All Pages

Complete index of all HackWiki content — 256 articles across 14 sections.

Fundamentals (22)

• Introduction to Penetration Testing

Legal & Ethical

• Authorization and Legal Framework
• Vulnerability Disclosure
• Rules of Engagement

Linux Basics

• Bash Introduction
• Essential Commands
• Filesystem Hierarchy
• Permissions
• Processes

MITRE ATT&CK

• ATT&CK Navigator
• ATT&CK Tactics
• ATT&CK Techniques

Networking

• OSI Model
• Ports
• Network Protocols
• Subnetting
• TCP/IP Fundamentals
• Network Troubleshooting

Windows Basics

• Windows Architecture
• CMD Basics
• PowerShell Introduction
• Windows Registry

Reconnaissance (43)

Discovery

• Step 1 - Host Discovery
• Step 2 - Port Scanning
• Step 3 - OS & Service Fingerprinting
• Step 4 - Vulnerability Scanning

Database Enumeration

• MongoDB Enumeration
• MSSQL Enumeration
• MySQL Enumeration
• Oracle Enumeration
• PostgreSQL Enumeration
• Redis Enumeration

Misc Enumeration

• IPMI Enumeration
• NFS Enumeration
• VNC Enumeration
• VoIP / SIP Enumeration

Network Enumeration

• DNS Enumeration
• FTP Enumeration
• NTP Enumeration
• POP3/IMAP Enumeration
• Rsync Enumeration
• SMTP Enumeration
• SNMP Enumeration
• SSH Enumeration
• Telnet Enumeration
• TFTP Enumeration

Web Enumeration

• HTTP Enumeration
• HTTPS / TLS Enumeration
• WebDAV Enumeration
• WebSocket Enumeration

Windows Enumeration

• Kerberos Enumeration
• LDAP Enumeration
• RDP Enumeration
• MSRPC Enumeration
• SMB Enumeration
• WinRM Enumeration

Passive Reconnaissance

• Certificate Transparency
• Passive DNS
• Google Dorking
• Metadata Extraction
• OSINT Techniques
• Subdomain Enumeration

Wireless

• Bluetooth Reconnaissance
• RFID/NFC Reconnaissance
• WiFi Reconnaissance

Social Engineering (7)

Common

• SE Frameworks & Lifecycle

Phishing

• Email Phishing
• Spear Phishing
• Vishing & Smishing

Physical

• Badge Cloning
• Pretexting
• Tailgating & Piggybacking

Web Testing (23)

API Testing

• GraphQL Testing
• REST API Testing
• WebSocket Testing

Authentication & Sessions

• Authentication Bypass
• Insecure Direct Object Reference (IDOR)
• JWT Attacks
• OAuth Vulnerabilities
• Password Reset Vulnerabilities
• Session Attacks

Client-Side

• Clickjacking
• CORS Misconfiguration
• Cross-Site Request Forgery (CSRF)
• Cross-Site Scripting (XSS)

File Attacks

• Insecure Deserialization
• File Inclusion (LFI/RFI)
• File Upload Vulnerabilities
• Path Traversal

Injection

• Command Injection
• LDAP Injection
• NoSQL Injection
• SQL Injection
• Server-Side Template Injection (SSTI)
• XML External Entity (XXE) Injection

Post Exploitation (49)

Active Directory

• ACL Abuse
• AS-REP Roasting
• Certificate Attacks (AD CS)
• DCSync
• Delegation Attacks
• Golden Ticket
• GPO Abuse
• Kerberoasting
• Pass the Hash
• Pass the Ticket
• Silver Ticket
• Trust Attacks

Credentials

• Hash Cracking
• Linux Credential Harvesting
• Online Attacks
• Password Spraying
• Windows Credential Harvesting

Enumeration

• Active Directory Enumeration
• Linux Enumeration
• Windows Enumeration

Lateral Movement

• DCOM
• PsExec and WMI
• RDP Hijacking
• SSH Lateral Movement
• WinRM

Persistence

• Linux Persistence
• Windows Persistence

Pivoting

• Chisel
• Ligolo-ng
• Port Forwarding
• SOCKS Proxy
• SSH Tunneling

Linux Privilege Escalation

• Linux Capabilities
• Container Breakout
• Cron Job Exploitation
• Kernel Exploits
• Sudo Abuse
• SUID/SGID Exploitation

