GITBOOK-4061: change request with no subject merged in GitBook

.gitbook/assets/websec (1).svg

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="300px" height="77px" viewBox="0 0 299 77" version="1.1">
+<g id="surface1">
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 138.042969 16.09375 C 137.605469 16.09375 137.226562 16.40625 137.148438 16.839844 C 136.703125 19.355469 136.234375 21.917969 135.742188 24.527344 C 135.191406 27.402344 134.628906 30.226562 134.042969 32.996094 C 133.457031 35.769531 132.863281 38.449219 132.261719 41.039062 C 131.65625 43.628906 131.046875 46.015625 130.441406 48.195312 C 129.527344 51.464844 126.289062 35.253906 121.789062 18.628906 C 121.683594 18.230469 121.324219 17.953125 120.914062 17.953125 L 116.121094 17.953125 C 115.710938 17.953125 115.351562 18.230469 115.246094 18.628906 C 110.746094 35.257812 106.59375 48.195312 106.59375 48.195312 C 105.984375 46.007812 105.378906 43.625 104.773438 41.035156 C 104.171875 38.449219 103.578125 35.769531 102.992188 32.992188 C 102.40625 30.222656 101.839844 27.398438 101.292969 24.523438 C 100.800781 21.914062 100.332031 19.351562 99.882812 16.835938 C 99.804688 16.402344 99.429688 16.089844 98.988281 16.089844 L 92.675781 16.089844 C 92.402344 16.089844 92.148438 16.210938 91.976562 16.421875 C 91.800781 16.628906 91.730469 16.90625 91.78125 17.171875 C 93.136719 24.394531 94.628906 31.347656 96.261719 38.035156 C 97.917969 44.828125 99.789062 51.328125 101.878906 57.53125 C 102.003906 57.898438 102.351562 58.148438 102.742188 58.148438 L 109.171875 58.148438 C 109.554688 58.148438 109.898438 57.90625 110.027344 57.542969 C 111.824219 52.519531 117.085938 36.066406 118.515625 31.382812 C 119.945312 36.066406 125.210938 52.527344 127.007812 57.542969 C 127.136719 57.90625 127.476562 58.148438 127.863281 58.148438 L 134.289062 58.148438 C 134.679688 58.148438 135.027344 57.898438 135.152344 57.53125 C 137.246094 51.324219 139.117188 44.824219 140.769531 38.027344 C 142.402344 31.34375 143.894531 24.394531 145.253906 17.175781 C 145.300781 16.910156 145.230469 16.632812 145.058594 16.425781 C 144.886719 16.214844 144.628906 16.09375 144.359375 16.09375 Z M 138.042969 16.09375 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 145.488281 42.433594 C 145.488281 39.640625 145.902344 37.191406 146.730469 35.089844 C 147.554688 32.988281 148.65625 31.238281 150.027344 29.839844 C 151.363281 28.46875 152.972656 27.394531 154.75 26.683594 C 156.480469 25.984375 158.332031 25.625 160.195312 25.625 C 164.554688 25.625 167.957031 26.980469 170.398438 29.6875 C 172.839844 32.398438 174.058594 36.445312 174.058594 41.828125 C 174.058594 42.234375 174.046875 42.6875 174.03125 43.191406 C 174.03125 43.371094 174.011719 43.546875 174.003906 43.710938 C 173.972656 44.1875 173.574219 44.5625 173.097656 44.558594 L 153.054688 44.558594 C 153.253906 47.109375 154.152344 49.085938 155.746094 50.480469 C 157.34375 51.878906 159.652344 52.578125 162.679688 52.578125 C 164.316406 52.589844 165.949219 52.429688 167.550781 52.089844 C 168.5 51.882812 169.332031 51.664062 170.019531 51.4375 C 170.273438 51.351562 170.550781 51.382812 170.777344 51.519531 C 171.007812 51.65625 171.164062 51.890625 171.203125 52.152344 L 171.886719 56.371094 C 171.953125 56.792969 171.714844 57.210938 171.316406 57.367188 C 171.027344 57.476562 170.699219 57.589844 170.332031 57.703125 C 169.535156 57.949219 168.726562 58.152344 167.910156 58.3125 C 167.003906 58.503906 166.023438 58.644531 164.972656 58.769531 C 163.90625 58.890625 162.835938 58.949219 161.765625 58.949219 C 158.976562 58.949219 156.558594 58.535156 154.5 57.703125 C 152.5625 56.957031 150.824219 55.773438 149.417969 54.246094 C 148.066406 52.738281 147.054688 50.957031 146.453125 49.027344 C 145.785156 46.894531 145.460938 44.667969 145.488281 42.433594 Z M 166.734375 39.15625 C 166.738281 38.179688 166.59375 37.207031 166.308594 36.273438 C 166.050781 35.414062 165.632812 34.609375 165.070312 33.90625 C 164.53125 33.242188 163.851562 32.703125 163.078125 32.328125 C 162.195312 31.925781 161.234375 31.730469 160.265625 31.757812 C 159.238281 31.730469 158.21875 31.945312 157.292969 32.382812 C 156.46875 32.789062 155.738281 33.355469 155.144531 34.054688 C 154.550781 34.753906 154.089844 35.554688 153.78125 36.421875 C 153.457031 37.304688 153.234375 38.21875 153.113281 39.152344 Z M 166.734375 39.15625 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 207.203125 42.3125 C 207.203125 44.863281 206.832031 47.160156 206.085938 49.203125 C 205.390625 51.15625 204.300781 52.945312 202.875 54.453125 C 201.460938 55.925781 199.734375 57.066406 197.824219 57.789062 C 195.84375 58.550781 193.605469 58.9375 191.105469 58.941406 C 188.78125 58.953125 186.460938 58.769531 184.167969 58.398438 C 182.546875 58.144531 180.941406 