Shuciran Pentesting Notes
Knowledge Base for Penetration Testing
HOME
CATEGORIES
TAGS
ARCHIVES
ABOUT
Tags
Tags
Tags
.NET
1
abusing azure devops
1
abusing jwt
1
acl inspection
1
active directory
18
acute
1
AD CS
1
ADCS-CSR
1
adcs.ps1
1
ADCS.ps1
1
add-domainobjectacl
1
addkeycredentiallink privilege
1
aem enumeration
1
aircrack-ng
1
airdecap-ng
1
aireplay-ng
1
airgraph-ng
1
airmon-ng
1
airodump-ng
1
airolib-ng
1
ansible
1
anubis
1
ASP SSTI
1
asreproast
4
authentication
5
authentication bypass
1
automatization
2
av evasion
1
aws
3
aws enumeration
1
azure
1
azure devops enumeration
1
azure devops privesc
1
base64
1
batch scripting
1
binary cookies
1
bloodhound
5
Bloodhound
1
bloodhound-python
1
browser credentials
1
bruteforce
1
buckets
2
burpsuite
1
cache password
1
captive portal
1
capturing handshake
1
ccache
1
certificate
1
certify.exe
1
Certify.exe
1
certutil
1
chipset regulations
1
chirpy markdown
1
chisel
1
Chisel
1
client side attack
1
CLM Bypass
1
cloud
2
code
1
commands
1
compilation
1
conpty
1
conptyshell
1
ConPtyShell
1
cors
1
cracking
1
cracking hashes
3
crackmapexec
1
creds.xml
1
cron job
1
cross-compiling
1
crowbar
1
cupsctl
1
cve-2017-0199
1
CVE-2021-42287
1
data storage
6
dcsync
1
DCSync
1
dcsync attack
1
debug
4
debugging
1
decompilation
2
deserialization attack
1
devops enumeration
1
dictionary creation
1
dirtycow
1
dns enum
1
dns enumeration
1
domain enum gathering
1
dotnet
5
drivers
2
drupal
1
drupwn
1
dump
1
embedded plist
1
enumeration
4
Enumeration
1
evil-twin
1
evil-winrm
1
evilwinrm
2
exe2hex
1
exiftool
1
exploitation
25
fgdump
1
file transfer
19
firebase
1
firefox
2
fodhelper
1
follina exploitation
2
ftp
2
ftp enum
1
ftp enumeration
1
fulcrum
1
gcc compilation
1
gci
1
GCI
1
gdbserver
2
get-domainuser
1
get-netloggedon
1
get-netsession
1
getpac
1
git enumeration
1
git source leak
1
gpp credentials
1
gpp decrypt
1
gpp decryption
1
group addition
1
groups.xml
1
gssapi
2
gtfobins
1
hackthebox
19
hashcat
5
history
1
htc
1
hts
1
httptunnel
1
hydra
1
iis exploitation
1
IMAP/POP3 enumeration
1
impacket-getNPUsers
1
impacket-psexec
1
impacket-secretsdump
3
impacket-smbserver
1
info leakage
1
information leakage
4
insecure file permissions
2
intelligence
1
interactive tty
2
intruder
1
invoke-powershelltcp
1
invoke-whisker
1
InvokePowerShellTcp.ps1
1
iOS setup
1
ipa
2
ipainstaller
1
iw
3
iwconfig
1
jailbreak
1
Jamovi exploitation
1
java
4
juicypotato
1
juicypotatong
1
k5login
2
kerberoasting
3
Kerberoasting
1
kerberos
3
kerberos auth
1
kerberos authentication
1
kerberos enum
1
kerberos enumeration
2
kerbrute
1
kerbrute brute force
1
kerbrute smb enum
2
kernel
1
kernel vulnerabilities
1
keychain dumper
1
krb.keytab
1
krb5.conf
1
krb5.keytab
1
krbtgt5
1
lambda
1
lambda function enumeration
1
laps
1
laps_reader
1
lateral movement
5
ldap enum
4
ldap enumeration
1
ldap privesc
1
lfi
4
linux
1
linux buffer overflow
1
linux enumeration
9
linux persistence
1
linux privesc
8
linux web server
2
llmnr
1
log poisoning
1
lolbas
1
macro
1
mariadb
1
medusa
1
metadata inspection
1
metasploit
1
methodology
2
mobile
10
modifying assemblies
1
monitor mode
1
ms17-010
1
mssql
4
mssql enum
1
mssql enumeration
1
mssql rce
1
mysql
1
mysql enumeration
1
netbios enumeration
1
netcat
2
netcat port scanning
1
netsh
1
network enumeration
1
network service attack methods
1
networking
2
nfs enumeration
1
nikto enumeration
1
nmap
1
nmap parsing output
1
nodejs
4
noPac.py
1
ntlm
1
ntlmv2
1
