{"version":1,"pages":[{"id":"E0V4uZV1JWWZLQ99LwRa","title":"About","pathname":"/","siteSpaceId":"sitesp_hEzts","description":"Just another pentesting checklists"},{"id":"cM8JlthAPZ78Z2wGRR98","title":"Prerequisite","pathname":"/quickstart/prerequisite","siteSpaceId":"sitesp_hEzts","description":"Some things that need to be prepared to play Hack The Box machines.","breadcrumbs":[{"label":"QUICKSTART","emoji":"1f689"}]},{"id":"hwz9TSSP1WjLG7WIWgg1","title":"Reconnaissance","pathname":"/quickstart/reconnaissance","siteSpaceId":"sitesp_hEzts","description":"Common reconnaissance phase steps on HackTheBox machines or during penetration testing.","breadcrumbs":[{"label":"QUICKSTART","emoji":"1f689"}]},{"id":"e6ihW0dIS0mUQmfzi41y","title":"Exploitation","pathname":"/quickstart/exploitation","siteSpaceId":"sitesp_hEzts","description":"Common Explitation during CTF or Pentesting","breadcrumbs":[{"label":"QUICKSTART","emoji":"1f689"}]},{"id":"411lCofuk0FReTzOAi60","title":"Post Exploitation","pathname":"/quickstart/post-exploitation","siteSpaceId":"sitesp_hEzts","description":"This page contains notes on post-exploitation","breadcrumbs":[{"label":"QUICKSTART","emoji":"1f689"}]},{"id":"vgPO03Ki9e2D3cuqvmL6","title":"Misc","pathname":"/quickstart/misc","siteSpaceId":"sitesp_hEzts","emoji":"26c8","description":"This page contain useful Web, Linux, Windows, and Active Directory Attack Cheatsheet","breadcrumbs":[{"label":"QUICKSTART","emoji":"1f689"}]},{"id":"TQGgG1TKkT2sbKaYyTqb","title":"Basic Command","pathname":"/active-directory/basic-command","siteSpaceId":"sitesp_hEzts","description":"The basic of Command Prompt and PowerShell","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"GxY9cjpzyPub8vyN1vDF","title":"Enumeration","pathname":"/active-directory/enumeration","siteSpaceId":"sitesp_hEzts","description":"Basic Enumeration using Command Prompt and PowerShell","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"gvw9sa85lhUxWUqghNzT","title":"PowerView","pathname":"/active-directory/enumeration/powerview","siteSpaceId":"sitesp_hEzts","description":"Active Directory Enumeration Checklists with PowerView","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Enumeration"}]},{"id":"8imIPi3RCVbBkpJZ5mZ9","title":"Service Exploitation","pathname":"/active-directory/service","siteSpaceId":"sitesp_hEzts","description":"Basic Service Exploitation in Windows or Active Directory","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"sDKuS3WH395ZV6894SMR","title":"LDAP","pathname":"/active-directory/service/ldap","siteSpaceId":"sitesp_hEzts","description":"LDAP Enumeration and Exploitation","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Service Exploitation"}]},{"id":"L8zhx7P5FIsiFiwLgmzf","title":"SMB","pathname":"/active-directory/service/smb","siteSpaceId":"sitesp_hEzts","description":"Basic SMB Enumeration and Exploitation","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Service Exploitation"}]},{"id":"2hgvYmqJdbV7fWaovxPf","title":"MS17-010","pathname":"/active-directory/service/smb/ms17-010","siteSpaceId":"sitesp_hEzts","description":"SMB Exploit MS17-010","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Service Exploitation"},{"label":"SMB"}]},{"id":"lDbHLr9Io9QfPrHWJUP0","title":"MSSQL","pathname":"/active-directory/service/mssql","siteSpaceId":"sitesp_hEzts","description":"Recon and pwning MSSQL Server","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Service Exploitation"}]},{"id":"JFw7lBiRNrsIp90jvIR6","title":"Privilege Escalation","pathname":"/active-directory/privilege-escalation","siteSpaceId":"sitesp_hEzts","description":"Windows Privilege Escalation Checks","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"jBH58H6aYFDvIWH52WOx","title":"Unquoted Service Path","pathname":"/active-directory/privilege-escalation/unquoted-service-path","siteSpaceId":"sitesp_hEzts","description":"Unquoted Service Paths – Windows Privilege Escalation","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Privilege Escalation"}]},{"id":"zOKwCTKdnMCYDR2KcUcS","title":"UAC Bypass","pathname":"/active-directory/privilege-escalation/uac-bypass","siteSpaceId":"sitesp_hEzts","description":"Common