SearchToolkit

<h2 align="center"> SearchToolkit <img src="https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExb3lybGJrZnI4aXJuYjBmOHVxZTR5azcyanlrNGtzbTY3b2xkODc5ZiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/xT9IgFLfWUZigjoem4/giphy.gif" width="28"> </h2> <p align="center"> <a href="https://git.io/typing-svg"><img src="https://readme-typing-svg.herokuapp.com?font=Fira+Code&pause=1000&color=19FF31&width=435&lines=SearchToolkit+is+advanced+collection+;of+tools%2C+hardwares%2C+resources+and+;cheatsheets+useful+for+Pentester;Red+Teamer%2C+Blue+Teamer%2C+Forensics;and+other+related+cybersec+areas%2C+;feel+free+to+add+in+your+favorates;enjoy+and+stay+sharp+%3A)" alt="Typing SVG" /></a> </p> <p align="center"> <img src="./assets/ehph.png" alt="Logo" width="200" /> </p> <div align="center"> <h3>「 Author 」</h3> <samp> <a href="https://web.facebook.com/ehphofficial" target="_blank"> <strong>EHPH member: l0n3m4n</strong> <br><br> </a> </samp> </div> <p align="center"> <a href="https://visitorbadge.io/status?path=https%3A%2F%2Fgithub.com%2Fl0n3m4n%2FSearchToolkit"> <img src="https://api.visitorbadge.io/api/visitors?path=https%3A%2F%2Fgithub.com%2Fl0n3m4n%2FSearchToolkit&label=Visitors&countColor=%2337d67a" /> </a> <a href="https://www.facebook.com/UEVOLVJU"> <img src="https://img.shields.io/badge/Facebook-%231877F2.svg?style=for-the-badge&logo=Facebook&logoColor=white" alt="Facebook"> </a> <a href="https://www.twitter.com/UEVOLVJU"> <img src="https://img.shields.io/badge/Twitter-%23000000.svg?style=for-the-badge&logo=X&logoColor=white" alt="X"> </a> <a href="https://medium.com/@l0n3m4n"> <img src="https://img.shields.io/badge/Medium-12100E?style=for-the-badge&logo=medium&logoColor=white" alt="Medium"> </a> <a href="https://www.buymeacoffee.com/l0n3m4n"> <img src="https://img.shields.io/badge/Buy%20a%20Coffee-ffdd00?style=for-the-badge&logo=buy-me-a-coffee&logoColor=black" alt="Buy Me a Coffee"> </a> <a href="mailto:ehph@proton.me"> <img src="https://img.shields.io/badge/ProtonMail-6001D2?style=for-the-badge&logo=protonmail&logoColor=white" alt="ProtonMail"> </a> <a href="https://github.com/l0n3m4n/SearchToolkit/blob/main/assets/contributing.md"> <img src="https://img.shields.io/badge/Contribute-%23121011.svg?style=for-the-badge&logo=github&logoColor=white" alt="GitHub"> </a> </p> <br/> <h2 align="center">Search Navigation</h2> <p> <a href="#pentest-and-redteaming"><b>Pentest and RedTeaming</b></a> | <a href="#cheatsheets"><b>Cheatsheets</b></a> | <a href="#devices-and-services"><b>Devices and Services</b></a> | <a href="#geolocation-tracking"><b>Geolocation Tracking</b></a> | <a href="#intelligence-surveillance"><b>Intelligence surveillance</b></a> | <a href="#code-search"><b>Code Search</b></a> | <a href="#domains"><b>Domains</b></a> | <a href="#dorking"><b>Dorking</b></a> | <a href="#osint"><b>OSINT</b></a> | <a href="#attack-surface"><b>Attack Surface</b></a> | <a href="#programming"><b>Programming</b></a> | <a href="#web-history"><b>Web History</b></a> | <a href="#dns"><b>DNS</b></a> | <a href="#certificates"><b>Certificates</b></a> | <a href="#wifi-networks"><b>WiFi</b></a> | <a href="#credential-leaks"><b>Credential Leaks</b></a> | <a href="#data-leaks"><b>Data Leaks</b></a> | <a href="#reverse-engineering"><b>Reverse Engineering</b></a> | <a href="#malware-analysis"><b>Malware Analysis</b></a> | <a href="#cryptography"><b>Cryptography</b></a> | <a href="#android"><b>Android</b></a> | <a href="#ctf-challenges"><b>CTF Challenges</b></a> | <a href="#threat-intelligence"><b>Threat Intelligence</b></a> | <a href="#browser-extensions"><b>Browser Extentions</b></a> | <a href ="#forensics"><b>Forensics</b></a> | <a href="#bugbounty"><b>Bugbounty</b></a> | <a href="#resources"><b>Resources</b></a> | <a href="#misc"><b>Misc</b></a> | <h3 align="center">Attack Cycle</h3> <!--- If you think this attack cycle could be improved or does not fully align based on your perspective and experience, please feel free to submit a pull request. :) -->

<a href="#discovery"><b>Discovery</b></a> | <a href="#vulnerability-identification"><b>Vulnerability Identification</b></a> | <a href="#vulnerability-scanner"><b>Vulnerability Scanner</b></a> | <a href="#social-engineering"><b>Social Engineering</b></a> | <a href="#payload-and-staging"><b>Payload and Staging</b></a> | <a href="#exploitation"><b>Exploitation</b></a> | <a href="#privilege-escalation"><b>Privilege Escalation</b></a> | <a href="#evasion"><b>Evasion</b></a> | <a href="#credential-dumping"><b>Credential Dumping</b></a> | <a href="#persistence"><b>Persistence</b></a> | <a href="#lateral-movement"><b>Lateral Movement</b></a> | <a href="#tunnelling"><b>Tunnelling</b></a> | <a href="#command-and-control"><b>Command and Control<b><a> | <a href="#data-exfiltration"><b>Data Exfiltration</b></a> | <a href="#securing-data"><b>Securing Data</b></a> | <a href="#covering-tracks"><b>Covering Tracks</b></a> | <a href="#reports"><b>Reports</b></a>

</p>

Pentest and RedTeaming

engagement, standard process, mitre att&ck, certifications and etc.

