├── CNAME ├── Chapter-1-Pentesting-Philosophy-and-Methodology ├── README.md ├── chapter-1.md ├── chapter-2.md ├── chapter-3.md ├── chapter-4.md ├── chapter-5.md ├── chapter-6.md ├── chapter-7.md ├── chapter-8.md └── chapter-9.md ├── Chapter-2-Security-Cheatsheets ├── README.md ├── bug-hunting │ ├── bounties.md │ └── guides.md ├── certifications │ ├── osce │ │ └── preparation.md │ └── oscp │ │ ├── _preparation.md │ │ ├── _setup.md │ │ ├── commands │ │ └── enumeration │ │ │ ├── network.md │ │ │ ├── vulnerability.md │ │ │ └── windows-local.md │ │ ├── my │ │ ├── cheatsheet.md │ │ ├── exploits.md │ │ ├── prev-escalation.md │ │ ├── share-files.md │ │ ├── tty.md │ │ ├── web.md │ │ └── windows.md │ │ ├── notes.md │ │ ├── practice-vulnhub.md │ │ ├── scripts.md │ │ ├── tools.md │ │ └── vuln-software.md ├── cloud │ ├── aws-s3.md │ ├── aws.md │ └── azuer.md ├── containers-docker-k8s │ └── _general.md ├── crypto │ └── _general.md ├── ctf │ ├── general.md │ ├── hack-the-box │ │ ├── CronOS.md │ │ ├── bank.md │ │ ├── bastard.md │ │ ├── beep.md │ │ ├── grandpa.md │ │ ├── lame.md │ │ └── popcorn.md │ └── hackthebox.md ├── databases │ ├── mysql │ │ └── command_execution.md │ └── sqlserver │ │ ├── 0-roles-and-permissions.md │ │ ├── 1-enumeration.md │ │ ├── 2-exploitation.md │ │ ├── 3-command-execution.md │ │ ├── 4-privilage-escalation.md │ │ ├── 5-lateral-movement.md │ │ ├── 6-persistence.md │ │ ├── 9-defence.md │ │ └── 9-pending-references.md ├── dfir │ ├── _general.md │ ├── books.md │ ├── ctf.md │ ├── important-files.md │ └── tools.md ├── embedded-and-iot │ ├── _analysis.md │ ├── _collections.md │ ├── _general.md │ ├── binwalk.md │ ├── bluetooth.md │ ├── busybox.md │ ├── cross-compiling.md │ ├── esp.md │ ├── hacking-atms.md │ ├── hacking-cars.md │ ├── hacking-locks.md │ ├── hacking-printers.md │ ├── hacking-ships.md │ ├── hacking_cameras.md │ ├── hardware.md │ ├── opwnwrt.md │ ├── protocols.md │ ├── qmue.md │ ├── scenario │ │ ├── glitching.md │ │ └── test-conditions.md │ ├── side-channel.md │ ├── tools.md │ ├── uboot.md │ └── uefi.md ├── exploitables │ └── backdoor.md ├── exploits-and-shellcoding │ ├── _general.md │ ├── buffer-overflow.md │ ├── commands.md │ ├── fuzzing.md │ ├── kernel-exploitation-linux.md │ ├── kernel-exploitation-windows.md │ ├── lateral-movement.md │ ├── malware.md │ ├── memory-protection.md │ ├── os_windows.md │ ├── payloads.md │ ├── persistance.md │ ├── rop.md │ └── tool-metasploit.md ├── identity-and-access-management │ ├── jwt.md │ ├── kerberos.md │ └── oauth2.md ├── languages │ ├── go.md │ ├── php.md │ ├── python.md │ ├── regex.md │ └── rush.md ├── linux │ ├── _general.md │ ├── _hardning.md │ ├── _tools.md │ ├── file-information.md │ ├── hardware-information.md │ ├── important-files.md │ ├── iptables.md │ ├── netcat.md │ ├── networking.md │ ├── os-information.md │ ├── permissions.md │ ├── privilage-escalation.md │ ├── process-information.md │ ├── searching.md │ ├── services.md │ ├── tcpdump.md │ └── vi.md ├── macos │ └── _defense.md ├── malware │ ├── anti-virus.md │ ├── downloaders.md │ ├── fileless-attacks.md │ ├── general.md │ ├── pdf-attacks.md │ ├── tools.md │ └── yara.md ├── mobile │ ├── android.md │ └── ios.md ├── network │ ├── _general.md │ ├── commands.md │ ├── defense.md │ ├── domain-fronting.md │ ├── port-forwarding-and-tunneling.md │ ├── tools.md │ ├── traffic-analysis.md │ └── wireless.md ├── osint │ ├── general.md │ └── tools.md ├── password-attacks │ ├── general.md │ └── windows.md ├── powershell │ ├── development.md │ ├── general.md │ ├── modules.md │ └── remoting.md ├── protocols │ ├── Citrix-1494.md │ ├── DHCP.md │ ├── DNS-53.md │ ├── FTP-21.md │ ├── Finger-79.md │ ├── HTTP-HTTPS-80,443.md │ ├── IMAP-143.md │ ├── IRC-8067.md │ ├── LDAP-389.md │ ├── Memcache.md │ ├── Modbus-502.md │ ├── MySQL-3306.md │ ├── NFS-2049.md │ ├── NTP-123.md │ ├── Oracle-1521.md │ ├── POP3-110.md │ ├── PPTP-L2TP-VPN-500,1723.md │ ├── Portmapper-111.md │ ├── RDP-3389.md │ ├── RPC.md │ ├── SIP-5060.md │ ├── SMB-Samba-NetBIOS-135-139,445.md │ ├── SMTP-25.md │ ├── SNMP-161.md │ ├── SQL-Server-1433,1434.md │ ├── SSH-22.md │ ├── TFTP-69.md │ ├── Telnet-23.md │ ├── Tor-9001,9030.md │ ├── VNC-5900.md │ ├── WebDev.md │ ├── X11-6000.md │ └── rlogin-513.md ├── recon │ ├── DNS.md │ ├── email.md │ ├── general.md │ └── reconng.md ├── reverse-engineering │ ├── anti-reverse-engineering.md │ ├── arm.md │ ├── c-cpp.md │ ├── dotnet.md │ ├── general.md │ ├── go.md │ ├── java.md │ ├── linux │ │ ├── elf.md │ │ ├── gdb.md │ │ └── setup.md │ ├── mobile │ │ └── general.md │ ├── tools.md │ └── windows │ │ ├── mitigations.md │ │ ├── pe.md │ │ ├── tools.md │ │ └── vba.md ├── rf-and-wireless │ ├── rfid_nfc.md │ ├── rpi.md │ └── sdr.md ├── scanning │ ├── nmap.md │ ├── port-scanning.md │ └── vulnerability-scanning.md ├── shellcoding │ ├── powershell.md │ └── x86.md ├── steganography │ └── tools.md ├── theoretical │ └── pentesting.md ├── web │ ├── _basics.md │ ├── _defense.md │ ├── _general.md │ ├── _practice.md │ ├── applets.md │ ├── arbitrary-file-upload.md │ ├── browser-exploits.md │ ├── bypass.md │ ├── command-injection.md │ ├── crlf.md │ ├── csrf.md │ ├── discovery.md │ ├── lfi-rfi.md │ ├── open-redirect.md │ ├── password-attacks.md │ ├── php.md │ ├── post-exploitation.md │ ├── scenario │ │ ├── change-password.md │ │ ├── forgot-password.md │ │ ├── login.md │ │ ├── put.md │ │ ├── register.md │ │ └── remember-me.md │ ├── sql-injection.md │ ├── ssl-tls.md │ ├── ssrf.md │ ├── tools.md │ ├── toos-burp.md │ └── xss.md └── windows │ ├── _bypass.md │ ├── _defending.md │ ├── _general.md │ ├── _tools.md │ ├── active-directory.md │ ├── api.md │ ├── credential-stealing.md │ ├── domain-previlage-escalation.md │ ├── endpoints.md │ ├── events.md │ ├── hyperv.md │ ├── important-files.md │ ├── previlage-escalation.md │ ├── processes.md │ ├── server-security.md │ ├── services.md │ └── wmi.md ├── Chapter-3-Pentest-Compilation └── README.md ├── Chapter-4-Offensive-Security ├── README.md ├── code-execution │ ├── README.md │ ├── application-whitelisting-bypass-with-wmic-and-xsl.md │ ├── forcing-iexplore.exe-to-load-a-malicious-dll-via-com-abuse.md │ ├── powershell-constrained-language-mode-bypass.md │ ├── powershell-without-powershell.md │ ├── t1117-regsvr32-aka-squiblydoo.md │ ├── t1118-installutil.md │ ├── t1170-mshta-code-execution.md │ ├── t1191-cmstp-code-execution.md │ ├── t1196-control-panel-item-code-execution.md │ ├── t1202-forfiles-indirect-command-execution.md │ ├── t1216-signed-script-ce.md │ └── using-msbuild-to-execute-shellcode-in-c.md ├── code-injection-process-injection │ ├── README.md │ ├── apc-queue-code-injection.md │ ├── backdooring-a-pe-executable-with-shellcode.md │ ├── backdooring-portable-executables-pe-with-shellcode.md │ ├── dll-injection.md │ ├── early-bird-apc-queue-code-injection.md │ ├── executing-shellcode-with-inline-assembly-in-c-c++.md │ ├── finding-kernel32-base-and-function-addresses-in-shellcode.md │ ├── how-to-hook-windows-api-using-c++.md │ ├── loading-and-executing-shellcode-from-portable-executable-resources.md │ ├── process-doppelganging.md │ ├── process-hollowing-and-pe-image-relocations.md │ ├── process-injection.md │ ├── reflective-dll-injection.md │ ├── reflective-shellcode-dll-injection.md │ ├── setwindowhookex-code-injection.md │ └── shellcode-execution-in-a-local-process-with-queueuserapc-and-nttestalert.md ├── credential-access-and-credential-dumping │ ├── README.md │ ├── dump-credentials-from-lsass-process-using-mimikatz.md │ ├── dumping-and-cracking-mscash-cached-domain-credentials.md │ ├── dumping-credentials-from-lsass.exe-process-memory.md │ ├── dumping-domain-controller-hashes-via-wmic-and-shadow-copy-using-vssadmin.md │ ├── dumping-lsa-secrets.md │ ├── dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass.md │ ├── forcing-wdigest-to-store-credentials-in-plaintext.md │ ├── network-vs-interactive-logons.md │ ├── ntds.dit-enumeration.md │ ├── reading-dpapi-encrypted-secrets-with-mimikatz-and-c++.md │ ├── sam.md │ ├── t1174-password-filter-dll.md │ └── t1214-credentials-in-registry.md ├── defense-evasion │ ├── README.md │ ├── av-bypass-with-metasploit-templates.md │ ├── bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis.md │ ├── bypassing-ids-signatures-with-simple-reverse-shells.md │ ├── bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon.md │ ├── commandline-obfusaction.md │ ├── downloading-file-with-certutil.md │ ├── evading-windows-defender-using-classic-c-shellcode-launcher-with-1-byte-change.md │ ├── executing-csharp-assemblies-from-jscript-and-wscript-with-dotnettojscript.md │ ├── file-smuggling-with-html-and-javascript.md │ ├── masquerading-processes-in-userland-through-_peb.md │ ├── t1027-obfuscated-powershell-invocations.md │ ├── t1045-software-packing-upx.md │ ├── t1096-alternate-data-streams.md │ ├── t1099-timestomping.md │ ├── t1140-encode-decode-data-with-certutil.md │ ├── t1158-hidden-files.md │ ├── unloading-sysmon-driver.md │ ├── using-native-syscalls-to-bypass-avs-edrs.md │ └── using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs.md ├── enumeration-and-discovery │ ├── README.md │ ├── detecting-sysmon-on-the-victim-host.md │ ├── dumping-gal-global-address-list-from-outlook-web-application.md │ ├── enumerating-users-without-net-services-without-sc-and-scheduled-tasks-without-schtasks.md │ ├── t1010-application-window-discovery.md │ ├── t1087-account-discovery.md │ └── using-com-to-enumerate-hostname-username-domain-network-drives.md ├── exfiltration │ ├── README.md │ └── payload-delivery-via-dns-using-invoke-powercloud.md ├── initial-access │ ├── README.md │ ├── netntlmv2-hash-stealing-using-outlook.md │ ├── password-spraying-outlook-web-access-remote-shell.md │ ├── phishing-with-gophish-and-digitalocean.md │ ├── phishing-with-ms-office │ │ ├── README.md │ │ ├── bypassing-malicious-macro-detections-by-defeating-child-parent-process-relationships.md │ │ ├── inject-macros-from-a-remote-dotm-template-docx-with-macros.md │ │ ├── phishing-.slk-excel.md │ │ ├── phishing-embedded-html-forms.md │ │ ├── phishing-embedded-internet-explorer.md │ │ ├── phishing-ole-+-lnk.md │ │ ├── phishing-replacing-embedded-video-with-bogus-payload.md │ │ ├── phishing-xlm-macro-4.0.md │ │ ├── t1137-office-vba-macros.md │ │ └── t1173-dde.md │ └── t1187-forced-authentication.md ├── lateral-movement │ ├── README.md │ ├── empire-shells-with-netnltmv2-relaying.md │ ├── lateral-movement-via-smb-relaying-by-abusing-lack-of-smb-signing.md │ ├── lateral-movement-with-psexec.md │ ├── simple-tcp-relaying-with-netcat.md │ ├── ssh-tunnelling-port-forwarding.md │ ├── t1028-winrm-for-lateral-movement.md │ ├── t1047-wmi-for-lateral-movement.md │ ├── t1051-shared-webroot.md │ ├── t1076-rdp-hijacking-for-lateral-movement.md │ ├── t1175-distributed-component-object-model.md │ ├── wmi-+-msi-lateral-movement.md │ ├── wmi-+-powershell-desired-state-configuration-lateral-movement.md │ └── wmi-via-newscheduledtask.md ├── persistence │ ├── README.md │ ├── office-templates.md │ ├── t1013-addmonitor.md │ ├── t1015-sethc.md │ ├── t1035-service-execution.md │ ├── t1053-schtask.md │ ├── t1122-com-hijacking.md │ ├── t1128-netsh-helper-dll.md │ ├── t1130-install-root-certificate.md │ ├── t1131-auth-packages.md │ ├── t1136-create-account.md │ ├── t1138-application-shimming.md │ ├── t1180-screensaver-hijack.md │ ├── t1197-bits-jobs.md │ ├── t1198-trust-provider-hijacking.md │ ├── t1209-hijacking-time-providers.md │ └── word-library-add-ins.md ├── privilege-escalation │ ├── README.md │ ├── t1038-dll-hijacking.md │ ├── t1108-redundant-access.md │ ├── t1134-access-token-manipulation.md │ ├── t1183-image-file-execution-options-injection.md │ ├── unquoted-service-paths.md │ ├── weak-service-permissions.md │ └── windows-namedpipes-privilege-escalation.md ├── red-team-infrastructure │ ├── README.md │ ├── automating-red-team-infrastructure-with-terraform.md │ ├── cobalt-strike-101-installation-and-interesting-commands.md │ ├── how-to-setup-modliska-reverse-http-proxy-for-phishing.md │ ├── powershell-empire-101.md │ ├── redirectors-forwarders.md │ ├── smtp.md │ └── spiderfoot-101-with-kali-using-docker.md ├── t1055-process-injection │ └── loading-and-executing-shellcode-from-portable-executable-resouces.md └── wip.md ├── README.md ├── SUMMARY.md └── _config.yml /CNAME: -------------------------------------------------------------------------------- 1 | notes.sofiane.cc -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/README.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-1.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-1.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-2.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-3.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-3.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-4.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-4.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-5.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-5.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-6.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-6.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-7.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-7.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-8.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-8.md -------------------------------------------------------------------------------- /Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-9.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-1-Pentesting-Philosophy-and-Methodology/chapter-9.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/README.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/bug-hunting/bounties.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/bug-hunting/bounties.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/bug-hunting/guides.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/bug-hunting/guides.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/osce/preparation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/osce/preparation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/_preparation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/_preparation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/_setup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/_setup.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/network.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/network.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/vulnerability.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/vulnerability.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/windows-local.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/commands/enumeration/windows-local.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/cheatsheet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/cheatsheet.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/exploits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/exploits.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/prev-escalation.md: -------------------------------------------------------------------------------- 1 | # General 2 | 3 | mysql shell command execution 4 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/share-files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/share-files.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/tty.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/tty.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/web.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/web.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/my/windows.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/my/windows.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/notes.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/notes.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/practice-vulnhub.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/practice-vulnhub.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/scripts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/scripts.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/certifications/oscp/vuln-software.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/certifications/oscp/vuln-software.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/cloud/aws-s3.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/cloud/aws-s3.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/cloud/aws.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/cloud/aws.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/cloud/azuer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/cloud/azuer.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/containers-docker-k8s/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/containers-docker-k8s/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/crypto/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/crypto/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/CronOS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/CronOS.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/bank.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/bank.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/bastard.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/bastard.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/beep.