Basic Tools & Techniques
Best Resources
Getting Manual Help
man - opens manual eg: man telnet
tlds - short commands eg: tlds redis-cls
--help
-h
apropas - short description
Encoding Decoding
Simple encryption
Other Tools List
FTP ftp
redis-cli
smbclient
Check reputation of a file
https://labs.inquest.net/ (to search for reputation of a file)
SSH error
Machine | Platform | Topic |
Fawn(v.easy) | HTB | FTP anonymous user |
Blue(easy) | THM | Eternal Blue, MSF exploit suggester |
Flaws.cloud | Flaws.cloud | Cloud pentesting, s3 , IAM,EC2 |
Dancing(v.easy) | HTB | Smb unauthenticated smbclient |
Redeemer(v.easy) | HTB | unauthenticated Redis |
Lame | HTB | SMB, usermap metasploit, exploit/multi/samba/usermap_script |
Devel | HTB | Anonymous FTP, upload reverse shell aspx,Priviledge escaltatiion by MS10-015 |
Optimum | HTB | HFS, msf, exploit suggester |
Source | THM | Webmin / msf |
Eavesdropper(easy) | THM | Linux priv escalation with sudo hijacking |
Takeover(easy) | THM | Subdomain enumeration |
Simple CTF (easy) | THM | simple CMS CVE-2019-9053, priv escalation through vim |
Ambassador | HTB | Ghafran manual exploitation. priv escalation with https://github.com/GatoGamer1155/Hashicorp-Consul-RCE-via-API |
Vulnversity(easy) | THM | php reverse shell by checking allowed extension through burp, priv escalation SUID systemctl |
Basic Pentesting (easy) | THM | SSH brute forcing, priv escalation from private key in the .ssh folder. Break its encryption with john |
Kenobi(easy) | THM | smb shares enumeration, proftpd 1.3.5 exploit for copying files. Priv escalation with SUID binary path exploit |
Steel Mountain(easy) | THM | HFS exploitation msf and manual exploitation. Priv escalation with unquoted path |
Tiki (v easy) | Vulnhub | Tiki CMS, dir busting, sudo -i priv esc |
Beep(easy) | HTB | elastix LFI, RCE, shell shock, nmap priv esc |
Forest(Med) | HTB | Active directory, dcsync, kerberosting, impacket |
Active(easy) | HTB | Active directory, kerberosting,smbmap detail,groups.xml cracking |
Last updated