Antisyphon KB
Search
Search
Dark mode
Light mode
Explorer
Methodologies
Architecture Review
Active Directory Architecture Review
0. Overview
1. Checklist
Cloud Architecture Review
0. Overview
1. Checklist
Network Architecture Review
0. Overview
1. Checklist
Penetration Testing
Assumed Compromise (Internal Pivot) Test
0. Pivot Overview
1. Pivot Checklist
2. macOS Pivot Checklist
Cloud Penetration Test
AWS
Read-Only Minimal Policy
Recon & Exploitation
Azure
Mitigation & Detections
Recon & Exploitation
0. Cloud Overview
1. Cloud Checklist
Command and Control & Data Exfiltration Assessment
0. C2 Overview
1. C2 Checklist
2. macOS C2 Checklist
Desktop Application
0. Desktop Application Overview
1. Desktop Application Checklist
External Network Penetration Test
0. External Overview
1. External Checklist
Common Tools Installation and Usage
Internal Network Penetration Test
Common Tools and Techniques
BloodHound.py
Certipy
Coercer
CrackMapExec
EavesARP
Impacket
mitm6
NetExec
Parsuite
PetitPotam
PKINITTools
Responder
SCCMHunter
SecLists
SilverSearcher-ag
TestSSL.sh
WebclientServiceScanner
0. Internal Overview
1. Internal Checklist
Responder and Relay Basics
Restricting_Internal_Scope
Tools Installation and Usage
Kubernetes
Hacking & Defending K8s
Mobile App Test
0. Mobile App Overview
1. Mobile App Checklist
Network Access Control (NAC) Bypass Test
0. NAC Bypass Overview
Physical Penetration Test
Common Tools and Techniques
Access Control Key Set
Cabinet Key Set
Covert Companion
Crash Bar Tool
Deadbolt Thumb Turn - J Tool
DIY Bypass Tools and Ideas
Door Fitment Tools
High Resolution Endoscope
HP Sprocket Select Photo Printer
iCopy-X with iClass Decoder
Lock Bump Set
Long-Range RFID Reader
Mica Door Shims
Padlock Shims
Proxmark 3 RDV4
Traveler Hook and Mini Jim
Tuxedo Pick Set
Under Door Tool (UDT)
0. Physical Overview
1. Physical Checklist
2. Physical Kit Contents
Purple Team Exercise
0. Purple Overview
1. Purple Checklist
Reconnaissance
0. Recon Overview
1. Recon Checklist
Web Application-API Penetration Test
Common Tools and Techniques
Bruno
Swagger Definitions
WordPress
0. Webapp Overview
1. Webapp Checklist
Burp Suite Extensions
Getting Started with Web App Testing
SSL Stripping Setup
Web API Testing
Web App Checklist from WAHH
Webapp Methodology
Wireless Penetration Test
Common Tools and Techniques
Aircrack-ng Suite
Airgeddon
Analyze Wireless Hardware
Bash Bunny
Bettercap
BSSID Correlation
Deauthentication Attacks
Eaphammer
Enterprise Network Attacks
Flipper Zero
Gather Certificate Details
Hcxtools
Hostapd-mana and wpa_sycophant
Kismet
Netspot
Open and Guest Network Attacks
Pre-Shared Key (PSK) Attacks
Rogue Device Searches
Rubber Ducky
Segmentation Testing
Uncloak Hidden SSIDs
USB Wireless Adapters
Wigle.net
0. Wireless Overview
1. Wireless Checklist
2. Wireless Kit Contents
3. Recommended Wireless Kit Components
Security Controls Audit
Atomic Controls Assessment
0. Overview
1. Checklist
CIS Critical Controls Assessment
0. Overview
1. Checklist
Tools
NightHawk
Aliases
BOFs
Client
Deploying Nighthawk over Quick Cobalt Strike
Help
Logging
NightHawk Framework
Nighthawk Profile Notes
NightHawk Profiles
Nighthawk UI Aliases
One Liners
Operator's Notes - corey
AceLdr
ADExplorer.exe
Aircrack-NG Suite
airCross - AirWatch attack tool
Aquatanto - Kernel Memory Tampering
big friggin gun