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/grandpa.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/grandpa.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/lame.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/lame.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hack-the-box/popcorn.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hack-the-box/popcorn.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/ctf/hackthebox.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/ctf/hackthebox.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/mysql/command_execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/mysql/command_execution.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/0-roles-and-permissions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/0-roles-and-permissions.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/1-enumeration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/1-enumeration.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/2-exploitation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/2-exploitation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/3-command-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/3-command-execution.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/4-privilage-escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/4-privilage-escalation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/5-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/5-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/6-persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/6-persistence.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/9-defence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/9-defence.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/databases/sqlserver/9-pending-references.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/databases/sqlserver/9-pending-references.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/dfir/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/dfir/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/dfir/books.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/dfir/books.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/dfir/ctf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/dfir/ctf.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/dfir/important-files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/dfir/important-files.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/dfir/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/dfir/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/_analysis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/_analysis.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/_collections.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/_collections.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/binwalk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/binwalk.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/bluetooth.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/bluetooth.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/busybox.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/busybox.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/cross-compiling.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/cross-compiling.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/esp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/esp.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-atms.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-atms.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-cars.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-cars.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-locks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-locks.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-printers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-printers.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-ships.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking-ships.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking_cameras.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/hacking_cameras.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/hardware.md: -------------------------------------------------------------------------------- 1 | https://www.oshstencils.com 2 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/opwnwrt.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/opwnwrt.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/protocols.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/protocols.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/qmue.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/qmue.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/scenario/glitching.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/scenario/glitching.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/scenario/test-conditions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/scenario/test-conditions.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/side-channel.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/side-channel.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/uboot.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/embedded-and-iot/uefi.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/embedded-and-iot/uefi.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploitables/backdoor.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploitables/backdoor.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/buffer-overflow.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/buffer-overflow.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/commands.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/commands.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/fuzzing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/fuzzing.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/kernel-exploitation-linux.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/kernel-exploitation-linux.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/kernel-exploitation-windows.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/kernel-exploitation-windows.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/lateral-movement.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/malware.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/malware.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/memory-protection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/memory-protection.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/os_windows.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/os_windows.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/payloads.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/payloads.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/persistance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/persistance.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/rop.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/rop.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/tool-metasploit.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/exploits-and-shellcoding/tool-metasploit.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/identity-and-access-management/jwt.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/identity-and-access-management/jwt.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/identity-and-access-management/kerberos.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/identity-and-access-management/kerberos.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/identity-and-access-management/oauth2.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/identity-and-access-management/oauth2.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/languages/go.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/languages/go.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/languages/php.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/languages/php.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/languages/python.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/languages/python.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/languages/regex.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/languages/regex.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/languages/rush.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/languages/rush.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/_hardning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/_hardning.