2020-07-15 15:43:14 +00:00
# Table of contents
2022-05-01 13:25:53 +00:00
## 👾 Welcome!
2020-07-15 15:43:14 +00:00
2022-05-01 13:25:53 +00:00
* [HackTricks ](README.md )
2024-02-09 00:32:07 +00:00
* [HackTricks Values & FAQ ](welcome/hacktricks-values-and-faq.md )
2022-05-01 13:25:53 +00:00
* [About the author ](welcome/about-the-author.md )
2024-02-09 00:32:07 +00:00
2022-05-07 10:35:17 +00:00
## 🤩 Generic Methodologies & Resources
2022-05-01 13:25:53 +00:00
* [Pentesting Methodology ](generic-methodologies-and-resources/pentesting-methodology.md )
* [External Recon Methodology ](generic-methodologies-and-resources/external-recon-methodology/README.md )
2023-03-05 14:36:26 +00:00
* [Wide Source Code Search ](generic-methodologies-and-resources/external-recon-methodology/wide-source-code-search.md )
2022-09-12 13:26:56 +00:00
* [Github Dorks & Leaks ](generic-methodologies-and-resources/external-recon-methodology/github-leaked-secrets.md )
2022-05-01 13:25:53 +00:00
* [Pentesting Network ](generic-methodologies-and-resources/pentesting-network/README.md )
2022-09-30 10:27:15 +00:00
* [DHCPv6 ](generic-methodologies-and-resources/pentesting-network/dhcpv6.md )
* [EIGRP Attacks ](generic-methodologies-and-resources/pentesting-network/eigrp-attacks.md )
* [GLBP & HSRP Attacks ](generic-methodologies-and-resources/pentesting-network/glbp-and-hsrp-attacks.md )
* [IDS and IPS Evasion ](generic-methodologies-and-resources/pentesting-network/ids-evasion.md )
2022-09-30 10:43:59 +00:00
* [Lateral VLAN Segmentation Bypass ](generic-methodologies-and-resources/pentesting-network/lateral-vlan-segmentation-bypass.md )
2022-09-30 10:27:15 +00:00
* [Network Protocols Explained (ESP) ](generic-methodologies-and-resources/pentesting-network/network-protocols-explained-esp.md )
* [Nmap Summary (ESP) ](generic-methodologies-and-resources/pentesting-network/nmap-summary-esp.md )
* [Pentesting IPv6 ](generic-methodologies-and-resources/pentesting-network/pentesting-ipv6.md )
2024-07-29 10:59:49 +00:00
* [WebRTC DoS ](generic-methodologies-and-resources/pentesting-network/webrtc-dos.md )
2022-05-01 13:25:53 +00:00
* [Spoofing LLMNR, NBT-NS, mDNS/DNS and WPAD and Relay Attacks ](generic-methodologies-and-resources/pentesting-network/spoofing-llmnr-nbt-ns-mdns-dns-and-wpad-and-relay-attacks.md )
* [Spoofing SSDP and UPnP Devices with EvilSSDP ](generic-methodologies-and-resources/pentesting-network/spoofing-ssdp-and-upnp-devices.md )
* [Pentesting Wifi ](generic-methodologies-and-resources/pentesting-wifi/README.md )
* [Evil Twin EAP-TLS ](generic-methodologies-and-resources/pentesting-wifi/evil-twin-eap-tls.md )
* [Phishing Methodology ](generic-methodologies-and-resources/phishing-methodology/README.md )
* [Clone a Website ](generic-methodologies-and-resources/phishing-methodology/clone-a-website.md )
2022-09-09 11:57:02 +00:00
* [Detecting Phishing ](generic-methodologies-and-resources/phishing-methodology/detecting-phising.md )
2022-09-03 09:30:58 +00:00
* [Phishing Files & Documents ](generic-methodologies-and-resources/phishing-methodology/phishing-documents.md )
2024-04-06 16:25:58 +00:00
* [Basic Forensic Methodology ](generic-methodologies-and-resources/basic-forensic-methodology/README.md )
* [Baseline Monitoring ](generic-methodologies-and-resources/basic-forensic-methodology/file-integrity-monitoring.md )
* [Anti-Forensic Techniques ](generic-methodologies-and-resources/basic-forensic-methodology/anti-forensic-techniques.md )
* [Docker Forensics ](generic-methodologies-and-resources/basic-forensic-methodology/docker-forensics.md )
2022-09-09 11:57:02 +00:00
* [Image Acquisition & Mount ](generic-methodologies-and-resources/basic-forensic-methodology/image-acquisition-and-mount.md )
2024-04-06 16:25:58 +00:00
* [Linux Forensics ](generic-methodologies-and-resources/basic-forensic-methodology/linux-forensics.md )
* [Malware Analysis ](generic-methodologies-and-resources/basic-forensic-methodology/malware-analysis.md )
* [Memory dump analysis ](generic-methodologies-and-resources/basic-forensic-methodology/memory-dump-analysis/README.md )
2022-10-25 15:56:49 +00:00
* [Volatility - CheatSheet ](generic-methodologies-and-resources/basic-forensic-methodology/memory-dump-analysis/volatility-cheatsheet.md )
2024-04-06 16:25:58 +00:00
* [Partitions/File Systems/Carving ](generic-methodologies-and-resources/basic-forensic-methodology/partitions-file-systems-carving/README.md )
* [File/Data Carving & Recovery Tools ](generic-methodologies-and-resources/basic-forensic-methodology/partitions-file-systems-carving/file-data-carving-recovery-tools.md )
* [Pcap Inspection ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/README.md )
* [DNSCat pcap analysis ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/dnscat-exfiltration.md )
2022-06-05 15:38:02 +00:00
* [Suricata & Iptables cheatsheet ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/suricata-and-iptables-cheatsheet.md )
2024-04-06 16:25:58 +00:00
* [USB Keystrokes ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/usb-keystrokes.md )
* [Wifi Pcap Analysis ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/wifi-pcap-analysis.md )
* [Wireshark tricks ](generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/wireshark-tricks.md )
* [Specific Software/File-Type Tricks ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/README.md )
* [Decompile compiled python binaries (exe, elf) - Retreive from .pyc ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/.pyc.md )
* [Browser Artifacts ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/browser-artifacts.md )
2024-04-16 03:52:03 +00:00
* [Deofuscation vbs (cscript.exe) ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/desofuscation-vbs-cscript.exe.md )
2024-04-06 16:25:58 +00:00
* [Local Cloud Storage ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/local-cloud-storage.md )
* [Office file analysis ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/office-file-analysis.md )
* [PDF File analysis ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/pdf-file-analysis.md )
* [PNG tricks ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/png-tricks.md )
* [Video and Audio file analysis ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/video-and-audio-file-analysis.md )
* [ZIPs tricks ](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/zips-tricks.md )
* [Windows Artifacts ](generic-methodologies-and-resources/basic-forensic-methodology/windows-forensics/README.md )
* [Interesting Windows Registry Keys ](generic-methodologies-and-resources/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md )
2022-05-01 13:25:53 +00:00
* [Brute Force - CheatSheet ](generic-methodologies-and-resources/brute-force.md )
2022-05-16 08:29:00 +00:00
* [Python Sandbox Escape & Pyscript ](generic-methodologies-and-resources/python/README.md )
* [Bypass Python sandboxes ](generic-methodologies-and-resources/python/bypass-python-sandboxes/README.md )
2023-01-12 20:51:54 +00:00
* [LOAD\_NAME / LOAD\_CONST opcode OOB Read ](generic-methodologies-and-resources/python/bypass-python-sandboxes/load\_name-load\_const-opcode-oob-read.md )
2023-06-06 22:57:49 +00:00
* [Class Pollution (Python's Prototype Pollution) ](generic-methodologies-and-resources/python/class-pollution-pythons-prototype-pollution.md )
* [Python Internal Read Gadgets ](generic-methodologies-and-resources/python/python-internal-read-gadgets.md )
* [Pyscript ](generic-methodologies-and-resources/python/pyscript.md )
* [venv ](generic-methodologies-and-resources/python/venv.md )
2022-05-16 08:29:00 +00:00
* [Web Requests ](generic-methodologies-and-resources/python/web-requests.md )
* [Bruteforce hash (few chars) ](generic-methodologies-and-resources/python/bruteforce-hash-few-chars.md )
2023-06-06 22:57:49 +00:00
* [Basic Python ](generic-methodologies-and-resources/python/basic-python.md )
2022-05-01 13:25:53 +00:00
* [Exfiltration ](generic-methodologies-and-resources/exfiltration.md )
* [Tunneling and Port Forwarding ](generic-methodologies-and-resources/tunneling-and-port-forwarding.md )
2023-07-22 16:05:34 +00:00
* [Threat Modeling ](generic-methodologies-and-resources/threat-modeling.md )
2022-05-01 13:25:53 +00:00
* [Search Exploits ](generic-methodologies-and-resources/search-exploits.md )
2024-08-31 16:23:36 +00:00
* [Reverse Shells (Linux, Windows, MSFVenom) ](generic-methodologies-and-resources/reverse-shells/README.md )
* [MSFVenom - CheatSheet ](generic-methodologies-and-resources/reverse-shells/msfvenom.md )
* [Reverse Shells - Windows ](generic-methodologies-and-resources/reverse-shells/windows.md )
* [Reverse Shells - Linux ](generic-methodologies-and-resources/reverse-shells/linux.md )
* [Full TTYs ](generic-methodologies-and-resources/reverse-shells/full-ttys.md )
2022-05-01 13:25:53 +00:00
## 🐧 Linux Hardening
* [Checklist - Linux Privilege Escalation ](linux-hardening/linux-privilege-escalation-checklist.md )
* [Linux Privilege Escalation ](linux-hardening/privilege-escalation/README.md )
2024-03-27 13:18:27 +00:00
* [Arbitrary File Write to Root ](linux-hardening/privilege-escalation/write-to-root.md )
2022-09-22 23:27:50 +00:00
* [Cisco - vmanage ](linux-hardening/privilege-escalation/cisco-vmanage.md )
2022-05-01 13:25:53 +00:00
* [Containerd (ctr) Privilege Escalation ](linux-hardening/privilege-escalation/containerd-ctr-privilege-escalation.md )
2024-03-27 13:18:27 +00:00
* [D-Bus Enumeration & Command Injection Privilege Escalation ](linux-hardening/privilege-escalation/d-bus-enumeration-and-command-injection-privilege-escalation.md )
2023-04-05 15:16:57 +00:00
* [Docker Security ](linux-hardening/privilege-escalation/docker-security/README.md )
* [Abusing Docker Socket for Privilege Escalation ](linux-hardening/privilege-escalation/docker-security/abusing-docker-socket-for-privilege-escalation.md )
* [AppArmor ](linux-hardening/privilege-escalation/docker-security/apparmor.md )
* [AuthZ& AuthN - Docker Access Authorization Plugin ](linux-hardening/privilege-escalation/docker-security/authz-and-authn-docker-access-authorization-plugin.md )
* [CGroups ](linux-hardening/privilege-escalation/docker-security/cgroups.md )
* [Docker --privileged ](linux-hardening/privilege-escalation/docker-security/docker-privileged.md )
* [Docker Breakout / Privilege Escalation ](linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/README.md )
* [release\_agent exploit - Relative Paths to PIDs ](linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/release\_agent-exploit-relative-paths-to-pids.md )
* [Docker release\_agent cgroups escape ](linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/docker-release\_agent-cgroups-escape.md )
* [Sensitive Mounts ](linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts.md )
* [Namespaces ](linux-hardening/privilege-escalation/docker-security/namespaces/README.md )
* [CGroup Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/cgroup-namespace.md )
* [IPC Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/ipc-namespace.md )
* [PID Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/pid-namespace.md )
* [Mount Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/mount-namespace.md )
* [Network Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/network-namespace.md )
* [Time Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/time-namespace.md )
