Antisyphon KB
Search
Search
Dark mode
Light mode
Explorer
Methodologies
Architecture Review
Active Directory Architecture Review
0. Overview
1. Checklist
Cloud Architecture Review
0. Overview
1. Checklist
Network Architecture Review
0. Overview
1. Checklist
Penetration Testing
Assumed Compromise (Internal Pivot) Test
0. Pivot Overview
1. Pivot Checklist
2. macOS Pivot Checklist
Cloud Penetration Test
AWS
Read-Only Minimal Policy
Recon & Exploitation
Azure
Mitigation & Detections
Recon & Exploitation
0. Cloud Overview
1. Cloud Checklist
Command and Control & Data Exfiltration Assessment
0. C2 Overview
1. C2 Checklist
2. macOS C2 Checklist
Desktop Application
0. Desktop Application Overview
1. Desktop Application Checklist
External Network Penetration Test
0. External Overview
1. External Checklist
Common Tools Installation and Usage
Internal Network Penetration Test
Common Tools and Techniques
BloodHound.py
Certipy
Coercer
CrackMapExec
EavesARP
Impacket
mitm6
NetExec
Parsuite
PetitPotam
PKINITTools
Responder
SCCMHunter
SecLists
SilverSearcher-ag
TestSSL.sh
WebclientServiceScanner
0. Internal Overview
1. Internal Checklist
Responder and Relay Basics
Restricting_Internal_Scope
Tools Installation and Usage
Kubernetes
Hacking & Defending K8s
Mobile App Test
0. Mobile App Overview
1. Mobile App Checklist
Network Access Control (NAC) Bypass Test
0. NAC Bypass Overview
Physical Penetration Test
Common Tools and Techniques
Access Control Key Set
Cabinet Key Set
Covert Companion
Crash Bar Tool
Deadbolt Thumb Turn - J Tool
DIY Bypass Tools and Ideas
Door Fitment Tools
High Resolution Endoscope
HP Sprocket Select Photo Printer
iCopy-X with iClass Decoder
Lock Bump Set
Long-Range RFID Reader
Mica Door Shims
Padlock Shims
Proxmark 3 RDV4
Traveler Hook and Mini Jim
Tuxedo Pick Set
Under Door Tool (UDT)
0. Physical Overview
1. Physical Checklist
2. Physical Kit Contents
Purple Team Exercise
0. Purple Overview
1. Purple Checklist
Reconnaissance
0. Recon Overview
1. Recon Checklist
Web Application-API Penetration Test
Common Tools and Techniques
Bruno
Swagger Definitions
WordPress
0. Webapp Overview
1. Webapp Checklist
Burp Suite Extensions
Getting Started with Web App Testing
SSL Stripping Setup
Web API Testing
Web App Checklist from WAHH
Webapp Methodology
Wireless Penetration Test
Common Tools and Techniques
Aircrack-ng Suite
Airgeddon
Analyze Wireless Hardware
Bash Bunny
Bettercap
BSSID Correlation
Deauthentication Attacks
Eaphammer
Enterprise Network Attacks
Flipper Zero
Gather Certificate Details
Hcxtools
Hostapd-mana and wpa_sycophant
Kismet
Netspot
Open and Guest Network Attacks
Pre-Shared Key (PSK) Attacks
Rogue Device Searches
Rubber Ducky
Segmentation Testing
Uncloak Hidden SSIDs
USB Wireless Adapters
Wigle.net
0. Wireless Overview
1. Wireless Checklist
2. Wireless Kit Contents
3. Recommended Wireless Kit Components
Security Controls Audit
Atomic Controls Assessment
0. Overview
1. Checklist
CIS Critical Controls Assessment
0. Overview
1. Checklist
Tools
NightHawk
Aliases
BOFs
Client
Deploying Nighthawk over Quick Cobalt Strike
Help
Logging
NightHawk Framework
Nighthawk Profile Notes
NightHawk Profiles
Nighthawk UI Aliases
One Liners
Operator's Notes - corey
AceLdr
ADExplorer.exe
Aircrack-NG Suite
airCross - AirWatch attack tool
Aquatanto - Kernel Memory Tampering
big friggin gun
Bloodhound
BruteLoops
Bruteratel
BuffetBuddy