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/_tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/_tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/file-information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/file-information.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/hardware-information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/hardware-information.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/important-files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/important-files.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/iptables.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/iptables.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/netcat.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/netcat.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/networking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/networking.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/os-information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/os-information.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/permissions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/permissions.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/privilage-escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/privilage-escalation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/process-information.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/process-information.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/searching.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/searching.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/services.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/tcpdump.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/tcpdump.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/linux/vi.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/linux/vi.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/macos/_defense.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/macos/_defense.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/anti-virus.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/anti-virus.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/downloaders.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/downloaders.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/fileless-attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/fileless-attacks.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/pdf-attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/pdf-attacks.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/malware/yara.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/malware/yara.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/mobile/android.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/mobile/android.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/mobile/ios.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/mobile/ios.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/commands.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/commands.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/defense.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/defense.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/domain-fronting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/domain-fronting.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/port-forwarding-and-tunneling.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/port-forwarding-and-tunneling.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/traffic-analysis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/traffic-analysis.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/network/wireless.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/network/wireless.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/osint/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/osint/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/osint/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/osint/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/password-attacks/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/password-attacks/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/password-attacks/windows.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/password-attacks/windows.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/powershell/development.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/powershell/development.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/powershell/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/powershell/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/powershell/modules.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/powershell/modules.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/powershell/remoting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/powershell/remoting.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Citrix-1494.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Citrix-1494.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/DHCP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/DHCP.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/DNS-53.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/DNS-53.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/FTP-21.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/FTP-21.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Finger-79.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Finger-79.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/HTTP-HTTPS-80,443.md: -------------------------------------------------------------------------------- 1 | Please check `/web` dedicated folder. 2 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/IMAP-143.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/IRC-8067.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/IRC-8067.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/LDAP-389.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/LDAP-389.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Memcache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Memcache.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Modbus-502.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Modbus-502.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/MySQL-3306.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/MySQL-3306.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/NFS-2049.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/NFS-2049.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/NTP-123.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/NTP-123.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Oracle-1521.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Oracle-1521.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/POP3-110.md: -------------------------------------------------------------------------------- 1 | USER username 2 | PASS password 3 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/PPTP-L2TP-VPN-500,1723.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/PPTP-L2TP-VPN-500,1723.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Portmapper-111.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Portmapper-111.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/RDP-3389.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/RDP-3389.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/RPC.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/RPC.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SIP-5060.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/SIP-5060.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SMB-Samba-NetBIOS-135-139,445.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/SMB-Samba-NetBIOS-135-139,445.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SMTP-25.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/SMTP-25.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SNMP-161.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/SNMP-161.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SQL-Server-1433,1434.md: -------------------------------------------------------------------------------- 1 | Please check `/databases/sqlserver` dedicated folder. 2 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/SSH-22.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/SSH-22.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/TFTP-69.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/TFTP-69.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Telnet-23.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/Telnet-23.