Cardboard Iguana Security
/
spells
Dark mode
Light mode
Search
Search
263 items under this folder.
Wednesday, December 18, 2024
Abusing wildcard expansion in Bash
Language/Bash
Application/tar
AttackCycle/Exploitation
OS/Linux
Wednesday, December 18, 2024
Access the Windows Registry using PowerShell
HowTo
OS/Windows/Registry
Application/PowerShell
Wednesday, December 18, 2024
Add Windows users at the command line
OS/Windows
Application/net
OS/Windows/Registry
Application/reg
Wednesday, December 18, 2024
Aircrack-NG
Application/Aircrack
AttackCycle/Reconnaissance
AttackCycle/Exploitation
Protocol/WiFi
Wednesday, December 18, 2024
ARP
Protocol/ARP
Standard/OSI
Hardware/MACAddress
Protocol/IPv4
Protocol/IPv6
Wednesday, December 18, 2024
ARP scanning
Protocol/ARP
Language/Python/Scapy
Scripts
Protocol/ICMP
Wednesday, December 18, 2024
AS-REP roasting
Protocol/Kerberos
OS/Windows/ActiveDirectory
Cryptography/Hashes/NT
AttackCycle/Exploitation/AS-REPRoasting
AttackCycle/Exploitation/Kerberoasting
Wednesday, December 18, 2024
AS-REP roasting with Impacket
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/AS-REPRoasting
Application/Impacket
Protocol/Kerberos
Wednesday, December 18, 2024
AS-REP roasting With Rubeus
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/AS-REPRoasting
Application/Rubeus
Application/Hashcat
Wednesday, December 18, 2024
Automate Netlify builds with IFTTT
HowTo
WebApplication/Netlify
WebApplication/IFTTT
Wednesday, December 18, 2024
Automatically stabilize a reverse shell with socat
HowTo
Application/socat
Wednesday, December 18, 2024
Avoid dropping privileges with SUID Bash
Language/Bash
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
awk
Application/awk
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Backdoor Visual Basic Scripts
AttackCycle/Exploitation
HowTo
Language/VisualBasic
FileFormat/VBS
Protocol/SMB
OS/Windows
Wednesday, December 18, 2024
basenc
Application/basenc
Standard/Base64
Application/base64
Wednesday, December 18, 2024
Bash reverse shell
Language/Bash
AttackCycle/LateralMovement
Application/netcat
Application/socat
Wednesday, December 18, 2024
Bash scripting
Language/Bash
Wednesday, December 18, 2024
Bulk edit Windows permissions
OS/Windows/Permissions
Application/secedit
HowTo
Wednesday, December 18, 2024
Burp Suite
Application/BurpSuite
AttackCycle/Reconnaissance/Fuzzing
AttackCycle/Exploitation/BruteForcing
OS/Linux/Distros/Kali
Wednesday, December 18, 2024
Bypass the PowerShell execution policy
Application/PowerShell
OS/Windows
HowTo
AttackCycle/Exploitation
Wednesday, December 18, 2024
Bypass Windows antivirus with C#
HowTo
AttackCycle/AntiForensics
OS/Windows
Application/PowerShell
Application/PowerShell/Invoke-Mimikatz
Wednesday, December 18, 2024
Calculate a file hash on Windows with CertUtil
HowTo
OS/Windows
Application/CertUtil
Cryptography/Hashes/SHA1
Wednesday, December 18, 2024
Call Mimikatz from a meterpreter shell
Application/Metasploit/meterpreter
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/PrivEsc
AttackCycle/LateralMovement
AttackCycle/Exploitation
Wednesday, December 18, 2024
cat
Application/cat
Wednesday, December 18, 2024
cewl
Application/cewl
OS/Linux/Distros/Kali
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Change a branch name in Git
Application/Git
HowTo
Wednesday, December 18, 2024
Change an RSA key passphrase with OpenSSL
HowTo
Application/OpenSSL
Cryptography/Cryptosystems/RSA
Wednesday, December 18, 2024
Cisco IOS
OS/CiscoIOS
Wednesday, December 18, 2024
Common Windows user types
OS/Windows
Wednesday, December 18, 2024
Compact VM disk images
HowTo
Application/libVirt
Application/VirtualBox
OS/Windows
OS/Linux
Application/SDelete
Application/dd
Wednesday, December 18, 2024
Confirm the existence of a Gmail address
Application/curl
WebApplication/Gmail
HowTo
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
crackmapexec
Application/crackmapexec
Protocol/SMB
AttackCycle/Exploitation
Wednesday, December 18, 2024
Create a GPG Key (with SSH support!)
