diff --git a/DISCLAIMER.md b/DISCLAIMER.md index 1604872..c43c783 100644 --- a/DISCLAIMER.md +++ b/DISCLAIMER.md @@ -8,4 +8,4 @@ By accessing and using this repository, you agree to: * Ensure that all testing and experimentation are conducted responsibly and with proper authorization. * Acknowledge that any actions you take based on the contents of this repository are solely your responsibility. -Neither the authors nor contributors shall be held liable for any damages, direct or indirect, resulting from the misuse or unauthorized application of the knowledge contained herein. Always act mindfully, ethically, and within the boundaries of the law. \ No newline at end of file +Neither the authors nor contributors shall be held liable for any damages, direct or indirect, resulting from the misuse or unauthorized application of the knowledge contained herein. Always act mindfully, ethically, and within the boundaries of the law. diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md index 89c2f8d..78608bc 100644 --- a/Methodology and Resources/Active Directory Attack.md +++ b/Methodology and Resources/Active Directory Attack.md @@ -43,9 +43,9 @@ - [Trust - Relationship](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/trust-relationship/) - [Child Domain to Forest Compromise - SID Hijacking](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/trust-sid-hijacking/) - [Forest to Forest Compromise - Trust Ticket](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/trust-ticket/) -- [CVE](#) - - [MS14-068 Checksum Validation](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/MS14-068/) - - [NoPAC / samAccountName Spoofing](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/NoPAC/) - - [PrintNightmare](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/PrintNightmare/) - - [PrivExchange](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/PrivExchange/) - - [ZeroLogon](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/ZeroLogon/) \ No newline at end of file +- [CVE](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/MS14-068/) + - [MS14-068 Checksum Validation](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/MS14-068/) + - [NoPAC / samAccountName Spoofing](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/NoPAC/) + - [PrintNightmare](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/PrintNightmare/) + - [PrivExchange](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/PrivExchange/) + - [ZeroLogon](https://swisskyrepo.github.io/InternalAllTheThings/active-directory/CVE/ZeroLogon/) diff --git a/Methodology and Resources/Bind Shell Cheatsheet.md b/Methodology and Resources/Bind Shell Cheatsheet.md index 3fd7643..9c3cad3 100644 --- a/Methodology and Resources/Bind Shell Cheatsheet.md +++ b/Methodology and Resources/Bind Shell Cheatsheet.md @@ -10,4 +10,4 @@ - [Netcat OpenBsd](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-bind-cheatsheet/#netcat-openbsd) - [Ncat](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-bind-cheatsheet/#ncat) - [Socat](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-bind-cheatsheet/#socat) -- [Powershell](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-bind-cheatsheet/#powershell) \ No newline at end of file +- [Powershell](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-bind-cheatsheet/#powershell) diff --git a/Methodology and Resources/Cloud - AWS Pentest.md b/Methodology and Resources/Cloud - AWS Pentest.md index 156cf8c..7ff5afe 100644 --- a/Methodology and Resources/Cloud - AWS Pentest.md +++ b/Methodology and Resources/Cloud - AWS Pentest.md @@ -1,4 +1,4 @@ -# Cloud - AWS +# Cloud - AWS :warning: Content of this page has been moved to [InternalAllTheThings/cloud/aws](https://github.com/swisskyrepo/InternalAllTheThings/) @@ -14,4 +14,4 @@ - [AWS - Metadata SSRF](https://swisskyrepo.github.io/InternalAllTheThings/cloud/aws/aws-metadata/) - [AWS - Service - S3 Buckets](https://swisskyrepo.github.io/InternalAllTheThings/cloud/aws/aws-s3-bucket/) - [AWS - Service - SSM](https://swisskyrepo.github.io/InternalAllTheThings/cloud/aws/aws-ssm/) -- [AWS - Training](https://swisskyrepo.github.io/InternalAllTheThings/cloud/aws/aws-training/) \ No newline at end of file +- [AWS - Training](https://swisskyrepo.github.io/InternalAllTheThings/cloud/aws/aws-training/) diff --git a/Methodology and Resources/Cloud - Azure Pentest.md b/Methodology and Resources/Cloud - Azure Pentest.md index 2793113..5a9f6c5 100644 --- a/Methodology and Resources/Cloud - Azure Pentest.md +++ b/Methodology and Resources/Cloud - Azure Pentest.md @@ -9,4 +9,4 @@ - [Azure AD Tokens](https://swisskyrepo.github.io/InternalAllTheThings/cloud/azure/azure-access-and-token/) - [Azure Persistence](https://swisskyrepo.github.io/InternalAllTheThings/cloud/azure/azure-persistence/) - [Azure Requirements](https://swisskyrepo.github.io/InternalAllTheThings/cloud/azure/azure-requirements/) -- [Azure Services](https://swisskyrepo.github.io/InternalAllTheThings/cloud/azure/azure-services/) \ No newline at end of file +- [Azure Services](https://swisskyrepo.github.io/InternalAllTheThings/cloud/azure/azure-services/) diff --git a/Methodology and Resources/Cobalt Strike - Cheatsheet.md b/Methodology and Resources/Cobalt Strike - Cheatsheet.md index f71e297..bd77a14 100644 --- a/Methodology and Resources/Cobalt Strike - Cheatsheet.md +++ b/Methodology and Resources/Cobalt Strike - Cheatsheet.md @@ -29,4 +29,4 @@ - [Thread Stack Spoofer](https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#thread-stack-spoofer) - [Beacon Object