Metasploit, Exploit machines, run payloads, do post-exploitation., Responder, Capture NTLMv2 hashes by poisoning LLMNR/NBT-NS., Impacket, Python scripts for SMB, Kerberos, AD attacks., CrackMapExec, Active Automate Spray passwords, reuse creds, attack SMB/AD., Hydra, Active Brute-force credentials across protocols.SSH/FTP/etc, msfvenom, Generate payloads (reverse shells, EXEs, macros)., Netcat, Active Reverse shells, tunneling, data transfer., Hashcat, Active GPU hash cracking., John the Ripper, Active CPU hash cracking., Medusa, Active Parallel brute-forcing tool. "bruteforce a lot of accounts fast", Burp Suite, Active Web app testing and brute-forcing logins., Certify, Abuse Active Directory Certificate Services., Seatbelt, Windows security posture enumeration. “Collect Windows security info.”, PowerShell/ISE, Run automation scripts, execute payloads, enumerate system., PsExec, Execute commands on remote Windows systems., Evil-WinRM, Remote shell into Windows via WinRM + pass-the-hash., Mimikatz, Dump passwords, hashes, tickets (LSASS)., Rubeus, Kerberos ticket abuse (requesting, forging, roasting)., LOLBins, Active Use built-in Windows binaries for stealth., ZAP (OWASP), Web proxy + vulnerability scanner. open source burp suite, Postman, Active Craft/test API requests, sqlmap, Active Automated SQL injection exploitation., Gobuster/DirBuster, Active Directory/file brute-forcing., WFuzz, Active Web parameter fuzzing., WPScan, Active WordPress vulnerability scanner., Pacu, Active AWS exploitation framework., Docker Bench, Security benchmark for Docker hosts., Prowler, Passive AWS CIS benchmark security posture checks., ScoutSuite, Multi-cloud auditing (AWS, Azure, GCP)., WPAD, Exploit Web Proxy Auto-Discovery to capture auth..
0%
Attacks & Exploits
共享
共享
共享
由
Pookiedookie
编辑内容
打印
嵌入
更多
作业
排行榜
显示更多
显示更少
此排行榜当前是私人享有。单击
,共享
使其公开。
资源所有者已禁用此排行榜。
此排行榜被禁用,因为您的选择与资源所有者不同。
还原选项
匹配游戏
是一个开放式模板。它不会为排行榜生成分数。
需要登录
视觉风格
字体
需要订阅
选项
切换模板
显示所有
播放活动时将显示更多格式。
)
打开成绩
复制链接
QR 代码
删除
恢复自动保存:
?
