- Recon
- Find vuln
- Exploit
- Document it
Unicornscans in cli, nmap in msfconsole to help store loot in database.
Juan A. Sanchez gozes
gozes
/ sshclient.py
Created
June 16, 2016 19:48
— forked from grugq/sshclient.py
twisted ssh client (based on conch.py) with an embedded cmd.Cmd shell for controllng the SSH session
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from twisted.internet import reactor, defer, endpoints, task, stdio | |
| from twisted.conch.client import default, options, direct | |
| from twisted.conch.error import ConchError | |
| from twisted.conch.ssh import session, forwarding, channel | |
| from twisted.conch.ssh import connection, common | |
| from twisted.python import log, usage | |
| import signal | |
| import tty | |
| import struct | |
| import fcntl |
gozes
/ how-to-oscp-final.md
Created
May 3, 2017 12:35
— forked from unfo/how-to-oscp-final.md
gozes
/ oscp-tips.md
Created
May 3, 2017 12:35
— forked from unfo/oscp-tips.md
- Doing all of the exercises is important since you will discover low-hanging fruit from the labs based on the recon you do with the different tools in the exercises.
- Be wary of doing full /24 range port scans, especially for anything more than a few TCP ports. The machines might be in all sorts of broken states left by students etc.
- When starting to recon a specific machine:
- Revert
- Port scan
- Try to identify services
Those steps in that order are important. You want a fresh state for the machine and you want to do just simple port scanning first because doing nmap's service scanning or nse scripts might send payloads that actually crash services. So be careful.
OlderNewer