CND
  • CND
    • WHOAMI
    • PROJECTS
      • DEV
        • PERSONAL WEBSITE
        • GITHUB
          • CONVERTERS
          • CALCULATORS
        • ARDUINO
        • CTFD
        • AUTOMATION
          • ANSIBLE
          • TERRAFORM
      • CYBER
        • PERSONAL CYBER RANGE
    • SELF DEVELOPMENT
      • TRAINING PLATFORMS
      • PREP MATERIALS
        • OPERATOR DEVELOPMENT & INTEGRATION EFFORT (ODIE) ASSESSMENT
        • COMPUTER NETWORK ASSESSMENT BATTERY (CNAB)
        • COMPUTER NETWORK OPERATIONS QUALIFICATION COURSE (CNOQC)
        • COMPUTER NETWORK OPERATIONS DEVELOPMENT PROGRAM (CNODP)
        • DATA ENGINEER
        • CYBER COMMON TECHNICAL CORE (CCTC)
      • WRITEUPS/WALKTHROUGHS
        • HTB ACADEMY
          • 01.BUG BOUNTY HUNTER
          • 02.PENETRATION TESTER
        • HTB LABS
          • STARTING POINT
            • TIER 0
              • 01.MEOW (TELNET)
              • 02.FAWN (FTP)
              • 03.DANCING (SMB)
              • 04.REDEEMER (REDIS DB - ANONYMOUS ACCESS)
              • 05.EXPLOSION (RDP - WEAK CREDS)
              • 06.PREIGNITION (WEB FORM LOGIN)
              • 07.MONGOD (MONGODB)
              • 08.SYNCED (RSYNC)
            • TIER 1
              • 01.APPOINTMENT (SQL INJECTION)
              • 02.SEQUEL (MYSQL)
              • 03.CROCODILE (FTP & WEB FORM LOGIN)
              • 04.RESPONDER (RFI, NTLM CAPTURE, PW CRACKING & WINRM)
              • 05.THREE (AWS S3 BUCKET)
              • 06.IGNITION (DIRECTORY ENUMERATION & BRUTE FORCE)
              • 07.BIKE (SSTI)
              • 08.FUNNEL (PASSWORD SPRAYING & LOCAL PORT FORWARDING)
              • 09.PENNYWORTH (GROOVY SCRIPTING & REVERSE SHELL)
              • 10.TACTICS (SMB)
            • TIER 2
              • 01.ARCHETYPE (PRIVESC & MSSQL SERVER)
              • 02.OOPSIE
              • 03.VACCINE
              • 04.UNIFIED
              • 04.INCLUDED
              • 05.MARKUP
              • 06.BASE
          • INTRO TO BLUE TEAM
            • BRUTUS (SSH)
            • BFT (MFT)
            • UNIT42 (SYSMON/EVENT LOGS)
            • I-LIKE-TO
        • THM
          • ADVENT OF CYBER
            • 2024
            • 2023
            • 2022
          • SOC LEVEL 1
            • PRACTICAL EXERCISES
              • NETWORK SECURITY & TRAFFIC ANALYSIS
                • SNORT
                • NETWORK MINER
                • ZEEK
                • BRIM
                • WIRESHARK: BASICS
                • WIRESHARK: PACKET OPERATIONS
                • WIRESHARK: TRAFFIC ANALYSIS
                • TSHARK: THE BASICS
                • TSHARK: CLI WIRESHARK FEATURES
              • ENDPOINT SECURITY MONITORING
                • INTRO TO ENDPOINT SECURITY
            • SKILLS ASSESSMENT
              • NETWORK SECURITY & TRAFFIC ANALYSIS
                • SNORT CHALLENGE (BASICS)
                • SNORT CHALLENGE (LIVE ATTACKS)
                • ZEEK EXERCISES
                • TSHARK CHALLENGE I: TEAMWORK
                • TSHARK CHALLENGE II: DIRECTORY
              • ENDPOINT SECURITY MONITORING
        • HOLIDAY HACK CHALLENGE (SANS)
          • 2024:SNOW-MAGGEDON
      • PROVING GROUNDS
        • ADVENT OF CYBER: SIDE QUEST (THM)
          • 2024
        • CMU
        • CYBER FLAG
        • PRESIDENT'S CUP
        • MEC-T
      • COLLEGE
        • 03.DAKOTA STATE UNIVERSITY (DSU)
          • 2025
            • 01.CSC428: REVERSE ENGINEERING
          • 2024
            • 01.CSC314: ASSEMBLY LANGUAGE
            • 02.CSC300: DATA STRUCTURES
              • 01.C++ OVERVIEW: CLASSES & DATA ABSTRACTION
              • 02.OBJECT ORIENTED DESIGN & C++
