{"version":1,"pages":[{"id":"eIUz0fN2ldjLOI4oILUw","title":"Basic Tools & Techniques","pathname":"/pentesting-quick-reference","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"cQWS7R3bf7lBbWytkT9K","title":"Linux Basics","pathname":"/pentesting-quick-reference/linux-basics","siteSpaceId":"sitesp_Z1yaz","description":"Essential Linux for Hackers."},{"id":"MZE22vJqG8U7MO9E5sX9","title":"LinEnum","pathname":"/pentesting-quick-reference/linux-basics/linenum","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Linux Basics"}]},{"id":"rvaDP7yIqjFommcb3ZQM","title":"Windows Basics","pathname":"/pentesting-quick-reference/windows-basics","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"cvaJzwXFTEiEfpGNn60A","title":"Automating local enumeration with JAWS","pathname":"/pentesting-quick-reference/windows-basics/automating-local-enumeration-with-jaws","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Windows Basics"}]},{"id":"N8EsdEpROW6i5YzJzRZs","title":"Shells","pathname":"/pentesting-quick-reference/shells","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"5HUzzShX2ziAE2lT1FoI","title":"Uploading Shells/ Transferring Files","pathname":"/pentesting-quick-reference/uploading-shells-transferring-files","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"mVj1TgIi8BtL76MAuli9","title":"FootPrinting","pathname":"/pentesting-quick-reference/footprinting","siteSpaceId":"sitesp_Z1yaz"},{"id":"OT52pZlHmpIWyryreKfK","title":"Host Discovery","pathname":"/pentesting-quick-reference/host-discovery","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"EdPn13a2Ex3CRbpgFXlc","title":"Scanning","pathname":"/pentesting-quick-reference/scanning","siteSpaceId":"sitesp_Z1yaz","description":"Scanning tools Cheatsheat"},{"id":"sGvqgqFZ5xW0oGlWRDwD","title":"Nmap Alternatives","pathname":"/pentesting-quick-reference/scanning/nmap-alternatives","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Scanning"}]},{"id":"ksuU0xPkEsT3k03s5Y36","title":"Metasploit scanners","pathname":"/pentesting-quick-reference/scanning/metasploit-scanners","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Scanning"}]},{"id":"aSg57abBv1McKSU2gzMp","title":"Vulnerability assessment","pathname":"/pentesting-quick-reference/vulnerability-assessment","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"SrhnhXAJAuElKfpZWsZN","title":"Vulnerability Scanning using Nmap","pathname":"/pentesting-quick-reference/vulnerability-assessment/vulnerability-scanning-using-nmap","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Vulnerability assessment"}]},{"id":"Y3Zra9zzpxysyjPCk1c8","title":"Metasploit and Meterpreter","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"1EcFmXzmeRwN89szayeR","title":"Payloads","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/payloads","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"XXEiwZ39tr5P6bBbSYmS","title":"Importing Nmap Scan Results Into MSF","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/importing-nmap-scan-results-into-msf","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"L8qoGt6caFuDW9uGSEnm","title":"Post Exploitation Modules Meterpreter","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/post-exploitation-modules-meterpreter","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"6dXtDsPkfLZ7sQu8HDTT","title":"Pivoting on Metasploit","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/pivoting-on-metasploit","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"WUukiAOZEzrrZuPNB3vR","title":"Persistence","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/persistence","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"WORp8QIwB0L8inMkb7zZ","title":"Password Hash cracking","pathname":"/pentesting-quick-reference/metasploit-and-meterpreter/password-hash-cracking","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Metasploit and Meterpreter"}]},{"id":"xi7dFDZG398cFL6YQ876","title":"Brute Forcing/ Password Cracking","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"uEyJGr8VX0hRaNfohccN","title":"Attacking LSASS Passwords","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/attacking-lsass-passwords","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"om8uPokDpeyDH3CJlvKz","title":"Credentials Hunting Windows","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/credentials-hunting-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"henc9qAwpMRyBYUFgobG","title":"Credential Hunting in Linux","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/credential-hunting-in-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"94S9hEutnzxeLJ3OYFKM","title":"Passwd, Shadow & Opasswd","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/passwd-shadow-and-opasswd","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"v8NAkrZcAJV0zaMY2gok","title":"Pass the Hash (PtH)","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/pass-the-hash-pth","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"cVPWvrToHvafxJ9kBl2u","title":"Protected Files","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/protected-files","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"0Ao1IYWDsVC25N2twx0P","title":"Protected Archives","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/protected-archives","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"JBAyJfsHs6KJWhLko1Hi","title":"Password Policies","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/password-policies","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"sOrn5nyfsmhYpj9SUoW8","title":"Password Managers","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/password-managers","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"QwfQvqgslSKcXIQWCFlX","title":"Breached