ubogdan

Optional param

--batch # Use default config, make the injection process run automatically, without user input.
--threads 5 
-r # uses the intercepted request you saved earlier like burp save the item

Run Save item from Burp

sqlmap -r save.item

ubogdan

24x7x365 SUPPORT http://www.captiongenerator.com/320492/Offsec-Student-Admins

https://natesubra.com/go/oscp

OSCP Syllabus:

https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/

Windows Privilege Escalation:

http://www.fuzzysecurity.com/tutorials/16.html

ubogdan

1. Burp Suite - https://portswigger.net/burp/communitydownload
2. OWASP ZAP - https://www.zaproxy.org/download/
3. sqlmap http://sqlmap.org/
4. Metasploit Framework - https://www.metasploit.com/download
5. Nmap https://nmap.org/download.html
6. Nikto https://github.com/sullo/nikto
7. Dirb - https://sourceforge.net/projects/dirb/
8. Wfuzz - https://github.com/xmendez/wfuzz
9. Gobuster- https://github.com/OJ/gobuster
10. Sublist3r https://github.com/aboul3la/Sublist3r

ubogdan

https://github.com/pentestmonkey/windows-privesc-check
https://github.com/inquisb/keimpx
https://github.com/Spiderlabs/Responder
https://github.com/infobyte/faraday
https://github.com/koto/xsschef
https://github.com/darkoperator/Meterpreter-Scripts
https://github.com/mubix/Not-In-Pentesting-Class
https://github.com/scoopex/scriptreplay_ng
https://github.com/irsdl/updated-SWFIntruder
https://github.com/pentestgeek/smbexec

ubogdan

git clone --recursive https://github.com/screetsec/Sudomy.git
git clone https://bitbucket.org/LaNMaSteR53/recon-ng.git
git clone https://github.com/0ang3el/aem-hacker.git
git clone https://github.com/0xinfection/tidos-framework.git
git clone https://github.com/1N3/BlackWidow.git
git clone https://github.com/1N3/Goohak.git
git clone https://github.com/1N3/IntruderPayloads
git clone https://github.com/1N3/Sn1per.git
git clone https://github.com/Alfresco/prowler.git
git clone https://github.com/Arr0way/linux-local-enumeration-script.git

ubogdan

Penetrating Testing/Assessment Workflow & other fun infosec stuff

https://github.com/jivoi/pentest

My feeble attempt to organize (in a somewhat logical fashion) the vast amount of information, tools, resources, tip and tricks surrounding penetration testing, vulnerability assessment, and information security as a whole*

• Reconnaissance
  • Passive/Semi-Passive
    • Tools
• Discover - https://github.com/leebaird/discover

ubogdan

0trace	1.5	A hop enumeration tool	http://jon.oberheide.org/0trace/
3proxy	0.7.1.1	Tiny free proxy server.	http://3proxy.ru/
3proxy-win32	0.7.1.1	Tiny free proxy server.	http://3proxy.ru/
42zip	42	Recursive Zip archive bomb.	http://blog.fefe.de/?ts=b6cea88d
acccheck	0.2.1	A password dictionary attack tool that targets windows authentication via the SMB protocol.	http://labs.portcullis.co.uk/tools/acccheck/
ace	1.10	Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface	http://ucsniff.sourceforge.net/ace.html
admid-pack	0.1	ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful.	http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html
adminpagefinder	0.1	This python script looks for a large amount of possible administrative interfaces on a given site.	http://packetstormse

ubogdan

0trace	1.5	A hop enumeration tool	http://jon.oberheide.org/0trace/
3proxy	0.7.1.1	Tiny free proxy server.	http://3proxy.ru/
3proxy-win32	0.7.1.1	Tiny free proxy server.	http://3proxy.ru/
42zip	42	Recursive Zip archive bomb.	http://blog.fefe.de/?ts=b6cea88d
acccheck	0.2.1	A password dictionary attack tool that targets windows authentication via the SMB protocol.	http://labs.portcullis.co.uk/tools/acccheck/
ace	1.10	Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface	http://ucsniff.sourceforge.net/ace.html
admid-pack	0.1	ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful.	http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html
adminpagefinder	0.1	This python script looks for a large amount of possible administrative interfaces on a given site.	http://packetstormse

ubogdan

0d1n|210.78028eb|Web security tool to make fuzzing at HTTP inputs, made in C with libCurl.| blackarch-webapp |https://github.com/CoolerVoid/0d1n
0trace|1.5|A hop enumeration tool.| blackarch-scanner |http://jon.oberheide.org/0trace/
3proxy|0.8.13|Tiny free proxy server.| blackarch-proxy |http://3proxy.ru/
3proxy-win32|0.8.13|Tiny free proxy server.| blackarch-windows |http://3proxy.ru/
42zip|42|Recursive Zip archive bomb.| blackarch-dos |http://blog.fefe.de/?ts=b6cea88d
a2sv|135.973ba13|Auto Scanning to SSL Vulnerability.| blackarch-scanner |https://github.com/hahwul/a2sv
abcd|4.2738809|ActionScript ByteCode Disassembler.| blackarch-disassembler |https://github.com/MITRECND/abcd
abuse-ssl-bypass-waf|5.3ffd16a|Bypassing WAF by abusing SSL/TLS Ciphers.| blackarch-webapp |https://github.com/LandGrey/abuse-ssl-bypass-waf
acccheck|0.2.1|A password dictionary attack tool that targets windows authentication via the SMB protocol.| blackarch-cracker |http://labs.portcullis.co.uk/tools/acccheck/
ace|1.10|Automated Corp

ubogdan

#!/usr/bin/env python3
"""
Script used to pull down the current video descriptions from ippsec's youtube channel.
The raw output still has a few HTML tags that need to be manually removed and there
also seem to be multiple duplicates of videos that have been removed in the output
saved as ippsec-details.txt
"""
import re
import sys