Windows Privilege Escalation

• Registry Exploits
• Scheduled Task Abuse
• Service Exploitation
• Token Impersonation
• UAC Bypass

Tools

• BloodHound
• Impacket
• Metasploit Post-Exploitation
• Mimikatz
• NetExec
• Responder

Red Teaming (23)

C2 Frameworks

• Cobalt Strike
• Havoc C2
• Mythic C2
• Sliver C2

Evasion

• AMSI Bypass
• AppLocker Bypass
• AV/EDR Bypass
• ETW Bypass
• Obfuscation
• Process Injection
• Windows LOLBins

Infrastructure

• DNS Tunneling
• Domain Fronting
• Infrastructure Setup
• Redirectors

Initial Access

• Binary Signing
• Payload Generation
• Shellcode Loaders

Operations

• Campaign Planning
• Exfiltration
• Operational Security
• Reporting
• Threat Emulation

Exploit Development (8)

Fundamentals

• Memory Layout & Architecture
• Memory Protections

Heap

• Heap Overflow & Use-After-Free

Shellcode

• Linux Shellcode
• Windows Shellcode

Stack

• Buffer Overflow
• Format String Vulnerabilities
• Return-Oriented Programming

AI Security (11)

Adversarial ML

• Data Poisoning
• Model Evasion
• Model Extraction
• ML Supply Chain

Defenses

• Guardrails & Filtering
• Model Hardening
• Monitoring & Detection

LLM Attacks

• Agent Hijacking
• Jailbreaking
• Prompt Injection
• RAG Poisoning

Mobile Security (11)

Android

• Step 1 - Android Testing Setup
• Step 2 - Android Static Analysis
• Step 3 - Android Dynamic Analysis
• Step 4 - Android Common Vulnerabilities

Common

• Mobile API Testing
• Mobile Testing Methodology
• SSL/TLS Pinning Bypass

iOS

• Step 1 - iOS Testing Setup
• Step 2 - iOS Static Analysis
• Step 3 - iOS Dynamic Analysis
• Step 4 - iOS Common Vulnerabilities

Malware Analysis (13)

Dynamic Analysis

• Step 1 - Sandbox Setup
• Step 2 - Behavioral Analysis
• Step 3 - API Call Monitoring
• Step 4 - Network Traffic Analysis

Reverse Engineering

• Anti-Analysis Techniques
• Debugging Techniques
• Disassembly & Decompilation
• .NET & Java Reversing

Static Analysis

• Step 1 - File Identification & Triage
• Step 2 - Strings & Import Analysis
• Step 3 - Packer Detection & Unpacking
• Step 4 - PE File Analysis
• Step 5 - ELF File Analysis

Digital Forensics (15)

Disk Forensics

• Step 1 - Disk Acquisition & Imaging
• Step 2 - Filesystem Analysis
• Step 3 - File Recovery & Carving
• Step 4 - Timeline Analysis

Linux Forensics

• Linux Artifacts

Memory Forensics

• Step 1 - Memory Acquisition
• Step 2 - Volatility Framework
• Step 3 - Process Analysis
• Step 4 - Memory-Based Malware Hunting

Network Forensics

• Network Flow Analysis
• Packet Capture
• PCAP Analysis

Windows Forensics

• Windows Artifacts
• Windows Event Logs
• Registry Forensics

Defensive Security (18)

Detection

• Linux Log Analysis
• Log Analysis Fundamentals
• Network Monitoring
• Sigma & YARA Rules
• Windows Log Analysis

Hardening

• Active Directory Hardening
• Linux Hardening
• Network Hardening
• Windows Hardening

Incident Response

• Step 1 - Preparation
• Step 2 - Identification
• Step 3 - Containment
• Step 4 - Eradication
• Step 5 - Recovery
• Phishing Incident Response
• Ransomware Response

Threat Hunting

• Windows Threat Hunting
• Hunting Methodology

Programming (7)

Bash

• Useful One-Liners
• Bash Script Writing

PowerShell

• PowerShell Fundamentals
• Offensive PowerShell

Python

• Network Programming
• Python Scripting
• Web Requests & APIs

Resources (6)

Cheatsheets

• Command One-Liners
• Ports & Protocols Reference
• Reverse Shell Cheatsheet

Methodology

• Active Directory Testing Methodology
• Penetration Testing Methodology
• Web Application Testing Methodology

External Resources

Capture-the-Flag (CTF)

• HackForge Free CTF Platform