# Enumeration and Initial Compromise

- [Methodology](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/methodology.md): Credits: HTB Academy footprinting module
- [Footprinting](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/footprinting.md)
- [Network Protocols](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols.md)
- [FTP](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/ftp.md)
- [SMB](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/smb.md)
- [DNS](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/dns.md)
- [NFS](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/nfs.md)
- [SMTP](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/smtp.md)
- [IMAP/POP3](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/imap-pop3.md)
- [SNMP](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/snmp.md)
- [MySQL](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/mysql.md)
- [MSSQL](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/mssql.md)
- [Oracle TNS](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/oracle-tns.md)
- [IPMI](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-protocols/ipmi.md)
- [Nifty One Liners](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/nifty-one-liners.md)
- [Brute-Force Web Pages](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/brute-force-web-pages.md): Bruteforcing logins and forms
- [Hydra](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/brute-force-web-pages/hydra.md): Learnt while doing tryhackme: HackPark
- [Network Pentest](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest.md): Short notes on enum and PT of various network protocols
- [Quick SMB cheatsheet](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/quick-smb-cheatsheet.md): Learnt from tryhackme's
- [SSH keypair basics](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/ssh-keypair-basics.md)
- [Compromise using SSH Key](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/compromise-using-ssh-key.md)
- [Networking fundamentals Interview topics](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/networking-fundamentals-interview-topics.md)
- [nmap quick cheatsheet](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/nmap-quick-cheatsheet.md)
- [Metasploit Quick Reference](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/network-pentest/metasploit-quick-reference.md)
- [Web Pentest](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest.md): Contains plugins, services, OWASP Top 10 exploitation and business logic flaws
- [Web Pentest Interview top topics](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/owasp-top-10-master-pentest-guide.md): Aim: Single page to cover some of the OWASP Top 10 vulns, exploitation and mitigation FAQs in interviews
- [Wordpress Exploitation](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/wordpress-exploitation.md): Learnt while Tryhackme: MrRobot. Will be updated as I keep learning newer thing
- [Joomla Exploitation](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/joomla-exploitation.md): Reference: https://www.exploit-db.com/docs/english/22763-guidelines-for-pentesting-a-joomla-based-site.pdf
- [Login Bypass using Cookie Tampering/Poisoning](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/login-bypass-using-cookie-tampering-poisoning.md)
- [Subdomain Enumeration](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/subdomain-enumeration.md)
- [CSRF mitigation](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/csrf-mitigation.md): referer spelling is intentional here since there was a spelling mistake in specifications and no one corrected it before it got published.
- [XSS mitigation](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/xss-mitigation.md)
- [CSP  bypass with JSONP](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/csp-bypass-with-jsonp.md)
- [PHP Vulnerabilities](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/php-vulnerabilities.md)
- [Python Serialization Vulnerabilities - Pickle](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/python-serialization-vulnerabilities-pickle.md)
- [SQL Injections](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/sql-injections.md)
- [SQLmap](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/sql-injections/sqlmap.md)
- [SSTI](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/ssti.md)
- [XSS](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/web-pentest/xss.md): https://github.com/payloadbox/xss-payload-list
- [Buffer Overflow Prep](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep.md): Learning practical bufof
- [Understanding CPUs](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/understanding-cpus.md)
- [Virtual Memory and Paging](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/virtual-memory-and-paging.md)
- [Syscalls](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/syscalls.md)
- [Theorem Proving](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/theorem-proving.md)
- [Stripping readable function names](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/stripping-readable-function-names.md)
- [Insecure C functions](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/insecure-c-functions.md)
- [Stack Canaries](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/stack-canaries.md): aka stack cookies
- [Linking - GOT,PLT](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/linking-got-plt.md)
- [Return Oriented Programming](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/buffer-overflow-prep/return-oriented-programming.md)
- [Active Directory - Basics](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics.md)
- [AD DS](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/ad-ds.md)
- [Managing OUs](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/managing-ous.md)
- [Group Policies](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/group-policies.md)
- [Authentications](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/authentications.md)
- [Trees, Forests and Trusts](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/trees-forests-and-trusts.md)
- [Kerberos](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/kerberos.md)
- [Attacking Kerberos](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/attacking-kerberos.md): It is to be noted that kerberos can be attacked and tickets/hash fetched only after initial compromise or after knowing the username/password of the account on domain. It is a method of privilege esc
- [Priv Esc (Post Exploitation)](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/active-directory-basics/priv-esc-post-exploitation.md): strategies involving AD pentest after initial compromise
- [DNS/Domain Enum Masterguide](https://hexisanoob.gitbook.io/hexisanoob/enum-and-initial-compromise/dns-domain-enum-masterguide.md)