snrtherock / google-dorks

Created October 6, 2020 09:45 — forked from stevenswafford/google-dorks

Listing of a number of useful Google dorks.


	" _ _ "
	" _ /\|\| . . \|\|\ _ "
	" ( } \\|\|D ' ' ' C\|\|/ { % "
	" \| /\__,=_[_] ' . . ' [_]_=,__/\ \|"
	" \|_\_ \|----\| \|----\| _/_\|"
	" \| \|/ \| \| \| \| \\| \|"
	" \| /_ \| \| \| \| _\ \|"

	It is all fun and games until someone gets hacked!

snrtherock / all.txt

Created December 9, 2019 07:17 — forked from jhaddix/all.txt

all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/

This file has been truncated, but you can view the full file.

snrtherock / WAHH_Task_Checklist.md

Created December 9, 2019 07:16 — forked from jhaddix/Testing_Checklist.md

The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown

The Web Application Hacker's Handbook

Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file

	#!/bin/bash
	export DEBIAN_FRONTEND=noninteractive;
	echo "[] Starting Install... []"
	echo "[] Upgrade installed packages to latest []"
	echo -e "\nRunning a package upgrade...\n"
	apt-get -qq update && apt-get -qq dist-upgrade -y
	apt full-upgrade -y
	apt-get autoclean

	echo "[] Install stuff I use all the time []"

snrtherock / gist:4781d53b4e2aeeeba3b0505f1ec9d3e2

Created April 9, 2019 21:41 — forked from 0x09AL/gist:f94ba19eceb6306572458655e416e015

Red Team Books

	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

snrtherock / gist:99f68f95423d8ddcc6e80e22b3e42e05

Created April 9, 2019 17:29 — forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3

Red Team Books

	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

snrtherock / Buffer Overflow Tutorial in Kali.md

Created April 4, 2019 06:46 — forked from apolloclark/Buffer Overflow Tutorial in Kali.md

Buffer overflow demonstration in Kali Linux, based on the Computerphile video

Buffer Overflow Tutorial

This tutorial is based on the Computerphile video, made by Dr. Mike Pound

The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.

snrtherock / Penetration testing sample test cases

Created February 5, 2019 13:27 — forked from numberwhun/Penetration testing sample test cases

Penetration testing sample test cases

	Penetration testing sample test cases (test scenarios):

	Remember this is not functional testing. In Pentest your goal is to find security holes in the system. Below are some generic test cases and not necessarily applicable for all applications.

	1) Check if web application is able to identify spam attacks on contact forms used in the website.
	2) Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server make it difficult for hackers to get internal details of the network thus protecting the system from external attacks.
	3) Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body.
	4) Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can p

snrtherock / webapppentest

Created December 27, 2018 12:52 — forked from stevenswafford/webapppentest

Web Application Pentest Cheat Sheet

snrtherock / Hacking Tools and Resources

Created December 27, 2018 12:32 — forked from sachinsmc/Hacking Tools and Resources.md

	Getting Started

	Https://wizardforcel.gitbooks.io/web-hacking-101/content/ Web Hacking 101 Chinese
	Https://wizardforcel.gitbooks.io/asani/content/ Easy to get Android security Chinese version
	Https://wizardforcel.gitbooks.io/lpad/content/ Android penetration test study manual Chinese version
	Https://wizardforcel.gitbooks.io/kali-linux-web-pentest-cookbook/content/ Kali Linux Web Penetration Test Cheats Chinese Version
	Https://github.com/hardenedlinux/linux-exploit-development-tutorial Linux exploit Development Primer
	Https://www.gitbook.com/book/t0data/burpsuite/details burpsuite actual guide
	Http://www.kanxue.com/?article-read-1108.htm=&winzoom=1 Penetration Testing Node.js Application
	Https://github.com/qazbnm456/awesome-web-security Web Security Information and Resources List


	" _ _ "
	" _ /\|\| . . \|\|\ _ "
	" ( } \\|\|D ' ' ' C\|\|/ { % "
	" \| /\__,=_[_] ' . . ' [_]_=,__/\ \|"
	" \|_\_ \|----\| \|----\| _/_\|"
	" \| \|/ \| \| \| \| \\| \|"
	" \| /_ \| \| \| \| _\ \|"

	It is all fun and games until someone gets hacked!