Skip to content

im-w/Hacking_Bookmarks_Library

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 

Repository files navigation

Hacking Bookmarks

Essential Cybersecurity Websites and GitHub Repositories

Help:

  • Use Ctrl+F to search for specific keywords.

  • In the "Attack Phase Description" section, you can find keywords related to attack phases for targeted searching.

  • I collected these sites and repositories and created this documentation with ChatGPT. Note that descriptions might contain inaccuracies due to "model hallucination". Learn more in the "ChatGPT" section.

Attack Phase Description

  1. Reconnaissance: Researching, identifying and selecting targets using active or passive reconnaissance.

  2. Resource Development: Preparatory activities aimed at setting up the infrastructure required for the attack.

  3. Delivery: Techniques resulting in the transmission of a weaponized object to the targeted environment.

  4. Social Engineering: Techniques aimed at the manipulation of people to perform unsafe actions.

  5. Exploitation: Techniques to exploit vulnerabilities in systems that may, amongst others, result in code execution.

  6. Persistence: Any access, action or change to a system that gives an attacker persistent presence on the system.

  7. Defense Evasion: Techniques an attacker may specifically use for evading detection or avoiding other defenses.

  8. Command & Control: Techniques that allow attackers to communicate with controlled systems within a target network.

  9. Pivoting: Tunneling traffic through a controlled system to other systems that are not directly accessible.

  10. Discovery: Techniques that allow an attacker to gain knowledge about a system and its network environment.

  11. Privilege Escalation: The result of techniques that provide an attacker with higher permissions on a system or network.

  12. Execution Techniques: that result in execution of attacker-controlled code on a local or remote system.

  13. Credential Access: Techniques resulting in the access of, or control over, system, service or domain credentials.

  14. Lateral Movement: Techniques that enable an adversary to horizontally access and control other remote systems.

  15. Collection: Techniques used to identify and gather data from a target network prior to exfiltration.

  16. Exfiltration: Techniques that result or aid in an attacker removing data from a target network.

  17. Impact: Techniques aimed at manipulating, interrupting or destroying the target system or data.

  18. Objectives: Socio-technical objectives of an attack that are intended to achieve a strategic goal.

Websites

  1. DNSDumpster.com - dns recon and research, find and lookup dns records

    • Usage Keywords: DNS reconnaissance | DNS lookup | DNS records | Network mapping | Domain analysis | IP address enumeration | Subdomain discovery | WHOIS lookup | Reverse DNS | DNS zone transfer | Network footprinting | OSINT | Reconnaissance tools | Cyber threat intelligence | Attack surface analysis | Network identification | Domain research | Cybersecurity research | Cyber espionage | Security assessment
    • Attack Phase: 1 Reconnaissance

  2. Shodan Search Engine

    • Usage Keywords: IoT device search | Network scanning | Device identification | Vulnerability search | Internet-connected devices | Port scanning | Service detection | Banner grabbing | Remote access | Device fingerprinting | Cybersecurity research | Security assessments | Infrastructure mapping | Network discovery | Vulnerability assessment | Threat intelligence | Exploitation research | Attack surface analysis | Cyber threat monitoring | Network mapping
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  3. American Registry for Internet Numbers

    • Usage Keywords: IP address registry | Network resource management | WHOIS information | IP address allocation | ASN lookup | Network resource registration | IP geolocation | WHOIS database | IP range search | Network infrastructure | IP address information | ARIN database | Internet number registry | ASN search | Network operations | IP ownership | Internet routing | Network research | Cybersecurity information | Network coordination
    • Attack Phase: 1 Reconnaissance

  4. CyberChef

    • Usage Keywords: Data transformation | Cybersecurity analysis | Data encoding | Data decoding | Cryptography tools | Forensic analysis | Data visualization | Data manipulation | Security data analysis | Incident response | Reverse engineering | Malware analysis | Network forensics | Log analysis | Data extraction | File format conversion | Hex analysis | Security tools | Data recovery | Encryption/decryption
    • Attack Phase: 17 Impact

  5. Messageheader

    • Usage Keywords: Email header analysis | Message forensics | Email security | Header parsing | Spam detection | Phishing investigation | Email trace | Source verification | Header decoding | Email analysis | Message integrity | Email authentication | Threat analysis | Header information | Email tracking | Security analysis | Email investigation | Cyber threat assessment | Email content review | Email spoofing detection
    • Attack Phase: 1 Reconnaissance | 4 Social Engineering

  6. URLscan.io

    • Usage Keywords: Website scanning | URL analysis | Malware detection | URL reputation | Website security | Domain investigation | Threat assessment | URL metadata | Web content inspection | Cyber threat intelligence | Phishing detection | URL safety | Web scraping | Cybersecurity research | Website behavior analysis | URL tracking | Security assessments | Web forensics | URL reputation check | Phishing analysis
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  7. URL2PNG - Screenshots as a Service

    • Usage Keywords: Website screenshots | Web page snapshots | URL rendering | Visual website analysis | Website monitoring | Web page review | Browser emulation | Web content capture | URL inspection | Web page verification | Security audits | Visual web analysis | Cybersecurity research | Phishing detection | Website behavior analysis | Security assessments | Web page forensics | URL monitoring | Website review | Web visibility analysis
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  8. Wannabrowser

    • Usage Keywords: Browser emulation | Secure browsing | Privacy testing | Online security | Web application testing | Fake browser environments | Web security testing | Privacy protection | Browsing simulation | Safe browsing | Web page analysis | Security assessments | Phishing testing | Browser security | Cybersecurity tools | Privacy research | Malware analysis | Web content review | Security monitoring | Cyber threat analysis
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  9. VirusTotal - Home

    • Usage Keywords: Malware scanning | File analysis | URL scanning | Threat detection | Virus identification | Security assessments | Cyber threat intelligence | Malware analysis | File reputation | Threat research | Security investigation | Forensic analysis | Security reports | Malware identification | Virus detection | File safety | URL reputation | Threat monitoring | Cybersecurity analysis | Security audits
    • Attack Phase: 17 Impact | 15 Collection

  10. Intelligence Center - A Real Time Threat Detection Service || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

    • Usage Keywords: Threat intelligence | Cyber threat detection | Security alerts | Threat reputation | Real-time threat monitoring | Incident response | Threat research | Network security | Malware intelligence | Cybersecurity threats | Vulnerability assessment | Attack patterns | Threat analysis | Security advisories | Network forensics | Exploit detection | Threat reports | Cybersecurity insights | Attack intelligence | Threat mitigation
    • Attack Phase: 10 Discovery | 15 Collection

  11. Talos File Reputation Lookup || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

    • Usage Keywords: Threat intelligence | File reputation | Malware analysis | Security research | Threat detection | Cyber threat analysis | Cybersecurity insights | Network security | Threat reputation | Cybersecurity tools | Incident response | Threat research | Malware detection | Security advisories | Attack patterns | Threat intelligence services | Real-time monitoring | Exploit detection | Cyber threat intelligence | Cybersecurity solutions
    • Attack Phase: 10 Discovery | 15 Collection

  12. Extract URLs

    • Usage Keywords: URL extraction | Data scraping | Web scraping | Data extraction | Link extraction | Web crawling | URL management | Web tools | Data conversion | Online tools | Web analysis | Data analysis | Bulk URL extraction | Automation tools | Web utilities | Text analysis | Content scraping | SEO tools | Data processing | Data tools
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  13. Software Supply Chain Security & Threat Intelligence | ReversingLabs

    • Usage Keywords: Threat intelligence | Malware analysis | Software supply chain security | Threat detection | Cybersecurity insights | Security research | Malware detection | File analysis | Threat intelligence services | Incident response | Cybersecurity tools | Vulnerability assessment | Attack patterns | Cyber threat intelligence | Real-time monitoring | Cybersecurity solutions | Supply chain threat detection | Security advisories | Exploit detection | Threat mitigation
    • Attack Phase: 10 Discovery | 15 Collection