* [User Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/user-namespace.md )
* [UTS Namespace ](linux-hardening/privilege-escalation/docker-security/namespaces/uts-namespace.md )
* [Seccomp ](linux-hardening/privilege-escalation/docker-security/seccomp.md )
* [Weaponizing Distroless ](linux-hardening/privilege-escalation/docker-security/weaponizing-distroless.md )
2022-05-01 13:25:53 +00:00
* [Escaping from Jails ](linux-hardening/privilege-escalation/escaping-from-limited-bash.md )
2022-09-22 23:27:50 +00:00
* [euid, ruid, suid ](linux-hardening/privilege-escalation/euid-ruid-suid.md )
2023-01-24 14:43:15 +00:00
* [Interesting Groups - Linux Privesc ](linux-hardening/privilege-escalation/interesting-groups-linux-pe/README.md )
* [lxd/lxc Group - Privilege escalation ](linux-hardening/privilege-escalation/interesting-groups-linux-pe/lxd-privilege-escalation.md )
2024-03-27 13:18:27 +00:00
* [Logstash ](linux-hardening/privilege-escalation/logstash.md )
2023-01-24 00:08:38 +00:00
* [ld.so privesc exploit example ](linux-hardening/privilege-escalation/ld.so.conf-example.md )
2022-09-22 23:27:50 +00:00
* [Linux Active Directory ](linux-hardening/privilege-escalation/linux-active-directory.md )
2022-05-01 13:25:53 +00:00
* [Linux Capabilities ](linux-hardening/privilege-escalation/linux-capabilities.md )
* [NFS no\_root\_squash/no\_all\_squash misconfiguration PE ](linux-hardening/privilege-escalation/nfs-no\_root\_squash-misconfiguration-pe.md )
2024-03-27 13:18:27 +00:00
* [Node inspector/CEF debug abuse ](linux-hardening/privilege-escalation/electron-cef-chromium-debugger-abuse.md )
2022-05-01 13:25:53 +00:00
* [Payloads to execute ](linux-hardening/privilege-escalation/payloads-to-execute.md )
* [RunC Privilege Escalation ](linux-hardening/privilege-escalation/runc-privilege-escalation.md )
2022-09-22 23:27:50 +00:00
* [SELinux ](linux-hardening/privilege-escalation/selinux.md )
* [Socket Command Injection ](linux-hardening/privilege-escalation/socket-command-injection.md )
2022-05-01 13:25:53 +00:00
* [Splunk LPE and Persistence ](linux-hardening/privilege-escalation/splunk-lpe-and-persistence.md )
* [SSH Forward Agent exploitation ](linux-hardening/privilege-escalation/ssh-forward-agent-exploitation.md )
* [Wildcards Spare tricks ](linux-hardening/privilege-escalation/wildcards-spare-tricks.md )
2024-04-06 16:25:58 +00:00
* [Useful Linux Commands ](linux-hardening/useful-linux-commands.md )
* [Bypass Linux Restrictions ](linux-hardening/bypass-bash-restrictions/README.md )
2023-08-23 12:36:01 +00:00
* [Bypass FS protections: read-only / no-exec / Distroless ](linux-hardening/bypass-bash-restrictions/bypass-fs-protections-read-only-no-exec-distroless/README.md )
* [DDexec / EverythingExec ](linux-hardening/bypass-bash-restrictions/bypass-fs-protections-read-only-no-exec-distroless/ddexec.md )
2022-05-01 13:25:53 +00:00
* [Linux Environment Variables ](linux-hardening/linux-environment-variables.md )
2022-06-27 08:48:17 +00:00
* [Linux Post-Exploitation ](linux-hardening/linux-post-exploitation/README.md )
* [PAM - Pluggable Authentication Modules ](linux-hardening/linux-post-exploitation/pam-pluggable-authentication-modules.md )
2022-10-22 14:44:59 +00:00
* [FreeIPA Pentesting ](linux-hardening/freeipa-pentesting.md )
2022-05-01 13:25:53 +00:00
## 🍏 MacOS Hardening
2023-05-08 22:07:46 +00:00
* [macOS Security & Privilege Escalation ](macos-hardening/macos-security-and-privilege-escalation/README.md )
2023-06-01 21:44:32 +00:00
* [macOS Apps - Inspecting, debugging and Fuzzing ](macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/README.md )
2024-05-29 13:59:19 +00:00
* [Objects in memory ](macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/objects-in-memory.md )
2023-09-13 23:27:12 +00:00
* [Introduction to x64 ](macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/introduction-to-x64.md )
2024-01-14 00:09:21 +00:00
* [Introduction to ARM64v8 ](macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/arm64-basic-assembly.md )
2023-06-01 21:44:32 +00:00
* [macOS AppleFS ](macos-hardening/macos-security-and-privilege-escalation/macos-applefs.md )
2023-06-17 14:26:50 +00:00
* [macOS Bypassing Firewalls ](macos-hardening/macos-security-and-privilege-escalation/macos-bypassing-firewalls.md )
* [macOS Defensive Apps ](macos-hardening/macos-security-and-privilege-escalation/macos-defensive-apps.md )
2023-10-10 17:45:58 +00:00
* [macOS GCD - Grand Central Dispatch ](macos-hardening/macos-security-and-privilege-escalation/macos-gcd-grand-central-dispatch.md )
2023-06-26 13:00:58 +00:00
* [macOS Kernel & System Extensions ](macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/README.md )
2023-10-12 16:09:18 +00:00
* [macOS IOKit ](macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-iokit.md )
2024-10-01 14:31:29 +00:00
* [macOS Kernel Extensions & Debugging ](macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-kernel-extensions.md )
2023-10-15 22:38:41 +00:00
* [macOS Kernel Vulnerabilities ](macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-kernel-vulnerabilities.md )
2023-06-14 00:31:26 +00:00
* [macOS System Extensions ](macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-system-extensions.md )
2023-06-01 21:44:32 +00:00
* [macOS Network Services & Protocols ](macos-hardening/macos-security-and-privilege-escalation/macos-protocols.md )
2023-06-10 11:06:21 +00:00
* [macOS File Extension & URL scheme app handlers ](macos-hardening/macos-security-and-privilege-escalation/macos-file-extension-apps.md )
2023-06-01 21:09:46 +00:00
* [macOS Files, Folders, Binaries & Memory ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/README.md )
2023-06-01 11:07:04 +00:00
* [macOS Bundles ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-bundles.md )
2023-06-08 10:01:03 +00:00
* [macOS Installers Abuse ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-installers-abuse.md )
2023-06-01 21:09:46 +00:00
* [macOS Memory Dumping ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-memory-dumping.md )
2024-04-24 23:38:17 +00:00
* [macOS Sensitive Locations & Interesting Daemons ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-sensitive-locations.md )
2023-06-01 20:53:50 +00:00
* [macOS Universal binaries & Mach-O Format ](macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/universal-binaries-and-mach-o-format.md )
2023-06-01 21:44:32 +00:00
* [macOS Objective-C ](macos-hardening/macos-security-and-privilege-escalation/macos-basic-objective-c.md )
2023-12-20 02:14:11 +00:00
* [macOS Privilege Escalation ](macos-hardening/macos-security-and-privilege-escalation/macos-privilege-escalation.md )
2024-04-29 23:17:49 +00:00
* [macOS Process Abuse ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/README.md )
2023-10-10 17:45:58 +00:00
* [macOS Dirty NIB ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-dirty-nib.md )
2024-02-23 15:34:31 +00:00
* [macOS Chromium Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-chromium-injection.md )
2023-10-10 17:45:58 +00:00
* [macOS Electron Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md )
2024-04-06 16:25:58 +00:00
* [macOS Function Hooking ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-function-hooking.md )
* [macOS IPC - Inter Process Communication ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/README.md )
2023-10-05 22:21:18 +00:00
* [macOS MIG - Mach Interface Generator ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-mig-mach-interface-generator.md )
* [macOS XPC ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/README.md )
* [macOS XPC Authorization ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-authorization.md )
2023-10-15 16:45:54 +00:00
* [macOS XPC Connecting Process Check ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check/README.md )
* [macOS PID Reuse ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check/macos-pid-reuse.md )
2023-11-06 15:08:56 +00:00
* [macOS xpc\_connection\_get\_audit\_token Attack ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check/macos-xpc\_connection\_get\_audit\_token-attack.md )
2023-06-26 14:40:53 +00:00
* [macOS Thread Injection via Task port ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-thread-injection-via-task-port.md )
2023-12-04 09:24:40 +00:00
* [macOS Java Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-java-apps-injection.md )
2023-06-01 20:53:50 +00:00
* [macOS Library Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection/README.md )
2024-04-06 16:25:58 +00:00
* [macOS Dyld Hijacking & DYLD\_INSERT\_LIBRARIES ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection/macos-dyld-hijacking-and-dyld\_insert\_libraries.md )
2024-04-29 10:17:22 +00:00
* [macOS Dyld Process ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection/macos-dyld-process.md )
2023-12-04 09:24:40 +00:00
* [macOS Perl Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-perl-applications-injection.md )
2024-02-23 16:31:32 +00:00
* [macOS Python Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-python-applications-injection.md )
2024-01-22 12:24:45 +00:00
* [macOS Ruby Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ruby-applications-injection.md )
2023-10-10 17:45:58 +00:00
* [macOS .Net Applications Injection ](macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-.net-applications-injection.md )
2023-06-01 21:44:32 +00:00
* [macOS Security Protections ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/README.md )
2023-10-16 12:46:58 +00:00
* [macOS Gatekeeper / Quarantine / XProtect ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-gatekeeper.md )
2023-11-11 10:49:26 +00:00
* [macOS Launch/Environment Constraints & Trust Cache ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-launch-environment-constraints.md )
2023-06-01 21:44:32 +00:00
* [macOS Sandbox ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/README.md )
2023-09-28 22:52:07 +00:00
* [macOS Default Sandbox Debug ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-default-sandbox-debug.md )
2023-06-11 01:04:59 +00:00
* [macOS Sandbox Debug & Bypass ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-sandbox-debug-and-bypass/README.md )
* [macOS Office Sandbox Bypasses ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-sandbox-debug-and-bypass/macos-office-sandbox-bypasses.md )
2024-09-23 23:13:55 +00:00
* [macOS Authorizations DB & Authd ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-authorizations-db-and-authd.md )
2023-10-16 00:58:28 +00:00
* [macOS SIP ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sip.md )
2023-06-01 21:44:32 +00:00
* [macOS TCC ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/README.md )
2024-04-24 23:38:17 +00:00
* [macOS Apple Events ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-apple-events.md )
2023-10-01 18:04:16 +00:00
* [macOS TCC Bypasses ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/README.md )
* [macOS Apple Scripts ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/macos-apple-scripts.md )
2023-12-29 13:55:22 +00:00
* [macOS TCC Payloads ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-payloads.md )
2023-10-15 14:02:44 +00:00
* [macOS Dangerous Entitlements & TCC perms ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md )
2024-09-23 23:13:55 +00:00
