pfSense as an OpenVPN client for specific devices
One of the most powerful features of pfSense is it’s ability to direct your data requests through different end-points using NAT rules. pfSense is amazing as an OpenVPN client because it can selectively route any device on the network through the VPN service (i.e., my tablets and TV go through US servers, while my smartphone, VoIP, computers go my local ISP).
This setup becomes extremely handy for use with applications which are not aware of OpenVPN protocol, eg. download managers, torrent clients, etc. Expecting privacy you should be positive that traffic won't go through your ISP's gateway in case of failure on side of VPN provider. And obviously OpenVPN client should automatically reconnect as soon as service goes live again.
https://gist.github.com/InQuize/59e7c458c510ae779743
#Pfsense
@Netpentesters
One of the most powerful features of pfSense is it’s ability to direct your data requests through different end-points using NAT rules. pfSense is amazing as an OpenVPN client because it can selectively route any device on the network through the VPN service (i.e., my tablets and TV go through US servers, while my smartphone, VoIP, computers go my local ISP).
This setup becomes extremely handy for use with applications which are not aware of OpenVPN protocol, eg. download managers, torrent clients, etc. Expecting privacy you should be positive that traffic won't go through your ISP's gateway in case of failure on side of VPN provider. And obviously OpenVPN client should automatically reconnect as soon as service goes live again.
https://gist.github.com/InQuize/59e7c458c510ae779743
#Pfsense
@Netpentesters
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
https://github.com/lgandx/PCredz
#pcap
#credential
#sniffer
@Netpentesters
https://github.com/lgandx/PCredz
#pcap
#credential
#sniffer
@Netpentesters
GitHub
GitHub - lgandx/PCredz: This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth…
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interfa...
🔥2
This media is not supported in your browser
VIEW IN TELEGRAM
Have you ever wanted to transfer files over DNS A records? No? Well too bad lol, I've updated @domchell's PowerDNS to do that along with some other things. Could be useful for pentests with no standard outbound access... which yes I get quite a bit of.
https://github.com/icyguider/NewPowerDNS
#DNS
@NetPentesters
https://github.com/icyguider/NewPowerDNS
#DNS
@NetPentesters
👏2
Microsoft Activation Scripts (MAS)
A Windows and Office activator using HWID / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
https://github.com/massgravel/Microsoft-Activation-Scripts
#Microsoft
@Netpentesters
A Windows and Office activator using HWID / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
https://github.com/massgravel/Microsoft-Activation-Scripts
#Microsoft
@Netpentesters
GitHub
GitHub - massgravel/Microsoft-Activation-Scripts: Open-source Windows and Office activator featuring HWID, Ohook, TSforge, and…
Open-source Windows and Office activator featuring HWID, Ohook, TSforge, and Online KMS activation methods, along with advanced troubleshooting. - massgravel/Microsoft-Activation-Scripts
🔥1
CVE-2022-24644
ZZ Inc. KeyMouse 3.08 (#Windows) Unauthenticated Update Remote Code Execution Vulnerability
https://github.com/gerr-re/cve-2022-24644
#cve
#Vulnerability
@Netpentesters
ZZ Inc. KeyMouse 3.08 (#Windows) Unauthenticated Update Remote Code Execution Vulnerability
https://github.com/gerr-re/cve-2022-24644
#cve
#Vulnerability
@Netpentesters
GitHub
GitHub - gar-re/cve-2022-24644
Contribute to gar-re/cve-2022-24644 development by creating an account on GitHub.
acltoolkit
ACL Toolkit is an ACL abuse swiss-knife.
https://github.com/zblurx/acltoolkit
#acl
@Netpentesters
ACL Toolkit is an ACL abuse swiss-knife.
https://github.com/zblurx/acltoolkit
#acl
@Netpentesters
GitHub
GitHub - zblurx/acltoolkit: ACL abuse swiss-knife
ACL abuse swiss-knife. Contribute to zblurx/acltoolkit development by creating an account on GitHub.
Poweshell tool to check for partially encrypted files with various techniques and sandbox them for analysis.
https://github.com/shadowdevnotreal/anti_Royal
#Powershell
@NetPentesters
https://github.com/shadowdevnotreal/anti_Royal
#Powershell
@NetPentesters
We tried to put together all known MITM attacks and methods of protection against these attacks. Here is also contains tools for carrying out MITM attacks, some interesting attack cases and some tricks associated with them.
https://github.com/Sab0tag3d/MITM-cheatsheet
#MITM
@NetPentesters
https://github.com/Sab0tag3d/MITM-cheatsheet
#MITM
@NetPentesters
GitHub
GitHub - frostbits-security/MITM-cheatsheet: All MITM attacks in one place.
All MITM attacks in one place. Contribute to frostbits-security/MITM-cheatsheet development by creating an account on GitHub.
