Privilege Escalation

• Ansible Playbook Privilege Escalation
• Apache Conf Privilege Escalation
• Bash eq Privilege Escalation
• Buffer Overflow Privilege Escalation
• Chrome Remote Debugger Pentesting
• Ghidra Debug Mode RCE
• Gnuplot Privilege Escalation
• Linux Privilege Escalation
• Mozilla Pentesting
• OpenSSL Privilege Escalation
• Pip Download Code Execution
• PolKit Privilege Escalation
• Python Eval Code Execution
• Python Jails Escape
• Python Privilege Escalation
• Python Yaml Privilege Escalation
• Ruby Privilege Escalation
• Rust Privilege Escalation

Sudo PrivEsc

• Sudo ClamAV Privilege Escalation
• Sudo Dstat Privilege Escalation
• Sudo Exiftool Privilege Escalation
• Sudo Fail2ban Privilege Escalation
• Sudo Git Privilege Escalation
• Sudo Java Privilege Escalation
• Sudo OpenVPN Privilege Escalation
• Sudo Path Traversal Privilege Escalation
• Sudo Privilege Escalation
• Sudo Privilege Escalation by Overriding Shared Library
• Sudo Reboot Privilege Escalation
• Sudo Screen Privilege Escalation
• Sudo Service Privilege Escalation
• Sudo Shutdown, Poweroff Privilege Escalation
• Sudo Systemctl Privilege Escalation
• Sudo Tee Privilege Escalation

Active Directory

• AD CS (Active Directory Certificate Services) Pentesting
• AS-REP Roasting
• Active Directory Pentesting
• BloodHound SharpHound for Active Directory
• Kerberos Pentesting
• LAPS (Local Administrator Password Solution) Pentesting
• LDAP (Lightweight Directory Access Protocol) Pentesting
• NTLM (New Technology LAN Manager) Pentesting
• Netlogon Elavasion of Privilege
• SMB (Server Message Block) Pentesting

Protocols

• MSRPC (Microsoft Remote Procedure Call) Pentesting
• RDP (Remote Desktop Protocol) Pentesting
• WinRM (Windows Remote Management) Pentesting

Privilege Escalation

• Iperius Backup Service Privilege Escalation
• ManageEngine ADSelfService Plus PrivEsc
• Mimikatz
• Outlook Reminder Privilege Escalation
• UAC Windows Privilege Escalation
• Windows PrivEsc with Potatoes
• Windows PrivEsc with Registry Keys
• Windows PrivEsc with SeBackupPrivilege
• Windows PrivEsc with Unquoted Service Path
• Windows Privilege Escalation

Methods

• HTTP Rate Limit Bypass
• Virtual Hosts (VHOSTS) Enumeration
• WAF (Web Application Firewall) Detection
• Web Basic Pentesting
• Web Content Discovery
• Web Login Bypass

Security Risks

• Blind XXE
• Broken Access Control
• Business Logic Attack
• CORS (Cross-Origin Resource Sharing) Attack
• CRLF (Carriage Return Line Feed) Injection
• CSRF (Cross-Site Request Forgery)

CMS

• Bolt CMS Pentesting
• CMS (Content Management System) Pentesting
• Cockpit CMS Pentesting
• Concrete CMS Pentesting
• FUEL CMS Pentesting
• Joomla CMS Pentesting

Frameworks

• AJP (Apache JServ Protocol) Pentesting
• Angular Pentesting
• Apache Struts Pentesting
• Django Pentesting
• Flask Jinja2 Pentesting
• Python Pickle RCE

API

• API Pentesting
• GraphQL Pentesting

Protocols

• Dynamic Host Configuration Protocol (DHCP) Pentesting
• FTP (File Transfer Protocol) Pentesting
• IRC (Internet Relay Chat) Pentesting
• Memcache Pentesting
• Modbus Pentesting
• NFS (Network File System) Pentesting
• NTP (Network Time Protocol) Pentesting
• RTSP (Real Time Streaming Protocol) Pentesting

Port Forwarding

• Port Forwarding with Chisel
• Port Forwarding with Plink
• Port Forwarding with SSH
• Port Forwarding with Socat

WiFi

• Evil Twin Attack
• MITM (Man in the Middle) Attack
• WiFi Hacking
• WiFi Password Recovery

Attack

• Adobe PDF Attack
• Anonymize Traffic with Tor

Others

• ARP (Address Resolution Protocol) Spoofing
• Apache Hadoop Pentesting
• EthernetIP Pentesting
• FastCGI Pentesting
• Firewall
• Honeypots
• MAC Flooding Attack
• Network Traffic Analysis (NTA)

• Binary Exploitation
• Binary Exploitation with Buffer Overflow
• Binary Exploitation with Canary Bypass
• Binary Exploitation with Format String
• Binary Exploitation with GOT
• Binary Exploitation with ROP
• Binary Exploitation with Race Conditions
• Binary Exploitation with Time Guessing
• Binary Exploitation with ret2libc
• Binary Exploitation with ret2plt
• Pwntools Cheat Sheet

• CouchDB Pentesting
• InfluxDB Pentesting
• MSSQL (Microsoft SQL) Pentesting
• MongoDB Pentesting
• MySQL Pentesting
• Neo4j Pentesting
• PostgreSQL Pentesting
• Redis Pentesting
• SQLite Pentesting

Docker

• Docker Engine API Pentesting
• Docker Escape
• Docker Pentesting
• Docker Registry Pentesting
• Moby Docker Engine PrivEsc

Kubernetes

• Kubernetes Pentesting
• MicroK8s Pentesting

Algorithm

• AES (Advanced Encryption Standard)
• AES-CBC Bit Flipping Attack
• AES-CBC Padding Oracle Attack
• AES-ECB Padding Attack
• Ansible Vault Secret
• Atbash Cipher
• Base32, Base64
• Caesar Cipher
• Camellia Cipher
• Certificates
• Cryptography
• Diffie-Hellman Key Exchange
• ECC (Elliptic Curve Cryptography)
• ECDSA (Elliptic Curve Digital Signature Algorithm)
• Fernet
• GPG (GNU Privacy Guard)
• HMAC
• KDBX Files
• Length Extension Attack
• MD4, MD5

Key Derivation Function

• Bcrypt
• PBKDF2
• Scrypt

Tools

• John the Ripper

• AV (Antivirus) Evasion
• LibreOffice Macros
• Maldoc Analysis
• Malware Analysis
• Malware Detection on Windows
• Malware Dynamic Analysis with REMnux
• Malware Static Analysis
• NPM Supply Chain Attack
• Sigma Rules
• Splunk Pentesting
• URL Defanging

Computer Vision

• Adversarial Attack with FGSM (Fast Gradient Signed Method)
• Image Investigation
• Image Manipulation
• Image Recognition Bypass

LLM

• LLM Prompt Injection

Preprocessing

• CSV Data Manipulation
• Dimensionality Reduction

Clustering

• Finding Optimal Number of Clusters

Model

• ML Model Investigation
• Model Inversion Attack