11. eCPPT
Leveraging PowerShell During ExploitationLet's GoPhishingCustom Undetectable Macro DevelopmentWindows: File Smuggling with HTML and JavaScriptClient-Side ExploitationEstablishing A Shell Through the Victim's BrowserPassive Crawling with Burp SuiteApache Recon: BasicsScanning Web Application with NiktoDirectory Enumeration with GobusterWP Relevanssi plugin XSSMyBB Downloads PluginExploiting DOM-Based XSS VulnerabilitiesPHPMyRecipesVulnerable Results Portal: Union Based SQLiScan the Server 1NetBIOS HackingSNMP AnalysisLinux Exploitation: Lab 1 - Remote EnumerationDNS & SMB Relay AttackMSSQL DB User Impersonation to RCELinux Exploitation: Lab 3 - Remote Exploitation and Post ExploitationWindows: NTLM Hash CrackingPost-ExploitationBypassing AVFuzzing Windows SoftwareWindows SEH Overflow (EasyChat)Priv ESC -Clear-text PasswordWindows: PrivescCheckUnattended InstallationCredential ManagementPowerShell HistoryBad PermissionsRegistry AutoRunMSSQL: Juicy Potato: Privilege EscalationUAC Bypass: UACMeDLL Hijacking: DVTALinux PrevESC - Shared ServerPermissions Matter!Exploiting Setuid Programs IIEditing Gone WrongLoad Order MattersLateral Moment and Pivoting (Windows: SMB Server PSexec II)Windows: SMB Server SMBExecWindows: SMB Server CrackMapExecDumping RDCMan CredentialsWinRM: Evil-WinRM Invoke-PS-ScriptWindows: Pass The Hash: MetasploitWindows: Pass The Hash - WMIExecLinux Lateral Movement: Internal Network ILinux Lateral Movement 2PivotingPivoting IVPivoting VIPivoting VIIIAD Enumeration: AD- Password SprayingBloodHound ReconnaissancePowerView: Active Directory EnumerationAD Privilege Escalation: AS-REP RoastingAD - Kerberoasting AttacksPageAD Lateral Movement: Pass-the-Hash (PtH) AttacksPass-the-Ticket (PtT) Attackspersistence: AD - Silver TicketGolden Ticket AttacksC2 Framework: Leveraging PowerShell During ExploitationT1094: Custom Command & Control ProtocolPort Scanning and Enumeration with ArmitageExploitation and Post Exploitation with Armitage