Root-Down-Digital/pentesting-resources

## RDSec  `为红队、紫队和蓝队打造。` **[➜ 浏览站点](https://root-down-digital.github.io/pentesting-resources/)** ## 结构 ``` 01-recon/ scripts/ CyberRecon, subrecon, theEnumerator, ipsweep, SMB scan, port scanners osint/ Dehashed cheatsheet, guide links, dork lists (Google, GitHub, webcam…) references/ One-liners, nmap script lists 02-exploitation/ payloads/ Reverse shells, msfvenom, XSS strings, veil-venom scripts/ Buffer overflow skeleton, injection examples 03-post-exploitation/ escalation/ Priv-esc toolkit deployment, traversal hunting, Windows post-ex tools credential-hunting/ Windows credential hunter (PowerShell) exfil/ Document exfiltration script 04-defensive/ detection/ Linux + macOS malware scanners hardening/ Linux, Linux server, macOS, Windows hardening scripts 05-utilities/ passwords/ Password generator, breach list checker integrations/ Notion, SQL, WiGLE CSV integrations hardware/ omg/ O.MG Cable payloads — Linux, Windows, macOS, iOS sharkjack/ SharkJack payloads sdr/ SDR references: frequency ranges, WHAD, airspy ADS-B methodologies/ External, web, API, SQLi, physical pentest methodologies cheatsheets/ NetExec + Impacket quick reference references/ cli/ grep, pbcopy quick reference networking/ Wireshark filters, WiFi attack commands, Mirai detection dissector reporting/ External pentest report templates ```

标签：AI合规, AMSI绕过, CISA项目, CTI, Cutter, ESC4, GitHub, Google Dorking, Go语言工具, Impacket, IPv6, IP 地址批量处理, NetExec, Nmap, O.MG Cable, OpenCanary, OSINT, Payload, PowerShell, SDR, SharkJack, Web报告查看器, WiFi安全, XSS, 凭据窃取, 协议分析, 威胁检测, 威胁模拟, 子域名枚举, 实时处理, 密码生成, 密码管理, 应用安全, 报告模板, 插件系统, 攻击脚本, 数据展示, 数据渗漏, 方法学, 权限提升, 渗透测试框架, 漏洞情报, 硬件植入, 系统加固, 系统安全, 紫队, 红队, 缓冲区溢出, 网络安全资源, 虚拟驱动器, 逆向Shell, 逆向工具, 速查表, 速率限制, 防御