Skip to content
MichalSzalkowski.com/security
WebAssembly
Initializing search
MichalSzalkowski.com/security
Home
Bruteforce
CVE
File transfer
Kali
Active directory
Active directory
Information gathering
Initial Attack Vectors
Attack with first user
Post Enumeration
Pass the hash
Pass the password
Pass the ticket
Overpass the hash
Kerberoasting
DCSync
Abusing ACLs
ASREPRoasting
ExtraSids from linux
ExtraSids from windows
Lateral Movement
NoPac
Binary
Binary
mingw32
ret2libc - 32-bit Exploit
ret2libc - 64-bit Exploit
Binary exploit toolkit
Cheat sheet
Cheat sheet
Cheat-sheet: Active Directory
Cheat-sheet: Pivoting, Tunneling, and Port Forwarding
Cheat-sheet: SQL Injection
Client side attacks
Client side attacks
Abusing Windows Library Files
MS Word Macro
Cloud
Cloud
Azure
Enumeration
Enumeration
Enumeration asn
Enumeration dns
Enumeration email
Enumeration linux
Enumeration net
Enumeration osint
Enumeration port
Enumeration subdomain
Enumeration vhost
Enumeration web
Reconnaissance
K8s
K8s
kubectl
Internal recon
kubeaudit
kube-hunter
K8s kubescape
K8s API access from pod
K8s attack scenario
K8s what can I do with kubectl
K8s container escape 2
K8s container escape
K8s hacking 10250
K8s kube-bench as pod
K8s kube-hunter as pod
K8s List security context settings for all running pods/containers
K8s minikube
K8s finding exposed ports
K8s security best practices 2
K8s security best practices
K8s - Service - NodePort
Laboratory
Laboratory
CTF
DVWA
HandsOnHacking
Insecure bank
Kubernetes goat
Metasploitable1
Metasploitable2
Metasploitable3
Mutillidae
Vulnerable
Webgoat 7.1
Webgoat 8.0
Links
Links
AD laboratory
Links
Linux
Linux
Bash
Information gathering
Leverage LD_PRELOAD
Linux Privilege Escalation - docker
Privilege Escalation
Spawning a TTY shell
Other
Other
DirtyPipe
Passswd & shaddow
On liners
Reverse shell
SUDO - library path
SUDO - preload
SUID / SGID
Metasploit
Metasploit
msfvenom
Mitm
Mitm
MITM: ARP spoofing
MITM: DNS spoofing
MITM: HTTPS spoofing
MITM: IP spoofing
MITM: SSL hijacking
MITM: SSL stripping
Notes
Notes
API Security Testing
WEB Penetration testing
Payload
Payload
Cmd
Content type all
Content type common
Domains
Event handlers
fuzz.txt
Overflow
Path traversal
Single
SQL injection
Server Side Request Forgery (SSRF)
Server Side Template Injection (SSTI) Jinja2
XML External Entity (XEE)
XML bomb attack
Cross Site Scripting (XSS)
YAML bomb attack
Pentesting mobile
Pentesting mobile
Android
Android
Laboratory - Android
Reverse engineering - Android
Iphone
Iphone
Reverse Engineering - iPhone
Pentesting ports
Pentesting ports
1099,1100 – Pentesting java rmi
110 - Pentesting pop
111 - Pentesting rpc
113 - Pentesting Ident
123 - Pentesting ntp
135,593 - Pentesting MS-RPC
139,445 - Pentesting smb
143,993 - Pentesting imap
1433 - Pentesting mssql
1521 - Pentesting oracle
161 - Pentesting snmp
194,6660-7000 – Pentesting irc
1978 - Pentesting tftp
2049 - Pentesting nfs
21 - Pentesting ftp
22 - Pentesting ssh
23 - Pentesting telnet
25 - Pentesting smtp
27017 - Pentesting mongo
3128 - Pentesting Squid
3306 - Pentesting mysql
3389 - Pentesting rdp
3632 - Pentesting distccd
389,636,3268,3269,9389 - Pentesting ldap
512 - Pentesting rlogin
53 - Pentesting dns
5432 - Pentesting postgres
5800,5801,5900,5901 - Pentesting vnc