  14. Interactive Online Malware Analysis Sandbox - ANY.RUN

    • Usage Keywords: Malware analysis | Online sandbox | Interactive analysis | Threat detection | Cybersecurity research | Security analysis | Real-time analysis | Threat hunting | Malware detection | Cybersecurity tools | Incident response | Exploit analysis | Network security | Behavioral analysis | Threat intelligence | Cybersecurity solutions | File analysis | Dynamic analysis | Security research | Threat analysis
    • Attack Phase: 5 Exploitation | 10 Discovery | 15 Collection

  15. Free Automated Malware Analysis Service - powered by Falcon Sandbox

    • Usage Keywords: Malware analysis | Automated analysis | Threat detection | Security research | Sandbox analysis | Cybersecurity tools | Threat intelligence | Malware detection | Incident response | Cyber threat intelligence | Dynamic analysis | Cybersecurity solutions | Exploit analysis | Network security | Real-time monitoring | Behavioral analysis | Cybersecurity research | Threat analysis | File analysis | Vulnerability assessment
    • Attack Phase: 5 Exploitation | 10 Discovery | 15 Collection

  16. Deep Malware Analysis - Joe Sandbox

    • Usage Keywords: Malware analysis | Deep analysis | Threat detection | Security research | Sandbox analysis | Cybersecurity tools | Malware detection | Threat intelligence | Incident response | Cyber threat intelligence | Dynamic analysis | Cybersecurity solutions | Exploit analysis | Network security | Real-time monitoring | Behavioral analysis | Cybersecurity research | Threat analysis | File analysis | Vulnerability assessment
    • Attack Phase: 5 Exploitation | 10 Discovery | 15 Collection

  17. MX Lookup Tool - Check your DNS MX Records online - MxToolbox

    • Usage Keywords: DNS lookup | MX records | Email security | Domain analysis | DNS tools | Network diagnostics | DNS management | Cybersecurity tools | Email validation | DNS monitoring | Network security | IP address lookup | Cybersecurity solutions | Email server analysis | Email threat detection | Network analysis | Domain tools | Threat intelligence | DNS troubleshooting | Network utilities
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  18. PhishTank | Join the fight against phishing

    • Usage Keywords: Phishing detection | Anti-phishing | Cybersecurity | Threat intelligence | Phishing database | Security research | Cyber threat intelligence | Incident response | Email security | Phishing protection | Threat analysis | Phishing reports | Cybersecurity tools | Threat mitigation | Cyber defense | Online safety | Cybersecurity solutions | Network security | Security advisories | Phishing analysis
    • Attack Phase: 4 Social Engineering | 10 Discovery

  19. Strengthening trust and safety across the internet | Spamhaus

    • Usage Keywords: Spam detection | Email security | Cyber threat intelligence | Threat detection | Anti-spam | Network security | Cyber defense | Cybersecurity tools | Threat intelligence | Incident response | Cybersecurity research | DNSBL | Threat mitigation | Email protection | Online safety | Cybersecurity solutions | Network monitoring | Phishing prevention | Cybersecurity insights | Security advisories
    • Attack Phase: 7 Defense Evasion | 10 Discovery

  20. Phishing for Information, Technique T1598 - Enterprise | MITRE ATT&CK®

    • Usage Keywords: Phishing techniques | Cyber threat intelligence | Threat analysis | MITRE ATT&CK® | Cybersecurity research | Social engineering | Threat detection | Cybersecurity framework | Security research | Cybersecurity strategies | Incident response | Cybersecurity tools | Phishing mitigation | Threat intelligence | Cybersecurity solutions | Network security | Cyber defense | Cyber threat prevention | Security advisories | Threat hunting
    • Attack Phase: 4 Social Engineering | 10 Discovery