57.800781 179.359375 57.378906 C 178.964844 57.269531 178.691406 56.910156 178.691406 56.5 L 178.691406 14.378906 C 178.691406 13.933594 179.011719 13.554688 179.449219 13.480469 L 184.960938 12.570312 C 185.222656 12.523438 185.492188 12.601562 185.695312 12.773438 C 185.898438 12.945312 186.015625 13.199219 186.015625 13.464844 L 186.015625 27.503906 C 187.015625 27 188.058594 26.589844 189.136719 26.289062 C 190.464844 25.910156 191.839844 25.726562 193.222656 25.742188 C 195.441406 25.742188 197.429688 26.136719 199.183594 26.925781 C 200.894531 27.679688 202.402344 28.835938 203.574219 30.292969 C 204.796875 31.855469 205.710938 33.636719 206.269531 35.542969 C 206.914062 37.742188 207.230469 40.023438 207.203125 42.3125 Z M 199.699219 42.191406 C 199.699219 39.078125 199.082031 36.609375 197.855469 34.789062 C 196.625 32.96875 194.675781 32.058594 192.011719 32.054688 C 189.886719 32.0625 187.8125 32.675781 186.019531 33.816406 L 186.019531 52.085938 C 186.6875 52.230469 187.367188 52.34375 188.046875 52.417969 C 189.042969 52.53125 190.042969 52.582031 191.042969 52.570312 C 193.746094 52.570312 195.863281 51.648438 197.398438 49.808594 C 198.933594 47.96875 199.699219 45.429688 199.699219 42.191406 Z M 199.699219 42.191406 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(89.803922%,16.078431%,28.627451%);fill-opacity:1;" d="M 70.214844 39.941406 L 52.527344 63.882812 L 45.558594 54.449219 L 40.503906 47.609375 L 28.039062 30.738281 C 25.613281 27.441406 24.300781 23.453125 24.289062 19.355469 L 24.289062 8.148438 L 56.714844 8.148438 L 56.714844 19.355469 C 56.707031 23.453125 55.394531 27.441406 52.96875 30.738281 L 43.847656 43.074219 C 43.449219 43.617188 43.449219 44.355469 43.847656 44.898438 L 47.570312 49.917969 C 47.726562 50.132812 47.976562 50.257812 48.242188 50.257812 C 48.507812 50.257812 48.757812 50.132812 48.914062 49.917969 L 59.5 35.589844 C 62.960938 30.886719 64.832031 25.199219 64.847656 19.355469 L 64.847656 0.953125 C 64.847656 0.425781 64.421875 0 63.894531 0 L 17.121094 0 C 16.59375 0 16.171875 0.425781 16.171875 0.953125 L 16.171875 19.351562 C 16.183594 25.195312 18.054688 30.878906 21.515625 35.582031 L 35.453125 54.441406 L 28.488281 63.871094 L 10.792969 39.941406 C 9.890625 38.722656 8.46875 38.003906 6.953125 38.003906 L 0.910156 38.003906 C 0.597656 38.003906 0.308594 38.183594 0.167969 38.464844 C 0.0273438 38.746094 0.0546875 39.082031 0.238281 39.335938 L 27.8125 76.660156 C 27.96875 76.875 28.21875 77 28.480469 77 C 28.746094 77 28.996094 76.875 29.152344 76.660156 L 37.828125 64.917969 L 39.15625 63.109375 L 40.496094 61.296875 L 51.847656 76.660156 C 52.007812 76.875 52.253906 77 52.519531 77 C 52.785156 77 53.035156 76.875 53.191406 76.660156 L 80.757812 39.34375 C 80.945312 39.089844 80.96875 38.75 80.828125 38.46875 C 80.6875 38.191406 80.402344 38.011719 80.085938 38.007812 L 74.050781 38.007812 C 72.539062 38.007812 71.117188 38.726562 70.214844 39.941406 Z M 70.214844 39.941406 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 222.210938 52.449219 C 224.953125 52.449219 226.949219 51.984375 228.203125 51.054688 C 229.457031 50.125 230.082031 48.808594 230.078125 47.109375 C 230.105469 46.199219 229.882812 45.296875 229.441406 44.496094 C 228.976562 43.722656 228.359375 43.054688 227.628906 42.527344 C 226.730469 41.875 225.765625 41.328125 224.75 40.886719 C 223.621094 40.378906 222.332031 39.882812 220.878906 39.398438 C 219.425781 38.875 218.019531 38.296875 216.667969 37.667969 C 215.367188 37.074219 214.164062 36.289062 213.097656 35.332031 C 212.0625 34.394531 211.21875 33.265625 210.613281 32.003906 C 209.992188 30.707031 209.675781 29.148438 209.675781 27.328125 C 209.675781 23.527344 210.988281 20.542969 213.613281 18.375 C 216.238281 16.207031 219.808594 15.128906 224.328125 15.136719 C 226.949219 15.136719 229.28125 15.429688 231.320312 16.019531 C 232.722656 16.402344 234.09375 16.914062 235.40625 17.542969 C 235.828125 17.75 236.019531 18.246094 235.847656 18.6875 L 234.140625 23.179688 C 234.050781 23.414062 233.871094 23.601562 233.636719 23.695312 C 233.40625 23.792969 233.144531 23.785156 232.917969 23.679688 C 231.75 23.117188 230.527344 22.675781 229.265625 22.367188 C 227.609375 21.960938 225.914062 21.757812 224.210938 21.761719 C 222.152344 21.761719 220.550781 22.1875 219.398438 23.035156 C 218.246094 23.886719 217.671875 25.078125 217.671875 26.617188 C 217.648438 27.453125 217.84375 28.28125 218.242188 29.015625 C 218.660156 29.71875 219.214844 30.328125 219.878906 30.808594 C 220.65625 31.375 221.484375 31.863281 222.359375 32.265625 C 223.308594 32.710938 224.347656 33.132812 225.480469 33.539062 C 227.457031 34.265625 229.222656 35.003906 230.777344 35.753906 C 232.21875 36.425781 233.550781 37.328125 234.710938 38.421875 C 235.777344 39.441406 