The Windows - Linux
Module Contains General Information about Permission (Linux Permissions Guide) - Commands (Commands that might be useful in Pentesting) - Shell Stabilization (Help Maintain Access) - Reverse Shell's.
The Windows
Module also contains Common Tools/Active Directory Tools.
Linux - Windows
Transfer methods provide Unsecure - Secure/Encrypted options for Transferring files between the two Operating Systems. The Guide provides both Upload and Download Methods.
There are Miscellaneous Transfer methods. The Module shows how to use Programming Language to Transfer Files.
The Network Services
module focuses on assessing the Security of FTP - NFS - SMB - SMTP - MySQL - Redis
. It identifies Vulnerabilities, Misconfigurations, and Weaknesses that could lead to Unauthorized Access or Data Breaches.
The Web Vulnerabilities
Module focuses on common Security Weaknesses in Web Applications.
Injection
: Untrusted data can be used to exploit applications, such as SQL or OS Command Injection.Broken Authentication
: Flaws in Authentication mechanisms allow Unauthorized Access to User Accounts.XML External Entity (XXE)
: Insecure XML processing enables reading files or executing Remote Code.XSS (Cross-Site Scripting)
: Malicious Scripts are Injected into Web Pages, compromising User Data.Upload Vulnerabilities
: Insecure file Uploads can lead to the execution of Malicious Code.
The Recon
Module involves Gathering Information and conducting Reconnaissance. It utilizes tools like ping - fping - traceroute - dig - dog - nslookup
, and techniques like Google Dorking
.
These help in assessing Network Connectivity, Mapping Network Paths, querying DNS Information, and Discovering Potential Vulnerabilities.