Shuciran Pentesting Notes
Knowledge Base for Penetration Testing
HOME
CATEGORIES
TAGS
ARCHIVES
ABOUT
Tags
Tags
Tags
.NET
1
abusing azure devops
1
abusing jwt
1
acl inspection
1
active directory
18
acute
1
AD CS
1
ADCS-CSR
1
adcs.ps1
1
ADCS.ps1
1
add-domainobjectacl
1
addkeycredentiallink privilege
1
aem enumeration
1
aircrack-ng
1
airdecap-ng
1
aireplay-ng
1
airgraph-ng
1
airmon-ng
1
airodump-ng
1
airolib-ng
1
ansible
1
anubis
1
ASP SSTI
1
asreproast
4
authentication
5
authentication bypass
1
automatization
2
av evasion
1
aws
3
aws enumeration
1
azure
1
azure devops enumeration
1
azure devops privesc
1
base64
1
batch scripting
1
binary cookies
1
bloodhound
5
Bloodhound
1
bloodhound-python
1
browser credentials
1
bruteforce
1
buckets
2
burpsuite
1
cache password
1
captive portal
1
capturing handshake
1
ccache
1
certificate
1
certify.exe
1
Certify.exe
1
certutil
1
chipset regulations
1
chirpy markdown
1
chisel
1
Chisel
1
client side attack
1
CLM Bypass
1
cloud
2
code
1
commands
1
compilation
1
conpty
1
conptyshell
1
ConPtyShell
1
cors
1
cracking
1
cracking hashes
3
crackmapexec
1
creds.xml
1
cron job
1
cross-compiling
1
crowbar
1
cupsctl
1
cve-2017-0199
1
CVE-2021-42287
1
data storage
6
dcsync
1
DCSync
1
dcsync attack
1
debug
4
debugging
1
decompilation
2
deserialization attack
1
devops enumeration
1
dictionary creation
1
dirtycow
1
dns enum
1
dns enumeration
1
domain enum gathering
1
dotnet
5
drivers
2
drupal
1
drupwn
1
dump
1
embedded plist
1
enumeration
4
Enumeration
1
evil-twin
1
evil-winrm
1
evilwinrm
2
exe2hex
1
exiftool
1
exploitation
25
fgdump
1
file transfer
19
firebase
1
firefox
2
fodhelper
1
follina exploitation
2
ftp
2
ftp enum
1
ftp enumeration
1
fulcrum
1
gcc compilation
1
gci
1
GCI
1
gdbserver
2
get-domainuser
1
get-netloggedon
1
get-netsession
1
getpac
1
git enumeration
1
git source leak
1
gpp credentials
1
gpp decrypt
1
gpp decryption
1
group addition
1
groups.xml
1
gssapi
2
gtfobins
1
hackthebox
19
hashcat
5
history
1
htc
1
hts
1
httptunnel
1
hydra
1
iis exploitation
1
IMAP/POP3 enumeration
1
impacket-getNPUsers
1
impacket-psexec
1
impacket-secretsdump
3
impacket-smbserver
1
info leakage
1
information leakage
4
insecure file permissions
2
intelligence
1
interactive tty
2
intruder
1
invoke-powershelltcp
1
invoke-whisker
1
InvokePowerShellTcp.ps1
1
iOS setup
1
ipa
2
ipainstaller
1
iw
3
iwconfig
1
jailbreak
1
Jamovi exploitation
1
java
4
juicypotato
1
juicypotatong
1
k5login
2
kerberoasting
3
Kerberoasting
1
kerberos
3
kerberos auth
1
kerberos authentication
1
kerberos enum
1
kerberos enumeration
2
kerbrute
1
kerbrute brute force
1
kerbrute smb enum
2
kernel
1
kernel vulnerabilities
1
keychain dumper
1
krb.keytab
1
krb5.conf
1
krb5.keytab
1
krbtgt5
1
lambda
1
lambda function enumeration
1
laps
1
laps_reader
1
lateral movement
5
ldap enum
4
ldap enumeration
1
ldap privesc
1
lfi
4
linux
1
linux buffer overflow
1
linux enumeration
9
linux persistence
1
linux privesc
8
linux web server
2
llmnr
1
log poisoning
1
lolbas
1
macro
1
mariadb
1
medusa
1
metadata inspection
1
metasploit
1
methodology
2
mobile
10
modifying assemblies
1
monitor mode
1
ms17-010
1
mssql
4
mssql enum
1
mssql enumeration
1
mssql rce
1
mysql
1
mysql enumeration
1
netbios enumeration
1
netcat
2
netcat port scanning
1
netsh
1
network enumeration
1
network service attack methods
1
networking
2
nfs enumeration
1
nikto enumeration
1
nmap
1
nmap parsing output
1
