This commit is contained in:
frostyripper1
2026-06-17 12:39:42 +02:00
parent 927528a34b
commit ed7b31a69e
371 changed files with 18594 additions and 16607 deletions
+348
View File
@@ -0,0 +1,348 @@
nmap scanning techniques and common flags
nmap OS detection and service version detection
nmap NSE script usage for vulnerability scanning
masscan usage for large-scale port scanning
netcat usage for port scanning and banner grabbing
port scanning with PowerShell
understanding TCP connect scan vs SYN scan
UDP port scanning techniques
evading firewalls with fragmented packets and decoys
service fingerprinting and banner grabbing
Wireshark packet capture and filter syntax
tcpdump command-line packet analysis
network traffic analysis for suspicious patterns
identifying open ports and services on a network
network mapping with traceroute and path analysis
SNMP enumeration for network device information
SMTP enumeration for user enumeration
DNS enumeration with dig and nslookup
subdomain enumeration techniques
virtual host discovery for web applications
SSL/TLS certificate analysis and misconfiguration detection
Shodan search queries for finding exposed devices
Google dorking techniques for reconnaissance
OSINT techniques for penetration testing
theHarvester usage for email and domain reconnaissance
recon-ng framework for automated reconnaissance
maltego usage for relationship analysis
social media OSINT gathering techniques
whois lookups and DNS history analysis
gathering information from public sources
SQL injection detection and exploitation
SQLmap usage for automated SQL injection
blind SQL injection techniques
time-based SQL injection exploitation
error-based SQL injection techniques
NoSQL injection attacks
second-order SQL injection
bypassing WAF for SQL injection
extracting data from databases via SQL injection
preventing SQL injection in web applications
Cross-Site Scripting (XSS) types and exploitation
stored XSS vs reflected XSS vs DOM-based XSS
XSS payload crafting and bypass techniques
exploiting XSS to steal cookies and session data
Content Security Policy (CSP) bypass techniques
preventing XSS vulnerabilities in web applications
Burp Suite proxy setup and usage
Burp Suite intruder for automated parameter fuzzing
Burp Suite repeater for manual request manipulation
Burp Suite scanner for automated vulnerability detection
Burp Suite extensions and BApp store
OWASP ZAP usage for web application scanning
web application directory brute-forcing with dirb and gobuster
parameter fuzzing for hidden endpoints
API endpoint discovery and testing
REST API security testing techniques
GraphQL API vulnerability testing
JWT token manipulation and attacks
CSRF attack and prevention techniques
SSRF (Server-Side Request Forgery) exploitation
XXE (XML External Entity) injection attacks
file inclusion vulnerabilities (LFI/RFI)
command injection detection and exploitation
template injection (SSTI) attacks
deserialization attacks in web applications
race condition exploitation
HTTP request smuggling techniques
web cache poisoning and deception
IDOR (Insecure Direct Object Reference) exploitation
broken authentication and session management testing
multi-factor authentication bypass techniques
OAuth 2.0 security testing
open redirect vulnerabilities
CORS misconfiguration exploitation
WebSocket security testing
server-side JavaScript injection
LDAP injection attacks
XPath injection techniques
metasploit basic commands and modules
metasploit payload generation with msfvenom
meterpreter post-exploitation commands
metasploit resource scripts for automation
exploit research and development basics
finding and using public exploits
compiling and modifying exploit code
buffer overflow exploitation basics
stack-based buffer overflow attacks
heap-based overflow techniques
SEH overwrite exploitation
return-oriented programming (ROP) basics
bypassing DEP and ASLR
shellcode development fundamentals
Windows kernel exploitation basics
Linux kernel exploitation techniques
Windows privilege escalation techniques
Linux privilege escalation techniques
kernel exploit identification for privilege escalation
service misconfiguration privilege escalation
scheduled task and cron job abuse
SUID and GUID binary exploitation
sudo misconfiguration exploitation
DLL hijacking for privilege escalation
unquoted service path exploitation
always install elevated registry abuse
token manipulation for privilege escalation
SeImpersonate and SeAssignPrimaryToken abuse
UAC bypass techniques
Linux capabilities abuse for escalation
Active Directory enumeration attacks
BloodHound usage for Active Directory mapping
active directory certificate services abuse
Kerberos attacks (Kerberoasting, AS-REP roasting)
golden ticket and silver ticket attacks
pass-the-hash and pass-the-ticket attacks
DCSync attack explained
SMB relay attacks
NTLM relay and NTLMv2 cracking
Active Directory delegation abuse
group policy object exploitation
domain controller exploitation techniques
cross-forest trust attacks
active directory federation services attacks
LAPS security analysis
password spraying in Active Directory
SMB enumeration and null session attacks
NetBIOS and LLMNR poisoning
Responder usage for network poisoning
IPv6 rogue DHCP and DNS attacks
password cracking with hashcat rules
john the ripper usage for password cracking
rainbow table attacks and defense
online password brute-forcing with hydra
offline password cracking techniques
dictionary attacks vs brute-force attacks
mimikatz usage for credential dumping
lsass dump techniques
Windows credential manager exploitation
Kerberos ticket extraction techniques
DPAPI abuse for credential theft
browser credential theft techniques
Wi-Fi password cracking with aircrack-ng
WPA3 security analysis
WPS pin brute-forcing
Evil Twin attack setup
Rogue access point deployment
Wi-Fi deauthentication attacks
Bluetooth security testing
NFC and RFID security analysis
SDR security testing fundamentals
GSM and LTE security basics
IoT security testing methodologies
ICS/SCADA security testing
automotive security testing basics
hardware hacking tools and techniques
JTAG and UART interface exploitation
firmware analysis and reverse engineering
TiK and TiKTok analysis
physical security assessment techniques
social engineering attack vectors
phishing campaign setup with GoPhish
spear phishing techniques
pretexting for social engineering
vishing and smishing attacks