236.617188 40.671875 237.171875 42.039062 C 237.738281 43.4375 238.019531 45.128906 238.019531 47.109375 C 238.019531 50.917969 236.679688 53.863281 233.996094 55.941406 C 231.308594 58.019531 227.382812 59.058594 222.214844 59.066406 C 220.625 59.078125 219.039062 58.964844 217.464844 58.734375 C 216.179688 58.542969 214.90625 58.269531 213.652344 57.914062 C 212.675781 57.636719 211.714844 57.304688 210.777344 56.914062 C 210.320312 56.722656 209.910156 56.53125 209.558594 56.355469 C 209.144531 56.152344 208.949219 55.667969 209.105469 55.230469 L 210.734375 50.6875 C 210.820312 50.445312 211.003906 50.253906 211.238281 50.15625 C 211.476562 50.058594 211.742188 50.066406 211.972656 50.175781 C 213.121094 50.703125 214.296875 51.160156 215.5 51.539062 C 217.347656 52.148438 219.585938 52.453125 222.210938 52.449219 Z M 222.210938 52.449219 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 241.921875 42.433594 C 241.921875 39.640625 242.335938 37.191406 243.164062 35.089844 C 243.988281 32.984375 245.089844 31.234375 246.464844 29.839844 C 247.796875 28.46875 249.40625 27.390625 251.183594 26.683594 C 252.917969 25.984375 254.765625 25.621094 256.632812 25.621094 C 260.992188 25.621094 264.394531 26.976562 266.835938 29.6875 C 269.277344 32.398438 270.496094 36.445312 270.496094 41.828125 C 270.496094 42.230469 270.488281 42.6875 270.46875 43.191406 C 270.46875 43.371094 270.449219 43.546875 270.441406 43.714844 C 270.410156 44.191406 270.011719 44.5625 269.535156 44.558594 L 249.480469 44.558594 C 249.683594 47.109375 250.582031 49.085938 252.179688 50.480469 C 253.78125 51.878906 256.089844 52.578125 259.113281 52.578125 C 260.75 52.589844 262.386719 52.429688 263.988281 52.089844 C 264.953125 51.878906 265.785156 51.65625 266.480469 51.429688 C 266.730469 51.347656 267.003906 51.382812 267.230469 51.519531 C 267.453125 51.660156 267.605469 51.890625 267.644531 52.148438 L 268.324219 56.371094 C 268.394531 56.796875 268.15625 57.210938 267.753906 57.363281 C 267.46875 57.472656 267.140625 57.589844 266.769531 57.703125 C 265.972656 57.949219 265.164062 58.152344 264.347656 58.3125 C 263.441406 58.496094 262.460938 58.648438 261.414062 58.769531 C 260.347656 58.890625 259.277344 58.949219 258.203125 58.949219 C 255.417969 58.949219 252.996094 58.535156 250.9375 57.703125 C 249 56.957031 247.261719 55.773438 245.851562 54.246094 C 244.503906 52.738281 243.492188 50.957031 242.886719 49.023438 C 242.222656 46.890625 241.898438 44.667969 241.921875 42.433594 Z M 263.171875 39.15625 C 263.175781 38.179688 263.035156 37.207031 262.75 36.273438 C 262.492188 35.410156 262.070312 34.609375 261.507812 33.90625 C 260.964844 33.238281 260.28125 32.699219 259.507812 32.328125 C 258.625 31.925781 257.664062 31.730469 256.695312 31.753906 C 255.667969 31.726562 254.648438 31.945312 253.71875 32.382812 C 252.898438 32.789062 252.167969 33.355469 251.570312 34.054688 C 250.976562 34.753906 250.515625 35.554688 250.210938 36.421875 C 249.886719 37.304688 249.664062 38.21875 249.542969 39.152344 Z M 263.171875 39.15625 "/>
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 274.390625 42.3125 C 274.375 40.070312 274.742188 37.84375 275.480469 35.726562 C 276.160156 33.765625 277.21875 31.960938 278.601562 30.414062 C 279.976562 28.898438 281.660156 27.699219 283.539062 26.894531 C 285.476562 26.042969 287.65625 25.621094 290.078125 25.621094 C 292.710938 25.605469 295.320312 26.0625 297.792969 26.964844 C 298.230469 27.128906 298.46875 27.597656 298.347656 28.046875 L 297.234375 32.289062 C 297.171875 32.535156 297.011719 32.742188 296.789062 32.859375 C 296.570312 32.976562 296.308594 33 296.070312 32.914062 C 295.425781 32.695312 294.769531 32.507812 294.105469 32.359375 C 292.980469 32.109375 291.835938 31.988281 290.6875 31.992188 C 287.816406 31.992188 285.640625 32.894531 284.148438 34.695312 C 282.65625 36.496094 281.910156 39.035156 281.910156 42.316406 C 281.910156 45.46875 282.613281 47.96875 284.027344 49.8125 C 285.4375 51.65625 287.820312 52.574219 291.171875 52.574219 C 292.410156 52.574219 293.648438 52.453125 294.863281 52.207031 C 295.589844 52.066406 296.308594 51.882812 297.019531 51.660156 C 297.269531 51.578125 297.542969 51.609375 297.765625 51.746094 C 297.992188 51.882812 298.148438 52.109375 298.191406 52.367188 L 298.921875 56.664062 C 298.996094 57.089844 298.761719 57.507812 298.363281 57.664062 C 297.390625 58.011719 296.394531 58.277344 295.378906 58.460938 C 293.710938 58.789062 292.019531 58.949219 290.324219 58.945312 C 287.617188 58.945312 285.265625 58.53125 283.269531 57.703125 C 281.371094 56.945312 279.675781 55.761719 278.304688 54.242188 C 276.957031 52.710938 275.953125 50.910156 275.359375 48.957031 C 274.699219 46.804688 274.371094 44.5625 274.390625 42.3125 Z M 274.390625 42.3125 "/>
+</g>
+</svg>

