Awesome Hackpuntes

LinkedIn GitHub Twitter Exploit-DB

Intro
My CVE
Exploit-DB
OWASP - EN
- OWASP: Testing guide checklist
OWASP - ES
Page 1
🕵️OSEP Cheatsheet
📱Mobile Pentesting
🤖Android
- Page 2
💸iOS
- How to extract IPA from iOS device

Powered by GitBook

Checklist

Defenses

AMSI
CLM
AV
Applocker

Lateral Movement

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS

Privilege Escalation

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

MSSQL

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Web Application

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec

PreviousPage 1 NextOnline Tools

Last updated 2 months ago

On this page

Defenses
Lateral Movement
Privilege Escalation
MSSQL
Web Application

Was this helpful?