* [macOS - AMFI - AppleMobileFileIntegrity ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-amfi-applemobilefileintegrity.md )
* [macOS MACF - Mandatory Access Control Framework ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-macf-mandatory-access-control-framework.md )
2024-09-22 16:33:38 +00:00
* [macOS Code Signing ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-code-signing.md )
2023-10-18 17:42:31 +00:00
* [macOS FS Tricks ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-fs-tricks/README.md )
* [macOS xattr-acls extra stuff ](macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-fs-tricks/macos-xattr-acls-extra-stuff.md )
2024-09-21 18:19:42 +00:00
* [macOS Users & External Accounts ](macos-hardening/macos-security-and-privilege-escalation/macos-users.md )
2023-06-13 00:15:20 +00:00
* [macOS Red Teaming ](macos-hardening/macos-red-teaming/README.md )
* [macOS MDM ](macos-hardening/macos-red-teaming/macos-mdm/README.md )
* [Enrolling Devices in Other Organisations ](macos-hardening/macos-red-teaming/macos-mdm/enrolling-devices-in-other-organisations.md )
* [macOS Serial Number ](macos-hardening/macos-red-teaming/macos-mdm/macos-serial-number.md )
2023-06-15 00:48:05 +00:00
* [macOS Keychain ](macos-hardening/macos-red-teaming/macos-keychain.md )
2023-06-01 21:44:32 +00:00
* [macOS Useful Commands ](macos-hardening/macos-useful-commands.md )
2023-09-28 20:05:35 +00:00
* [macOS Auto Start ](macos-hardening/macos-auto-start-locations.md )
2022-05-01 13:25:53 +00:00
## 🪟 Windows Hardening
* [Checklist - Local Windows Privilege Escalation ](windows-hardening/checklist-windows-privilege-escalation.md )
* [Windows Local Privilege Escalation ](windows-hardening/windows-local-privilege-escalation/README.md )
2024-04-06 16:25:58 +00:00
* [Abusing Tokens ](windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens.md )
2022-05-01 13:25:53 +00:00
* [Access Tokens ](windows-hardening/windows-local-privilege-escalation/access-tokens.md )
* [ACLs - DACLs/SACLs/ACEs ](windows-hardening/windows-local-privilege-escalation/acls-dacls-sacls-aces.md )
2022-10-03 20:20:19 +00:00
* [AppendData/AddSubdirectory permission over service registry ](windows-hardening/windows-local-privilege-escalation/appenddata-addsubdirectory-permission-over-service-registry.md )
* [Create MSI with WIX ](windows-hardening/windows-local-privilege-escalation/create-msi-with-wix.md )
2022-08-12 23:51:41 +00:00
* [COM Hijacking ](windows-hardening/windows-local-privilege-escalation/com-hijacking.md )
2024-04-06 16:25:58 +00:00
* [Dll Hijacking ](windows-hardening/windows-local-privilege-escalation/dll-hijacking/README.md )
2023-03-04 19:17:01 +00:00
* [Writable Sys Path +Dll Hijacking Privesc ](windows-hardening/windows-local-privilege-escalation/dll-hijacking/writable-sys-path-+dll-hijacking-privesc.md )
2022-10-03 20:20:19 +00:00
* [DPAPI - Extracting Passwords ](windows-hardening/windows-local-privilege-escalation/dpapi-extracting-passwords.md )
2022-05-01 13:25:53 +00:00
* [From High Integrity to SYSTEM with Name Pipes ](windows-hardening/windows-local-privilege-escalation/from-high-integrity-to-system-with-name-pipes.md )
* [Integrity Levels ](windows-hardening/windows-local-privilege-escalation/integrity-levels.md )
* [JuicyPotato ](windows-hardening/windows-local-privilege-escalation/juicypotato.md )
* [Leaked Handle Exploitation ](windows-hardening/windows-local-privilege-escalation/leaked-handle-exploitation.md )
* [MSI Wrapper ](windows-hardening/windows-local-privilege-escalation/msi-wrapper.md )
* [Named Pipe Client Impersonation ](windows-hardening/windows-local-privilege-escalation/named-pipe-client-impersonation.md )
* [Privilege Escalation with Autoruns ](windows-hardening/windows-local-privilege-escalation/privilege-escalation-with-autorun-binaries.md )
2023-04-13 22:25:26 +00:00
* [RoguePotato, PrintSpoofer, SharpEfsPotato, GodPotato ](windows-hardening/windows-local-privilege-escalation/roguepotato-and-printspoofer.md )
2022-05-01 13:25:53 +00:00
* [SeDebug + SeImpersonate copy token ](windows-hardening/windows-local-privilege-escalation/sedebug-+-seimpersonate-copy-token.md )
2022-10-03 20:20:19 +00:00
* [SeImpersonate from High To System ](windows-hardening/windows-local-privilege-escalation/seimpersonate-from-high-to-system.md )
2022-05-01 13:25:53 +00:00
* [Windows C Payloads ](windows-hardening/windows-local-privilege-escalation/windows-c-payloads.md )
* [Active Directory Methodology ](windows-hardening/active-directory-methodology/README.md )
2022-10-10 21:08:59 +00:00
* [Abusing Active Directory ACLs/ACEs ](windows-hardening/active-directory-methodology/acl-persistence-abuse/README.md )
* [Shadow Credentials ](windows-hardening/active-directory-methodology/acl-persistence-abuse/shadow-credentials.md )
2024-04-06 16:25:58 +00:00
* [AD Certificates ](windows-hardening/active-directory-methodology/ad-certificates/README.md )
2022-09-03 00:24:33 +00:00
* [AD CS Account Persistence ](windows-hardening/active-directory-methodology/ad-certificates/account-persistence.md )
* [AD CS Domain Escalation ](windows-hardening/active-directory-methodology/ad-certificates/domain-escalation.md )
* [AD CS Domain Persistence ](windows-hardening/active-directory-methodology/ad-certificates/domain-persistence.md )
* [AD CS Certificate Theft ](windows-hardening/active-directory-methodology/ad-certificates/certificate-theft.md )
2022-05-01 13:25:53 +00:00
* [AD information in printers ](windows-hardening/active-directory-methodology/ad-information-in-printers.md )
2022-10-05 22:52:18 +00:00
* [AD DNS Records ](windows-hardening/active-directory-methodology/ad-dns-records.md )
2022-05-01 13:25:53 +00:00
* [ASREPRoast ](windows-hardening/active-directory-methodology/asreproast.md )
2022-10-06 23:16:43 +00:00
* [BloodHound & Other AD Enum Tools ](windows-hardening/active-directory-methodology/bloodhound.md )
2022-05-01 13:25:53 +00:00
* [Constrained Delegation ](windows-hardening/active-directory-methodology/constrained-delegation.md )
* [Custom SSP ](windows-hardening/active-directory-methodology/custom-ssp.md )
* [DCShadow ](windows-hardening/active-directory-methodology/dcshadow.md )
* [DCSync ](windows-hardening/active-directory-methodology/dcsync.md )
2022-08-15 19:31:10 +00:00
* [Diamond Ticket ](windows-hardening/active-directory-methodology/diamond-ticket.md )
2022-05-01 13:25:53 +00:00
* [DSRM Credentials ](windows-hardening/active-directory-methodology/dsrm-credentials.md )
2022-10-06 09:16:41 +00:00
* [External Forest Domain - OneWay (Inbound) or bidirectional ](windows-hardening/active-directory-methodology/external-forest-domain-oneway-inbound.md )
2022-08-16 00:18:24 +00:00
* [External Forest Domain - One-Way (Outbound) ](windows-hardening/active-directory-methodology/external-forest-domain-one-way-outbound.md )
2022-05-01 13:25:53 +00:00
* [Golden Ticket ](windows-hardening/active-directory-methodology/golden-ticket.md )
* [Kerberoast ](windows-hardening/active-directory-methodology/kerberoast.md )
2022-10-05 22:25:34 +00:00
* [Kerberos Authentication ](windows-hardening/active-directory-methodology/kerberos-authentication.md )
* [Kerberos Double Hop Problem ](windows-hardening/active-directory-methodology/kerberos-double-hop-problem.md )
2022-08-17 05:31:13 +00:00
* [LAPS ](windows-hardening/active-directory-methodology/laps.md )
2022-08-15 13:00:19 +00:00
* [MSSQL AD Abuse ](windows-hardening/active-directory-methodology/abusing-ad-mssql.md )
2022-05-01 13:25:53 +00:00
* [Over Pass the Hash/Pass the Key ](windows-hardening/active-directory-methodology/over-pass-the-hash-pass-the-key.md )
* [Pass the Ticket ](windows-hardening/active-directory-methodology/pass-the-ticket.md )
2023-12-26 20:51:20 +00:00
* [Password Spraying / Brute Force ](windows-hardening/active-directory-methodology/password-spraying.md )
2022-10-03 23:18:35 +00:00
* [PrintNightmare ](windows-hardening/active-directory-methodology/printnightmare.md )
2022-05-01 13:25:53 +00:00
* [Force NTLM Privileged Authentication ](windows-hardening/active-directory-methodology/printers-spooler-service-abuse.md )
2022-10-03 21:39:01 +00:00
* [Privileged Groups ](windows-hardening/active-directory-methodology/privileged-groups-and-token-privileges.md )
2022-08-16 00:18:24 +00:00
* [RDP Sessions Abuse ](windows-hardening/active-directory-methodology/rdp-sessions-abuse.md )
2022-05-01 13:25:53 +00:00
* [Resource-based Constrained Delegation ](windows-hardening/active-directory-methodology/resource-based-constrained-delegation.md )
* [Security Descriptors ](windows-hardening/active-directory-methodology/security-descriptors.md )
2022-08-15 21:10:48 +00:00
* [SID-History Injection ](windows-hardening/active-directory-methodology/sid-history-injection.md )
2022-05-01 13:25:53 +00:00
* [Silver Ticket ](windows-hardening/active-directory-methodology/silver-ticket.md )
* [Skeleton Key ](windows-hardening/active-directory-methodology/skeleton-key.md )
* [Unconstrained Delegation ](windows-hardening/active-directory-methodology/unconstrained-delegation.md )
2024-04-06 16:25:58 +00:00
* [Windows Security Controls ](windows-hardening/authentication-credentials-uac-and-efs/README.md )
* [UAC - User Account Control ](windows-hardening/authentication-credentials-uac-and-efs/uac-user-account-control.md )
2022-05-01 13:25:53 +00:00
* [NTLM ](windows-hardening/ntlm/README.md )
* [Places to steal NTLM creds ](windows-hardening/ntlm/places-to-steal-ntlm-creds.md )
2022-08-13 15:36:34 +00:00
* [Lateral Movement ](windows-hardening/lateral-movement/README.md )
2024-04-06 16:25:58 +00:00
* [AtExec / SchtasksExec ](windows-hardening/lateral-movement/atexec.md )
2022-08-13 15:36:34 +00:00
* [DCOM Exec ](windows-hardening/lateral-movement/dcom-exec.md )
2024-04-06 16:25:58 +00:00
* [PsExec/Winexec/ScExec ](windows-hardening/lateral-movement/psexec-and-winexec.md )
* [SmbExec/ScExec ](windows-hardening/lateral-movement/smbexec.md )
* [WinRM ](windows-hardening/lateral-movement/winrm.md )
2024-07-18 16:03:34 +00:00
* [WmiExec ](windows-hardening/lateral-movement/wmiexec.md )
2022-10-25 22:14:28 +00:00
* [Pivoting to the Cloud ](https://cloud.hacktricks.xyz/pentesting-cloud/azure-security/az-lateral-movements )
2023-01-24 14:43:15 +00:00
* [Stealing Windows Credentials ](windows-hardening/stealing-credentials/README.md )
* [Windows Credentials Protections ](windows-hardening/stealing-credentials/credentials-protections.md )
* [Mimikatz ](windows-hardening/stealing-credentials/credentials-mimikatz.md )
2024-04-06 16:25:58 +00:00
* [WTS Impersonator ](windows-hardening/stealing-credentials/wts-impersonator.md )
2023-01-24 14:43:15 +00:00
* [Basic Win CMD for Pentesters ](windows-hardening/basic-cmd-for-pentesters.md )
2022-05-01 13:25:53 +00:00
* [Basic PowerShell for Pentesters ](windows-hardening/basic-powershell-for-pentesters/README.md )
2022-08-13 13:54:19 +00:00
* [PowerView/SharpView ](windows-hardening/basic-powershell-for-pentesters/powerview.md )
2023-04-18 23:46:39 +00:00
* [Antivirus (AV) Bypass ](windows-hardening/av-bypass.md )
2022-05-01 13:25:53 +00:00
## 📱 Mobile Pentesting
* [Android APK Checklist ](mobile-pentesting/android-checklist.md )
* [Android Applications Pentesting ](mobile-pentesting/android-app-pentesting/README.md )
* [Android Applications Basics ](mobile-pentesting/android-app-pentesting/android-applications-basics.md )