Files](https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#beacon-object-files) - [NTLM Relaying via Cobalt Strike](https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#ntlm-relaying-via-cobalt-strike) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#references) diff --git a/Methodology and Resources/Container - Docker Pentest.md b/Methodology and Resources/Container - Docker Pentest.md index 3730b40..0120cce 100644 --- a/Methodology and Resources/Container - Docker Pentest.md +++ b/Methodology and Resources/Container - Docker Pentest.md @@ -5,10 +5,10 @@ - [Tools](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#tools) - [Mounted Docker Socket](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#mounted-docker-socket) - [Open Docker API Port](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#open-docker-api-port) -- [Insecure Docker Registry](#insecure-docker-registry) +- [Insecure Docker Registry](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#insecure-docker-registry) - [Exploit privileged container abusing the Linux cgroup v1](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#exploit-privileged-container-abusing-the-linux-cgroup-v1) - [Abusing CAP_SYS_ADMIN capability](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#abusing-capsysadmin-capability) - [Abusing coredumps and core_pattern](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#abusing-coredumps-and-corepattern) - [Breaking out of Docker via runC](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#breaking-out-of-docker-via-runc) - [Breaking out of containers using a device file](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#breaking-out-of-containers-using-a-device-file) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/containers/docker/#references) diff --git a/Methodology and Resources/Container - Kubernetes Pentest.md b/Methodology and Resources/Container - Kubernetes Pentest.md index df51419..1abfe9e 100644 --- a/Methodology and Resources/Container - Kubernetes Pentest.md +++ b/Methodology and Resources/Container - Kubernetes Pentest.md @@ -6,4 +6,4 @@ - [Exploits](https://swisskyrepo.github.io/InternalAllTheThings/containers/kubernetes/#exploits) - [Accessible kubelet on 10250/TCP](https://swisskyrepo.github.io/InternalAllTheThings/containers/kubernetes/#accessible-kubelet-on-10250tcp) - [Obtaining Service Account Token](https://swisskyrepo.github.io/InternalAllTheThings/containers/kubernetes/#obtaining-service-account-token) -- [References](#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/containers/kubernetes/#references) diff --git a/Methodology and Resources/Escape Breakout.md b/Methodology and Resources/Escape Breakout.md index d700bf0..0e26a99 100644 --- a/Methodology and Resources/Escape Breakout.md +++ b/Methodology and Resources/Escape Breakout.md @@ -13,4 +13,4 @@ - [Bypass file restrictions](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/escape-breakout/#bypass-file-restrictions) - [Internet Explorer](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/escape-breakout/#internet-explorer) - [Shell URI Handlers](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/escape-breakout/#shell-uri-handlers) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/escape-breakout/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/escape-breakout/#references) diff --git a/Methodology and Resources/HTML Smuggling.md b/Methodology and Resources/HTML Smuggling.md index ef44e10..db646bc 100644 --- a/Methodology and Resources/HTML Smuggling.md +++ b/Methodology and Resources/HTML Smuggling.md @@ -3,4 +3,4 @@ :warning: Content of this page has been moved to [InternalAllTheThings/redteam/access/html-smuggling](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/html-smuggling/) - [Description](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/html-smuggling/#description) -- [Executable Storage](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/html-smuggling/#executable-storage) \ No newline at end of file +- [Executable Storage](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/html-smuggling/#executable-storage) diff --git a/Methodology and Resources/Hash Cracking.md b/Methodology and Resources/Hash Cracking.md index cb2dbb4..cd4543d 100644 --- a/Methodology and Resources/Hash Cracking.md +++ b/Methodology and Resources/Hash Cracking.md @@ -3,13 +3,13 @@ :warning: Content of this page has been moved to [InternalAllTheThings/cheatsheets/hash-cracking](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/) - [Hashcat](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#hashcat) - - [Hashcat Example Hashes](https://hashcat.net/wiki/doku.php?id=example_hashes) - - [Hashcat Install](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#hashcat-install) - - [Mask attack](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#mask-attack) - - [Dictionary](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#dictionary) + - [Hashcat Example Hashes](https://hashcat.net/wiki/doku.php?id=example_hashes) + - [Hashcat Install](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#hashcat-install) + - [Mask attack](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#mask-attack) + - [Dictionary](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#dictionary) - [John](https://github.com/openwall/john) - - [Usage](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#john-usage) + - [Usage](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#john-usage) - [Rainbow tables](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#rainbow-tables) - [Tips and Tricks](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#tips-and-tricks) - [Online Cracking Resources](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#online-cracking-resources) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/hash-cracking/#references) diff --git a/Methodology and Resources/Initial Access.md b/Methodology and Resources/Initial Access.md index 7d01196..116c116 100644 --- a/Methodology and Resources/Initial Access.md +++ b/Methodology and Resources/Initial Access.md @@ -8,4 +8,4 @@ - [Binary Files](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/initial-access/#binary-files) - [Code Execution Files](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/initial-access/#code-execution-files) - [Embedded Files](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/initial-access/#embedded-files) -- [Code Signing](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/initial-access/#code-signing) \ No newline at end of file +- [Code Signing](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/initial-access/#code-signing) diff --git a/Methodology and Resources/Linux - Evasion.md b/Methodology and Resources/Linux - Evasion.md index e9d349e..9a56f49 100644 --- a/Methodology and Resources/Linux - Evasion.md +++ b/Methodology and Resources/Linux - Evasion.md @@ -5,4 +5,4 @@ - [File names](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#file-names) - [Command history](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#command-history) - [Hiding text](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#hiding-text) -- [Timestomping](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#timestomping) \ No newline at end of file +- [Timestomping](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#timestomping) diff --git a/Methodology and Resources/Linux - Persistence.md b/Methodology and Resources/Linux - Persistence.md index f83eca5..55eb9b6 100644 --- a/Methodology and Resources/Linux - Persistence.md +++ b/Methodology and Resources/Linux - Persistence.md @@ -15,4 +15,4 @@ - [Backdooring the SSH](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/linux-persistence/#backdooring-the-ssh) - [Backdooring Git](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/linux-persistence/#backdooring-git) - [Additional Linux Persistence Options](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/linux-persistence/#additional-persistence-options) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/linux-persistence/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/linux-persistence/#references) diff --git a/Methodology and Resources/Linux - Privilege Escalation.md b/Methodology and Resources/Linux - Privilege Escalation.md index 48b66f3..d60ff97 100644 --- a/Methodology and Resources/Linux - Privilege Escalation.md +++ b/Methodology and Resources/Linux - Privilege Escalation.md @@ -43,8 +43,8 @@ - [LXC/LXD](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#lxclxd) - [Hijack TMUX session](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#hijack-tmux-session) - [Kernel Exploits](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#kernel-exploits) - - [CVE-2022-0847 (DirtyPipe)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2022-0847-dirtypipe) + - [CVE-2022-0847 (DirtyPipe)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2022-0847-dirtypipe) - [CVE-2016-5195 (DirtyCow)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2016-5195-dirtycow) - [CVE-2010-3904 (RDS)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2010-3904-rds) - [CVE-2010-4258 (Full Nelson)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2010-4258-full-nelson) - - [CVE-2012-0056 (Mempodipper)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2012-0056-mempodipper) \ No newline at end of file + - [CVE-2012-0056 (Mempodipper)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/linux-privilege-escalation/#cve-2012-0056-mempodipper) diff --git a/Methodology and Resources/MSSQL Server - Cheatsheet.md b/Methodology and Resources/MSSQL Server - Cheatsheet.md index 50fd6d3..ef82101 100644 --- a/Methodology and Resources/MSSQL Server - Cheatsheet.md +++ b/Methodology and Resources/MSSQL Server - Cheatsheet.md @@ -4,58 +4,58 @@ - [Tools](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#tools) - [Identify Instances and Databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#identifiy-instaces-and-databases) - - [Discover Local SQL Server Instances](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#discover-local-sql-server-instances) - - [Discover Domain SQL Server Instances](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#discover-domain-sql-server-instances) + - [Discover Local SQL Server Instances](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#discover-local-sql-server-instances) + - [Discover Domain SQL Server Instances](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#discover-domain-sql-server-instances) - [Discover Remote SQL Server Instances](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#discover-remote-sql-instances) - - [Identify Encrypted databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#identifiy-encrypted-databases) - - [Version Query](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#version-query) + - [Identify Encrypted databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#identifiy-encrypted-databases) + - [Version Query](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#version-query) - [Identify Sensitive Information](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#identify-sensitive-information) - - [Get Tables