# Pentest ## Pentest - [Homepage](https://pentest.mxhx.org/readme.md) - [Pentest Links](https://pentest.mxhx.org/pentest-links.md) - [01 Prep](https://pentest.mxhx.org/01-prep.md) - [Target Inventory](https://pentest.mxhx.org/01-prep/target-inventory.md) - [OSINT and Dorks](https://pentest.mxhx.org/01-prep/01-osint-dorks.md) - [Recon-ng dns zone snoop](https://pentest.mxhx.org/01-prep/01-recon-ng-dns-zone-snoop.md) - [Gitbook](https://pentest.mxhx.org/01-prep/gitbook.md): Gitbook Demo - [02 Scan](https://pentest.mxhx.org/02-scanning.md) - [\*Favorites](https://pentest.mxhx.org/02-scanning/start.md) - [Burp](https://pentest.mxhx.org/02-scanning/burp.md) - [Dirb nikto wpscan etc](https://pentest.mxhx.org/02-scanning/02-dirb-masscan-pings.md) - [Enum Finger and Brute SSH](https://pentest.mxhx.org/02-scanning/02-enum-finger-and-ssh.md) - [Fuzzing](https://pentest.mxhx.org/02-scanning/fuzzing.md) - [Nmap](https://pentest.mxhx.org/02-scanning/02-nmap.md) - [Open Port Checks OneLiner](https://pentest.mxhx.org/02-scanning/open-port-checks-oneliner.md) - [Port Knocking](https://pentest.mxhx.org/02-scanning/02-port-knocking.md) - [SSL Issues](https://pentest.mxhx.org/02-scanning/ssl-issues.md) - [Tcpdump](https://pentest.mxhx.org/02-scanning/02-tcpdump.md) - [03 Getting In](https://pentest.mxhx.org/03-getting-in.md) - [Char Evasion Tricks](https://pentest.mxhx.org/03-getting-in/char-evasion-tricks.md) - [Email SMTP](https://pentest.mxhx.org/03-getting-in/email-smtp.md) - [Eternal Blue](https://pentest.mxhx.org/03-getting-in/eternal-blue.md) - [FTP](https://pentest.mxhx.org/03-getting-in/ftp.md) - [heartbleed](https://pentest.mxhx.org/03-getting-in/heartbleed.md) - [Metasploit](https://pentest.mxhx.org/03-getting-in/03-metasploit.md) - [MySql](https://pentest.mxhx.org/03-getting-in/mysql.md) - [NFS](https://pentest.mxhx.org/03-getting-in/nfs.md) - [Oracle](https://pentest.mxhx.org/03-getting-in/oracle.md) - [Postgres](https://pentest.mxhx.org/03-getting-in/postgres.md) - [PowerShell Empire](https://pentest.mxhx.org/03-getting-in/03-powershell-empire.md) - [Shells](https://pentest.mxhx.org/03-getting-in/03-reverseshell-php.md): Broad Topic - [rpc](https://pentest.mxhx.org/03-getting-in/rpc.md) - [SMB Samba](https://pentest.mxhx.org/03-getting-in/03-samba.md) - [SSH Tips](https://pentest.mxhx.org/03-getting-in/03-ssh-tips.md) - [SQLite3](https://pentest.mxhx.org/03-getting-in/sqlite3.md) - [Veil](https://pentest.mxhx.org/03-getting-in/03-veil.md) - [04 WebApps](https://pentest.mxhx.org/04-webapps.md) - [Apache](https://pentest.mxhx.org/04-webapps/apache.md) - [Blogs](https://pentest.mxhx.org/04-webapps/blogs.md) - [Coldfusion](https://pentest.mxhx.org/04-webapps/coldfusion.md) - [Content Management (CMS)](https://pentest.mxhx.org/04-webapps/content-man-systems-cms.md) - [Drupal](https://pentest.mxhx.org/04-webapps/drupal.md) - [Elastix FreePBX](https://pentest.mxhx.org/04-webapps/pbx-elastix.md) - [HttpFileServer (HFS)](https://pentest.mxhx.org/04-webapps/httpfileserver-hfs.md) - [IIS](https://pentest.mxhx.org/04-webapps/iis.md) - [IIS6 WebDav](https://pentest.mxhx.org/04-webapps/iis6-webdav.md) - [Local File Inclusion (LFI)](https://pentest.mxhx.org/04-webapps/lfi.md): AKA: Directory Traversal - [Magento](https://pentest.mxhx.org/04-webapps/magento.md) - [Nagios](https://pentest.mxhx.org/04-webapps/nagios.md) - [PFSense](https://pentest.mxhx.org/04-webapps/pfsense.md) - [php](https://pentest.mxhx.org/04-webapps/php-tricks.md) - [php type juggling](https://pentest.mxhx.org/04-webapps/php-type-juggling.md) - [phpLite](https://pentest.mxhx.org/04-webapps/phplite.md) - [Web Injections](https://pentest.mxhx.org/04-webapps/03-webapp.md) - [Javascript](https://pentest.mxhx.org/04-webapps/03-webapp-javascript.md) - [Shellshock](https://pentest.mxhx.org/04-webapps/03-shellshock.md) - [SQL Injections (sqli)](https://pentest.mxhx.org/04-webapps/03-webapp-sqli.md) - [SQLMap](https://pentest.mxhx.org/04-webapps/03-webapp-sqlmap.md) - [WAF](https://pentest.mxhx.org/04-webapps/03-webapp-waf.md) - [Webmin](https://pentest.mxhx.org/04-webapps/webmin.md) - [Web Scrape](https://pentest.mxhx.org/04-webapps/web-scrape.md) - [Wordpress](https://pentest.mxhx.org/04-webapps/03-webapp-wordpress.md) - [05 Passwords & Ciphers](https://pentest.mxhx.org/05-passwords-ciphers.md) - [Cipher Decrypt](https://pentest.mxhx.org/05-passwords-ciphers/04-cipher-decrypt.md) - [Cipher RSA Wiener P-Q-E](https://pentest.mxhx.org/05-passwords-ciphers/04-cipher-decrypt-rsa-wiener.md) - [Cracking](https://pentest.mxhx.org/05-passwords-ciphers/cracking.md) - [Dict Guess List Mangle](https://pentest.mxhx.org/05-passwords-ciphers/dicts-lists-mangling.md) - [Get Hashes](https://pentest.mxhx.org/05-passwords-ciphers/get-hashes.md) - [Hydra Brutes](https://pentest.mxhx.org/05-passwords-ciphers/hydra.md) - [Images Exif Steg](https://pentest.mxhx.org/05-passwords-ciphers/04-images-exif-steg.md) - [Malware Analysis](https://pentest.mxhx.org/05-passwords-ciphers/malware-analysis.md) - [Pull Hashes PCredz](https://pentest.mxhx.org/05-passwords-ciphers/04-pull-hashes-pcredz.md) - [SSH PrivKey Passphrase](https://pentest.mxhx.org/05-passwords-ciphers/05-crask-sshprivkey-passphrase.md) - [Unzip Crack](https://pentest.mxhx.org/05-passwords-ciphers/unzip-crack.md) - [Windows PW](https://pentest.mxhx.org/05-passwords-ciphers/05-windows-pw.md) - [06 Linux PrivEsc](https://pentest.mxhx.org/06-linux-privesc.md) - [1 Look Around](https://pentest.mxhx.org/06-linux-privesc/04-look-around.md) - [2 Enums](https://pentest.mxhx.org/06-linux-privesc/lx-enum.md) - [3 PrivEsc](https://pentest.mxhx.org/06-linux-privesc/lx-privesc.md): Every PrivEsc comes from a misconfiguration or Vulnerability - [4 Kernel Exploits](https://pentest.mxhx.org/06-linux-privesc/lx-kernelexp.md) - [5 Looting](https://pentest.mxhx.org/06-linux-privesc/5-looting.md) - [binaries](https://pentest.mxhx.org/06-linux-privesc/binaries.md) - [Buffer Overflow](https://pentest.mxhx.org/06-linux-privesc/buffer-overflow.md) - [bash prison](https://pentest.mxhx.org/06-linux-privesc/bash-prison.md) - [Monitor Files](https://pentest.mxhx.org/06-linux-privesc/02-monitor-files.md) - [mongodb node](https://pentest.mxhx.org/06-linux-privesc/mongodb-node.md) - [Pivots](https://pentest.mxhx.org/06-linux-privesc/06-pivots.md) - [Remote Execute](https://pentest.mxhx.org/06-linux-privesc/remote-execute.md) - [Shell TTY Fix](https://pentest.mxhx.org/06-linux-privesc/04-shell-tty-fix.md) - [TAR backups](https://pentest.mxhx.org/06-linux-privesc/tar-backup-tricks.md) - [Transfer Files](https://pentest.mxhx.org/06-linux-privesc/04-transfer-files.md) - [vnc](https://pentest.mxhx.org/06-linux-privesc/vnc.md) - [07 Windows PrivEsc](https://pentest.mxhx.org/07-win-privesc.md) - [1 Windows cmd kungfu](https://pentest.mxhx.org/07-win-privesc/windows-cmd-kungfu.md) - [2 Enums](https://pentest.mxhx.org/07-win-privesc/win-enum.md) - [3 PrivEsc](https://pentest.mxhx.org/07-win-privesc/win-privesc.md) - [4 Kernel Exploits](https://pentest.mxhx.org/07-win-privesc/win-kernelexp.md): Windows PrivEsc Methods - [5 Looting](https://pentest.mxhx.org/07-win-privesc/5-looting.md) - [Bloodhound](https://pentest.mxhx.org/07-win-privesc/bloodhound.md) - [DLL Hijack MSF](https://pentest.mxhx.org/07-win-privesc/06-dll-hijack.md) - [Kerberos](https://pentest.mxhx.org/07-win-privesc/07-kerberos.md) - [Memory Analysis](https://pentest.mxhx.org/07-win-privesc/04-memory-analysis.md) - [NTDS](https://pentest.mxhx.org/07-win-privesc/ntds.md) - [Powershell](https://pentest.mxhx.org/07-win-privesc/powershell.md) - [Responder](https://pentest.mxhx.org/07-win-privesc/responder.md) - [Saved Creds runas](https://pentest.mxhx.org/07-win-privesc/saved-creds-runas.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://pentest.mxhx.org/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.