README.md

@@ -16,13 +16,13 @@ To get started follow this page where you will find the **typical flow** that **
 
 ## Platinum Sponsors
 
-_Your company could be here_
+_Your company could be here._
 
 ## Corporate Sponsors
 
 ### [STM Cyber](https://www.stmcyber.com)
 
-![](<.gitbook/assets/image (642) (1) (1) (1).png>)
+<figure><img src=".gitbook/assets/stm (1).png" alt=""><figcaption></figcaption></figure>
 
 [**STM Cyber**](https://www.stmcyber.com) is a great cybersecurity company whose slogan is **HACK THE UNHACKABLE**. They perform their own research and develop their own hacking tools to **offer several valuable cybersecurity services** like pentesting, Red teams and training.
 
@@ -32,7 +32,7 @@ You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stm
 
 ### [RootedCON](https://www.rootedcon.com/)
 
-<figure><img src=".gitbook/assets/image (1) (3) (3).png" alt=""><figcaption></figcaption></figure>
+<figure><img src=".gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
 
 [**RootedCON**](https://www.rootedcon.com) is the most relevant cybersecurity event in **Spain** and one of the most important in **Europe**. With **the mission of promoting technical knowledge**, this congress is a boiling meeting point for technology and cybersecurity professionals in every discipline.
 
@@ -40,7 +40,7 @@ You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stm
 
 ### [Intigriti](https://www.intigriti.com)
 
-![](.gitbook/assets/i3.png)
+<figure><img src=".gitbook/assets/image (2).png" alt=""><figcaption></figcaption></figure>
 
 **Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.**
 
@@ -50,7 +50,7 @@ You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stm
 
 ### [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks)
 
-<figure><img src=".gitbook/assets/image (9) (1) (2).png" alt=""><figcaption></figcaption></figure>
+<figure><img src=".gitbook/assets/image (3).png" alt=""><figcaption></figcaption></figure>
 
 \
 Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) to easily build and **automate workflows** powered by the world's **most advanced** community tools.
@@ -61,7 +61,7 @@ Get Access Today:
 
 ### [Intruder](https://www.intruder.io/?utm\_source=referral\&utm\_campaign=hacktricks)
 
-<figure><img src=".gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
+<figure><img src=".gitbook/assets/image (4).png" alt=""><figcaption></figcaption></figure>
 
 Stay a step ahead in the cybersecurity game.
 
@@ -75,7 +75,7 @@ Intruder never rests. Round-the-clock protection monitors your systems 24/7. Wan
 
 ### [HACKENPROOF](https://bit.ly/3xrrDrL)
 
-<figure><img src=".gitbook/assets/image (1) (3) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src=".gitbook/assets/image (5).png" alt=""><figcaption></figcaption></figure>
 
 **HackenProof is home to all crypto bug bounties.**
 
@@ -92,11 +92,9 @@ Gain reputation points with each verified bug and conquer the top of the weekly
 
 {% embed url="https://hackenproof.com/register" %}
 
-\---
-
 ### [WebSec](https://websec.nl/)
 
-<figure><img src=".gitbook/assets/logo.svg" alt=""><figcaption></figcaption></figure>
+<figure><img src=".gitbook/assets/websec (1).svg" alt=""><figcaption></figcaption></figure>
 
 [**WebSec**](https://websec.nl) is a professional cybersecurity company based in **Amsterdam** which helps **protecting** businesses **all over the world** against the latest cybersecurity threats by providing **offensive-security services** with a **modern** approach.
 
