Command Hacking Database (CHDB)

The goal of the CHDB project is to document every binary, script, and library that can be helpful for penetration testing (Red Team).

Windows

  • Microsoft-signed (native to the OS or downloaded from Microsoft).
  • Executing code (Arbitrary code, Pass-through execution of other programs (unsigned) or scripts)
  • File operations (Download, Upload, Copy, Encode, Decode, …)
  • User Account Control (UAC) Bypass
  • Credential theft
  • Log Evasion & Obfuscation
  • DLL Sideloading and Hijacking
  • Dumping process memory
  • Compiling code

Linux

  • Break Out (restricted shells)
  • Reverse Shells
  • Privilege Escalation (SUID, SGID, Sticky Bits)
  • File operations (Download, Upload, Copy, Encode, Decode, …)
  • Facilitate the other post-exploitation tasks
  • Log Evasion & Obfuscation
  • Dumping process memory
  • Compiling code