12 Jan 2023 - 04:04

# Passive Recon

  • Certificates

# Network

  • Port Scan

# Service Recon

  • DNS
  • FTP
  • GIT Scan
  • Web Scan
  • SMB
  • SSH
  • Wordpress

# WEB Exploit

  • Adminer
  • Gitlab
  • HTTP Parameter Pollution
  • HTML TO PDF
  • Jinja SSTI
  • Json Web Token
  • PHP Laravel
  • LFI/RFI
  • SQLi

# Exploit (Misc)

  • SMB MS17-010
  • Splunk
  • AD ZeroLogon

# Linux PrivEsc

  • 🐧 Kernel.DirtyCow
  • 🐧 Enum
  • 🐧 Kernel.ShellShock
  • 🐧 SUDO

# Post Exploit / Loot

  • 🐧 SSH Key Persistence
  • Crack Password
  • Kerberoasting

# Windows PrivEsc

  • Active Directory
  • Kernel

# Tips

  • AWS Products
  • AV/EDR/Isolation
  • Docker
  • Forensic
  • JavaScript
  • 🐧 LXC/LXD
  • MySQL
  • PowerShell
  • 🐧 SUID
  • Tomcat
  • Wordlist

# C2 / TRANSMISSION

  • Manual
  • Metasploit
  • Shad0w
  • SilentTrinity

# ROGUE SERVER

  • HTTP
  • SMB

# PIVOTING

  • SSH Socks Proxy

# RESSOURCES

  • Offline Pentest Preps
  • »
  • Active Directory
  • View page source

Active DirectoryΒΆ

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md https://gist.github.com/ssstonebraker/a1964b2f20acc8edb239409b6c4906ce https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

Next Previous

© Copyright ERROR - DOCUMENT IS NOT LOADED PROPERLY.

Built with Sphinx using a theme provided by Read the Docs.