Application/SSH
Application/GPG
HowTo
Wednesday, December 18, 2024
Cross-site scripting (XSS) attacks
FileFormat/HTML
Language/JavaScript
AttackCycle/Exploitation/XSS
AttackCycle/AntiForensics
Standard/URI
AttackCycle/Exfiltration
Wednesday, December 18, 2024
CUPP
Application/CUPP
OS/Linux/Distros/Kali
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
Day One to Obsidian conversion script
Application/Obsidian
Application/DayOne
Language/Python
Wednesday, December 18, 2024
DCERPC
Protocol/DCERPC
OS/Windows/Server
Wednesday, December 18, 2024
Debugging Bash scripts
Language/Bash
Wednesday, December 18, 2024
Default CIFS shares
Protocol/SMB
OS/Windows
AttackCycle/PrivEsc
AttackCycle/Exploitation
Wednesday, December 18, 2024
dig
Application/dig
AttackCycle/Reconnaissance
Protocol/DNS
Wednesday, December 18, 2024
dir
Application/dir
OS/Windows
Wednesday, December 18, 2024
Disable AMSI
HowTo
OS/Windows/AMSI
AttackCycle/AntiForensics
Application/PowerShell
OS/Windows/Defender
Wednesday, December 18, 2024
DRSUAPI
OS/Windows/Server
OS/Windows/ActiveDirectory
Protocol/DRSUAPI
Wednesday, December 18, 2024
Easy reverse DNS lookups
AttackCycle/Reconnaissance
Protocol/DNS
Wednesday, December 18, 2024
enum4linux
Application/enum4linux
Protocol/SMB
OS/Linux
Wednesday, December 18, 2024
Enumerate AD CS templates with CertUtil
HowTo
Application/CertUtil
OS/Windows/ActiveDirectory
AttackCycle/Reconnaissance
Protocol/Kerberos
Application/Rubeus
Wednesday, December 18, 2024
Equivalent Windows and *NIX commands
OS/AIX
OS/Linux
OS/macOS
OS/Android
OS/Windows
Application/cat
Application/type
Application/dig
Application/nslookup
Application/grep
Application/findstr
Application/select
Application/ifconfig
Application/ipconfig
Application/ls
Application/dir
Application/more
Application/netstat
Application/ping
Application/shutdown
Application/sleep
Application/timeout
Application/sudo
Application/RunAs
Application/tcpdump
Application/windump
Application/traceroute
Application/tracert
Application/wget
Application/whoami
Application/hostname
Language/Bash
Application/cmd
Wednesday, December 18, 2024
Evil-WinRM
Application/Evil-WinRM
AttackCycle/LateralMovement
Cryptography/Hashes/NT
Protocol/WinRM
Wednesday, December 18, 2024
Exploit LD_LIBRARY_PATH
HowTo
OS/Linux
AttackCycle/Exploitation
Application/sudo
Application/ldd
Wednesday, December 18, 2024
Exploit LD_PRELOAD
HowTo
OS/Linux
Application/sudo
AttackCycle/Exploitation
Wednesday, December 18, 2024
Exploit local Windows services
OS/Windows/Services
AttackCycle/Exploitation
Application/Metasploit/msfvenom
OS/Windows/EventLog
HowTo
Wednesday, December 18, 2024
Exploit local Windows tasks
OS/Windows/Tasks
AttackCycle/Exploitation
Application/PsExec
OS/Windows/Registry
AttackCycle/AntiForensics
HowTo
Application/icacls
Wednesday, December 18, 2024
Exploit remote Windows services
OS/Windows/Services
AttackCycle/LateralMovement
OS/Windows/UAC
Protocol/RCP
Protocol/SMB
Protocol/NetBIOS
HowTo
Wednesday, December 18, 2024
Exploit remote Windows tasks
OS/Windows/Tasks
AttackCycle/LateralMovement
OS/Windows/UAC
Protocol/RCP
Protocol/SMB
Protocol/NetBIOS
HowTo
Wednesday, December 18, 2024
Exploit VBA scripts with msfvenom
HowTo
Application/Metasploit/msfvenom
Language/VisualBasic
Application/Metasploit/meterpreter
Application/Excel
Application/Word
OS/Windows/WSH
Wednesday, December 18, 2024
Exploit weak /etc/passwd permissions
HowTo
OS/Linux
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Exploit weak /etc/shadow permissions
HowTo
OS/Linux
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Exploit the Windows DLL search order
AttackCycle/Exploitation
HowTo
OS/Windows
Wednesday, December 18, 2024
Exploit the Windows “Feature on Demand” Helper
OS/Windows/Registry
AttackCycle/PrivEsc
HowTo
Wednesday, December 18, 2024
Exploit Windows file associations
HowTo
AttackCycle/Exploitation
OS/Windows/Registry
Application/PowerShell
Application/netcat
Wednesday, December 18, 2024
Exploit Windows HTML applications with msfvenom
FileFormat/HTA
FileFormat/HTML
Application/Metasploit/msfvenom
AttackCycle/Exploitation
HowTo
Application/netcat
Application/Metasploit
Wednesday, December 18, 2024
Exploit Windows services