from a Specific Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#get-tables-from-specific-databases) - - [Gather 5 Entries from Each Column](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-5-entries-from-each-column) - - [Gather 5 Entries from a Specific Table](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-5-entries-from-a-specific-table) + - [Get Tables from a Specific Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#get-tables-from-specific-databases) + - [Gather 5 Entries from Each Column](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-5-entries-from-each-column) + - [Gather 5 Entries from a Specific Table](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-5-entries-from-a-specific-table) - [Dump common information from server to files](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#dump-common-information-from-server-to-files) - [Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#linked-database) - - [Find Trusted Link](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-trusted-link) - - [Execute Query Through The Link](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-query-through-the-link) - - [Crawl Links for Instances in the Domain](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#crawl-links-for-instances-in-the-domain) - - [Crawl Links for a Specific Instance](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#crawl-links-for-a-specific-instance) - - [Query Version of Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#query-version-of-linked-database) - - [Execute Procedure on Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-procedure-on-linked-database) - - [Determine Names of Linked Databases ](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#determine-names-of-linked-databases) - - [Determine All the Tables Names from a Selected Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#determine-all-the-tables-names-from-a-selected-linked-database) - - [Gather the Top 5 Columns from a Selected Linked Table](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-the-top-5-columns-from-a-selected-linked-table) - - [Gather Entries from a Selected Linked Column](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-entries-from-a-selected-linked-column) + - [Find Trusted Link](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-trusted-link) + - [Execute Query Through The Link](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-query-through-the-link) + - [Crawl Links for Instances in the Domain](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#crawl-links-for-instances-in-the-domain) + - [Crawl Links for a Specific Instance](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#crawl-links-for-a-specific-instance) + - [Query Version of Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#query-version-of-linked-database) + - [Execute Procedure on Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-procedure-on-linked-database) + - [Determine Names of Linked Databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#determine-names-of-linked-databases) + - [Determine All the Tables Names from a Selected Linked Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#determine-all-the-tables-names-from-a-selected-linked-database) + - [Gather the Top 5 Columns from a Selected Linked Table](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-the-top-5-columns-from-a-selected-linked-table) + - [Gather Entries from a Selected Linked Column](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#gather-entries-from-a-selected-linked-column) - [Command Execution via xp_cmdshell](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#command-execution-via-xp_cmdshell) - [Extended Stored Procedure](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#extended-stored-procedure) - - [Add the extended stored procedure and list extended stored procedures](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#add-the-extended-stored-procedure-and-list-extended-stored-procedures) + - [Add the extended stored procedure and list extended stored procedures](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#add-the-extended-stored-procedure-and-list-extended-stored-procedures) - [CLR Assemblies](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#clr-assemblies) - - [Execute commands using CLR assembly](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-using-clr-assembly) - - [Manually creating a CLR DLL and importing it](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#manually-creating-a-clr-dll-and-importing-it) + - [Execute commands using CLR assembly](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-using-clr-assembly) + - [Manually creating a CLR DLL and importing it](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#manually-creating-a-clr-dll-and-importing-it) - [OLE Automation](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#ole-automation) - - [Execute commands using OLE automation procedures](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-using-ole-automation-procedures) + - [Execute commands using OLE automation procedures](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-using-ole-automation-procedures) - [Agent Jobs](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#agent-jobs) - - [Execute commands through SQL Agent Job service](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-through-sql-agent-job-service) - - [List All Jobs](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-jobs) + - [Execute commands through SQL Agent Job