The Real Hugo
Enumeration
Containers
Docs
Network_scanners
Windows
Exploit
CPUs
Binaries
Dns
Hashes
Imagemagick
Java
Level3_hypervisor
Linux
MacOS
Network
Padding
Python
Samba
Sqli
Ssl_tls
Web
Windows
Portable Executables
Dll_hijacking
Docs
Macros
Payloads
Print_nightmare
Process_injection
Service_escalation
Zero_logon
Yaml
Forensics
Hashes
Persistence
Post exploitation
Seatbelt
Bc_security
Docs
- pivoting
Priv_esc
Docs
Kernel-exploits
Privesc-scripts
Suid
Reverse engineering
Reverse shells
Command Injection
- Blind injection
- Verbose injection
Blind Injection
- Check via ping, open a
tcpdump on ICMP to listen for packets
- Redirect to logfile and read
- Use
sleep or timeout to check if ci is possible in general
Functions
- Watch out for
eval()exec()passthru()system()