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/Tor-9001,9030.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/VNC-5900.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/VNC-5900.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/WebDev.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/WebDev.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/X11-6000.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/X11-6000.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/protocols/rlogin-513.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/protocols/rlogin-513.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/recon/DNS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/recon/DNS.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/recon/email.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/recon/email.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/recon/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/recon/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/recon/reconng.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/recon/reconng.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/anti-reverse-engineering.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/anti-reverse-engineering.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/arm.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/arm.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/c-cpp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/c-cpp.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/dotnet.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/dotnet.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/go.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/go.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/java.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/java.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/linux/elf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/linux/elf.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/linux/gdb.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/linux/gdb.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/linux/setup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/linux/setup.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/mobile/general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/mobile/general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/windows/mitigations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/windows/mitigations.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/windows/pe.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/windows/pe.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/windows/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/windows/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/reverse-engineering/windows/vba.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/reverse-engineering/windows/vba.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/rf-and-wireless/rfid_nfc.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/rf-and-wireless/rfid_nfc.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/rf-and-wireless/rpi.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/rf-and-wireless/rpi.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/rf-and-wireless/sdr.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/rf-and-wireless/sdr.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/scanning/nmap.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/scanning/nmap.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/scanning/port-scanning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/scanning/port-scanning.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/scanning/vulnerability-scanning.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/scanning/vulnerability-scanning.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/shellcoding/powershell.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/shellcoding/powershell.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/shellcoding/x86.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/shellcoding/x86.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/steganography/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/steganography/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/theoretical/pentesting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/theoretical/pentesting.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/_basics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/_basics.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/_defense.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/_defense.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/_practice.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/_practice.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/applets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/applets.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/arbitrary-file-upload.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/arbitrary-file-upload.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/browser-exploits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/browser-exploits.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/bypass.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/bypass.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/command-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/command-injection.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/crlf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/crlf.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/csrf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/csrf.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/discovery.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/lfi-rfi.md: -------------------------------------------------------------------------------- 1 | - Universal LFI for Windows + PHP (using phpinfo): https://rdot.org/forum/showthread.php?t=1134 2 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/open-redirect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/open-redirect.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/password-attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/password-attacks.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/php.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/php.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/post-exploitation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/post-exploitation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/change-password.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/forgot-password.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/login.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/put.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/scenario/put.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/register.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/scenario/remember-me.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/sql-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/sql-injection.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/ssl-tls.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/ssl-tls.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/ssrf.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/ssrf.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/toos-burp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/toos-burp.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/web/xss.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/web/xss.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/_bypass.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/_bypass.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/_defending.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/_defending.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/_general.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/_general.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/_tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/_tools.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/active-directory.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/active-directory.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/api.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/api.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/credential-stealing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/credential-stealing.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/domain-previlage-escalation.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/endpoints.