OS/Windows/Services
AttackCycle/Exploitation
AttackCycle/LateralMovement
HowTo
Wednesday, December 18, 2024
Exploit Windows shortcut files
AttackCycle/Exploitation
HowTo
Application/PowerShell
Application/netcat
OS/Windows
Wednesday, December 18, 2024
Exploit Windows tasks
OS/Windows/Tasks
AttackCycle/Exploitation
AttackCycle/LateralMovement
HowTo
Wednesday, December 18, 2024
Exploit the WinLogon initialization sequence
OS/Windows/WinLogin
OS/Windows/Registry
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
Export highlights and annotations from Kobo eReaders
HowTo
Hardware/Kobo
Wednesday, December 18, 2024
Extract the webpage title from a URL
HowTo
Language/Python
OS/Linux/Distros/Debian
Wednesday, December 18, 2024
ffmpeg
Application/ffmpeg
FileFormat/M4A
FileFormat/MP3
FileFormat/MP4
FileFormat/GIF
FileFormat/WebP
Application/LAME
Wednesday, December 18, 2024
find
Application/find
AttackCycle/Reconnaissance
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Find and replace a single line in a large text file
Application/sed
HowTo
Wednesday, December 18, 2024
Find executables with SUID capabilities
HowTo
Application/getcap
AttackCycle/Reconnaissance
OS/Linux/Permissions
Wednesday, December 18, 2024
findstr
Application/findstr
Application/grep
OS/Windows
Wednesday, December 18, 2024
finger
Application/finger
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Fix EXIF data on Google Photos exports
WebApplication/GooglePhotos
Application/ExifTool
HowTo
FileFormat/XMP
FileFormat/JSON
Wednesday, December 18, 2024
FTP
Application/ftp
Protocol/FTP
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
FTPS
Protocol/FTPS
Wednesday, December 18, 2024
fuff
Application/fuff
AttackCycle/Reconnaissance/Fuzzing
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
gdb
Application/gdb
Wednesday, December 18, 2024
“Gemini compatible” markdown
Protocol/Gemini
FileFormat/Gemtext
FileFormat/Markdown
Wednesday, December 18, 2024
Get-FileHash
Application/PowerShell
Cryptography/Hashes
Cryptography/Hashes/SHA256
Wednesday, December 18, 2024
Get a shell from ViM
Application/ViM
AttackCycle/PrivEsc
LoLBins
Wednesday, December 18, 2024
Get an SSL certificate
Protocol/TLS
HowTo
Application/OpenSSL
Wednesday, December 18, 2024
Get-WinEvent
OS/Windows/EventLog
Application/PowerShell
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Git on Windows
OS/Windows
Application/Git
Application/SSH
Application/PowerShell
Wednesday, December 18, 2024
gobuster
Application/gobuster
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Golden and silver ticket attacks
Protocol/Kerberos
OS/Windows/ActiveDirectory
Cryptography/Hashes/NT
AttackCycle/PrivEsc/GoldenTickets
AttackCycle/LateralMovement/SilverTickets
Wednesday, December 18, 2024
grep
Application/grep
Wednesday, December 18, 2024
The Harvester
Application/TheHarvester
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Hashcat
Application/Hashcat
Application/Metasploit
AttackCycle/PrivEsc
Cryptography/Hashes/MD5
Cryptography/Hashes/SHA1
Cryptography/Hashes/MD4
Cryptography/Hashes/NT
Cryptography/Hashes/SHA256
Cryptography/Hashes/SHA512
Cryptography/Hashes/LANMAN
Cryptography/Hashes/bcrypt
Cryptography/Hashes/AS-REP
Cryptography/Hashes/TGS-REP
AttackCycle/Exploitation/AS-REPRoasting
Wednesday, December 18, 2024
How to exploit the Bash PS4 (debugging) prompt
Language/Bash
AttackCycle/PrivEsc
HowTo
Wednesday, December 18, 2024
HTML applications
FileFormat/HTML
FileFormat/HTA
OS/Windows
Wednesday, December 18, 2024
HTTP
Protocol/HTTP
Wednesday, December 18, 2024
Hydra
Application/Hydra
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
icacls
Application/icacls
Application/PowerShell
OS/Windows/Permissions
Wednesday, December 18, 2024
ICMP
Protocol/ICMP
Wednesday, December 18, 2024
iftop
Application/iftop
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
IIS configuration data
OS/Windows/IIS
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
IMAP
Protocol/IMAP
Wednesday, December 18, 2024
Impacket
Application/Impacket
Application/PsExec
Protocol/Kerberos
OS/Windows/ActiveDirectory
Wednesday, December 18, 2024
Invoke-Mimikatz
Application/PowerShell/Invoke-Mimikatz
AttackCycle/PrivEsc