Bloodhound
BruteLoops
Bruteratel
BuffetBuddy
Burp Extension - Copy-For
Burp Suite Professional
Cobalt Strike
CredMaster
CyberChef
dns-triage
DomainPasswordSpray
Dump Dicer
eavesarp
Evilginx
EyeWitness
Fake PII Data Generation
Git Tools
gobuster
gost
GraphRunner
hashcat
HCL AppScan
Ice Scraper
iptables
Linux Terminal Tips and Tricks
MailSniper
Metasploit
MFASweep
MSOLSpray
Mythic
Nessus
Nuclei
Payload Buffet
Postman
powercat
Proxifier
scarecrow
Seadevil
SharpChrome
Sharphound
Simple HTTPS Server
Skyhook
SlackEnum
smb-deploy
Snaffler
socksify
SourcePoint
SSH
test-files
testssl.sh
Tmux Usage
Wappalyzer
wstunnel
Yalis LinkedIn Scraper
TTPs
Abusing Windows Defender Exclusions
AD PowerShell module without RSAT
AMSI and Logging Bypass Using Powershell v2
AppLocker Enumeration
AppScan Usage and Setup
Basic Tests Checklist for PowerUpSQL
Bloodhound and SharpHound Execution
Bloodhound Queries for Target Selection
Bloodhound Queries that Result in Findings
Bruteratel Shellcode Injection
Change the Neo4j password
Click Once Guidance
Clickjacking
Common Nuclei Usage
Connecting to Bruteratel
Create a Windows Shortcut (LNK) via PowerShell
CredMaster
Cross-Origin Resource Sharing (CORS)
Cypher Queries to Find Credentials
Decrypting Stored Jenkins Passwords
Domain Fronting with Edgeio
Download and Install Bruteratel
Dylib Injection
EDR Bypass via Service Binary Renaming
EDR Bypass via Trusted Installer Abuse
Email Accounts for Tests
Evilginx 3 Deployment
Explorer - Search LDAP for passwords
General Usage of Burp Suite
Get more High Value Targets in Bloodhound - Direct Admins
Graph Queries - Bloodhound customqueries.json
Illicit Consent Grants
Initial Access Payloads with Mystikal
Installing Bruteratel in WSL2
Installing Mythic to MacOS
Internal password spraying - Domain users
JavaScript Snippets for Console
Kerberoasting and Fixing Kerberoasting Errors (Invoke-Kerberoast, Get-KerberoastHashFromAPReq, TicketByteHexStream)
Known Bruteratel Issues
Learning Cypher for Bloodhound
List Queries - Enter manually in Neo4J web UI
macOS Credential Access
macOS File Permissions
macOS Lateral Movement
macOS Persistence
Mark of the Web - Manually Add MOTW to a file (Alternate Data Streams)
Misc Bloodhound Cypher Queries
MSOLSpray
Mythic Agents
Mythic C2 Setup
Nessus Interaction
OneDriveStandaloneUpdater.exe Persistence
Outbound Port Scan using PowerShell
Permanently Disable Windows Defender
PowerShell Downgrade Attack (AMSI and Logging Bypass)
Privilege Separation Testing with Burp Suite
Queries for Demonstrating Impact, Hunting Crown Jewels
Quick Cobalt Strike Initial Use Modifications
Scan SMB Shared Folders for Interesting, Sensitve Files
Scanning for Local Administrator Access
Scanning for RDP access (PowerShell, xfreerdp)
Scripting HTTP Requests with Curl
Search LDAP for passwords
Search LDAP for passwords with ADExplorer
Setting up Bruteratel Listeners
Setting Up Mythic on MacOS
Signing Payloads with BHIS EV Cert
Teams DLL Side Jacking Cheatsheet
Testing TLS and Certificates
TestSSL.sh
Transparency, Consent, and Control (TCC)
Using Autorize
VMDK Password Hash Extraction
Windows - Non-Admin Install of Python and Impacket
Windows Local Privilege Escalation Tools
Windows Persistence Methods and Locations
wmiexec.py Indicators and Usage
XPC
README
Home
❯
Tools
Folder: Tools
61 items under this folder.
