updated
This commit is contained in:
@@ -0,0 +1,36 @@
|
||||
Burp Suite proxy interception and configuration
|
||||
Burp Suite Repeater manual request modification
|
||||
Burp Suite Intruder automated parameter fuzzing
|
||||
Burp Suite Decoder encoding and decoding tools
|
||||
Burp Suite Comparer response analysis
|
||||
Burp Suite Sequencer token randomness analysis
|
||||
Burp Suite Spider web crawling and content discovery
|
||||
Burp Suite Scanner automated vulnerability detection
|
||||
Burp Suite Extender BApp store plugins
|
||||
Burp Suite session handling rules configuration
|
||||
Burp Suite macro and scripted login sequences
|
||||
Burp Suite TLS pass-through and certificate configuration
|
||||
Burp Suite Collaborator client for out-of-band detection
|
||||
Burp Suite WebSocket message interception
|
||||
Burp Suite Inspector analysis of requests and responses
|
||||
Burp Suite engagement tools for target scope management
|
||||
Burp Suite project options and global settings
|
||||
Burp Suite headless mode for CI/CD integration
|
||||
Burp Suite REST API for automation
|
||||
Burp Suite JWT Editor extension for token manipulation
|
||||
Burp Suite Turbo Intruder for high-speed brute force
|
||||
Burp Suite Autorize extension for authorization testing
|
||||
Burp Suite CSRF token handling during scanning
|
||||
Burp Suite clickbandit for clickjacking PoC generation
|
||||
Burp Suite Embedded Browser for authenticated scanning
|
||||
Burp Suite OpenAPI scanning for API security testing
|
||||
Burp Suite GraphQL introspection and query analysis
|
||||
Burp Suite custom input validation rules
|
||||
Burp Suite live audit from proxy traffic
|
||||
Burp Suite scheduled scan configuration
|
||||
Burp Suite WebSockets history and analysis
|
||||
Burp Suite active scan configuration and tuning
|
||||
Burp Suite passive scan versus active scan
|
||||
Burp Suite target scope definition and filtering
|
||||
Burp Suite site map and content discovery
|
||||
Burp Suite search across all traffic and findings
|
||||
@@ -0,0 +1,37 @@
|
||||
Hashcat hash mode selection for common hash types
|
||||
Hashcat attack modes: dictionary combinator brute force hybrid
|
||||
Hashcat rule-based attack with custom rule files
|
||||
Hashcat mask attack for targeted password patterns
|
||||
Hashcat GPU acceleration with OpenCL and CUDA
|
||||
Hashcat performance optimization and benchmark mode
|
||||
Hashcat session management and restore capability
|
||||
Hashcat potfile management and cracked password database
|
||||
Hashcat wordlist generation and mangling techniques
|
||||
Hashcat kernel tuning for specific GPU architectures
|
||||
John the Ripper wordlist attack and configuration
|
||||
John the Ripper single crack mode using login information
|
||||
John the Ripper incremental mode for exhaustive brute force
|
||||
John the Ripper rules for password mutation
|
||||
John the Ripper external mode with custom cracking functions
|
||||
John the Ripper 2john extractor tools for various file formats
|
||||
John the Ripper zip2john rar2john pdf2john usage
|
||||
John the Ripper keepass2john ssh2john office2john usage
|
||||
John the Ripper unshadow utility for Unix password cracking
|
||||
John the Ripper LM and NTLM Windows hash cracking
|
||||
John the Ripper session restore and benchmarking
|
||||
John the Ripper parallel processing and forking
|
||||
BloodHound SharpHound data collection from Active Directory
|
||||
BloodHound Cypher query language basics and syntax
|
||||
BloodHound shortest path to domain admin analysis
|
||||
BloodHound custom Cypher queries for advanced analysis
|
||||
BloodHound ACE abuse and ACL attack path identification
|
||||
BloodHound Kerberoasting and AS-REP roasting detection
|
||||
BloodHound DCSync attack path detection
|
||||
BloodHound group membership analysis for privilege escalation
|
||||
BloodHound computer session enumeration for lateral movement
|
||||
BloodHound GPO abuse and policy exploitation paths
|
||||
BloodHound certificate abuse ESC1 through ESC8 detection
|
||||
BloodHound AzureHound for Entra ID enumeration
|
||||
BloodHound Neo4j database optimization for large environments
|
||||
BloodHound custom edge detection and relationship analysis
|
||||
BloodHound ACL analysis for tier 0 asset protection
|
||||
@@ -0,0 +1,50 @@
|
||||
Metasploit msfconsole basic commands and navigation
|
||||
Metasploit exploit module selection and configuration
|
||||