service](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#execute-commands-through-sql-agent-job-service) + - [List All Jobs](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-jobs) - [External Scripts](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#external-scripts) - [Python](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#python) - [R](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#r) - [Audit Checks](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#audit-checks) - - [Find and exploit impersonation opportunities](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-and-exploit-impersonation-opportunities) + - [Find and exploit impersonation opportunities](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-and-exploit-impersonation-opportunities) - [Find databases that have been configured as trustworthy](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-databases-that-have-been-configured-as-trustworthy) - [Manual SQL Server Queries](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#manual-sql-server-queries) - - [Query Current User & determine if the user is a sysadmin](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#query-current-user--determine-if-the-user-is-a-sysadmin) - - [Current Role](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#current-role) - - [Current DB](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#current-db) - - [List all tables](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-tables) - - [List all databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-databases) - - [All Logins on Server](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#all-logins-on-server) - - [All Database Users for a Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#all-database-users-for-a-database) - - [List All Sysadmins](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-sysadmins) - - [List All Database Roles](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-database-role) - - [Effective Permissions from the Server](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#effective-permissions-from-the-server) - - [Effective Permissions from the Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#effective-permissions-from-the-database) - - [Find SQL Server Logins Which can be Impersonated for the Current Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-sql-server-logins-which-can-be-impersonated-for-the-current-database) - - [Exploiting Impersonation](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#exploiting-impersonation) - - [Exploiting Nested Impersonation](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#exploiting-nested-impersonation) - - [MSSQL Accounts and Hashes](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#mssql-accounts-and-hashes) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#references) \ No newline at end of file + - [Query Current User & determine if the user is a sysadmin](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#query-current-user--determine-if-the-user-is-a-sysadmin) + - [Current Role](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#current-role) + - [Current DB](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#current-db) + - [List all tables](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-tables) + - [List all databases](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-databases) + - [All Logins on Server](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#all-logins-on-server) + - [All Database Users for a Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#all-database-users-for-a-database) + - [List All Sysadmins](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-sysadmins) + - [List All Database Roles](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#list-all-database-role) + - [Effective Permissions from the Server](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#effective-permissions-from-the-server) + - [Effective Permissions from the Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#effective-permissions-from-the-database) + - [Find SQL Server Logins Which can be Impersonated for the Current Database](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#find-sql-server-logins-which-can-be-impersonated-for-the-current-database) + - [Exploiting Impersonation](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#exploiting-impersonation) + - [Exploiting Nested Impersonation](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#exploiting-nested-impersonation) + - [MSSQL Accounts and Hashes](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#mssql-accounts-and-hashes) +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mssql-server-cheatsheet/#references) diff --git a/Methodology and Resources/Metasploit - Cheatsheet.md b/Methodology and Resources/Metasploit - Cheatsheet.md index bb7d193..943b48f 100644 --- a/Methodology and Resources/Metasploit - Cheatsheet.md +++ b/Methodology and Resources/Metasploit - Cheatsheet.md @@ -20,4 +20,4 @@ - [Scripting Metasploit](https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#scripting-metasploit) - [Multiple transports](https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#multiple-transports) - [Best of - Exploits](https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#best-of---exploits) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#references) diff --git a/Methodology and Resources/Methodology and enumeration.md b/Methodology and Resources/Methodology and enumeration.md index 74e71af..fe2fd6e 100644 --- a/Methodology and Resources/Methodology and enumeration.md +++ b/Methodology and Resources/Methodology and enumeration.md @@ -14,4 +14,4 @@ - [Network discovery](https://swisskyrepo.github.io/InternalAllTheThings/methodology/bug-hunting-methodology/#network-discovery) - [Web discovery](https://swisskyrepo.github.io/InternalAllTheThings/methodology/bug-hunting-methodology/#web-discovery) -- [Web Vulnerabilities](https://swisskyrepo.github.io/InternalAllTheThings/methodology/bug-hunting-methodology/#looking-for-web-vulnerabilities) \ No newline at end of file +- [Web Vulnerabilities](https://swisskyrepo.github.io/InternalAllTheThings/methodology/bug-hunting-methodology/#looking-for-web-vulnerabilities) diff --git a/Methodology and Resources/Network Discovery.md b/Methodology and Resources/Network Discovery.md index 4a2d3e3..989609b 100644 --- a/Methodology and Resources/Network Discovery.md +++ b/Methodology and Resources/Network Discovery.md @@ -11,4 +11,4 @@ - [Bettercap](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/network-discovery/#bettercap) - [Reconnoitre](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/network-discovery/#reconnoitre) - [SSL MITM with OpenSSL](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/network-discovery/#ssl-mitm-with-openssl) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/network-discovery/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/network-discovery/#references) diff --git a/Methodology and Resources/Network Pivoting Techniques.md b/Methodology and Resources/Network Pivoting Techniques.md index 30d0951..a7ad004 100644 --- a/Methodology and Resources/Network Pivoting Techniques.md +++ b/Methodology and Resources/Network Pivoting Techniques.md @@ -26,4 +26,4 @@ - [Listen - Listen](https://swisskyrepo.github.io/InternalAllTheThings/redteam/pivoting/network-pivoting-techniques/#listen---listen) - [Listen - Connect](https://swisskyrepo.github.io/InternalAllTheThings/redteam/pivoting/network-pivoting-techniques/#listen---connect) - [Connect - Connect](https://swisskyrepo.github.io/InternalAllTheThings/redteam/pivoting/network-pivoting-techniques/#connect---connect) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/pivoting/network-pivoting-techniques/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/pivoting/network-pivoting-techniques/#references) diff --git a/Methodology and Resources/Office - Attacks.md b/Methodology and Resources/Office - Attacks.md index 6cbd4b6..41e92ec 100644 --- a/Methodology and Resources/Office - Attacks.md +++ b/Methodology and Resources/Office - Attacks.md @@ -1,4 +1,4 @@ -# Office - Attacks +# Office - Attacks :warning: Content of this page has been moved to [InternalAllTheThings/redteam/access/office-attacks](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/) @@ -34,4 +34,4 @@ - [VBA - Offensive Security Template](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/#vba---offensive-security-template) - [DOCX - Template Injection](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/#docx---template-injection) - [DOCX - DDE](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/#docx---dde) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/office-attacks/#references) diff --git a/Methodology and Resources/Powershell - Cheatsheet.md b/Methodology and Resources/Powershell - Cheatsheet.md index 9c7ac8d..ad98507 100644 --- a/Methodology and Resources/Powershell - Cheatsheet.md +++ b/Methodology and Resources/Powershell - Cheatsheet.md @@ -14,4 +14,4 @@ - [DelegateType Reflection](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/powershell-cheatsheet/#delegatetype-reflection) - [Example with a simple shellcode runner](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/powershell-cheatsheet/#example-with-a-simple-shellcode-runner) - [Secure String to Plaintext](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/powershell-cheatsheet/#secure-string-to-plaintext) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/powershell-cheatsheet/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/powershell-cheatsheet/#references) diff --git a/Methodology and Resources/Reverse Shell Cheatsheet.md b/Methodology and Resources/Reverse Shell Cheatsheet.md index 7b9aa29..0b8d09a 100644 --- a/Methodology and Resources/Reverse Shell Cheatsheet.md +++ b/Methodology and Resources/Reverse Shell Cheatsheet.md @@ -40,4 +40,4 @@ - [Linux Stageless reverse TCP](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#linux-stageless-reverse-tcp) - [Other platforms](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#other-platforms) - [Spawn TTY Shell](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#spawn-tty-shell) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#references) diff --git a/Methodology and Resources/Source Code Management.md b/Methodology and Resources/Source Code Management.md index c60bab6..c13f26d 100644 --- a/Methodology and Resources/Source Code Management.md +++ b/Methodology and Resources/Source Code Management.md @@ -6,4 +6,4 @@ - [Enumerate repositories files and secrets](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/source-code-management-ci/#enumerate-repositories-files-and-secrets) - [Personal Access Token](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/source-code-management-ci/#personal-access-token) - [Gitlab CI/Github Actions](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/source-code-management-ci/#gitlab-cigithub-actions) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/source-code-management-ci/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/source-code-management-ci/#references) diff --git