Credentials","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/breached-credentials","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"udOAqFiQCdGZJlHcpYMD","title":"Mimikatz","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/mimikatz","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"c3h3lhrbViQrLhETQyCR","title":"Detecting Bruteforcing","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/detecting-bruteforcing","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"nIgDqMShu9T6vrEBLkHs","title":"Detecting Bruteforcing with Artifacts","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/detecting-bruteforcing-with-artifacts","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"xqKAlWkz8JC2zuICr78U","title":"AI Based Bruteforcing","pathname":"/pentesting-quick-reference/brute-forcing-password-cracking/ai-based-bruteforcing","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Brute Forcing/ Password Cracking"}]},{"id":"8bQeh6q8EeF6T6kLqvJk","title":"Linux Remote Management Protocols","pathname":"/pentesting-quick-reference/linux-remote-management-protocols","siteSpaceId":"sitesp_Z1yaz"},{"id":"urz5GRVaJfFHG4fnKLqY","title":"Windows Remote Management Protocols","pathname":"/pentesting-quick-reference/windows-remote-management-protocols","siteSpaceId":"sitesp_Z1yaz"},{"id":"w9xfd31hEoZJYP1yeRgH","title":"Port 20/21 - FTP Pentesting","pathname":"/pentesting-quick-reference/port-20-21-ftp-pentesting","siteSpaceId":"sitesp_Z1yaz","description":"Port 20, 21 Pentesting - FTP Exploitation"},{"id":"0L5ZP3T1fr0d5Cj8io42","title":"Port 22 SSH","pathname":"/pentesting-quick-reference/port-22-ssh","siteSpaceId":"sitesp_Z1yaz"},{"id":"mEGQIwx1i5eLFAuN2zi9","title":"Port 23 Telnet","pathname":"/pentesting-quick-reference/port-23-telnet","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"q0enQRy9D40urrqZjD7Q","title":"Port 25 - SMTP","pathname":"/pentesting-quick-reference/port-25-smtp","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"pzhP3uUCXHU40fZVjumt","title":"Port 53 DNS","pathname":"/pentesting-quick-reference/port-53-dns","siteSpaceId":"sitesp_Z1yaz","description":"udp"},{"id":"n7ls8QasdKZa9z5MnKxl","title":"Port 110/995 POP3 and IMAP 146/993","pathname":"/pentesting-quick-reference/port-110-995-pop3-and-imap-146-993","siteSpaceId":"sitesp_Z1yaz","description":"By default, ports 110 and 995 are used for POP3, and ports 143 and 993 are used for IMAP."},{"id":"1yEG5RQ2cRoJOIGqTNGg","title":"Port 111 -RPC Bind","pathname":"/pentesting-quick-reference/port-111-rpc-bind","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"ooiLxVAuNYqs0GWaYDeA","title":"Port 135 - RPC","pathname":"/pentesting-quick-reference/port-135-rpc","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"6JMtVP3M6q5wHT2TMdrP","title":"Port 137 NetBios","pathname":"/pentesting-quick-reference/port-137-netbios","siteSpaceId":"sitesp_Z1yaz","description":"used for file and printer sharing. port 137. Netbios name 16 characters. 15 chars define name and 16th character type of service"},{"id":"EGHLYB8qmy97BfHyQpfx","title":"Port 137, 138 UDP NMDB","pathname":"/pentesting-quick-reference/port-137-138-udp-nmdb","siteSpaceId":"sitesp_Z1yaz"},{"id":"2BroozO7xA742MzNmjFK","title":"Port 161 SNMP","pathname":"/pentesting-quick-reference/port-161-snmp","siteSpaceId":"sitesp_Z1yaz","description":"Use SNMP (application layer protocol) to obtain a list of user accounts and devices on system"},{"id":"Pu1hNgpC5nO8TQQ7D7T7","title":"Port 445 - SMB","pathname":"/pentesting-quick-reference/port-445-smb","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"3B7UvH21KMtam1Awt2dU","title":"SMB Relay Attack","pathname":"/pentesting-quick-reference/port-445-smb/smb-relay-attack","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Port 445 - SMB"}]},{"id":"3UAyOaoKKddlmHtsU6U8","title":"Port 1433 - MSSQL","pathname":"/pentesting-quick-reference/port-1433-mssql","siteSpaceId":"sitesp_Z1yaz"},{"id":"p7bQii80DPZj1nkovuUU","title":"Port 1521 Oracle TNS","pathname":"/pentesting-quick-reference/port-1521-oracle-tns","siteSpaceId":"sitesp_Z1yaz"},{"id":"VzSo2bkkrNp5X2jVhYjx","title":"Port 1833 - MQTT","pathname":"/pentesting-quick-reference/port-1833-mqtt","siteSpaceId":"sitesp_Z1yaz","description":"Port 1883"},{"id":"suwjIs0OLMXyvs2XiqRy","title":"Port 2049 - NFS","pathname":"/pentesting-quick-reference/port-2049-nfs","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"gDeloTRtYmnMewEr80GM","title":"Port 3306 MySQL","pathname":"/pentesting-quick-reference/port-3306-mysql","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"POIhn9v2TZRiXYrchwyp","title":"Port 3389 - RDP","pathname":"/pentesting-quick-reference/port-3389-rdp","siteSpaceId":"sitesp_Z1yaz"},{"id":"duSA0Kk2nmlVSxvBic5r","title":"Port 5985 - WINRM","pathname":"/pentesting-quick-reference/port-5985-winrm","siteSpaceId":"sitesp_Z1yaz"},{"id":"Y1RoVpjEn9hwAFv9Tob9","title":"Port 632 (UDP) IPMI","pathname":"/pentesting-quick-reference/port-632-udp-ipmi","siteSpaceId":"sitesp_Z1yaz"},{"id":"wESLv1zZ893Qgt89HJ7H","title":"Redis (6379)","pathname":"/pentesting-quick-reference/redis-6379","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"puh9jEDzy9U8dVKJ9Xq9","title":"Port 10000 Webmin","pathname":"/pentesting-quick-reference/port-10000-webmin","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"fip3UGWl6PWI35RCLVd3","title":"Jenkins","pathname":"/pentesting-quick-reference/jenkins","siteSpaceId":"sitesp_Z1yaz"},{"id":"YmUvVZw5UnSDDnOf2fD5","title":"Privilege Escalation","pathname":"/pentesting-quick-reference/privilege-escalation","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"Bke32xRLrWuxReoiUbNH","title":"Windows Priv esc","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Privilege