              • 03.POINTERS
              • 04.ARRAY-BASED LIST
              • 05.LINKED LISTS
              • 06.DOUBLY LINKED LIST
              • 07.STACKS
              • 08.QUEUES
              • 09.BINARY TREES
          • 2023
            • 01.CSC250: COMPUTER SCIENCE II
            • 02.CSC334: WEB DEVELOPMENT
            • 03.MATH201: INTRODUCTION TO DISCRETE MATHEMATICS
        • 02.UNIVERSITY OF ARIZONA (UA)
        • 01.TECHNICAL COLLEGE OF THE LOWCOUNTRY
          • 2010
          • 2009
      • NOTES
  • PLAYBOOK
    • DCO
      • 01.PRE-ENGAGEMENT
        • PLAN
          • PDSS
            • 02.ROE
          • MISSION ANALYSIS
        • PREPARE
          • MPN
          • HSMC
            • 01.CTI
            • 02.DETECTION ENGINEERING
      • 02.ENGAGEMENT
        • EXECUTE
          • 01.PRE-HUNT
            • TAP/SENSOR DEPLOYMENT
          • 02.THREAT HUNTING
            • 01.TRAFFIC ANALYSIS
              • LOW-HANGING FRUIT
                • HOST IDENTIFICATION
                  • WIRESHARK
                  • TSHARK
                • CLEARTEXT CREDENTIALS
                  • WIRESHARK
                • CLEARTEXT PROTOCOLS
                  • WIRESHARK
                    • FTP ANALYSIS
                    • HTTP ANALYSIS
                    • LOG4J ANALYSIS
                • DNS QUERIES
                  • TSHARK
                • USER-AGENTS
                  • TSHARK
              • PORT SCANS
                • WIRESHARK
                • KIBANA
                • SPLUNK
              • ARP POISONING
                • WIRESHARK
              • TUNNELING (DNS/ICP)
                • WIRESHARK
                  • ICMP TUNNELING
                  • DNS TUNNELING
              • ENCRYPTED PROTOCOLS
                • WIRESHARK
                  • HTTPS ANALYSIS
                    • SNI INSPECTION
                    • ENCRYPTION KEY LOG FILE
            • 02.LOG ANALYSIS
          • INCIDENT RESPONSE
            • 01.PREPARATION
            • 02.IDENTIFICATION
            • 03.CONTAINMENT
            • 04.ERADICATION
            • 05.RECOVERY
            • 06.LESSONS LEARNED
          • FORENSICS
            • 01.ACQUISITION
            • MALWARE ANALYSIS
            • REVERSE ENGINEERING
        • ASSESS
      • 03.POST-ENGAGEMENT
        • DEBRIEF
        • DOCUMENTATION
          • MISSION DEFENSE PLAN/RISK MITIGATION PLAN
            • VULNERABILITY GUIDE
    • OCO
      • 01.PRE-ENGAGEMENT
        • 01.PDSS
        • 02.ROE
        • 03.RESOURCE DEVELOPMENT
          • 01.INFRASTRUCTURE DEVELOPMENT
          • 02.MALWARE DEVELOPMENT
          • 03.EXPLOIT DEVELOPMENT
      • 02.ENGAGEMENT
        • 01.IN
          • 01.PRE-ACCESS
            • 01.VPN CONNECTION
            • 02.ANALYST LOGGING
            • 03.OPNOTES
          • 02.INITIAL ACCESS/FOOTHOLD
            • INFORMATION GATHERING
              • RECONNAISSANCE
              • VULNERABILITY ASSESSMENT
                • WEB SERVERS
                  • SOURCE CODE REVIEW
                  • VULNERABILITY IDENTIFICATION
                    • SEARCHSPLOIT
                    • EXPLOIT DB
                  • VULNERABILITY SCANNING
                    • NIKTO
                    • NMAP
            • WEAPONIZATION
              • OBFUSCATION
                • JAVASCRIPT
              • SHELLCODES
              • PASSWORDS/PINS
                • PINS
                • DICTIONARY
                • CUSTOM WORDLIST
                  • USERNAMES
                  • PASSWORDS
              • TROJANS
                • TROJAN BACKDOOR