UAC Bypass Checklists","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Privilege Escalation"}]},{"id":"s77w7zW6j9faEi4h8IOs","title":"Token Abuse","pathname":"/active-directory/privilege-escalation/token-abuse","siteSpaceId":"sitesp_hEzts","description":"Abusing Token for Privilege Escalation","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Privilege Escalation"}]},{"id":"j700WQnlFNEe0vLBiCdi","title":"Post Exploitation","pathname":"/active-directory/post-exploitation","siteSpaceId":"sitesp_hEzts","description":"Active Directory Post Exploitation Checklists","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"xTV3yWWHTQBaoVaBhKmH","title":"Tunneling with Ligolo-ng","pathname":"/active-directory/post-exploitation/tunneling-with-ligolo-ng","siteSpaceId":"sitesp_hEzts","description":"Tunneling with Ligolo-ng","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Post Exploitation"}]},{"id":"QDyLsPRoCD0u4Yqq62oR","title":"Credential Hunting","pathname":"/active-directory/credential-hunting","siteSpaceId":"sitesp_hEzts","description":"Common technique and tools to hunt credentials on Windows or Active Directory","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"}]},{"id":"eCzQcyfnh2Jj2hSeYpI9","title":"Group Policy Preferences","pathname":"/active-directory/credential-hunting/group-policy-preferences","siteSpaceId":"sitesp_hEzts","description":"Finding Passwords in SYSVOL & Exploiting Group Policy Preferences","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Credential Hunting"}]},{"id":"TH8urJvwtvP4ud1X61ra","title":"DPAPI","pathname":"/active-directory/credential-hunting/dpapi","siteSpaceId":"sitesp_hEzts","description":"Credentials Dumping from Data Protection API","breadcrumbs":[{"label":"Active Directory","emoji":"1fa9f"},{"label":"Credential Hunting"}]},{"id":"XKcvSm911IrkR8a0nv7Z","title":"Defense Evasion","pathname":"/mitre/defense-evasion","siteSpaceId":"sitesp_hEzts","icon":"shield","description":"TA0005 - Defense Evasion","breadcrumbs":[{"label":"MITRE ATT&CK","icon":"phoenix-framework"}]},{"id":"vdVCcrMnM5CyKa3L522n","title":"Physical Attack: Remove EDR","pathname":"/mitre/defense-evasion/physical-attack-remove-edr","siteSpaceId":"sitesp_hEzts","description":"Remove EDR and XDR via Physical Attack","breadcrumbs":[{"label":"MITRE ATT&CK","icon":"phoenix-framework"},{"label":"Defense Evasion","icon":"shield"}]},{"id":"UDptINjVW4mrxEa45JtP","title":"AMSI Bypass","pathname":"/mitre/defense-evasion/amsi-bypass","siteSpaceId":"sitesp_hEzts","description":"Antimalware Scan Interface (AMSI) Bypass","breadcrumbs":[{"label":"MITRE ATT&CK","icon":"phoenix-framework"},{"label":"Defense Evasion","icon":"shield"}]},{"id":"1Wv0A8hi4BzLrNu2Nnnn","title":"Credential Access","pathname":"/mitre/credential-access","siteSpaceId":"sitesp_hEzts","icon":"credit-card","description":"TA0006 - Credential Access","breadcrumbs":[{"label":"MITRE ATT&CK","icon":"phoenix-framework"}]},{"id":"M2WjGx7FB7qiuCXNzCGt","title":"Dump SAM Hashes via Registry","pathname":"/mitre/credential-access/dump-sam-hashes-via-registry","siteSpaceId":"sitesp_hEzts","breadcrumbs":[{"label":"MITRE ATT&CK","icon":"phoenix-framework"},{"label":"Credential Access","icon":"credit-card"}]},{"id":"wmajymCnNAe0rTfbAg07","title":"Misc","pathname":"/linux/misc","siteSpaceId":"sitesp_hEzts","description":"Miscellaneous Commands","breadcrumbs":[{"label":"Linux","emoji":"1f427"}]},{"id":"t9vk6ww0lAAgliAMXV7P","title":"Linux Post Exploitation","pathname":"/linux/linux-post-exploitation","siteSpaceId":"sitesp_hEzts","description":"Post Exploitation on Linux","breadcrumbs":[{"label":"Linux","emoji":"1f427"}]},{"id":"h7mfLHrzzTDP4ep7AAa2","title":"Linux Password Hunting","pathname":"/linux/linux-password-hunting","siteSpaceId":"sitesp_hEzts","description":"Common Password Attack on Linux Machine","breadcrumbs":[{"label":"Linux","emoji":"1f427"}]},{"id":"raVs5hPA8aK34FZiGcGP","title":"Simple PHP Webshell","pathname":"/backdoor-stuff/php-webshell","siteSpaceId":"sitesp_hEzts","icon":"php","description":"Several list of simple and obfuscate PHP