  21. SPF Surveyor - dmarcian

  • Usage Keywords: SPF validation | Email security | Domain protection | Sender policy framework | Email authentication | DNS records check | Anti-phishing | Email spoofing prevention | Email deliverability | Cybersecurity | Domain security | Email threats analysis | Mail server validation | Email infrastructure security | Email domain safety | Email policy enforcement | DNS security | Threat intelligence | Security posture | Security assessment
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. Messageheader
  • Usage Keywords: Email header analysis | Email source tracking | Message header parsing | Email troubleshooting | Mail server analysis | Email authentication | Email security | Phishing analysis | SPAM detection | Cybersecurity | Email forensic analysis | Domain reputation check | DKIM validation | SPF verification | Email routing analysis | SMTP header analysis | Message trace | Security assessment | Email infrastructure security | Security posture
  • Attack Phase: 10 Discovery | 15 Collection
  1. DMARC Domain Checker - dmarcian
  • Usage Keywords: DMARC validation | Email security | Domain protection | Email authentication | Anti-phishing | Email spoofing prevention | Email deliverability | Cybersecurity | Email threats analysis | Domain security | Email policy enforcement | DNS security | Security posture | Domain reputation | Threat intelligence | Security assessment | Email monitoring | Mail server security | Email infrastructure security | SPF verification
  • Attack Phase: 10 Discovery | 11 Privilege Escalation
  1. Wireshark · Display Filter Reference: Simple Mail Transfer Protocol
  • Usage Keywords: Packet analysis | Network monitoring | SMTP protocol analysis | Email traffic inspection | Cybersecurity | Email security | Network forensics | Intrusion detection | Protocol filtering | Network security | Email troubleshooting | Data packet filtering | Real-time network analysis | Threat detection | Security assessment | Email infrastructure security | Email communication analysis | Network traffic analysis | Network protocol analysis | Security posture
  • Attack Phase: 10 Discovery | 12 Execution Techniques
  1. Wireshark · Display Filter Reference: Internet Message Format
  • Usage Keywords: Packet analysis | Network monitoring | Internet Message Format analysis | Email traffic inspection | Cybersecurity | Email security | Network forensics | Intrusion detection | Protocol filtering | Network security | Email troubleshooting | Data packet filtering | Real-time network analysis | Threat detection | Security assessment | Email infrastructure security | Email communication analysis | Network traffic analysis | Network protocol analysis | Security posture
  • Attack Phase: 10 Discovery | 12 Execution Techniques
  1. Whois Lookup, Domain Availability & IP Search - DomainTools
  • Usage Keywords: Whois lookup | Domain search | IP search | Domain availability | DNS records | Reverse Whois | IP address history | Domain history | Registrant information | Network tools | Cyber threat analysis | Security investigation | Domain reputation | Cyber reconnaissance | Passive reconnaissance | Attack surface mapping | Threat intelligence | Cybersecurity research | Infrastructure analysis | Domain monitoring
  • Attack Phase: 1 Reconnaissance
  1. SPF Check & SPF Lookup - Sender Policy Framework (SPF) - MxToolBox
  • Usage Keywords: SPF lookup | SPF check | Email authentication | Email security | Email spoofing prevention | Sender policy framework | Email threat analysis | Anti-spoofing | Email reputation | Cyber threat analysis | Email delivery verification | Cybersecurity tools | Email domain protection | Phishing prevention | Threat intelligence | Cyber investigation | DNS records | Email security posture | Cyber defense | Email vulnerability assessment
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. DMARC Check Tool - Domain Message Authentication Reporting & Conformance Lookup - MxToolBox
  • Usage Keywords: DMARC lookup | DMARC check | Email authentication | Domain-based message authentication | Reporting and conformance | Email security | Email threat analysis | Phishing prevention | Email fraud protection | Anti-spoofing | Cybersecurity tools | Email domain protection | Email reputation | Cyber defense | Cyber investigation | DNS records | Email vulnerability assessment | Threat intelligence | Cyber threat prevention
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. GTFOBins
  • Usage Keywords: Privilege escalation | Linux exploitation | Exploitation techniques | Binary exploitation | Privilege escalation binaries | Penetration testing | Exploit research | Vulnerability exploitation | Post-exploitation techniques | Command execution | Exploit development | Offensive security | Cybersecurity research | Red team tools | Attack vectors | Security testing | Cyber defense | System security | Attack simulations | Ethical hacking
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation | 12 Execution
  1. ThreatBook Intelligence|ThreatBook CTI
  • Usage Keywords: Cyber threat intelligence | Threat detection | Threat analysis | Threat research | Cybersecurity monitoring | Security intelligence | Threat hunting | Incident response | Malware analysis | Threat indicators | Attack patterns | Threat feeds | Threat sharing | Threat reporting | Vulnerability analysis | Security advisories | Threat prevention | Network security | Cyber defense | Real-time threat alerts
  • Attack Phase: 10 Discovery | 15 Collection
  1. Chrome Web Store - Search Results for FoxyProxy
  • Usage Keywords: Proxy management | Browsing privacy | Web security tools | Internet anonymity | Secure browsing | Proxy configuration | Web traffic control | Network security | Anonymity tools | Privacy extensions | Browser extensions | Security enhancements | Web filtering | Access control | Privacy protection | Secure connections | Network management | Internet security | Data encryption | Online privacy
  • Attack Phase: 7 Defense Evasion | 15 Collection
  1. Chrome Web Store - Search Results for User-Agent Switcher and Manager
  • Usage Keywords: User-agent spoofing | Browser identity masking | Web testing | Security testing | Web anonymity | Privacy tools | Browser extensions | Network anonymity | Access control | Web scraping | Session management | Privacy protection | Web traffic manipulation | User-agent manipulation | Security research | Internet privacy | Testing tools | Online security | Data privacy | Identity protection
  • Attack Phase: 4 Social Engineering | 7 Defense Evasion
  1. Chrome Web Store - Search Results for Wappalyzer
  • Usage Keywords: Technology detection | Web technology analysis | Site fingerprinting | Security research | Technology identification | Network reconnaissance | Web application security | Information gathering | Vulnerability assessment | Security tools | Cyber intelligence | Web analytics | Network security | Technology profiling | Attack surface mapping | Security assessment | Web security | Application analysis | Online threats | Security insights | Attack intelligence
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. Ettercap Home Page
  • Usage Keywords: Network sniffing | Man-in-the-middle attacks | Network analysis | Packet capture | Security monitoring | Network forensics | Vulnerability exploitation | Network threats | Data interception | Cybersecurity tools | Network security | MITM attacks | Traffic analysis | Network debugging | Security research | Packet inspection | Cyber attacks | Network protection | Security vulnerabilities | Network threats
  • Attack Phase: 3 Delivery | 6 Persistence | 9 Pivoting
  1. bettercap
  • Usage Keywords: Network attacks | Man-in-the-middle attacks | Network sniffing | Security testing | Packet manipulation | Web security tools | Traffic interception | Network analysis | Vulnerability exploitation | Cybersecurity research | MITM attacks | Network monitoring | Data capture | Network forensics | Security vulnerabilities | Cyber attacks | Penetration testing | Security assessment | Network debugging | Security tools
  • Attack Phase: 1 Reconnaissance | 3 Delivery | 9 Pivoting
  1. NVD - CVSS v3 Calculator
  • Usage Keywords: CVSS v3 calculator | Vulnerability scoring | Security metrics | Risk assessment | Vulnerability assessment | Cybersecurity ratings | Threat assessment | Security risk evaluation | Risk scoring | Attack severity | Impact scoring | Threat analysis | Cyber risk management | Security vulnerability calculator | System vulnerabilities | CVSS scoring system | Risk calculation | Threat level assessment | Security impact rating | Vulnerability impact | Risk prioritization
  • Attack Phase: 10 Discovery | 15 Collection
  1. NVD - Vulnerabilities
  • Usage Keywords: Vulnerability database | Security vulnerabilities | CVE listings | Threat intelligence | Cybersecurity vulnerabilities | Exploit information | Vulnerability management | Threat monitoring | Security flaws | Risk management | Attack vectors | Cyber threats | Patch management | Vulnerability tracking | Security advisories | CVE details | Network vulnerabilities | Software flaws | Security alerts | Vulnerability assessment | Incident tracking
  • Attack Phase: 10 Discovery | 15 Collection
  1. Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers
  • Usage Keywords: Exploits database | Penetration testing | Ethical hacking | Vulnerability exploits | Cybersecurity research | Security tools | Offensive security | Exploit techniques | Exploit development | Security vulnerabilities | Ethical hacking resources | Penetration testing tools | Exploit research | Threat exploitation | Attack vectors | Security breaches | Cyber threat intelligence | Vulnerability assessment | Security analysis | Exploit mitigations
  • Attack Phase: 4 Social Engineering | 5 Exploitation | 6 Persistence
  1. Nessus Vulnerability Scanner: Network Security Solution | Tenable®
  • Usage Keywords: Vulnerability scanning | Network security | Nessus scanner | Cybersecurity assessments | Vulnerability management | Security scanning | Risk assessment tools | Threat detection | Security analysis | Network vulnerabilities | Compliance checks | Cyber threat analysis | Risk mitigation | Penetration testing | Security audits | Patch management | Vulnerability assessment | System security | Network protection | Cyber risk management
  • Attack Phase: 10 Discovery | 15 Collection | 17 Impact
  1. Vulnerability & Exploit Database - Rapid7
  • Usage Keywords: Vulnerability database | Exploit database | Cybersecurity research | Penetration testing | Threat intelligence | Vulnerability management | Exploit research | Risk assessment | Security vulnerabilities | Attack vectors | Threat analysis | Exploit information | Security tools | Cyber threats | Security vulnerabilities | Incident response | Threat monitoring | Exploit techniques | Risk management | Security analysis
  • Attack Phase: 10 Discovery | 15 Collection | 5 Exploitation
  1. GitHub
  • Usage Keywords: Open-source projects | Software development | Code repository | Version control | Collaborative coding | Project management | Code review | Developer tools | Programming languages | Bug tracking | Documentation | Community contributions | Git-based versioning | Continuous integration | Repository hosting | Software engineering | Code sharing | Technical collaboration | Source code management | Issue tracking | Developer community
  • Attack Phase: 10 Discovery | 15 Collection
  1. PEASS-ng/linPEAS at master · peass-ng/PEASS-ng
  • Usage Keywords: Linux enumeration | Privilege escalation checks | Security auditing | Pentesting tools | Vulnerability scanning | System enumeration | Linux security | Privilege escalation | Security assessments | Penetration testing | Enumeration scripts | Security automation | Linux system checks | Exploitation tools | Vulnerability detection | Threat assessment | Security auditing scripts | Attack vectors | Privilege escalation techniques | Linux vulnerability research
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. rebootuser/LinEnum: Scripted Local Linux Enumeration & Privilege Escalation Checks
  • Usage Keywords: Local Linux enumeration | Privilege escalation | Security scripts | Pentesting automation | Linux security checks | Enumeration scripts | Privilege escalation tools | Local system scanning | Vulnerability assessment | Security auditing | Penetration testing | Linux system assessment | Exploit detection | Security research | Privilege escalation research | Linux enumeration tool | Attack preparation | Security compliance | Linux auditing scripts | Pentest resources
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing tool
  • Usage Keywords: Linux privilege escalation | Exploit suggestions | Security auditing | Vulnerability assessment | Privilege escalation techniques | Linux security tools | Penetration testing | Exploit research | System exploitation | Security assessments | Vulnerability detection | Exploit suggestions tool | Security automation | Linux auditing | Pentest resources | Security research | Exploitation techniques | Attack vectors | Privilege escalation auditing | Linux vulnerability analysis
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. diego-treitos/linux-smart-enumeration: Linux enumeration tool for pentesting and CTFs with verbosity levels
  • Usage Keywords: Linux enumeration | Pentesting tool | Verbose output | CTF tools | Security scanning | System checks | Enumeration scripts | Security auditing | Vulnerability detection | Penetration testing | Security research | Linux security | Privilege escalation checks | Exploit detection | System assessment | Linux auditing | Attack preparation | Security automation | Vulnerability assessment | Pentest tools
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. linted/linuxprivchecker: linuxprivchecker.py -- a Linux Privilege Escalation Check Script
  • Usage Keywords: Linux privilege escalation | Security auditing | Privilege escalation checks | Penetration testing | Vulnerability scanning | Linux security | System enumeration | Exploitation techniques | Security scripts | Pentesting tools | Local enumeration | Privilege escalation script | Vulnerability detection | Security automation | Attack preparation | Linux system checks | Privilege escalation research | Security assessments | Exploit detection | System analysis | Linux vulnerabilities
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. www.linuxkernelcves.com
  • Usage Keywords: Linux kernel CVEs | Vulnerability database | Security advisories | CVE lookup | Kernel vulnerabilities | Exploit database | Security research | Vulnerability assessment | Kernel security | Patch management | Threat intelligence | Bug tracking | Linux kernel security | Security patches | CVE tracking | Vulnerability management | Security updates | Kernel exploit analysis | System vulnerabilities | Security compliance
  • Attack Phase: 10 Discovery | 15 Collection
  1. Internal All The Things
  • Usage Keywords: Internal security resources | Penetration testing | Security tools | Exploit techniques | Vulnerability assessment | Enumeration tools | Security auditing | Attack methodologies | Internal network security | Security research | Pentesting resources | Security checklists | Threat assessment | Exploit research | Attack vectors | Penetration testing tools | Security best practices | Exploitation techniques | Security resources | Threat intelligence
  • Attack Phase: 10 Discovery | 15 Collection
  1. AccessChk - Sysinternals | Microsoft Learn
  • Usage Keywords: AccessChk tool | Windows security | Permission checks | System security | Access control | Privilege auditing | Security monitoring | Sysinternals tools | Security assessments | Access permissions | File system security | User rights | Privilege checks | Security compliance | System auditing | Access control lists | Security tools | Windows administration | Privilege escalation | Security management
  • Attack Phase: 11 Privilege Escalation | 10 Discovery
  1. Packet Storm
  • Usage Keywords: Security vulnerabilities | Exploit database | Penetration testing | Security advisories | Vulnerability research | Threat intelligence | Security tools | Exploits and patches | Security news | Cyber threat research | Penetration testing resources | Security updates | Vulnerability database | Attack vectors | Security audits | Malware analysis | Security tools repository | Exploit development | Security assessments | Threat reports
  • Attack Phase: 10 Discovery | 15 Collection

