Metasploit, Exploit machines, run payloads, do post-exploitation., Responder, Capture NTLMv2 hashes by poisoning LLMNR/NBT-NS., Impacket, Python scripts for SMB, Kerberos, AD attacks., CrackMapExec, Active Automate Spray passwords, reuse creds, attack SMB/AD., Hydra, Active Brute-force credentials across protocols.SSH/FTP/etc, msfvenom, Generate payloads (reverse shells, EXEs, macros)., Netcat, Active Reverse shells, tunneling, data transfer., Hashcat, Active GPU hash cracking., John the Ripper, Active CPU hash cracking., Medusa, Active Parallel brute-forcing tool. "bruteforce a lot of accounts fast", Burp Suite, Active Web app testing and brute-forcing logins., Certify, Abuse Active Directory Certificate Services., Seatbelt, Windows security posture enumeration. “Collect Windows security info.”, PowerShell/ISE, Run automation scripts, execute payloads, enumerate system., PsExec, Execute commands on remote Windows systems., Evil-WinRM, Remote shell into Windows via WinRM + pass-the-hash., Mimikatz, Dump passwords, hashes, tickets (LSASS)., Rubeus, Kerberos ticket abuse (requesting, forging, roasting)., LOLBins, Active Use built-in Windows binaries for stealth., ZAP (OWASP), Web proxy + vulnerability scanner. open source burp suite, Postman, Active Craft/test API requests, sqlmap, Active Automated SQL injection exploitation., Gobuster/DirBuster, Active Directory/file brute-forcing., WFuzz, Active Web parameter fuzzing., WPScan, Active WordPress vulnerability scanner., Pacu, Active AWS exploitation framework., Docker Bench, Security benchmark for Docker hosts., Prowler, Passive AWS CIS benchmark security posture checks., ScoutSuite, Multi-cloud auditing (AWS, Azure, GCP)., WPAD, Exploit Web Proxy Auto-Discovery to capture auth..
0%
Attacks & Exploits
共用
共用
共用
由
Pookiedookie
編輯內容
列印
嵌入
更多
作業
排行榜
顯示更多
顯示更少
此排行榜當前是私有的。單擊
共用
使其公開。
資源擁有者已禁用此排行榜。
此排行榜被禁用,因為您的選項與資源擁有者不同。
還原選項
匹配遊戲
是一個開放式範本。它不會為排行榜生成分數。
需要登錄
視覺風格
字體
需要訂閱
選項
切換範本
顯示所有
播放活動時將顯示更多格式。
)
打開結果
複製連結
QR 代碼
刪除
恢復自動保存:
?
