Home
Red Team
Anonymity
Anonymity
Information Gathering
Active Gathering
Passive Gathering
Exploitation
Android Exploitation
Linux Exploitation
Windows Exploitation
Network
Application
Web Exploitation
Post-Exploitation
Linux Post-Exploitation
WIndows Post-Exploitation
Cleaning Tracks
Red Team Operations
Reporting
Tools
Blue-Team
OS
Linux OS
Linux Management
Linux Commands
Linux Misc
Windows OS
Windows Commands
Windows Misc
Windows Management
Device Configuration
Labs
Labs
About
Exploitation
Linux - Exploitation
FTP Anonymous login
CVE
Dirtycow - privilege escalation - CVE-2016-5195
Windows - Exploitation
LLMNR / NBT-NS Poisoning (Responder tool)
Web Application
Testing Web application authentication tips
Bypass 30X redirect with BurpSuite
Server-side HTTP Redirection
Path Traversal (LFI - RFI)
Basics of Path Traversal
Testing LFI to RCE using auth.log (SSH) poisoning with Mutillidae & BurpSuite
Injection
Basics Of SQL Injection
Advanced SQL Injection: Union based
Blind SQL injection
Basic XPath Injection
Basic Command injection
SMTP Injection attack
File Upload
Local file upload - Magic byte change file type
Access Control
Access control: Account highjacking with Mutillidae
Access control RFI & Reading file function exploitation + reverse shell with Mutillidae and BurpSuite
Session Management
Session Management DVWA
Attacking & Securing Session Management
Authentication
Testing Web application authentication tips
CMS
Reverse shell on any CMS
Network
SSH Port Forwarding
Social Engineering
How to use Veil to create payloads