AttackCycle/LateralMovement
Protocol/Kerberos
OS/Windows/ActiveDirectory
AttackCycle/Reconnaissance
AttackCycle/PrivEsc/PassTheHash
AttackCycle/LateralMovement/PassTheHash
Wednesday, December 18, 2024
Invoke-WebRequest
Application/PowerShell
Wednesday, December 18, 2024
iOS quirks
Application/Shortcuts
Application/OneDrive
OS/iOS
Wednesday, December 18, 2024
ipconfig
OS/Windows
Application/ipconfig
Wednesday, December 18, 2024
IPSec
Protocol/IPSec
Application/ike-scan
Application/psk-crack
AttackCycle/Exploitation
Wednesday, December 18, 2024
IPv4
Protocol/IPv4
Cloud/AWS
Wednesday, December 18, 2024
Java
Language/Java
Application/netcat
Protocol/HTTP
OS/Linux/Distros/Kali
AttackCycle/Exploitation
Wednesday, December 18, 2024
John the Ripper
Application/JohnTheRipper
AttackCycle/PrivEsc
Application/Metasploit
Application/grep
Application/cewl
Application/CUPP
Application/Hashcat
Cryptography/Hashes
Application/SSH
Wednesday, December 18, 2024
JSON Web Tokens (JWTs)
Standard/JWT
AttackCycle/Exploitation
AttackCycle/Exploitation/BruteForcing
Protocol/HTTP
Cryptography/Signatures
Wednesday, December 18, 2024
Kerberoasting
Protocol/Kerberos
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/Kerberoasting
Application/PowerShell/Invoke-Kerberoast
Application/Hashcat
Application/JohnTheRipper
Wednesday, December 18, 2024
Kerberoasting with Impacket
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/Exploitation/Kerberoasting
Application/Impacket
Application/Hashcat
OS/Linux/Distros/Kali
Wednesday, December 18, 2024
Kerberoasting with Rubeus
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/Exploitation/Kerberoasting
Application/Rubeus
Application/Hashcat
Wednesday, December 18, 2024
Kerberos
Protocol/Kerberos
OS/Windows/ActiveDirectory
Application/Mimikatz
Application/Rubeus
FileFormat/kirbi
Cryptography/Hashes/NT
AttackCycle/PrivEsc
AttackCycle/LateralMovement
AttackCycle/Exploitation/Kerberoasting
Application/PowerShell/Invoke-Kerberoast
Application/Hashcat
Application/JohnTheRipper
OS/Linux/Distros/Kali
AttackCycle/Exploitation/AS-REPRoasting
AttackCycle/PrivEsc/GoldenTickets
AttackCycle/LateralMovement/SilverTickets
Wednesday, December 18, 2024
Kerbrute
Protocol/Kerberos
Protocol/UDP
OS/Windows/ActiveDirectory
Application/Kerbrute
AttackCycle/Reconnaissance/BruteForcing
Wednesday, December 18, 2024
less
Application/less
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Load a shell with a simple executable
HowTo
AttackCycle/Exploitation
Application/Metasploit/msfvenom
Language/Bash
Wednesday, December 18, 2024
Local file inclusion (LFI) attacks
AttackCycle/Exploitation/LocalFileInclusion
Language/PHP
Wednesday, December 18, 2024
Look up unicode symbols and emojis
HowTo
Wednesday, December 18, 2024
MAC address
Hardware/MACAddress
Protocol/WiFi
Wednesday, December 18, 2024
Magic numbers
Language/PHP
AttackCycle/AntiForensics
Wednesday, December 18, 2024
man
Application/man
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Match files to packages in Debian-based operating systems
HowTo
OS/Linux/Distros/Debian
AttackCycle/Reconnaissance
Application/dpkg-query
Wednesday, December 18, 2024
Match files to packages in Red Hat-based operating systems
HowTo
OS/Linux/Distros/RedHat
OS/AIX
AttackCycle/Reconnaissance
Application/rpm
Wednesday, December 18, 2024
Metasploit MS SQL modules
Application/MSSQL
Application/Metasploit
Application/Nmap
AttackCycle/Reconnaissance
AttackCycle/Exploitation
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
meterpreter
Application/Metasploit/meterpreter
AttackCycle/Exploitation
AttackCycle/Reconnaissance
AttackCycle/AntiForensics
Cryptography/Hashes/NT
OS/Windows/SAM
AttackCycle/PrivEsc/GoldenTickets
Application/Mimikatz
OS/Windows/EventLog
Application/PowerShell
AttackCycle/PrivEsc
OS/Windows/LSASS
Wednesday, December 18, 2024
Mimikatz
Application/Mimikatz
AttackCycle/Reconnaissance
AttackCycle/LateralMovement
AttackCycle/PrivEsc
OS/Windows/ActiveDirectory
Protocol/Kerberos
Cryptography/Hashes/NT
Application/PsExec
Application/Evil-WinRM
Application/XFreeRDP
OS/Windows/LSASS
OS/Windows/SAM
AttackCycle/LateralMovement/SilverTickets
AttackCycle/PrivEsc/GoldenTickets
