7h3h4ckv157 Profile picture
Jan 23 • 10 tweets • 10 min read
Red Team toolkit : 📢

#infosec #redteam #Hacking

RECONNAISSANCE:

- RustScan ==> lnkd.in/ebvRfBNy

- Amass ==> lnkd.in/e7V569N5

- CloudEnum ==> lnkd.in/ePHDeGZv

- Recon-NG ==> lnkd.in/edwaXFjS

- AttackSurfaceMapper ==> lnkd.in/ebbcj6Rm
INITIAL ACCESS:

- SprayingToolKit ==> lnkd.in/eBSAPz5z

- o365Recon ==> lnkd.in/eJwCx-Ga

- GadgetToJScript ==> lnkd.in/egPQBBXJ

- ThreatCheck ==> lnkd.in/eHvSPakR

- Freeze ==> lnkd.in/eNUh3zCi
DELIVERY:

- o365AttackToolKit ==> lnkd.in/etCCYi8y

- EvilGinx2 ==> lnkd.in/eRDPvwUg

- GoPhish ==> lnkd.in/ea26dfNg

- PwnAuth ==> lnkd.in/eqecM7de

- Modlishka ==> lnkd.in/eds-dR5C
COMMAND AND CONTROL:

- PoshC2 ==> lnkd.in/eqSJUDji

- Sliver ==>
lnkd.in/ewN9Nday

- SILENTTRINITY ==> lnkd.in/eeZGbYMs

- Empire ==> lnkd.in/egAPa8gY

- AzureC2Relay ==> lnkd.in/efmh2t3g
CREDENTIAL DUMPING:

- MimiKatz ==>
lnkd.in/etEGfvJK

- HekaTomb ==> lnkd.in/eJx5Ugu5

- SharpLAPS ==> lnkd.in/eA28n9FT

- Net-GPPPassword ==> lnkd.in/e3CTez5A

- PyPyKatz ==> lnkd.in/eeb5b6Tz
PRIVILEGE ESCALATION:

- SharpUp ==> lnkd.in/etR2Pe_n

- MultiPotato ==> lnkd.in/eq53PXcJ

- PEASS ==> lnkd.in/eWA66akh

- Watson ==> lnkd.in/eZfYMSMX
DEFENSE EVASION:

- EDRSandBlast ==> lnkd.in/e8g8zYFT

- SPAWN - Cobalt Strike BOF ==> lnkd.in/e223PbqZ

- NetLoader ==> lnkd.in/ef5wCD4y

- KillDefenderBOF ==> lnkd.in/eVd54HUp
PERSISTENCE:
- SharPyShell ==> lnkd.in/eXm8h8Bj

- SharpStay ==> lnkd.in/erRbeFMj

- SharpEventPersist ==> lnkd.in/e_kJFNiB

LATERAL MOVEMENT:

- SCShell ==> lnkd.in/e256fC8B
- MoveKit ==> lnkd.in/eR-NUu_U
- ImPacket ==> lnkd.in/euG4hTTs
EXFILTRATION:

- SharpExfiltrate ==> lnkd.in/eGC4BKRN

- DNSExfiltrator ==> lnkd.in/epJ-s6gp

- Egress-Assess ==> lnkd.in/eXGFPQRJ
Happy hacking! 🥳

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 7h3h4ckv157

7h3h4ckv157 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @7h3h4ckv157

Jan 20
Career page Links 📢

1. Capgemini: lnkd.in/dZBUYY88

2. Infosys: lnkd.in/dEcdZ7gf

3. Wipro : lnkd.in/d89txDcp

4. Cognizant : lnkd.in/d6tp6F_p

5. LTI : lnkd.in/dnCVuQzD

6. TCS : lnkd.in/dJpHXdvv

#Careers #infosecurity #infosec
7. DXC Technology : lnkd.in/dnVzT7eb

8. HCL : lnkd.in/dwTuQWAf

9. Hashedin : lnkd.in/d2ePnTG4

10. Hexaware : jobs.hexaware.com

11. Revature : lnkd.in/dtJkkrBp

12. IBM : lnkd.in/dU-VhUCw

13. Nagarro : lnkd.in/dRyQ_rkk
14. Virtusa : lnkd.in/dHJwPXiG

15. Zoho : lnkd.in/dUw9Qi4B

16. CGI : lnkd.in/d3vs3whb

17. Finastra : lnkd.in/dsXSfUev

18. FIS : lnkd.in/dJCX6aVz

19. Fiserv : lnkd.in/d7inSReM

20. IQVIA : lnkd.in/dsxAXftw
Read 10 tweets
Jan 3
FREE cybersecurity certifications
- 15 Courses by Qualys 🧵📢

#infosec #cybersecurity #cybersecuritytips #Hacking

1. Vulnerability Management: lnkd.in/g64maMet

2. Global IT Asset Inventory: lnkd.in/gXR5bD5N

3. Scanning Strategies: lnkd.in/g6cQjQuh
4. Reporting Strategies: lnkd.in/gs6Vn-DA

5. Patch Management: lnkd.in/gnWVDCNp

6. Policy Compliance: lnkd.in/g5SXKncJ

7. PCI Compliance: lnkd.in/gZns6Xdf
8. Endpoint Detection & Response: lnkd.in/gw22Y__E

9. Vulnerability Management 2: lnkd.in/gYAFfAuT

10. Cloud Security Assessment & Response: lnkd.in/grrHivcW

11. API Fundamentals: lnkd.in/gngVxhbu
Read 5 tweets
Jan 2
Here's 30 fun cybersecurity search engines! 📢

Credit: @danielmakelley

#infosec #cybersecuritytips #Hacking 🧵

1. DeHashed—View leaked credentials.

2. SecurityTrails—Extensive DNS data.

3. DorkSearch—Really fast Google dorking.
4. ExploitDB—Archive of various exploits.

5. ZoomEye—Gather information about targets.

6. Pulsedive—Search for threat intelligence.

7. GrayHatWarfare—Search public S3 buckets.

8. PolySwarm—Scan files and URLs for threats.

9. Fofa—Search for various threat intelligence.
10. LeakIX—Search publicly indexed information.

11. DNSDumpster—Search for DNS records quickly.

12. FullHunt—Search and discovery attack surfaces.

13. AlienVault—Extensive threat intelligence feed.

14. ONYPHE—Collects cyber-threat intelligence data.
Read 11 tweets
Nov 17, 2022
Here are some Damn Vulnerable Lab lists to get your hands dirty ↓

#infosec #hacking #bugbountytips #bugbounty 🧵

AzureGoat : A Damn Vulnerable Azure Infrastructure
github.com/ine-labs/Azure…

AWSGoat : A Damn Vulnerable AWS Infrastructure
github.com/ine-labs/AWSGo…
Dvws-node
github.com/snoopysecurity…

DVHMA - Damn Vulnerable Hybrid Mobile App
github.com/logicalhacking…

CI/CD GOAT
github.com/cider-security…

Damn Vulnerable GraphQL Application
github.com/dolevf/Damn-Vu…

DVIA-v2
github.com/prateek147/DVI…
Damn Vulnerable Router Firmware (DVRF) v0.3
github.com/praetorian-inc…

DVFaaS - Damn Vulnerable Functions as a Service
github.com/we45/DVFaaS-Da…

Damn Vulnerable Cloud Application
github.com/m6a-UdS/dvca

VAmPI - The Vulnerable API (Based on OpenAPI 3)
github.com/erev0s/VAmPI
Read 7 tweets
Sep 30, 2022
Here are 27 ways to learn ethical hacking for free:
Credit: @danielmakelley

Thread 🧵 ⬇ #infosec #bugbountytips #ctf #hacking

1. Root Me — Challenges.
2. Stök's YouTube — Videos.
3. Hacker101 Videos — Videos.
4. InsiderPhD YouTube — Videos.
5. EchoCTF — Interactive Learning.
6. Vuln Machines — Videos and Labs.
7. Try2Hack — Interactive Learning.
8. Pentester Land — Written Content.
9. Checkmarx — Interactive Learning.
10. Cybrary — Written Content and Labs.
11. RangeForce — Interactive Exercises.
12. Vuln Hub — Written Content and Labs.
13. TCM Security — Interactive Learning.
14. HackXpert — Written Content and Labs.
15. Try Hack Me — Written Content and Labs.
16. OverTheWire — Written Content and Labs.
17. Hack The Box — Written Content and Labs.
18. CyberSecLabs — Written Content and Labs.
Read 6 tweets
May 13, 2022
I'm getting messages from folks seeking favors for learning exploit development. I'm posting this thread for those who wanna explore the art of binary exploitation.

NB: There's no specific path, practice makes perfect đź’Ż

#infosec #exploitdevelopment #ReverseEngineering

🧵🧵
pwn college is organized as a set of modules covering different topics. Each module has a set of lecture slides and videos and practice problems auto-generated for each aspiring hacker to practice on.

pwn.college
Nightmare is an intro to binary exploitation / reverse engineering course based around CTF challenges.

guyinatuxedo.github.io
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(