Cardboard Iguana Security
/
tags
/
AttackCycle
/
Exploitation
Dark mode
Light mode
Search
Search
71 items with this tag.
Wednesday, December 18, 2024
Abusing wildcard expansion in Bash
Language/Bash
Application/tar
AttackCycle/Exploitation
OS/Linux
Wednesday, December 18, 2024
Aircrack-NG
Application/Aircrack
AttackCycle/Reconnaissance
AttackCycle/Exploitation
Protocol/WiFi
Wednesday, December 18, 2024
AS-REP roasting
Protocol/Kerberos
OS/Windows/ActiveDirectory
Cryptography/Hashes/NT
AttackCycle/Exploitation/AS-REPRoasting
AttackCycle/Exploitation/Kerberoasting
Wednesday, December 18, 2024
AS-REP roasting with Impacket
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/AS-REPRoasting
Application/Impacket
Protocol/Kerberos
Wednesday, December 18, 2024
AS-REP roasting With Rubeus
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/AS-REPRoasting
Application/Rubeus
Application/Hashcat
Wednesday, December 18, 2024
Avoid dropping privileges with SUID Bash
Language/Bash
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
Backdoor Visual Basic Scripts
AttackCycle/Exploitation
HowTo
Language/VisualBasic
FileFormat/VBS
Protocol/SMB
OS/Windows
Wednesday, December 18, 2024
Burp Suite
Application/BurpSuite
AttackCycle/Reconnaissance/Fuzzing
AttackCycle/Exploitation/BruteForcing
OS/Linux/Distros/Kali
Wednesday, December 18, 2024
Bypass the PowerShell execution policy
Application/PowerShell
OS/Windows
HowTo
AttackCycle/Exploitation
Wednesday, December 18, 2024
Call Mimikatz from a meterpreter shell
Application/Metasploit/meterpreter
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/PrivEsc
AttackCycle/LateralMovement
AttackCycle/Exploitation
Wednesday, December 18, 2024
crackmapexec
Application/crackmapexec
Protocol/SMB
AttackCycle/Exploitation
Wednesday, December 18, 2024
Cross-site scripting (XSS) attacks
FileFormat/HTML
Language/JavaScript
AttackCycle/Exploitation/XSS
AttackCycle/AntiForensics
Standard/URI
AttackCycle/Exfiltration
Wednesday, December 18, 2024
CUPP
Application/CUPP
OS/Linux/Distros/Kali
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
Default CIFS shares
Protocol/SMB
OS/Windows
AttackCycle/PrivEsc
AttackCycle/Exploitation
Wednesday, December 18, 2024
Exploit LD_LIBRARY_PATH
HowTo
OS/Linux
AttackCycle/Exploitation
Application/sudo
Application/ldd
Wednesday, December 18, 2024
Exploit LD_PRELOAD
HowTo
OS/Linux
Application/sudo
AttackCycle/Exploitation
Wednesday, December 18, 2024
Exploit local Windows services
OS/Windows/Services
AttackCycle/Exploitation
Application/Metasploit/msfvenom
OS/Windows/EventLog
HowTo
Wednesday, December 18, 2024
Exploit local Windows tasks
OS/Windows/Tasks
AttackCycle/Exploitation
Application/PsExec
OS/Windows/Registry
AttackCycle/AntiForensics
HowTo
Application/icacls
Wednesday, December 18, 2024
Exploit the Windows DLL search order
AttackCycle/Exploitation
HowTo
OS/Windows
Wednesday, December 18, 2024
Exploit Windows file associations
HowTo
AttackCycle/Exploitation
OS/Windows/Registry
Application/PowerShell
Application/netcat
Wednesday, December 18, 2024
Exploit Windows HTML applications with msfvenom
FileFormat/HTA
FileFormat/HTML
Application/Metasploit/msfvenom
AttackCycle/Exploitation
HowTo
Application/netcat
Application/Metasploit
Wednesday, December 18, 2024
Exploit Windows services
OS/Windows/Services
AttackCycle/Exploitation
AttackCycle/LateralMovement
HowTo
Wednesday, December 18, 2024
Exploit Windows shortcut files
AttackCycle/Exploitation
HowTo
Application/PowerShell
Application/netcat
OS/Windows
Wednesday, December 18, 2024
Exploit Windows tasks
OS/Windows/Tasks
AttackCycle/Exploitation
AttackCycle/LateralMovement
HowTo
Wednesday, December 18, 2024
Exploit the WinLogon initialization sequence
OS/Windows/WinLogin
OS/Windows/Registry
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
fuff
Application/fuff
AttackCycle/Reconnaissance/Fuzzing
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
Hashcat
Application/Hashcat
Application/Metasploit
AttackCycle/PrivEsc
Cryptography/Hashes/MD5
Cryptography/Hashes/SHA1
Cryptography/Hashes/MD4
Cryptography/Hashes/NT
Cryptography/Hashes/SHA256
Cryptography/Hashes/SHA512
Cryptography/Hashes/LANMAN
Cryptography/Hashes/bcrypt
Cryptography/Hashes/AS-REP
Cryptography/Hashes/TGS-REP
AttackCycle/Exploitation/AS-REPRoasting
Wednesday, December 18, 2024
Hydra
Application/Hydra
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
IPSec
Protocol/IPSec
Application/ike-scan
Application/psk-crack
AttackCycle/Exploitation
Wednesday, December 18, 2024
Java
Language/Java
Application/netcat
Protocol/HTTP
OS/Linux/Distros/Kali
AttackCycle/Exploitation
Wednesday, December 18, 2024
JSON Web Tokens (JWTs)
Standard/JWT
AttackCycle/Exploitation
AttackCycle/Exploitation/BruteForcing
Protocol/HTTP
Cryptography/Signatures
Wednesday, December 18, 2024
Kerberoasting
Protocol/Kerberos
OS/Windows/ActiveDirectory
AttackCycle/Exploitation/Kerberoasting
Application/PowerShell/Invoke-Kerberoast
Application/Hashcat
Application/JohnTheRipper
Wednesday, December 18, 2024
Kerberoasting with Impacket
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/Exploitation/Kerberoasting
Application/Impacket
Application/Hashcat
OS/Linux/Distros/Kali
Wednesday, December 18, 2024
Kerberoasting with Rubeus
OS/Windows/ActiveDirectory
Protocol/Kerberos
AttackCycle/Exploitation/Kerberoasting
Application/Rubeus
Application/Hashcat
Wednesday, December 18, 2024
Kerberos
Protocol/Kerberos
OS/Windows/ActiveDirectory
Application/Mimikatz
Application/Rubeus
FileFormat/kirbi
Cryptography/Hashes/NT
AttackCycle/PrivEsc
AttackCycle/LateralMovement
AttackCycle/Exploitation/Kerberoasting
Application/PowerShell/Invoke-Kerberoast
Application/Hashcat
Application/JohnTheRipper
OS/Linux/Distros/Kali
AttackCycle/Exploitation/AS-REPRoasting
AttackCycle/PrivEsc/GoldenTickets
AttackCycle/LateralMovement/SilverTickets
Wednesday, December 18, 2024
Load a shell with a simple executable
HowTo
AttackCycle/Exploitation
Application/Metasploit/msfvenom
Language/Bash
Wednesday, December 18, 2024
Local file inclusion (LFI) attacks
AttackCycle/Exploitation/LocalFileInclusion
Language/PHP
Wednesday, December 18, 2024
Metasploit MS SQL modules
Application/MSSQL
Application/Metasploit
Application/Nmap
AttackCycle/Reconnaissance
AttackCycle/Exploitation
AttackCycle/Exploitation/BruteForcing
Wednesday, December 18, 2024
meterpreter
Application/Metasploit/meterpreter
AttackCycle/Exploitation
AttackCycle/Reconnaissance
AttackCycle/AntiForensics
Cryptography/Hashes/NT
OS/Windows/SAM
AttackCycle/PrivEsc/GoldenTickets
Application/Mimikatz
OS/Windows/EventLog
Application/PowerShell
AttackCycle/PrivEsc
OS/Windows/LSASS
Wednesday, December 18, 2024
more
Application/more
Application/cat
Application/sudo
AttackCycle/PrivEsc
AttackCycle/Exploitation
Wednesday, December 18, 2024
msfconsole
Application/Metasploit/msfconsole
AttackCycle/CommandAndControl
AttackCycle/AntiForensics
AttackCycle/Exploitation
Application/SSH
Application/Nmap
Protocol/TCP
Protocol/UDP
Protocol/HTTP
Protocol/SMB
Protocol/SMTP
Application/MySQL
AttackCycle/Exploitation/BruteForcing
Cryptography/Hashes/NT
Application/Metasploit/msfvenom
Application/Metasploit/meterpreter
Application/PsExec
OS/Windows
Application/JohnTheRipper
Protocol/RDP
AttackCycle/LateralMovement
Application/proxychains
Protocol/SOCKS
Wednesday, December 18, 2024
msfvenom
Application/Metasploit/msfvenom
AttackCycle/Exploitation
Application/netcat
OS/Linux
OS/Windows
OS/macOS
FileFormat/HTA
Application/Metasploit/meterpreter
Language/VisualBasic
Language/Bash
Language/Python
Language/Perl
Language/PHP
Language/Java
Wednesday, December 18, 2024
MySQL
Application/MySQL
AttackCycle/Exploitation
AttackCycle/PrivEsc
Wednesday, December 18, 2024
netcat
Application/netcat
AttackCycle/Exploitation/XSS
AttackCycle/Exploitation/SQLi
AttackCycle/LateralMovement
Application/Nmap
Protocol/TCP
Protocol/UDP
Application/Metasploit/msfvenom
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
Node.js
Application/NodeJS
AttackCycle/Exploitation
Wednesday, December 18, 2024
Perl
Language/Perl
AttackCycle/Exploitation
Application/netcat
Application/socat
Wednesday, December 18, 2024
PHP
Language/PHP
AttackCycle/Exploitation
OS/Linux/Distros/Kali
Application/netcat
Application/socat
Wednesday, December 18, 2024
PHP local file inclusion attacks
AttackCycle/Exploitation/LocalFileInclusion
Language/PHP
OS/Linux/Distros/Kali
AttackCycle/Exploitation/NullByteAttacks
Wednesday, December 18, 2024
Poison null byte attack
AttackCycle/Exploitation/NullByteAttacks
Wednesday, December 18, 2024
Poison null byte in PHP
AttackCycle/Exploitation/NullByteAttacks
Language/PHP
Wednesday, December 18, 2024
Pop a SYSTEM shell on the Windows login screen using sticky keys
Application/icacls
OS/Windows
Application/takeown
AttackCycle/Exploitation
HowTo
Wednesday, December 18, 2024
Pop a SYSTEM shell on the Windows login screen using Utilman
Application/icacls
Application/takeown
AttackCycle/Exploitation
OS/Windows
HowTo
Wednesday, December 18, 2024
PowerShell reverse shell
Application/PowerShell
AttackCycle/Exploitation
Application/whoami
Language/PHP
Wednesday, December 18, 2024
Python
Language/Python
Scripts
Application/netcat
Application/socat
AttackCycle/Exploitation
Wednesday, December 18, 2024
Quick-n-dirty Python web server
Language/Python
Protocol/HTTP
AttackCycle/Exfiltration
AttackCycle/Exploitation
Wednesday, December 18, 2024
RCE via XXE in PHP
AttackCycle/Exploitation/XXE
Language/PHP
FileFormat/XML
Wednesday, December 18, 2024
Remotely install a Windows package with PowerShell
HowTo
OS/Windows
Application/PowerShell
AttackCycle/LateralMovement
AttackCycle/Exploitation
Wednesday, December 18, 2024
Rubeus
Application/Rubeus
Protocol/Kerberos
OS/Windows/ActiveDirectory
AttackCycle/Reconnaissance
AttackCycle/Exploitation/BruteForcing
OS/Linux/Distros/Kali
AttackCycle/PrivEsc
Application/Certify
AttackCycle/LateralMovement
Wednesday, December 18, 2024
Ruby
Language/Ruby
AttackCycle/Exploitation
Application/netcat
Application/socat
Wednesday, December 18, 2024
SQL injection attacks
AttackCycle/Exploitation/SQLi
Language/PHP
Protocol/HTTP
Application/BurpSuite
Language/SQL
Application/MySQL
AttackCycle/PrivEsc
AttackCycle/Reconnaissance
Wednesday, December 18, 2024
SQLMap
Application/SQLMap
AttackCycle/Exploitation/SQLi
Application/Metasploit/meterpreter
Application/MySQL
Application/PostgreSQL
Wednesday, December 18, 2024
sudo
Application/sudo
AttackCycle/Exploitation
Wednesday, December 18, 2024
tar
Application/tar
AttackCycle/Exploitation
Wednesday, December 18, 2024
Unquoted path handling in Windows
OS/Windows
AttackCycle/Exploitation
Wednesday, December 18, 2024
Use Bash functions to “backdoor” executables
Language/Bash
AttackCycle/Exploitation
AttackCycle/PrivEsc
HowTo
Wednesday, December 18, 2024
Visual Basic for Applications
Language/VisualBasic
OS/Windows/WSH
AttackCycle/Exploitation
Wednesday, December 18, 2024
Windows logon scripts
OS/Windows/UserInit
OS/Windows/Registry
AttackCycle/Exploitation
AttackCycle/PrivEsc
Wednesday, December 18, 2024
Windows Scripting Host
OS/Windows/WSH
Language/VisualBasic
AttackCycle/Exploitation
Wednesday, December 18, 2024
wmic
OS/Windows
Application/wmic
Application/WindowsExploitSuggester
AttackCycle/Reconnaissance
AttackCycle/Exploitation
AttackCycle/LateralMovement
Application/PowerShell
Wednesday, December 18, 2024
Work with remote tasks using WMI and PowerShell
HowTo
Application/PowerShell
OS/Windows/Tasks
AttackCycle/Exploitation
AttackCycle/PrivEsc
OS/Windows/WMI
Wednesday, December 18, 2024
XML external entity (XXE) attacks
AttackCycle/Exploitation/XXE
Standard/URI
FileFormat/XML