Escalation"}]},{"id":"hackRAZ84pRXi63IgZQ0","title":"Initial Enumeration","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/initial-enumeration","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"aBY7coyqtcEj33o52GNT","title":"Automated Enumeration Tools","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"fm7D0rze6hSr5N5exgjT","title":"PowerUp Privilege Escalation","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools/powerup-privilege-escalation","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"},{"label":"Automated Enumeration Tools"}]},{"id":"Axi1QnkODiWynssiIXp7","title":"PrivescCheck.ps1","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools/privesccheck.ps1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"},{"label":"Automated Enumeration Tools"}]},{"id":"dv5RnFZFHwCC0fwb2du5","title":"Winpeas","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools/winpeas","siteSpaceId":"sitesp_Z1yaz","description":"Requires .net 4.0 on the system","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"},{"label":"Automated Enumeration Tools"}]},{"id":"fyT547r4ceWyxevzEA4y","title":"Meterpreter Exploit Suggester","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools/meterpreter-exploit-suggester","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"},{"label":"Automated Enumeration Tools"}]},{"id":"71h341qtiOWgUxssa2tV","title":"Windows Exploit Suggester","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/automated-enumeration-tools/windows-exploit-suggester","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"},{"label":"Automated Enumeration Tools"}]},{"id":"oLaxeBzreOkI1zveCr7V","title":"Kernel Exploits","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/kernel-exploits","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"ZzfEcf9I7XRtuQebCtQ7","title":"Impersonating access tokens","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/impersonating-access-tokens","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"SmJRjQBxlJgJuDEqZMWk","title":"Potato Attacks","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/potato-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"aNbwo3jEhGko65vSFxid","title":"Autoruns","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/autoruns","siteSpaceId":"sitesp_Z1yaz","description":"An autorun file that everyone can modify can be exploited","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"0Ff9HzThcu6UbSEyqR9m","title":"Registry Escalation - AlwaysInstallElevated","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/registry-escalation-alwaysinstallelevated","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"XdhN2QS5abBfjJfE6BFl","title":"Sheduled Tasks","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/sheduled-tasks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"w5rwQfKQVNEoEo5jcgJI","title":"Runas","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/runas","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"TlNF8SfRyLcqYC5AIkuL","title":"Weak Service Permissions","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/weak-service-permissions","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"PM9MnEAibDF5erqF6blY","title":"Unquoted service path vulnerability","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/unquoted-service-path-vulnerability","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"XsG4Zo0DXxinGLOb6FYO","title":"Print Spooler","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/print-spooler","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"dcny4ufcivRG7PRMImP9","title":"Bypassing UAC using the UACME tool","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/bypassing-uac-using-the-uacme-tool","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"yWwM8AEFPn26sYfMOGNv","title":"UAC Bypass: Memory Injection (Metasploit)","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/uac-bypass-memory-injection-metasploit","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"YCUC3mL9BRSWiEJ4hRTu","title":"Windows Subsystem for Linux","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/windows-subsystem-for-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"3yK2fhG90joXEe2c4QJW","title":"Misc","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/misc","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"B2JoVTUZbUAUmW6hTjSQ","title":"Meterpreter Kiwi plugin","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/meterpreter-kiwi-plugin","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"SU6NRkdamgMKDvDOwnmo","title":"Group Policy Preference","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/group-policy-preference","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"hbyJGn9TKsY8C0obOtSf","title":"Escalate to SYSTEM from Administrator","pathname":"/pentesting-quick-reference/privilege-escalation/windows-priv-esc/escalate-to-system-from-administrator","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Privilege Escalation"},{"label":"Windows Priv esc"}]},{"id":"MQkvK85Z4Gh6XWigqXb1","title":"Linux Priv esc","pathname":"/pentesting-quick-reference/privilege-escalation/linux-priv-esc","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Privilege Escalation"}]},{"id":"QRVj2kjsLOBXMThkjOlH","title":"Active Directory","pathname":"/pentesting-quick-reference/active-directory","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"BNhWoI8PQOAPBaO5Tb3m","title":"AD Basics","pathname":"/pentesting-quick-reference/active-directory/ad-basics","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Active Directory"}]},{"id":"4SS61zsoOnplimDT6qbP","title":"AD Management