@@ -116,13 +114,7 @@ In addition to the above WebSec is also a **committed supporter of HackTricks.**
 
 [**DragonJAR es una empresa líder en ciberseguridad ofensiva**](https://www.dragonjar.org/) **ubicada en Colombia**, DragonJAR ofrece [servicios integrales de seguridad informática ofensiva, como **pentesting**](https://www.dragonjar.org/servicios-de-seguridad-informatica) en diversas áreas y prácticamente **cualquier tecnología**, simulaciones de ataque **Red Team**, pruebas de seguridad **física**, **pruebas de estrés**, ingeniería social, revisión de seguridad en **código fuente** y capacitación en seguridad informática. Asimismo, organiza la **DragonJAR Security Conference**, [un congreso internacional de seguridad informática](https://www.dragonjarcon.org/) que se ha realizado durante más de una década, convirtiéndose en el escaparate para las últimas investigaciones de seguridad en español y de gran relevancia en la región.
 
-### [SYN CUBES](https://www.syncubes.com/)
 
-<figure><img src=".gitbook/assets/image (10) (2) (1).png" alt=""><figcaption></figcaption></figure>
-
-**Security Skills as a Service** platform bridges the current skill set gap by combining **global offensive security talent with smart automation**, providing real-time data you need to make informed decisions.
-
-{% embed url="https://www.syncubes.com/" %}
 
 ## License
 

backdoors/salseo.md

@@ -99,13 +99,13 @@ Open the SalseoLoader project using Visual Studio.
 
 ### Add before the main function: \[DllExport]
 
-![](<../.gitbook/assets/image (2) (1) (1) (1) (1) (1) (1).png>)
+![](<../.gitbook/assets/image (2) (1) (1) (1) (1) (1) (1) (1).png>)
 
 ### Install DllExport for this project
 
 #### **Tools** --> **NuGet Package Manager** --> **Manage NuGet Packages for Solution...**
 
-![](<../.gitbook/assets/image (3) (1) (1) (1) (1) (1) (1).png>)
+![](<../.gitbook/assets/image (3) (1) (1) (1) (1) (1) (1) (1).png>)
 
 #### **Search for DllExport package (using Browse tab), and press Install (and accept the popup)**
 

forensics/basic-forensic-methodology/specific-software-file-type-tricks/.pyc.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -231,7 +231,7 @@ C:\Users\test\Desktop\test>pyinstaller --onefile hello.py
 
 * [https://blog.f-secure.com/how-to-decompile-any-python-binary/](https://blog.f-secure.com/how-to-decompile-any-python-binary/)
 
-<img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

macos-hardening/macos-red-teaming/README.md

@@ -49,11 +49,11 @@ You could use the script [**JamfSniper.py**](https://github.com/WithSecureLabs/J
 
 Moreover, after finding proper credentials you could be able to brute-force other usernames with the next form:
 
-![](<../../.gitbook/assets/image (7).png>)
+![](<../../.gitbook/assets/image (7) (1).png>)
 
 #### JAMF device Authentication
 
-<figure><img src="../../.gitbook/assets/image (2) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (2) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 The **`jamf`** binary contained the secret to open the keychain which at the time of the discovery was **shared** among everybody and it was: **`jk23ucnq91jfu9aj`**.\
 Moreover, jamf **persist** as a **LaunchDaemon** in **`/Library/LaunchAgents/com.jamf.management.agent.plist`**

macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-ipc-inter-process-communication/macos-pid-reuse.md

@@ -23,7 +23,7 @@ This function will make the **allowed binary own the PID** but the **malicious X
 If you find the function **`shouldAcceptNewConnection`** or a function called by it **calling** **`processIdentifier`** and not calling **`auditToken`**. It highly probable means that it's v**erifying the process PID** and not the audit token.\
 Like for example in this image (taken from the reference):
 
-<figure><img src="../../../../.gitbook/assets/image (4) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../../.gitbook/assets/image (4) (1) (1) (1) (2).png" alt=""><figcaption></figcaption></figure>
 
 Check this example exploit (again, taken from the reference) to see the 2 parts of the exploit:
 

macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-kernel-extensions.md

@@ -22,7 +22,7 @@ Obviamente, esto es tan poderoso que es complicado cargar una extensión de kern
 
 * Al entrar en **modo de recuperación**, las extensiones de kernel deben estar **permitidas para ser cargadas**:
 
-<figure><img src="../../../.gitbook/assets/image (2) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (2) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 * La extensión de kernel debe estar **firmada con un certificado de firma de código de kernel**, que solo puede ser otorgado por **Apple**. Quien revisará en detalle la **empresa** y las **razones** por las que se necesita.
 * La extensión de kernel también debe estar **notarizada**, Apple podrá verificarla en busca de malware.

macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/universal-binaries-and-mach-o-format.md

@@ -76,7 +76,7 @@ fat_magic FAT_MAGIC
 
 or using the [Mach-O View](https://sourceforge.net/projects/machoview/) tool:
 
-<figure><img src="../../../.gitbook/assets/image (5) (1) (1) (3).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (5) (1) (1) (3) (1).png" alt=""><figcaption></figcaption></figure>
 
 As you may be thinking usually a universal binary compiled for 2 architectures **doubles the size** of one compiled for just 1 arch.
 