* [Android Task Hijacking ](mobile-pentesting/android-app-pentesting/android-task-hijacking.md )
* [ADB Commands ](mobile-pentesting/android-app-pentesting/adb-commands.md )
* [APK decompilers ](mobile-pentesting/android-app-pentesting/apk-decompilers.md )
* [AVD - Android Virtual Device ](mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md )
2022-10-26 09:06:33 +00:00
* [Bypass Biometric Authentication (Android) ](mobile-pentesting/android-app-pentesting/bypass-biometric-authentication-android.md )
2022-05-01 13:25:53 +00:00
* [content:// protocol ](mobile-pentesting/android-app-pentesting/content-protocol.md )
* [Drozer Tutorial ](mobile-pentesting/android-app-pentesting/drozer-tutorial/README.md )
* [Exploiting Content Providers ](mobile-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md )
2023-10-05 10:00:26 +00:00
* [Exploiting a debuggeable application ](mobile-pentesting/android-app-pentesting/exploiting-a-debuggeable-applciation.md )
2022-05-01 13:25:53 +00:00
* [Frida Tutorial ](mobile-pentesting/android-app-pentesting/frida-tutorial/README.md )
* [Frida Tutorial 1 ](mobile-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-1.md )
* [Frida Tutorial 2 ](mobile-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-2.md )
* [Frida Tutorial 3 ](mobile-pentesting/android-app-pentesting/frida-tutorial/owaspuncrackable-1.md )
* [Objection Tutorial ](mobile-pentesting/android-app-pentesting/frida-tutorial/objection-tutorial.md )
* [Google CTF 2018 - Shall We Play a Game? ](mobile-pentesting/android-app-pentesting/google-ctf-2018-shall-we-play-a-game.md )
2023-10-05 10:00:26 +00:00
* [Install Burp Certificate ](mobile-pentesting/android-app-pentesting/install-burp-certificate.md )
2022-05-01 13:25:53 +00:00
* [Intent Injection ](mobile-pentesting/android-app-pentesting/intent-injection.md )
* [Make APK Accept CA Certificate ](mobile-pentesting/android-app-pentesting/make-apk-accept-ca-certificate.md )
* [Manual DeObfuscation ](mobile-pentesting/android-app-pentesting/manual-deobfuscation.md )
* [React Native Application ](mobile-pentesting/android-app-pentesting/react-native-application.md )
* [Reversing Native Libraries ](mobile-pentesting/android-app-pentesting/reversing-native-libraries.md )
* [Smali - Decompiling/\[Modifying\]/Compiling](mobile-pentesting/android-app-pentesting/smali-changes.md)
* [Spoofing your location in Play Store ](mobile-pentesting/android-app-pentesting/spoofing-your-location-in-play-store.md )
2023-08-25 11:36:13 +00:00
* [Tapjacking ](mobile-pentesting/android-app-pentesting/tapjacking.md )
2022-05-01 13:25:53 +00:00
* [Webview Attacks ](mobile-pentesting/android-app-pentesting/webview-attacks.md )
* [iOS Pentesting Checklist ](mobile-pentesting/ios-pentesting-checklist.md )
* [iOS Pentesting ](mobile-pentesting/ios-pentesting/README.md )
* [iOS App Extensions ](mobile-pentesting/ios-pentesting/ios-app-extensions.md )
* [iOS Basics ](mobile-pentesting/ios-pentesting/ios-basics.md )
2023-10-09 19:38:55 +00:00
* [iOS Basic Testing Operations ](mobile-pentesting/ios-pentesting/basic-ios-testing-operations.md )
* [iOS Burp Suite Configuration ](mobile-pentesting/ios-pentesting/burp-configuration-for-ios.md )
2022-05-01 13:25:53 +00:00
* [iOS Custom URI Handlers / Deeplinks / Custom Schemes ](mobile-pentesting/ios-pentesting/ios-custom-uri-handlers-deeplinks-custom-schemes.md )
2023-10-09 19:38:55 +00:00
* [iOS Extracting Entitlements From Compiled Application ](mobile-pentesting/ios-pentesting/extracting-entitlements-from-compiled-application.md )
* [iOS Frida Configuration ](mobile-pentesting/ios-pentesting/frida-configuration-in-ios.md )
2022-05-01 13:25:53 +00:00
* [iOS Hooking With Objection ](mobile-pentesting/ios-pentesting/ios-hooking-with-objection.md )
* [iOS Protocol Handlers ](mobile-pentesting/ios-pentesting/ios-protocol-handlers.md )
* [iOS Serialisation and Encoding ](mobile-pentesting/ios-pentesting/ios-serialisation-and-encoding.md )
* [iOS Testing Environment ](mobile-pentesting/ios-pentesting/ios-testing-environment.md )
* [iOS UIActivity Sharing ](mobile-pentesting/ios-pentesting/ios-uiactivity-sharing.md )
* [iOS Universal Links ](mobile-pentesting/ios-pentesting/ios-universal-links.md )
* [iOS UIPasteboard ](mobile-pentesting/ios-pentesting/ios-uipasteboard.md )
* [iOS WebViews ](mobile-pentesting/ios-pentesting/ios-webviews.md )
2023-07-11 09:47:01 +00:00
* [Cordova Apps ](mobile-pentesting/cordova-apps.md )
2023-07-31 15:59:11 +00:00
* [Xamarin Apps ](mobile-pentesting/xamarin-apps.md )
2022-05-01 13:25:53 +00:00
## 👽 Network Services Pentesting
* [Pentesting JDWP - Java Debug Wire Protocol ](network-services-pentesting/pentesting-jdwp-java-debug-wire-protocol.md )
2024-02-09 00:32:07 +00:00
* [Pentesting Printers ](http://hacking-printers.net/wiki/index.php/Main\_Page )
2022-05-01 13:25:53 +00:00
* [Pentesting SAP ](network-services-pentesting/pentesting-sap.md )
2023-04-17 15:16:32 +00:00
* [Pentesting VoIP ](network-services-pentesting/pentesting-voip/README.md )
* [Basic VoIP Protocols ](network-services-pentesting/pentesting-voip/basic-voip-protocols/README.md )
* [SIP (Session Initiation Protocol) ](network-services-pentesting/pentesting-voip/basic-voip-protocols/sip-session-initiation-protocol.md )
2022-05-01 13:25:53 +00:00
* [Pentesting Remote GdbServer ](network-services-pentesting/pentesting-remote-gdbserver.md )
* [7/tcp/udp - Pentesting Echo ](network-services-pentesting/7-tcp-udp-pentesting-echo.md )
* [21 - Pentesting FTP ](network-services-pentesting/pentesting-ftp/README.md )
* [FTP Bounce attack - Scan ](network-services-pentesting/pentesting-ftp/ftp-bounce-attack.md )
* [FTP Bounce - Download 2ºFTP file ](network-services-pentesting/pentesting-ftp/ftp-bounce-download-2oftp-file.md )
* [22 - Pentesting SSH/SFTP ](network-services-pentesting/pentesting-ssh.md )
* [23 - Pentesting Telnet ](network-services-pentesting/pentesting-telnet.md )
* [25,465,587 - Pentesting SMTP/s ](network-services-pentesting/pentesting-smtp/README.md )
2024-03-17 14:42:04 +00:00
* [SMTP Smuggling ](network-services-pentesting/pentesting-smtp/smtp-smuggling.md )
2022-05-01 13:25:53 +00:00
* [SMTP - Commands ](network-services-pentesting/pentesting-smtp/smtp-commands.md )
* [43 - Pentesting WHOIS ](network-services-pentesting/43-pentesting-whois.md )
2022-09-30 10:27:15 +00:00
* [49 - Pentesting TACACS+ ](network-services-pentesting/49-pentesting-tacacs+.md )
2022-05-01 13:25:53 +00:00
* [53 - Pentesting DNS ](network-services-pentesting/pentesting-dns.md )
* [69/UDP TFTP/Bittorrent-tracker ](network-services-pentesting/69-udp-tftp.md )
* [79 - Pentesting Finger ](network-services-pentesting/pentesting-finger.md )
* [80,443 - Pentesting Web Methodology ](network-services-pentesting/pentesting-web/README.md )
* [403 & 401 Bypasses ](network-services-pentesting/pentesting-web/403-and-401-bypasses.md )
* [AEM - Adobe Experience Cloud ](network-services-pentesting/pentesting-web/aem-adobe-experience-cloud.md )
2023-09-10 22:08:47 +00:00
* [Angular ](network-services-pentesting/pentesting-web/angular.md )
2022-05-01 13:25:53 +00:00
* [Apache ](network-services-pentesting/pentesting-web/apache.md )
* [Artifactory Hacking guide ](network-services-pentesting/pentesting-web/artifactory-hacking-guide.md )
2023-03-28 10:15:00 +00:00
* [Bolt CMS ](network-services-pentesting/pentesting-web/bolt-cms.md )
2022-05-01 13:25:53 +00:00
* [Buckets ](network-services-pentesting/pentesting-web/buckets/README.md )
* [Firebase Database ](network-services-pentesting/pentesting-web/buckets/firebase-database.md )
* [CGI ](network-services-pentesting/pentesting-web/cgi.md )
2022-10-02 15:25:27 +00:00
* [DotNetNuke (DNN) ](network-services-pentesting/pentesting-web/dotnetnuke-dnn.md )
2024-05-08 15:46:12 +00:00
* [Drupal ](network-services-pentesting/pentesting-web/drupal/README.md )
* [Drupal RCE ](network-services-pentesting/pentesting-web/drupal/drupal-rce.md )
2023-10-27 16:04:24 +00:00
* [Electron Desktop Apps ](network-services-pentesting/pentesting-web/electron-desktop-apps/README.md )
* [Electron contextIsolation RCE via preload code ](network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-preload-code.md )
* [Electron contextIsolation RCE via Electron internal code ](network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-electron-internal-code.md )
* [Electron contextIsolation RCE via IPC ](network-services-pentesting/pentesting-web/electron-desktop-apps/electron-contextisolation-rce-via-ipc.md )
2022-05-01 13:25:53 +00:00
* [Flask ](network-services-pentesting/pentesting-web/flask.md )
2022-05-20 11:11:49 +00:00
* [NodeJS Express ](network-services-pentesting/pentesting-web/nodejs-express.md )
2022-05-01 13:25:53 +00:00
* [Git ](network-services-pentesting/pentesting-web/git.md )
* [Golang ](network-services-pentesting/pentesting-web/golang.md )
2023-12-26 00:45:07 +00:00
* [GWT - Google Web Toolkit ](network-services-pentesting/pentesting-web/gwt-google-web-toolkit.md )
2023-04-06 23:17:12 +00:00
* [Grafana ](network-services-pentesting/pentesting-web/grafana.md )
2022-05-01 13:25:53 +00:00
* [GraphQL ](network-services-pentesting/pentesting-web/graphql.md )
* [H2 - Java SQL database ](network-services-pentesting/pentesting-web/h2-java-sql-database.md )
* [IIS - Internet Information Services ](network-services-pentesting/pentesting-web/iis-internet-information-services.md )
2023-01-16 14:53:23 +00:00
* [ImageMagick Security ](network-services-pentesting/pentesting-web/imagemagick-security.md )
2022-05-01 13:25:53 +00:00
* [JBOSS ](network-services-pentesting/pentesting-web/jboss.md )
2024-08-17 17:01:01 +00:00
* [Jira & Confluence ](network-services-pentesting/pentesting-web/jira.md )
2022-05-01 13:25:53 +00:00
* [Joomla ](network-services-pentesting/pentesting-web/joomla.md )
* [JSP ](network-services-pentesting/pentesting-web/jsp.md )
* [Laravel ](network-services-pentesting/pentesting-web/laravel.md )
* [Moodle ](network-services-pentesting/pentesting-web/moodle.md )
* [Nginx ](network-services-pentesting/pentesting-web/nginx.md )
2024-08-18 15:52:20 +00:00
* [NextJS ](network-services-pentesting/pentesting-web/nextjs.md )
2022-06-19 15:56:48 +00:00
* [PHP Tricks ](network-services-pentesting/pentesting-web/php-tricks-esp/README.md )
2022-05-01 13:25:53 +00:00
* [PHP - Useful Functions & disable\_functions/open\_basedir bypass ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/README.md )
* [disable\_functions bypass - php-fpm/FastCGI ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-fpm-fastcgi.md )
* [disable\_functions bypass - dl function ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-dl-function.md )
* [disable\_functions bypass - PHP 7.0-7.4 (\*nix only) ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-7.0-7.4-nix-only.md )
* [disable\_functions bypass - Imagick <= 3.3.0 PHP >= 5.4 Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-imagick-less-than-3.3.0-php-greater-than-5.4-exploit.md )
* [disable\_functions - PHP 5.x Shellshock Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-php-5.x-shellshock-exploit.md )
* [disable\_functions - PHP 5.2.4 ionCube extension Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-php-5.2.4-ioncube-extension-exploit.md )