5985,5986 - Pentesting winrm
6379 - Pentesting redis
69 - Pentesting tftp
79 - Pentesting finger
873 - Pentesting rsync
88,464 - Pentesting kerberos
Pentesting web
Pentesting web
Cms
Cms
CMS Made Simple
Drupal
Umbraco CMS 7.12.4
Wordpress
Other
Other
0xdf.scf
GIF89a
CGI
ColdFusion 8
cors
Couch db
File inclusion
File Upload bypass (.htaccess)
file-upload
Grafana
iframe
index of
JWT
lxd/lxc group
Magento
Microsoft-IIS/7.5
nagios
NoSql
PHP LFI with RCE
phpinfo
postfix-shellshock
postMessage
Python RCE
WebAssembly
WebAssembly
Table of contents
ToolKit
Services
Services
Apache Tomcat
Jenkins
PhpMyAdmin
WebDav
Vulnerabilities
Vulnerabilities
Clickjacking
Command Injection
Cross Site Request Forgery (CSRF)
IDOR
Server-side request forgery (SSRF)
SQL injection
XSS in Markdown
Cross-site scripting (XSS)
Pivoting tunneling port forwarding
Pivoting tunneling port forwarding
Chisel - SOCKS5 Port forwarding - Linux
Chisel - SOCKS5 Tunneling - Linux
Chisel - SOCKS5 Tunneling - Windows (rev)
Chisel - SOCKS5 Tunneling - Windows
DNS Tunneling with Dnscat2
ICMP Tunneling with SOCKS
Meterpreter local port forwarding
Meterpreter reverse port forwarding
Meterpreter tunneling
Port Forwarding with Windows Netsh
Port forward (windows)
Socat Redirection with a Bind Shell
Socat Redirection with a Reverse Shell
Dynamic port forwarding with SSH
SSH local port forwarding
SSH remote port forwarding example 2
SSH remote port forwarding
Web Server Pivoting with Rpivot
Script
Script
Domain to IP
Domain to code status
Domain to page title
IP - geoiplookup.py - statistic
IP - geoiplookup.py
IP - geoiplookup.sh
oAuth2 - Client Credentials
oAuth2 - PKCE
Php reverse shell
Server http
Server https
Test html comments
Test HTTP Methods
Test RIA cross domain policy
Server and X-Powered-By Tester
windows_dll.c
windows-service.c
Serialization
Serialization
DotNetNuke Cookie Deserialization
.Net XML Serializer / Deserializer (example 1)
.Net XML Serializer / Deserializer (example 2)
.Net XML Serializer / Deserializer (example 3)
Java Deserializer (example 1)
Java Deserializer (example 2)
Java Deserializer (example 3)
Sso
Sso
OAuth 2.0 - Security
OAuth 2.0
SAML 2.0
Jwt
Jwt
Stop using JWT for sessions, part 2: Why your solution doesn't work
Stop using JWT for sessions
Stego
Stego
Tool
Tool
American fuzzy lop
Amass
AutoRecon
Censys
cewl
Chkrootkit
Curl
curlx.sh
Microsoft Access Database
Digbit
Dirb
DnsEnum
ffuf
Firefox
pure-ftpd
ftp
ghauri
GHDB - Google hacking database
GIT Dumper
Gobuster
Hashcat
Host tracker
hping3
hydra
IP
John
Midnight Commander / MC
MongoDB
neo4j
Netcat
nikto
nishang
Nmap
PEASS-ng
PHP
ping
PRET
protoc
pwntools
Python
RKhunter
scp
Sherlock.ps1
Socat
Sqlmap
SSL
Tcpdump
Tweep
unicornscan
wget.vbs
wgetx.sh
Wordpress check
xfreerdp
xml
Windows
Windows
CMD & PowerShell
Information gathering
Local Persistence
Privilege Escalation
Tools
Tools
PowerUp.ps1
PowerUpSQL
PowerView.ps1
RoguePotato
Rubeus.exe
Bloodhound CE
BloodHound
crackmapexec
winrm
hashgrab
Hta reverse sell
impacket
Inveigh
kerbrute
mimikatz
netcat.exe
Powercat
PowerShell ActiveDirectory Module
Responder
RPCclient
RunasCs
SharpView
SMBMap
Snaffler
winPEAS.exe
Windapsearch
winexe
Table of contents
ToolKit
WebAssembly
ToolKit
https://github.com/WebAssembly/wabt