  1. uf0

    • Usage Keywords: This site does not have a clear focus on cybersecurity or specific usage keywords. Consider checking it directly for more accurate details.
    • Attack Phase: General usage - No specific attack phases identified.

  2. pwntools — pwntools 4.13.0 documentation

    • Usage Keywords: Exploit development | Binary exploitation | Payload creation | Fuzzing | Reverse engineering | Buffer overflow | Shellcode | Remote code execution | Exploit scripting | Vulnerability research | Exploit frameworks | Security tools | Penetration testing | Vulnerability assessment | Network exploitation | Memory corruption | Debugging | Security research | Exploit analysis | Code injection
    • Attack Phase: 5 Exploitation | 12 Execution Techniques

  3. Introduction — Scapy 2.6.0 documentation

    • Usage Keywords: Packet manipulation | Network analysis | Network forensics | Packet crafting | Protocol analysis | Penetration testing | Network scanning | Vulnerability testing | Security testing | Traffic generation | Packet sniffing | Security research | Network monitoring | Packet decoding | Network scripting | Protocol fuzzing | Intrusion detection | Exploit development | Malware analysis | Network diagnostics
    • Attack Phase: 10 Discovery | 15 Collection | 17 Impact

  4. PsExec - Sysinternals | Microsoft Learn

    • Usage Keywords: Remote administration | Command execution | Remote access | Windows command execution | Security auditing | Privilege escalation | Remote code execution | Penetration testing | Exploit tool | System management | Security monitoring | Windows forensics | Incident response | Malware analysis | Security assessments | Credential testing | Command and control | Network management | Remote task execution | Security tools
    • Attack Phase: 4 Social Engineering | 5 Exploitation | 14 Lateral Movement

  5. Threat Hunting: How to Detect PsExec | Praetorian

    • Usage Keywords: Threat hunting | PsExec detection | Security monitoring | Incident detection | Windows security | Forensics analysis | Attack detection | Security alerts | Penetration testing | Threat detection | Attack analysis | Malware detection | Security incident response | Behavioral analysis | Network security | Threat intelligence | Security best practices | Exploit detection | Security threats | Log analysis
    • Attack Phase: 7 Defense Evasion | 10 Discovery | 17 Impact