Nov 04, 2024
AceLdr
tool
bhis/tooling/public
Nov 04, 2024
Aquatanto - Kernel Memory Tampering
tool
Nov 04, 2024
Bloodhound
tool
software/active-directory
ttp/discovery/account-discovery
ttp/discovery/domain-trust-discovery
ttp/discovery/archive-collected-data
ttp/discovery/command-scripting-interpreter
ttp/discovery/group-policy-discovery
ttp/discovery/native-api
ttp/discovery/password-policy-discovery
ttp/discovery/permission-groups-discovery
ttp/discovery/remote-system-discovery
ttp/discovery/system-owner-discovery
Nov 04, 2024
BruteLoops
tool/password-guessing
bhis/tooling/public
Nov 04, 2024
Bruteratel
tool/c2-framework
Nov 04, 2024
BuffetBuddy
tool
bhis/tooling/public
Nov 04, 2024
Burp Suite Professional
tool/web
Nov 04, 2024
Cobalt Strike
tool/c2-framework
Nov 04, 2024
CyberChef
tool
Nov 04, 2024
EyeWitness
tool
Nov 04, 2024
Fake PII Data Generation
tool
Nov 04, 2024
Git Tools
tool
Nov 04, 2024
HCL AppScan
tool/web
Nov 04, 2024
Ice Scraper
tool
bhis/tooling/public
Nov 04, 2024
Linux Terminal Tips and Tricks
tool/linux-tool/shell
Nov 04, 2024
MFASweep
tool
bhis/tooling/public
Nov 04, 2024
MSOLSpray
tool
bhis/tooling/public
ttp/credential-access/brute-force/password-spraying
Nov 04, 2024
MailSniper
tool
bhis/tooling/public
ttp/collection/email-collection/remote-email-collection
Nov 04, 2024
Metasploit
tool
Nov 04, 2024
Nessus
tool
Nov 04, 2024
Nuclei
tool
Nov 04, 2024
Payload Buffet
tool
Nov 04, 2024
Postman
tool/web
Nov 04, 2024
Proxifier
tool
Nov 04, 2024
SSH
tool
Nov 04, 2024
Seadevil
tool
bhis/tooling/internal
ttp/initial-access/phishing
ttp/credential-access/adversary-in-the-middle
Nov 04, 2024
SharpChrome
tool
Nov 04, 2024
Sharphound
tool
Nov 04, 2024
Simple HTTPS Server
tool/file-transfer
ttp/exfiltration/exfiltration-over-unencrypted-non-c2-protocol
Nov 04, 2024
Skyhook
tool
bhis/tooling/public
ttp/exfiltration/exfiltration-over-symmetric-encrypted-non-c2-protocol
Nov 04, 2024
SlackEnum
tool
bhis/tooling/public
Nov 04, 2024
Snaffler
tool
Nov 04, 2024
SourcePoint
tool
Nov 04, 2024
Tmux Usage
tool/linux-tool/shell
Nov 04, 2024
Yalis LinkedIn Scraper
tool
ttp/reconnaissance/social-media
Nov 04, 2024
airCross - AirWatch attack tool
tool
Nov 04, 2024
big friggin gun
tool
bhis/tooling/public
ttp/credential-access/password-guessing
ttp/credential-access/password-spraying
ttp/credential-access/credential-stuffing
Nov 04, 2024
dns-triage
tool
bhis/tooling/public
Nov 04, 2024
eavesarp
tool
bhis/tooling/public
Nov 04, 2024
gobuster
tool/web
Nov 04, 2024
hashcat
tool
ttp/brute-force/password-cracking
Nov 04, 2024
powercat
tool
Nov 04, 2024
scarecrow
tool
Nov 04, 2024
smb-deploy
tool
bhis/tooling/public
Nov 04, 2024
socksify
tool/linux
tool/networking
Nov 04, 2024
test-files
tool
bhis/tooling/public
Nov 04, 2024
testssl.sh
tool
Nov 04, 2024
wstunnel
tool/networking
Nov 04, 2024
ADExplorer.exe
tool
software/active-directory
Nov 04, 2024
Aircrack-NG Suite
tool
Nov 04, 2024
Burp Extension - Copy-For
Nov 04, 2024
CredMaster
tool/password-guessing
Nov 04, 2024
DomainPasswordSpray
tool
bhis/tooling/public
ttp/credential-access/brute-force/password-spraying
Nov 04, 2024
Dump Dicer
tool
bhis/tooling/internal
ttp/credential-access/brute-force/password-spraying
Nov 04, 2024
Evilginx
tool
ttp/initial-access/adversary-in-the-middle
ttp/credential-access/adversary-in-the-middle
Nov 04, 2024
GraphRunner
tool
bhis/tooling/public
Nov 04, 2024
Mythic
tool/c2-framework
Nov 04, 2024
Wappalyzer
tool/web
Nov 04, 2024
gost
tool/networking
tool/tunneling
Nov 04, 2024
iptables
tool/linux-tool/networking
Nov 04, 2024
NightHawk
folder