AttackCycle/PrivEsc/PassTheHash
AttackCycle/LateralMovement/PassTheHash
Wednesday, December 18, 2024
MITRE ATT&CK emulation plans
Standard/MITRE/Emulation
Wednesday, December 18, 2024
more
Application/more
Application/cat
Application/sudo
AttackCycle/PrivEsc
AttackCycle/Exploitation
Wednesday, December 18, 2024
msfconsole
Application/Metasploit/msfconsole
AttackCycle/CommandAndControl
AttackCycle/AntiForensics
AttackCycle/Exploitation
Application/SSH
Application/Nmap
Protocol/TCP
Protocol/UDP
Protocol/HTTP
Protocol/SMB
Protocol/SMTP
Application/MySQL
AttackCycle/Exploitation/BruteForcing
Cryptography/Hashes/NT
Application/Metasploit/msfvenom
Application/Metasploit/meterpreter
Application/PsExec
OS/Windows
Application/JohnTheRipper
Protocol/RDP
AttackCycle/LateralMovement
Application/proxychains
Protocol/SOCKS
Wednesday, December 18, 2024
msfvenom
Application/Metasploit/msfvenom
AttackCycle/Exploitation
Application/netcat
OS/Linux
OS/Windows
OS/macOS
FileFormat/HTA
Application/Metasploit/meterpreter
Language/VisualBasic
Language/Bash
Language/Python
Language/Perl
Language/PHP
Language/Java
Wednesday, December 18, 2024
MS SQL
Application/MSSQL
OS/Windows
Application/PowerShell/Powercat
Application/netcat
AttackCycle/PrivEsc
Wednesday, December 18, 2024
MySQL
Application/MySQL
AttackCycle/Exploitation
AttackCycle/PrivEsc
Wednesday, December 18, 2024
nano
Application/nano
Application/sudo
AttackCycle/PrivEsc
Wednesday, December 18, 2024
nbtscan
Application/nbtscan
Protocol/SMB
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
net
OS/Windows
Application/net
AttackCycle/Reconnaissance
LoLBins
AttackCycle/PrivEsc
Wednesday, December 18, 2024
netcat
Application/netcat
AttackCycle/Exploitation/XSS
AttackCycle/Exploitation/SQLi
AttackCycle/LateralMovement
Application/Nmap
Protocol/TCP
Protocol/UDP
Application/Metasploit/msfvenom
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
netsh
Application/netsh
OS/Windows/Firewall
Wednesday, December 18, 2024
netstat
Application/netstat
OS/Linux
OS/Windows
Application/findstr
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
NFS
Protocol/NFS
Wednesday, December 18, 2024
Nikto
Application/Nikto
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Nmap
Application/Nmap
Protocol/TCP
OS/Windows/Firewall
Protocol/ICMP
AttackCycle/Reconnaissance
Protocol/UDP
Protocol/HTTP
Protocol/SOCKS
Hardware/MACAddress
Protocol/ARP
Protocol/SMB
Protocol/NFS
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Node.js
Application/NodeJS
AttackCycle/Exploitation
Wednesday, December 18, 2024
nslookup
Application/nslookup
OS/Windows
OS/Linux
Application/dig
Wednesday, December 18, 2024
NTLM hashes
Cryptography/Hashes/NT
OS/Windows/SAM
Cryptography/Hashes/MD4
OS/Windows
Wednesday, December 18, 2024
Oracle SQL Server
Application/Oracle
Application/tnscmd10g
Application/oscanner
Application/sidguess
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
OSI model
Standard/OSI
Wednesday, December 18, 2024
OWASP ZAP
Application/OWASPZAP
Application/BurpSuite
AttackCycle/Reconnaissance/Fuzzing
AttackCycle/Reconnaissance/BruteForcing
OS/Linux/Distros/Kali
Wednesday, December 18, 2024
Perl
Language/Perl
AttackCycle/Exploitation
Application/netcat
Application/socat
Wednesday, December 18, 2024
PHP
Language/PHP
AttackCycle/Exploitation
OS/Linux/Distros/Kali
Application/netcat
Application/socat
Wednesday, December 18, 2024
PHP local file inclusion attacks
AttackCycle/Exploitation/LocalFileInclusion
Language/PHP
OS/Linux/Distros/Kali
AttackCycle/Exploitation/NullByteAttacks
Wednesday, December 18, 2024
ping
Application/ping
OS/Windows
OS/Linux
Wednesday, December 18, 2024
Poison null byte attack
AttackCycle/Exploitation/NullByteAttacks
Wednesday, December 18, 2024
Poison null byte in PHP
AttackCycle/Exploitation/NullByteAttacks
Language/PHP
Wednesday, December 18, 2024
Polkit
OS/Linux/Polkit
AttackCycle/PrivEsc
Wednesday, December 18, 2024
POP3
Protocol/POP3
Wednesday, December 18, 2024
Pop a SYSTEM shell on the Windows login screen using sticky keys
Application/icacls
OS/Windows
Application/takeown
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
Pop a SYSTEM shell on the Windows login screen using Utilman