ntp
1
ntp enumeration
1
ntp synchronization
1
opensmtpd
1
openssl
1
osint
5
pass the hash
1
passive reconnaissance
5
Passthehash
1
password attacks
2
password cracking
1
password mutation
1
password reuse
1
password spraying
1
passwordless based authentication
1
path hijacking
1
persistence
4
pfx
1
pfx certificate
1
phishing
1
php
6
phpmyadmin
1
pkexec
2
plink
1
plist
1
plugin shell
1
Port Forwarding
1
port redirection and tunneling
5
ports
1
powershell
5
powershell download
1
powershell history
1
powershell modules
1
powerview
2
powerview.ps1
1
PowerView.ps1
1
printspoofer
1
privesc
1
proc-cmdline
1
prototype
1
Proxychains
1
pscredential
1
python
5
python library hijacking
1
rce
6
rdp enumeration
1
rdp remote login
1
readlaps
1
realm
1
recon-ng
1
remote capture
1
remote debugging
1
responder
1
reverse engineering
1
reverse shell
2
rfi
2
rfkill
1
Rinetd
1
rogue AP
1
roguewinrm
1
rpc enum
1
rpc enumeration
3
rtf
1
rubeus
1
Rubeus
1
rubeus.exe
1
s3 enum
2
sam
1
sam dump
1
same-origin policy
1
scf attack
2
scp
1
scr
18
screen command
1
screen linux command
1
screencapture
1
scripting language upload
1
search engines
1
seassignprimarytokenprivilege
1
seatbelt
1
seimpersonateprivilege
3
server procedures
1
services running
1
set-domainobjectowner
1
set-domainuserpassword
1
sharphound
3
Shell Escape
1
shellshock
1
sideloadly
1
signing
2
silver ticket
2
sizzle
1
smb
2
smb download
1
smb enum
2
smb enumeration
4
smb full replication
1
smb null session
1
smb with writting permissions
1
smbcacls
1
smtp
1
smtp enumeration
1
snmp
1
snmp enumeration
1
snmp read and write community abuse
1
social media
1
software vulnerability
1
source code recovery
1
source code review
1
spn
1
spring4shell
1
sql injection
2
sqlite
1
sqlite databases
1
squid proxy
1
squid proxy enumeration
1
ssh
1
ssh enumeration
1
ssh hijacking
1
ssl inspect
1
ssti
2
subdomain enum
1
subversion
1
subversion enumeration
1
suid
1
swaks
1
symlink exploitation
1
synchronizyng with rdate
1
system
2
sysvol share
2
tar
1
tar symlink exploitation
1
tcpdump
1
tentacle
1
tftp upload
1
tgs
1
tgs cracking
1
ticketer
1
timelapse
1
tips & tricks
2
trollstore
1
uac bypass
1
uac integrity level
1
udf exploitation
1
unc0ver
1
union select
1
unloading and loading
1
unquoted service path
1
uploadserver
1
upnphost
1
useful
1
useful installation
1
user creation
1
user enum gathering
1
user info
2
utilities
6
vbs download
1
vhost fuzzing
1
virtual environment
1
vscode
3
vulnerable microsoft services
1
web
1
web enum
1
web enumeration
1
web fuzzing
1
web listener
1
Web scripting
1
webdav
1
webshell
1
websocket
1
wep
1
windows
3
windows buffer overflow
1
windows download
2
windows enumeration
6
windows persistence
1
windows privesc
12
windows upload
2
windows XP
1
winrm
2
WinRM
1
wireless
25
wireshark
2
wireshark filters
1
wordpress
2
Wordpress enumeration
1
wpa enterprise
1
wpad enum
1
wps
1
wrapper
1
writedacl
2
writeowner
1
wsus admin group
1
wsus exploitation
1
xp_cmdshell
1
xp_dirtree
1
xslm
1
XSS
1
xss hunting
1
xxe
2
xxe blind out of band
1
yaml
1
Reverse Shells
Finding GUID with ipainstaller
Plist Files
Signing IPA with Sideloadly (Non-jailbroken)
Signing IPA with TrollStore (Non-jailbroken)
exploitation
wireless
file transfer
hackthebox
active directory
scr
windows privesc
mobile
linux enumeration
linux privesc
exploitation
wireless
file transfer
hackthebox
active directory
scr
windows privesc
mobile
linux enumeration
linux privesc