It is highly recommended to open this document with Obsidian.
All the information here and on the following pages was gathered through reading articles and books, as well as watching videos and talks. None of this content is exclusive, so feel free to copy and share it freely.
ASN/CIDR Whois Company Information Port Scan Enumerating Services
Attacking Services Password Attacks
Pivoting, Tunneling, and Port Forwarding Linux Privilege Escalation Windows Privilege Escalation
Subdomain Passive Subdomain Active Probing Screenshot Dorking Spidering Fuzzing Param Discovery Javascript Analysis Third Part
Clickjacking Command Injection Cookie Based Attacks CORS CRLF CSRF Deserialization Host Header Injection HTTP/TLS Attacks IDOR IIS LDAP Injection LFI NoSQL Open Redirect Parameter Pollution Path Traversal PDF Generation Vulnerabilities Prototype Pollution Request Smuggling RCE Session Puzzling SSI SSTI SSRF SQLi Timing Attacks and Race Condition X-Path Injection XSLT Injection XSS XXE Web Cache Poisoning WebSocket Attacks (XSS, SQLi, Cross-Site WebSocket Hijacking (CSWH)) {Planned} Whitebox Pentesting
Brute Force Web Technologies SMS Verification Wordpress CVE Boilerplates Burp Suite File Transfer Shells and Payloads