Pentest Journeys
CtrlK
Connect
  • 👋 Welcome
  • Boxes
    • Categories
    • Starting Point
      • Unified
      • Three
    • Easy
      • Forest
      • Sauna
      • Active
      • Broker
      • Return
      • Timelapse
      • Support
      • Nibbles
      • Keeper
      • CozyHosting
      • Devvortex
      • Lame
      • FunBoxEasyEnum
      • Inclusiveness
      • Potato
      • Sumo
      • EscapeTwo
    • Medium
      • Resolute
      • Cascade
      • Monteverde
      • Intelligence
      • StreamIO
      • Loly
    • Hard
      • Mantis
      • Blackfield
      • Reel
    • Insane
      • Sizzle
      • Multimaster
      • Rebound
  • Cloud
    • Public Snapshots
  • TL;DR
    • Active Directory
      • General Info
      • Permissions
        • AddSelf
        • DCSync
        • ForceChangePassword
        • FullControl
        • GenericAll
        • GenericWrite
        • Owns
        • ReadGMSAPassword
        • ReadLAPSPassword
        • WriteOwner
        • WriteDACL
      • Attacks
        • ADCS
        • AS-REPRoasting
        • Cross-Domain
        • Cross-Forest
        • DCSync
        • Delegations
        • Forests
        • GPOddity
        • Kerberoasting
        • Local SAM Dump
        • NTLMv2
        • Password Spraying
      • Lateral Movement
        • DCOM
        • Pass-the-Hash
        • Pass-the-Ticket
        • Overpass-the-Hash
      • Persistence
        • ACLs
        • SSP Injection
        • Diamond Ticket
        • DSRM
        • Golden Ticket
        • Security Descriptors
        • Shadow Copies
        • Silver Ticket
        • Skeleton Key
      • AD Tools
        • BloodyAD
        • BloodHound
        • Impacket
        • LDAPsearch
        • Mimikatz
        • NetExec
        • PowerUp
        • PowerView
        • Responder
        • Rubeus
        • Runas
        • SysInternals
    • Cloud
      • AWS
        • Recon
      • Cloud Tools
        • AWS
    • External Platforms
      • Slack
    • Infra
      • File Artifacts
        • Mozilla
      • OS
        • FreeBSD
        • Linux
          • Host Recon
          • Privilege Escalation
            • Apps
              • Zabbix
            • Binaries
              • ClamAV
              • Composer
              • Docker
              • Dosbox
              • ed
              • Gcore
              • Hping3
              • make
              • runc
              • Screen
              • Sudo
              • Systemctl
            • Cronjobs
              • Git Script Injection
              • SO Injection
              • Path Abuse
            • Groups
            • SUID SO Injection
            • Kernel
            • Wildcard Injection
          • Services
            • Service Hijacking
            • rpc.py
        • Windows
          • Host Recon
          • Privilege Escalation
            • Apps
              • Druva
              • HP Power Manager
              • SmarterMail
            • Groups
              • Account Operators
              • Backup Operators
              • Cert Publishers
              • DnsAdmins
              • Exchange Windows Permissions
              • Server Operators
            • Kernel
            • Local/Network Service
            • Privileges
              • SeBackupPrivilege
              • SeImpersonatePrivilege
            • Scheduled Tasks
            • Services
      • Proxies
        • Squid
      • Infra Tools
        • PE Scripts
        • pspy
  • Logs
    • Apache2
    • System Logs
    • Volatile Data
  • Pivoting
    • Deep Packet Inspection
      • HTTP Tunneling
      • DNS Tunneling
    • Networking 101
    • Pivoting Tools
      • Ligolo-ng
      • Sshuttle
    • Port Foward
    • SSH Tunelling
  • Red Teaming
    • .NET
    • PowerShell
    • PSRemoting
    • C2s
      • Sliver
      • C2 Tools
        • ADCollector
        • ADSearch
        • CIMplant
        • Dsquery
        • LACheck
        • PEzor
        • SCShell
        • Seatbelt
        • SharpKatz
        • SharpUp
        • StandIn
        • Stracciatella
    • OPSEC
    • EDRs
      • MDE
  • Social Engineering
    • Phising
  • Web
    • API
      • What is an API?
      • Useful Terms
      • Collection Creation
      • Enumeration
      • Tests
        • General
        • Security Headers
        • Security Misconfigurations
        • Authorization
          • BOLA
          • BFLA
        • Authentication
          • BFAs