  6. Red Team Development and Operations | Red Team Development and Operations

  • Usage Keywords: Red teaming | Security assessment | Offensive security | Penetration testing | Threat emulation | Vulnerability assessment | Exploit testing | Attack simulation | Security posture evaluation | Attack strategies | Cyber threat simulation | Incident response | Adversarial tactics | Security tools | Network penetration | Threat modeling | Attack methodologies | Cyber risk assessment | Security training | Defense strategies
  • Attack Phase: 1 Reconnaissance | 2 Resource Development | 4 Social Engineering | 5 Exploitation | 6 Persistence | 7 Defense Evasion
  1. Cyber Kill Chain® | Lockheed Martin
  • Usage Keywords: Cyber Kill Chain | Threat lifecycle | Cyber attack stages | Attack vector analysis | Intrusion detection | Threat mitigation | Security framework | Incident response | Attack phases | Threat intelligence | Network security | Exploit identification | Attack prevention | Vulnerability management | Cyber defense | Attack detection | Threat analysis | Security operations | Incident management | Risk management
  • Attack Phase: 1 Reconnaissance | 3 Delivery | 5 Exploitation | 6 Persistence | 7 Defense Evasion | 9 Pivoting | 15 Collection
  1. Unified Kill Chain: Raising Resilience Against Cyber Attacks
  • Usage Keywords: Unified Kill Chain | Cyber resilience | Attack framework | Security strategy | Attack phases | Threat response | Incident handling | Security operations | Risk management | Attack prevention | Threat analysis | Vulnerability assessment | Cyber threat defense | Security posture | Defense mechanisms | Attack lifecycle | Intrusion prevention | Network security | Threat modeling | Risk mitigation
  • Attack Phase: 1 Reconnaissance | 2 Resource Development | 3 Delivery | 5 Exploitation | 6 Persistence | 7 Defense Evasion | 8 Command & Control | 9 Pivoting | 10 Discovery | 11 Privilege Escalation | 13 Credential Access | 14 Lateral Movement | 15 Collection | 16 Exfiltration
  1. What is The Cyber Kill Chain and How to Use it Effectively
  • Usage Keywords: Cyber Kill Chain | Kill Chain model | Attack phases | Cyber security | Threat lifecycle | Attack prevention | Security measures | Intrusion detection | Network security | Threat response | Vulnerability management | Exploit strategies | Attack analysis | Security framework | Risk assessment | Incident response | Security best practices | Threat mitigation | Cyber defense | Risk management
  • Attack Phase: 1 Reconnaissance | 3 Delivery | 5 Exploitation | 6 Persistence | 7 Defense Evasion | 8 Command & Control | 10 Discovery | 15 Collection
  1. MITRE ATT&CK®
  • Usage Keywords: MITRE ATT&CK | Threat matrix | Attack techniques | Adversary tactics | Cyber attack patterns | Security framework | Threat intelligence | Attack modeling | Threat detection | Incident response | Network security | Exploit techniques | Threat analysis | Security operations | Cyber threat mitigation | Risk management | Adversarial tactics | Attack phases | Vulnerability exploitation | Threat research
  • Attack Phase: 1 Reconnaissance | 3 Delivery | 5 Exploitation | 6 Persistence | 7 Defense Evasion | 8 Command & Control | 9 Pivoting | 10 Discovery | 11 Privilege Escalation | 13 Credential Access | 14 Lateral Movement | 15 Collection | 16 Exfiltration
  1. TryHackMe | Learning Paths
  • Usage Keywords: Cybersecurity training | Ethical hacking | Hands-on labs | Security concepts | Attack simulation | Vulnerability assessment | Penetration testing | Security exercises | Cybersecurity skills | Incident response | Threat analysis | Exploitation techniques | Network security | Security operations | Threat intelligence | Digital forensics | Security best practices | Malware analysis | Red teaming | Blue teaming | Cyber attack scenarios
  • Attack Phase: 1 Reconnaissance | 5 Exploitation | 13 Credential Access | 17 Impact
  1. VECTR | Collaborate. Benchmark. Improve.
  • Usage Keywords: Cyber security management | Threat modeling | Attack simulations | Benchmarking security | Collaborative security tools | Incident response planning | Risk assessment | Security evaluation | Vulnerability management | Security metrics | Security posture | Attack scenario testing | Security analytics | Compliance checking | Security tool integration | Threat assessment | Security gap analysis | Security improvements | Security best practices | Risk management
  • Attack Phase: 3 Delivery | 5 Exploitation | 9 Pivoting | 15 Collection
  1. AI Work Management & Productivity Tools | Slack
  • Usage Keywords: Team collaboration | Communication platform | Project management | Workspace organization | Task tracking | Document sharing | Remote team coordination | Workflow automation | Messaging platform | File sharing | Team productivity | Integrations | Collaboration tools | Real-time chat | Notifications | Project tracking | Team updates | Task management | Integration with other tools | Collaboration security | Data protection
  • Attack Phase: 4 Social Engineering | 8 Command & Control | 13 Credential Access
  1. Armitage - Cyber Attack Management for Metasploit
  • Usage Keywords: Cyber attack management | Metasploit framework | Exploitation tools | Attack visualization | Penetration testing | Security assessment | Vulnerability exploitation | Attack coordination | Network attacks | Threat simulation | Exploit management | Cyber threat analysis | Incident management | Security operations | Red teaming | Attack strategies | Security tool integration | Exploit frameworks | Penetration testing tools | Attack management
  • Attack Phase: 3 Delivery | 5 Exploitation | 9 Pivoting
  1. Google Hacking Database (GHDB) - Google Dorks, OSINT, Recon
  • Usage Keywords: Google dorks | OSINT techniques | Reconnaissance tools | Google hacking | Vulnerability search | Security research | Attack vectors | Information gathering | Reconnaissance techniques | Exploitation methods | Data leakage | Security flaws | Cyber threat intelligence | Web security | Database queries | Cybersecurity research | Network reconnaissance | Target discovery | Exploit finding | Threat identification
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. Wayback Machine
  • Usage Keywords: Internet archive | Historical web pages | Web page snapshots | Digital preservation | Historical data retrieval | Research | Web history | Data recovery | Archive access | Historical content | Site history | Web research | Page versioning | Digital artifacts | Website backup | Content comparison | Web archival | Data integrity | Page tracking | Historical browsing
  • Attack Phase: 10 Discovery
  1. ViewDNS.info
  • Usage Keywords: DNS tools | DNS lookup | Reverse DNS | DNS analysis | WHOIS lookup | IP geolocation | Domain information | DNS monitoring | Security analysis | Network diagnostics | DNS records | IP address | Domain health | Network tools | DNS reputation | Domain lookup | Security assessments | IP tracking | Network research | DNS auditing
  • Attack Phase: 10 Discovery | 15 Collection
  1. Threat Intelligence Platform (TIP)
  • Usage Keywords: Threat intelligence | Cyber threat analysis | Threat data integration | Threat feeds | API security | Threat detection | Cyber threat research | Security APIs | Intelligence aggregation | Threat monitoring | Threat reports | Vulnerability intelligence | Incident response | Security insights | Threat actors | Threat indicators | Threat analysis | Threat management | Security alerts | Threat trends
  • Attack Phase: 10 Discovery | 15 Collection
  1. Censys Search
  • Usage Keywords: Internet scanning | Security research | Device discovery | IP address search | Certificate search | Network mapping | Cybersecurity research | Vulnerability detection | Network exposure | Asset discovery | Security posture | Internet enumeration | Device intelligence | Search engine for security | Open ports | Certificate transparency | Network reconnaissance | System mapping | Risk assessment | Internet infrastructure
  • Attack Phase: 10 Discovery | 15 Collection
  1. Maltego
  • Usage Keywords: Data mining | Information gathering | Link analysis | Network mapping | Cyber investigations | Relationship mapping | Data visualization | Intelligence gathering | Entity recognition | Investigative analysis | OSINT tools | Cyber threat analysis | Network forensics | Security investigations | Threat modeling | Data correlation | Risk analysis | Attack surface mapping | Target profiling | Social engineering research
  • Attack Phase: 10 Discovery | 15 Collection
  1. infosecn1nja/Red-Teaming-Toolkit: This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
  • Usage Keywords: Red teaming tools | Threat hunting | Offensive security | Payload development | Penetration testing | Post-exploitation | Adversary simulation | Command-and-control tools | Network penetration | Exploit frameworks | Reconnaissance tools | Privilege escalation | Persistence techniques | Defense evasion | Vulnerability exploitation | Cyber attack automation | Exploitation kits | Threat simulation | Cybersecurity tactics | Exploit delivery
  • Attack Phase: 1 Reconnaissance | 5 Exploitation | 6 Persistence | 7 Defense Evasion | 8 Command & Control | 11 Privilege Escalation
  1. Free Chat With WormGPT V3.0
  • Usage Keywords: AI-assisted hacking | WormGPT chat | AI-enabled malware | Social engineering automation | AI for phishing attacks | AI-based vulnerability exploitation | Natural language processing for cyber attacks | GPT malware generation | Chat-driven hacking tools | AI-powered penetration testing | AI-based credential theft | AI for exploit development | AI-assisted red teaming | Automated attack generation | AI in threat intelligence | Adversarial AI techniques | Language models in cybersecurity | AI for reconnaissance | Phishing campaign automation | AI-based social engineering
  • Attack Phase: 4 Social Engineering | 5 Exploitation | 13 Credential Access
  1. MSFVenom Cheat Sheet - Easy Way To Create Metasploit Payloads | The Dark Source
  • Usage Keywords: Metasploit payload creation | Payload generation | Exploit delivery | Shellcode injection | Command-and-control payloads | Reverse shell payloads | Bind shell payloads | Payload encoding | Malware creation | Post-exploitation tools | Exploit development | Attack automation | Cyber attack frameworks | Penetration testing payloads | Exploitation techniques | Code execution | Privilege escalation | Offensive security | Exploit delivery automation | Cyber attack scripting
  • Attack Phase: 5 Exploitation | 6 Persistence | 12 Execution | 8 Command & Control
  1. Wikipedia:10,000 most common passwords - Wikipedia
  • Usage Keywords: Common password lists | Weak passwords | Password cracking | Credential security | Password vulnerabilities | Cybersecurity hygiene | Brute-force attacks | Password management | Credential theft | Dictionary attacks | Password recovery | Default password list | Vulnerable credentials | Common password analysis | Account takeover | Authentication weaknesses | Password security guidelines | Credential re-use | Weak authentication methods | Cyber attack vectors
  • Attack Phase: 13 Credential Access
  1. Default Passwords | CIRT.net
  • Usage Keywords: Default passwords | Vulnerable devices | Credential hardening | Password cracking | Weak password management | Network security | IoT vulnerabilities | System default credentials | Password hygiene | Authentication weaknesses | Credential theft | Cybersecurity risks | Account security | Brute-force attacks | Weak authentication | Security misconfigurations | Password reuse vulnerabilities | Penetration testing | Password dictionary | Authentication vulnerabilities
  • Attack Phase: 13 Credential Access | 5 Exploitation | 14 Lateral Movement
  1. Default passwords list - Select manufacturer
  • Usage Keywords: Default passwords | Password dictionary | Password security | Device authentication | Cybersecurity vulnerabilities | Credential exposure | Security assessment | Brute-force attack | Device security | Unauthorized access | Network vulnerabilities | IoT security | System hardening | Weak passwords | Default credentials | Risk assessment | Security audit | Password cracking | Credential security | Device exploitation
  • Attack Phase: 13 Credential Access | 5 Exploitation | 1 Reconnaissance
  1. List of Default Passwords
  • Usage Keywords: Default passwords | Password vulnerability | Credential list | Cybersecurity risks | Security assessments | Brute-force attack | Weak authentication | Credential exposure | Unauthorized access | Network security | Password cracking | IoT vulnerabilities | Device security | System hardening | Password exploitation | Security analysis | Risk assessment | Security best practices | Vulnerability scanning | Security audit
  • Attack Phase: 13 Credential Access | 1 Reconnaissance | 5 Exploitation
  1. danielmiessler/SecLists: SecLists is the security tester's companion
  • Usage Keywords: Security testing | Wordlists | Penetration testing | Fuzzing | Password lists | URL lists | Sensitive data patterns | Brute-force attack | Vulnerability testing | Web shells | Cybersecurity assessment | Network scanning | Exploit development | Security tools | Reconnaissance | Credential cracking | Web exploitation | Security research | Security audits | Penetration tools
  • Attack Phase: 1 Reconnaissance | 5 Exploitation | 13 Credential Access
  1. SkullSecurity Blog | Adventures In Security
  • Usage Keywords: Password security | Security research | Cybersecurity insights | Password cracking | Brute-force techniques | Credential exposure | Security testing | Default passwords | Cyber attacks | System vulnerabilities | Security awareness | Network security | Exploit techniques | Vulnerability assessment | Penetration testing | Security best practices | Security audits | Exploitation tools | Cyber threat analysis | Risk management
  • Attack Phase: 1 Reconnaissance | 5 Exploitation | 13 Credential Access | 10 Discovery
  1. Gophish - Open Source Phishing Framework
  • Usage Keywords: Phishing attacks | Social engineering | Cybersecurity awareness | Phishing simulations | Attack campaigns | Email security | User training | Credential harvesting | Phishing prevention | Spear phishing | Cyber attack defense | Phishing detection | Security testing | Security awareness | Cyber resilience | Attack simulations | Phishing defense | Phishing mitigation | Email security framework | Security assessments
  • Attack Phase: 4 Social Engineering | 13 Credential Access | 3 Delivery
  1. TrustedSec | The Social Engineering Toolkit (SET)
  • Usage Keywords: Social engineering | Phishing attacks | Penetration testing | Security testing | Attack simulation | Exploitation techniques | Cybersecurity tools | Payload delivery | Information gathering | Spear-phishing | Malicious websites | Credential harvesting | Network intrusion | Password attacks | Exploit development | Remote access | Reconnaissance | Email spoofing | Attack automation | Cybersecurity education
  • Attack Phase: 1 Reconnaissance | 4 Social Engineering | 5 Exploitation | 12 Execution | 3 Delivery
  1. Get-EventLog (Microsoft.PowerShell.Management) - PowerShell | Microsoft Learn
  • Usage Keywords: Event logging | System monitoring | Log analysis | System events | PowerShell scripting | Security auditing | Incident response | Log management | Network monitoring | Forensic analysis | System diagnostics | Security logging | Administrative control | Windows event logs | System security | Log review | Automation scripting | System errors | Threat detection | Audit logging
  • Attack Phase: 10 Discovery | 15 Collection
  1. Sysmon - Sysinternals | Microsoft Learn
  • Usage Keywords: System monitoring | Event logging | Threat detection | Security monitoring | Process tracking | Malware detection | Incident response | Log analysis | System diagnostics | Intrusion detection | Network forensics | Security auditing | Process monitoring | Advanced threat detection | Event correlation | Windows systems | File integrity monitoring | Threat hunting | Behavioral monitoring | Real-time monitoring
  • Attack Phase: 10 Discovery | 7 Defense Evasion | 15 Collection
  1. Process Discovery, Technique T1057 - Enterprise | MITRE ATT&CK®
  • Usage Keywords: Process discovery | Endpoint detection | System enumeration | Process monitoring | Threat hunting | Cybersecurity research | System inspection | Malware analysis | System forensics | Security threat analysis | Intrusion detection | Vulnerability assessment | Endpoint security | System protection | Host-based detection | Threat identification | Adversary techniques | Enterprise security | Host monitoring | Security controls
  • Attack Phase: 10 Discovery
  1. Printer Security Testing Cheat Sheet - Hacking Printers
  • Usage Keywords: Printer security | Network security | Vulnerability testing | Exploitation techniques | Device security | Penetration testing | Printer hacking | Network penetration | Information leakage | Cybersecurity testing | Vulnerability assessment | Network devices | Exploit testing | Security testing | System hardening | Device exploitation | Security research | Data exfiltration | Security vulnerabilities | Threat mitigation
  • Attack Phase: 5 Exploitation | 16 Exfiltration | 7 Defense Evasion | 10 Discovery

