Random series of my own personal notes and favorite repos for pentesting. Updated regularly as I remember to add things.
When you connect to HTB VPN, but are unable to connect to the internet as well, run the below command as root or sudo.
route del -net default gw <HTB_VPN_IP_ADDRESS> netmask 0.0.0.0 dev tun0
Reference: Bob McKay's Blog
- ligolo-ng - A powerful network tunneling tool using TUN interfaces.
- NetExec - Network execution tool. Successor to CrackMapExec.
- Impacket - Suite of Python tools for various Windowws network protocols.
- Evil-WinRM - CLI for WinRM.
- Rubeus - Tool to conduct numerous Windows AD attacks.
- Responder - Tool to poison the LLMNR and NBT-NS protocols on a network.
- MimiKatz - Tried and true cred dumper.
- hashcat - Tried and true password cracker.
- BloodHound - Noisy Active Directory enumeration tool.
- Certify - Tool to enumerate and abuse AD misconfigurations.
- PEASS-ng - Windows and Linux priv esc enumeration tools.
- enum4linux - Windows and Samba enumeration tool.
- gobuster - Web site directory and file brute force tool.
- SQLMap - Automatic web app SQLi enumeration tool.
- GitHarvester - Uses regex to search for GitHub users and projects to harvest credentials.
- AWSBucketDump - Enumerates AWS S3 buckets for interesting files.