* [disable\_functions bypass - PHP <= 5.2.9 on windows ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-less-than-5.2.9-on-windows.md )
* [disable\_functions bypass - PHP 5.2.4 and 5.2.5 PHP cURL ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-5.2.4-and-5.2.5-php-curl.md )
* [disable\_functions bypass - PHP safe\_mode bypass via proc\_open() and custom environment Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-safe\_mode-bypass-via-proc\_open-and-custom-environment-exploit.md )
* [disable\_functions bypass - PHP Perl Extension Safe\_mode Bypass Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-perl-extension-safe\_mode-bypass-exploit.md )
* [disable\_functions bypass - PHP 5.2.3 - Win32std ext Protections Bypass ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-5.2.3-win32std-ext-protections-bypass.md )
* [disable\_functions bypass - PHP 5.2 - FOpen Exploit ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-5.2-fopen-exploit.md )
* [disable\_functions bypass - via mem ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-via-mem.md )
* [disable\_functions bypass - mod\_cgi ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-mod\_cgi.md )
* [disable\_functions bypass - PHP 4 >= 4.2.0, PHP 5 pcntl\_exec ](network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass/disable\_functions-bypass-php-4-greater-than-4.2.0-php-5-pcntl\_exec.md )
2022-08-04 10:07:55 +00:00
* [PHP - RCE abusing object creation: new $\_GET\["a"\ ]($\_GET\["b"\] )](network-services-pentesting/pentesting-web/php-tricks-esp/php-rce-abusing-object-creation-new-usd\_get-a-usd\_get-b.md)
2023-01-22 18:27:01 +00:00
* [PHP SSRF ](network-services-pentesting/pentesting-web/php-tricks-esp/php-ssrf.md )
2024-08-21 09:06:14 +00:00
* [PrestaShop ](network-services-pentesting/pentesting-web/prestashop.md )
2022-05-01 13:25:53 +00:00
* [Python ](network-services-pentesting/pentesting-web/python.md )
2023-03-28 11:38:04 +00:00
* [Rocket Chat ](network-services-pentesting/pentesting-web/rocket-chat.md )
2022-05-01 13:25:53 +00:00
* [Special HTTP headers ](network-services-pentesting/pentesting-web/special-http-headers.md )
2023-10-27 16:04:24 +00:00
* [Source code Review / SAST Tools ](network-services-pentesting/pentesting-web/code-review-tools.md )
2022-05-01 13:25:53 +00:00
* [Spring Actuators ](network-services-pentesting/pentesting-web/spring-actuators.md )
2022-06-10 11:37:23 +00:00
* [Symfony ](network-services-pentesting/pentesting-web/symphony.md )
2024-04-06 16:25:58 +00:00
* [Tomcat ](network-services-pentesting/pentesting-web/tomcat/README.md )
2022-10-02 23:29:55 +00:00
* [Basic Tomcat Info ](network-services-pentesting/pentesting-web/tomcat/basic-tomcat-info.md )
2022-05-01 13:25:53 +00:00
* [Uncovering CloudFlare ](network-services-pentesting/pentesting-web/uncovering-cloudflare.md )
* [VMWare (ESX, VCenter...) ](network-services-pentesting/pentesting-web/vmware-esx-vcenter....md )
* [Web API Pentesting ](network-services-pentesting/pentesting-web/web-api-pentesting.md )
* [WebDav ](network-services-pentesting/pentesting-web/put-method-webdav.md )
2023-03-28 21:30:40 +00:00
* [Werkzeug / Flask Debug ](network-services-pentesting/pentesting-web/werkzeug.md )
2022-05-01 13:25:53 +00:00
* [Wordpress ](network-services-pentesting/pentesting-web/wordpress.md )
* [88tcp/udp - Pentesting Kerberos ](network-services-pentesting/pentesting-kerberos-88/README.md )
* [Harvesting tickets from Windows ](network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-windows.md )
* [Harvesting tickets from Linux ](network-services-pentesting/pentesting-kerberos-88/harvesting-tickets-from-linux.md )
* [110,995 - Pentesting POP ](network-services-pentesting/pentesting-pop.md )
* [111/TCP/UDP - Pentesting Portmapper ](network-services-pentesting/pentesting-rpcbind.md )
* [113 - Pentesting Ident ](network-services-pentesting/113-pentesting-ident.md )
* [123/udp - Pentesting NTP ](network-services-pentesting/pentesting-ntp.md )
* [135, 593 - Pentesting MSRPC ](network-services-pentesting/135-pentesting-msrpc.md )
* [137,138,139 - Pentesting NetBios ](network-services-pentesting/137-138-139-pentesting-netbios.md )
2024-04-06 16:25:58 +00:00
* [139,445 - Pentesting SMB ](network-services-pentesting/pentesting-smb/README.md )
2022-10-04 21:36:29 +00:00
* [rpcclient enumeration ](network-services-pentesting/pentesting-smb/rpcclient-enumeration.md )
2022-05-01 13:25:53 +00:00
* [143,993 - Pentesting IMAP ](network-services-pentesting/pentesting-imap.md )
* [161,162,10161,10162/udp - Pentesting SNMP ](network-services-pentesting/pentesting-snmp/README.md )
2022-09-30 10:43:59 +00:00
* [Cisco SNMP ](network-services-pentesting/pentesting-snmp/cisco-snmp.md )
2022-05-01 13:25:53 +00:00
* [SNMP RCE ](network-services-pentesting/pentesting-snmp/snmp-rce.md )
* [194,6667,6660-7000 - Pentesting IRC ](network-services-pentesting/pentesting-irc.md )
* [264 - Pentesting Check Point FireWall-1 ](network-services-pentesting/pentesting-264-check-point-firewall-1.md )
* [389, 636, 3268, 3269 - Pentesting LDAP ](network-services-pentesting/pentesting-ldap.md )
* [500/udp - Pentesting IPsec/IKE VPN ](network-services-pentesting/ipsec-ike-vpn-pentesting.md )
* [502 - Pentesting Modbus ](network-services-pentesting/pentesting-modbus.md )
* [512 - Pentesting Rexec ](network-services-pentesting/512-pentesting-rexec.md )
* [513 - Pentesting Rlogin ](network-services-pentesting/pentesting-rlogin.md )
* [514 - Pentesting Rsh ](network-services-pentesting/pentesting-rsh.md )
* [515 - Pentesting Line Printer Daemon (LPD) ](network-services-pentesting/515-pentesting-line-printer-daemon-lpd.md )
* [548 - Pentesting Apple Filing Protocol (AFP) ](network-services-pentesting/584-pentesting-afp.md )
* [554,8554 - Pentesting RTSP ](network-services-pentesting/554-8554-pentesting-rtsp.md )
* [623/UDP/TCP - IPMI ](network-services-pentesting/623-udp-ipmi.md )
* [631 - Internet Printing Protocol(IPP) ](network-services-pentesting/pentesting-631-internet-printing-protocol-ipp.md )
2024-03-15 22:07:01 +00:00
* [700 - Pentesting EPP ](network-services-pentesting/700-pentesting-epp.md )
2022-05-01 13:25:53 +00:00
* [873 - Pentesting Rsync ](network-services-pentesting/873-pentesting-rsync.md )
* [1026 - Pentesting Rusersd ](network-services-pentesting/1026-pentesting-rusersd.md )
* [1080 - Pentesting Socks ](network-services-pentesting/1080-pentesting-socks.md )
* [1098/1099/1050 - Pentesting Java RMI - RMI-IIOP ](network-services-pentesting/1099-pentesting-java-rmi.md )
2023-11-05 22:25:53 +00:00
* [1414 - Pentesting IBM MQ ](network-services-pentesting/1414-pentesting-ibmmq.md )
2022-10-09 17:44:56 +00:00
* [1433 - Pentesting MSSQL - Microsoft SQL Server ](network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md )
* [Types of MSSQL Users ](network-services-pentesting/pentesting-mssql-microsoft-sql-server/types-of-mssql-users.md )
2024-04-06 16:25:58 +00:00
* [1521,1522-1529 - Pentesting Oracle TNS Listener ](network-services-pentesting/1521-1522-1529-pentesting-oracle-listener.md )
2022-05-01 13:25:53 +00:00
* [1723 - Pentesting PPTP ](network-services-pentesting/1723-pentesting-pptp.md )
* [1883 - Pentesting MQTT (Mosquitto) ](network-services-pentesting/1883-pentesting-mqtt-mosquitto.md )
* [2049 - Pentesting NFS Service ](network-services-pentesting/nfs-service-pentesting.md )
* [2301,2381 - Pentesting Compaq/HP Insight Manager ](network-services-pentesting/pentesting-compaq-hp-insight-manager.md )
* [2375, 2376 Pentesting Docker ](network-services-pentesting/2375-pentesting-docker.md )
* [3128 - Pentesting Squid ](network-services-pentesting/3128-pentesting-squid.md )
* [3260 - Pentesting ISCSI ](network-services-pentesting/3260-pentesting-iscsi.md )
* [3299 - Pentesting SAPRouter ](network-services-pentesting/3299-pentesting-saprouter.md )
* [3306 - Pentesting Mysql ](network-services-pentesting/pentesting-mysql.md )
* [3389 - Pentesting RDP ](network-services-pentesting/pentesting-rdp.md )
* [3632 - Pentesting distcc ](network-services-pentesting/3632-pentesting-distcc.md )
* [3690 - Pentesting Subversion (svn server) ](network-services-pentesting/3690-pentesting-subversion-svn-server.md )
* [3702/UDP - Pentesting WS-Discovery ](network-services-pentesting/3702-udp-pentesting-ws-discovery.md )
* [4369 - Pentesting Erlang Port Mapper Daemon (epmd) ](network-services-pentesting/4369-pentesting-erlang-port-mapper-daemon-epmd.md )
2022-09-30 10:27:15 +00:00
* [4786 - Cisco Smart Install ](network-services-pentesting/4786-cisco-smart-install.md )
2024-01-14 22:54:07 +00:00
* [4840 - OPC Unified Architecture ](network-services-pentesting/4840-pentesting-opc-ua.md )
2022-05-01 13:25:53 +00:00
* [5000 - Pentesting Docker Registry ](network-services-pentesting/5000-pentesting-docker-registry.md )
* [5353/UDP Multicast DNS (mDNS) and DNS-SD ](network-services-pentesting/5353-udp-multicast-dns-mdns.md )
* [5432,5433 - Pentesting Postgresql ](network-services-pentesting/pentesting-postgresql.md )
2022-11-07 23:12:56 +00:00
* [5439 - Pentesting Redshift ](network-services-pentesting/5439-pentesting-redshift.md )
2022-05-01 13:25:53 +00:00
* [5555 - Android Debug Bridge ](network-services-pentesting/5555-android-debug-bridge.md )
* [5601 - Pentesting Kibana ](network-services-pentesting/5601-pentesting-kibana.md )
* [5671,5672 - Pentesting AMQP ](network-services-pentesting/5671-5672-pentesting-amqp.md )
* [5800,5801,5900,5901 - Pentesting VNC ](network-services-pentesting/pentesting-vnc.md )
* [5984,6984 - Pentesting CouchDB ](network-services-pentesting/5984-pentesting-couchdb.md )
* [5985,5986 - Pentesting WinRM ](network-services-pentesting/5985-5986-pentesting-winrm.md )
* [5985,5986 - Pentesting OMI ](network-services-pentesting/5985-5986-pentesting-omi.md )
* [6000 - Pentesting X11 ](network-services-pentesting/6000-pentesting-x11.md )
* [6379 - Pentesting Redis ](network-services-pentesting/6379-pentesting-redis.md )
* [8009 - Pentesting Apache JServ Protocol (AJP) ](network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md )
* [8086 - Pentesting InfluxDB ](network-services-pentesting/8086-pentesting-influxdb.md )
* [8089 - Pentesting Splunkd ](network-services-pentesting/8089-splunkd.md )
* [8333,18333,38333,18444 - Pentesting Bitcoin ](network-services-pentesting/8333-18333-38333-18444-pentesting-bitcoin.md )
* [9000 - Pentesting FastCGI ](network-services-pentesting/9000-pentesting-fastcgi.md )
* [9001 - Pentesting HSQLDB ](network-services-pentesting/9001-pentesting-hsqldb.md )
* [9042/9160 - Pentesting Cassandra ](network-services-pentesting/cassandra.md )
* [9100 - Pentesting Raw Printing (JetDirect, AppSocket, PDL-datastream) ](network-services-pentesting/9100-pjl.md )
* [9200 - Pentesting Elasticsearch ](network-services-pentesting/9200-pentesting-elasticsearch.md )
* [10000 - Pentesting Network Data Management Protocol (ndmp) ](network-services-pentesting/10000-network-data-management-protocol-ndmp.md )
2023-02-16 13:29:30 +00:00
* [11211 - Pentesting Memcache ](network-services-pentesting/11211-memcache/README.md )
* [Memcache Commands ](network-services-pentesting/11211-memcache/memcache-commands.md )
2022-05-01 13:25:53 +00:00
* [15672 - Pentesting RabbitMQ Management ](network-services-pentesting/15672-pentesting-rabbitmq-management.md )