              • MALICIOUS DOCUMENTS
                • MACRO EMBEDDING DOCX
              • SCRIPTS
                • ENUMERATION
                  • PYTHON
                    • PARAM-FUZZER.PY
                  • BASH
                • WSDL
                  • SQLI
                  • CMD INJECTION
            • DELIVERY
              • SOCIAL ENGINEERING
              • WATERING HOLE
              • SUPPLY CHAIN
              • FILE XFER: INGRESS (UTILITY-BASED)
                • PYTHON HTTP SERVER
                  • WGET/CURL
                • SCP
                • COPY/PASTE
                  • BASE64 ENCODED XFER
            • EXPLOITATION
              • TYPE
                • INJECTIONS
                  • CLIENT-SIDE
                    • CROSS-SITE SCRIPTING (XSS)
                      • XSS DISCOVERY
                        • XSS TESTING (MANUAL)
                        • XSS TESTING (HYBRID)
                      • WEBPAGE DEFACEMENT
                      • XSS PHISHING
                      • XSS SESSION HIJACKING (AKA COOKIE STEALING)
                        • BASIC XSS TESTS
                        • OBTAINING SESSION COOKIES (PHP SERVER)
                        • OBTAINING SESSION COOKIES (NETCAT SERVER)
                    • SQL INJECTION (SQLI)
                      • 01.SQLI DISCOVERY
                        • 01.SQLI TESTING (MANUAL)
                          • URL PARAMETER METHOD
                          • LOGIN FORMS
                        • 01.SQLI TESTING (HYBRID)
                          • SQLMAP
                        • 02.SQLI LOCATION IDENTIFICATION
                      • 02.SQLI DB ENUMERATION
                      • AUTHENTICATION BYPASS
                      • CREDENTIAL DUMPING
                      • SQLI READING FILES
                      • SQLI WRITING WEB SHELL FILES
                    • COMMAND INJECTION
                      • 01.DISCOVERY
                      • FILTER EVASION/BYPASS
                        • FRONT-END VALIDATION: CUSTOMIZED HTTP REQUEST
                        • SPACE & NEW LINE CHARACTERS
                        • SLASH & BACKSLASH
                        • BLACKLISTED CHARACTERS
                        • BLACKLISTED CMDS
                        • ADVANCED CMD OBFUSCATION
                      • EVASION TOOLS
                    • HTML INJECTION
                    • XML EXTERNAL EXTITY (XXE)
                      • DISCOVERY
                        • WINDOWS
                      • INFORMATION DISCLOSURE
                      • INFORMATION TAMPERING
                        • RCE
                      • EXFILTRATION
                        • OOB BLIND DATA EXFIL
                          • XXEINJECTOR (AUTOMATED)
                      • IMPACT
                        • DOS
                    • CROSS-SITE REQUEST FORGERY (CSRF/XSRF)
                      • DISCOVERY
                      • CSRF BYPASS
                      • TRIGGERS
                        • W/O ANTI-CSRF TOKEN
                        • WITH ANTI-CSRF TOKEN (GET METHOD)
                        • WITH ANTI-CSRF TOKEN (POST METHOD)
                        • CHAINING (XSS & CSRF)
                          • MAKING PROFILE PUBLIC
                          • ADDING A FUNCTION TO THE PROFILE PAGE
                        • WEAK CSRF TOKENS
                  • SERVER-SIDE
                    • SSRF
                      • 01.DISCOVERY
                        • BLIND SSRF
                      • ENUMERATION
                      • LFI
                    • SSTI
                      • IDENTIFICATION
                      • JINJA (EXPLOITATION)
