Categories
Similar Boards
Suggest a Link

Pentest Kungfu

You must be logged in to view the contents of this board.

Windows Forensic

Pin
  1. Tool Analysis Result Sheet

Eventlogs

Pin
  1. Event-o-Pedia EventID 528 - Successful Logon [Win XP]

Web exploitation

Pin

Command Injection

Pin
  1. [PentesterLab] Web for Pentester - FINAL

XXE

Pin
  1. Gaining Filesystem Access via Blind OOB XXE
  2. Hiding in Plain Sight: XXE Vulnerability in HP Project & Portfolio Mgmt Center - Rhino ...
  3. XXE

SQLInjection

Pin
  1. Exploiting Timed Based RCE
  2. Red Team Tales 0x01: From MSSQL to RCE - Tarlogic Security - Cyber Security and Ethical...
  3. Vulnerability analysis, Security Papers, Exploit Tutorials - Part 12975
  4. Basic Union Based Injection
  5. Advanced SQL injection to operating system full control
  6. SQL Injection Cheat Sheet | Netsparker
  7. 5 more

Local file inclusion

Pin
  1. Web App Penetration Testing - Local File Inclusion (LFI)

Reconnaissance

Pin

NMAP

Pin
  1. Scanning for network vulnerabilities using nmap - Blah, Cloud.

SQLMAP

Pin
  1. Usage · sqlmapproject/sqlmap Wiki · GitHub
  2. From SQL Injection To 0wnage Using SQLMap » Checkmate

NIKTO

Pin
  1. Nikto v2.1.5 - The Manual

Weaponize

Pin
  1. Powershell -Enc AV bypass

OS Exploitation

Pin

Blackhat

Pin
  1. bh-usa-07-moore_and_valsmith-WP.pdf

Command and Control

Pin

Download and execute

Pin
  1. Windows oneliners to download remote payload and execute arbitrary code – arno0x0x

Lateral Movement

Pin

SMB-Relay

Pin
  1. Executing SMB Relay Attacks via SQL Server using Metasploit
  2. Effective NTLM / SMB Relaying · Rob 'mubix' Fuller
  3. Bettercap - Capturing NTLM Hashes
  4. SMB Attacks Through Directory Traversal
  5. Windows 7 and SMB Relay Carnal0wnage - Attack Research Blog Carnal0wnage & Attack Resea...
  6. 4ARMED - Penetration Testing and Cyber Security Services
  7. 5 more

Pass the hash

Pin
  1. Still Passing the Hash 15 Years Later: WMIS: The Missing Piece of the Ownage Puzzle
  2. PSExec | To Shell And Back: Adventures In Pentesting
  3. Pass-the-Hash Is Dead: Long Live LocalAccountTokenFilterPolicy – harmj0y
  4. Kerberos Golden Tickets are Now More Golden » Active Directory Security
  5. Practical Usage of NTLM Hashes
  6. Practical guide to NTLM Relaying in 2017 (A.K.A getting a foothold in under 5 minutes) ...
  7. 3 more

Post-exploitation

Pin

Linux Privilege Escalation

Pin
  1. Attack and Defend: Linux Privilege Escalation Techniques of 2016

Command list

Pin
  1. Linux Post Exploitation Command List · mubix/post-exploitation Wiki · GitHub

Windows Privilege Escalation

Pin
  1. FuzzySecurity | Windows Privilege Escalation Fundamentals
  2. intercept_apis_dll_redirection.pdf

Credentials dump

Pin
  1. ZN17_Kheirkhabarov_Hunting_for_Credentials_Dumping_in_Windows_Environment.pdf

Stealth & Persistency

Pin
  1. Userland Persistence with Scheduled Tasks and COM Handler Hijacking | enigma0x3
  2. FuzzySecurity | Windows Userland Persistence Fundamentals
  3. huntresslabs/evading-autoruns

Metasploit

Pin
  1. Converting Metasploit Module to Stand Alone
  2. From metasploit module to python standalone with the help of wireshark | TheWeakestLink

Powershell Attacks

Pin
  1. increased-use-of-powershell-in-attacks-16-en.pdf
  2. jaredhaight/PSAttack

    Powershell tools with AV evasion

0 Comment
Comments or thoughts?
Submit
Cancel
or
Email a link to this board
Share this board on Facebook
Share this board on Twitter
Notice label will go here