSINT Framework
This is a collection of tools I am creating to aid in my education around buffer overflows. They are helpful for research and execution during the OSCP offensive security) training class.
Powershell module to assist in attacking Exchange/Outlook Web Access
The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient @owtfp http://owtf.org
Add my own POC to test Visual Studio trick to run code when building
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Framework for auditing and conducting "padding oracle" attacks
Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
[WIP] Crappy iOS app analyzer
渗透测试常用密码字典合集(持续更新)
USB / CD / DVD autorun password stealer
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
记录渗透测试中的手工和自动化扫描的Payload
Git All the Payloads! A collection of web attack payloads.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.