  1. grimbins

    • Usage Keywords: Custom utilities | Security tools | Penetration testing | Open-source projects | Code execution | Network analysis | Tool development | Debugging tools | Web development utilities | Scripting | Automation tools | System utilities | Vulnerability testing | Exploit development | Code analysis | Source code management | Debugger | Tool repository | Custom toolsets | Software testing
    • Attack Phase: 2 Resource Development | 5 Exploitation | 12 Execution | 6 Persistence

  2. LOLBAS

    • Usage Keywords: Living off the land binaries | LOLBAS | Binary exploitation | Exploit mitigation | Fileless malware | Offensive security | System administration tools | Defense evasion | Command execution | Privilege escalation | Binary analysis | Post-exploitation tools | Windows binaries | System exploitation | Process injection | Lateral movement | Command-line utilities | Persistence techniques | System exploitation | Exploit development
    • Attack Phase: 7 Defense Evasion | 5 Exploitation | 11 Privilege Escalation | 12 Execution | 6 Persistence | 14 Lateral Movement

  3. IppSec - Search

    • Usage Keywords: HackTheBox walkthroughs | Vulnerability exploitation | Capture the flag challenges | Privilege escalation | Network penetration testing | Web application security | Buffer overflow | Exploit development | Post-exploitation techniques | CTF tutorials | Reverse engineering | Offensive security | Lateral movement | Code execution | Network forensics | Password cracking | Windows privilege escalation | Linux exploitation | Exploitation techniques | Pentesting techniques
    • Attack Phase: 5 Exploitation | 11 Privilege Escalation | 12 Execution | 14 Lateral Movement | 10 Discovery | 15 Collection

  4. Kali Linux / Packages / snmpcheck · GitLab

    • Usage Keywords: SNMP enumeration | Network scanning | Device discovery | Service enumeration | Network monitoring | Vulnerability scanning | Security testing | Network security tools | SNMP exploit | Information gathering | Reconnaissance tools | SNMP vulnerabilities | Network device mapping | SNMP brute force | Network protocol analysis | Data exfiltration | Network discovery | Network protocol scanning | Penetration testing | Recon tools
    • Attack Phase: 1 Reconnaissance | 10 Discovery | 15 Collection

  5. Sysinternals Utilities - Sysinternals | Microsoft Learn - Usage Keywords: System monitoring | Debugging tools | Process management | File monitoring | Security analysis | Process Explorer | Windows system utilities | Malware detection | Process forensics | Memory analysis | Rootkit detection | Registry monitoring | Windows troubleshooting | Forensic investigation | Windows diagnostics | File system monitoring | Privilege escalation detection | Incident response | Security auditing | Windows performance monitoring - Attack Phase: 10 Discovery | 7 Defense Evasion | 13 Credential Access

  6. Process Hacker - Usage Keywords: Process analysis | Memory forensics | Debugging tools | Process termination | System monitoring | Rootkit detection | Malware analysis | System security | Process injection detection | Task management | Windows process explorer | Security auditing | Privilege escalation detection | Network activity monitoring | System diagnostics | System process control | Debugging processes | Security monitoring | Malware debugging | Privilege escalation detection - Attack Phase: 10 Discovery | 7 Defense Evasion | 13 Credential Access | 5 Exploitation

GitHub Repositories

  1. GhostPack / Seatbelt

    • Usage Keywords: Host survey | Security checks | Offensive security | Defensive security | System enumeration | Host discovery | Privilege escalation checks | Process enumeration | Security posture | System information gathering | Active directory checks | Local account enumeration | Network configuration checks | Software inventory | Security auditing | Event log review | Token enumeration | Attack surface mapping | OS security features | Windows security checks
    • Attack Phase: 10 Discovery | 11 Privilege Escalation | 15 Collection

  2. wizwizdev / wizwizxui-timebot

    • Usage Keywords: Subscription management | Automation tool | Panel monitoring | Time tracking | Bot development | Service monitoring | X-UI integration | Subscription renewal alerts | Subscription expiry management | X-UI bot usage | Panel usage analytics | Subscription alerts | Subscription volume management | Subscription tracking | User notification automation | Service analytics | Automated service alerts | X-UI subscription tracking | Timebot automation | Service status alerts
    • Attack Phase: (No direct cybersecurity relevance or attack phase identified for this site.)