Application/icacls
Application/takeown
AttackCycle/Exploitation
OS/Windows
HowTo
Wednesday, December 18, 2024
Port scanning with Bash
Language/Bash
AttackCycle/Reconnaissance
Protocol/TCP
Wednesday, December 18, 2024
POSIX process signals
OS/Linux
OS/AIX
OS/macOS
Standard/POSIX
Wednesday, December 18, 2024
Powercat
Application/PowerShell/Powercat
AttackCycle/LateralMovement
Application/netcat
OS/Linux/Distros/Kali
OS/Windows/AMSI
Wednesday, December 18, 2024
PowerShell reverse shell
Application/PowerShell
AttackCycle/Exploitation
Application/whoami
Language/PHP
Wednesday, December 18, 2024
PowerView
Application/PowerShell/PowerView
AttackCycle/Reconnaissance
OS/Windows/AMSI
Wednesday, December 18, 2024
ps
Application/ps
OS/Linux
OS/AIX
OS/macOS
Wednesday, December 18, 2024
Pull SSL certificates from an external server
Application/OpenSSL
HowTo
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Python
Language/Python
Scripts
Application/netcat
Application/socat
AttackCycle/Exploitation
Wednesday, December 18, 2024
Quickly bypass ssh-agent
HowTo
Application/SSH
Wednesday, December 18, 2024
Quickly find the canonical path of a file
HowTo
OS/Linux/Distros/Debian
Application/readlink
Wednesday, December 18, 2024
Quick-n-dirty Python web server
Language/Python
Protocol/HTTP
AttackCycle/Exfiltration
AttackCycle/Exploitation
Wednesday, December 18, 2024
RCE via XXE in PHP
AttackCycle/Exploitation/XXE
Language/PHP
FileFormat/XML
Wednesday, December 18, 2024
Read a file beginning with a dash (-)
Language/Bash
HowTo
Application/cat
Wednesday, December 18, 2024
reg
OS/Windows/Registry
Application/reg
Wednesday, December 18, 2024
RegEx metacharacters
Standard/RegEx
Wednesday, December 18, 2024
Remotely install a Windows package with PowerShell
HowTo
OS/Windows
Application/PowerShell
AttackCycle/LateralMovement
AttackCycle/Exploitation
Wednesday, December 18, 2024
Remove duplicate lines in Bash
Language/Bash
HowTo
Wednesday, December 18, 2024
Retrieve AIX fileset information
OS/AIX
HowTo
Application/lslpp
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Retrieve AIX system information
OS/AIX
HowTo
Application/oslevel
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Rubeus
Application/Rubeus
Protocol/Kerberos
OS/Windows/ActiveDirectory
AttackCycle/Reconnaissance
AttackCycle/Exploitation/BruteForcing
OS/Linux/Distros/Kali
AttackCycle/PrivEsc
Application/Certify
AttackCycle/LateralMovement
Wednesday, December 18, 2024
Ruby
Language/Ruby
AttackCycle/Exploitation
Application/netcat
Application/socat
Wednesday, December 18, 2024
RunAs
Application/RunAs
OS/Windows
Application/sudo
Application/cmdkey
Application/whoami
Wednesday, December 18, 2024
Run commands directly with PowerShell
Application/PowerShell
HowTo
Wednesday, December 18, 2024
Run a remote Windows command using PowerShell
Application/PowerShell
OS/Windows
AttackCycle/LateralMovement
HowTo
Wednesday, December 18, 2024
Send a command using OpenSSL
Application/OpenSSL
HowTo
Wednesday, December 18, 2024
Set the PATH in a session on UNIX-like operating systems
Language/Bash
OS/Linux
OS/AIX
HowTo
Wednesday, December 18, 2024
Set the PATH in a session on Windows
Application/PowerShell
OS/Windows
HowTo
Wednesday, December 18, 2024
Set up WMI in PowerShell
OS/Windows/WMI
Application/PowerShell
HowTo
AttackCycle/LateralMovement
Wednesday, December 18, 2024
Shell stabilization
Application/netcat
Language/Python
Application/rlwrap
Application/socat
Language/Bash
Wednesday, December 18, 2024
SIP
Protocol/SIP
Protocol/TCP
Protocol/UDP
Protocol/HTTP
Standard/URI
Wednesday, December 18, 2024
smbclient
Application/smbclient
Protocol/SMB
Protocol/FTP
Application/enum4linux
AttackCycle/Reconnaissance
OS/Linux
Wednesday, December 18, 2024
smbget
Application/smbget
Protocol/SMB
Application/smbclient
Standard/URI
Wednesday, December 18, 2024
smbmap
Application/smbmap
Protocol/SMB
Wednesday, December 18, 2024
SMTP
Protocol/SMTP
Wednesday, December 18, 2024
socat
Application/socat
Application/netcat
Application/PowerShell
AttackCycle/LateralMovement
AttackCycle/AntiForensics
Wednesday, December 18, 2024
SQL injection attacks
AttackCycle/Exploitation/SQLi
Language/PHP
Protocol/HTTP
Application/BurpSuite