                      • TWIG (EXPLOITATION)
                      • HANDLEBARS NODEJS (EXPLOITATION)
                        • PAYLOAD
                    • SSI INJECTION
                      • SSI (EXPLOITATION)
                    • XSLT INJECTION
                      • IDENTIFICATION
                      • XSLT INJECTION (EXPLOITATION)
                • FILE UPLOADS
                  • 01.DISCOVERY
                  • FILTER EVASION/BYPASS
                    • CLIENT-SIDE VALIDATION
                      • BACK-END REQUEST MODIFICATION
                      • DISABLING FRONT-END VALIDATION
                    • BACK-END VALIDATION
                      • BLACKLIST EXTENSION FILTERS
                      • WHITELIST EXTENSION FILTERS
                      • CONTENT TYPE FILTER
                  • UPLOAD EXPLOITATION
                    • WEB SHELL
                      • CUSTOM WEB SHELLS
                        • PHP WEB SHELL
                        • .NET WEB SHELL
                        • HTML FORM SHELL
                    • REVERSE SHELLS
                      • CUSTOM REVERSE SHELLS
                    • LIMITED FILE UPLOADS
                      • EMBEDDED JAVASCRIPT (XSS)
                      • XML EXTERNAL ENTITY (XXE)
                    • TFTP
                  • ARBITRARY FILE UPLOAD
                • BRUTE FORCE
                  • WEB
                    • BASIC HTTP AUTHENTICATION
                    • WEB LOGIN FORMS
                      • HYDRA
                      • FFUF
                    • PASSWORD RESET: TOKENS
                    • 2FA
                    • LOW-HANGING FRUIT
                      • EMPTY/DEFAULT PWS
                      • DEFAULT CREDENTIALS
                    • PASSWORD RESET: SECURITY QUESTIONS
                    • PIN CRACKING
                    • SESSION TOKENS
                      • IDENTIFICATION
                      • TAMPERING/FORGING SESSION TOKENS
                  • EXPOSED SERVICES
                    • SSH
                    • FTP
                    • RDP
                    • SMB
                    • SNMP
                  • PASSWORD CRACKING (OFFLINE)
                    • HASH IDENTIFICATION
                    • JOHN THE RIPPER
                    • HASHCAT
                • AUTHENTICATION BYPASS
                  • DIRECT ACCESS
                  • PARAMETER MODIFICATION
                  • HTTP VERB TAMPERING
                    • INSECURE CONFIGURATION
                    • INSECURE CODING
                  • SESSION ATTACKS
                    • SESSION HIJACKING
                    • SESSION FIXATION
                      • DISCOVERY
                • WI-FI
                  • WPA/WPA2 CRACKING
                • IDOR
                  • IDENTIFICATION
                  • INFORMATION DISCLOSURE
                    • PLAINTEXT REFERENCES
                    • PARAMETER MANIPULATION & COOKIE TAMPERING
                    • ENCODED REFERENCES
                  • INFORMATION ALTERATION
                    • INSECURE FUNCTION CALLS
                • FILE INCLUSION
                  • LFI
                    • DISCOVERY
                      • FUZZING FOR LFI PAYLOADS (AUTOMATED)
                        • EXTRA PAYLOADS
                    • BASIC BYPASSES
                    • SOURCE CODE DISCLOSURE
                    • RCE
                      • FILE UPLOADS
                      • LOG FILE POISONING
                        • PHP SESSION POISONING
                        • SERVER LOG POISONING
                  • RFI
                    • DISCOVERY