Basics","pathname":"/pentesting-quick-reference/active-directory/ad-basics/ad-management-basics","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Basics"}]},{"id":"EYDiYhi1znd0GJzSAFpB","title":"Initial Enumeration of  AD","pathname":"/pentesting-quick-reference/active-directory/initial-enumeration-of-ad","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"KRWAfuycxGkXiHJ0X6dI","title":"Enumerating AD Users","pathname":"/pentesting-quick-reference/active-directory/initial-enumeration-of-ad/enumerating-ad-users","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Initial Enumeration of  AD"}]},{"id":"O1JNVEzBSINCGOhewzJi","title":"Password Spraying","pathname":"/pentesting-quick-reference/active-directory/password-spraying","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"t0kSbK5cpy4EOCyoBGqn","title":"Enumerating & Retrieving Password Policies","pathname":"/pentesting-quick-reference/active-directory/password-spraying/enumerating-and-retrieving-password-policies","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Password Spraying"}]},{"id":"HLZwZRxlJNrXXHHlmHYK","title":"Password Spraying - Making a Target User List","pathname":"/pentesting-quick-reference/active-directory/password-spraying/password-spraying-making-a-target-user-list","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Password Spraying"}]},{"id":"mPwXYegvyZ9qVYaD45S0","title":"Internal Password Spraying - from Linux","pathname":"/pentesting-quick-reference/active-directory/password-spraying/internal-password-spraying-from-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Password Spraying"}]},{"id":"iJD9bjW9Z4dCHZVM44kt","title":"Internal Password Spraying - from Windows","pathname":"/pentesting-quick-reference/active-directory/password-spraying/internal-password-spraying-from-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Password Spraying"}]},{"id":"GAdCwteZoE1SB4V0DBum","title":"Enumerating Security Controls","pathname":"/pentesting-quick-reference/active-directory/password-spraying/enumerating-security-controls","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Password Spraying"}]},{"id":"DRTheSXJXV40GYeHnkdU","title":"LLMNR Poisoning","pathname":"/pentesting-quick-reference/active-directory/llmnr-poisoning","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"Nl0mhH6DnTbi8nhWXIrH","title":"SMB/ NTLM Relay Attacks","pathname":"/pentesting-quick-reference/active-directory/smb-ntlm-relay-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"m7R3MJXzE8kaYKDflZyj","title":"IPv6 Attacks","pathname":"/pentesting-quick-reference/active-directory/ipv6-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"N2H6udnqWinbqfKNiJ1p","title":"IPV6 DNS takeover","pathname":"/pentesting-quick-reference/active-directory/ipv6-attacks/ipv6-dns-takeover","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"IPv6 Attacks"}]},{"id":"MWEjIC67cD3TaTDqfsdl","title":"WPAD","pathname":"/pentesting-quick-reference/active-directory/ipv6-attacks/wpad","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"IPv6 Attacks"}]},{"id":"SQDCA2Ku0DXJPncUF0RH","title":"Passback Attacks","pathname":"/pentesting-quick-reference/active-directory/passback-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"xwReCq02upSD11xsXGy6","title":"AS-REP roasting","pathname":"/pentesting-quick-reference/active-directory/as-rep-roasting","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"HfaJoc5d3ZpJAnqMpxb3","title":"AD Shell","pathname":"/pentesting-quick-reference/active-directory/ad-shell","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Active Directory"}]},{"id":"av0WSyMDYmbzuiMGIXUI","title":"AD Enumeration","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Active Directory"}]},{"id":"EEBQEzry7amiBcljfK5S","title":"Credentialed Enumeration - from Linux","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/credentialed-enumeration-from-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"PI0vOCU5RU8AkUrkOCZm","title":"Credentialed Enumeration - from Windows","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/credentialed-enumeration-from-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"yopc3nFcMeV0K35H93N2","title":"Living off the Land","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/living-off-the-land","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"jTmeC208LqgC0LioolNJ","title":"Powershell Additional Tricks","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/living-off-the-land/powershell-additional-tricks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"},{"label":"Living off the Land"}]},{"id":"AJgp4LksYLg1gdEX27Ap","title":"BloodHound","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/bloodhound","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"DJ6z4PU9WqGBulc8lvwR","title":"Plumhound","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/plumhound","siteSpaceId":"sitesp_Z1yaz","description":"bloddhound for purple and blue teams","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"5LSGHLordW9MCnbxXQ0P","title":"Bloodhound CE","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/bloodhound-ce","siteSpaceId":"sitesp_Z1yaz","description":"How to Install Bloodhound CE on Kali. Newest Sharphound collectors only work with bloodhound CE","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"2OizjmW1LorbZNglUAX6","title":"ldapdomaindump","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/ldapdomaindump","siteSpaceId":"sitesp_Z1yaz","description":"Good and easy tool for remote dumping AD stuff","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"5U1EHKJEJzqALh7GHb89","title":"PingCastle","pathname":"/pentesting-quick-reference/active-directory/ad-enumeration/pingcastle","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"AD Enumeration"}]},{"id":"MfwmduDCOKdS1aBMNG65","title":"Post