Penetration testing & ethical hacking concepts

Ctrlk

Introduction
💿Virtual Machines
- VirtualBox
- VMware Workstation
🕵️OSINT
Tools
😨Social Engineering
😈MitM attack
🔌UPnP exploitation
Network Reconnaissance & Attacks
- What is network recon & attacks?
1️⃣ Network live host discovery
2️⃣ Network port scan/services enumeration
3️⃣ Network services vulnerability scanning & exploitation
Vulnerability & exploitation
Misconfigurations
Reverse Engineering/Binary Exploitation
Hardware Exploitation
Other important skills
Research ideas
Past experiments
Web Exploitation
Webshell
Web API pentesting
OWASP
General web knowledge
- URI standard (RFC 3986)
- HTTP headers
  - Exploitable headers
  - Request Smuggling
Framework specific
Methodology
🛣️Attacks on routing protocols
- What are attacks on routing protocols?
- BGP hijacking
🏕️To explore
👤Anonymity
Credentials brute-force/cracking
Post-exploitation
Privilege escalation
- Linux
- Windows
Ⓜ️MITRE ATT&CK
- Introduction
- OS Credential Dumping (T1003)
🧰Tools/services
Professional report writing
- Report template
Tasks on-the-go
Practice
Forensics
- Steganography
Operational Security (OpSec)
- Hardening
Safe document viewer
Challenge write-ups
AI prompt
- ChatGPT
Windows/Active Directory
🐉OSCP
- Resources
- Practice labs

Powered by GitBook

On this page

General web knowledge

HTTP headers

Common HTTP header value descriptions that are exploited in various forms of attacks.

PreviousURI standard (RFC 3986)NextExploitable headers

Last updated 5 months ago