Ruler is a tool that allows you to interact with Exchange servers remotely, through either the MAPI/HTTP or RPC/HTTP protocol. The main aim is abuse the client-side Outlook features and gain a shell remotely.
https://github.com/sensepost/ruler
#exchange
@Netpentesters
https://github.com/sensepost/ruler
#exchange
@Netpentesters
GitHub
GitHub - sensepost/ruler: A tool to abuse Exchange services
A tool to abuse Exchange services. Contribute to sensepost/ruler development by creating an account on GitHub.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
#ad #cheatsheet
@NetPentesters
https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
#ad #cheatsheet
@NetPentesters
GitHub
GitHub - Integration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods…
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. - Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
PowerShell-Deobfuscation-Exercise
An exercise to practice deobfuscating PowerShell Scripts.
https://github.com/trevormiller6/PowerShell-Deobfuscation-Exercise
#PowerShell #Deobfuscation
@NetPentesters
An exercise to practice deobfuscating PowerShell Scripts.
https://github.com/trevormiller6/PowerShell-Deobfuscation-Exercise
#PowerShell #Deobfuscation
@NetPentesters
GitHub
GitHub - CyberDefend3r/PowerShell-Deobfuscation-Exercise: An exercise to practice deobfuscating PowerShell Scripts.
An exercise to practice deobfuscating PowerShell Scripts. - CyberDefend3r/PowerShell-Deobfuscation-Exercise
👍1
Somnium
Script to test network prevention and detection capabilities.
https://github.com/asluppiter/Somnium
Script to test network prevention and detection capabilities.
https://github.com/asluppiter/Somnium
GitHub
GitHub - asluppiter/Somnium: Script to test NetSec capabilities.
Script to test NetSec capabilities. Contribute to asluppiter/Somnium development by creating an account on GitHub.
About Cloud Scout
Cloud Scout is a plugin which works on top of BloodHound, leveraging its visualization capabilities in order to visualize cross platform attack paths.
https://github.com/SygniaLabs/security-cloud-scout
#BloodHound
@NetPentesters
Cloud Scout is a plugin which works on top of BloodHound, leveraging its visualization capabilities in order to visualize cross platform attack paths.
https://github.com/SygniaLabs/security-cloud-scout
#BloodHound
@NetPentesters
Quick Network Scanner Library
Rust library for scanning network hosts asynchronously.
https://github.com/0xor0ne/qscan
Rust library for scanning network hosts asynchronously.
https://github.com/0xor0ne/qscan
GitHub
GitHub - 0xor0ne/qscan: Quick network scanner library. https://crates.io/crates/qscan
Quick network scanner library. https://crates.io/crates/qscan - 0xor0ne/qscan
ADReplStatus
Active Directory Replication Status Tool, aka ADREPLSTATUS.
https://github.com/ryanries/ADReplStatus
#AD
@NetPentesters
Active Directory Replication Status Tool, aka ADREPLSTATUS.
https://github.com/ryanries/ADReplStatus
#AD
@NetPentesters
GitHub
GitHub - ryanries/ADReplStatus: AD Replication Status Tool
AD Replication Status Tool. Contribute to ryanries/ADReplStatus development by creating an account on GitHub.
Popeye
A Kubernetes Cluster Sanitizer
Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what's deployed and not what's sitting on disk. By scanning your cluster, it detects misconfigurations and helps you to ensure that best practices are in place, thus preventing future headaches.
https://github.com/derailed/popeye
#Kubernetes
@NetPentesters
A Kubernetes Cluster Sanitizer
Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what's deployed and not what's sitting on disk. By scanning your cluster, it detects misconfigurations and helps you to ensure that best practices are in place, thus preventing future headaches.
https://github.com/derailed/popeye
#Kubernetes
@NetPentesters
GitHub
GitHub - derailed/popeye: 👀 A Kubernetes cluster resource sanitizer
👀 A Kubernetes cluster resource sanitizer. Contribute to derailed/popeye development by creating an account on GitHub.
👍1👎1
CVE-2023-28760
TP-Link AX1800 WiFi 6 Router - Memory Corruption Vulnerability (Exploit).
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
Details:
https://www.tecsecurity.io/blog/tp-link_ax1800
#exploit
#cve
#tplink
@netpentesters
TP-Link AX1800 WiFi 6 Router - Memory Corruption Vulnerability (Exploit).
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
Details:
https://www.tecsecurity.io/blog/tp-link_ax1800
#exploit
#cve
#tplink
@netpentesters
GitHub
exploits/CVE-2023-28760 at main · TecR0c/exploits
This repository hosts PoC exploits for vulnerabilities I've discovered, provided for education and to highlight the importance of system security. - TecR0c/exploits
درود
بدلیل مشغله کاری از تمامی دوستان فعال در حوزه های سایبری دعوت میشود به آیدی زیر پیام داده و در صورت تایید به عنوان مدیر و ویراستار جدید کانال انتخاب شوند
@DK_HBB_Bot
بدلیل مشغله کاری از تمامی دوستان فعال در حوزه های سایبری دعوت میشود به آیدی زیر پیام داده و در صورت تایید به عنوان مدیر و ویراستار جدید کانال انتخاب شوند
@DK_HBB_Bot
👍3👎3