* [24007,24008,24009,49152 - Pentesting GlusterFS ](network-services-pentesting/24007-24008-24009-49152-pentesting-glusterfs.md )
* [27017,27018 - Pentesting MongoDB ](network-services-pentesting/27017-27018-mongodb.md )
* [44134 - Pentesting Tiller (Helm) ](network-services-pentesting/44134-pentesting-tiller-helm.md )
* [44818/UDP/TCP - Pentesting EthernetIP ](network-services-pentesting/44818-ethernetip.md )
* [47808/udp - Pentesting BACNet ](network-services-pentesting/47808-udp-bacnet.md )
* [50030,50060,50070,50075,50090 - Pentesting Hadoop ](network-services-pentesting/50030-50060-50070-50075-50090-pentesting-hadoop.md )
2020-07-15 15:43:14 +00:00
2024-02-23 15:34:31 +00:00
## 🕸️ Pentesting Web
2020-07-15 15:43:14 +00:00
2024-04-06 16:25:58 +00:00
* [Web Vulnerabilities Methodology ](pentesting-web/web-vulnerabilities-methodology.md )
2021-06-27 16:17:04 +00:00
* [Reflecting Techniques - PoCs and Polygloths CheatSheet ](pentesting-web/pocs-and-polygloths-cheatsheet/README.md )
* [Web Vulns List ](pentesting-web/pocs-and-polygloths-cheatsheet/web-vulns-list.md )
2024-07-29 10:59:49 +00:00
* [2FA/MFA/OTP Bypass ](pentesting-web/2fa-bypass.md )
2022-11-03 10:18:27 +00:00
* [Account Takeover ](pentesting-web/account-takeover.md )
2023-12-27 23:58:16 +00:00
* [Browser Extension Pentesting Methodology ](pentesting-web/browser-extension-pentesting-methodology/README.md )
* [BrowExt - ClickJacking ](pentesting-web/browser-extension-pentesting-methodology/browext-clickjacking.md )
* [BrowExt - permissions & host\_permissions ](pentesting-web/browser-extension-pentesting-methodology/browext-permissions-and-host\_permissions.md )
* [BrowExt - XSS Example ](pentesting-web/browser-extension-pentesting-methodology/browext-xss-example.md )
2020-08-06 09:07:38 +00:00
* [Bypass Payment Process ](pentesting-web/bypass-payment-process.md )
2020-07-15 15:43:14 +00:00
* [Captcha Bypass ](pentesting-web/captcha-bypass.md )
2024-04-10 13:29:30 +00:00
* [Cache Poisoning and Cache Deception ](pentesting-web/cache-deception/README.md )
2024-08-18 10:54:54 +00:00
* [Cache Poisoning via URL discrepancies ](pentesting-web/cache-deception/cache-poisoning-via-url-discrepancies.md )
2024-04-10 13:29:30 +00:00
* [Cache Poisoning to DoS ](pentesting-web/cache-deception/cache-poisoning-to-dos.md )
2020-07-15 15:43:14 +00:00
* [Clickjacking ](pentesting-web/clickjacking.md )
2021-10-18 11:21:18 +00:00
* [Client Side Template Injection (CSTI) ](pentesting-web/client-side-template-injection-csti.md )
2023-01-13 10:30:46 +00:00
* [Client Side Path Traversal ](pentesting-web/client-side-path-traversal.md )
2020-07-15 15:43:14 +00:00
* [Command Injection ](pentesting-web/command-injection.md )
2022-04-19 22:38:50 +00:00
* [Content Security Policy (CSP) Bypass ](pentesting-web/content-security-policy-csp-bypass/README.md )
* [CSP bypass: self + 'unsafe-inline' with Iframes ](pentesting-web/content-security-policy-csp-bypass/csp-bypass-self-+-unsafe-inline-with-iframes.md )
2021-10-19 00:01:07 +00:00
* [Cookies Hacking ](pentesting-web/hacking-with-cookies/README.md )
* [Cookie Tossing ](pentesting-web/hacking-with-cookies/cookie-tossing.md )
* [Cookie Jar Overflow ](pentesting-web/hacking-with-cookies/cookie-jar-overflow.md )
2021-10-20 23:25:53 +00:00
* [Cookie Bomb ](pentesting-web/hacking-with-cookies/cookie-bomb.md )
2020-07-15 15:43:14 +00:00
* [CORS - Misconfigurations & Bypass ](pentesting-web/cors-bypass.md )
2021-10-18 11:21:18 +00:00
* [CRLF (%0D%0A) Injection ](pentesting-web/crlf-0d-0a.md )
* [CSRF (Cross Site Request Forgery) ](pentesting-web/csrf-cross-site-request-forgery.md )
2023-08-24 08:49:18 +00:00
* [Dangling Markup - HTML scriptless injection ](pentesting-web/dangling-markup-html-scriptless-injection/README.md )
* [SS-Leaks ](pentesting-web/dangling-markup-html-scriptless-injection/ss-leaks.md )
2022-11-29 16:54:14 +00:00
* [Dependency Confusion ](pentesting-web/dependency-confusion.md )
2020-07-15 15:43:14 +00:00
* [Deserialization ](pentesting-web/deserialization/README.md )
2021-10-22 10:16:40 +00:00
* [NodeJS - \_\_proto\_\_ & prototype Pollution ](pentesting-web/deserialization/nodejs-proto-prototype-pollution/README.md )
* [Client Side Prototype Pollution ](pentesting-web/deserialization/nodejs-proto-prototype-pollution/client-side-prototype-pollution.md )
2023-03-01 10:14:57 +00:00
* [Express Prototype Pollution Gadgets ](pentesting-web/deserialization/nodejs-proto-prototype-pollution/express-prototype-pollution-gadgets.md )
2022-09-06 08:37:51 +00:00
* [Prototype Pollution to RCE ](pentesting-web/deserialization/nodejs-proto-prototype-pollution/prototype-pollution-to-rce.md )
2021-10-18 11:21:18 +00:00
* [Java JSF ViewState (.faces) Deserialization ](pentesting-web/deserialization/java-jsf-viewstate-.faces-deserialization.md )
2020-07-15 15:43:14 +00:00
* [Java DNS Deserialization, GadgetProbe and Java Deserialization Scanner ](pentesting-web/deserialization/java-dns-deserialization-and-gadgetprobe.md )
2021-10-18 11:21:18 +00:00
* [Basic Java Deserialization (ObjectInputStream, readObject) ](pentesting-web/deserialization/basic-java-deserialization-objectinputstream-readobject.md )
2023-03-23 14:03:29 +00:00
* [PHP - Deserialization + Autoload Classes ](pentesting-web/deserialization/php-deserialization-+-autoload-classes.md )
2021-10-18 11:21:18 +00:00
* [CommonsCollection1 Payload - Java Transformers to Rutime exec() and Thread Sleep ](pentesting-web/deserialization/java-transformers-to-rutime-exec-payload.md )
* [Basic .Net deserialization (ObjectDataProvider gadget, ExpandedWrapper, and Json.Net) ](pentesting-web/deserialization/basic-.net-deserialization-objectdataprovider-gadgets-expandedwrapper-and-json.net.md )
2021-10-19 00:01:07 +00:00
* [Exploiting \_\_VIEWSTATE knowing the secrets ](pentesting-web/deserialization/exploiting-\_\_viewstate-knowing-the-secret.md )
* [Exploiting \_\_VIEWSTATE without knowing the secrets ](pentesting-web/deserialization/exploiting-\_\_viewstate-parameter.md )
2021-11-17 20:11:22 +00:00
* [Python Yaml Deserialization ](pentesting-web/deserialization/python-yaml-deserialization.md )
2021-12-24 01:52:37 +00:00
* [JNDI - Java Naming and Directory Interface & Log4Shell ](pentesting-web/deserialization/jndi-java-naming-and-directory-interface-and-log4shell.md )
2024-11-05 23:45:33 +00:00
* [Ruby Class Pollution ](pentesting-web/deserialization/ruby-class-pollution.md )
2020-12-17 13:13:28 +00:00
* [Domain/Subdomain takeover ](pentesting-web/domain-subdomain-takeover.md )
2022-09-01 23:40:55 +00:00
* [Email Injections ](pentesting-web/email-injections.md )
2020-12-27 14:58:40 +00:00
* [File Inclusion/Path traversal ](pentesting-web/file-inclusion/README.md )
2021-03-19 23:08:07 +00:00
* [phar:// deserialization ](pentesting-web/file-inclusion/phar-deserialization.md )
2022-06-20 00:29:51 +00:00
* [LFI2RCE via PHP Filters ](pentesting-web/file-inclusion/lfi2rce-via-php-filters.md )
2022-04-20 19:39:32 +00:00
* [LFI2RCE via Nginx temp files ](pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md )
2022-12-14 00:23:57 +00:00
* [LFI2RCE via PHP\_SESSION\_UPLOAD\_PROGRESS ](pentesting-web/file-inclusion/via-php\_session\_upload\_progress.md )
* [LFI2RCE via Segmentation Fault ](pentesting-web/file-inclusion/lfi2rce-via-segmentation-fault.md )
2022-04-21 00:07:27 +00:00
* [LFI2RCE via phpinfo() ](pentesting-web/file-inclusion/lfi2rce-via-phpinfo.md )
* [LFI2RCE Via temp file uploads ](pentesting-web/file-inclusion/lfi2rce-via-temp-file-uploads.md )
2022-12-20 09:42:41 +00:00
* [LFI2RCE via Eternal waiting ](pentesting-web/file-inclusion/lfi2rce-via-eternal-waiting.md )
2022-04-21 00:07:27 +00:00
* [LFI2RCE Via compress.zlib + PHP\_STREAM\_PREFER\_STUDIO + Path Disclosure ](pentesting-web/file-inclusion/lfi2rce-via-compress.zlib-+-php\_stream\_prefer\_studio-+-path-disclosure.md )
2020-10-15 13:16:06 +00:00
* [File Upload ](pentesting-web/file-upload/README.md )
* [PDF Upload - XXE and CORS bypass ](pentesting-web/file-upload/pdf-upload-xxe-and-cors-bypass.md )
2023-10-27 15:46:20 +00:00
* [Formula/CSV/Doc/LaTeX/GhostScript Injection ](pentesting-web/formula-csv-doc-latex-ghostscript-injection.md )
2023-12-30 11:49:22 +00:00
* [gRPC-Web Pentest ](pentesting-web/grpc-web-pentest.md )
2022-11-07 10:43:41 +00:00
* [HTTP Connection Contamination ](pentesting-web/http-connection-contamination.md )
2022-08-21 14:40:42 +00:00
* [HTTP Connection Request Smuggling ](pentesting-web/http-connection-request-smuggling.md )
2021-11-05 20:59:42 +00:00
* [HTTP Request Smuggling / HTTP Desync Attack ](pentesting-web/http-request-smuggling/README.md )
2022-08-21 22:53:18 +00:00
* [Browser HTTP Request Smuggling ](pentesting-web/http-request-smuggling/browser-http-request-smuggling.md )
2021-11-05 20:59:42 +00:00
* [Request Smuggling in HTTP/2 Downgrades ](pentesting-web/http-request-smuggling/request-smuggling-in-http-2-downgrades.md )
* [HTTP Response Smuggling / Desync ](pentesting-web/http-response-smuggling-desync.md )
2022-06-19 13:37:58 +00:00
* [Upgrade Header Smuggling ](pentesting-web/h2c-smuggling.md )
2021-11-05 20:59:42 +00:00
* [hop-by-hop headers ](pentesting-web/abusing-hop-by-hop-headers.md )
2020-07-15 15:43:14 +00:00
* [IDOR ](pentesting-web/idor.md )
2021-10-18 11:21:18 +00:00
* [JWT Vulnerabilities (Json Web Tokens) ](pentesting-web/hacking-jwt-json-web-tokens.md )
2020-07-15 15:43:14 +00:00
* [LDAP Injection ](pentesting-web/ldap-injection.md )
2021-06-26 15:50:17 +00:00
* [Login Bypass ](pentesting-web/login-bypass/README.md )
2021-06-26 16:04:21 +00:00
* [Login bypass List ](pentesting-web/login-bypass/sql-login-bypass.md )
2022-05-01 15:53:26 +00:00
* [NoSQL injection ](pentesting-web/nosql-injection.md )
2023-02-16 18:26:56 +00:00
* [OAuth to Account takeover ](pentesting-web/oauth-to-account-takeover.md )
2020-07-15 15:43:14 +00:00
* [Open Redirect ](pentesting-web/open-redirect.md )
2024-07-30 11:00:06 +00:00
* [ORM Injection ](pentesting-web/orm-injection.md )
2020-07-30 08:35:12 +00:00
* [Parameter Pollution ](pentesting-web/parameter-pollution.md )
2022-12-29 12:18:46 +00:00
* [Phone Number Injections ](pentesting-web/phone-number-injections.md )
2022-10-13 00:56:34 +00:00
* [PostMessage Vulnerabilities ](pentesting-web/postmessage-vulnerabilities/README.md )
* [Blocking main page to steal postmessage ](pentesting-web/postmessage-vulnerabilities/blocking-main-page-to-steal-postmessage.md )
* [Bypassing SOP with Iframes - 1 ](pentesting-web/postmessage-vulnerabilities/bypassing-sop-with-iframes-1.md )
* [Bypassing SOP with Iframes - 2 ](pentesting-web/postmessage-vulnerabilities/bypassing-sop-with-iframes-2.md )
* [Steal postmessage modifying iframe location ](pentesting-web/postmessage-vulnerabilities/steal-postmessage-modifying-iframe-location.md )
2023-10-26 14:15:46 +00:00
* [Proxy / WAF Protections Bypass ](pentesting-web/proxy-waf-protections-bypass.md )
2020-07-15 15:43:14 +00:00
* [Race Condition ](pentesting-web/race-condition.md )
* [Rate Limit Bypass ](pentesting-web/rate-limit-bypass.md )
2021-11-30 00:17:48 +00:00
* [Registration & Takeover Vulnerabilities ](pentesting-web/registration-vulnerabilities.md )
2021-01-26 13:53:03 +00:00
* [Regular expression Denial of Service - ReDoS ](pentesting-web/regular-expression-denial-of-service-redos.md )
2021-04-07 13:16:44 +00:00
* [Reset/Forgotten Password Bypass ](pentesting-web/reset-password.md )