Compromise","pathname":"/pentesting-quick-reference/active-directory/post-compromise","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"leiq9J0VOhpZ2ajA6eaN","title":"Kerberosting","pathname":"/pentesting-quick-reference/active-directory/post-compromise/kerberosting","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"}]},{"id":"pNbttFn902cvekosrMoC","title":"Kerberos \"Double Hop\" Problem","pathname":"/pentesting-quick-reference/active-directory/post-compromise/kerberosting/kerberos-double-hop-problem","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"},{"label":"Kerberosting"}]},{"id":"WpPB8crN01y4uGeUdAdh","title":"Pass Attacks","pathname":"/pentesting-quick-reference/active-directory/post-compromise/pass-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"}]},{"id":"5X5cEKnScCA0GscL6uPB","title":"Pass the Hash","pathname":"/pentesting-quick-reference/active-directory/post-compromise/pass-attacks/pass-the-hash","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"},{"label":"Pass Attacks"}]},{"id":"0f5jnNSL5jmMFIhT4FZt","title":"Pass the Ticket","pathname":"/pentesting-quick-reference/active-directory/post-compromise/pass-attacks/pass-the-ticket","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"},{"label":"Pass Attacks"}]},{"id":"iEUArEHiZgEeI8JOmwUa","title":"Pass the Ticket (PtT) from Windows","pathname":"/pentesting-quick-reference/active-directory/post-compromise/pass-attacks/pass-the-ticket/pass-the-ticket-ptt-from-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"},{"label":"Pass Attacks"},{"label":"Pass the Ticket"}]},{"id":"G1sA0Jm9YTiaI6PjjLOb","title":"Pass the Ticket (PtT) from Linux","pathname":"/pentesting-quick-reference/active-directory/post-compromise/pass-attacks/pass-the-ticket/pass-the-ticket-ptt-from-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"},{"label":"Pass Attacks"},{"label":"Pass the Ticket"}]},{"id":"SIIdkubg3wagiJ9VbaMG","title":"Token Impersonation","pathname":"/pentesting-quick-reference/active-directory/post-compromise/token-impersonation","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"}]},{"id":"fSFdep7PMVObDgzUj0T6","title":"LNK File Attacks","pathname":"/pentesting-quick-reference/active-directory/post-compromise/lnk-file-attacks","siteSpaceId":"sitesp_Z1yaz","description":"If we have access to a share, we can put there a malicious file. On the other end we can have responder. Once the file is opened we get the hash","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"}]},{"id":"WvwFAxe5ZCya71m9vFRR","title":"Miscellaneous Misconfigurations","pathname":"/pentesting-quick-reference/active-directory/post-compromise/miscellaneous-misconfigurations","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Compromise"}]},{"id":"8baYTKaXS9XRfbLCa2hG","title":"Pivoting","pathname":"/pentesting-quick-reference/active-directory/pivoting","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"YBDgYddQZ2YP7tjoJoBo","title":"Lateral Movement","pathname":"/pentesting-quick-reference/active-directory/lateral-movement","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"vFvaT9eWMOeHVk6Xzfgr","title":"Privilege Escalation","pathname":"/pentesting-quick-reference/active-directory/privilege-escalation","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"bWRil0McuYnHDWl7oJEA","title":"Access Control List (ACL) Abuse Primer","pathname":"/pentesting-quick-reference/active-directory/access-control-list-acl-abuse-primer","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"vvQohhignY1gEMI18vHj","title":"ACL Enumeration","pathname":"/pentesting-quick-reference/active-directory/access-control-list-acl-abuse-primer/acl-enumeration","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Access Control List (ACL) Abuse Primer"}]},{"id":"KghLrpjmk8bCk6tmbjqi","title":"ACL Abuse Tactics","pathname":"/pentesting-quick-reference/active-directory/access-control-list-acl-abuse-primer/acl-abuse-tactics","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Access Control List (ACL) Abuse Primer"}]},{"id":"ObYvahSmvw9bm34ykfii","title":"DCSync","pathname":"/pentesting-quick-reference/active-directory/access-control-list-acl-abuse-primer/dcsync","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Access Control List (ACL) Abuse Primer"}]},{"id":"svl3tiy0aMsQn9ktAEtU","title":"DCSync Example Forest HTB","pathname":"/pentesting-quick-reference/active-directory/access-control-list-acl-abuse-primer/dcsync/dcsync-example-forest-htb","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Access Control List (ACL) Abuse Primer"},{"label":"DCSync"}]},{"id":"62fyLYY0EH72tDoZHzTD","title":"Post Owning Domain","pathname":"/pentesting-quick-reference/active-directory/post-owning-domain","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"g0zfEUVgIpxby6oT8MQY","title":"Attacking Active Directory & NTDS.dit 1","pathname":"/pentesting-quick-reference/active-directory/post-owning-domain/attacking-active-directory-and-ntds.dit-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Owning Domain"}]},{"id":"O42fw1yDuZX4ku6C0wgw","title":"Golden Ticket Attacks","pathname":"/pentesting-quick-reference/active-directory/post-owning-domain/golden-ticket-attacks","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Owning Domain"}]},{"id":"8CylV04YRUy9Zvn0pz1X","title":"Silver Ticket","pathname":"/pentesting-quick-reference/active-directory/post-owning-domain/silver-ticket","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Post Owning Domain"}]},{"id":"58E7AXc8pB7WLyRzNQlo","title":"AD Common Vulnerablities","pathname":"/pentesting-quick-reference/active-directory/ad-common-vulnerablities","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"VTLSzpSnNkAoL8vQsdIC","title":"Bleeding