OSCP + CTF
  • Windows Privilege Escalation
  • Most Important Links
  • Tooling
    • Apache
    • Windows Basic Recon
    • Find
    • Recon
    • DNS
    • Socat
    • Fave sql Injection
    • Xterm setup
    • Powershell Shells
    • Powershell General Info
    • Powercat
    • Fucking SMB
    • Fucking LDAP
    • Tunneling + Pivoting
      • Chisel
    • Powershell
  • Web CTF
  • General Helpful Links
  • Music OBVI
  • MySQL Privilege Escalation
  • sudo -l
  • phpMyAdmin
  • Squid 🦑
  • OSCP Labs
    • Assembling The Pieces
    • 10.11.1.101
    • 10.11.1.14
    • 10.11.1.141
    • 10.11.1.252
    • 1011.1.35
    • 10.11.1.237
    • 10.11.1.71
    • 10.11.1.50
  • HTB
    • Agile
  • OSCP Proving Grounds
    • Template
    • Authby
    • Nibbles
    • Fail
    • CTF1
Powered by GitBook
On this page

Was this helpful?

  1. Tooling

Recon

Last updated 11 months ago

Was this helpful?

rCheck out website if any. Use it like a regular user would.

Checkout the about page or similar to get an understanding of the employees and any linked social media or email accounts.

WHOIS record. These are increasingly private, for free.

WHOIS forward and reverse lookups about servers.

Google Dorks!!!

recon-ng

Wordpress

Really useful flags, they'll pickup a little bit more than the standard scan.

--enumerate p --plugins-detection aggressive

PreviousRecon