{"version":1,"pages":[{"id":"-MWd-iPhLAPUCRlpjcb6","title":"About","pathname":"/","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MXJxogZ4nXS7QGFHRCT","title":"Cheat Sheet","pathname":"/cheat-sheet-1","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MXHY35XuzNn4sJUGqrs","title":"Web","pathname":"/cheat-sheet-1/web","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"}]},{"id":"-MXN3U2W1_57mk66Gq8x","title":"Misc","pathname":"/cheat-sheet-1/web/misc","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN32upBbUhJqLIsh-O","title":"File Upload bypass","pathname":"/cheat-sheet-1/web/file-upload-bypass","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN2kBzqLIgCNKOEDdY","title":"Authentication bypass","pathname":"/cheat-sheet-1/web/authentication-bypass","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN6OW_g5qZg0pmS0Yg","title":"SQL Injection","pathname":"/cheat-sheet-1/web/sql-injection","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MY4oOPICqngBCPmvutG","title":"XSS","pathname":"/cheat-sheet-1/web/xss","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MbTc1VmfmOY8U7X_jDR","title":"XXE","pathname":"/cheat-sheet-1/web/xxe","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN3O2Toiygkjr3eLCB","title":"Reverse-shell","pathname":"/cheat-sheet-1/web/reverse-shell","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN3EGCsoHA9V1aESRA","title":"Webshell","pathname":"/cheat-sheet-1/web/webshell","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXN40kTyIHZCUreQNBh","title":"(De)Serialization","pathname":"/cheat-sheet-1/web/serialization","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Web"}]},{"id":"-MXJuYfob6_lsyZ-UB5w","title":"Active Directory","pathname":"/cheat-sheet-1/active-directory","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"}]},{"id":"-MXK37sHj77nWGOuGQ6e","title":"Services by port","pathname":"/cheat-sheet-1/services-by-port","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"}]},{"id":"-Mci_APxbEDB5MeKzaIE","title":"Enum","pathname":"/cheat-sheet-1/services-by-port/enum","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"zcr3XkyISnhJggP65iwg","title":"5060 - SIP","pathname":"/cheat-sheet-1/services-by-port/5060-sip","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"VblP0bFmbtbcoDLxF2qB","title":"25 - SMTP","pathname":"/cheat-sheet-1/services-by-port/25-smtp","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"-MXMuZdzUC0Df1WuXOb3","title":"135 - RPC","pathname":"/cheat-sheet-1/services-by-port/135-rpc","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"-MXMuRxBD5rr0mhzXHDq","title":"445 - SMB","pathname":"/cheat-sheet-1/services-by-port/445-smb","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"-MZOeTdTjUYIULiwDMV7","title":"11211 - PHPMemCached","pathname":"/cheat-sheet-1/services-by-port/11211-phpmemcached","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"xh8aapz6qTGJ30iIazPM","title":"ldap","pathname":"/cheat-sheet-1/services-by-port/ldap","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Services by port"}]},{"id":"-MYqKtLszVTRVS9ZjAcC","title":"Hardening","pathname":"/cheat-sheet-1/hardening","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"}]},{"id":"3OSFxah3zV8S05IvBt7p","title":"Stigs / Compliance & Benchmarks","pathname":"/cheat-sheet-1/hardening/stigs-compliance-and-benchmarks","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Hardening"}]},{"id":"-MXJy1de0IoNTvPVuZC-","title":"Stuff","pathname":"/cheat-sheet-1/stuff","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"}]},{"id":"-MZF-KaCZQRMZUfqPwdt","title":"Basic tips/scripts","pathname":"/cheat-sheet-1/stuff/basic-tips-scripts","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Stuff"}]},{"id":"-MXN1CREmgvzH6HQDDgY","title":"OpenBSD & NetBSD","pathname":"/cheat-sheet-1/stuff/netbsd","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Stuff"}]},{"id":"-MXN2YkHpN8smLdyQJH5","title":"File