Edge Vulnerabilities","pathname":"/pentesting-quick-reference/active-directory/bleeding-edge-vulnerabilities","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"ckWwnFQEnE0QtOLS3o3C","title":"Domain Trusts","pathname":"/pentesting-quick-reference/active-directory/domain-trusts","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"tbC6ZQICXfOeNxqdOKWW","title":"Attacking Domain Trusts - Child -> Parent Trusts - from Windows","pathname":"/pentesting-quick-reference/active-directory/domain-trusts/attacking-domain-trusts-child-greater-than-parent-trusts-from-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Domain Trusts"}]},{"id":"Gyv1zo30BfQ5LK5v7tPF","title":"Attacking Domain Trusts - Child -> Parent Trusts - from Linux","pathname":"/pentesting-quick-reference/active-directory/domain-trusts/attacking-domain-trusts-child-greater-than-parent-trusts-from-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Domain Trusts"}]},{"id":"wAlmmhmkxCjAc9X8rJvQ","title":"Attacking Domain Trusts - Cross-Forest Trust Abuse - from Windows","pathname":"/pentesting-quick-reference/active-directory/domain-trusts/attacking-domain-trusts-cross-forest-trust-abuse-from-windows","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Domain Trusts"}]},{"id":"2NV9T34qQzVBR4zkPp3v","title":"Attacking Domain Trusts - Cross-Forest Trust Abuse - from Linux","pathname":"/pentesting-quick-reference/active-directory/domain-trusts/attacking-domain-trusts-cross-forest-trust-abuse-from-linux","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"},{"label":"Domain Trusts"}]},{"id":"n5ozcJJzYNo7M3a4Q6oE","title":"Maintaining Access","pathname":"/pentesting-quick-reference/active-directory/maintaining-access","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"RosWdQ1IKFzC0y5eMy1I","title":"Clean Up","pathname":"/pentesting-quick-reference/active-directory/clean-up","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"ljTSFxg8ftX8KzPcS9b4","title":"Hardening Active Directory","pathname":"/pentesting-quick-reference/active-directory/hardening-active-directory","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"yANWXMvxtuSOYzkGcaIC","title":"Additional AD Auditing Techniques","pathname":"/pentesting-quick-reference/active-directory/additional-ad-auditing-techniques","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"P7JWVXZZQaQgJytCfslc","title":"HTB AD Enumeration & Attacks - Skills Assessment Part I","pathname":"/pentesting-quick-reference/active-directory/htb-ad-enumeration-and-attacks-skills-assessment-part-i","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"QrUM7pja7KEapunE7rlr","title":"Game of Active Directory","pathname":"/pentesting-quick-reference/active-directory/game-of-active-directory","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Active Directory"}]},{"id":"i7w8szdDkherHfLfsJK3","title":"Web Pentesting","pathname":"/pentesting-quick-reference/web-pentesting","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"xNLpm6BqNKqgJmhPmxAr","title":"Subdomains, directories and Vhost listing","pathname":"/pentesting-quick-reference/web-pentesting/subdomains-directories-and-vhost-listing","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"VLKoDGbDHNi6TyHBrEBQ","title":"Command Injection","pathname":"/pentesting-quick-reference/web-pentesting/command-injection","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"niCY5ZASy1eMmp87PyTC","title":"XSS","pathname":"/pentesting-quick-reference/web-pentesting/xss","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"Rb5kLzGNIlzGtAFEBxDP","title":"SQL Injection","pathname":"/pentesting-quick-reference/web-pentesting/sql-injection","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"ubLbkt5bEl4fukmJlUmx","title":"Authentication Bypass","pathname":"/pentesting-quick-reference/web-pentesting/authentication-bypass","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"BLht2R4dLfeR9Fu57Jty","title":"Misc Vulnerabilies","pathname":"/pentesting-quick-reference/web-pentesting/misc-vulnerabilies","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"hhYRlXVgAuGFhIXlT6SJ","title":"Web Certifications","pathname":"/pentesting-quick-reference/web-pentesting/web-certifications","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Web Pentesting"}]},{"id":"pYLeaNi9jrDHH7aK102Y","title":"Cryptography","pathname":"/pentesting-quick-reference/cryptography","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"QBo4XvgQpFeFr9yWhRcO","title":"More Resources","pathname":"/pentesting-quick-reference/more-resources","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"HuNjwtJp92pEPE2a7CqB","title":"Forensics","pathname":"/pentesting-quick-reference/forensics","siteSpaceId":"sitesp_Z1yaz","description":"Tools for conducting image forensics"},{"id":"Nkmly8tJQDtfT6FF46Bq","title":"IoT Security","pathname":"/pentesting-quick-reference/iot-security","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"5bUO30xAw87z90kIq379","title":"API Security","pathname":"/pentesting-quick-reference/api-security","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"LX8EKs6rhP1L7sWCDxEl","title":"Binary Exploitation","pathname":"/pentesting-quick-reference/binary-exploitation","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"Yp9Za7ve4eZbWjJE4h91","title":"Assembly Cheatsheat for Hackers","pathname":"/pentesting-quick-reference/binary-exploitation/assembly-cheatsheat-for-hackers","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Binary Exploitation"}]},{"id":"FuokCoXEUMTEHXcSs4s0","title":"Malware Analysis","pathname":"/pentesting-quick-reference/binary-exploitation/malware-analysis","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Binary Exploitation"}]},{"id":"o8Os68hqP7c9561iaWxI","title":"Basic