Skip to content
MichalSzalkowski.com/security
Initial access
Initializing search
MichalSzalkowski.com/security
Home
Bruteforce
Kali
Binary
Binary
mingw32
ret2libc - 32-bit Exploit
ret2libc - 64-bit Exploit
Binary exploit toolkit
Enumeration
Enumeration
Enumeration - ASN
Enumeration - DNS
Enumeration - Emails
Enumeration - Linux
Enumeration - Network
Enumeration - OSINT
Enumeration - Ports
Enumeration - Subdomain
Enumeration - Vhost
Enumeration - Web
Links
Links
Laboratory
Links
Linux
Linux
Bash
Information gathering
Leverage LD_PRELOAD
Port forward (linux)
Linux Privilege Escalation - docker
Privilege Escalation
Spawning a TTY shell
Other
Other
Passswd & shaddow
On liners
Reverse shell
SUDO - library path
SUDO - preload
SUID / SGID
Metasploit
Metasploit
msfvenom
Mitm
Mitm
MITM: ARP spoofing
MITM: DNS spoofing
MITM: HTTPS spoofing
MITM: IP spoofing
MITM: SSL hijacking
MITM: SSL stripping
Other
Other
Kali Docker
Pacu. iam__privesc_scan
Pentesting mobile
Pentesting mobile
Android
Android
Laboratory - Android
Reverse engineering - Android
Iphone
Iphone
Reverse Engineering - iPhone
Pentesting ports
Pentesting ports
1099,1100 – Pentesting rmi java
110 - Pentesting pop
111 - Pentesting rpc
113 - Pentesting Ident
135,593 - Pentesting MS-RPC
139,445 - Pentesting smb
143,993 - Pentesting imap
1433 - Pentesting mssql
1521 - Pentesting oracle
161 - Pentesting snmp
2049 - Pentesting nfs
21 - Pentesting ftp
22 - Pentesting ssh
25 - Pentesting smtp
27017 - Pentesting mongo
3128 - Pentesting Squid
3306 - Pentesting mysql
3389 - Pentesting rdp
3632 - Pentesting distccd
389,636,3268,3269,9389 - Pentesting ldap
512 - Pentesting rlogin
53 - Pentesting dns
5432 - Pentesting psql
5800,5801,5900,5901 - Pentesting vnc
5985,5986 - Pentesting winrm
6379 - Pentesting redis
6667 – Pentesting irc
69 - Pentesting tftp
79 - Pentesting finger
873 - Pentesting rsync
88,464 - Pentesting kerberos
Pentesting web
Pentesting web
Cms
Cms
CMS Made Simple
Drupal
Wordpress
Other
Other
0xdf.scf
GIF89a
CGI
ColdFusion 8
cors
Couch db
File inclusion
File Upload bypass (.htaccess)
File Upload bypass
Grafana
iframe
index of
JWT
lxd/lxc group
Magento
Microsoft-IIS/7.5
Microsoft SQL Server 2017 RTM
nagios
NoSql
PHP LFI with RCE
phpinfo
postfix-shellshock
postMessage
Python RCE
WebAssembly
Services
Services
Apache Tomcat
Jenkins
PhpMyAdmin
WebDav
Vulnerabilities
Vulnerabilities
Command Injection
CSRF
IDOR
xee
XML bomb attack
XXS
XSS
Script
Script
Domain to IP
Domain to code status
Domain to page title
Python3 https log server
Python3 https server
IP - geoiplookup.py - statistic
IP - geoiplookup.py
IP - geoiplookup.sh
windows_dll.c
windows-service.c
Sso
Sso
OAuth 2.0 - Security
OAuth 2.0
SAML 2.0
Jwt
Jwt
Stop using JWT for sessions, part 2: Why your solution doesn't work
Stop using JWT for sessions
Stego
Stego
Tool
Tool
American fuzzy lop
Amass
AutoRecon
Censys
cewl
Chkrootkit
Curl
curlx.sh
Microsoft Access Database
Digbit
Dirb
DnsEnum
ffuf
Firefox
pure-ftpd
ftp
GHDB - Google hacking database
GIT Dumper
Gobuster
Hashcat
Host tracker
hping3
hydra
IP
John
MongoDB
Ncrack
Netcat
nikto
nishang
Nmap
PEASS-ng
PHP
ping
PRET
Protocol Buffers
pwntools
Python
RKhunter
scp
semgrep
Sherlock.ps1
Socat
Sqlmap
SSL
Tcpdump
Tweep
unicornscan
wget.vbs
wgetx.sh
Wordpress check
xfreerdp
xml
Windows
Windows
CMD & PowerShell
Information gathering
Lateral Movement and Pivoting
Local Persistence
Privilege Escalation
Active directory
Active directory
Information gathering
Initial access
Lateral Movement
Privilege escalation
Privilege escalation
Abusing ACLs
Captured NTLMv2 hash
DCSync
Kerberoasting
Overpass the hash
Pass the Hash
Pass the Ticket
Tools
Tools
BloodHound
crackmapexec
winrm
hashgrab
Hta reverse sell
impacket
Inveigh
kerbrute
neo4j
netcat.exe
Php reverse shell
Port forward (windows)
Powercat
PowerShell ActiveDirectory Module
powerUp.ps1
PowerView.ps1
Responder
RPCclient
Rubeus
RunasCs
SharpView
SMBMap
Snaffler
upload.php
Windapsearch
winexe
Initial access
put malicious link-file to smb share
force http request to server you own