# Everything

- [Buffer Overflow Guide](/pentest-everything/everything/buffer-overflow.md)
- [Everything Active Directory and Windows](/pentest-everything/everything/everything-active-directory.md)
- [Active Directory Enumeration](/pentest-everything/everything/everything-active-directory/ad-enumeration.md)
- [ADCS](/pentest-everything/everything/everything-active-directory/adcs.md)
- [Enumeration - Certificate Authority](/pentest-everything/everything/everything-active-directory/adcs/enumeration-certificate-authority.md)
- [ESC1](/pentest-everything/everything/everything-active-directory/adcs/esc1.md)
- [ESC2](/pentest-everything/everything/everything-active-directory/adcs/esc2.md)
- [ESC3](/pentest-everything/everything/everything-active-directory/adcs/esc3.md)
- [ESC4](/pentest-everything/everything/everything-active-directory/adcs/esc4.md)
- [ESC6](/pentest-everything/everything/everything-active-directory/adcs/esc6.md)
- [ESC7](/pentest-everything/everything/everything-active-directory/adcs/esc7.md)
- [ESC8](/pentest-everything/everything/everything-active-directory/adcs/esc8.md)
- [ESC9 - WIP](/pentest-everything/everything/everything-active-directory/adcs/esc9-wip.md)
- [ESC11](/pentest-everything/everything/everything-active-directory/adcs/esc11.md)
- [Access Token Manipultion](/pentest-everything/everything/everything-active-directory/access-token-manipultion.md): https://attack.mitre.org/techniques/T1134/
- [Token Impersonation](/pentest-everything/everything/everything-active-directory/access-token-manipultion/token-impersonation.md): https://attack.mitre.org/techniques/T1134/001/
- [Create Process with Token](/pentest-everything/everything/everything-active-directory/access-token-manipultion/create-process-with-token.md): https://attack.mitre.org/techniques/T1134/002/
- [Make and Impersonate Token](/pentest-everything/everything/everything-active-directory/access-token-manipultion/make-and-impersonate-token.md): https://attack.mitre.org/techniques/T1134/003/
- [Parent PID Spoofing](/pentest-everything/everything/everything-active-directory/access-token-manipultion/parent-pid-spoofing.md): https://attack.mitre.org/techniques/T1134/004/
- [SID-History Injection](/pentest-everything/everything/everything-active-directory/access-token-manipultion/sid-history-injection.md): https://attack.mitre.org/techniques/T1134/005/
- [Adversary-in-the-Middle](/pentest-everything/everything/everything-active-directory/adversary-in-the-middle.md): https://attack.mitre.org/techniques/T1557/
- [LDAP Relay](/pentest-everything/everything/everything-active-directory/adversary-in-the-middle/ldap-relay.md)
- [LLMNR](/pentest-everything/everything/everything-active-directory/adversary-in-the-middle/llmnr.md)
- [RDP MiTM](/pentest-everything/everything/everything-active-directory/adversary-in-the-middle/rdp-mitm.md)
- [SMB Relay](/pentest-everything/everything/everything-active-directory/adversary-in-the-middle/smb-relay.md)
- [Credential Access](/pentest-everything/everything/everything-active-directory/credential-access.md)
- [Brute Force](/pentest-everything/everything/everything-active-directory/credential-access/brute-force.md)
- [Password Spraying](/pentest-everything/everything/everything-active-directory/credential-access/brute-force/password-spraying.md): https://attack.mitre.org/techniques/T1110/003/
- [Credential Dumping](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping.md): https://attack.mitre.org/techniques/T1003/
- [LSASS Memory](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/lsass-memory.md): https://attack.mitre.org/techniques/T1003/001/
- [Security Account Manager (SAM)](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/security-account-manager-sam.md): https://attack.mitre.org/techniques/T1003/002/
- [NTDS](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/ntds.md): https://attack.mitre.org/techniques/T1003/003/
- [LSA Secrets](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/lsa-secrets.md): https://attack.mitre.org/techniques/T1003/004/
- [Cached Domain Credentials](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/cached-domain-credentials.md): https://attack.mitre.org/techniques/T1003/005/