a/Methodology and Resources/Vulnerability Reports.md b/Methodology and Resources/Vulnerability Reports.md index a385347..70e6881 100644 --- a/Methodology and Resources/Vulnerability Reports.md +++ b/Methodology and Resources/Vulnerability Reports.md @@ -6,4 +6,4 @@ - [Vulnerability Report Structure](https://swisskyrepo.github.io/InternalAllTheThings/methodology/vulnerability-reports/#vulnerability-report-structure) - [Vulnerability Details Structure](https://swisskyrepo.github.io/InternalAllTheThings/methodology/vulnerability-reports/#vulnerability-details-structure) - [General Guidelines](https://swisskyrepo.github.io/InternalAllTheThings/methodology/vulnerability-reports/#general-guidelines) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/methodology/vulnerability-reports/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/methodology/vulnerability-reports/#references) diff --git a/Methodology and Resources/Web Attack Surface.md b/Methodology and Resources/Web Attack Surface.md index 6beb28f..a4d6453 100644 --- a/Methodology and Resources/Web Attack Surface.md +++ b/Methodology and Resources/Web Attack Surface.md @@ -9,4 +9,4 @@ - [DNS Resolution](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/web-attack-surface/#dns-resolution) - [Technology Discovery](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/web-attack-surface/#technology-discovery) - [Subdomain Takeover](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/web-attack-surface/#subdomain-takovers) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/web-attack-surface/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/web-attack-surface/#references) diff --git a/Methodology and Resources/Windows - AMSI Bypass.md b/Methodology and Resources/Windows - AMSI Bypass.md index c58776d..ef93982 100644 --- a/Methodology and Resources/Windows - AMSI Bypass.md +++ b/Methodology and Resources/Windows - AMSI Bypass.md @@ -18,4 +18,4 @@ - [Use Powershell Version 2 - No AMSI Support there](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#Using-PowerShell-version-2) - [Nishang all in one](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#Nishang-all-in-one) - [Adam Chesters Patch](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#Adam-Chester-Patch) -- [AMSI.fail](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#amsifail) \ No newline at end of file +- [AMSI.fail](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#amsifail) diff --git a/Methodology and Resources/Windows - DPAPI.md b/Methodology and Resources/Windows - DPAPI.md index 41a4c16..e501d84 100644 --- a/Methodology and Resources/Windows - DPAPI.md +++ b/Methodology and Resources/Windows - DPAPI.md @@ -6,4 +6,4 @@ - [DPAPI LocalMachine Context](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-dpapi/#dpapi-localmachine-context) - [Mimikatz - Credential Manager & DPAPI](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-dpapi/#mimikatz---credential-manager--dpapi) - [Hekatomb - Steal all credentials on domain](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-dpapi/#hekatomb---steal-all-credentials-on-domain) -- [DonPAPI - Dumping DPAPI credz remotely](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-dpapi/#donpapi---dumping-dpapi-credz-remotely) \ No newline at end of file +- [DonPAPI - Dumping DPAPI credz remotely](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-dpapi/#donpapi---dumping-dpapi-credz-remotely) diff --git a/Methodology and Resources/Windows - Defenses.md b/Methodology and Resources/Windows - Defenses.md index 8eb234d..35ebb94 100644 --- a/Methodology and Resources/Windows - Defenses.md +++ b/Methodology and Resources/Windows - Defenses.md @@ -16,4 +16,4 @@ - [Windows Defender Antivirus](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-defenses/#windows-defender-antivirus) - [Windows Defender Application Control](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-defenses/#windows-defender-application-control) - [Windows Defender Firewall](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-defenses/#windows-defender-firewall) -- [Windows Information Protection](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-defenses/#windows-information-protection) \ No newline at end of file +- [Windows Information Protection](https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-defenses/#windows-information-protection) diff --git a/Methodology and Resources/Windows - Download and Execute.md b/Methodology and Resources/Windows - Download and Execute.md index 5fb9bd9..95a4d4e 100644 --- a/Methodology and Resources/Windows - Download and Execute.md +++ b/Methodology and Resources/Windows - Download and Execute.md @@ -14,4 +14,4 @@ - [Msbuild](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-download-execute/#msbuild) - [Certutil](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-download-execute/#certutil) - [Bitsadmin](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-download-execute/#bitsadmin) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-download-execute/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-download-execute/#references) diff --git a/Methodology and Resources/Windows - Mimikatz.md b/Methodology and Resources/Windows - Mimikatz.md index c8028ed..980e8a0 100644 --- a/Methodology and Resources/Windows - Mimikatz.md +++ b/Methodology and Resources/Windows - Mimikatz.md @@ -17,4 +17,4 @@ - [Vault](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mimikatz-cheatsheet/#vault) - [Commands list](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mimikatz-cheatsheet/#commands-list) - [Powershell