Burp Extension - Copy-For
Burp Suite Professional
Cobalt Strike
CredMaster
CyberChef
dns-triage
DomainPasswordSpray
Dump Dicer
eavesarp
Evilginx
EyeWitness
Fake PII Data Generation
Git Tools
gobuster
gost
GraphRunner
hashcat
HCL AppScan
Ice Scraper
iptables
Linux Terminal Tips and Tricks
MailSniper
Metasploit
MFASweep
MSOLSpray
Mythic
Nessus
Nuclei
Payload Buffet
Postman
powercat
Proxifier
scarecrow
Seadevil
SharpChrome
Sharphound
Simple HTTPS Server
Skyhook
SlackEnum
smb-deploy
Snaffler
socksify
SourcePoint
SSH
test-files
testssl.sh
Tmux Usage
Wappalyzer
wstunnel
Yalis LinkedIn Scraper
TTPs
Abusing Windows Defender Exclusions
AD PowerShell module without RSAT
AMSI and Logging Bypass Using Powershell v2
AppLocker Enumeration
AppScan Usage and Setup
Basic Tests Checklist for PowerUpSQL
Bloodhound and SharpHound Execution
Bloodhound Queries for Target Selection
Bloodhound Queries that Result in Findings
Bruteratel Shellcode Injection
Change the Neo4j password
Click Once Guidance
Clickjacking
Common Nuclei Usage
Connecting to Bruteratel
Create a Windows Shortcut (LNK) via PowerShell
CredMaster
Cross-Origin Resource Sharing (CORS)
Cypher Queries to Find Credentials
Decrypting Stored Jenkins Passwords
Domain Fronting with Edgeio
Download and Install Bruteratel
Dylib Injection
EDR Bypass via Service Binary Renaming
EDR Bypass via Trusted Installer Abuse
Email Accounts for Tests
Evilginx 3 Deployment
Explorer - Search LDAP for passwords
General Usage of Burp Suite
Get more High Value Targets in Bloodhound - Direct Admins
Graph Queries - Bloodhound customqueries.json
Illicit Consent Grants
Initial Access Payloads with Mystikal
Installing Bruteratel in WSL2
Installing Mythic to MacOS
Internal password spraying - Domain users
JavaScript Snippets for Console
Kerberoasting and Fixing Kerberoasting Errors (Invoke-Kerberoast, Get-KerberoastHashFromAPReq, TicketByteHexStream)
Known Bruteratel Issues
Learning Cypher for Bloodhound
List Queries - Enter manually in Neo4J web UI
macOS Credential Access
macOS File Permissions
macOS Lateral Movement
macOS Persistence
Mark of the Web - Manually Add MOTW to a file (Alternate Data Streams)
Misc Bloodhound Cypher Queries
MSOLSpray
Mythic Agents
Mythic C2 Setup
Nessus Interaction
OneDriveStandaloneUpdater.exe Persistence
Outbound Port Scan using PowerShell
Permanently Disable Windows Defender
PowerShell Downgrade Attack (AMSI and Logging Bypass)
Privilege Separation Testing with Burp Suite
Queries for Demonstrating Impact, Hunting Crown Jewels
Quick Cobalt Strike Initial Use Modifications
Scan SMB Shared Folders for Interesting, Sensitve Files
Scanning for Local Administrator Access
Scanning for RDP access (PowerShell, xfreerdp)
Scripting HTTP Requests with Curl
Search LDAP for passwords
Search LDAP for passwords with ADExplorer
Setting up Bruteratel Listeners
Setting Up Mythic on MacOS
Signing Payloads with BHIS EV Cert
Teams DLL Side Jacking Cheatsheet
Testing TLS and Certificates
TestSSL.sh
Transparency, Consent, and Control (TCC)
Using Autorize
VMDK Password Hash Extraction
Windows - Non-Admin Install of Python and Impacket
Windows Local Privilege Escalation Tools
Windows Persistence Methods and Locations
wmiexec.py Indicators and Usage
XPC
README
Home
❯
Methodologies
❯
Penetration Testing
❯
Purple Team Exercise
❯
0. Purple Overview
0. Purple Overview
Graph View
Backlinks
No backlinks found