MichalSzalkowski.com/security
Enumeration osint
Initializing search
    • Home
    • Bruteforce
    • CVE
    • File transfer
    • Kali
      • Information gathering
      • Initial Attack Vectors
      • Attack with first user
      • Post Enumeration
      • Pass the hash
      • Pass the password
      • Pass the ticket
      • Overpass the hash
      • Kerberoasting
      • DCSync
      • Abusing ACLs
      • ASREPRoasting
      • ExtraSids from linux
      • ExtraSids from windows
      • Lateral Movement
      • NoPac
      • mingw32
      • ret2libc - 32-bit Exploit
      • ret2libc - 64-bit Exploit
      • Binary exploit toolkit
      • Cheat-sheet: Active Directory
      • Cheat-sheet: Pivoting, Tunneling, and Port Forwarding
      • Cheat-sheet: SQL Injection
      • Abusing Windows Library Files
      • MS Word Macro
      • Azure
      • Enumeration asn
      • Enumeration dns
      • Enumeration email
      • Enumeration linux
      • Enumeration net
      • Enumeration osint
      • Enumeration port
      • Enumeration subdomain
      • Enumeration vhost
      • Enumeration web
      • Reconnaissance
    • K8s
      • kubectl
      • Internal recon
      • kubeaudit
      • kube-hunter
      • K8s kubescape
      • K8s API access from pod
      • K8s attack scenario
      • K8s what can I do with kubectl
      • K8s container escape 2
      • K8s container escape
      • K8s hacking 10250
      • K8s kube-bench as pod
      • K8s kube-hunter as pod
      • K8s List security context settings for all running pods/containers
      • K8s minikube
      • K8s finding exposed ports
      • K8s security best practices 2
      • K8s security best practices
      • K8s - Service - NodePort
      • CTF
      • DVWA
      • HandsOnHacking
      • Insecure bank
      • Kubernetes goat
      • Metasploitable1
      • Metasploitable2
      • Metasploitable3
      • Mutillidae
      • Vulnerable
      • Webgoat 7.1
      • Webgoat 8.0
      • AD laboratory
      • Links
      • Bash
      • Information gathering
      • Leverage LD_PRELOAD
      • Linux Privilege Escalation - docker
      • Privilege Escalation
      • Spawning a TTY shell
        • DirtyPipe
        • Passswd & shaddow
        • On liners
        • Reverse shell
        • SUDO - library path
        • SUDO - preload
        • SUID / SGID
      • msfvenom
    • Mitm
      • MITM: ARP spoofing
      • MITM: DNS spoofing
      • MITM: HTTPS spoofing
      • MITM: IP spoofing
      • MITM: SSL hijacking
      • MITM: SSL stripping
      • API Security Testing
      • WEB Penetration testing
      • Cmd
      • Content type all
      • Content type common
      • Domains
      • Event handlers
      • fuzz.txt
      • Overflow
      • Path traversal
      • Single
      • SQL injection
      • Server Side Request Forgery (SSRF)
      • Server Side Template Injection (SSTI) Jinja2
      • XML External Entity (XEE)
      • XML bomb attack
      • Cross Site Scripting (XSS)
      • YAML bomb attack
        • Laboratory - Android
        • Reverse engineering - Android
        • Reverse Engineering - iPhone
      • 1099,1100 – Pentesting java rmi
      • 110 - Pentesting pop
      • 111 - Pentesting rpc
      • 113 - Pentesting Ident
      • 123 - Pentesting ntp
      • 135,593 - Pentesting MS-RPC
      • 139,445 - Pentesting smb
      • 143,993 - Pentesting imap
      • 1433 - Pentesting mssql
      • 1521 - Pentesting oracle
      • 161 - Pentesting snmp
      • 194,6660-7000 – Pentesting irc
      • 1978 - Pentesting tftp
      • 2049 - Pentesting nfs
      • 21 - Pentesting ftp
      • 22 - Pentesting ssh
      • 23 - Pentesting telnet
      • 25 - Pentesting smtp
      • 27017 - Pentesting mongo
      • 3128 - Pentesting Squid
      • 3306 - Pentesting mysql
      • 3389 - Pentesting rdp
      • 3632 - Pentesting distccd
      • 389,636,3268,3269,9389 - Pentesting ldap
      • 512 - Pentesting rlogin
      • 53 - Pentesting dns
      • 5432 - Pentesting postgres
      • 5800,5801,5900,5901 - Pentesting vnc
      • 5985,5986 - Pentesting winrm
      • 6379 - Pentesting redis
      • 69 - Pentesting tftp
      • 79 - Pentesting finger
      • 873 - Pentesting rsync
      • 88,464 - Pentesting kerberos
        • CMS Made Simple
        • Drupal
        • Umbraco CMS 7.12.4
        • Wordpress
        • 0xdf.scf
        • GIF89a
        • CGI
        • ColdFusion 8
