👨💻👾👨💻👾👨💻👾
Search
Search
Search
Dark mode
Light mode
Explorer
Bug_Bounty
Methodology
Low_Hangers
7e-Discover Origin IP Address
403 Bypass Automation
Account Takeover via Hidden Parameters
Broken Link Hijacking
Click Jacking
Clipboard Enabled
EXIF Geolocation Data not Stripped From Uploaded Images
JWT Tokens Email Disclosure
No Rate Limit
Password Link over HTTP
Profile Image Not Deleted
Subdomain Takeover
Token Not Validated After Usage
WP and Drupal Simple P1 Bug
XSS to ATO
1-Find Seeds
2-Subdomain Scrapping
3-Github Dorking
4-List Hosts
5-Burp Suite Set Up
6-Endpoints Discovery
7-GF Patterns
8-Endpoints Enumeration
8-GF Automation
9-Live Hosts Enumeration
Find Target
VDP
Hall of Fame
README
CVEs
Disclosed
CVE-2024-6066
CVE-2024-6067
CVE-2024-6213
CVE-2024-6214
CVE-2024-6215
CVE-2024-6216
CVE-2024-6217
CVE-2024-6418
CVE-2024-6419
CVE-2024-7942
CVE-2024-7948
CVE-2024-8140
CVE-2024-8141
CVE-2024-8142
CVE-2024-8151
CVE-2024-8152
CVE-2024-8153
CVE-2024-8154
CVE-2024-8170
CVE-2024-8172
CVE-2024-8380
CVE-2024-9092
CVE-2024-9093
CVE-2024-10153
CVE-2024-10154
CVE-2024-10155
CVE-2024-10156
CVE-2024-10157
CVE-2024-10158
CVE-2024-10159
CVE-2024-10160
CVE-2024-10161
CVE-2024-10162
CVE-2024-10191
CVE-2024-10192
CVE-2024-10414
CVE-2024-10423
CVE-2024-10424
CVE-2024-10425
CVE-2024-10432
CVE-2024-10433
CVE-2024-10446
CVE-2024-10447
README
Hackthebox
Linux🐧
HTB - Cronos
HTB- WifineticTwo
HTB-Bitlab
HTB-Blurry
HTB-Boardlight
HTB-BountyHunter
HTB-Cap
HTB-Editorial
HTB-Forge
HTB-FormulaX
HTB-GoodGames
HTB-GreenHorn
HTB-Headless
HTB-IClean
HTB-Intuition
HTB-Jarvis
HTB-Lightweight
HTB-MagicGardens
HTB-MetaTwo
HTB-Nibbles
HTB-Node
HTB-October
HTB-Pandora
HTB-Perfection
HTB-PermX
HTB-Poison
HTB-Runner
HTB-Sea
HTB-Skyfall
HTB-Solidstate
HTB-Usage
HTB-Vault
Windows📘
HTB- Silo
HTB-Access
HTB-Active
HTB-Atom
HTB-Axlle
HTB-Blackfield
HTB-Cascade
HTB-Chatterbox
HTB-Control
HTB-Crafty
HTB-Forest
HTB-Freelancer
HTB-Fuse
HTB-Jab
HTB-Jeeves
HTB-Love
HTB-Mailing
HTB-Mist
HTB-Monteverde
HTB-Netmon
HTB-Object
HTB-Office
HTB-Pov
HTB-Querier
HTB-Reel
HTB-Remote
HTB-Resolute
HTB-Sauna
HTB-Solarlab
HTB-Worker
README
Others
Cybersecurity Companies (Might apply one day)
Pentesting
Active Directory🌐
1-Initial Enumeration🕵️
a-Introduction
b-External Recon
c-Internal Recon
2-Foothold Sniff🐽
a-LLMNR/NBT-NS Poisoning - Responder
b-LLMNR/NBT-NS Poisoning - Inveigh
3-Password Spraying🔫
a-Password Policy Enumeration
b-Create Target User List
c-Password Spraying - Linux
d-Password Spraying - Windows
4-Enumeration From Beachhead🏖️
a-Security Control Enumeration
b-Enumeration from beachhead - Linux
c-Enumeration from beachhead - Windows
d-Enumeration Without Tools
5-Kerberoasting🎫
a-Kerberoasting from Linux