physical tailgating and badge cloning
lock picking fundamentals for pentesters
HID attack tools (rubber ducky, bash bunny)
USB drop attack methodology
C2 (Command and Control) infrastructure setup
listener configuration for reverse shells
bind shell vs reverse shell explained
staged vs stageless payloads
DNS tunneling for C2 communication
HTTPS beaconing techniques
domain fronting for C2 hiding
cobalt strike beacon basics
empire framework for post-exploitation
Sliver C2 framework overview
PoshC2 usage
covenant C2 setup and usage
payload obfuscation and packers
encoding techniques for payload delivery
process injection techniques
reflective DLL injection
process hollowing detection and creation
APC injection explained
syscall direct execution for EDR bypass
ETW patching for evasion
AMSI bypass techniques
powershell obfuscation and evasion
Windows Defender and AV evasion
userland API hooking detection
sandbox detection and evasion
VM detection techniques
timing-based anti-analysis
log cleaning and forensic countermeasures
indicator removal on compromised systems
timestomp techniques for file timestamp manipulation
persistence mechanisms on Windows
persistence mechanisms on Linux
scheduled task persistence
WMI persistence techniques
registry run key persistence
startup folder persistence
service persistence on Windows
LD_PRELOAD persistence on Linux
.ssh authorized_keys backdoor
cron job persistence
log rotation and flushing
cover your tracks checklist
post-exploitation enumeration commands
lateral movement techniques in Windows
lateral movement with PowerShell remoting
RDP hijacking and pass-the-hash for lateral movement
SMB and WMI for lateral movement
PsExec usage for remote command execution
lateral movement with scheduled tasks
SSH tunneling for lateral movement
port forwarding and proxy chains
socks proxy setup with ssh
ssh local and remote port forwarding
iptables usage for traffic forwarding
chisel tunnel setup
ligolo-ng tunnelling
Proxychains configuration
metasploit routing through compromised hosts
pivoting through multiple hosts
data exfiltration techniques
DNS exfiltration methods
ICMP exfiltration techniques
HTTPS exfiltration for stealth
covert channel establishment
steganography for data hiding
file transfer techniques in restricted networks
common Windows logging mechanisms
event log analysis for incident detection
Sysmon usage for advanced monitoring
Windows Event IDs for security monitoring
Linux auditd configuration for monitoring
command logging and bash history analysis
network flow analysis for anomaly detection
IDS and IPS evasion techniques
detecting network scans and port scans
honeypot deployment strategies
MITER ATT&CK framework overview
understanding TTPs in penetration testing
Lockheed Martin Cyber Kill Chain
Diamond Model of intrusion analysis
pyramid of pain for adversary detection
penetration testing report writing
executive summary writing for pentest reports
technical findings documentation for pentests
remediation recommendations for vulnerabilities
risk rating methodologies (CVSS)
evidence collection and chain of custody
professional pentest report templates
penetration testing methodology overview
PTES (Penetration Testing Execution Standard)
OWASP Testing Guide overview
OSSTMM methodology
PCI DSS penetration testing requirements
SOC 2 penetration testing scope
red team vs blue team vs purple team
purple team exercise methodology
adversary emulation planning
tabletop exercise facilitation
rules of engagement for pentests
scope definition in penetration testing
third-party vendor risk assessment
cloud penetration testing basics
AWS security assessment techniques
Azure penetration testing methods
GCP security testing approaches
container security testing with Docker
Kubernetes security assessment
serverless application security testing
cloud IAM privilege escalation
cloud storage bucket enumeration
AWS SSM agent abuse for pentesting
Docker escape techniques
container breakout vulnerabilities
Kubernetes RBAC misconfiguration exploitation
service mesh security testing
CI/CD pipeline security assessment
infrastructure as code security review
Terraform security scanning
Kubernetes pod security policy review
OWASP Top 10 vulnerabilities explained
SANS Top 25 software errors
CWE classification system
understanding CVE scoring
responsible disclosure process
zero-day vulnerability discovery process
fuzzing techniques for vulnerability discovery
static application security testing (SAST)
dynamic application security testing (DAST)
interactive application security testing (IAST)
software composition analysis for open source risks
supply chain security attacks
malware analysis fundamentals
static malware analysis techniques
dynamic malware analysis in sandbox
ransomware analysis and decryption
trojan and backdoor analysis
rootkit detection techniques
memory forensics with volatility
disk forensics with Autopsy and Sleuth Kit
network forensics for incident response
PCAP analysis for forensic investigation
timeline analysis in forensic investigations
Windows registry forensics
prefetch and recent files forensics
USB device history forensics
email header analysis for phishing investigations
web proxy log analysis
firewall log analysis for security incidents
SQLite database forensics
mobile device forensics basics
iOS security testing limitations
Android application security testing
mobile API security testing
mobile app reverse engineering with jadx
Frida usage for dynamic instrumentation
bypassing SSL pinning in mobile apps
Android APK decompilation and analysis
iOS IPA analysis techniques
iOS jailbreak detection bypass
Android root detection bypass
wireless logical acquisition for mobile devices
exploit development with pwntools
return-oriented programming (ROP) chain construction
heap feng shui techniques
format string vulnerability exploitation
integer overflow attacks
use-after-free exploitation
double-free vulnerability analysis
arm exploitation basics
MIPS architecture exploitation basics
windows exploit development with WinDbg
Linux exploit development with GDB
Python exploit scripting for penetration testing
PowerShell scripting for pentesting
Bash scripting for Linux automation
Windows batch scripting for automation
JavaScript for web exploitation
Ruby for Metasploit module development
C for low-level exploit development
Go programming for pentesting tools
Rust programming for security tools