⛈️Misc

AD Resource / Checklists

• Active Directory Cheat Sheet

• Living Off The Land Binaries, Scripts and Libraries

• Red Teaming Toolkit

• Active Directory Kill Chain Attack & Defense

• OSEP Code Snippets

• SharpCollection

Windows / AD Attack Tools

This is common tools for AD / Windows exploitation. I give the keyword, Google it how to use.

• NetExec / CrackMapExec

• Impacket

• Bloodhound / Sharphound /Rusthound

• Powersploit / PowerView / PowerUp

• GhostPack-Compiled Binaries

• PowerUpSQL

• UACME (for UAC bypass)

• Mimikatz / LaZagne

• WinPEAS / Moriarty

• Windows Exploit Suggester - Next Generation (WES-NG)

• GodPotato (for Impersonate PE)

Linux Attack Tools

Common tools for Linux enumeration and exploitation.

• LinPEAS

• pspy

• sund3num

• traitor

Pivoting

Common tools for pivoting. Google it.

• chisel

• rpivot

• sshuttle

• ligolo

• ligolo-ng

Thick Client Pentest

Common tools for thick client pentesting.

• Proccess Monitor (For DLL Hijacking Enumeration)

• Echo Mirage (Request sniffing and modification)

• WinSpy (For UI modification)

• Wireshark (For network monitoring)

• Proccess Hacker (For Proccess Monitoring)

• Signcheck (For digital signature details enumeration)

• dnSpy / ILSpy (A .NET debugger and assembly editor)

Thick Client Playground:

• https://github.com/srini0x00/dvta

Other Useful Checklists

• https://notes.vulndev.io/wiki

• https://www.thehacker.recipes/

• https://notthehiddenwiki.com/

• https://www.ired.team/

• https://www.pudn.com/Download/item/id/1705669525391893.html

• https://swisskyrepo.github.io/PayloadsAllTheThings/

Living Off The Land Projects

What is LOTL Technique?

Unlike traditional malware attacks, which leverage signature files to carry out the attack plan, LOTL attacks are fileless — meaning they do not require an attacker to install any code or scripts within the target system. Instead, the attacker uses tools that are already present in the environment, such as PowerShell, Windows Management Instrumentation (WMI) or the password-saving tool, Mimikatz, to carry out the attack.

Using native tools makes LOTL attacks far more difficult to detect, especially if the organization is leveraging traditional security tools that search for known malware scripts or files. Because of this gap in the security toolset, the hacker is often able to dwell undetected in the victim’s environment for weeks, months or even years.

• Living Off The Land Active Directory

• Living Off The Land Drivers

• GTFOBins

• Living Off The Land Binaries, Scripts and Libraries

• Living Off The Land Applications