man - opens manual eg: man telnet
tlds - short commands eg: tlds redis-cls
--help
-h
apropas - short description
FTP ftp
redis-cli
smbclient
https://labs.inquest.net/ (to search for reputation of a file)
Last updated
Machine
Platform
Topic
Fawn(v.easy)
HTB
FTP anonymous user
Blue(easy)
THM
Eternal Blue, MSF exploit suggester
Flaws.cloud
Flaws.cloud
Cloud pentesting, s3 , IAM,EC2
Dancing(v.easy)
HTB
Smb unauthenticated
smbclient
Redeemer(v.easy)
HTB
unauthenticated Redis
Lame
HTB
SMB, usermap metasploit, exploit/multi/samba/usermap_script
Devel
HTB
Anonymous FTP, upload reverse shell aspx,Priviledge escaltatiion by MS10-015
Optimum
HTB
HFS, msf, exploit suggester
Source
THM
Webmin / msf
Eavesdropper(easy)
THM
Linux priv escalation with sudo hijacking
Takeover(easy)
THM
Subdomain enumeration
Simple CTF (easy)
THM
simple CMS CVE-2019-9053, priv escalation through vim
Ambassador
HTB
Ghafran manual exploitation. priv escalation with https://github.com/GatoGamer1155/Hashicorp-Consul-RCE-via-API
Vulnversity(easy)
THM
php reverse shell by checking allowed extension through burp, priv escalation SUID systemctl
Basic Pentesting (easy)
THM
SSH brute forcing, priv escalation from private key in the .ssh folder. Break its encryption with john
Kenobi(easy)
THM
smb shares enumeration, proftpd 1.3.5 exploit for copying files. Priv escalation with SUID binary path exploit
Steel Mountain(easy)
THM
HFS exploitation msf and manual exploitation. Priv escalation with unquoted path
Tiki (v easy)
Vulnhub
Tiki CMS, dir busting, sudo -i priv esc
Beep(easy)
HTB
elastix LFI, RCE, shell shock, nmap priv esc
Forest(Med)
HTB
Active directory, dcsync, kerberosting, impacket
Active(easy)
HTB
Active directory, kerberosting,smbmap detail,groups.xml cracking