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/endpoints.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/events.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/events.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/hyperv.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/hyperv.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/important-files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/important-files.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/previlage-escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/previlage-escalation.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/processes.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/processes.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/server-security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/server-security.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/services.md -------------------------------------------------------------------------------- /Chapter-2-Security-Cheatsheets/windows/wmi.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-2-Security-Cheatsheets/windows/wmi.md -------------------------------------------------------------------------------- /Chapter-3-Pentest-Compilation/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-3-Pentest-Compilation/README.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/README.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/README.md: -------------------------------------------------------------------------------- 1 | # Code Execution 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/application-whitelisting-bypass-with-wmic-and-xsl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/application-whitelisting-bypass-with-wmic-and-xsl.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/forcing-iexplore.exe-to-load-a-malicious-dll-via-com-abuse.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/forcing-iexplore.exe-to-load-a-malicious-dll-via-com-abuse.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/powershell-constrained-language-mode-bypass.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/powershell-constrained-language-mode-bypass.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/powershell-without-powershell.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/powershell-without-powershell.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1117-regsvr32-aka-squiblydoo.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1117-regsvr32-aka-squiblydoo.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1118-installutil.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1118-installutil.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1170-mshta-code-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1170-mshta-code-execution.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1191-cmstp-code-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1191-cmstp-code-execution.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1196-control-panel-item-code-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1196-control-panel-item-code-execution.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1202-forfiles-indirect-command-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1202-forfiles-indirect-command-execution.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/t1216-signed-script-ce.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/t1216-signed-script-ce.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-execution/using-msbuild-to-execute-shellcode-in-c.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-execution/using-msbuild-to-execute-shellcode-in-c.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/README.md: -------------------------------------------------------------------------------- 1 | # Code & Process Injection 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/apc-queue-code-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/apc-queue-code-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/backdooring-a-pe-executable-with-shellcode.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/backdooring-a-pe-executable-with-shellcode.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/backdooring-portable-executables-pe-with-shellcode.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/backdooring-portable-executables-pe-with-shellcode.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/dll-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/dll-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/early-bird-apc-queue-code-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/early-bird-apc-queue-code-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/executing-shellcode-with-inline-assembly-in-c-c++.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/executing-shellcode-with-inline-assembly-in-c-c++.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/finding-kernel32-base-and-function-addresses-in-shellcode.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/finding-kernel32-base-and-function-addresses-in-shellcode.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/how-to-hook-windows-api-using-c++.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/how-to-hook-windows-api-using-c++.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/loading-and-executing-shellcode-from-portable-executable-resources.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/loading-and-executing-shellcode-from-portable-executable-resources.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/process-doppelganging.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/process-doppelganging.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/process-hollowing-and-pe-image-relocations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/process-hollowing-and-pe-image-relocations.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/process-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/process-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/reflective-dll-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/reflective-dll-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/reflective-shellcode-dll-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/reflective-shellcode-dll-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/setwindowhookex-code-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/setwindowhookex-code-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/code-injection-process-injection/shellcode-execution-in-a-local-process-with-queueuserapc-and-nttestalert.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/code-injection-process-injection/shellcode-execution-in-a-local-process-with-queueuserapc-and-nttestalert.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/README.md: -------------------------------------------------------------------------------- 1 | # Credential Access & Dumping 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dump-credentials-from-lsass-process-using-mimikatz.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dump-credentials-from-lsass-process-using-mimikatz.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-and-cracking-mscash-cached-domain-credentials.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-and-cracking-mscash-cached-domain-credentials.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-credentials-from-lsass.exe-process-memory.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-credentials-from-lsass.exe-process-memory.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-domain-controller-hashes-via-wmic-and-shadow-copy-using-vssadmin.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-domain-controller-hashes-via-wmic-and-shadow-copy-using-vssadmin.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-lsa-secrets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-lsa-secrets.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/forcing-wdigest-to-store-credentials-in-plaintext.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/forcing-wdigest-to-store-credentials-in-plaintext.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/network-vs-interactive-logons.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/network-vs-interactive-logons.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/ntds.dit-enumeration.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/ntds.dit-enumeration.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/reading-dpapi-encrypted-secrets-with-mimikatz-and-c++.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/reading-dpapi-encrypted-secrets-with-mimikatz-and-c++.