version](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mimikatz-cheatsheet/#powershell-version) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mimikatz-cheatsheet/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/mimikatz-cheatsheet/#references) diff --git a/Methodology and Resources/Windows - Persistence.md b/Methodology and Resources/Windows - Persistence.md index 40ef946..2869599 100644 --- a/Methodology and Resources/Windows - Persistence.md +++ b/Methodology and Resources/Windows - Persistence.md @@ -37,4 +37,4 @@ - [Domain](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/windows-persistence/#domain) - [Golden Certificate](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/windows-persistence/#golden-certificate) - [Golden Ticket](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/windows-persistence/#golden-ticket) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/windows-persistence/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/persistence/windows-persistence/#references) diff --git a/Methodology and Resources/Windows - Privilege Escalation.md b/Methodology and Resources/Windows - Privilege Escalation.md index 8d1169b..4079053 100644 --- a/Methodology and Resources/Windows - Privilege Escalation.md +++ b/Methodology and Resources/Windows - Privilege Escalation.md @@ -65,4 +65,4 @@ - [MS17-010 (Eternal Blue)](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/windows-privilege-escalation/#ms17-010-eternal-blue) - [CVE-2019-1388](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/windows-privilege-escalation/#cve-2019-1388) - [EoP - $PATH Interception](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/windows-privilege-escalation/#eop---path-interception) -- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/windows-privilege-escalation/#references) \ No newline at end of file +- [References](https://swisskyrepo.github.io/InternalAllTheThings/redteam/escalation/windows-privilege-escalation/#references) diff --git a/Methodology and Resources/Windows - Using credentials.md b/Methodology and Resources/Windows - Using credentials.md index 65e135b..27202a2 100644 --- a/Methodology and Resources/Windows - Using credentials.md +++ b/Methodology and Resources/Windows - Using credentials.md @@ -25,4 +25,4 @@ - [Other methods](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-using-credentials/#other-methods) - [PsExec - Sysinternal](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-using-credentials/#psexec-sysinternal) - [Mount a remote share](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-using-credentials/#mount-a-remote-share) - - [Run as another user](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-using-credentials/#run-as-another-user) \ No newline at end of file + - [Run as another user](https://swisskyrepo.github.io/InternalAllTheThings/redteam/access/windows-using-credentials/#run-as-another-user) diff --git a/README.md b/README.md index e9ce785..1e38766 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ -# Payloads All The Things +# Payloads All The Things A list of useful payloads and bypasses for Web Application Security. -Feel free to improve with your payloads and techniques ! +Feel free to improve with your payloads and techniques ! I :heart: pull requests :) -You can also contribute with a :beers: IRL, or using the sponsor button +You can also contribute with a :beers: IRL, or using the sponsor button [![Sponsor](https://img.shields.io/static/v1?label=Sponsor&message=%E2%9D%A4&logo=GitHub&link=https://github.com/sponsors/swisskyrepo)](https://github.com/sponsors/swisskyrepo) [![Tweet](https://img.shields.io/twitter/url/http/shields.io.svg?style=social)](https://twitter.com/intent/tweet?text=Payloads%20All%20The%20Things,%20a%20list%20of%20useful%20payloads%20and%20bypasses%20for%20Web%20Application%20Security%20-%20by%20@pentest_swissky&url=https://github.com/swisskyrepo/PayloadsAllTheThings/) @@ -12,12 +12,11 @@ You can also contribute with a :beers: IRL, or using the sponsor button An alternative display version is available at [PayloadsAllTheThingsWeb](https://swisskyrepo.github.io/PayloadsAllTheThings/).

- + banner

+## :book: Documentation -:book: Documentation ------ Every section contains the following files, you can use the `_template_vuln` folder to create a new chapter: - README.md - vulnerability description and how to exploit it, including several payloads @@ -30,27 +29,23 @@ You might also like the other projects from the AllTheThings family : - [InternalAllTheThings](https://swisskyrepo.github.io/InternalAllTheThings/) - Active Directory and Internal Pentest Cheatsheets - [HardwareAllTheThings](https://swisskyrepo.github.io/HardwareAllTheThings/) - Hardware/IOT Pentesting Wiki - You want more ? Check the [Books](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/_LEARNING_AND_SOCIALS/BOOKS.md) and [Youtube channel](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/_LEARNING_AND_SOCIALS/YOUTUBE.md) selections. +## :technologist: Contributions -:technologist: Contributions ------ Be sure to read [CONTRIBUTING.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CONTRIBUTING.md)

- + sponsors-list

Thanks again for your contribution! :heart: +## :beers: Sponsors -:beers: Sponsors ------ +This project is proudly sponsored by these companies: -This project is proudly sponsored by these companies: - -[](https://www.vaadata.com/) -[](https://github.com/projectdiscovery) +[sponsor-vaadata](https://www.vaadata.com/) +[sponsor-projectdiscovery](https://github.com/projectdiscovery)