#Hackthebox
Showing 60 of 82 repositories tagged #hackthebox, ranked by stars
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Linux enumeration tool for pentesting and CTFs with verbosity levels
A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.
Writeups for HacktheBox 'boot2root' machines
Penelope Shell Handler
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
π Don't know what type of hash it is? Name That Hash will name that hash type! π€ Identify MD5, SHA256 and 300+ other hashes β Comes with a neat web app π₯
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
:key: Hash type identifier (CLI & lib)
My own OSCP guide
CTF Cheat Sheet + Writeups / Files for some of the Security CTFs that I've done
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
A collection of CTF write-ups, pentesting topics, guides and notes. Notes compiled from multiple sources and my own lab research. Topics also support OSCP, Active Directory, CRTE, eJPT and eCPPT.
π Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
Hack The Box CPTS, CWES, CDSA, CWEE, CAPE, CJCA Exam and Lab Reporting / Note-Taking Tool
Execute commands interactively on remote Windows machines using the WinRM protocol (just faster)
A living document for penetration testing and offensive security.
Hawkeye filesystem analysis tool
Professional bspwm desktop environment for kali linux for hacking, of all kinds, with custom shortcuts, scripts, s4vitar configurations, among other things.
A Highly Accessible and Automated Virtualization Platform for Security Education
My Markdown notes for all things cybersecurity
Writeups for vulnerable machines.
Search engine for CTF writeups with instant results.
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
The most comprehensive Hack The Box writeup collection - 500+ machines, 400+ challenges, interactive knowledge graph, skill trees, attack path diagrams, ProLabs, Sherlocks, OSCP/CPTS/CRTO prep. Browse: momenbasel.github.io/htb-writeups
A *nix Enumerator & Auto Privilege Escalation tool.
Interact with Hackthebox using your terminal - Be faster and more competitive !
CTF Cheatsheet
D3Ext's Forward Shell
Handβcurated offensive security toolkit, scripts, and writeups for ethical hackers, pentesters, and IT pros eager to level up.
Notes from various sources for preparing to take the OSCP, Capture the Flag challenges, and Hack the Box machines.
A tool for enumerating usernames from text, files, or websites
Repository of my CTF writeups
[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half this shit in a formal interview Β―\_(γ)_/Β―
Writeups for all the HTB machines I have done
Formidable Unix Binary Arsenal & Repository. TUI built for offline payload generation, retrieval, and exfiltration.
Command-Line tool for accessing HTB
Offline pentest workflow tracker β turns nmap output into a port-aware, KB-matched recon checklist in under 30 seconds. Self-hosted, single Docker image, no telemetry.
A Pentester's Powershell Client
Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code Execution
Cibersecurity blog. CTFs, writeups, electronics and more!
Script to facilitate different functions and checks
This tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.
Automate writeup for vulnerable machines.
π₯· [CheatSheet] Useful wiki for Capture The Flag (CTF)
HTB write-ups with detailed walkthroughs, screenshots, and tutorials for ethical hacking, CTF challenges, and penetration testing.
This is an UNOFFICIAL guide and general list of cheatsheets, references, and walkthroughs aligned with the OffSec OSCP exam process
Hawx Recon Agent is an intelligent, autonomous reconnaissance system powered by a Large Language Model (LLM). Designed for offensive security workflows, it automates initial triage and guided follow-up based on live service data.
VulnMapAI combines the power of nmapβs detailed network scanning and the advanced natural language processing capabilities of GPT-4 to generate comprehensive and intelligible vulnerability reports. It aims to facilitate the identification and understanding of security vulnerabilities.
Exploit for CVE-2022β25765 (pdfkit) - Command Injection
A tool that automates the process of enumeration
A comprehensive hacking learning path covering Pentesting, OSINT, Linux, Networking, Web Application Security, Cryptography, Exploitation, Reverse Engineering, Forensics, CVEs, and CTF challenges. Perfect for beginners and professionals to master ethical hacking, penetration testing, and cybersecurity step by step. π
HackTheBox Academy Modules writeups and notes
A learning and testing environment for web application hacking and pentesting.
HTB writeup downloader
Twin-Hex Cipher Encoder/Decoder
CVE-2022-39227 : Proof of Concept
Stack Based buffer overflow attack
Manage and access your Kali Linux or Parrot Security VM from the terminal (SSH support + file sharing, especially convenient during CTFs, Hack The Box, etc.) :rocket::wrench: