Exploitation

Techniques and tactics to gain initial access.


Miscellaneous

Cisco Smart Install

HP iLO 4 Authentication Bypass

ZipSlip

Network

Password Guessing

Account Lockout

Hydra

RDP

SMB

SNMP Brute-Force

Python

Insecure Deserialization

SQL

Web

AngularJS

Apache Struts 2

Authentication Bypass

CSRF

LFI

XSS

Wi-Fi

WPA-Enterprise

WPA-PSK

Windows

Authenticated RCE

PsExec (tcp/445)

WinRM (tcp/5985,5986)

MS17-010

Physical Access

Shares (SMB/CIFS)