@@ -203,7 +203,7 @@ Example of **section header**:
 
 If you **add** the **section offset** (0x37DC) + the **offset** where the **arch starts**, in this case `0x18000` --> `0x37DC + 0x18000 = 0x1B7DC`
 
-<figure><img src="../../../.gitbook/assets/image (3) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (3) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 It's also possible to get **headers information** from the **command line** with:
 

macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-.net-applications-injection.md

@@ -21,7 +21,7 @@ It creates a 2 of names pipes per .Net process in [dbgtransportsession.cpp#L127]
 
 So, if you go to the users **`$TMPDIR`** you will be able to find **debugging fifos** you could use to debug .Net applications:
 
-<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 The function [**DbgTransportSession::TransportWorker**](https://github.com/dotnet/runtime/blob/0633ecfb79a3b2f1e4c098d1dd0166bc1ae41739/src/coreclr/debug/shared/dbgtransportsession.cpp#L1259) will handle the communication from a debugger.
 

macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses.md

@@ -149,7 +149,7 @@ $> ls ~/Documents
 
 Notes had access to TCC protected locations but when a note is created this is **created in a non-protected location**. So, you could ask notes to copy a protected file in a noe (so in a non-protected location) and then access the file:
 
-<figure><img src="../../../../.gitbook/assets/image (6).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../../.gitbook/assets/image (6) (1).png" alt=""><figcaption></figcaption></figure>
 
 ### CVE-2021-XXXX - Translocation
 

mobile-pentesting/android-app-pentesting/avd-android-virtual-device.md

@@ -270,19 +270,19 @@ Explained in [**this video**](https://www.youtube.com/watch?v=qQicUW0svB8) you n
 
 1. **Install a CA certificate**: Just **drag\&drop** the DER Burp certificate **changing the extension** to `.crt` in the mobile so it's stored in the Downloads folder and go to `Install a certificate` -> `CA certificate`
 
-<figure><img src="../../.gitbook/assets/image (1).png" alt="" width="164"><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (1) (1).png" alt="" width="164"><figcaption></figcaption></figure>
 
 * Check that the certificate was correctly stored going to `Trusted credentials` -> `USER`
 
-<figure><img src="../../.gitbook/assets/image (1) (1).png" alt="" width="334"><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (1) (1) (1).png" alt="" width="334"><figcaption></figcaption></figure>
 
 2. **Make it System trusted**: Download the Magisc module [MagiskTrustUserCerts](https://github.com/NVISOsecurity/MagiskTrustUserCerts) (a .zip file), **drag\&drop it** in the phone, go to the **Magics app** in the phone to the **`Modules`** section, click on **`Install from storage`**, select the `.zip` module and once installed **reboot** the phone:
 
-<figure><img src="../../.gitbook/assets/image (2).png" alt="" width="345"><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (2) (1).png" alt="" width="345"><figcaption></figcaption></figure>
 
 * After rebooting, go to `Trusted credentials` -> `SYSTEM` and check the Postswigger cert is there
 
-<figure><img src="../../.gitbook/assets/image (3).png" alt="" width="314"><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (3) (1).png" alt="" width="314"><figcaption></figcaption></figure>
 
 ## Nice AVD Options
 

mobile-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-1.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -149,7 +149,7 @@ You can see that in [the next tutorial](frida-tutorial-2.md).
 
 
 
-<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

mobile-pentesting/xamarin-apps.md

@@ -18,7 +18,7 @@ Xamarin is an open-source platform that gives developers access to a comprehensi
 
 ### Xamarin Android Architecture 
 
-<figure><img src="../.gitbook/assets/image (3) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (3) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 Xamarin offers .NET bindings to Android.\* and Java.\* namespaces. Xamarin.
 
@@ -36,7 +36,7 @@ It runs along with the Objective-C Runtime. The runtime environments run on top
 
 The below-given diagram depicts this architecture:
 
-<figure><img src="../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 ### What is .Net Runtime and Mono Framework?
 
@@ -72,7 +72,7 @@ If you encounter a Full AOT compiled application, and if the IL Assembly files a
 
 Just **unzip the apk/ipa** file and copy all the files present under the assemblies directory:
 
-<figure><img src="../.gitbook/assets/image (2) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (2) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 In case of Android **APKs these dll files are compressed** and cannot be directly used for decompilation. Luckily there are tools out there that we can use to **uncompress these dll files** like [XamAsmUnZ](https://github.com/cihansol/XamAsmUnZ) and [xamarin-decompress](https://github.com/NickstaDB/xamarin-decompress).
 