                    • RCE
                • OPEN REDIRECT
                  • DISCOVERY
                  • CREDENTIAL THEFT
                • RCE MS SQL
              • CVE
            • DEFENSE EVASION
            • PERSISTENCE
              • SSH DIRECTORY
            • COMMAND & CONTROL
              • SHELLS
                • BIND SHELL
                  • BASH
                  • PYTHON
                  • POWERSHELL
                • REVERSE SHELL
                  • BASH
                  • PHP
                  • POWERSHELL
                  • GROOVY (JENKINS)
                • WEB SHELL
                  • PHP
                  • JSP
                  • ASP
                • SSH
              • INTERACTIVE SHELLS
        • 02.THROUGH
          • DISCOVERY
            • 01.HOST
            • 02.SERVICES
            • 02.VULNERABILITY ASSESSMENT
          • ENUMERATION
            • SYSTEM ENUMERATION
              • WINPEAS
          • PRIVILEGE ESCALATION
            • WINDOWS
              • IDENTIFICATION
                • AUTOMATED SCRIPTS
                  • WINPEAS
                  • SEATBELT
                  • JAWS
              • EXECUTION
                • BATCH FILES
                • PSEXEC.PY
                • EXPOSED CREDENTIALS
                  • WEBROOTS
            • LINUX
              • IDENTIFICATION
                • AUTOMATED SCRIPTS
                  • LINENUM
                  • LINUXPRIVCHECKER
                  • LINPEAS
              • EXECUTION
                • EXPOSED CREDENTIALS
                  • WEBROOTS
                • MISCONFIGURATIONS
                  • SETUID
                  • VI
                  • SSH DIRECTORY
                  • SUDOERS
                • SCHEDULED TASKS
                  • CRON JOBS
          • EXECUTION
          • CREDENTIAL ACCESS
            • SESSION HIJACKING
            • PASSWORD CRACKING
              • JOHN THE RIPPER
                • CRACKING ENCRYPTED FILES (ZIP)
                • CRACKING ENCRYPTED FILES (PDF)
              • HASHCAT
                • CRACKING MD5 HASHES
          • LATERAL MOVEMENT
            • NETWORK PIVOTING
              • PORT FORWARDING
                • LOCAL PORT FORWARDING
              • TUNNELING
        • 03.OUT
          • COLLECTION
          • EXFILTRATION
            • SCP
          • IMPACT
            • DOS
              • XXE PAYLOAD DOS
              • DECOMPRESSION BOMB
              • PIXEL FLOOD
              • REGEX DOS
                • DISCOVERY
            • TIMING ATTACKS
              • RACE CONDITIONS
            • MITM
              • WEBSOCKETS
          • OBJECTIVES
      • 03.POST-ENGAGEMENT
        • 00.BDA
        • 01.ARTIFACT CLEARING
        • 02.INFRASTRUCTURE RESET
        • 03.DEBRIEF
          • INTERNAL
          • EXTERNAL
        • 04.DOCUMENTATION
          • REPORT
        • 05.LESSONS LEARNED
    • DEV
      • C
    • SRE
      • REVERSE ENGINEERING
        • ANALYSIS
          • 01.REBASING: IDENTIFYING BASE ADDRESS (IF REQUIRED)
          • 02.IDENTIFYING MAIN() IN STRIPPED BINARIES
          • 03.IDENTIFYING GLOBAL VARIABLES
          • C CODE CONSTRUCTS IN ASSEMBLY
            • GLOBAL & LOCAL VARIABLES
            • ARITHMETIC OPERATIONS
            • FUNCTION CALLS
            • ARRAYS
            • STRUCTS
            • LINKED-LIST TRAVERSAL
            • FLOW CONTROL
              • IF STATEMENTS
              • SWITCH STATEMENTS
              • LOOPS
        • STRING PATCHING
        • BINARY PATCHING
        • STACK MAPPING
      • ANTI-DEBUGGING
      • SOFTWARE EXPLOITATION