Language/SQL
Application/MySQL
AttackCycle/PrivEsc
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
SQLMap
Application/SQLMap
AttackCycle/Exploitation/SQLi
Application/Metasploit/meterpreter
Application/MySQL
Application/PostgreSQL
Wednesday, December 18, 2024
ss
Application/ss
Application/netstat
Protocol/TCP
Protocol/UDP
Wednesday, December 18, 2024
SSH
Application/SSH
AttackCycle/LateralMovement
Protocol/SOCKS
OS/Windows
Protocol/Kerberos
Wednesday, December 18, 2024
sudo
Application/sudo
AttackCycle/Exploitation
Wednesday, December 18, 2024
systemctl
Application/systemctl
AttackCycle/PrivEsc
Application/sudo
Wednesday, December 18, 2024
systeminfo
Application/systeminfo
OS/Windows
Application/findstr
OS/Windows/ActiveDirectory
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
tar
Application/tar
AttackCycle/Exploitation
Wednesday, December 18, 2024
TCP
Protocol/TCP
Standard/OSI
Application/Wireshark
Wednesday, December 18, 2024
tcpdump
Application/tcpdump
Application/Wireshark
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
TCP header flags
Protocol/TCP
Wednesday, December 18, 2024
TCP headers
Protocol/TCP
Wednesday, December 18, 2024
TCP window size
Protocol/TCP
Wednesday, December 18, 2024
Telnet
Application/telnet
Protocol/Telnet
Protocol/TCP
Wednesday, December 18, 2024
tmux
Application/tmux
Wednesday, December 18, 2024
Transfer files over FTP using netcat
Application/netcat
Protocol/FTP
HowTo
Wednesday, December 18, 2024
UDP
Protocol/UDP
Wednesday, December 18, 2024
unbuffer
Application/unbuffer
Application/tee
Wednesday, December 18, 2024
Uniform resource locators (URLs)
Standard/URI
Wednesday, December 18, 2024
UNIX file descriptors
OS/Linux
OS/AIX
Language/Bash
OS/macOS
Standard/POSIX
Wednesday, December 18, 2024
UNIX password hashes
OS/Linux
Cryptography/Hashes/MD5
Cryptography/Hashes/bcrypt
Cryptography/Hashes/SHA512
Wednesday, December 18, 2024
UNIX permissions
OS/Linux
OS/macOS
OS/AIX
Standard/POSIX
Wednesday, December 18, 2024
Unquoted path handling in Windows
OS/Windows
AttackCycle/Exploitation
Wednesday, December 18, 2024
Upgrade PostgreSQL
Application/PostgreSQL
HowTo
Wednesday, December 18, 2024
Use an alternate SSH key with Git
HowTo
Application/SSH
Application/Git
Application/GPG
Application/KeePassXC
Wednesday, December 18, 2024
Use Bash functions to “backdoor” executables
Language/Bash
AttackCycle/Exploitation
AttackCycle/PrivEsc
HowTo
Wednesday, December 18, 2024
Use Burp Suite with Firefox
Application/BurpSuite
Application/Firefox
OS/Linux/Distros/Kali
HowTo
Wednesday, December 18, 2024
Use Burp Suite with mobile apps
Application/BurpSuite
HowTo
Wednesday, December 18, 2024
Use curl and jq with web APIs
Application/curl
Application/jq
HowTo
Wednesday, December 18, 2024
Useful built-in commands for Linux reconnaissance
OS/Linux
AttackCycle/Reconnaissance
LoLBins
Wednesday, December 18, 2024
Useful built-in commands for Windows reconnaissance
OS/Windows
AttackCycle/Reconnaissance
Application/arp
Application/cmdkey
Application/driverquery
Application/hostname
Application/net
Application/query
Application/reg
OS/Windows/Services
OS/Windows/Tasks
Application/systeminfo
Application/whoami
Wednesday, December 18, 2024
Useful Linux reconnaissance scripts
OS/Linux
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Useful scripts for Windows reconnaissance
AttackCycle/Reconnaissance
OS/Windows
Application/WinPEAS
Application/Metasploit
Application/WindowsExploitSuggester
OS/Windows/Defender
Application/PowerShell/PowerUp
Application/Metasploit/meterpreter
Application/systeminfo
Wednesday, December 18, 2024
Use OpenSSL to encrypt and decrypt files
HowTo
Application/OpenSSL
Cryptography/Cryptosystems/RSA
Wednesday, December 18, 2024
Use a Raspberry Pi 4B as hacking accessory
HowTo
Hardware/RaspberryPi/4B
OS/Linux/Distros/Kali
Application/MicrosoftRemoteDesktop
Application/SSH/Dropbear
Application/JumpDesktop
Hardware/iPadPro
Wednesday, December 18, 2024
Use unsupported display resolutions with Samsung DeX
HowTo
OS/Android
Application/SamsungDeX
Application/GoodLock
Application/ADB
Wednesday, December 18, 2024
Use the Windows Firewall to relay ports
OS/Windows/Firewall
AttackCycle/LateralMovement