@@ -84,7 +84,7 @@ In the case of the iOS, **dll files inside the IPA files can be directly loaded*
 
 **Most of the application code can be found when we decompile the dll files.**  Also note that Xamarin Framework based apps contain 90% of common code in the builds of all platforms like iOS and Android etc.&#x20;
 
-<figure><img src="../.gitbook/assets/image (3) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 From the above screenshot of listing the dll files that were present in the apk, we can confirm that it is a Xamarin app. It contains app-specific dll files along with the library files that are required for the app to run, such as `Xamarin.Essentails.dll` or `Mono.Security.dll` .
 

network-services-pentesting/15672-pentesting-rabbitmq-management.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -60,7 +60,7 @@ Content-Length: 267
 
 * `port:15672 http`
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

network-services-pentesting/pentesting-postgresql.md

@@ -489,7 +489,7 @@ In[ this **writeup**](https://www.wiz.io/blog/the-cloud-has-an-isolation-problem
 
 When you try to **make another user owner of a table** you should get an **error** preventing it, but apparently GCP gave that **option to the not-superuser postgres user** in GCP:
 
-<figure><img src="../.gitbook/assets/image (4) (1) (1) (1) (2).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (4) (1) (1) (1) (2) (1).png" alt=""><figcaption></figcaption></figure>
 
 Joining this idea with the fact that when the **INSERT/UPDATE/**[**ANALYZE**](https://www.postgresql.org/docs/13/sql-analyze.html) commands are executed on a **table with an index function**, the **function** is **called** as part of the command with the **table** **owner’s permissions**. It's possible to create an index with a function and give owner permissions to a **super user** over that table, and then run ANALYZE over the table with the malicious function that will be able to execute commands because it's using the privileges of the owner.
 

network-services-pentesting/pentesting-ssh.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -313,7 +313,7 @@ id_rsa
 * You can find interesting guides on how to harden SSH in [https://www.ssh-audit.com/hardening\_guides.html](https://www.ssh-audit.com/hardening\_guides.html)
 * [https://community.turgensec.com/ssh-hacking-guide](https://community.turgensec.com/ssh-hacking-guide)
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

network-services-pentesting/pentesting-web/jboss.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -40,7 +40,7 @@ You can expose **management servlets** via the following paths within JBoss (dep
 inurl:status EJInvokerServlet
 ```
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

network-services-pentesting/pentesting-web/moodle.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -120,7 +120,7 @@ find / -name "config.php" 2>/dev/null | grep "moodle/config.php"
 /usr/local/bin/mysql -u <username> --password=<password> -e "use moodle; select email,username,password from mdl_user; exit"
 ```
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

pentesting-web/crlf-0d-0a.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -194,7 +194,7 @@ If a plarform is taking **data from an HTTP request and using it without sanitiz
 
 For example, in the original discovered vuln, cache keys were used to return the IP and port a user shuold connect to, and attackers were able to **inject memcache comands** that would **poison** the **cache to send the vistims details** (usrnames and passwords included) to the attacker servers:
 
-<figure><img src="../.gitbook/assets/image (6) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (6) (1) (4).png" alt=""><figcaption></figcaption></figure>
 
 Moreover, researchers also discovered that they could desync the memcache responses to send the attackers ip and ports to users whose email the attacker didn't know:
 
@@ -249,7 +249,7 @@ The best prevention technique is to not use users input directly inside response
 * [**https://www.acunetix.com/websitesecurity/crlf-injection/**](https://www.acunetix.com/websitesecurity/crlf-injection/)
 * [**https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning**](https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning)
 
-<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

pentesting-web/deserialization/exploiting-__viewstate-parameter.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -237,7 +237,7 @@ out of band request with the current username
 * [**https://soroush.secproject.com/blog/2019/04/exploiting-deserialisation-in-asp-net-via-viewstate/**](https://soroush.secproject.com/blog/2019/04/exploiting-deserialisation-in-asp-net-via-viewstate/)
 * [**https://blog.blacklanternsecurity.com/p/introducing-badsecrets**](https://blog.blacklanternsecurity.com/p/introducing-badsecrets)
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

pentesting-web/file-inclusion/phar-deserialization.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -89,7 +89,7 @@ php vuln.php
 
 {% embed url="https://blog.ripstech.com/2018/new-php-exploitation-technique/" %}
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

pentesting-web/race-condition.md

@@ -24,7 +24,7 @@ Get Access Today:
 
 The main problem of abusing RC's is that you need the requests to be processed in parallel with a very short time difference(usually >1ms). In the following section, different solutions are proposed for making this possible.
 
-<figure><img src="../.gitbook/assets/image (5).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (5) (1).png" alt=""><figcaption></figcaption></figure>
 
 ### Single-packet attack (HTTP/2) / Last-byte sync (HTTP/1.1)
 
@@ -52,7 +52,7 @@ Note that It **doesn't work for static files** on certain servers but as static
 
 Using this technique, you can make 20-30 requests arrive at the server simultaneously - regardless of network jitter:
 
-<figure><img src="../.gitbook/assets/image (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 **Adapting to the target architecture**
 
@@ -72,13 +72,13 @@ If connection warming doesn't make any difference, there are various solutions t
 
 Using Turbo Intruder, you can introduce a short client-side delay. However, as this involves splitting your actual attack requests across multiple TCP packets, you won't be able to use the single-packet attack technique. As a result, on high-jitter targets, the attack is unlikely to work reliably regardless of what delay you set.
 
-<figure><img src="../.gitbook/assets/image (2) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (2) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 Instead, you may be able to solve this problem by abusing a common security feature.
 
