SUMMARY.md

Summary

• Introduction
• The Basics
  • Linux
    • Basics of Linux
    • Bash-scripting
    • Vim
    • Man Pages
  • Windows
    • Basics of Windows
    • PowerShell
    • PowerShell Scripting
    • CMD
  • Scripting With Python
    • Python Fundamentals
    • Useful Scripts
  • Transferring Files
    • Transfering Files on Linux
    • Transfering files on Windows
  • Firewalls
  • General tips and tricks
• Recon and Information Gathering Phase
  • Passive Information Gatherig
    • Identify IP-addresses and Subdomains
      • Identify IP-addresses
      • Find Subdomains
        • DNS Basics
        • Finding subdomains
        • DNS Zone Transfer Attack
    • Identifying People
    • Search Engine Discovery
    • Identifying Technology Stack
  • Active Information Gathering
    • Port Scanning
    • Scapy
• Vulnerability analysis
  • Server-side Vulnerabilities
    • Common ports/services and how to use them
    • Port Knocking
  • HTTP - Web Vulnerabilities
    • Common Web-services
    • Reg Expressions
    • WAF - Web Application Firewall
    • Attacking the System
      • Local File Inclusion
      • Remote File Inclusion
      • Directory Traversal Attack
      • Hidden Files and Directories
      • SQL-Injections
      • Nosql-Injections
      • XML External Entity Attack
      • Command Injection
      • Cookie
      • Bypass File Upload Filtering
      • Exposed Version Control
      • Directory Traversal Attack
    • Attacking the User
      • Clickjacking
      • Broken Authentication or Session Management
      • Text/content-injection
      • HTML-Injection
      • Insecure Direct Object Reference (IDOR)
      • Subdomain Takeover
      • Cross Site Request Forgery
      • Cross-Site Scripting
        • Examples
        • DOM-based XSS
      • Browser Vulnerabilities
      • HTML-Injection
  • Automated Vulnerability Scanners
• Exploiting
  • Social Engineering - Phishing
  • Tips & Tricks
  • Default Layout of Apache on Different Versions
  • Shells
  • Webshell
  • Generate Shellcode
  • Editing Exploits
  • Compiling windows exploits
  • Dirty Cow
  • Shellshock
  • Responder
  • Log Poisoning
  • Buffer Overflow Shell
  • Evading WAF
  • Fuzzer
• Post Exploitation
  • Spawning Shells
  • BloodHound
  • Meterpreter for Post-Exploitation
  • Privilege Escalation - Linux
    • View Processes running on a timer
  • Privilege Escalation - Windows
    • Metasploit Web Delivery (Meterpreter Session)
    • Manual Method
  • Escaping Restricted Shell
  • Bypassing antivirus
  • Loot and Enumerate
    • Loot Windows
    • Loot Linux
      • Fun with GREP
  • Persistence
  • Cover your tracks
  • Cobalt
    • HTML Application Attack
    • More fun in AD
  • MS Advanced Threat Protection and Advanced Threat Analytics Evasion
  • FTP fun
  • Execute C#
  • Vba Macros
• Password Cracking
  • Generate Custom Wordlist
  • Offline Password Cracking
    • NTLM vs. NTLMv1/v2 a.ka. Net-NTLMv1/v2
  • Online Password Cracking
  • Pass the Hash - Reusing Hashes
  • Wordlists for CTFs
  • Cleartext Passwords
• Pivoting - Port forwarding - Tunneling
• Network traffic analysis
  • Arp-spoofing
    • SSL-strip
  • DNS-spoofing
  • Wireshark
• Forensics
  • Reverse Engineering
  • Decompile
  • Data Extraction
  • Audio Stego
  • Crypto
  • Encrypted Files
  • Assembly
    • reverse eng shell
  • Log Analysis
  • Volatility
• Wifi
  • WEP
  • WPS
  • Rogue APs
• Physical access to machine
• Literature
• Cheat Sheets
• Physical
• VM Scaling