Offsec-Saleem
Introduction
OSCP-Commands
The Basics
Linux
Basics of Linux
Bash-scripting
Vim
Windows
Basics of Windows
PowerShell
PowerShell Scripting
CMD
Scripting With Python
Python Fundamentals
Useful Scripts
Transferring Files
Transfering Files on Linux
Transfering files on Windows
Firewalls
General tips and tricks
Recon and Information Gathering Phase
Passive Information Gatherig
Identify IP-addresses and Subdomains
Identify IP-addresses
Find Subdomains
DNS Basics
Finding subdomains
DNS Zone Transfer Attack
Identifying People
Search Engine Discovery
Identifying Technology Stack
Active Information Gathering
Port Scanning
SMB,SMTP, SNMP Enumeration
SMTP & SNMP Enumeration
Vulnerability analysis
Server-side Vulnerabilities
Common ports\/services and how to use them
Port Knocking
HTTP - Web Vulnerabilities
Common Web-services
WAF - Web Application Firewall
Attacking the System
Local File Inclusion
Remote File Inclusion
Hidden Files and Directories
SQL-Injections
Nosql-Injections
XML External Entity Attack
Bypass File Upload Filtering
Exposed Version Control
Failure to Restrict URL Access
Attacking the User
Clickjacking
Broken Authentication or Session Management
Text\/content-injection
Subdomain Takeover
Cross Site Request Forgery
Cross-site-scripting
Examples
Browser Vulnerabilities
Java Applet
Automated Vulnerability Scanners
Exploiting
Social Engineering - Phishing
Default Layout of Apache on Different Versions
Shells
Webshell
Generate Shellcode
Editing Exploits
Compiling windows exploits
Metasploit-Basics
Metasploit-basic-2
Using Public Exploits
Buffer Overflow
Post Exploitation
Spawning Shells
Meterpreter for Post-Exploitation
Privilege Escalation - Linux
Privilege Escalation - Windows
Privilege Esclation-windows2
Escaping Restricted Shell
Bypassing antivirus
Loot and Enumerate
Loot Windows
Loot Linux
Persistence
windows
Cover your tracks
Password Cracking
Generate Custom Wordlist
Offline Password Cracking
Online Password Cracking
Pass the Hash - Reusing Hashes
Dumping Plaintext Passwords from Memory with Windows Credential Editor
Pivoting - Port forwarding - Tunneling
port knocking
Network traffic analysis
Arp-spoofing
SSL-strip
DNS-spoofing
Wireshark
Wifi
WEP
WPS
Physical access to machine
Literature
References
scribble--random
pen-test-procedure
web-application-exploitation-cheatsheet
Interview Questions
Level 1
Links
Methodology testing
Penetration tools - real time
External PT
Powered by
GitBook
Server-side Vulnerabilities
results matching "
"
No results matching "
"