- [DCSync](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/dcsync.md): https://attack.mitre.org/techniques/T1003/006/
- [DCSync Attack](/pentest-everything/everything/everything-active-directory/credential-access/credential-dumping/dcsync/dcsync-attack.md)
- [Credentials from Password Stores](/pentest-everything/everything/everything-active-directory/credential-access/credentials-from-password-stores.md): https://attack.mitre.org/techniques/T1555/
- [Credentials from Web Browsers](/pentest-everything/everything/everything-active-directory/credential-access/credentials-from-password-stores/credentials-from-web-browsers.md): https://attack.mitre.org/techniques/T1555/003/
- [Windows Credential Manager](/pentest-everything/everything/everything-active-directory/credential-access/credentials-from-password-stores/windows-credential-manager.md): https://attack.mitre.org/techniques/T1555/004/
- [Unsecured Credentials](/pentest-everything/everything/everything-active-directory/credential-access/unsecured-credentials.md): https://attack.mitre.org/techniques/T1552/
- [Credentials In Files](/pentest-everything/everything/everything-active-directory/credential-access/unsecured-credentials/credentials-in-files.md): https://attack.mitre.org/techniques/T1552/001/
- [Credentials in Registry](/pentest-everything/everything/everything-active-directory/credential-access/unsecured-credentials/credentials-in-registry.md): https://attack.mitre.org/techniques/T1552/002/
- [Group Policy Preferences](/pentest-everything/everything/everything-active-directory/credential-access/unsecured-credentials/group-policy-preferences.md): https://attack.mitre.org/techniques/T1552/006/
- [GPP Passwords](/pentest-everything/everything/everything-active-directory/credential-access/unsecured-credentials/group-policy-preferences/gpp-password.md)
- [Modify Authentication Process](/pentest-everything/everything/everything-active-directory/credential-access/modify-authentication-process.md): https://attack.mitre.org/techniques/T1556/
- [Domain Controller Authentication: Skeleton Key](/pentest-everything/everything/everything-active-directory/credential-access/modify-authentication-process/domain-controller-authentication-skeleton-key.md): https://attack.mitre.org/techniques/T1556/001/
- [Reversible Encryption](/pentest-everything/everything/everything-active-directory/credential-access/modify-authentication-process/reversible-encryption.md): https://attack.mitre.org/techniques/T1556/005/
- [Steal or Forge Kerberos Tickets](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets.md): https://attack.mitre.org/techniques/T1558/
- [AS-REP Roasting](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/as-rep-roasting.md): https://attack.mitre.org/techniques/T1558/004/
- [Golden Ticket](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/golden-ticket.md): https://attack.mitre.org/techniques/T1558/001/
- [Kerberoasting](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/kerberoasting.md): https://attack.mitre.org/techniques/T1558/003/
- [Silver Ticket](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/silver-ticket.md): https://attack.mitre.org/techniques/T1558/002/
- [S4U2Self](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/s4u2self.md)
- [Ticket Aquisition](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/ticket-aquisition.md)
- [Constrained Delegation](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/constrained-delegation.md)
- [Unconstrained Delegation](/pentest-everything/everything/everything-active-directory/credential-access/steal-or-forge-kerberos-tickets/unconstrained-delegation.md)
- [Collection](/pentest-everything/everything/everything-active-directory/collection.md)
- [Clipboard Data](/pentest-everything/everything/everything-active-directory/collection/clipboard-data.md): https://attack.mitre.org/techniques/T1115/
- [Audio Capture](/pentest-everything/everything/everything-active-directory/collection/audio-capture.md): https://attack.mitre.org/techniques/T1123/
- [Defense Evasion](/pentest-everything/everything/everything-active-directory/defense-evasion.md)