2024-08-19 12:40:04 +00:00
* [Reverse Tab Nabbing ](pentesting-web/reverse-tab-nabbing.md )
2021-06-09 23:55:49 +00:00
* [SAML Attacks ](pentesting-web/saml-attacks/README.md )
* [SAML Basics ](pentesting-web/saml-attacks/saml-basics.md )
2021-06-07 16:48:00 +00:00
* [Server Side Inclusion/Edge Side Inclusion Injection ](pentesting-web/server-side-inclusion-edge-side-inclusion-injection.md )
2020-07-15 15:43:14 +00:00
* [SQL Injection ](pentesting-web/sql-injection/README.md )
2022-08-31 13:22:13 +00:00
* [MS Access SQL Injection ](pentesting-web/sql-injection/ms-access-sql-injection.md )
2020-07-15 15:43:14 +00:00
* [MSSQL Injection ](pentesting-web/sql-injection/mssql-injection.md )
2022-08-31 13:22:13 +00:00
* [MySQL injection ](pentesting-web/sql-injection/mysql-injection/README.md )
2022-10-08 18:06:39 +00:00
* [MySQL File priv to SSRF/RCE ](pentesting-web/sql-injection/mysql-injection/mysql-ssrf.md )
2020-07-15 15:43:14 +00:00
* [Oracle injection ](pentesting-web/sql-injection/oracle-injection.md )
2022-12-21 11:19:58 +00:00
* [Cypher Injection (neo4j) ](pentesting-web/sql-injection/cypher-injection-neo4j.md )
2020-07-15 15:43:14 +00:00
* [PostgreSQL injection ](pentesting-web/sql-injection/postgresql-injection/README.md )
2021-10-19 00:01:07 +00:00
* [dblink/lo\_import data exfiltration ](pentesting-web/sql-injection/postgresql-injection/dblink-lo\_import-data-exfiltration.md )
2020-07-15 15:43:14 +00:00
* [PL/pgSQL Password Bruteforce ](pentesting-web/sql-injection/postgresql-injection/pl-pgsql-password-bruteforce.md )
* [Network - Privesc, Port Scanner and NTLM chanllenge response disclosure ](pentesting-web/sql-injection/postgresql-injection/network-privesc-port-scanner-and-ntlm-chanllenge-response-disclosure.md )
2021-10-18 11:21:18 +00:00
* [Big Binary Files Upload (PostgreSQL) ](pentesting-web/sql-injection/postgresql-injection/big-binary-files-upload-postgresql.md )
2022-11-03 18:57:14 +00:00
* [RCE with PostgreSQL Languages ](pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-languages.md )
2020-07-15 15:43:14 +00:00
* [RCE with PostgreSQL Extensions ](pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md )
2024-09-04 19:10:36 +00:00
* [SQLMap - CheatSheet ](pentesting-web/sql-injection/sqlmap/README.md )
2020-07-22 19:36:23 +00:00
* [Second Order Injection - SQLMap ](pentesting-web/sql-injection/sqlmap/second-order-injection-sqlmap.md )
2022-02-13 12:30:13 +00:00
* [SSRF (Server Side Request Forgery) ](pentesting-web/ssrf-server-side-request-forgery/README.md )
* [URL Format Bypass ](pentesting-web/ssrf-server-side-request-forgery/url-format-bypass.md )
* [SSRF Vulnerable Platforms ](pentesting-web/ssrf-server-side-request-forgery/ssrf-vulnerable-platforms.md )
* [Cloud SSRF ](pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.md )
2021-10-18 11:21:18 +00:00
* [SSTI (Server Side Template Injection) ](pentesting-web/ssti-server-side-template-injection/README.md )
2021-06-07 09:30:58 +00:00
* [EL - Expression Language ](pentesting-web/ssti-server-side-template-injection/el-expression-language.md )
2022-07-20 01:03:41 +00:00
* [Jinja2 SSTI ](pentesting-web/ssti-server-side-template-injection/jinja2-ssti.md )
2024-08-19 12:40:04 +00:00
* [Timing Attacks ](pentesting-web/timing-attacks.md )
2022-09-02 10:02:33 +00:00
* [Unicode Injection ](pentesting-web/unicode-injection/README.md )
* [Unicode Normalization ](pentesting-web/unicode-injection/unicode-normalization.md )
2024-06-05 13:26:33 +00:00
* [UUID Insecurities ](pentesting-web/uuid-insecurities.md )
2023-09-29 15:36:01 +00:00
* [WebSocket Attacks ](pentesting-web/websocket-attacks.md )
2020-07-15 15:43:14 +00:00
* [Web Tool - WFuzz ](pentesting-web/web-tool-wfuzz.md )
* [XPATH injection ](pentesting-web/xpath-injection.md )
2023-11-09 15:12:11 +00:00
* [XSLT Server Side Injection (Extensible Stylesheet Language Transformations) ](pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations.md )
2020-07-15 15:43:14 +00:00
* [XXE - XEE - XML External Entity ](pentesting-web/xxe-xee-xml-external-entity.md )
2021-10-18 11:21:18 +00:00
* [XSS (Cross Site Scripting) ](pentesting-web/xss-cross-site-scripting/README.md )
2022-12-20 11:25:07 +00:00
* [Abusing Service Workers ](pentesting-web/xss-cross-site-scripting/abusing-service-workers.md )
2023-01-12 13:44:25 +00:00
* [Chrome Cache to XSS ](pentesting-web/xss-cross-site-scripting/chrome-cache-to-xss.md )
2022-04-25 12:04:04 +00:00
* [Debugging Client Side JS ](pentesting-web/xss-cross-site-scripting/debugging-client-side-js.md )
2022-10-13 00:56:34 +00:00
* [Dom Clobbering ](pentesting-web/xss-cross-site-scripting/dom-clobbering.md )
2023-05-12 14:33:51 +00:00
* [DOM Invader ](pentesting-web/xss-cross-site-scripting/dom-invader.md )
2022-10-13 00:56:34 +00:00
* [DOM XSS ](pentesting-web/xss-cross-site-scripting/dom-xss.md )
2022-04-29 14:01:46 +00:00
* [Iframes in XSS, CSP and SOP ](pentesting-web/xss-cross-site-scripting/iframes-in-xss-and-csp.md )
2024-06-14 10:12:26 +00:00
* [Integer Overflow ](pentesting-web/xss-cross-site-scripting/integer-overflow.md )
2023-12-25 17:29:41 +00:00
* [JS Hoisting ](pentesting-web/xss-cross-site-scripting/js-hoisting.md )
2023-02-07 10:56:16 +00:00
* [Misc JS Tricks & Relevant Info ](pentesting-web/xss-cross-site-scripting/other-js-tricks.md )
2022-10-13 00:56:34 +00:00
* [PDF Injection ](pentesting-web/xss-cross-site-scripting/pdf-injection.md )
* [Server Side XSS (Dynamic PDF) ](pentesting-web/xss-cross-site-scripting/server-side-xss-dynamic-pdf.md )
2023-08-16 08:24:17 +00:00
* [Shadow DOM ](pentesting-web/xss-cross-site-scripting/shadow-dom.md )
2022-10-13 00:56:34 +00:00
* [SOME - Same Origin Method Execution ](pentesting-web/xss-cross-site-scripting/some-same-origin-method-execution.md )
2023-08-16 08:24:17 +00:00
* [Sniff Leak ](pentesting-web/xss-cross-site-scripting/sniff-leak.md )
2022-03-14 23:00:10 +00:00
* [Steal Info JS ](pentesting-web/xss-cross-site-scripting/steal-info-js.md )
2022-05-05 23:53:10 +00:00
* [XSS in Markdown ](pentesting-web/xss-cross-site-scripting/xss-in-markdown.md )
2021-10-18 11:21:18 +00:00
* [XSSI (Cross-Site Script Inclusion) ](pentesting-web/xssi-cross-site-script-inclusion.md )
2024-04-06 16:25:58 +00:00
* [XS-Search/XS-Leaks ](pentesting-web/xs-search/README.md )
2023-08-08 08:05:16 +00:00
* [Connection Pool Examples ](pentesting-web/xs-search/connection-pool-example.md )
2022-10-12 22:10:40 +00:00
* [Connection Pool by Destination Example ](pentesting-web/xs-search/connection-pool-by-destination-example.md )
2023-01-02 23:15:01 +00:00
* [Cookie Bomb + Onerror XS Leak ](pentesting-web/xs-search/cookie-bomb-+-onerror-xs-leak.md )
2023-03-05 22:20:47 +00:00
* [URL Max Length - Client Side ](pentesting-web/xs-search/url-max-length-client-side.md )
2023-01-02 14:57:39 +00:00
* [performance.now example ](pentesting-web/xs-search/performance.now-example.md )
2023-01-02 20:55:19 +00:00
* [performance.now + Force heavy task ](pentesting-web/xs-search/performance.now-+-force-heavy-task.md )
2022-10-12 19:31:39 +00:00
* [Event Loop Blocking + Lazy images ](pentesting-web/xs-search/event-loop-blocking-+-lazy-images.md )
2023-01-22 23:19:55 +00:00
* [JavaScript Execution XS Leak ](pentesting-web/xs-search/javascript-execution-xs-leak.md )
2022-06-27 23:34:20 +00:00
* [CSS Injection ](pentesting-web/xs-search/css-injection/README.md )
* [CSS Injection Code ](pentesting-web/xs-search/css-injection/css-injection-code.md )
2024-06-14 10:12:26 +00:00
* [Iframe Traps ](pentesting-web/iframe-traps.md )
2022-05-01 15:53:26 +00:00
2024-02-23 15:34:31 +00:00
## ⛈️ Cloud Security
2022-05-01 15:53:26 +00:00
2022-09-28 14:34:57 +00:00
* [Pentesting Kubernetes ](https://cloud.hacktricks.xyz/pentesting-cloud/kubernetes-security )
* [Pentesting Cloud (AWS, GCP, Az...) ](https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology )
* [Pentesting CI/CD (Github, Jenkins, Terraform...) ](https://cloud.hacktricks.xyz/pentesting-ci-cd/pentesting-ci-cd-methodology )
2022-05-01 15:53:26 +00:00
## 😎 Hardware/Physical Access
2024-04-06 16:25:58 +00:00
* [Physical Attacks ](hardware-physical-access/physical-attacks.md )
* [Escaping from KIOSKs ](hardware-physical-access/escaping-from-gui-applications.md )
* [Firmware Analysis ](hardware-physical-access/firmware-analysis/README.md )
* [Bootloader testing ](hardware-physical-access/firmware-analysis/bootloader-testing.md )
* [Firmware Integrity ](hardware-physical-access/firmware-analysis/firmware-integrity.md )
2022-05-01 16:04:05 +00:00
2024-04-06 16:25:58 +00:00
## 🎯 Binary Exploitation
2024-06-18 11:39:21 +00:00
* [Basic Stack Binary Exploitation Methodology ](binary-exploitation/basic-stack-binary-exploitation-methodology/README.md )
* [ELF Basic Information ](binary-exploitation/basic-stack-binary-exploitation-methodology/elf-tricks.md )
* [Exploiting Tools ](binary-exploitation/basic-stack-binary-exploitation-methodology/tools/README.md )
* [PwnTools ](binary-exploitation/basic-stack-binary-exploitation-methodology/tools/pwntools.md )
2024-04-06 16:25:58 +00:00
* [Stack Overflow ](binary-exploitation/stack-overflow/README.md )
* [Pointer Redirecting ](binary-exploitation/stack-overflow/pointer-redirecting.md )
2024-04-09 00:13:56 +00:00
* [Ret2win ](binary-exploitation/stack-overflow/ret2win/README.md )
* [Ret2win - arm64 ](binary-exploitation/stack-overflow/ret2win/ret2win-arm64.md )
* [Stack Shellcode ](binary-exploitation/stack-overflow/stack-shellcode/README.md )
* [Stack Shellcode - arm64 ](binary-exploitation/stack-overflow/stack-shellcode/stack-shellcode-arm64.md )
* [Stack Pivoting - EBP2Ret - EBP chaining ](binary-exploitation/stack-overflow/stack-pivoting-ebp2ret-ebp-chaining.md )
2024-04-06 16:25:58 +00:00
* [Uninitialized Variables ](binary-exploitation/stack-overflow/uninitialized-variables.md )
* [ROP - Return Oriented Programing ](binary-exploitation/rop-return-oriented-programing/README.md )
2024-04-15 03:37:27 +00:00
* [BROP - Blind Return Oriented Programming ](binary-exploitation/rop-return-oriented-programing/brop-blind-return-oriented-programming.md )
2024-04-06 16:25:58 +00:00
* [Ret2csu ](binary-exploitation/rop-return-oriented-programing/ret2csu.md )
* [Ret2dlresolve ](binary-exploitation/rop-return-oriented-programing/ret2dlresolve.md )
2024-04-06 19:44:17 +00:00
* [Ret2esp / Ret2reg ](binary-exploitation/rop-return-oriented-programing/ret2esp-ret2reg.md )
2024-04-06 16:25:58 +00:00
* [Ret2lib ](binary-exploitation/rop-return-oriented-programing/ret2lib/README.md )
* [Leaking libc address with ROP ](binary-exploitation/rop-return-oriented-programing/ret2lib/rop-leaking-libc-address/README.md )
* [Leaking libc - template ](binary-exploitation/rop-return-oriented-programing/ret2lib/rop-leaking-libc-address/rop-leaking-libc-template.md )
* [One Gadget ](binary-exploitation/rop-return-oriented-programing/ret2lib/one-gadget.md )
2024-04-12 00:02:49 +00:00
* [Ret2lib + Printf leak - arm64 ](binary-exploitation/rop-return-oriented-programing/ret2lib/ret2lib-+-printf-leak-arm64.md )
2024-04-12 01:30:25 +00:00
* [Ret2syscall ](binary-exploitation/rop-return-oriented-programing/rop-syscall-execv/README.md )
* [Ret2syscall - ARM64 ](binary-exploitation/rop-return-oriented-programing/rop-syscall-execv/ret2syscall-arm64.md )
2024-04-06 19:44:17 +00:00