Transfer","pathname":"/cheat-sheet-1/stuff/file-transfer","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Stuff"}]},{"id":"-MXN00Dkfsquw2RmJUym","title":"Pivoting","pathname":"/cheat-sheet-1/stuff/pivoting","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Cheat Sheet"},{"label":"Stuff"}]},{"id":"-MWdYYzQtV3AYfE95zeO","title":"Active Directory 101","pathname":"/active-directory-cheat-sheet","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"bNXlhZXoTX62pOpT7B1J","title":"Dumping Active Directory DNS using adidnsdump","pathname":"/active-directory-cheat-sheet/dumping-active-directory-dns-using-adidnsdump","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Active Directory 101"}]},{"id":"hVtg2CaPWHDCK3SR41lr","title":"PrintNightmare","pathname":"/active-directory-cheat-sheet/printnightmare","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Active Directory 101"}]},{"id":"CtONyDGnDnus0XLFPLUJ","title":"From DFSCoercer to DA","pathname":"/active-directory-cheat-sheet/from-dfscoercer-to-da","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Active Directory 101"}]},{"id":"-MXqG25SBJuG08ceB3ac","title":"Fuzzing and Web","pathname":"/fuzzing-and-web","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-M_LLphLMrNgdoLgLV2B","title":"Server Side Template Injection (SSTI)","pathname":"/fuzzing-and-web/server-side-template-injection-ssti","siteSpaceId":"sitesp_NUqtP","description":"How to explore Server Side Template Injection (SSTI) vulnerabilities.","breadcrumbs":[{"label":"Fuzzing and Web"}]},{"id":"-M_LSq9t7FoRRRa5kpij","title":"Finding SSRF (all scope)","pathname":"/fuzzing-and-web/finding-ssrf-all-scope","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Fuzzing and Web"}]},{"id":"-MYgQAzY2CsVsAG4vO6K","title":"Format String Exploitation","pathname":"/fuzzing-and-web/format-string","siteSpaceId":"sitesp_NUqtP","description":"Exploiting format string flaw","breadcrumbs":[{"label":"Fuzzing and Web"}]},{"id":"-MXqG4jXzhfpTgsZ1ViF","title":"Cache Poisoning using Nuclei","pathname":"/fuzzing-and-web/cache-poisoning-using-nuclei","siteSpaceId":"sitesp_NUqtP","description":"Discovering cache poisoning vulnerabilities using nuclei.","breadcrumbs":[{"label":"Fuzzing and Web"}]},{"id":"-MWdXA1RaD0sgQCV7Sxn","title":"Initial Foothold","pathname":"/untitled","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"t6exZjMP2zYFr889tToV","title":"Browser In The Browser (BITB) Attack","pathname":"/untitled/browser-in-the-browser-bitb-attack","siteSpaceId":"sitesp_NUqtP","description":"The content of this page is directly retrivied from the original publication.","breadcrumbs":[{"label":"Initial Foothold"}]},{"id":"-M_1z_qYF3Q0dY9c_YzF","title":"Phishing with Office","pathname":"/untitled/phishing-with-office","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Initial Foothold"}]},{"id":"-M_1znQmergaoW8-F3Xo","title":"Weaponizing XLM 4.0 macros","pathname":"/untitled/phishing-with-office/pwning-xlm-4.0-macros-+-c2","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Initial Foothold"},{"label":"Phishing with Office"}]},{"id":"-MWd2zVxrUgas_6nJPJF","title":"Privilege Escalation (Privesc)","pathname":"/privilege-escalation-privesc","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MWdZY_Ijk-BFiiCIrgl","title":"AV/EDR Bypass","pathname":"/privilege-escalation-privesc/av-edr-bypass","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Privilege Escalation (Privesc)"}]},{"id":"-MY9tpM6OnTx9FGP6v-8","title":"Bypass AV/EDR using Safe Mode","pathname":"/privilege-escalation-privesc/av-edr-bypass/bypass-av-edr-using-safe-mode","siteSpaceId":"sitesp_NUqtP","description":"Bypass AV/EDR using Safe Mode during your Red Teaming experiments.","breadcrumbs":[{"label":"Privilege Escalation (Privesc)"},{"label":"AV/EDR Bypass"}]},{"id":"-MYuT2EbRXGv62xqLf_V","title":"Resources","pathname":"/privilege-escalation-privesc/av-edr-bypass/resources","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Privilege Escalation (Privesc)"},{"label":"AV/EDR Bypass"}]},{"id":"-MYEY0CJUgCXaT_e0R1F","title":"UAC bypass","pathname":"/privilege-escalation-privesc/uac-bypass","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Privilege