        • STACK REDIRECTION
        • SHELLCODE
        • DISASSEMBLER/GHIDRA SCRIPTING
        • FORMAT STRINGS
        • ENVIRONMENT VARS
        • BUFFER OVERFLOWS
          • DISABLING ASLR (LINUX)
        • VULNERABLE C FUNCTIONS
  • ENGINEERING
    • INSTALLATION PROCEDURES
    • CONFIGURATION PROCEDURES
      • WEB
        • BASIC HTTP AUTHENTICATION
        • CSRF PROTECTED FORM
      • NETWORKING
        • CISCO SWITCH
          • VLAN TRUNKS
          • PORT SECURITY
        • CISCO ROUTER
  • SYSTEM ADMINISTRATION
    • LINUX
      • NETWORKING
        • RESTART NETWORK SERVICES
        • LOCAL DNS RESOLUTION
      • LOCATING
      • FILE SHARING
      • PACKAGES
        • NORDVPN
      • OS
        • KALI
    • WINDOWS
      • DISK PARTITIONING
        • DISKPART
      • ACTIVE DIRECTORY
        • PASSWORD
        • DOMAIN USER
      • OPEN SSH
        • PRIVATE KEY PERMISSIONS
      • LOCAL DNS RESOLUTION
  • TOOLING
    • DCO
      • CYBER THREAT INTELLIGENCE (CTI)
        • OPENCTI
        • MALWARE INFORMATION SHARING PLATFORM (MISP)
      • DETECTION ENGINEERING
        • HOST
          • NETWORK MINER
        • NETWORK
          • SNORT
            • SELF-TEST MODE
            • SNIFFER MODE
            • PACKET LOGGER MODE
            • IDS/IPS MODE
            • PCAP READING MODE
            • RULE WRITING
              • SAMPLE RULES
              • MAGIC NUMBERS
      • THREAT HUNTING
        • NETWORK ANALYSIS
          • IDS/IPS
            • SNORT
            • SURICATA
          • PACKET ANALYZER
            • WIRESHARK
              • MERGING PCAPS
              • FINDING SPECIFIC STRINGS/PACKETS
              • EXPORTING PACKETS
              • EXPORTING OBJECTS
              • CREATING PROFILES
              • BOOKMARKING FILTERS
              • PACKET FILTERING
                • OPERATORS & FUNCTIONS
                • PROTOCOL FILTERS
                  • IP FILTERS
                  • TCP/UDP FILTERS
                  • APPLICATION FILTERS
                • FILTER BUILDER
              • CREATING FW RULES
            • TSHARK
              • SNIFFING TRAFFIC
                • CAPTURE FILTERS
              • READING CAPTURE FILE
                • DISPLAY FILTERS
                • OUTPUT FORMAT SELECTOR
              • FOLLOWING DATA STREAMS
              • EXTRACTING DATA
              • PACKET FILTERING
                • DISPLAYING PACKET STATISTICS
                • ADVANCED FILTERING
            • TCPDUMP
              • EXTRACTING INFORMATION
          • SIEM
            • ELASTIC STACK
            • SECURITY ONION
            • SPLUNK
          • NSM
            • ZEEK
              • MODES
              • LOGS
              • SIGNATURES
                • HTTP CLEARTEXT PASSWORD DETECTION
                • FTP BRUTE FORCE DETECTION
              • SCRIPTING
              • EVENT CORRELATION
              • FRAMEWORK
                • FILE FRAMEWORK | HASHES
                • FILE FRAMEWORK | EXTRACT FILES
                • NOTICE FRAMEWORK | INTELLIGENCE
                • CLEARTEXT SUBMISSION OF PWDS
                • GEO-LOCATION DATA
              • PACKAGES
        • HOST ANALYSIS
          • YARA
          • FLOSS
          • BRIM
            • QUERIES
            • QUERY REFERENCE
          • SYSINTERNALS
            • TCPVIEW
            • PROCESS EXPLORER
            • SYSMON
              • EXAMPLE CONFIGURATION FILE
              • IMPORTANT EVENT-IDS
          • POWERSHELL
          • WINDOWS EVENT LOGS
            • EXPORTING LOGS
          • OSQUERY
          • EDR
            • WAZUH
