lv6lv Goto Github PK

awesome-compose

Awesome Docker Compose samples

awesome-persistence

Persistence techniques for windows.

brokepkg

The LKM rootkit working in Linux Kernels 2.6.x/3.x/4.x/5.x

chattr-for-koth

This is a manipulated chattr binary for King of the Hill matches. It is basically chattr but with a twist.

ctf-workshop

Challenges for Binary Exploitation Workshop

cve-2021-3156

cve-2021-4034

PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)

dmzexploitation

# DMZ Exploitation This week, you will apply the techniques you learned in class to pivot across subnets and attack a DMZ. ## Background on DMZs Most commonly, machines on a LAN send requests to the public Internet through a router, which forwards requests to the web after performing NAT, and forwards responses back to the requesting host on the LAN. This router typically has a firewall that only allows connections to/from certain ports, such as 80 and 443 (HTTP and HTTPS) . Network engineers can add an additional layer of protection to the network by installing a **DMZ (demilitarized zone)**, which acts as an additional layer of protection in front of an existing network. Only a _single_ machine separates the LAN pictured above from the public Internet: the `pfSense` router. In a DMZ, a whole _network sits in between. Recall that when machines on a LAN communicate on the Internet, they _all_ forward packets straight through the **default gateway**. When data comes back from the Internet, the gateway filters and forward it to the proper host on the LAN. Data passes through two gateways on its way through a DMZ. First, it passes through a router from the Internet into a network called the DMZ. This router typically runs a firewall that filters out all traffic that the organization doesn't expect—e.g., it may only allow connections to HTTP/HTTPS, email, and SSH ports into the DMZ.  **Note**: This is Creative Commons: https://commons.wikimedia.org/wiki/File:DMZ_network_diagram_2_firewall.svg From there, machines on the DMZ can forward requests to machines on the internal network. Sensitive data is typically stored only in the internal network, _not_ on machines in the DMZ. Clients on the public Internet interact with that data by sending requests to the machines Interaction with that data is done _through_ machines in the DMZ, which act as proxies. This means that attackers who compromise a machine in the DMZ do _not_ immediately own the machines in the internal network, and because it gives network administrators fine control over _exactly_ how services from the internal network are exposed to the outside world. One well-motivated use case for a DMZ is that of public web servers in a DMZ communicating with databases in an internal network.

dns-shell

DNS-Shell is an interactive Shell over DNS channel

docker-compose_scripts_and_example_lab

Learning docker and my first docker compose network with examples

dotfiles

Your senpai's dotfiles

ghhv6

Gray Hat Hacking v6

hide-a-process-n-more

A simple script to hide a process

i-hate-whales

a deepce-based script that will return useful information about the container for you to escape.

ignition_key

This is a small BASH script to quickly setup all the tools I would want and need on a new machine.

koth-protect-king

A script to protect your king in KoTH

linux-portable-bin

Portable (static / old glibc linked) Linux binaries for red-team / blue-team

linux_kernel_hacking

Linux Kernel Hacking

msdt_pwn

nimbuspwn-tools

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

offensivecloud

Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)

og-aws

📙 Amazon Web Services — a practical guide

online_ambulance_booking_service

Source code for creating online ambulance booking system called Aarogya Ambulance Booking Service using Php,Css,Html,Xampp Server & MySql database,PhpMyAdmin etc.

pentest-cheatsheets

prescup-challenges

President's Cup Cybersecurity Competition Challenges

pwncat

Fancy reverse and bind shell handler

pwnkit

Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation

python-pty-shells

Python PTY backdoors - full PTY or nothing!

red-teaming-toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.