nodejs
4
noPac.py
1
ntlm
1
ntlmv2
1
ntp
1
ntp enumeration
1
ntp synchronization
1
opensmtpd
1
openssl
1
osint
5
pass the hash
1
passive reconnaissance
5
Passthehash
1
password attacks
2
password cracking
1
password mutation
1
password reuse
1
password spraying
1
passwordless based authentication
1
path hijacking
1
persistence
4
pfx
1
pfx certificate
1
phishing
1
php
6
phpmyadmin
1
pkexec
2
plink
1
plist
1
plugin shell
1
Port Forwarding
1
port redirection and tunneling
5
ports
1
powershell
5
powershell download
1
powershell history
1
powershell modules
1
powerview
2
powerview.ps1
1
PowerView.ps1
1
printspoofer
1
privesc
1
proc-cmdline
1
prototype
1
Proxychains
1
pscredential
1
python
5
python library hijacking
1
rce
6
rdp enumeration
1
rdp remote login
1
readlaps
1
realm
1
recon-ng
1
remote capture
1
remote debugging
1
responder
1
reverse engineering
1
reverse shell
2
rfi
2
rfkill
1
Rinetd
1
rogue AP
1
roguewinrm
1
rpc enum
1
rpc enumeration
3
rtf
1
rubeus
1
Rubeus
1
rubeus.exe
1
s3 enum
2
sam
1
sam dump
1
same-origin policy
1
scf attack
2
scp
1
scr
18
screen command
1
screen linux command
1
screencapture
1
scripting language upload
1
search engines
1
seassignprimarytokenprivilege
1
seatbelt
1
seimpersonateprivilege
3
server procedures
1
services running
1
set-domainobjectowner
1
set-domainuserpassword
1
sharphound
3
Shell Escape
1
shellshock
1
sideloadly
1
signing
2
silver ticket
2
sizzle
1
smb
2
smb download
1
smb enum
2
smb enumeration
4
smb full replication
1
smb null session
1
smb with writting permissions
1
smbcacls
1
smtp
1
smtp enumeration
1
snmp
1
snmp enumeration
1
snmp read and write community abuse
1
social media
1
software vulnerability
1
source code recovery
1
source code review
1
spn
1
spring4shell
1
sql injection
2
sqlite
1
sqlite databases
1
squid proxy
1
squid proxy enumeration
1
ssh
1
ssh enumeration
1
ssh hijacking
1
ssl inspect
1
ssti
2
subdomain enum
1
subversion
1
subversion enumeration
1
suid
1
swaks
1
symlink exploitation
1
synchronizyng with rdate
1
system
2
sysvol share
2
tar
1
tar symlink exploitation
1
tcpdump
1
tentacle
1
tftp upload
1
tgs
1
tgs cracking
1
ticketer
1
timelapse
1
tips & tricks
2
trollstore
1
uac bypass
1
uac integrity level
1
udf exploitation
1
unc0ver
1
union select
1
unloading and loading
1
unquoted service path
1
uploadserver
1
upnphost
1
useful
1
useful installation
1
user creation
1
user enum gathering
1
user info
2
utilities
6
vbs download
1
vhost fuzzing
1
virtual environment
1
vscode
3
vulnerable microsoft services
1
web
1
web enum
1
web enumeration
1
web fuzzing
1
web listener
1
Web scripting
1
webdav
1
webshell
1
websocket
1
wep
1
windows
3
windows buffer overflow
1
windows download
2
windows enumeration
6
windows persistence
1
windows privesc
12
windows upload
2
windows XP
1
winrm
2
WinRM
1
wireless
25
wireshark
2
wireshark filters
1
wordpress
2
Wordpress enumeration
1
wpa enterprise
1
wpad enum
1
wps
1
wrapper
1
writedacl
2
writeowner
1
wsus admin group
1
wsus exploitation
1
xp_cmdshell
1
xp_dirtree
1
xslm
1
XSS
1
xss hunting
1
xxe
2
xxe blind out of band
1
yaml
1
WebShells
FTP (tcp-21)
Reverse Shells
Finding GUID with ipainstaller
Plist Files
exploitation
wireless
file transfer
hackthebox
active directory
scr
windows privesc
mobile
linux enumeration
linux privesc
exploitation
wireless
file transfer
hackthebox
active directory
scr
windows privesc
mobile
linux enumeration
linux privesc