- [Disable and Bypass Defender](/pentest-everything/everything/everything-active-directory/defense-evasion/disable-defender.md)
- [Impair Defenses](/pentest-everything/everything/everything-active-directory/defense-evasion/impair-defenses.md): https://attack.mitre.org/techniques/T1562/
- [Disable Windows Event Logging](/pentest-everything/everything/everything-active-directory/defense-evasion/impair-defenses/disable-windows-event-logging.md): https://attack.mitre.org/techniques/T1562/002/
- [Impair Command History Logging](/pentest-everything/everything/everything-active-directory/defense-evasion/impair-defenses/impair-command-history-logging.md): https://attack.mitre.org/techniques/T1562/003/
- [Disable or Modify System Firewall](/pentest-everything/everything/everything-active-directory/defense-evasion/impair-defenses/disable-or-modify-system-firewall.md): https://attack.mitre.org/techniques/T1562/004/
- [Indicator Removal](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal.md): https://attack.mitre.org/techniques/T1070/
- [Clear Windows Event Logs](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal/clear-windows-event-logs.md): https://attack.mitre.org/techniques/T1070/001/
- [Clear Command History](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal/clear-command-history.md): https://attack.mitre.org/techniques/T1070/003/
- [File Deletion](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal/file-deletion.md): https://attack.mitre.org/techniques/T1070/004/
- [Network Share Connection Removal](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal/network-share-connection-removal.md): https://attack.mitre.org/techniques/T1070/005/
- [Timestomp](/pentest-everything/everything/everything-active-directory/defense-evasion/indicator-removal/timestomp.md): https://attack.mitre.org/techniques/T1070/006/
- [Input Capture](/pentest-everything/everything/everything-active-directory/input-capture.md): https://attack.mitre.org/techniques/T1056/
- [Keylogging](/pentest-everything/everything/everything-active-directory/input-capture/keylogging.md): https://attack.mitre.org/techniques/T1562/004/
- [Lateral Movement](/pentest-everything/everything/everything-active-directory/lateral-movement.md)
- [PowerShell Remoting](/pentest-everything/everything/everything-active-directory/lateral-movement/lateral-movement.md)
- [Alternate Authentication Material](/pentest-everything/everything/everything-active-directory/lateral-movement/alternate-authentication-material.md): https://attack.mitre.org/techniques/T1550/
- [Pass The Hash](/pentest-everything/everything/everything-active-directory/lateral-movement/alternate-authentication-material/wip-pass-the-hash.md): https://attack.mitre.org/techniques/T1550/002/
- [Pass the Ticket](/pentest-everything/everything/everything-active-directory/lateral-movement/alternate-authentication-material/wip-pass-the-ticket.md): https://attack.mitre.org/techniques/T1550/003/
- [Pass the Password](/pentest-everything/everything/everything-active-directory/lateral-movement/alternate-authentication-material/pass-the-password.md)
- [File Execution Methods](/pentest-everything/everything/everything-active-directory/file-execution-methods.md)
- [File Transfer Techniques](/pentest-everything/everything/everything-active-directory/file-transfer-techniques.md)
- [Forced Coercion](/pentest-everything/everything/everything-active-directory/forced-coercion.md)
- [URL File Attack](/pentest-everything/everything/everything-active-directory/forced-coercion/url-file-attack.md)
- [LAPS](/pentest-everything/everything/everything-active-directory/laps.md)
- [Network Sniffing](/pentest-everything/everything/everything-active-directory/network-sniffing.md): https://attack.mitre.org/techniques/T1040/
- [Persistence](/pentest-everything/everything/everything-active-directory/persistence.md)
- [AdminSDHolder](/pentest-everything/everything/everything-active-directory/persistence/adminsdholder.md)
- [BITS Jobs](/pentest-everything/everything/everything-active-directory/persistence/bits-jobs.md): https://attack.mitre.org/techniques/T1197/
- [Create Account](/pentest-everything/everything/everything-active-directory/persistence/create-account.md): https://attack.mitre.org/techniques/T1136/