Escalation (Privesc)"}]},{"id":"-MhmdCKBUunRriw3Vsvj","title":"Process migration like meterpreter","pathname":"/privilege-escalation-privesc/process-migration-like-meterpreter","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Privilege Escalation (Privesc)"}]},{"id":"-MWdYD-Xfcj_6n8vx06B","title":"Lateral Movement (Pivoting)","pathname":"/lateral-movement-pivoting","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"I5TNfAf9cgoaEyZlICht","title":"From Windows VPN + Kali VPN + DC","pathname":"/lateral-movement-pivoting/from-windows-vpn-+-kali-vpn-+-dc","siteSpaceId":"sitesp_NUqtP","description":"In this scenario, I will demonstrate how I can get connectivity to the Domain Controller via a local Windows machine + access a KALI with VPN and finally the Domain Controller.","breadcrumbs":[{"label":"Lateral Movement (Pivoting)"}]},{"id":"bR8wzi0LZwhsYuFtlHhp","title":"By using Proxifier","pathname":"/lateral-movement-pivoting/from-windows-vpn-+-kali-vpn-+-dc/by-using-proxifier","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Lateral Movement (Pivoting)"},{"label":"From Windows VPN + Kali VPN + DC"}]},{"id":"-MWdYJVIolJ2Cp81Qkt1","title":"Persistence","pathname":"/persistence","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MWdYQ4RfrZRsQeGDw2n","title":"Command and Control (C&C)","pathname":"/command-and-control-c-and-c","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MWdZFSe5jnQnf6byRB9","title":"CobaltStrike 101","pathname":"/command-and-control-c-and-c/cobaltstrike-101","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Command and Control (C&C)"}]},{"id":"-MXTMmY-oo309QcglOdf","title":"Pivoting DMZ: weevely + ngrok + CS Pivot COMBO via Linux","pathname":"/command-and-control-c-and-c/cobaltstrike-101/weevely-webshell-+-ngrok-+-cs-pivot-+-linux","siteSpaceId":"sitesp_NUqtP","description":"Pivoting internally over DMZs using weevely + ngrok + CobaltStrike COMBO via a Linux machine","breadcrumbs":[{"label":"Command and Control (C&C)"},{"label":"CobaltStrike 101"}]},{"id":"-MXU8OmTdaVCSuT-cppZ","title":"Extras + Plugins","pathname":"/command-and-control-c-and-c/cobaltstrike-101/extras","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Command and Control (C&C)"},{"label":"CobaltStrike 101"}]},{"id":"-Ma8NBfNO6MZxHnkTx-L","title":"Resources","pathname":"/command-and-control-c-and-c/cobaltstrike-101/resources","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Command and Control (C&C)"},{"label":"CobaltStrike 101"}]},{"id":"-MWdZ2FiTjMIuSEt8Hg9","title":"Data Exfiltration","pathname":"/credentials-exfiltration","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MXa_O_yDWTe9qESGxRj","title":"Extracting certs/private keys from Windows using mimikatz and intercepting calls with burpsuite","pathname":"/credentials-exfiltration/extracting-certs-private-keys-from-windows-using-mimikatz-and-intercepting-calls-with-burpsuite","siteSpaceId":"sitesp_NUqtP","description":"Extracting certs/private keys from certificates that disable private key exporting and use BurpSuite to intercept the requests.","breadcrumbs":[{"label":"Data Exfiltration"}]},{"id":"Wmq7QfqHnD0c2rR82ldi","title":"Doppelganger: Cloning and Dumping LSASS (Win11)","pathname":"/credentials-exfiltration/doppelganger-cloning-and-dumping-lsass-win11","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Data Exfiltration"}]},{"id":"pg4yI3uLeaDZzuG4f1Qv","title":"Recovery lsass.dmp from Defender Quarantine","pathname":"/credentials-exfiltration/recovery-lsass.dmp-from-defender-quarantine","siteSpaceId":"sitesp_NUqtP","description":"Decrypt Windows Defender quarantined files using Microsoft’s RC4 algorithm","breadcrumbs":[{"label":"Data Exfiltration"}]},{"id":"-MXHEI1w2LSD85XbAqVX","title":"CVE & Exploits / CTF","pathname":"/cve-and-exploits","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MXHEsbC3ZcQpXqg5NAs","title":"Privilege Escalation","pathname":"/cve-and-exploits/privilege-escalation","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"CVE & Exploits / CTF"}]},{"id":"-MYitlD1Y-4NNRcQi5-o","title":"Serialization","pathname":"/cve-and-exploits/serialization","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"CVE & Exploits / CTF"}]},{"id":"-MayRpNCIz0sDeCdoUsW","title":"CVEs","pathname":"/cve-and-exploits/cves","siteSpaceId":"sitesp_NUqtP","description":"My submited CVEs","breadcrumbs":[{"label":"CVE & Exploits / CTF"}]},{"id":"-MaySAmK0WR9y7aj_Rq-","title":"CHIYU IoT devices","pathname":"/cve-and-exploits/cves/chiyu-iot-devices","siteSpaceId":"sitesp_NUqtP","description":"Vulnerabilities found on IoT devices from CHIYU.","breadcrumbs":[{"label":"CVE & Exploits / CTF"},{"label":"CVEs"}]},{"id":"-MglqlmuXzQbBBTBaIcP","title":"Chamilo-lms-1.11.x - From XSS to account takeover && backdoor implantation","pathname":"/cve-and-exploits/cves/chamilo-lms-1.11.14-xss-vulnerabilities","siteSpaceId":"sitesp_NUqtP","description":"Set of vulnerabilities found on the Chamilo-lms-1.11.x version.","breadcrumbs":[{"label":"CVE & Exploits / CTF"},{"label":"CVEs"}]},{"id":"-MY4trkqMiA4FSvtEi-p","title":"CVE - Submission Guides","pathname":"/cve-and-exploits/cve-submission-guides","siteSpaceId":"sitesp_NUqtP","description":"Everything you need to know about MITRE  CVE program and your CVE requests.","breadcrumbs":[{"label":"CVE & Exploits / CTF"}]},{"id":"-MWyoXYFP2ExlaFbEax_","title":"Tools","pathname":"/tools","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"pKppn2OJJKBuBmAA6Ogc","title":"Intel","pathname":"/tools/intel","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2fqWxNGmUANLoNdCH","title":"OSINT","pathname":"/tools/osint","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2kpvhW0nrvuftaiWr","title":"DNS","pathname":"/tools/dns","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2d57GMxs8rSrQxXZl","title":"WEB","pathname":"/tools/web-and-and-dns","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX7sFrFyWxOTXEaC7eK","title":"API and WS Hacking","pathname":"/tools/web-and-and-dns/api-and-ws-hacking","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX7scDKUYnkvDA-V7x5","title":"Web Discovery","pathname":"/tools/web-and-and-dns/web-discovery","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX7sZxxaPygfPy1tvrj","title":"Web Fuzzing","pathname":"/tools/web-and-and-dns/web-fuzzing","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX7sXMv-syIouDRFX5H","title":"Path Traversal","pathname":"/tools/web-and-and-dns/path-traversal","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX7sPgyZLWxX8Y4MoYY","title":"GraphQL","pathname":"/tools/web-and-and-dns/graphql","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX7sm1Dnsbs6802U4Ir","title":"JWT","pathname":"/tools/web-and-and-dns/jwt","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"WEB"}]},{"id":"-MX2g1-riTPOqQMom5iv","title":"Infrastructure and Network","pathname":"/tools/infrastructure-and-network","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX7ujgTbwkFo36B4IFm","title":"Scan and Discovery","pathname":"/tools/infrastructure-and-network/scan-and-discovery","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"namu5kS0DJuPw8d7Cjcy","title":"Network mapper","pathname":"/tools/infrastructure-and-network/scan-and-discovery/network-mapper","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"},{"label":"Scan and Discovery"}]},{"id":"-MX7usLwAEFaPlE7gEvL","title":"Automated Scanners","pathname":"/tools/infrastructure-and-network/automated-scanners","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7uvE_ekvhh0MLEPT2","title":"Misc","pathname":"/tools/infrastructure-and-network/misc","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7uy4Z072iHesbu9iJ","title":"Active Directory","pathname":"/tools/infrastructure-and-network/active-directory","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"ueTC4MA9cgAPWQGM88lk","title":"Burpsuite with Kerberos Auth","pathname":"/tools/infrastructure-and-network/active-directory/burpsuite-with-kerberos-auth","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"},{"label":"Active Directory"}]},{"id":"-MX7v093ehNSLVkeWZjn","title":"Cloud & Azure","pathname":"/tools/infrastructure-and-network/cloud-and-azure","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7v3VKjc3DnsePt3w5","title":"Command and Control (C&C)","pathname":"/tools/infrastructure-and-network/command-and-control-c-and-c","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7vXfBsvwlEZNnZSNC","title":"(De)serialization","pathname":"/tools/infrastructure-and-network/de-serialization","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7vcAluFleKvqZuv5A","title":"Lateral Movement","pathname":"/tools/infrastructure-and-network/lateral-movement","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX7vhVa3EDwpqkj2eGn","title":"Powershell","pathname":"/tools/infrastructure-and-network/powershell","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Infrastructure and Network"}]},{"id":"-MX2gG_4-q6FpiYiRE9g","title":"Privilege Escalation","pathname":"/tools/privilege-escalation","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2gVByYrmwYugzedgK","title":"Exfiltration","pathname":"/tools/exfiltration","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2gg-xbb1-EqXhz3rZ","title":"Persistence","pathname":"/tools/persistence","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2gouwinJyUg5TVcvk","title":"Password & Cracking","pathname":"/tools/password-and-cracking","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX4X3nnZajqWPVMfQhY","title":"Wordlists","pathname":"/tools/password-and-cracking/wordlists","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Password & Cracking"}]},{"id":"w5Pus7ERRuHRplYlCi02","title":"Tips","pathname":"/tools/password-and-cracking/tips","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Password & Cracking"}]},{"id":"QzwGMNI5LVQcC6jEO0aV","title":"Rainbow Crackalack","pathname":"/tools/password-and-cracking/rainbow-crackalack","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"},{"label":"Password & Cracking"}]},{"id":"-MXOYaVJAZxDa7wZkBqO","title":"Static Code Analysis","pathname":"/tools/static-code-analysis","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2gywp903csFI_jlH2","title":"Reporting","pathname":"/tools/reporting","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MY64dCp_NhKvhMCVxZd","title":"Resources","pathname":"/resources","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"QAL5n9Ie65rbNxbGUSMg","title":"Pwnage","pathname":"/pwnage","siteSpaceId":"sitesp_NUqtP"},{"id":"uHVSlW13ToizTY37TWAY","title":"WiFi","pathname":"/pwnage/wifi","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"}]},{"id":"M4F6bKavUkPSjFcDPrmd","title":"HOSTAPD-WPE","pathname":"/pwnage/wifi/hostapd-wpe","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"},{"label":"WiFi"}]},{"id":"MNHe92mCDnSMJ6R6EnTV","title":"Rogue APP","pathname":"/pwnage/wifi/rogue-app","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"},{"label":"WiFi"}]},{"id":"sWrEpfHrfv1TnwslyxlF","title":"WPA3 Downgrade attack","pathname":"/pwnage/wifi/wpa3-downgrade-attack","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"},{"label":"WiFi"}]},{"id":"qM28ISPekagswPc2fqW2","title":"NRF","pathname":"/pwnage/nrf","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"}]},{"id":"S17WJUwR9Ni6ZkUS0pf1","title":"rubber ducky","pathname":"/pwnage/rubber-ducky","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Pwnage"}]},{"id":"-MWdYkm2zdLFm8GOXp_k","title":"Unpacking","pathname":"/unpacking","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-Mh_c7jWIBLQ_WpttRhc","title":"Basic tips","pathname":"/basic-tips","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-Mh_QILaZzJgzt7JSV1W","title":"Malware instrumentation with frida","pathname":"/binary-instrumentation-with-frida","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MX24Eg7cyxjj_C3ZH4y","title":"Tools","pathname":"/tools-1","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"-MX2XP0UGhNRNvtwoa-G","title":"Debuggers / Disassemblers","pathname":"/tools-1/debuggers-disassemblers","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2XnbysiHTDiOMNeHb","title":"Decompilers","pathname":"/tools-1/decompilers","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2YH0KAF9FYL4IfP7O","title":"Detection