Red Teaming and Malware Analysis
Red Teaming and Malware Analysis
@sirpedrotavares
seguranca-informatica.pt
0xSI_f33d
About
Red Teaming
Cheat Sheet
Active Directory 101
Fuzzing and Web
Initial Foothold
Privilege Escalation (Privesc)
Lateral Movement (Pivoting)
Persistence
Command and Control (C&C)
Data Exfiltration
CVE & Exploits / CTF
Tools
OSINT
DNS
WEB
API and WS Hacking
Web Discovery
Web Fuzzing
Path Traversal
GraphQL
JWT
Infrastructure and Network
Privilege Escalation
Exfiltration
Persistence
Password & Cracking
Static Code Analysis
Reporting
Resources
Malware Analysis
Unpacking
Tools
Resources
Mobile
Tools
Reverse iOS ipa
Reverse Android APKs
Basic tips
Resources
IoT / ARM / Firmware
Basic tips
Reverse IoT devices
Tools
Resources
Powered by GitBook

GraphQL

GraphQL: GraphQL IDE Monorepo.

GraphQLmap: A scripting engine to interact with a graphql endpoint for pentesting purposes.

InQL + burpsuite: InQL can be used as a stand-alone script, or as a Burp Suite extension (available for both Professional and Community editions).

Configuration Burpsuite
Configuration Burpsuite

Add Bearer- token

Use the context menu to send it to the Repeater (inql: Sent to graphiQL)

References

Previous
Path Traversal
Next
JWT
Last updated 3 months ago