Static Malware Analysis","pathname":"/pentesting-quick-reference/binary-exploitation/malware-analysis/basic-static-malware-analysis","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Binary Exploitation"},{"label":"Malware Analysis"}]},{"id":"V5yOne5hR8JjZ1yr3gMu","title":"Boxes/ Machines","pathname":"/pentesting-quick-reference/boxes-machines","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"3WAEtIh8vKPC1fMeDGZv","title":"Try Hack Me","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"XVAnl6iSLWGEmPbzOKVs","title":"Vulnversity","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/vulnversity","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"vp8xZrcWmasdd1OhqJPg","title":"Basic Pentesting","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/basic-pentesting","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"IKtuGRS03rvKQ3ZNldCv","title":"Kenobi","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/kenobi","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"kBCu2kZ0tgCYdfuwaVV9","title":"Steel Mountain","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/steel-mountain","siteSpaceId":"sitesp_Z1yaz","description":"Windows box, HFS","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"9AjsW45AUZwS9INypnQU","title":"Malware Analysis","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/malware-analysis","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"WmIUevjThLrvniQFJwoE","title":"Summit","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/malware-analysis/summit","siteSpaceId":"sitesp_Z1yaz","description":"Summit tryhackme basic Malware Analysis room walkthrough","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"},{"label":"Malware Analysis"}]},{"id":"gxczsfKEQmJ2uKpzxHqA","title":"Telnet","pathname":"/pentesting-quick-reference/boxes-machines/try-hack-me/telnet","siteSpaceId":"sitesp_Z1yaz","description":"https://tryhackme.com/jr/telnetcve2026","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Try Hack Me"}]},{"id":"Uu2l0OnxRX3hYJR84CfX","title":"Vulnhub","pathname":"/pentesting-quick-reference/boxes-machines/vulnhub","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"M4PQarKSbhMG6bSh9fe7","title":"Tiki","pathname":"/pentesting-quick-reference/boxes-machines/vulnhub/tiki","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"Vulnhub"}]},{"id":"Ihtq8tYQZoHoIeRRmKGs","title":"HTB","pathname":"/pentesting-quick-reference/boxes-machines/htb","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"KI4W1JiOpFM7vitDda82","title":"Beep","pathname":"/pentesting-quick-reference/boxes-machines/htb/beep","siteSpaceId":"sitesp_Z1yaz","description":"Beep HTB walkthrough 2023 tested on Kali. Beep has a very large list of running services, which can make it a bit challenging to find the correct entry method.","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"HTB"}]},{"id":"4XFb6HUcryDLpDpSp7xP","title":"Active","pathname":"/pentesting-quick-reference/boxes-machines/htb/active","siteSpaceId":"sitesp_Z1yaz","description":"Active HTB Machine walkthrough 2023. Active directory Basics.","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"HTB"}]},{"id":"bisGVIxWnyL0YsO0dMD8","title":"Forest","pathname":"/pentesting-quick-reference/boxes-machines/htb/forest","siteSpaceId":"sitesp_Z1yaz","description":"Forest HTB 2023 Walkthrough","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"HTB"}]},{"id":"Fqi9C2YgokET76YKhZLY","title":"Devel","pathname":"/pentesting-quick-reference/boxes-machines/htb/devel","siteSpaceId":"sitesp_Z1yaz","description":"Devel HTB 2023 Walkthrough. Devel is relatively simple Windows machine and demonstrates the security risks associated with some default program configurations.","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"HTB"}]},{"id":"AqyaXJ7at0MiJxornxdp","title":"Metasploitable 2","pathname":"/pentesting-quick-reference/boxes-machines/metasploitable-2","siteSpaceId":"sitesp_Z1yaz","description":"Metasploitable 2 is a purposely vulnerable virtual machine that is designed for security testing, training, and educational purposes. Here, we have complete walkthrough of the machine.","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"AQtNxUyALmWKj3RJ94H4","title":"PWN.COLLEGE Talking Web","pathname":"/pentesting-quick-reference/boxes-machines/pwn.college-talking-web","siteSpaceId":"sitesp_Z1yaz","description":"Complete solutions for Talking web pwn college. Complete writeup of all challenges","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"6gfDptGGiqBjbbUIS2Xj","title":"PWN COLLGE Web Hacking","pathname":"/pentesting-quick-reference/boxes-machines/pwn-collge-web-hacking","siteSpaceId":"sitesp_Z1yaz","description":"Web hacking dojo walkthrough pwn.college","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"KwOCJIMfPIvS4yBAVL61","title":"INE","pathname":"/pentesting-quick-reference/boxes-machines/ine","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"}]},{"id":"EDBm9jBli7uxnyNLr5Pd","title":"Host & Network Penetration Testing: System-Host Based Attacks CTF 1","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-system-host-based-attacks-ctf-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"uInUKWayfCfUmF5dDJRf","title":"Host & Network Penetration Testing: System-Host Based Attacks CTF 2 - INE","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-system-host-based-attacks-ctf-2-ine","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"imWA2PlAzK1oTaPguew7","title":"Host & Network Penetration Testing: Network-Based Attacks CTF 1","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-network-based-attacks-ctf-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"VzirUoXFWK243hgjdWGg","title":"Host & Network