and Classification","pathname":"/tools-1/detection-and-classification","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2_jHSijjhTkdU7YAI","title":"Deobfuscation","pathname":"/tools-1/deobfuscation","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2_tnhqsPZTPsD6lx9","title":"Debugging and Reverse Engineering","pathname":"/tools-1/debugging-and-reverse-engineering","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2a4D4ANqzwWQkgi8n","title":"Memory","pathname":"/tools-1/memory","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2aKEKB9z49keotWVv","title":"File Analysis","pathname":"/tools-1/file-analysis","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2aSt_bH_v0vZvqhK0","title":"Emulators","pathname":"/tools-1/emulators","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2Y6vNWEOGgdym6drw","title":"Network Traffic Analysis","pathname":"/tools-1/network-traffic-analysis","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2a_T-askncvzo5V5H","title":"Other","pathname":"/tools-1/other","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MX2af5_0kZ3g1mpMV6Z","title":"Online Tools","pathname":"/tools-1/online-tools","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Tools"}]},{"id":"-MXaXFUy8xbco4zu5iOO","title":"Resources","pathname":"/resources-1","siteSpaceId":"sitesp_NUqtP","description":""},{"id":"ykmG6Z973PugDMj05eJy","title":"DFIR FTK Imager","pathname":"/resources-1/dfir-ftk-imager","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Resources"}]},{"id":"Z9K8q3YchRKfOgaq4UKH","title":"Convert IP Range into CIDR","pathname":"/resources-1/convert-ip-range-into-cidr","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Resources"}]},{"id":"6eZspRGBXsD8KoPx6Dgl","title":"Parsing Large Raw Files and Excluding Country IP Address Ranges","pathname":"/resources-1/parsing-large-raw-files-and-excluding-country-ip-address-ranges","siteSpaceId":"sitesp_NUqtP","description":"With this script we can analyze raw logs, extract IP addresses from a specific country and then analyze the rest of the log.","breadcrumbs":[{"label":"Resources"}]},{"id":"2S0qhJYeAPXixk47m0tE","title":"Windows Logs Automation","pathname":"/resources-1/windows-logs-automation","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Resources"}]},{"id":"SI8Ijgsc81rhSyVpkWqZ","title":"amcache.hve","pathname":"/resources-1/windows-logs-automation/amcache.hve","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"Resources"},{"label":"Windows Logs Automation"}]},{"id":"znSAQSq3AbRBVp0vNlRa","title":"Windows EventViewer Analysis | DFIR","pathname":"/resources-1/windows-eventviewer-analysis-or-dfir","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Resources"}]},{"id":"7XCB3XHMU2RiGf63Hxuc","title":"Prevent Windows shutdown after license expire","pathname":"/resources-1/prevent-windows-shutdown-after-license-expire","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Resources"}]},{"id":"prqPpnXrvB5g6ukctUdP","title":"Firewall raw Logs","pathname":"/resources-1/firewall-raw-logs","siteSpaceId":"sitesp_NUqtP","description":"Finding malicious IP addresses in raw logs.","breadcrumbs":[{"label":"Resources"}]},{"id":"-MX23u07qbLzzgpgW76i","title":"Tools","pathname":"/mobile/tools","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"}]},{"id":"-MeuLrarvIhlbVB3eziO","title":"Reverse iOS ipa","pathname":"/mobile/reverse-ios-ipa","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"}]},{"id":"-MeuLz5zuW6eSlIyCM3k","title":"Jailbreak","pathname":"/mobile/reverse-ios-ipa/jailbreak","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse iOS ipa"}]},{"id":"-Mew5wCQmpjjDIq_20-r","title":"Install Frida iPhone 5S","pathname":"/mobile/reverse-ios-ipa/install-frida-iphone-5s-+-ios-11","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse iOS ipa"}]},{"id":"-Mf4UiQlGZCerF3KAaUU","title":"Frida instrumentation","pathname":"/mobile/reverse-ios-ipa/frida-instrumentation","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse iOS ipa"}]},{"id":"-MeuV7Kouy1qymXjRGvs","title":"Resources / Extra features","pathname":"/mobile/reverse-ios-ipa/resources","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse iOS ipa"}]},{"id":"-Md-XAJeVtRJCCt2LJtS","title":"Reverse Android  APKs","pathname":"/mobile/reverse-android-apks","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"}]},{"id":"-Mco46k5p_PIu86CvYRy","title":"Android Dynamic Analysis","pathname":"/mobile/reverse-android-apks/android-dinamic-analysis","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse Android  APKs"}]},{"id":"-McxIVv4tEOZRM0PRr-9","title":"Bypass root + Frida","pathname":"/mobile/reverse-android-apks/bypass-root-+-frida","siteSpaceId":"sitesp_NUqtP","description":"Bypass Android root protection with frida.","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse Android  APKs"}]},{"id":"-Md35kUsjXvumW49nkOa","title":"SSL unpining frida + Fiddler/Burp","pathname":"/mobile/reverse-android-apks/ssl-unpining-frida-+-fiddler-burp","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse Android  APKs"}]},{"id":"-Md-LbTL2ERD87dxVypu","title":"Backdooring/patch APKs","pathname":"/mobile/reverse-android-apks/backdooring-patch-apks","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"},{"label":"Reverse Android  APKs"}]},{"id":"-MczkVbOSQUhuJYzMGib","title":"Basic tips","pathname":"/mobile/basic-tips","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"}]},{"id":"-Md2DioWu21yXiqcRFC5","title":"Resources","pathname":"/mobile/resources","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"Mobile"}]},{"id":"-MfSl22pnFfBq-GALcn_","title":"Basic tips","pathname":"/arm/basic-tips","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"}]},{"id":"B1lQV3jvoARS2sa1mpUv","title":"Repair NTFS dirty disks","pathname":"/arm/basic-tips/repair-ntfs-dirty-disks","siteSpaceId":"sitesp_NUqtP","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Basic tips"}]},{"id":"-MYod9fD4WOR062Iy-6e","title":"Reverse IoT devices","pathname":"/arm/reverse-iot-devices","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"}]},{"id":"-MYoVA0ofZDdovsd19ML","title":"Reverse TP-Link Router TL-WR841N","pathname":"/arm/reverse-iot-devices/reverse-tp-link-router-tl-wr841n","siteSpaceId":"sitesp_NUqtP","description":"How to start doing reverse on IoT Firmware","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Reverse IoT devices"}]},{"id":"-MYoeYunHgyGM9Q21pQ1","title":"Reverse Trendnet TS-S402 firmware","pathname":"/arm/reverse-iot-devices/reverse-trendnet-ts-s402-firmware","siteSpaceId":"sitesp_NUqtP","description":"Start reversing Trendnet TS-S402 firmware device.","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Reverse IoT devices"}]},{"id":"-MZ5dcHxVUyeDZhhNgri","title":"Full emulate Netgear WNAP320","pathname":"/arm/reverse-iot-devices/full-emulate-netgear-wnap320","siteSpaceId":"sitesp_NUqtP","description":"In this article we are going to full emulate the  Netgear WNAP320 router.","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Reverse IoT devices"}]},{"id":"-MfS1k_WwzeUrBzxJZun","title":"Reverse ASUS RT-AC5300","pathname":"/arm/reverse-iot-devices/reverse-asus-rt-ac5300","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Reverse IoT devices"}]},{"id":"-MgXGFiTTK31qHXRNNpA","title":"Reverse LinkOne devices","pathname":"/arm/reverse-iot-devices/reverse-linkone-devices","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Reverse IoT devices"}]},{"id":"-MXt476om5x4X5OUo-n0","title":"Tools","pathname":"/arm/tools","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"}]},{"id":"-MfeIbxmLbwv7aG82Zmi","title":"Qemu + buildroot 101","pathname":"/arm/tools/qemu-101","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Tools"}]},{"id":"-MYz5RDapzpIyM3jQAhn","title":"Kernel","pathname":"/arm/tools/kernel","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"},{"label":"Tools"}]},{"id":"-MXt4KWoYc9SfLxMpYDY","title":"Resources","pathname":"/arm/resources","siteSpaceId":"sitesp_NUqtP","description":"","breadcrumbs":[{"label":"IoT / Reverse / Firmware"}]}]}