* [Ret2vDSO ](binary-exploitation/rop-return-oriented-programing/ret2vdso.md )
2024-04-13 14:12:48 +00:00
* [SROP - Sigreturn-Oriented Programming ](binary-exploitation/rop-return-oriented-programing/srop-sigreturn-oriented-programming/README.md )
* [SROP - ARM64 ](binary-exploitation/rop-return-oriented-programing/srop-sigreturn-oriented-programming/srop-arm64.md )
2024-04-06 16:25:58 +00:00
* [Array Indexing ](binary-exploitation/array-indexing.md )
* [Integer Overflow ](binary-exploitation/integer-overflow.md )
* [Format Strings ](binary-exploitation/format-strings/README.md )
2024-04-18 17:49:44 +00:00
* [Format Strings - Arbitrary Read Example ](binary-exploitation/format-strings/format-strings-arbitrary-read-example.md )
2024-04-06 16:25:58 +00:00
* [Format Strings Template ](binary-exploitation/format-strings/format-strings-template.md )
2024-06-16 08:49:18 +00:00
* [Libc Heap ](binary-exploitation/libc-heap/README.md )
* [Bins & Memory Allocations ](binary-exploitation/libc-heap/bins-and-memory-allocations.md )
* [Heap Memory Functions ](binary-exploitation/libc-heap/heap-memory-functions/README.md )
* [free ](binary-exploitation/libc-heap/heap-memory-functions/free.md )
* [malloc & sysmalloc ](binary-exploitation/libc-heap/heap-memory-functions/malloc-and-sysmalloc.md )
* [unlink ](binary-exploitation/libc-heap/heap-memory-functions/unlink.md )
* [Heap Functions Security Checks ](binary-exploitation/libc-heap/heap-memory-functions/heap-functions-security-checks.md )
* [Use After Free ](binary-exploitation/libc-heap/use-after-free/README.md )
* [First Fit ](binary-exploitation/libc-heap/use-after-free/first-fit.md )
* [Double Free ](binary-exploitation/libc-heap/double-free.md )
* [Overwriting a freed chunk ](binary-exploitation/libc-heap/overwriting-a-freed-chunk.md )
* [Heap Overflow ](binary-exploitation/libc-heap/heap-overflow.md )
* [Unlink Attack ](binary-exploitation/libc-heap/unlink-attack.md )
* [Fast Bin Attack ](binary-exploitation/libc-heap/fast-bin-attack.md )
* [Unsorted Bin Attack ](binary-exploitation/libc-heap/unsorted-bin-attack.md )
* [Large Bin Attack ](binary-exploitation/libc-heap/large-bin-attack.md )
* [Tcache Bin Attack ](binary-exploitation/libc-heap/tcache-bin-attack.md )
* [Off by one overflow ](binary-exploitation/libc-heap/off-by-one-overflow.md )
* [House of Spirit ](binary-exploitation/libc-heap/house-of-spirit.md )
* [House of Lore | Small bin Attack ](binary-exploitation/libc-heap/house-of-lore.md )
* [House of Einherjar ](binary-exploitation/libc-heap/house-of-einherjar.md )
* [House of Force ](binary-exploitation/libc-heap/house-of-force.md )
* [House of Orange ](binary-exploitation/libc-heap/house-of-orange.md )
* [House of Rabbit ](binary-exploitation/libc-heap/house-of-rabbit.md )
* [House of Roman ](binary-exploitation/libc-heap/house-of-roman.md )
2024-04-06 16:25:58 +00:00
* [Common Binary Exploitation Protections & Bypasses ](binary-exploitation/common-binary-protections-and-bypasses/README.md )
* [ASLR ](binary-exploitation/common-binary-protections-and-bypasses/aslr/README.md )
* [Ret2plt ](binary-exploitation/common-binary-protections-and-bypasses/aslr/ret2plt.md )
* [Ret2ret & Reo2pop ](binary-exploitation/common-binary-protections-and-bypasses/aslr/ret2ret.md )
* [CET & Shadow Stack ](binary-exploitation/common-binary-protections-and-bypasses/cet-and-shadow-stack.md )
2024-04-23 19:32:50 +00:00
* [Libc Protections ](binary-exploitation/common-binary-protections-and-bypasses/libc-protections.md )
2024-04-06 16:25:58 +00:00
* [Memory Tagging Extension (MTE) ](binary-exploitation/common-binary-protections-and-bypasses/memory-tagging-extension-mte.md )
* [No-exec / NX ](binary-exploitation/common-binary-protections-and-bypasses/no-exec-nx.md )
* [PIE ](binary-exploitation/common-binary-protections-and-bypasses/pie/README.md )
* [BF Addresses in the Stack ](binary-exploitation/common-binary-protections-and-bypasses/pie/bypassing-canary-and-pie.md )
* [Relro ](binary-exploitation/common-binary-protections-and-bypasses/relro.md )
* [Stack Canaries ](binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/README.md )
* [BF Forked & Threaded Stack Canaries ](binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/bf-forked-stack-canaries.md )
* [Print Stack Canary ](binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/print-stack-canary.md )
* [Write What Where 2 Exec ](binary-exploitation/arbitrary-write-2-exec/README.md )
* [WWW2Exec - atexit() ](binary-exploitation/arbitrary-write-2-exec/www2exec-atexit.md )
* [WWW2Exec - .dtors & .fini\_array ](binary-exploitation/arbitrary-write-2-exec/www2exec-.dtors-and-.fini\_array.md )
* [WWW2Exec - GOT/PLT ](binary-exploitation/arbitrary-write-2-exec/aw2exec-got-plt.md )
2024-06-12 15:23:07 +00:00
* [WWW2Exec - \_\_malloc\_hook & \_\_free\_hook ](binary-exploitation/arbitrary-write-2-exec/aw2exec-\_\_malloc\_hook.md )
2024-04-06 16:25:58 +00:00
* [Common Exploiting Problems ](binary-exploitation/common-exploiting-problems.md )
* [Windows Exploiting (Basic Guide - OSCP lvl) ](binary-exploitation/windows-exploiting-basic-guide-oscp-lvl.md )
2024-11-05 18:38:21 +00:00
* [iOS Exploiting ](binary-exploitation/ios-exploiting.md )
2024-04-06 16:25:58 +00:00
## 🔩 Reversing
2022-05-01 16:04:05 +00:00
2022-05-01 16:17:23 +00:00
* [Reversing Tools & Basic Methods ](reversing/reversing-tools-basic-methods/README.md )
* [Angr ](reversing/reversing-tools-basic-methods/angr/README.md )
* [Angr - Examples ](reversing/reversing-tools-basic-methods/angr/angr-examples.md )
* [Z3 - Satisfiability Modulo Theories (SMT) ](reversing/reversing-tools-basic-methods/satisfiability-modulo-theories-smt-z3.md )
* [Cheat Engine ](reversing/reversing-tools-basic-methods/cheat-engine.md )
* [Blobrunner ](reversing/reversing-tools-basic-methods/blobrunner.md )
* [Common API used in Malware ](reversing/common-api-used-in-malware.md )
* [Word Macros ](reversing/word-macros.md )
2022-05-01 16:04:05 +00:00
## 🔮 Crypto & Stego
2024-04-06 16:25:58 +00:00
* [Cryptographic/Compression Algorithms ](crypto-and-stego/cryptographic-algorithms/README.md )
* [Unpacking binaries ](crypto-and-stego/cryptographic-algorithms/unpacking-binaries.md )
* [Certificates ](crypto-and-stego/certificates.md )
* [Cipher Block Chaining CBC-MAC ](crypto-and-stego/cipher-block-chaining-cbc-mac-priv.md )
* [Crypto CTFs Tricks ](crypto-and-stego/crypto-ctfs-tricks.md )
* [Electronic Code Book (ECB) ](crypto-and-stego/electronic-code-book-ecb.md )
* [Hash Length Extension Attack ](crypto-and-stego/hash-length-extension-attack.md )
* [Padding Oracle ](crypto-and-stego/padding-oracle-priv.md )
* [RC4 - Encrypt\&Decrypt ](crypto-and-stego/rc4-encrypt-and-decrypt.md )
* [Stego Tricks ](crypto-and-stego/stego-tricks.md )
* [Esoteric languages ](crypto-and-stego/esoteric-languages.md )
* [Blockchain & Crypto Currencies ](crypto-and-stego/blockchain-and-crypto-currencies.md )
2022-05-01 15:53:26 +00:00
2022-05-01 16:04:05 +00:00
## 🦂 C2
2022-05-01 15:53:26 +00:00
2024-04-06 16:25:58 +00:00
* [Salseo ](c2/salseo.md )
* [ICMPsh ](c2/icmpsh.md )
2022-08-12 22:50:15 +00:00
* [Cobalt Strike ](c2/cobalt-strike.md )
2022-05-01 15:53:26 +00:00
2024-02-23 15:34:31 +00:00
## ✍️ TODO
2022-05-01 15:53:26 +00:00
2024-04-06 16:25:58 +00:00
* [Other Big References ](todo/references.md )
2022-06-26 16:12:47 +00:00
* [Rust Basics ](todo/rust-basics.md )
2020-07-15 15:43:14 +00:00
* [More Tools ](todo/more-tools.md )
* [MISC ](todo/misc.md )
2024-04-06 16:25:58 +00:00
* [Pentesting DNS ](todo/pentesting-dns.md )
2022-03-08 23:18:28 +00:00
* [Hardware Hacking ](todo/hardware-hacking/README.md )
* [I2C ](todo/hardware-hacking/i2c.md )
* [UART ](todo/hardware-hacking/uart.md )
* [Radio ](todo/hardware-hacking/radio.md )
2022-03-11 23:33:08 +00:00
* [JTAG ](todo/hardware-hacking/jtag.md )
* [SPI ](todo/hardware-hacking/spi.md )
2024-04-27 16:34:43 +00:00
* [Industrial Control Systems Hacking ](todo/industrial-control-systems-hacking/README.md )
* [Modbus Protocol ](todo/industrial-control-systems-hacking/modbus.md )
2024-04-06 16:25:58 +00:00
* [Radio Hacking ](todo/radio-hacking/README.md )
* [Pentesting RFID ](todo/radio-hacking/pentesting-rfid.md )
2022-12-24 12:04:26 +00:00
* [Infrared ](todo/radio-hacking/infrared.md )
2022-12-25 00:27:08 +00:00
* [Sub-GHz RF ](todo/radio-hacking/sub-ghz-rf.md )
2022-12-24 19:19:02 +00:00
* [iButton ](todo/radio-hacking/ibutton.md )
2022-12-24 11:52:08 +00:00
* [Flipper Zero ](todo/radio-hacking/flipper-zero/README.md )
* [FZ - NFC ](todo/radio-hacking/flipper-zero/fz-nfc.md )
2022-12-25 00:27:08 +00:00
* [FZ - Sub-GHz ](todo/radio-hacking/flipper-zero/fz-sub-ghz.md )
2022-12-24 12:04:26 +00:00
* [FZ - Infrared ](todo/radio-hacking/flipper-zero/fz-infrared.md )
2022-12-24 19:19:02 +00:00
* [FZ - iButton ](todo/radio-hacking/flipper-zero/fz-ibutton.md )
2022-12-24 11:52:08 +00:00
* [FZ - 125kHz RFID ](todo/radio-hacking/flipper-zero/fz-125khz-rfid.md )
* [Proxmark 3 ](todo/radio-hacking/proxmark-3.md )
2022-11-13 10:12:25 +00:00
* [FISSURE - The RF Framework ](todo/radio-hacking/fissure-the-rf-framework.md )
2024-04-06 16:25:58 +00:00
* [Low-Power Wide Area Network ](todo/radio-hacking/low-power-wide-area-network.md )
* [Pentesting BLE - Bluetooth Low Energy ](todo/radio-hacking/pentesting-ble-bluetooth-low-energy.md )
2024-04-18 02:36:48 +00:00
* [Industrial Control Systems Hacking ](todo/industrial-control-systems-hacking/README.md )
2024-09-19 22:06:26 +00:00
* [Test LLMs ](todo/test-llms.md )
2024-09-23 11:13:38 +00:00
* [LLM Training ](todo/llm-training-data-preparation/README.md )
2024-09-19 16:14:00 +00:00
* [0. Basic LLM Concepts ](todo/llm-training-data-preparation/0.-basic-llm-concepts.md )
* [1. Tokenizing ](todo/llm-training-data-preparation/1.-tokenizing.md )
* [2. Data Sampling ](todo/llm-training-data-preparation/2.-data-sampling.md )
* [3. Token Embeddings ](todo/llm-training-data-preparation/3.-token-embeddings.md )
* [4. Attention Mechanisms ](todo/llm-training-data-preparation/4.-attention-mechanisms.md )
* [5. LLM Architecture ](todo/llm-training-data-preparation/5.-llm-architecture.md )
* [6. Pre-training & Loading models ](todo/llm-training-data-preparation/6.-pre-training-and-loading-models.md )
* [7.0. LoRA Improvements in fine-tuning ](todo/llm-training-data-preparation/7.0.-lora-improvements-in-fine-tuning.md )
* [7.1. Fine-Tuning for Classification ](todo/llm-training-data-preparation/7.1.-fine-tuning-for-classification.md )
* [7.2. Fine-Tuning to follow instructions ](todo/llm-training-data-preparation/7.2.-fine-tuning-to-follow-instructions.md )
2024-04-06 16:25:58 +00:00
* [Burp Suite ](todo/burp-suite.md )
* [Other Web Tricks ](todo/other-web-tricks.md )
* [Interesting HTTP ](todo/interesting-http.md )
* [Android Forensics ](todo/android-forensics.md )
2023-06-01 20:34:49 +00:00
* [TR-069 ](todo/tr-069.md )
2024-04-06 16:25:58 +00:00
* [6881/udp - Pentesting BitTorrent ](todo/6881-udp-pentesting-bittorrent.md )
* [Online Platforms with API ](todo/online-platforms-with-api.md )
* [Stealing Sensitive Information Disclosure from a Web ](todo/stealing-sensitive-information-disclosure-from-a-web.md )
* [Post Exploitation ](todo/post-exploitation.md )
2024-10-14 21:48:30 +00:00
* [Investment Terms ](todo/investment-terms.md )
2023-04-02 09:11:43 +00:00
* [Cookies Policy ](todo/cookies-policy.md )