          • Tokens
          • JWTs
            • Entropy Analysis
            • Signature Validation
            • Weak Signature
            • Header Injection
            • Algorithm Confusion
        • Excessive Data Exposure
        • HTTP Verb Tampering
        • Content Type Tampering
        • Improper Asset Management
        • Mass Assignment
        • SSRF
        • Unrestriced Resource Consumption
        • Unrestricted Access to Sensitive Business Flows
        • Unsafe API Consumption
      • Tools
        • mitmweb
        • KiteRunner
        • Arjun
        • jwt_tool
    • Applications
      • Atlassian Confluence
      • BoxBilling
      • Cassandra Web
      • Gerapy
      • Grafana
      • LimeSurvey
      • Mantis BT
      • OMRS
      • Online Discussion Forum
      • OpenEMR
      • Prison Management System
      • RaspAP
      • rConfig
      • Responsive Filemanager
      • SimplePHPGal
      • SO Planning
      • TeamCity
      • Tiny File Manager
      • ZoneMinder
    • Common Findings
      • Security Headers
      • Cookie Flags
      • SSL/TLS
    • Authentication
      • Broken Reset Logic
      • Brute Force Attacks
      • PHP strcmp
      • Rate Limiting
      • Session Tokens
      • MFA
      • JWTs
    • Authorization
      • IDOR / BOLA
      • IDOR / BFLA
      • Weak Access Controls
      • Automated A-B Testing
    • CMS
      • CS-Cart
      • CuteNews
      • DNN
      • eXtplorer
      • Grav
      • Joomla
      • Monstra
      • Responsive Online Blog
      • RiteCMS
      • Subrion
      • Umbraco
      • WordPress
    • Cross-Origin
      • Cross-Origin 101
      • CSRF
      • CORS
    • DevOps
      • APM Tools
        • php-spx
      • Gitea
      • GitLab
      • Git Tools
      • Jenkins
    • Dirbusting
    • File Inclusion
      • LFI & RFI
      • RCE
    • File Uploads
    • Frameworks
      • Laravel
      • Spring
    • Injections
      • SQLi
        • SQLi 101
        • In Band
        • Blind
        • NoSQLi
        • Second Order
        • Other
        • SQLMap
      • XSS
        • XSS 101
        • Reflected
        • Stored
        • DOM-Based
        • Exploitation
        • Payloads
      • CI
        • CI
        • Examples
        • Filters
        • happy-dom
      • SSTI
        • SSTI 101
        • Twig
        • Freemarker
        • Pug
        • Jinja
        • Mustache
        • Handlebars
        • Mako
        • Case Study: Craft CMS
      • XXEI
        • XML 101
        • XXEI
    • Mass Assignment
    • Open Redirects
    • OpenFire
    • Race Conditions
    • SSRF
      • Exploitation
      • Examples
    • WAFs
    • Web Servers
      • Apache
      • IIS
      • Nginx
      • Tomcat
      • XAMPP
    • WebSockets
    • Web Tools
      • amass
      • BurpSuite
      • cURL
      • GoWitness
      • Hakrawler
      • WhatWeb
  • Tools
    • Hydra
    • Creds
    • Port Scanners
    • Passwords
      • HashID
      • Hashcat
      • John
      • DomainPasswordSpray
      • Credential Enum
    • Searchsploit
    • Metasploit
      • 101
      • Payloads
      • Post-Exploitation
      • Resource Scripts
    • Wordlists
    • Vulnerability Scanners
    • Text Processing
    • Shells
    • File Transfers
    • Cryptography
    • Files
    • Steganography
    • KeePass
  • Traffic Capture
  • Package Managers
    • uv
    • vevn
  • Services
    • TCP
      • DBMS
        • NoSQL
          • 3000-3005 - Aerospike
          • 27017 - MongoDB
          • 6379 - Redis
        • SQL
          • 1433 - MSSQL
          • 1521 - Oracle
          • 3306 - MySQL/MariaDB
          • 5432 - PostgreSQL
      • Mail
        • 25,587 - SMTP
        • 110,995 - POP3
        • 143,993 - IMAP
      • Remote Access
        • 22 - SSH
        • 3389 - RDP
        • 5900 - VNC
        • 5985,5986 - WinRM
      • Shares
        • 21 - FTP
        • 111,2049 - NFS
        • 139,445 - SMB
      • 53 - DNS
      • 113 - Ident
      • 389,636 - LDAP
      • 1978 - WiFi Mouse
      • 2181 - ZooKeeper
      • 3632 - DISTCC
      • 8021 - FreeSWITCH
      • 9099 - Mobile Mouse
      • 10000 - Webmin
      • 20000 - Usermin
    • UDP
      • 161 - SNMP
  • Methodologies
    • OSCP
    • CRTP
Powered by GitBook
On this page

Was this helpful?

Pivoting

Deep Packet InspectionNetworking 101Pivoting ToolsPort FowardSSH Tunelling
PreviousVolatile DataNextDeep Packet Inspection

Was this helpful?