shell","breadcrumbs":[{"label":"Backdoor Stuff","emoji":"1f41a"}]},{"id":"qHCcz2q8mYvzDFnLf0Gy","title":"MSFvenom Generate Payload","pathname":"/backdoor-stuff/generate-payload","siteSpaceId":"sitesp_hEzts","icon":"shield-halved","description":"Generate payload with MSFvenom","breadcrumbs":[{"label":"Backdoor Stuff","emoji":"1f41a"}]},{"id":"0boxmxdSmeyRvTuQ6zJX","title":"iOS Penetration Testing","pathname":"/ios/ios-checklist","siteSpaceId":"sitesp_hEzts","description":"iOS Pentest Checklist","breadcrumbs":[{"label":"Mobile Pentest: iOS","emoji":"1f4f3"}]},{"id":"O4YbX6ctrYZePM46upfR","title":"Objection","pathname":"/ios/objection","siteSpaceId":"sitesp_hEzts","description":"List all Objection commands used for iOS mobile app penetration testing.","breadcrumbs":[{"label":"Mobile Pentest: iOS","emoji":"1f4f3"}]},{"id":"QvgnuWhYOtqQeaQXQ8wQ","title":"Common Applications","pathname":"/web-application/common-applications","siteSpaceId":"sitesp_hEzts","description":"Attacking Common Applications","breadcrumbs":[{"label":"Web Application","emoji":"1f578"}]},{"id":"Bt4YyBzp6nayN20fCeeQ","title":"Tomcat","pathname":"/web-application/common-applications/tomcat","siteSpaceId":"sitesp_hEzts","description":"Attacking Tomcat Service","breadcrumbs":[{"label":"Web Application","emoji":"1f578"},{"label":"Common Applications"}]},{"id":"XxepdiGbDLdlKjg25Bkl","title":"Joomla","pathname":"/web-application/common-applications/joomla","siteSpaceId":"sitesp_hEzts","description":"Attacking Joomla CMS","breadcrumbs":[{"label":"Web Application","emoji":"1f578"},{"label":"Common Applications"}]},{"id":"7Vbudi6ziIPjbOHFhyM3","title":"SSTI","pathname":"/web-application/ssti","siteSpaceId":"sitesp_hEzts","description":"Notes about some basic Server Side Template Injection attack","breadcrumbs":[{"label":"Web Application","emoji":"1f578"}]},{"id":"Yfiiz5viLJEEe8LwCDXh","title":"File Inclusion","pathname":"/web-application/file-inclusion","siteSpaceId":"sitesp_hEzts","description":"Notes about some basic File Insclusion attack","breadcrumbs":[{"label":"Web Application","emoji":"1f578"}]},{"id":"nVTg6nMLO3BTmfAPZc57","title":"XSS","pathname":"/web-application/xss","siteSpaceId":"sitesp_hEzts","description":"Cross-site scripting cheat sheet","breadcrumbs":[{"label":"Web Application","emoji":"1f578"}]},{"id":"edWWXE3o8elo3To9VqGT","title":"Misc","pathname":"/web-application/misc","siteSpaceId":"sitesp_hEzts","description":"Other useful stuff about Web Pentesting","breadcrumbs":[{"label":"Web Application","emoji":"1f578"}]},{"id":"hFZc9e6dsDggF2MAOEVo","title":"HackTheBox","pathname":"/machine-writeup/htb","siteSpaceId":"sitesp_hEzts","description":"HackTheBox Machine Writeups","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"}]},{"id":"rilrxqRiZ1kMISHeRphM","title":"Pilgrimage","pathname":"/machine-writeup/htb/pilgrimage","siteSpaceId":"sitesp_hEzts","description":"Writeup Hack The Box Pilgrimage","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]},{"id":"1HzFFknXoCRDgQ5Hz6Gg","title":"PC","pathname":"/machine-writeup/htb/pc","siteSpaceId":"sitesp_hEzts","description":"Writeup mesin Hack The Box PC","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]},{"id":"7yK9aHrfuate20sOR9Hh","title":"Shoppy","pathname":"/machine-writeup/htb/shoppy","siteSpaceId":"sitesp_hEzts","description":"Writeup mesin Hack The Box Shoppy","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]},{"id":"GNyNcpJ996tQ5WJppdaY","title":"GoodGames","pathname":"/machine-writeup/htb/goodgames","siteSpaceId":"sitesp_hEzts","description":"Writeup mesin Hack The Box GoodGames","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]},{"id":"HbSK8kFIvsrpJg2vvQdP","title":"Photobomb","pathname":"/machine-writeup/htb/photobomb","siteSpaceId":"sitesp_hEzts","description":"Writeup mesin Hack The Box Photobomb","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]},{"id":"urxKa81pjq2pvW6U7RYI","title":"Support","pathname":"/machine-writeup/htb/support","siteSpaceId":"sitesp_hEzts","description":"Writeup Hack The Box Support","breadcrumbs":[{"label":"Machine Writeup","emoji":"1f58a"},{"label":"HackTheBox"}]}]}