Brinkles Pentesting Notebook

Introduction
Certification Reviews
C2 and Payloads
- Sliver C2
- Cobalt Strike
  BOFs and Aggressor Scripts
  Situational Awareness BOF
  HOLLOW BOF
  DLL_Version_Enumeration_BOF
  InlineExecute-Assembly BOF
  BOF.NET
  C2-Tool-Collection BOFs
  Inline-Execute-PE
  Payloads
Tools
- Internal Tools
  BloodHound
  Certi
  Coercer
  CrackMapExec
  DCSync
  DFSCoerce
  DonPAPI
  WMIEXEC
  Kerberoasting
  Lsassy
  mitm6
  Pcredz
  PowerSploit
  PrivExchange
  Responder / RunFinger
  Rubeus
  Seatbelt
  Seth
- Web App Pentesting
  Payload All The Things
  Directory traversal
  Deep Traversal
  More Directory Traversal Payloads
  SAML Injection
  XXE - XML External Entity
  XSS - Cross Site Scripting
  XSLT Injection
  XPATH injection
  Upload Insecure Files
  SQL injection
  MSSQL Injection
  MYSQL Injection
  Oracle SQL Injection
  PostgreSQL injection
  SQLite Injection
  Server Side Templates Injections
  Server-Side Request Forgery
  Payloads Included in Server-Side Request Forgery
  Request Smuggling
  OAuth
  NoSQL injection
  LDAP injection
  Kubernetes
  JSON Web Token
  HTTP Parameter Pollution
  GraphQL injection
  CORS Misconfiguration
  CRLF
  Cross-Site Request Forgery
  CSV Injection (Formula Injection)
  File Inclusion
  PHPINFOlfi.py
  uploadlfi.py
Network Security

Powered by GitBook

On this page

RTAC Review

Coming Soon!

PreviousRTJC Review NextCEH Review

Last updated 5 months ago