  3. RUB-NDS / PRET

    • Usage Keywords: Printer exploitation | Network printer vulnerabilities | Print job manipulation | Printer reconnaissance | Printer firmware attacks | Print spooler exploitation | Dumpster diving | Printer command execution | Printer control access | Network device attacks | Exploit printing systems | Printer vulnerabilities | Document manipulation | PostScript attacks | PCL attacks | Printer network discovery | Cross-platform printing vulnerabilities | Exploitative printing tools | Printer metadata extraction | Embedded device attacks
    • Attack Phase: 1 Reconnaissance | 5 Exploitation | 10 Discovery | 11 Privilege Escalation

  4. PwnDexter / SharpEDRChecker

    • Usage Keywords: EDR bypass | Endpoint detection response | Process enumeration | DLL inspection | Service enumeration | EDR evasion techniques | Process metadata analysis | Anti-virus evasion | Installed services review | Process monitoring | Security product detection | DLL analysis | Process memory checks | Malware defense evasion | Active process detection | Process integrity verification | EDR software discovery | Security software evasion | System security audit | Endpoint security bypass
    • Attack Phase: 7 Defense Evasion | 10 Discovery | 11 Privilege Escalation | 12 Execution | 13 Credential Access

  5. PwnDexter / Invoke-EDRChecker

    • Usage Keywords: Endpoint detection | EDR detection | Process analysis | DLL inspection | Service enumeration | Registry inspection | Driver analysis | Process metadata | Running processes | EDR evasion | Endpoint forensics | Malware defense evasion | Detection bypass | System forensics | Memory inspection | System analysis | Security service detection | Defense evasion tactics | Malware evasion | Threat detection
    • Attack Phase: 7 Defense Evasion | 10 Discovery | 5 Exploitation | 6 Persistence

  6. dafthack / MailSniper

    • Usage Keywords: Email penetration testing | Microsoft Exchange scanning | Password harvesting | Sensitive email discovery | Insider threat detection | Network intel gathering | Credential access | Phishing simulation | Email spoofing | Exchange vulnerability scanning | Password spraying | Mailbox searching | Target email discovery | Exchange server testing | Email attack surface | Credential phishing | Email analysis | Penetration testing | Mailbox exploitation | Information gathering
    • Attack Phase: 13 Credential Access | 15 Collection | 4 Social Engineering | 5 Exploitation

  7. xFreed0m / RDPassSpray

    • Usage Keywords: RDP password spraying | Brute force attacks | Password guessing | Remote desktop exploitation | Credential harvesting | Remote attack vector | Weak password detection | RDP brute force | Credential-based attacks | Remote access attacks | RDP security testing | Lateral movement | Authentication attacks | RDP vulnerability testing | Password spraying tool | RDP attack simulations | Account compromise | Brute force mitigation | Access control testing | Remote access compromise
    • Attack Phase: 13 Credential Access | 14 Lateral Movement | 11 Privilege Escalation | 5 Exploitation

  8. Mebus / cupp

    • Usage Keywords: Password profiling | Custom password lists | Password dictionary creation | Brute force preparation | Password analysis | User behavior profiling | Password list generation | Dictionary-based attacks | Weak password discovery | Custom password dictionary | Credential brute forcing | Password cracking | Social engineering | User password patterns | Common passwords | User-centric password lists | Dictionary attacks | Password guessing | Brute force tool | Password discovery
    • Attack Phase: 13 Credential Access | 4 Social Engineering | 5 Exploitation

  9. shroudri / username_generator

    • Usage Keywords: Username generation | Brute force username list | User enumeration | Username list creation | Authentication attacks | Username guessing | Targeted username generation | Credential-based attacks | User identification | Brute force attack prep | Username-based attacks | User profiling | Credential attacks | Account discovery | Username brute forcing | User account discovery | Custom username list | Brute force tool | User attack surface | Enumeration tool
    • Attack Phase: 10 Discovery | 13 Credential Access | 5 Exploitation

  10. infosecn1nja / Red-Teaming-Toolkit

  • Usage Keywords: Red teaming tools | Threat hunting tools | Penetration testing | Offensive security tools | Network penetration | Vulnerability exploitation | Threat simulation | Post-exploitation tools | Active Directory attacks | Lateral movement tools | Attack emulation | Network reconnaissance | Privilege escalation | Threat actor simulation | Command and control | Data exfiltration tools | Exploit development | Adversary emulation | Network security testing | Reconnaissance tools
  • Attack Phase: 1 Reconnaissance | 5 Exploitation | 11 Privilege Escalation | 9 Pivoting | 10 Discovery | 14 Lateral Movement

  1. lanmaster53 / recon-ng

    • Usage Keywords: OSINT | Open-source intelligence | Information gathering | Reconnaissance | Target identification | Data harvesting | Passive reconnaissance | Domain reconnaissance | Network mapping | Host enumeration | Social media data collection | Email scraping | Metadata extraction | Subdomain discovery | DNS enumeration | Target profiling | Geolocation analysis | Security assessment | Data correlation | External threat intelligence
    • Attack Phase: 1 Reconnaissance | 10 Discovery

  2. sullo / nikto

    • Usage Keywords: Web server scanning | Vulnerability scanning | Misconfiguration detection | Web server security | SSL/TLS testing | CGI script detection | Directory enumeration | Web application security | HTTP header analysis | Web vulnerability testing | Server fingerprinting | Server hardening | Security assessment | Default credential detection | File inclusion vulnerability scanning | SQL injection detection | Cross-site scripting detection | Security audit | Penetration testing | Weakness discovery
    • Attack Phase: 1 Reconnaissance | 5 Exploitation | 10 Discovery

  3. BishopFox / sliver

    • Usage Keywords: Adversary emulation | Red teaming | Command and control | C2 framework | Post-exploitation | Persistence | Privilege escalation | Lateral movement | Payload delivery | Offensive security | Network infiltration | Attack simulation | Malware execution | Remote access | Persistence techniques | Covert operations | Post-exploitation tools | Defense evasion | Offensive tool development | Threat actor simulation
    • Attack Phase: 6 Persistence | 8 Command & Control | 14 Lateral Movement | 11 Privilege Escalation

  4. cobbr / Covenant

    • Usage Keywords: .NET C2 framework | Red teaming | Command and control | Post-exploitation | Credential theft | Persistence | Adversary emulation | Privilege escalation | Offensive security | Lateral movement | Remote code execution | Command execution | Post-compromise | PowerShell exploitation | Credential dumping | Attack simulation | Penetration testing | Security bypass | Defensive evasion | C2 server management
    • Attack Phase: 6 Persistence | 8 Command & Control | 11 Privilege Escalation | 13 Credential Access

  5. infosecn1nja / AD-Attack-Defense

    • Usage Keywords: Active Directory exploitation | AD attack techniques | Active Directory defense | Post-exploitation | Privilege escalation | Lateral movement | Credential access | Red teaming | AD security | Attack simulation | Domain controller compromise | Kerberos attacks | Pass-the-hash | Golden ticket attacks | Blue teaming | Security hardening | Penetration testing | Offensive security | Defensive techniques | Identity theft | Access control bypass
    • Attack Phase: 11 Privilege Escalation | 13 Credential Access | 14 Lateral Movement | 6 Persistence

  6. bitsadmin / wesng

    • Usage Keywords: Windows exploit suggestion | Vulnerability assessment | Patch analysis | Exploit detection | Security misconfiguration identification | Windows security | Privilege escalation vulnerabilities | Local privilege escalation | Exploit development | Windows hardening | Patch management | Security scanning | Kernel vulnerabilities | Security assessment | System hardening | Exploit mitigation | CVE analysis | Penetration testing | Threat assessment | Vulnerability discovery
    • Attack Phase: 5 Exploitation | 11 Privilege Escalation | 10 Discovery