      • DFIR
        • EXIFTOOL
        • NETWORK FORENSICS
          • NETWORK MINER
        • FILE SYSTEM
          • MFTECMD
          • TIMELINE EXPLORER
      • ATOMIC RED TEAM
      • UTILITIES
        • JQ
        • .NET SDK
      • REVERSE ENGINEERING
        • DISASSEMBLERS
          • RADARE2
          • GHIDRA
          • IDA PRO
          • BINARY NINJA
          • CUTTER
          • HOPPER
        • DEBUGGERS
          • GDB/GEF
          • GEF
          • X64DBG
          • WINDBG
    • OCO
      • C2
        • COBALT STRIKE
        • SLIVER
        • MYTHIC C2
          • INSTALLATION
            • ON-PREMISE
            • AWS EC2
            • AZURE
          • C2 PROFILES
            • HTTP
          • AGENTS
            • WINDOWS
          • PAYLOAD CREATION
            • AWS CLOUDFRONT IMPLEMENTATION
            • AZURE FRONT DOOR IMPLEMENTATION
            • NGINX CONDITIONAL REDIRECTION IMPLEMENTATION
        • MITRE CALDERA
          • ON-PREMISE
        • HAVOC C2
        • METASPLOIT
      • VPS
        • REDIRECTORS
          • AWS CLOUDFRONT
            • LOAD BALANCER (AWS EC2)
            • CLOUDFRONT
              • GEO RESTRICTION (OPSEC)
          • AZURE FRONT DOOR
            • FRONT DOOR
          • NGINX (AWS EC2/AZURE)
            • C2 AGENT/USER-AGENT CONDITIONAL REDIRECTION (OPSEC)
              • NGINX FW RULE
              • C2 SERVER FW RULE
            • DIRECTORY REDIRECTION (OPSEC)
          • NGINX (ON-PREMISE)
        • PAYLOAD SERVER
          • NGINX (AWS EC2/AZURE)
            • FW RULES
            • CONFIGURATION
              • FACADE FILES
          • PWNDROP
        • PHISHING SERVER
          • EVILGINX (AWS EC2/AZURE)
            • FW RULES
            • HOMOGRAPHS
            • TRIGGERS
              • CREDENTIAL HARVESTING
              • MFA BYPASS
          • GOPHISH
            • FW RULES
            • CONFIGURATION
            • CAMPAIGNS
            • TRIGGERS
              • MALICIOUS DOWNLOADS
      • WIFI
        • ALFA AWUS1900 WIRELESS ADAPTER
          • DRIVERS
      • OSINT
        • FINAL RECON
        • RECON-NG
        • THE HARVESTER
        • SPIDERFOOT
        • OSINT FRAMEWORK
      • UTILITIES
        • 7ZIP
        • BROWSER DEVTOOLS
        • CADAVER
        • CURL
        • CUSTOM WORDLIST
          • USERNAME ANARCHY
          • CUPP
        • DATABASE
          • MYSQL
          • PSQL
        • DIG
        • DNSENUM
        • FIND
        • FTP
        • HTML2TEXT
        • IMPACKET
          • PSEXEC.PY
          • MSSQLCLIENT.PY
        • MULTI-FUNCTION
        • NETCAT
        • NETSTAT
        • NMAP
        • OPENVPN
        • PASSWORD
          • BRUTE FORCE (ONLINE)
            • HYDRA
            • MEDUSA
            • FFUF
            • CRACKMAPEXEC (SMB, ETC)
          • CRACKING (OFFLINE)
            • HASH-ID.PY
            • HASHID
            • JOHN THE RIPPER
            • HASHCAT
        • PRIVESC
          • WINPEAS
        • PROXIES
          • WRAPPER
            • PROXYCHAINS
          • WEB PROXIES
            • BURP SUITE
              • SETTINGS
              • WEB CRAWLING
            • ZED ATTACK PROXY (ZAP)
          • BROWSER PROXIES
            • FIREFOX
            • EXTENSIONS
              • FOXY PROXY
              • PROXY SWITCHYOMEGA (BRAVE BROWSER)
        • REMOTE ACCESS
          • FREERDP
        • RESPONDER
        • RSYNC
        • SCRIPT
        • SEARCHSPLOIT
        • SMBCLIENT
        • SOCAT
        • SQLMAP
          • GET REQUESTS
          • POST REQUESTS
          • BYPASSING WEBAPP PROTECTIONS