Penetration Testing: The Metasploit Framework CTF 1","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-the-metasploit-framework-ctf-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"bODmO1n3sqQMUpP1mRLW","title":"Host & Network Penetration Testing: The Metasploit Framework CTF 2","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-the-metasploit-framework-ctf-2","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"xFFl0ysmjBmz8Qd6KACY","title":"Host & Network Penetration Testing: Exploitation CTF 1","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-exploitation-ctf-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"ouB3hlXlGu2SJz2rVHbs","title":"Host & Network Penetration Testing: Exploitation CTF 2","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-exploitation-ctf-2","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"kGlnAZe1zU2eWSzeGbHc","title":"Host & Network Penetration Testing: Exploitation CTF 3","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-exploitation-ctf-3","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"6xnU6QbomB7ks6pwDtNU","title":"Host & Network Penetration Testing: Post-Exploitation CTF 1","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-post-exploitation-ctf-1","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"rAI30YWvqsixMMMTJ7sz","title":"Host & Network Penetration Testing: Post-Exploitation CTF 2","pathname":"/pentesting-quick-reference/boxes-machines/ine/host-and-network-penetration-testing-post-exploitation-ctf-2","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Boxes/ Machines"},{"label":"INE"}]},{"id":"1jmugsovg8CG7IftIoXu","title":"Private Challenges","pathname":"/pentesting-quick-reference/private-challenges","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"88ghb6TT0PkUGycutncQ","title":"Pwn","pathname":"/pentesting-quick-reference/private-challenges/pwn","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Private Challenges"}]},{"id":"ZfA3khvYtvmcAMI03Tj0","title":"Forensics","pathname":"/pentesting-quick-reference/private-challenges/forensics","siteSpaceId":"sitesp_Z1yaz","description":"","breadcrumbs":[{"label":"Private Challenges"}]},{"id":"LZnnAukJAbz8g3fpkGvB","title":"Misc tools","pathname":"/pentesting-quick-reference/misc-tools","siteSpaceId":"sitesp_Z1yaz","description":""},{"id":"nQMtIbKaMZjVulQOcS0j","title":"NetExec","pathname":"/pentesting-quick-reference/misc-tools/netexec","siteSpaceId":"sitesp_Z1yaz","description":"crack map exec alternative","breadcrumbs":[{"label":"Misc tools"}]},{"id":"9a9kJ31Mb9p7twkYj5rI","title":"Clearing Tracks","pathname":"/pentesting-quick-reference/clearing-tracks","siteSpaceId":"sitesp_Z1yaz"},{"id":"8rTon2URAlCOpwqhpLrL","title":"SOC Analyst Resources","pathname":"/pentesting-quick-reference/soc-analyst-resources","siteSpaceId":"sitesp_Z1yaz"},{"id":"YIC8dq7pVx7tCPrB1fMN","title":"OSCP Tips and Misc","pathname":"/pentesting-quick-reference/oscp-tips-and-misc","siteSpaceId":"sitesp_Z1yaz"},{"id":"a2UbYapQgXaoJPV14HSp","title":"Buffer Overflow","pathname":"/pentesting-quick-reference/buffer-overflow","siteSpaceId":"sitesp_Z1yaz","description":"Easy practical examples for buffer overflow for beginners"},{"id":"Ds0L0snI0HZqqi4UHLT5","title":"Linux Vulnerabilities","pathname":"/pentesting-quick-reference/linux-vulnerabilities","siteSpaceId":"sitesp_Z1yaz"},{"id":"ltWyNLC6vKX0ksx0Pygm","title":"Different Applications  Vulnerabilities","pathname":"/pentesting-quick-reference/different-applications-vulnerabilities","siteSpaceId":"sitesp_Z1yaz"},{"id":"NbO0gnrt84Rd3ZLuWG11","title":"WebDAV","pathname":"/pentesting-quick-reference/different-applications-vulnerabilities/webdav","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Different Applications  Vulnerabilities"}]},{"id":"6RxML8yDjYbmN5NEashu","title":"Web3 and Blockchain Security","pathname":"/pentesting-quick-reference/web3-and-blockchain-security","siteSpaceId":"sitesp_Z1yaz"},{"id":"PQ80VQnyS4hGjQ2O0ZfE","title":"WIFI Hacking","pathname":"/pentesting-quick-reference/wifi-hacking","siteSpaceId":"sitesp_Z1yaz"},{"id":"wxc8kroL3rRAdAbm91FD","title":"Misc Tricks","pathname":"/pentesting-quick-reference/misc-tricks","siteSpaceId":"sitesp_Z1yaz"},{"id":"VCJIqI2v3YbqgkktAkof","title":"CTF Writeups","pathname":"/pentesting-quick-reference/ctf-writeups","siteSpaceId":"sitesp_Z1yaz"},{"id":"Nwh7R5wNj8NNOwgyucuT","title":"Social Engineering","pathname":"/pentesting-quick-reference/social-engineering","siteSpaceId":"sitesp_Z1yaz"},{"id":"aTTwnSgvoXkq5LYtWkpX","title":"Mobile Hacking","pathname":"/pentesting-quick-reference/mobile-hacking/mobile-hacking","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Mobile Hacking"}]},{"id":"3ZmzWjRE0Xrg0yKwFSaD","title":"Extracting APIs from Mobile applications","pathname":"/pentesting-quick-reference/mobile-hacking/extracting-apis-from-mobile-applications","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Mobile Hacking"}]},{"id":"cDbtDmoqKzlXkjJkyHwO","title":"AWS","pathname":"/pentesting-quick-reference/cloud-pentesting/aws","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"Cloud Pentesting"}]},{"id":"wK9eGhoKRzHav7WtXfVJ","title":"AI Based Pentesting tools","pathname":"/pentesting-quick-reference/ai-pentesting/ai-based-pentesting-tools","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"AI-Pentesting"}]},{"id":"WiguuxPWh0MX7fsv9yg2","title":"OT Security Labs","pathname":"/pentesting-quick-reference/ot-security/ot-security-labs","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"OT Security"}]},{"id":"1eVMUkyKebf7P7NXI1ES","title":"M5StickC","pathname":"/pentesting-quick-reference/ot-security/m5stickc","siteSpaceId":"sitesp_Z1yaz","breadcrumbs":[{"label":"OT Security"}]}]}