Saltar a contenido

Etiquetas | Tags

Listado de etiquetas relevantes por tema y aparición:

APKTool

Abusing FTP + IIS Services

Abusing GPP Passwords

Abusing GenericAll privilege (Resetting a user's password)

Abusing Oracle Database

Abusing ReadGMSAPassword privilege

Abusing SeImpersonatePrivilege

Abusing Umbraco Admin Panel

Abusing Windows Subsystem for Linux (WSL)

Abusing memcache write item permission

Achat 0.150 beta7 - Buffer Overflow (Windows 7 32 bits)

Advanced Bash Scripting (EXTRA)

Alternate Data Streams (ADS)

Android

AppLocker Bypass

Binary Analysis (IDA)

Bloodhound Enumeration

Breaking KeePass

Command Injection

Compresión XALZ

ConPtyShell (Fully Interactive Reverse Shell for Windows)

Cross-Site Request Forgery (CSRF) - Changing a user's password

Decompilación de DLLs

Decrypting GPP Passwords - gpp-decrypt

GTFOBins (zip)

Gaining access to Windows PowerShell Web Access

Gaining access with wmiexec

Generating a Shellcode based on our needs + TIPS

IDOR

IIS Exploitation (Uploading WebShell)

ILSpy

Icacls Abuse (Privilege Escalation)

Information Leakage

Information Leakage (Privilege Escalation)

Information Leakage - Password in picture

Jenkins Exploitation (Groovy Script Console)

Kerberoasting Attack (GetUserSPNs.py)

Kerberoasting Attack (GetUserSPNs.py) [Privilege Escalation]

Ldap Enumeration (ldapdomaindump)

Memdump

Microsoft Windows (x86) – ‘afd.sys’ (MS11-046) [Privilege Escalation]

Microsoft Windows Event Logs Analysis (evtx)+

NFS Enumeration - Showmount

NTUSER.dat Analysis

Obtaining the TeamViewer password from the system registers (AES128 - CBC) [Privilege Escalation]

Oracle DB Exploitation - Attempting a remote file read

Oracle DB Exploitation - Attempting a remote file upload

Oracle DB Exploitation - Attempting execution of a previously uploaded binary file

Oracle DB Exploitation - Discovering valid credentials (passwordguesser)

Oracle DB Exploitation - Identifying valid SIDs (sidguesser)

Oracle Database Attacking Tool (ODAT) Installation

PassTheHash (Psexec)

Playing with ScriptBlocks and PSCredential to execute commands as another user

Playing with pfx certificates

PowerUp Enumeration (Alternative Privilege Escalation)

RCE (md-to-pdf)

RPC Enumeration (rpcclient)

Reflected XSS

SMB Enumeration

SMB Password Spray Attack (Crackmapexec)

SQL Injection

SQL Injection [SQLI] - Error Based

SQLI to RCE (Into Outfile - PHP File Creation)

SSH Authentication Bypass (libssh)

Server Side Request Forgery (SSRF)

Service ImagePath Hijacking (Privilege Escalation)

Stored XSS

Umbraco CMS - Remote Code Execution by authenticated administrators

Unprotecting password-protected Excel (Remove Protection)

User Enumeration (Wfuzz)

Volatility

Web Enumeration

WinPEAS Enumeration

Writable /etc/passwd

Xamarin