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/sam.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/sam.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/t1174-password-filter-dll.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/t1174-password-filter-dll.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/credential-access-and-credential-dumping/t1214-credentials-in-registry.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/credential-access-and-credential-dumping/t1214-credentials-in-registry.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/README.md: -------------------------------------------------------------------------------- 1 | # Defense Evasion 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/av-bypass-with-metasploit-templates.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/av-bypass-with-metasploit-templates.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/bypassing-ids-signatures-with-simple-reverse-shells.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/bypassing-ids-signatures-with-simple-reverse-shells.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/bypassing-windows-defender-one-tcp-socket-away-from-meterpreter-and-cobalt-strike-beacon.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/commandline-obfusaction.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/commandline-obfusaction.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/downloading-file-with-certutil.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/downloading-file-with-certutil.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/evading-windows-defender-using-classic-c-shellcode-launcher-with-1-byte-change.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/evading-windows-defender-using-classic-c-shellcode-launcher-with-1-byte-change.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/executing-csharp-assemblies-from-jscript-and-wscript-with-dotnettojscript.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/executing-csharp-assemblies-from-jscript-and-wscript-with-dotnettojscript.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/file-smuggling-with-html-and-javascript.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/file-smuggling-with-html-and-javascript.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/masquerading-processes-in-userland-through-_peb.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/masquerading-processes-in-userland-through-_peb.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1027-obfuscated-powershell-invocations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1027-obfuscated-powershell-invocations.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1045-software-packing-upx.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1045-software-packing-upx.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1096-alternate-data-streams.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1096-alternate-data-streams.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1099-timestomping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1099-timestomping.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1140-encode-decode-data-with-certutil.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1140-encode-decode-data-with-certutil.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/t1158-hidden-files.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/t1158-hidden-files.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/unloading-sysmon-driver.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/unloading-sysmon-driver.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/using-native-syscalls-to-bypass-avs-edrs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/using-native-syscalls-to-bypass-avs-edrs.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/defense-evasion/using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/defense-evasion/using-syscalls-directly-from-visual-studio-to-bypass-avs-edrs.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/README.md: -------------------------------------------------------------------------------- 1 | # Enumeration and Discovery 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/detecting-sysmon-on-the-victim-host.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/detecting-sysmon-on-the-victim-host.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/dumping-gal-global-address-list-from-outlook-web-application.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/dumping-gal-global-address-list-from-outlook-web-application.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/enumerating-users-without-net-services-without-sc-and-scheduled-tasks-without-schtasks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/enumerating-users-without-net-services-without-sc-and-scheduled-tasks-without-schtasks.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/t1010-application-window-discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/t1010-application-window-discovery.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/t1087-account-discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/t1087-account-discovery.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/enumeration-and-discovery/using-com-to-enumerate-hostname-username-domain-network-drives.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/enumeration-and-discovery/using-com-to-enumerate-hostname-username-domain-network-drives.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/exfiltration/README.md: -------------------------------------------------------------------------------- 1 | # Exfiltration 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/exfiltration/payload-delivery-via-dns-using-invoke-powercloud.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/exfiltration/payload-delivery-via-dns-using-invoke-powercloud.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/README.md: -------------------------------------------------------------------------------- 1 | # Initial Access 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/netntlmv2-hash-stealing-using-outlook.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/netntlmv2-hash-stealing-using-outlook.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/password-spraying-outlook-web-access-remote-shell.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/password-spraying-outlook-web-access-remote-shell.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-gophish-and-digitalocean.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-gophish-and-digitalocean.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/README.md: -------------------------------------------------------------------------------- 1 | # Phishing with MS Office 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/bypassing-malicious-macro-detections-by-defeating-child-parent-process-relationships.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/bypassing-malicious-macro-detections-by-defeating-child-parent-process-relationships.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/inject-macros-from-a-remote-dotm-template-docx-with-macros.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/inject-macros-from-a-remote-dotm-template-docx-with-macros.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-.slk-excel.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-.slk-excel.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-embedded-html-forms.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-embedded-html-forms.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-embedded-internet-explorer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-embedded-internet-explorer.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-ole-+-lnk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-ole-+-lnk.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-replacing-embedded-video-with-bogus-payload.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-replacing-embedded-video-with-bogus-payload.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-xlm-macro-4.0.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/phishing-xlm-macro-4.0.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/t1137-office-vba-macros.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/t1137-office-vba-macros.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/t1173-dde.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/phishing-with-ms-office/t1173-dde.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/initial-access/t1187-forced-authentication.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/initial-access/t1187-forced-authentication.