Universal Tools and Resources
Last updated
Last updated
used by Feroxbuster
One can use FoxyProxy
for the browser or proxychains
on the command line to interact with the network.
authbind allows a program which does not or should not run as root to bind to low-numbered ports in a controlled way.
BloodHound is used to visualise AD environments and discover attack paths.
SharpHound
Data collector for BloodHound
bloodhound.py
Python based data collection tool for BloodHound This will run against the domain, so can one run it from a remote machine.
sssd
is an open source client for enterprise identity management.
It allows for Linux machines to be joined into an Active Directory domain.
SSSD
maintains a copy of the database at the path /var/lib/sss/secrets/secrets.ldb
.
The corresponding key is stored as a hidden file at the path /var/lib/sss/secrets/.secrets.mkey
. By default, the key is only readable if you have root permissions.
Knowing this information one can take a look at those file (if they're present) and extract data from them.
If data cannot be found in those files, one might try to go back one folder to /var/lib/sss
where they might find some other files which can potentially reveal some info.
r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks.
Open-source reverse engineering software developed by NSA
GNU Debugger
These alternatives are for Linux, since dnSpy is for Windows only
Python files can be packed and unpacked to and from a binary.
upx
for packing and unpacking binaries.
Can be used to brute-force CTF flags in a binary.
is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server.
Python Exploit Development Assistance for GDB
Used for disassembling .NET code
Use the to unpack the binary, then use to decompile .pyc
files received from the unpacking process.
Click for better explanation and examples.