<table> <thead> <tr> <th>IMAGE</th> <th>NAME</th> <th>LINKS</th> <th>DESCRIPTION</th> </tr> </thead> <tbody> <tr> <td><img src="assets/pentest-redteaming/pentest-standard.png"></td> <td><b>Pentest Standard</b></td> <td><a href="http://www.pentest-standard.org">Website</a></td> <td>(Engagement): A comprehensive framework designed to standardize the process of conducting penetration tests</td> </tr> <tr> <td><img src="assets/pentest-redteaming/redteaminfra.png"></td> <td><b>Red-Team-Infra</b></td> <td><a href="https://github.com/mantvydasb/Red-Team-Infrastructure-Automation">Github</a></td> <td>(Infrastructure): Disposable and resilient red team infrastructure with Terraform</td> </tr> <tr> <td><img src="assets/pentest-redteaming/redteaminfra-wiki.png"></td> <td><b>Red-Team-Infras-Wiki</b></td> <td><a href="https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki">Github</a></td> <td>(Infrastructure): Wiki to collect Red Team infrastructure hardening resources</td> </tr> <tr> <td><img src="assets/pentest-redteaming/RedinfraCraft_White.png"></td> <td><b>RedInfraCraft</b></td> <td><a href="https://github.com/RedTeamOperations/Red-Infra-Craft">Github</a></td> <td>(Infrastructure):automates the deployment of powerful red team infrastructures! makes it easy to create advanced phishing & payload infras</td> </tr> </tbody> </table> <br>

🔝 Back to top

Cheatsheets

notes, methodology , resources, techniques and etc.

<table> <thead> <tr> <th>IMAGE</th> <th>NAME</th> <th>LINKS</th> <th>DESCRIPTION</th> </tr> </thead> <tbody> <tr> <td><img src="assets/cheatsheets/hacktricks.jpg"></td> <td><b>HackTricks</b></td> <td><a href="https://book.hacktricks.xyz/">Website</a></td> <td>(General): HackTricks is a comprehensive resource that provides a wide range of information and tips related to pentesting, redteaming and etc. </td> </tr> <tr> <td><img src="assets/exploitation/Payloads All The Things.jpg"></td> <td><b>Payloads All The Things</b></td> <td><a href="https://github.com/swisskyrepo/PayloadsAllTheThings">Github</a></td> <td>(General): A list of useful payloads and bypasses for Web Application Security and also a cheatsheets</td> </tr> <tr> <td><img src="assets/cheatsheets/atomicredteam.png"></td> <td><b>Atomic RedTeam</b></td> <td><a href="https://atomicredteam.io/atomics/">Website</a></td> <td>(TTPs): Atomic Red Team can be used as a reference for cheatsheets. It provides detailed examples of specific commands, scripts, and guides that can be used to simulate various adversary techniques (TTPs).</td> </tr> <tr> <td><img src="assets/cheatsheets/owasp-cheatsheets.png"></td> <td><b>OWASP Cheatsheet</b></td> <td><a href="https://cheatsheetseries.owasp.org/index.html">Website</a></td> <td>(Web-APP): The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.</td> </tr> <tr> <td><img src="assets/cheatsheets/internal-all-the-things.png"></td> <td><b>Internall-all-the-things</b></td> <td><a href="https://swisskyrepo.github.io/InternalAllTheThings/">Github.io</a></td> <td>(General): Active Directory and Internal Pentest Cheatsheets</td> </tr> <tr> <td><img src="assets/cheatsheets/arsenal.png"></td> <td><b>Arsenal</b></td> <td><a href="https://github.com/Orange-Cyberdefense/arsenal?tab=readme-ov-file">Github</a></td> <td>(Cheatsheets): In arsenal you can search for a command, select one and it's prefilled directly in your terminal. This functionality is independent of the shell used.</td> </tr> <tr> <td><img src="assets/cheatsheets/cheat-sh.png"></td> <td><b>cheat.sh</b></td> <td><a href="https://cheat.sh">Website</a></td> <td>(Cheatsheets): Unified access to the best community driven cheat sheets repositories of the world. Covers 56 programming languages, several DBMSes, and more than 1000 most important UNIX/Linux commands.</td> </tr> <tr> <td><img src="assets/cheatsheets/hackerchoice_logo.jpg"></td> <td><b>THC cheatshets</b></td> <td><a href="https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet">Github</a></td> <td>(Cheatsheets): THC's favourite Tips, Tricks & Hacks (Cheat Sheet)</td> </tr> <tr> <td><img src="assets/cheatsheets/cheat.png"></td> <td><b>cheat</b></td> <td><a href="https://github.com/cheat/cheat">Github</a></td> <td>(Cheasheets): cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not frequently enough to remember.</td> </tr> <tr> <td><img src="assets/cheatsheets/RedTeam-Tools.png"></td> <td><b>RedTeam-Tools</b></td> <td><a