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/README.md: -------------------------------------------------------------------------------- 1 | # Lateral Movement 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/empire-shells-with-netnltmv2-relaying.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/empire-shells-with-netnltmv2-relaying.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/lateral-movement-via-smb-relaying-by-abusing-lack-of-smb-signing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/lateral-movement-via-smb-relaying-by-abusing-lack-of-smb-signing.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/lateral-movement-with-psexec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/lateral-movement-with-psexec.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/simple-tcp-relaying-with-netcat.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/simple-tcp-relaying-with-netcat.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/ssh-tunnelling-port-forwarding.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/ssh-tunnelling-port-forwarding.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/t1028-winrm-for-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/t1028-winrm-for-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/t1047-wmi-for-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/t1047-wmi-for-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/t1051-shared-webroot.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/t1051-shared-webroot.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/t1076-rdp-hijacking-for-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/t1076-rdp-hijacking-for-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/t1175-distributed-component-object-model.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/t1175-distributed-component-object-model.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/wmi-+-msi-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/wmi-+-msi-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/wmi-+-powershell-desired-state-configuration-lateral-movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/wmi-+-powershell-desired-state-configuration-lateral-movement.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/lateral-movement/wmi-via-newscheduledtask.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/lateral-movement/wmi-via-newscheduledtask.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/README.md: -------------------------------------------------------------------------------- 1 | # Persistence 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/office-templates.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/office-templates.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1013-addmonitor.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1013-addmonitor.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1015-sethc.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1015-sethc.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1035-service-execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1035-service-execution.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1053-schtask.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1053-schtask.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1122-com-hijacking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1122-com-hijacking.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1128-netsh-helper-dll.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1128-netsh-helper-dll.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1130-install-root-certificate.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1130-install-root-certificate.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1131-auth-packages.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1131-auth-packages.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1136-create-account.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1136-create-account.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1138-application-shimming.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1138-application-shimming.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1180-screensaver-hijack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1180-screensaver-hijack.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1197-bits-jobs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1197-bits-jobs.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1198-trust-provider-hijacking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1198-trust-provider-hijacking.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/t1209-hijacking-time-providers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/t1209-hijacking-time-providers.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/persistence/word-library-add-ins.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/persistence/word-library-add-ins.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/README.md: -------------------------------------------------------------------------------- 1 | # Privilege Escalation 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/t1038-dll-hijacking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/t1038-dll-hijacking.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/t1108-redundant-access.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/t1108-redundant-access.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/t1134-access-token-manipulation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/t1134-access-token-manipulation.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/t1183-image-file-execution-options-injection.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/t1183-image-file-execution-options-injection.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/unquoted-service-paths.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/unquoted-service-paths.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/weak-service-permissions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/weak-service-permissions.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/privilege-escalation/windows-namedpipes-privilege-escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/privilege-escalation/windows-namedpipes-privilege-escalation.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/README.md: -------------------------------------------------------------------------------- 1 | # Red Team Infrastructure 2 | 3 | -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/automating-red-team-infrastructure-with-terraform.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/automating-red-team-infrastructure-with-terraform.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/cobalt-strike-101-installation-and-interesting-commands.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/cobalt-strike-101-installation-and-interesting-commands.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/how-to-setup-modliska-reverse-http-proxy-for-phishing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/how-to-setup-modliska-reverse-http-proxy-for-phishing.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/powershell-empire-101.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/powershell-empire-101.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/redirectors-forwarders.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/redirectors-forwarders.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/smtp.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/smtp.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/red-team-infrastructure/spiderfoot-101-with-kali-using-docker.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/red-team-infrastructure/spiderfoot-101-with-kali-using-docker.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/t1055-process-injection/loading-and-executing-shellcode-from-portable-executable-resouces.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/t1055-process-injection/loading-and-executing-shellcode-from-portable-executable-resouces.md -------------------------------------------------------------------------------- /Chapter-4-Offensive-Security/wip.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/Chapter-4-Offensive-Security/wip.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/README.md -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/SUMMARY.md -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SofianeHamlaoui/Pentest-Notes/HEAD/_config.yml --------------------------------------------------------------------------------