b-Kerberoasting from Windows
6-ACL🙈
a-ACL Overview
b-ACL Enumeration
c-ACL Abuse
d-DCSync Attack
7-Privilege Escalation🔓
c-Known Vulnerabilities🩼
a-NoPac
b-PrintNightmare
c-PetitPotam
a-Privileged Access
b-Kerberos "Double Hop" Problem
d-Misconfigurations
File Transfer📁
File Transfer - Linux
File Transfer - More
File Transfer - Protected
File Transfer - Windows
File Transfer with code
Persistence and Dump🥷🏻
Dump🗑️
Attacking LSASS
Attacking NTDS.dit
Attacking SAM
Linux Persistence
Windows Persistence
Pivoting🔄
Socat🐱
Socat Bind Shell
Socat Reverse Shell
Tools🛠️
DNS Tunneling - Dnscat2
ICMP Tunneling - SOCKS
SOCKS5 - Chisel
Sshuttle
Web Server - Rpivot
Windows - Netsh
Windows - plink.exe
a-Discovery and Scan
b-Port Forwarding
c-Dynamic Port Forwarding
d-Reverse Port Forwarding w SSH
e-Meterpreter Tunneling
Privilege Escalation↗️
Crack Linux Hash
Credential Hunting
Interactive Shell
Linux Privilege Escalation
Pass the Hash
Pass the Ticket - Linux
Pass the Ticket - Windows
Windows Privilege Escalation
Services🛡️
Email Services
Port 21 - FTP
Port 53 - DNS
Port 80 - HTTP
Port 88 - Kerberos
Port 139,445 - SMB
Port 389 - LDAP
Port 445 - RPC
Port 1433 - MSSQL
Port 3306 - MySQL
Port 3389 - RDP
UDP 161 - SNMP
Web_App
A-Web Requests
a-HyperText Transfer Protocol(HTTP)
b-Hypertest Transfer Protocol Secure (HTTPS)
c-HTTP Requests and Responses
d-HTTP Headers
e-Methods and Codes
M1-GET
M2-POST
M3-CRUD API
B-Intro to Web Apps
Back End Vulns
a-Common Web Vulns
Front End Vulns
a-Sensitive Data Exposure
b-HTML Injection
c-Cross Site Request Forgery (CSRF)
c-XSS
a-intro
b-Layout
c-Front End Back End
d-HTML
d-JavaScript
e-CSS
f-Web Servers
g-Databases
h-Development and APIs
C-Proxy
a-Proxy Tools
D-Ffuf
a-Fuff
E-JavaScript Deobfuscation
a-intro
b-Basic Obfuscation
c-Advanced Obfuscation
d-Deobfuscation
e-Decoding
F-XSS💀
XSS Attacks
a-Defacing
b-Phishing
c-Sessions Hijacking
a-Intro
b-Stored XSS
c-Reflected XSS
d-DOM XSS
e-XSS Discovery
f-XSS Prevention
G-SQLi💉
Exploitation
a-Database Enumeration
b-Reading Files
c-Writing Files
MySQL
a-Intro
b-SQL Basics
SQLMap🗺️
a-intro
b-Basics
c-Enumeration
d-OS Exploitation
a-intro
b-SQLi Basics
c-Subvert Query Logic
d-Using Comments
e-Union Clause
f-Mitigation
H-Command Injection
Exploitation
a-Detection
b-Injecting Commands
Filter Evasion
a-Identify Filters
b-Bypass Space Filters
Bypass Blacklisted Commands
c-Bypass Other Blacklisted Characters
e-Advanced Command Obfuscation
f-Evasion Tools
a-intro
b-Prevention
I-File Upload📤
Bypass Filter
a-Client-Side Validation
b-Blacklist Filters
c-Whitelist Filters
d-Type Filters
e-Limited File Uploads
f-Other Upload Attacks
Tips
a-Shell
b-Prevention
J-Server Side Attacks
SSI
a-intro
b-SSI Injection
SSRF
a-intro
b-Identify SSRF
c-Exploit SSRF
d-Blind SSRF
SSTI
a-Intro
b-Identify SSTI
c-Jinja2
d-Twig
e-SSTImap
XSLT Injection
a-intro
b-Exploit XSLT Injection
a-Intro
K-Login Bruteforce
a-Intro
b-Default Passwords
c-Username Bruteforce
d-Hydra Modules
e-Personalized Wordlists
f-Service Authentication Bruteforce
L-Broken Authentication
Authentication Bypass
a-Via Direct Access
b-Via Parameter Modification
Bruteforce
a-User Enumeration
c-Bruteforce Password Reset Tokens
d-Bruteforce 2FA Codes
e-Weak Bruteforce Protection
Password Bruteforce
Password Attacks
a-Default Credentials
b-Vulnerable Password Reset
Session Attacks
a-Session Tokens
b-Further Session Attacks
a-Intro
M-Web Attacks⚔️
HTTP Verb Tampering
a-intro
b-Bypass Basic Authentication
c-Bypass Security Filters
d-Prevention
IDOR
a-Intro
b-Identify IDOR
c-Mass IDOR Enumeration
d-Bypass Encoded References
e-IDOR in Insecure APIs
f-Chaining IDORs
XXE
a-intro
b-Local File Disclosure
c-Advanced File Disclosure
d-Blind Data Exfiltration
a-Intro
N-File Inclusion📁
Automation
a-Automated Scanning
b-Prevention
File Disclosure
a-LFI
b-Basic Bypasses
c-PHP Filters
RCE
a-PHP Wrappers
b-RFI
c-LFI and File Uploads
d-Log Poisoning
a-intro
O-Session Security
Session Attacks
a-Session Hijacking
b-Session Fixation
c-Obtain Session Identifier wo User Interaction
d-XSS
e-CSRF
f-GET Based CSRF
g-POST Based CSRF
h-Chain XSS CSRF
i-Weak CSRF Tokens
j-Bypasses
k-Open Redirect
a-intro
P-API Attacks
API Attacks
a-Attack Wordpress xmlrpc.php
c-Arbitrary File Upload
d-LFI
e-SSRF
e-XSS
g-ReDos
h-XXE
Information Disclosure w SQLi
a-intro
b-WSDL
c-SOAPAction Spoofing
d-Command Injection
Q-Wordpress
Enumeration
a-WP Core Version Enumeration
b-Plugins and Themes Enumeration
c-Directory Indexing
d-User Enumeration
e-Login
f-WPScan
Exploitation
a-Vulnerable Plugin
b-Attacker User
c-RCE
d-WP and Metasploit
a-intro
R-BBH Process
a-Bug Bounty Programs
b-Writing Report
Home
❯
tags
❯
Tag: runascs
Tag: runascs
5 items with this tag.
Jan 07, 2025
HTB-Crafty
htb
windows
easy
minecraft
log4j
tlauncher
runascs
jd-gui
jar
Jan 07, 2025
HTB-Freelancer
htb
windows
hard
cyberchef
qr
sql
sql-terminal
xp_cmdshell
sql_rce
sa_impersonation
password-hunting
password-spray
runascs
bloodhound
mimikatz
dmp
rbcd
addcomputer
getst
secretsdump
Jan 07, 2025
HTB-Office
htb
windows
hard
joomla
cve-2023-23752
kerbrute
password-spray
wireshark
kerberos-crack
joomla-rce
certutil
runascs
chisel
cve-2023-2255
jaws
stored-credentials
mimikatz
dpapi
gpo
Jan 07, 2025
HTB-Pov
htb
windows
medium
lfi
viewstate
ysoserial
pscredential
runascs
dedebug
psgetsys-ps1
meterpreter
migrate
Jan 07, 2025
HTB-Solarlab
htb
windows
medium
reportlab
runascs
openfire