  7. itm4n / PrivescCheck

  • Usage Keywords: Privilege escalation | Windows enumeration | Local privilege discovery | Security auditing | Windows vulnerabilities | Privilege escalation techniques | System vulnerability assessment | Privilege scanning | Local user discovery | Windows privilege check | Active Directory enumeration | Security misconfigurations | Elevation of privileges | Security vulnerability mapping | User permission audit | Privilege access review | Windows security gaps | System rights assessment | Privilege path discovery | Windows security tools
  • Attack Phase: 10 Discovery | 11 Privilege Escalation
  1. peass-ng / PEASS-ng
  • Usage Keywords: Privilege escalation | Privilege scanning | Windows privilege enumeration | Linux privilege enumeration | User privilege analysis | Vulnerability exploitation | Access control weaknesses | Security misconfigurations | User privilege mapping | System auditing | Security vulnerability scanning | Privilege discovery | Misconfiguration detection | Privilege access audit | Exploitation paths | Privilege escalation toolkit | System access elevation | User permission exploitation | Security auditing | Post-exploitation tools
  • Attack Phase: 10 Discovery | 11 Privilege Escalation | 12 Execution
  1. gtworek / Priv2Admin
  • Usage Keywords: Privilege escalation | Windows privilege exploitation | Privilege abuse | Rights elevation | Windows security vulnerabilities | Security misconfiguration exploitation | Access control manipulation | Privilege exploitation paths | Elevation of rights | Exploitation of Windows privileges | User access control bypass | Post-exploitation techniques | Admin rights escalation | Security audit tools | Windows vulnerability exploitation | Unauthorized privilege escalation | System privilege manipulation | Security bypass techniques | Local user privilege elevation | Windows post-exploitation tools
  • Attack Phase: 5 Exploitation | 11 Privilege Escalation
  1. counteractive / incident-response-plan-template
  • Usage Keywords: Incident response planning | Cybersecurity incident management | Incident response strategy | Security breach response | Incident handling | Security incident documentation | Threat response | Security incident recovery | Incident response plan template | Cyber incident response | Data breach response | Incident communication plan | Security incident protocols | Incident investigation | Threat containment | Cyber incident management | Post-incident analysis | Security incident mitigation | Emergency response plan | Incident response procedures
  • Attack Phase: 18 Objectives
  1. humblelad / Shodan-Dorks
  • Usage Keywords: Shodan dorks | Shodan search techniques | Vulnerability discovery | Network exposure scanning | IoT security scanning | Open port detection | Internet-facing devices | Cyber intelligence gathering | Attack surface discovery | Shodan usage | Vulnerability search | Network reconnaissance | Internet device enumeration | Security misconfiguration detection | Threat reconnaissance | Internet service discovery | Open port scanning | Security asset discovery | Online device mapping | Shodan search filters
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. Shodan Dorks || GitHub: lothos612/shodan
  • Usage Keywords: Shodan dorks | Cyber intelligence | Network scanning | Device enumeration | IoT discovery | Vulnerability scanning | Service identification | Security research | Attack surface mapping | Internet-exposed systems | Reconnaissance techniques | Public service analysis | Passive reconnaissance | Information gathering | Open port scanning | Server discovery | IoT security | Network footprinting | OSINT for security | Internet-wide scanning
  • Attack Phase: 1 Reconnaissance | 10 Discovery
  1. Command Injection Payload List || GitHub: payloadbox/command-injection-payload-list
  • Usage Keywords: Command injection payloads | Web application attacks | Input validation bypass | Remote command execution | Security testing | Exploit development | Server-side vulnerabilities | Command execution | Exploitation techniques | Code injection | Penetration testing | OS command injection | Web security | Vulnerability discovery | Exploit payloads | Web app exploitation | Testing methodologies | Input sanitization flaws | Payload crafting | Server vulnerability detection
  • Attack Phase: 5 Exploitation | 12 Execution | 14 Lateral Movement
  1. XSS Hunter Express || GitHub: mandatoryprogrammer/xsshunter-express
  • Usage Keywords: XSS detection | Cross-site scripting | Web application security | XSS exploitation | Payload execution | Security testing tools | Web app penetration testing | DOM injection | Client-side attacks | Web vulnerability testing | JavaScript injection | Exploitation frameworks | Browser vulnerability | XSS payloads | Security monitoring | Web security automation | Vulnerability testing | Browser-based exploitation | Web attack simulation | Client-side vulnerabilities
  • Attack Phase: 4 Social Engineering | 5 Exploitation | 15 Collection
  1. LinEnum || GitHub: rebootuser/LinEnum
  • Usage Keywords: Linux enumeration | Privilege escalation | Local security checks | System auditing | Linux vulnerabilities | Exploitation tools | System enumeration | Local privilege discovery | Linux security | Post-exploitation techniques | Security testing tools | Kernel vulnerabilities | Vulnerability discovery | System auditing | Penetration testing | Exploit development | Linux attack surface | Security checks | System misconfigurations | User privilege detection
  • Attack Phase: 10 Discovery | 11 Privilege Escalation | 5 Exploitation
  1. PayloadsAllTheThings || GitHub: swisskyrepo/PayloadsAllTheThings
  • Usage Keywords: Web application security | Exploitation payloads | Bypass techniques | Vulnerability exploitation | Penetration testing | Payload injection | Web security testing | Security misconfigurations | Server exploitation | Client-side attacks | Remote code execution | Exploit development | Web app pentesting | CTF payloads | Vulnerability testing | Security evasion | Privilege escalation | Testing methodologies | Web attack payloads | Injection attacks
  • Attack Phase: 5 Exploitation | 7 Defense Evasion | 14 Lateral Movement
  1. rsatool || GitHub: ius/rsatool
  • Usage Keywords: RSA key generation | Cryptography testing | RSA parameter calculation | Public key cryptography | Cryptographic vulnerabilities | Key management | Security testing tools | Encryption analysis | RSA attack tools | Cryptanalysis | Security auditing | Key cracking | CTF cryptography | Private key recovery | Cryptographic exploitation | RSA-CRT analysis | Vulnerability testing | Penetration testing | Key parameter generation | Cryptographic flaw detection
  • Attack Phase: 5 Exploitation | 13 Credential Access
  1. RsaCtfTool || GitHub: RsaCtfTool
  • Usage Keywords: RSA attack tools | Private key extraction | Cryptographic vulnerabilities | Cryptography exploitation | RSA decryption | Public key analysis | CTF cryptography tools | Weak key exploitation | Cryptanalysis | Key recovery | Security research | RSA vulnerability testing | Encryption cracking | Vulnerability discovery | Cryptography challenges | Security audits | Penetration testing | Cryptographic flaw detection | Exploit development | Weak encryption testing
  • Attack Phase: 13 Credential Access | 5 Exploitation
  1. SecLists - Security Testing Lists Collection
  • Usage Keywords: Security assessments | Penetration testing | Username lists | Password lists | URL lists | Security tools | Vulnerability research | Exploit development | Red teaming | Information gathering | Attack vectors | Security auditing | Data enumeration | Credential stuffing | System hardening | Security training | Ethical hacking | Cybersecurity resources | Risk management | Threat modeling
  • Attack Phase: 1 Reconnaissance | 15 Collection

If you have more bookmarks, feel free to share them!

ChatGPT

Model Hallucination

Model hallucination refers to the phenomenon where a machine learning model generates outputs that are incorrect, misleading, or nonsensical, despite sounding plausible. This can occur due to biases in the training data or limitations in the model's understanding, leading it to "imagine" information that doesn’t exist.

Examples of model hallucination include:

  1. Text Generation: A language model may create a fictional historical event or person that sounds credible but lacks any basis in reality.

  2. Image Recognition: An AI might misidentify an object, such as interpreting a picture of a cat as a dog, or even generating a completely fictitious creature.

  3. Chatbots: A chatbot might confidently assert incorrect facts, like claiming a celebrity has won an award they never received.

  4. Medical Diagnosis: An AI system could suggest treatments for conditions that do not exist, leading to potential misinformation.

These examples highlight how model hallucination can result in inaccuracies across various applications.

Author: @W

About

🗡️ | Essential Cybersecurity Websites and GitHub Repositories

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors