Logo
10 Mar 2023 - 04:01

# Passive Recon

  • Certificates

# Network

  • Port Scan

# Service Recon

  • DNS
  • FTP
  • GIT Scan
  • Web Scan
  • SMB
  • SSH
  • Wordpress

# WEB Generic

  • HTTP Parameter Pollution
  • HTML TO PDF
  • Jinja SSTI
  • Json Web Token
  • LFI/RFI
    • WebShells
  • SQLi

# WEB Exploit

  • Adminer
  • Gitlab
  • PHP Laravel

# Exploit (Misc)

  • SMB MS17-010
  • Splunk
  • AD ZeroLogon

# Linux PrivEsc

  • 🐧 Kernel.DirtyCow
  • 🐧 Enum
  • 🐧 Kernel.ShellShock
  • 🐧 SUDO

# Post Exploit / Loot

  • 🐧 SSH Key Persistence
  • Crack Password
  • Kerberoasting

# Windows PrivEsc

  • Active Directory
  • Kernel

# Tips

  • AWS Products
  • AV/EDR/Isolation
  • Docker
  • Forensic
  • JavaScript
  • 🐧 LXC/LXD
  • MySQL
  • PowerShell
  • 🐧 SUID
  • Tomcat
  • Wordlist

# C2 / TRANSMISSION

  • Manual
  • Metasploit
  • Shad0w
  • SilentTrinity

# ROGUE SERVER

  • HTTP
  • SMB

# PIVOTING

  • SSH Socks Proxy

# RESSOURCES

  • Offline Pentest Preps
  • LFI/RFI
  • View page source

LFI/RFI

https://blog.clever-age.com/fr/2014/10/21/owasp-local-remote-file-inclusion-lfi-rfi/

WebShells

https://github.com/epinna/weevely3

https://gitlab.com/charles.gargasson/AsyncShellPHP
Previous Next

© Copyright ERROR - DOCUMENT IS NOT LOADED PROPERLY.

Built with Sphinx using a theme provided by Read the Docs.