Brinkles Pentesting Notebook

Introduction
Certification Reviews
C2 and Payloads
- Sliver C2
- Cobalt Strike
  - BOFs and Aggressor Scripts
    Situational Awareness BOF
    HOLLOW BOF
    DLL_Version_Enumeration_BOF
    InlineExecute-Assembly BOF
    BOF.NET
    C2-Tool-Collection BOFs
    Inline-Execute-PE
  - Payloads
Tools
- Internal Tools
- Web App Pentesting
  - Payload All The Things
    Directory traversal
    Deep Traversal
    More Directory Traversal Payloads
    SAML Injection
    XXE - XML External Entity
    XSS - Cross Site Scripting
    XSLT Injection
    XPATH injection
    Upload Insecure Files
    SQL injection
    MSSQL Injection
    MYSQL Injection
    Oracle SQL Injection
    PostgreSQL injection
    SQLite Injection
    Server Side Templates Injections
    Server-Side Request Forgery
    Payloads Included in Server-Side Request Forgery
    Request Smuggling
    OAuth
    NoSQL injection
    LDAP injection
    Kubernetes
    JSON Web Token
    HTTP Parameter Pollution
    GraphQL injection
    CORS Misconfiguration
    CRLF
    Cross-Site Request Forgery
    CSV Injection (Formula Injection)
    File Inclusion
    PHPINFOlfi.py
    uploadlfi.py
Network Security

Powered by GitBook

On this page

Certification Reviews

RTAC Review

Coming Soon!

PreviousRTJC Review NextCEH Review

Last updated 1 year ago