02 Aug 2023 - 04:01

# Passive Recon

Certificates

# Network

Port Scan

# Service Recon

DNS
FTP
GIT Scan
Web Scan
SMB
SSH
Wordpress

# WEB Generic

HTTP Parameter Pollution
HTML TO PDF
Jinja SSTI
Json Web Token
LFI/RFI
SQLi

# WEB Exploit

Adminer
Gitlab
PHP Laravel

# Exploit (Misc)

SMB MS17-010
Splunk
AD ZeroLogon

# Linux PrivEsc

🐧 Kernel.DirtyCow
🐧 Enum
🐧 Kernel.ShellShock
🐧 SUDO

# Post Exploit / Loot

🐧 SSH Key Persistence
Crack Password
Kerberoasting

# Windows PrivEsc

Active Directory
Kernel

# Tips

AWS Products
AV/EDR/Isolation
Docker
Forensic
JavaScript
🐧 LXC/LXD
MySQL
PowerShell
🐧 SUID
Tomcat
Wordlist

# C2 / TRANSMISSION

Manual
Metasploit
Shad0w
SilentTrinity

# ROGUE SERVER

HTTP
- Basic HTTP Server
SMB

# PIVOTING

SSH Socks Proxy

# RESSOURCES

Offline Pentest Preps

HTTP
View page source

HTTP

Basic HTTP Server

# Serve current dir with default http module
sudo python3 -m http.server --cgi 80

Previous Next

© Copyright ERROR - DOCUMENT IS NOT LOADED PROPERLY.

Built with Sphinx using a theme provided by Read the Docs.