一蓑烟雨

摘要： Persistence and Stealth PERSISTENCE Scheduled jobs Cron or Task Manager Scheduled Task Same as above Daemons Background processes or services Back doo 阅读全文

摘要： Post-exploitation Techniques POST-EXPLOITATION TECHNIQUES What to do once you're in Make it easier next time Lateral movement RPC/DCOM (Remote Procedu 阅读全文

摘要： Physical Security PHYICAL SECURITY RELATED TO FACILITIES Piggybacking/tailgating - unauthorized person following an authorized person through a physic 阅读全文

摘要： Miscellaneous Local Host Vulnerabilities LOCAL HOST VULNERABILITIES Default account settings - disable accounts that are not being used. Sandbox escap 阅读全文

摘要： Miscellaneous privilege escalation EXPLOITABLE SERVICES Unquoted service paths Allow abbreviated attack paths(without spaces) PRIVILEGE ESCALATION Uns 阅读全文

摘要： Privilege Escalation(Windows) WINDOWS-SPECIFIC PRIVILEGE ESCALATION Cpassword - Group Policy Preference attribute that contains passwords SYSVOL folde 阅读全文

摘要： Privilege Escalation(Linux) Linux user ID is 'root'. LINUX-SPECIFIC PRIVILEGE ESCALATION SUID/SGID programs Permission to execute a program as executa 阅读全文

摘要： Local Host Vulnerabilities CVE(Common Vulnerabilities and Exposures) Database https://www.cvedetails.com/vendor.php Windows 10 Apple Linux Kernel Andr 阅读全文

摘要： Code Vulnerabilities UNSECURE CODE PRACTICES Comments in source code Good for developers and technical personnel Bad for keeping secrets Lack of error 阅读全文

摘要： Cross-Site Scripting Demo Given a scenario, exploit application-based vulnerabilities. Test Environment: DVWA Case 1 - Security Level: Low View the so 阅读全文