        • cors
        • Couch db
        • File inclusion
        • File Upload bypass (.htaccess)
        • file-upload
        • Grafana
        • iframe
        • index of
        • JWT
        • lxd/lxc group
        • Magento
        • Microsoft-IIS/7.5
        • nagios
        • NoSql
        • PHP LFI with RCE
        • phpinfo
        • postfix-shellshock
        • postMessage
        • Python RCE
        • WebAssembly
        • Apache Tomcat
        • Jenkins
        • PhpMyAdmin
        • WebDav
        • Clickjacking
        • Command Injection
        • Cross Site Request Forgery (CSRF)
        • IDOR
        • Server-side request forgery (SSRF)
        • SQL injection
        • XSS in Markdown
        • Cross-site scripting (XSS)
    • Pivoting tunneling port forwarding
      • Chisel - SOCKS5 Port forwarding - Linux
      • Chisel - SOCKS5 Tunneling - Linux
      • Chisel - SOCKS5 Tunneling - Windows (rev)
      • Chisel - SOCKS5 Tunneling - Windows
      • DNS Tunneling with Dnscat2
      • ICMP Tunneling with SOCKS
      • Meterpreter local port forwarding
      • Meterpreter reverse port forwarding
      • Meterpreter tunneling
      • Port Forwarding with Windows Netsh
      • Port forward (windows)
      • Socat Redirection with a Bind Shell
      • Socat Redirection with a Reverse Shell
      • Dynamic port forwarding with SSH
      • SSH local port forwarding
      • SSH remote port forwarding example 2
      • SSH remote port forwarding
      • Web Server Pivoting with Rpivot
      • Domain to IP
      • Domain to code status
      • Domain to page title
      • IP - geoiplookup.py - statistic
      • IP - geoiplookup.py
      • IP - geoiplookup.sh
      • oAuth2 - Client Credentials
      • oAuth2 - PKCE
      • Php reverse shell
      • Server http
      • Server https
      • Test html comments
      • Test HTTP Methods
      • Test RIA cross domain policy
      • Server and X-Powered-By Tester
      • windows_dll.c
      • windows-service.c
      • DotNetNuke Cookie Deserialization
      • .Net XML Serializer / Deserializer (example 1)
      • .Net XML Serializer / Deserializer (example 2)
      • .Net XML Serializer / Deserializer (example 3)
      • Java Deserializer (example 1)
      • Java Deserializer (example 2)
      • Java Deserializer (example 3)
      • OAuth 2.0 - Security
      • OAuth 2.0
      • SAML 2.0
      • Jwt
        • Stop using JWT for sessions, part 2: Why your solution doesn't work
        • Stop using JWT for sessions
    • Stego
      • American fuzzy lop
      • Amass
      • AutoRecon
      • Censys
      • cewl
      • Chkrootkit
      • Curl
      • curlx.sh
      • Microsoft Access Database
      • Digbit
      • Dirb
      • DnsEnum
      • ffuf
      • Firefox
      • pure-ftpd
      • ftp
      • ghauri
      • GHDB - Google hacking database
      • GIT Dumper
      • Gobuster
      • Hashcat
      • Host tracker
      • hping3
      • hydra
      • IP
      • John
      • MongoDB
      • neo4j
      • Netcat
      • nikto
      • nishang
      • Nmap
      • PEASS-ng
      • PHP
      • ping
      • PRET
      • protoc
      • pwntools
      • Python
      • RKhunter
      • scp
      • Sherlock.ps1
      • Socat
      • Sqlmap
      • SSL
      • Tcpdump
      • Tweep
      • unicornscan
      • wget.vbs
      • wgetx.sh
      • Wordpress check
      • xfreerdp
      • xml
      • CMD & PowerShell
      • Information gathering
      • Local Persistence
      • Privilege Escalation
        • PowerUp.ps1
        • PowerUpSQL
        • PowerView.ps1
        • RoguePotato
        • Rubeus.exe
        • Bloodhound CE
        • BloodHound
        • crackmapexec
        • winrm
        • hashgrab
        • Hta reverse sell
        • impacket
        • Inveigh
        • kerbrute
        • mimikatz
        • netcat.exe
        • Powercat
        • PowerShell ActiveDirectory Module
        • Responder
        • RPCclient
        • RunasCs
        • SharpView
        • SMBMap
        • Snaffler
        • winPEAS.exe
        • Windapsearch
        • winexe

    Enumeration osint

    • searchdns.netcraft
    • whois
    • google-hacking-database
    • recon-ng
    • gitrob
    • gitleaks
    • security headers
    • ssl test
    • pastebin
    • https://maildump.co
    • theHarvester
    • social-searcher
    • Twitter Words of Interest
    • linkedin2username
    • OSINT Framework