            • TAMPER SCRIPTS
          • OS EXPLOITATION
          • SQLI
            • CMD INJECTION
        • SSH
        • SSTIMAP
        • TAC
        • TECHNOLOGY PROFILER
          • WAPPALYZER
        • TEE
        • TMUX
        • TREE
        • VI/VIM
        • WEB CONTENT DISCOVERY
          • GOBUSTER
          • DIRB
        • WGET
        • WPSCAN
        • SNMPWALK
        • ONESIXTYONE
      • RANGE
        • TARGETS
          • DVWA
          • VULNHUB
          • DVLLMA
          • OWASP JUICE SHOP
          • METASPLOITABLE 2
          • METASPLOITABLE 3
    • DEV
      • FUNDAMENTALS
        • NUMBER SYSTEM
          • CONVERSIONS
          • COMPLEMENTS
      • LANGUAGES
        • ASSEMBLY
          • TEMPLATE
        • C
          • TEMPLATE
          • SYNTAX
            • FUNDAMENTALS
              • BOOLEANS
              • TYPEDEF
              • ENUM
              • SIZEOF
              • ARRAYS
              • ADDRESS-OF
              • DEREFERENCE
              • CHARACTER STRINGS
          • OPERATORS
          • KEYWORDS
          • FORMAT SPECIFIERS
          • ENCODING SCHEMES
          • BARR C CODING STANDARD
          • TROUBLESHOOTING
            • SUPPRESSING SECURITY WARNINGS
          • TYPE MODIFIERS
          • FUNCTION PROTOTYPES
            • BUILT-IN
              • STRING.H
                • STRLEN()
                • STRCPY()
                • STRNCPY()
                • STRCAT()
              • STDLIB.H
                • FREE()
                • MALLOC()
              • STDBOOL.H
              • STDIO.H
                • PRINTF()
                • SNPRINTF()
        • PYTHON
          • TEMPLATE
        • HTML
          • URL ENCODING
        • C++
      • COMPILERS
        • COMPILER EXPLORER (ONLINE)
        • GCC (LINUX)
        • VISUAL STUDIO CLI (WINDOWS)
      • UTILITIES
        • HEXDUMP
        • CODE BEAUTIFY
        • GIT (CLI)
        • STYLE FORMATTING
          • CLANG-FORMAT
          • CLANG-FORMAT-BARR-C
        • IDE
          • ARDUINO
  • RESOURCES
    • ARMY
      • 350-1
      • CAC PKI CERTIFICATES RECOVERY
      • FORCE MANAGEMENT
      • DEFENSE ACQUISITION TRAININGS
      • CAREER MANAGEMENT
      • COLLECTION
        • MISC
        • COMMANDS
        • TRAINING
      • MILITARY RETIREMENT
        • CHECKLIST
        • RESUME
    • CYBER
      • DCO
        • CYBER THREAT EMULATION
        • SYSTEM HARDENING
        • MALWARE ANALYSIS
          • MALWARE BAZAAR
          • MALWARE TRAFFIC ANALYSIS.NET
          • THE ZOO (AKA MALWARE DB)
        • THREAT HUNTING
          • MITRE ATT&CK
          • MITRE ATTACK FLOW BUILDER
          • MITRE CAR
          • MITRE D3FEND
          • MITRE ENGAGE
          • MITRE ENGENUITY
          • ULTIMATE WINDOWS SECURITY
          • TECHNIQUE INTERFACE ENGINE
      • OCO
        • NETWORK PIVOTING
          • THE CYBER PLUMBER'S LAB GUIDE
        • BUG BOUNTY PROGRAMS
        • LIVING OFF THE LAND
          • LOLBAS (WINDOWS)
          • GTFOBINS (UNIX)
          • LOLDRIVERS (WINDOWS)
          • LOLAPPS
        • RECONNAISSANCE
          • WAYBACK MACHINE
          • SHODAN
          • CENSYS
        • VULNERABILITY/EXPLOIT LISTINGS
          • EXPLOIT DB
          • VULNERABILITY LAB
      • OT
        • ICS/SCADA
      • GENERAL
        • GENERATIVE AI/COPILOT
          • CAMOGPT
          • CHATGPT
          • PENTESTGPT
        • UNIFIED KILLCHAIN (UKC)
        • BLOGS
    • AUDIO
Powered by GitBook
On this page
  1. TOOLING
  2. DCO
  3. THREAT HUNTING
  4. HOST ANALYSIS

YARA

PreviousHOST ANALYSISNextFLOSS

Last updated 5 months ago