GitBook: [master] 17 pages and 28 assets modified

linux-unix/privilege-escalation/README.md

@@ -1428,6 +1428,11 @@ Files that ships in packages downloaded from distribution repository go into `/u
 
 {% page-ref page="cisco-vmanage.md" %}
 
+### Kernel Security Protections
+
+* [https://github.com/a13xp0p0v/kconfig-hardened-check](https://github.com/a13xp0p0v/kconfig-hardened-check)
+* [https://github.com/a13xp0p0v/linux-kernel-defence-map](https://github.com/a13xp0p0v/linux-kernel-defence-map)
+
 ## More help
 
 [Static impacket binaries](https://github.com/ropnop/impacket_static_binaries)

macos/macos-security-and-privilege-escalation/macos-mdm.md

@@ -115,7 +115,7 @@ The response is a JSON dictionary with some important data like:
 * Signed using the **device identity certificate \(from APNS\)**
 * **Certificate chain** includes expired **Apple iPhone Device CA**
 
-![](../../.gitbook/assets/image%20%28567%29%20%281%29.png)
+![](../../.gitbook/assets/image%20%28567%29%20%281%29%20%282%29.png)
 
 ### Step 6: Profile Installation
 

pentesting-web/saml-attacks/README.md

@@ -6,7 +6,7 @@
 
 ## Attacks Graphic
 
-![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png)
+![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29.png)
 
 ## Tool
 

pentesting/pentesting-dns.md

@@ -239,3 +239,4 @@ Entry_5:
   Description: Eunuerate a DC via DNS
   Command: dig -t _gc._{Domain_Name} && dig -t _ldap._{Domain_Name} && dig -t _kerberos._{Domain_Name} && dig -t _kpasswd._{Domain_Name} && nmap --script dns-srv-enum --script-args "dns-srv-enum.domain={Domain_Name}"
 ```
+

pentesting/pentesting-imap.md

@@ -183,3 +183,4 @@ Entry_3:
   Description: Banner Grab 993
   Command: openssl s_client -connect {IP}:993 -quiet
 ```
+

pentesting/pentesting-kerberos-88/README.md

@@ -58,6 +58,5 @@ Entry_4:
   Name: With Creds
   Description: Attempt to get a list of user service principal names
   Command: GetUserSPNs.py -request -dc-ip {IP} active.htb/svc_tgs
-
 ```
 

pentesting/pentesting-ldap.md

@@ -375,3 +375,4 @@ Entry_5:
   Description: Need Naming Context to do big dump
   Command: ldapsearch -h {IP} -x -b "{Naming_Context}"
 ```
+

pentesting/pentesting-mssql-microsoft-sql-server.md

@@ -269,3 +269,4 @@ Entry_2:
   Description: Nmap with SQL Scripts
   Command: nmap --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args mssql.instance-port=1433,mssql.username=sa,mssql.password=,mssql.instance-name=MSSQLSERVER -sV -p 1433 {IP}
 ```
+

pentesting/pentesting-ntp.md

@@ -67,3 +67,4 @@ Entry_2:
   Description: Enumerate NTP
   Command: nmap -sU -sV --script "ntp* and (discovery or vuln) and not (dos or brute)" -p 123 {IP}
 ```
+

pentesting/pentesting-smtp/README.md

@@ -479,3 +479,4 @@ Entry_6:
   Description: Find MX servers of an organization
   Command: dig +short mx {Domain_Name}
 ```
+

pentesting/pentesting-snmp/README.md

@@ -211,3 +211,4 @@ Entry_4:
   Description: Nmap snmp (no brute)
   Command: nmap --script "snmp* and not snmp-brute" {IP}
 ```
+

pentesting/pentesting-web/README.md

@@ -430,5 +430,5 @@ Entry_10:
   Command: |
     ?What is the location of the wp-login.php? Example: /Yeet/cannon/wp-login.php
     wpscan --url {Web_Proto}://{IP}{1} --enumerate ap,at,cb,dbe && wpscan --url {Web_Proto}://{IP}{1} --enumerate u,tt,t,vp --passwords {Big_Passwordlist} -e
-
 ```
+

pentesting/pentesting-web/iis-internet-information-services.md

@@ -320,7 +320,7 @@ C:\xampp\tomcat\conf\server.xml
 
 If you see an error like the following one:
 
-![](../../.gitbook/assets/image%20%28446%29%20%281%29%20%282%29%20%282%29.png)
+![](../../.gitbook/assets/image%20%28446%29%20%281%29%20%282%29%20%282%29%20%283%29.png)
 
 It means that the server **didn't receive the correct domain name** inside the Host header.  
 In order to access the web page you could take a look to the served **SSL Certificate** and maybe you can find the domain/subdomain name in there. If it isn't there you may need to **brute force VHosts** until you find the correct one.

phishing-methodology/README.md

@@ -339,7 +339,7 @@ The page www.mail-tester.com can indicate you if you your domain is being blocke
 * Decide from which account are you going to send the phishing emails. Suggestions: _noreply, support, servicedesk, salesforce..._
 * You can leave blank the username and password, but make sure to check the Ignore Certificate Errors
 
-![](../.gitbook/assets/image%20%28253%29%20%281%29%20%282%29%20%281%29%20%281%29%20%282%29%20%282%29%20%283%29%20%283%29.png)
+![](../.gitbook/assets/image%20%28253%29%20%281%29%20%282%29%20%281%29%20%281%29%20%282%29%20%282%29%20%283%29%20%283%29%20%285%29.png)
 
 {% hint style="info" %}
 It's recommended to use the "**Send Test Email**" functionality to test that everything is working.