Tester

Search CTRL + K

Tester

Search CTRL + K

Attack Cloud

AWS

flaws.cloud

AWS Practice - flaws.cloud

AWS Practice 2 -flaws2.cloud

Tips

AWS IAM

AWS Signed API Request

AWS Signing and Authenticating REST requests

0. AWS Resources

1. AWS Cloud Services

2. AWS Enumeration Process

AWS -Tools

Azure

Azure General

IAM

How does a user authenticate to the cloud?

OpenID Connect

Security Token Service

AZ CLI

AZURE CLI Tab Completion

Azure Network

Azure Powershell

Azure REST API with Azure CLI

Built-in Permissions

Enumerate with credentials

Enumerate without Credentials

Tenant, Subscription, Resource

Tool - AADInternal

Tool - Azrecon.sh

Tool - AZSubEnum - Subdomain Enum

Tool - BloodHound AzureHoundCustomQuery

Tools - Password spray

Azure Services

Active Directory Federation Services (ADFS)

Azure Resource Manager

Azure SQL

Azure Storage Account

Azure Virtual Machine

Microsoft Graph

SDKs

PwnedLabs

0. Azure - Readme

1. Azure Blob Container to Initial Access

2. Unlock Access with Azure Key Vault

3. Azure with Bloodhound and Microsoft.Graph

4. Loot Exchange, Teams and SharePoint with GraphRunner

5. Unmask Privileged Access in Azure

6. Azure Recon to Foothold and Profit

8. Execute Azure Credential Shuffle to Achieve Objectives

0. Resources

Attack Computer

AD

Port

53 - DNS

88 - Kerberos

135, 593 - Microsoft Remote Procedure Call

139,445 - SMB

389, 636, 3268, 3269 - LDAP

3389 - RDP

Lateral Movement

Unauthenticated Path - with HTB rebound

Attack Windows

Windows Authentication System

LSASS - Local and Domain

Bypass EDR!!

CVE-2024-9473

Enumerate Windows

SC

USB - How does it work?

Windows Authentication Systems ( Pending)

Windows Management Instrumentation (WMI)

Windows Remote Management

Windows User Rights

WMIC

Attack Docker

Docker- Kali

Attack Web

Debugger and Logger

Debugger - vscode

Debugger - .net - DNN

Debugger - Apache Debugger start

Debugger - Docker and NodeJS

Debugger - ERPNext Frappe

Debugger - Java - VSCODE

Debugger-Docker

Debugger-Maria

Debugger-VSCODE-Python

Logger - MongoDB

Logger - MS SQL Server

Logger - mysql

Logger - Nginx

Logger - Oracle Database

Logger - PostgreSQL

Logger - SQLite

Logger-PHP

Deserialization - .net

Black Box Appraoch

Debug with dnspy - DNN

White Box Approach

XML Deserialization Vulnerabilities

GraphQL

0. GraphQL Attack Flow

0. GraphQL Resources

1. GraphQL

2. GraphQL Endpoints?

3. Introspection - Getting information

4. Bypass

5. Connection Type

6. 'Something' doesn't exist on type 'Query'

JAVA

Java 101

Java Extenions

JAVA Servlets and Key Methods

JAVA Web Testing - White box

Javascript

Session Riding CSRF

CSRF

javascript payload session riding - CSRF

Javascript, Nodejs, Express, Webpack

MYSQL

PHP

postgresSQL

0. PSQL Extensions attack - UDF

1. PSQL Large Object exploit

1.1 PSQL Large Object Shell -linux

1.2 PSQL Large Object Shell- Windows

Large Object Reverse shell Python code

poc.c Local execution arking.

psql payload

PSQL Payload copy from, copy to

PSQL payload- RCE

psql poc.c - reverseshell

Remote execution py

Prototype

Example

Main Prototype pollution

Regex

regex for sqli

Regex syntax

SOP_CORS

SOP and CORS

SSTI

Server Side Template Injection

SSTI Payload

web_pentesting_checklist

Resources

1.1 Cross Site Scripting

5. Server Side Attack

5.1 Server Side Includes Injection

5.2 Edge-Side Includes (ESI)

5.3 Server-Side Template Injections

5.4 Extensible stylesheet Language Transformations (XSLT)

9.1 File Inclusion- Remote

9.2 File Inclusion - Log

9.3 File Inclusion - tool

Web application testing common vulnerability

Web Architecture 101

WebSocket

Automation

Automate OSWE starting routine

Publish Stuff

Digital Garden Resources

Publish free

Hello world

Enter to select

to navigate

ESC to close

Golang?

https://go.dev/

Connected Pages

Depth

Pages mentioning this page

No other pages mentions this page