🖍️
nullbrain
  • Intro
  • Tools
    • Preparation
  • basics/pre-req
    • Backpack
    • Linux
  • Working Tools
    • List of Note taking tools!
  • Practice Tools
    • Netcat
    • Socat
    • Powercat
    • PowerShell
  • Network Analysis Tools
    • Wireshark
    • Tcpdump
  • PRIVILEGE ESCALATION
    • Example
    • 🏁Kernel Exploits
    • 🪛Credentials
      • Reuse Passwords
      • Bash History
      • Local Database
  • Passive Information Gathering
    • Index
    • Tools
      • Recon-ng
        • Recon-ng [Usage]
      • Google Hacking DB [GHDB]
      • Whois
    • Techniques
      • Google Hacking
      • Website Recon
        • WR with Python
  • Active Information Gathering
    • Enumeration
      • NFS
      • SMB
    • Masscan
    • Nmap
    • Port Scanning
    • DNS
      • Scripts
      • Lookup
      • DNSRecon
      • DNSenum
  • Vulnerability Scanning
    • Vulnerability Scanning
    • Nmap
  • Web Application Exploit
    • Enumeration
      • Techniques
    • Tools
      • DIRB
  • Buffer Overflow
    • Memory
  • Real World!
    • Bruteforce
    • Tools
    • Enumeration
      • Enumeration MindMap
      • Tools
    • SQL Injection
    • Server-Side Template Injection
    • Hashcat
      • Hashcat options
    • Web Reconnaissance
    • Recon
    • Port Scanning
    • Privilege escalation
      • File permissions
      • Service Exploits
      • Kernel Exploits
      • Privilege Checker
      • snapd
      • SUID
      • Splunk
    • Reverse Shell
      • PHP deserialization
    • PHP
    • Exploits & Footholds
      • Exploit Mindmap
  • Checklist (CTF targetted)
    • checklist
  • Malicious payload
    • Metasploit APK
Powered by GitBook
On this page
  1. Real World!

Tools

PreviousBruteforceNextEnumeration

Last updated 4 years ago

Tplmam: Tplmap assists the exploitation of Code Injection and Server-Side Template Injection vulnerabilities with a number of sandbox escape techniques to get access to the underlying operating system.
PayloadsAllTheThings: A list of useful payloads and bypasses for Web Application Security.