Metasploit payload types: staged vs stageless
|
||||
Metasploit Meterpreter post-exploitation commands
|
||||
Metasploit auxiliary scanner module usage
|
||||
Metasploit post-exploitation modules for privilege escalation
|
||||
Metasploit database and workspace management
|
||||
Metasploit resource scripts for automation
|
||||
Metasploit evasion module for AV bypass
|
||||
Metasploit encoder selection and payload generation
|
||||
Metasploit msfvenom payload creation for various platforms
|
||||
Metasploit handler configuration for reverse connections
|
||||
Metasploit pivot routing through compromised hosts
|
||||
Metasploit SMB and Kerberos authentication attacks
|
||||
Metasploit Web application exploit modules
|
||||
Metasploit PHP and Python payload delivery
|
||||
Metasploit Android payload generation and deployment
|
||||
Metasploit PowerShell payload delivery techniques
|
||||
Metasploit macro-based Office document payloads
|
||||
Metasploit HTTP and HTTPS listener configuration
|
||||
Metasploit session management and backgrounding
|
||||
Metasploit railgun for Windows API interaction
|
||||
Metasploit incognito token manipulation
|
||||
Metasploit kiwi mimikatz integration for credential dumping
|
||||
Metasploit hashdump and pass-the-hash attacks
|
||||
Metasploit port scanning and service enumeration
|
||||
Metasploit SMB version scanning and vulnerability detection
|
||||
Metasploit auxiliary module for SNMP enumeration
|
||||
Metasploit ARP scanning and network discovery
|
||||
Metasploit domain enumeration with ldap modules
|
||||
Metasploit MSSQL and MySQL database modules
|
||||
Metasploit SSH brute force and authentication bypass
|
||||
Metasploit FTP and HTTP login scanners
|
||||
Metasploit payload encoding with shikata_ga_nai
|
||||
Metasploit custom module development in Ruby
|
||||
Metasploit module mixins and library usage
|
||||
Metasploit post-exploitation persistence techniques
|
||||
Metasploit auto-run scripts for session automation
|
||||
Metasploit nmap integration for target discovery
|
||||
Metasploit Nexpose integration for vulnerability scanning
|
||||
Metasploit reporting and evidence collection
|
||||
Metasploit loot management for collected data
|
||||
Metasploit cleanup procedures after engagement
|
||||
Metasploit update and module sync from git
|
||||
Metasploit Docker deployment for isolated lab
|
||||
Metasploit staging payloads to bypass size limits
|
||||
Metasploit EICAR test payload verification
|
||||
Metasploit JNDI/Log4Shell detection modules
|
||||
Metasploit EternalBlue exploit configuration and limitations
|
||||
Metasploit noop sled and buffer alignment techniques
|
||||
@@ -0,0 +1,31 @@
|
||||
Nessus vulnerability scan configuration and policy creation
|
||||
Nessus credential-based scanning for authenticated assessment
|
||||
Nessus scan template selection for different environments
|
||||
Nessus plugin family management and custom plugin sets
|
||||
Nessus compliance scanning for CIS benchmarks
|
||||
Nessus web application scanning configuration
|
||||
Nessus agent-based scanning for remote assets
|
||||
Nessus scan results analysis and reporting
|
||||
Nessus custom audit files for compliance
|
||||
Nessus API automation for programmatic scanning
|
||||
Nessus integration with vulnerability management platforms
|
||||
Nessus scan zones and distributed scanning
|
||||
Nuclei scanner installation and basic usage
|
||||
Nuclei YAML template structure and syntax
|
||||
Nuclei template protocol support HTTP DNS TCP SSL
|
||||
Nuclei custom template creation for vulnerability detection
|
||||
Nuclei template severity classification and tagging
|
||||
Nuclei workflow and multi-step template chains
|
||||
Nuclei fuzzing with payload sets and matchers
|
||||
Nuclei integration with CI/CD pipelines
|
||||
Nuclei nuclei-templates community repository usage
|
||||
Nuclei template update and version management
|
||||
Nuclei targeted scanning with specific template filters
|
||||
Nuclei rate limiting and concurrency configuration
|
||||
Nuclei output formats JSON markdown SARIF
|
||||
Nuclei headless mode for JavaScript template execution
|
||||
Nuclei template testing and debugging workflow
|
||||
Nuclei code template execution for custom logic
|
||||
Nuclei network and TCP protocol scanning templates
|
||||
Nuclei SSL/TLS certificate checking templates
|
||||
Nuclei cloud misconfiguration templates AWS Azure GCP
|
||||
Reference in New Issue
Block a user