HowTo
Application/netsh
Wednesday, December 18, 2024
Use WinRM with PowerShell
HowTo
Protocol/WinRM
Application/PowerShell
OS/Windows
Wednesday, December 18, 2024
ViM
Language/Python
AttackCycle/PrivEsc
Application/ViM
Wednesday, December 18, 2024
Visual Basic for Applications
Language/VisualBasic
OS/Windows/WSH
AttackCycle/Exploitation
Wednesday, December 18, 2024
wfuzz
Application/wfuzz
AttackCycle/Reconnaissance/Fuzzing
Application/BurpSuite
Wednesday, December 18, 2024
whoami
Application/whoami
OS/Linux
OS/macOS
OS/AIX
OS/Windows
Wednesday, December 18, 2024
Wi-Fi
Protocol/WiFi
Hardware/MACAddress
Wednesday, December 18, 2024
Windows DLL search order
OS/Windows
Application/ProcMon
Wednesday, December 18, 2024
Windows event IDs
OS/Windows/EventLog
Wednesday, December 18, 2024
Windows event logs
OS/Windows/EventLog
Wednesday, December 18, 2024
Windows local service accounts
OS/Windows/Services
Wednesday, December 18, 2024
Windows logon scripts
OS/Windows/UserInit
OS/Windows/Registry
AttackCycle/Exploitation
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Windows permissions
OS/Windows/Permissions
OS/Linux/Permissions
Wednesday, December 18, 2024
Windows reconnaissance with PowerShell
OS/Windows/ActiveDirectory
OS/Windows/Firewall
Application/PowerShell
OS/Windows
AttackCycle/Reconnaissance
OS/Windows/EventLog
OS/Windows/Services
Wednesday, December 18, 2024
Windows Remote Management
Application/PowerShell
OS/Windows/Registry
OS/Windows/UAC
AttackCycle/LateralMovement
Protocol/WinRM
Wednesday, December 18, 2024
Windows Run and RunOnce Registry keys
OS/Windows/Registry
Wednesday, December 18, 2024
Windows Scripting Host
OS/Windows/WSH
Language/VisualBasic
AttackCycle/Exploitation
Wednesday, December 18, 2024
Windows SeBackup and SeRestore permissions
OS/Windows/SAM
OS/Windows/Permissions/SeBackup
OS/Windows/Permissions/SeRestore
Application/reg
Application/Impacket
Wednesday, December 18, 2024
Windows SeImpersonate and SeAssignPrimaryToken permissions
OS/Windows/Permissions/SeImpersonate
OS/Windows/Permissions/SeAssignPrimaryToken
Protocol/WinRM
Application/RogueWinRM
Application/PowerShell
AttackCycle/LateralMovement
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Windows service ACLs
OS/Windows/Permissions
OS/Windows/Services
Protocol/WinRM
Application/PowerShell
Wednesday, December 18, 2024
Windows services
OS/Windows/Services
OS/Windows/Registry
OS/Windows/Drivers
Wednesday, December 18, 2024
Windows SeTakeOwnership permission
Application/icacls
OS/Windows/Permissions/SeTakeOwnership
Application/takeown
OS/Windows
Wednesday, December 18, 2024
Windows Startup folder
OS/Windows
Wednesday, December 18, 2024
Windows unattended installation data
OS/Windows
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
winrs
OS/Windows
Application/winrs
Protocol/WinRM
Application/PowerShell
Wednesday, December 18, 2024
Wireshark
Application/Wireshark
Protocol/TCP
Protocol/HTTP
Protocol/ARP
Wednesday, December 18, 2024
wmic
OS/Windows
Application/wmic
Application/WindowsExploitSuggester
AttackCycle/Reconnaissance
AttackCycle/Exploitation
AttackCycle/LateralMovement
Application/PowerShell
Wednesday, December 18, 2024
Working with services in PowerShell
Application/PowerShell
OS/Windows/Services
Wednesday, December 18, 2024
Work with base64 encoding using PowerShell
HowTo
Application/PowerShell
Standard/Base64
Wednesday, December 18, 2024
Work with remote services using WMI and PowerShell
OS/Windows/WMI
Application/PowerShell
OS/Windows/Services
HowTo
Wednesday, December 18, 2024
Work with remote tasks using WMI and PowerShell
HowTo
Application/PowerShell
OS/Windows/Tasks
AttackCycle/Exploitation
AttackCycle/PrivEsc
OS/Windows/WMI
Wednesday, December 18, 2024
XFreeRDP
Application/XFreeRDP
Cryptography/Hashes/NT
AttackCycle/LateralMovement
Wednesday, December 18, 2024
XML external entity (XXE) attacks
AttackCycle/Exploitation/XXE
Standard/URI
FileFormat/XML
Wednesday, December 18, 2024
Xterm
Application/Xterm
Protocol/X11
AttackCycle/LateralMovement
Wednesday, December 18, 2024
xxd
Application/xxd
OS/Linux
Wednesday, December 18, 2024
youtube-dl
Application/youtube-dl
Application/ffmpeg
Language/Python
Standard/HD