Notes
  • Enumeration
  • Shells
    • Interactive TTY Shell
    • Spawn a Shell
    • Reverse Shells
  • Buffer OverFlow
    • Do Stack Buffer Overflow Good
    • Server-Memc.exe
  • Tools
    • hydra
    • Hashcat
    • SSH tricks
    • Git
    • pspy
    • Impacket-tools
    • Evil-winrm
    • Crackmapexec
    • Empire
    • SQLMap
    • msfvenon
    • Mimikatz
    • Docker
    • Weevely
    • gpp-decrypt
    • PLink.exe
    • john
    • wfuzz
    • Searchsploit
  • Python
    • Useful Libraries
    • Python Tricks
    • Using fstrings Python3
  • PHP
    • Web shells
    • Bypassing Dangerous PHP Functions
    • Exploiting RFI in a PHP application and bypassing remote URL inclusion restrict
    • PHP - LFI and RFI
  • SQL Injection
    • Getting a Shell
    • Enable xp_cmdshell
    • Shell From PHPMyAdmin
  • OpenSSL - CheatSheet
  • Windows
    • TeamViewer Decrypt
    • Commando VM
    • PrivEsc
      • Bypass AppLocker
      • Disable Windows Defender
      • Abusing Services
      • Blogs About Windows
      • Guides
      • Powershell Runas
      • Living Off The Land Binaries and Scripts
      • DLL Injection
      • Common Windows PrivEsc
      • Windows PrivEsc Exploits
      • Abusing Files Permissions
      • Interesting Files
      • File Transfer Methods
      • Bloodhound
      • Potatos and Tokens
        • PrintSpoofer Win10 - Server 2016/2019
      • SessionGopher.ps1
      • Sherlock.ps1
      • Windows - PrivEsc Scripts
        • Windows Exploit Suggester
    • Powershell
    • Anti-Virus Evasion
    • Post-Exploitation
      • Extract Windows Hashes Offline
      • Dumping Domain Password Hashes
    • Vulnerabilities
      • MS15-051
      • MS17-010
      • MS08-067
    • Active Directory
      • Get-DomainSPN Ticket
      • Kerberos
      • Bloodhound
      • DNS Admin to SYSTEM
      • DC Sync Attack
      • Escalating privileges with ACLs in Active Directory
      • How SMB Relay Works
      • Practical Guide to NTLM Relaying
      • Microsoft Exchange – ACL
  • Linux
    • PrivEsc
      • LXE to root
      • MySQL as root
      • Logrotate PrivEsc 3.15.1
      • Guides
      • SSH Tricks
      • Abusing Unix Wildcards
      • Linux - PrivEsc Scripts
    • Kernel Exploits
  • OSCP
    • Resources & Guides
      • WordPress PrivEsc
    • HackTheBox - Writeups
      • HTB - Networked
      • HTB - Cronos
      • HTB - Nibbles
      • HTB - LaCasaDePapel
      • HTB - Sense
      • HTB - October
      • HTB - Brainfuck
      • HTB - Mirai
      • HTB - Blocky
      • HTB - Teacher
      • HTB - Tally
      • HTB - Bank
      • HTB - Jeeves
      • HTB - Silo
      • HTB - Bastard
      • HTB - Legacy
      • HTB - Heist
      • HTB - Active
      • HTB - Bastion
      • HTB - Haystack
      • HTB - Bashed
      • HTB - Blue
      • HTB - Tenten
      • HTB - Artic
      • HTB - Bounty
      • HTB - Jerry
  • CTF
    • TryHackMe Writeups
      • TryHackMe - Tempus Fugit Durius
      • TryHackMe - Jack
    • Tools and Resources
Powered by GitBook
On this page
  • Useful OSCP Guide
  • Good exploit exercises
  • G0tm1lk PrivEsc Guide
  • HackTricks
  • Fuzzy Security - Windows
  • Windows PrivEsc Guide by frizb
  • Payload All The Things
  • GTFObins
  • LOLBAS
  • Buffer Overflow
  • People I follow and study
  1. OSCP

Resources & Guides

PreviousKernel ExploitsNextWordPress PrivEsc

Last updated 4 years ago

Useful OSCP Guide

Good exploit exercises

G0tm1lk PrivEsc Guide

HackTricks

Fuzzy Security - Windows

Windows PrivEsc Guide by frizb

Payload All The Things

GTFObins

LOLBAS

Buffer Overflow

People I follow and study

WriteUps from: https://hackso.me/

WriteUps from: https://snowscan.io/

WriteUps from: https://0xdf.gitlab.io/

WriteUps from: https://0xrick.github.io/

LogoPassing OSCPscund00r
https://exploit-exercises.lains.space/nebula/exploit-exercises.lains.space
LogoBasic Linux Privilege Escalation - g0tmi1k
LogoHackTricksHackTricks
LogoFuzzySecurity | Windows Privilege Escalation Fundamentals
LogoWindows-Privilege-Escalation/README.md at master · frizb/Windows-Privilege-EscalationGitHub
LogoGitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTFGitHub
LogoGTFOBins
LogoLOLBAS
Nebula :: Andrew Griffiths' Exploit Education
zero-day.io