πŸ““
Sfoffo - Pentesting Notes
View on GitHub
  • 🏠/home/sfoffo/.pt-notes
  • 🏳️Contributions
    • 2024 Contributions
      • CVE-2024-42845
      • CVE-2024-41819
      • CVE-2024-41943
      • CVE-2024-50344
  • πŸ€Support this Project
  • πŸ“‚Active Directory
    • Initial Access
    • Internal Enumeration & Lateral Movement
    • Privilege Escalation to Domain Admin using Known Exploits
    • Domain Trusts
  • 🐧Linux Privilege Escalation
    • Enumerating Attack Vectors
    • Privileged Groups
    • Environment Variables Abuse
    • Capabilities Abuse
    • Programs, Jobs and Services
    • Miscellaneous Techniques
    • Recent CVEs
  • πŸͺŸWindows Privilege Escalation
    • Enumerating Attack Vectors
    • Excessive User Rights Abuse
    • Built-in Groups Abuse
    • File System ACLs
    • Services Hijacking
    • User Account Control (UAC) Bypass
    • Living off the Land
  • πŸ›Bug Bounty Hunting
    • Bug Bounty Tools
  • πŸ•ΈοΈWeb Applications
    • Web Attacks
      • Cross Site Scripting (XSS)
      • SQL Injection (SQLi)
      • File Upload Vulnerabilities
      • Insecure Direct Object References (IDOR)
      • OS Command Injection
      • Local File Inclusion (LFI)
      • Remote File Inclusion (RFI)
      • XML External Entities (XXE)
      • HTTP Verb Tampering
    • Web Technologies
      • Tomcat
      • CGI Applications
      • WordPress
      • WebDav
      • Microsoft IIS
      • SAP Netweaver
      • Joomla
      • Drupal
      • Gitlab
      • Jenkins
      • osTicket
      • PRTG Network Monitor
      • Splunk
    • Fuzzing
  • πŸ”Information Gathering
  • πŸ“œProtocols and Services
    • DNS
    • FTP
    • IMAP
    • IPMI
    • MSSQL
    • MySQL
    • NFS
    • Oracle TNS
    • POP3
    • RDP
    • SMB
    • SMTP
    • SNMP
  • πŸ‘ΎUtilities, Scripts and Payloads
    • Shells and Payloads
    • Metasploit Framework
    • File Transfers
    • Pivoting, Tunneling, Port Forwarding
    • Password Attacks
Powered by GitBook
On this page
  • About me
  • Disclaimer

Was this helpful?

Edit on GitHub

/home/sfoffo/.pt-notes

Last updated 3 months ago

Was this helpful?

Welcome to my penetration testing notes page - a project started with the idea to share and document my knowledge gained in the world of offensive security.

My current knowledge comes from CTFs, real world penetration testing, but also from studying for certifications such as the OSCP, CPTS, eWPTv2 and eJPT.


About me

My Profiles

, , ,

Current CVEs
Certifications

, , ,


Disclaimer

This page is intended for educational and informational purposes only. The content within this project doesn't give warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability of the information, products, services, or related graphics contained within it. Any reliance you place on such information is therefore strictly at your own risk. The author and publisher shall in no event be liable for any loss or damage arising the use of this project's content. Furthermore, the techniques and tips described are provided for educational and informational purposes only, and should not be used for any illegal or malicious activities. The author does not condone or support any illegal or unethical activities, and any use of the information contained within this page is at the user's own risk and discretion. The user is solely responsible for any actions taken based on the information contained within this project. The user agrees to release the author from any and all liability and responsibility for any damage, loss, or harm that may result from the use of any technique, information or content described in this project.

LinkedIn
GitHub
Exploit-DB
Hack the Box
CVE-2024-42845
CVE-2024-41819
CVE-2024-41943
CVE-2024-50344
OSCP
CPTS
eWPTv2
eJPT
🏠
Page cover image