Offensive Tips

Intro

Offensive Tips, Exploits

Git: https://gitlab.com/charles.gargasson/offensivetips

Same project idea

- https://book.hacktricks.xyz/

- https://github.com/swisskyrepo/PayloadsAllTheThings

- https://mal-hiboux.gitlab.io/howl-to/

Methodology

New Target

• Port scan

New Service

• Search for service version

• Search related OS info

• Search for exploit

New Website

• Check URLs for other vhosts

• Scan dirs (wfuzz/fuff/dirb/gobuster)

• Check requests with ZAP/Burp, especialy on user inputs and forms

New Credentials

• Try it everywhere and with differents protocols (rdp,ssh,smb)

• Try password mutation (usr1_srv => usr2_srv)

New System Account

• Run enumeration scripts

• Look for sudo entries and check them on https://gtfobins.github.io/

• Search for files ( ~/home and find / -user $(whoami) 2>/dev/null )