🖥️ Systems & Networks
Network penetration testing, protocol exploitation, privilege escalation, lateral movement, and pivoting techniques. Learn SMB, DNS, LDAP attacks and network persistence.
Port Scanning
Mediumnmap scanning techniques. SYN scans, service version detection, OS fingerprinting, and evasion techniques.
Full GuideSMB Attacks
CriticalSMB exploitation, EternalBlue, SMB relay attacks, and lateral movement via smbexec and psexec.
Full GuideDNS Attacks
HighDNS reconnaissance, zone transfers, DNS tunneling, and cache poisoning attacks.
Full GuideLinux Privesc
HighLinux privilege escalation. SUID binaries, sudo misconfigs, kernel exploits, and container escapes.
Full Guide🕷️ Lateral Movement
Pass the Hash
HighPass-the-Hash and Pass-the-Token attacks. Authenticate without knowing passwords.
Full GuidePass the Ticket
CriticalKerberos ticket attacks. Golden Ticket, Silver Ticket, Skeleton Key, and Roasting attacks.
Full GuideNTLM Relay
CriticalLLMNR/NBT-NS poisoning, SMB relay attacks, credential capture and relay.
Full GuideKerberoasting
HighRequest TGS tickets for service accounts, crack offline to find weak passwords.
Full Guide🛠️ Essential Tools
Nmap
Network exploration and security auditing. Port scanning, version detection, OS fingerprinting.
Netcat
Network Swiss Army knife. Reverse shells, file transfer, port scanning, banner grabbing.
Mimikatz
Credential extraction and lateral movement. Pass-the-Hash, sekurlsa, privilege::debug.
Responder
LLMNR/NBT-NS/mDNS poisoner. SMB relay, HTTP auth capture, credential stealing.
CrackMapExec
Swiss army knife for AD pentesting. Network attacking, credential dumping, red teaming.
BloodHound
AD attack path analysis. Graph database for finding privilege escalation paths.