Online - Reverse Shell Generator
Online Reverse Shell generator with Local Storage functionality, URI & Base64 Encoding, MSFVenom Generator, and Raw Mode. Great for CTFs.
Spawning a TTY Shell
Often during pen tests you may obtain a shell without having tty, yet wish to interact further with the system. Here are some commands which will allow you to spawn a tty shell. Obviously some of this will depend on the system environment and installed packages.
Nuclei - Community Powered Vulnerability Scanner - Index
Learn how to use Nuclei engine to write your own custom security checks with very simple and easy to use templating syntax.
Log4J related stuff
Scan and attack
Bluto's a neat tool that does DNS brute forcing, some Googling and other social-y/recon-y stuff. To install: Then type bluto plus the domain name and you're good to go! Dirb is my favorite tool for brute-crawling Web directories. Here's an example of dirb'ing a site and exporting the results to a text file: An awesome pw-cracking utility.
swisskyrepo • Updated Dec 5, 2022
This command with its
-lswitch display all the commands the user can execute as root and is followed by its concerning file.
E.g : Here, the user postgres can execute