 Web servers often **delay the processing of requests if too many are sent too quickly**. By sending a large number of dummy requests to intentionally trigger the rate or resource limit, you may be able to cause a suitable server-side delay. This makes the single-packet attack viable even when delayed execution is required.
 
-<figure><img src="../.gitbook/assets/image (3) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (3) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 {% hint style="warning" %}
 For more information about this technique check the original report in [https://portswigger.net/research/smashing-the-state-machine](https://portswigger.net/research/smashing-the-state-machine)
@@ -88,7 +88,7 @@ For more information about this technique check the original report in [https://
 
 * **Tubo Intruder - HTTP2 single-packet attack (1 endpoint)**: You can send the request to **Turbo intruder** (`Extensions` -> `Turbo Intruder` -> `Send to Turbo Intruder`), you can change in the request the value you want to brute force for **`%s`** like in `csrf=Bn9VQB8OyefIs3ShR2fPESR0FzzulI1d&username=carlos&password=%s` and then select the **`examples/race-single-packer-attack.py`** from the drop down:
 
-<figure><img src="../.gitbook/assets/image (4).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (4) (1).png" alt=""><figcaption></figcaption></figure>
 
 If you are going to **send different values**, you could modify the code with this one that uses a wordlist from the clipboard:
 
@@ -141,7 +141,7 @@ Content-Length: 0
   * For **delaying** the process **between** processing **one request and another** in a 2 substates steps, you could **add extra requests between** both requests.
   * For a **multi-endpoint** RC you could start sending the **request** that **goes to the hidden state** and then **50 requests** just after it that **exploits the hidden state**.
 
-<figure><img src="../.gitbook/assets/image (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 ### Raw BF
 
@@ -238,7 +238,7 @@ Operations that edit existing data (such as changing an account's primary email
 
 Most endpoints operate on a specific record, which is looked up using a 'key', such as a username, password reset token, or filename. For a successful attack, we need two operations that use the same key. For example, picture two plausible password reset implementations:
 
-<figure><img src="../.gitbook/assets/image (2) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../.gitbook/assets/image (2) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 2. **Probe for clues**
 

pentesting-web/xss-cross-site-scripting/dom-invader.md

@@ -31,7 +31,7 @@ In the Burp's builtin browser go to the **Burp extension** and enable it:
 
 Noe refresh the page and in the **Dev Tools** you will find the **DOM Invader tab:**
 
-<figure><img src="../../.gitbook/assets/image (3) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (3) (1) (1) (1) (1) (1).png" alt=""><figcaption></figcaption></figure>
 
 ### Inject a Canary
 
@@ -69,7 +69,7 @@ You can click each message to view more detailed information about it, including
 
 DOM Invader can also search for **Prototype Pollution vulnerabilities**. First, you need to enable it:
 
-<figure><img src="../../.gitbook/assets/image (5) (1) (1).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../.gitbook/assets/image (5) (1) (1) (3).png" alt=""><figcaption></figcaption></figure>
 
 Then, it will **search for sources** that enable you to add arbitrary properties to the **`Object.prototype`**.
 

windows-hardening/active-directory-methodology/ad-certificates/domain-escalation.md

@@ -579,7 +579,7 @@ If we try to authenticate with the certificate and `-ldap-shell`, we will notice
 
 One of the available commands for the LDAP shell is `set_rbcd` which will set Resource-Based Constrained Delegation (RBCD) on the target. So we could perform a RBCD attack to compromise the domain controller.
 
-<figure><img src="../../../.gitbook/assets/image (7) (1) (2).png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/image (7) (1) (2) (2).png" alt=""><figcaption></figcaption></figure>
 
 Alternatively, we can also compromise any user account where there is no `userPrincipalName` set or where the `userPrincipalName` doesn’t match the `sAMAccountName` of that account. From my own testing, the default domain administrator `Administrator@corp.local` doesn’t have a `userPrincipalName` set by default, and this account should by default have more privileges in LDAP than domain controllers.
 

windows-hardening/active-directory-methodology/silver-ticket.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -168,7 +168,7 @@ mimikatz(commandline) # lsadump::dcsync /dc:pcdc.domain.local /domain:domain.loc
 [dcsync.md](dcsync.md)
 {% endcontent-ref %}
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

windows-hardening/windows-local-privilege-escalation/dll-hijacking.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -243,7 +243,7 @@ BOOL APIENTRY DllMain (HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReser
 }
 ```
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 

windows-hardening/windows-local-privilege-escalation/privilege-escalation-with-autorun-binaries.md

@@ -12,7 +12,7 @@
 
 </details>
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).
 
@@ -351,7 +351,7 @@ Find more Autoruns like registries in [https://www.microsoftpressstore.com/artic
 * [https://attack.mitre.org/techniques/T1547/001/](https://attack.mitre.org/techniques/T1547/001/)
 * [https://www.microsoftpressstore.com/articles/article.aspx?p=2762082\&seqNum=2](https://www.microsoftpressstore.com/articles/article.aspx?p=2762082\&seqNum=2)
 
-<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
+<img src="../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1).png" alt="" data-size="original">
 
 If you are interested in **hacking career** and hack the unhackable - **we are hiring!** (_fluent polish written and spoken required_).