- [Local Account](/pentest-everything/everything/everything-active-directory/persistence/create-account/local-account.md): https://attack.mitre.org/techniques/T1136/001/
- [Domain Account](/pentest-everything/everything/everything-active-directory/persistence/create-account/domain-account.md): https://attack.mitre.org/techniques/T1136/002/
- [Cloud Account](/pentest-everything/everything/everything-active-directory/persistence/create-account/cloud-account.md): https://attack.mitre.org/techniques/T1136/003/
- [Create or Modify System Process](/pentest-everything/everything/everything-active-directory/persistence/create-or-modify-system-process.md): https://attack.mitre.org/techniques/T1543/003/
- [Windows Service](/pentest-everything/everything/everything-active-directory/persistence/create-or-modify-system-process/windows-service.md): https://attack.mitre.org/techniques/T1543/003/
- [Custom SSP](/pentest-everything/everything/everything-active-directory/persistence/custom-ssp.md)
- [DSRM](/pentest-everything/everything/everything-active-directory/persistence/dsrm.md)
- [Persistence Notes](/pentest-everything/everything/everything-active-directory/persistence/persistence.md)
- [Skeleton Key Attack](/pentest-everything/everything/everything-active-directory/persistence/skeleton-key-attack.md)
- [Privilege Escalation](/pentest-everything/everything/everything-active-directory/privilege-escalation.md)
- [Privilege Escalation Checklist](/pentest-everything/everything/everything-active-directory/privilege-escalation/privilege-escalation-checklist.md)
- [DnsAdmin](/pentest-everything/everything/everything-active-directory/privilege-escalation/dnsadmin.md)
- [Registry](/pentest-everything/everything/everything-active-directory/privilege-escalation/registry.md)
- [Always Install Elevated](/pentest-everything/everything/everything-active-directory/privilege-escalation/registry/registry-alwaysinstallelevated.md)
- [AutoRuns](/pentest-everything/everything/everything-active-directory/privilege-escalation/registry/autoruns.md)
- [Service Exploits](/pentest-everything/everything/everything-active-directory/privilege-escalation/service-exploits.md)
- [Insecure Service Permissions](/pentest-everything/everything/everything-active-directory/privilege-escalation/service-exploits/insecure-service-permissions.md)
- [SCCM / MECM](/pentest-everything/everything/everything-active-directory/sccm-mecm.md)
- [Recon](/pentest-everything/everything/everything-active-directory/sccm-mecm/recon.md)
- [CRED-1 - PXE Abuse](/pentest-everything/everything/everything-active-directory/sccm-mecm/cred-1-pxe-abuse.md)
- [CRED-2 - Policy Request Credentials](/pentest-everything/everything/everything-active-directory/sccm-mecm/cred-2-policy-request-credentials.md)
- [CRED-3 - WMI Local Secrets](/pentest-everything/everything/everything-active-directory/sccm-mecm/cred-3-wmi-local-secrets.md)
- [CRED-4 - CIM Repository](/pentest-everything/everything/everything-active-directory/sccm-mecm/cred-4-cim-repository.md)
- [CRED-5 - MSSQL Database](/pentest-everything/everything/everything-active-directory/sccm-mecm/cred-5-mssql-database.md)
- [ELEVATE-2 - Client Push](/pentest-everything/everything/everything-active-directory/sccm-mecm/elevate-2-client-push.md)
- [TAKEOVER-2](/pentest-everything/everything/everything-active-directory/sccm-mecm/takeover-2.md)
- [Timeroasting](/pentest-everything/everything/everything-active-directory/timeroasting.md)
- [Tools](/pentest-everything/everything/everything-active-directory/tools.md)
- [BloodHound](/pentest-everything/everything/everything-active-directory/tools/bloodhound.md)
- [Everything Linux](/pentest-everything/everything/everything-linux.md)
- [File Transfer Techniques](/pentest-everything/everything/everything-linux/file-transfer-techniques.md)
- [Linux Privilege Escalation Techniques](/pentest-everything/everything/everything-linux/linux-privilege-escalation-techniques.md)
- [Privilege Escalation Checklist](/pentest-everything/everything/everything-linux/privilege-escalation-checklist.md)
- [Shell Upgrades](/pentest-everything/everything/everything-linux/shell-upgrades.md)
- [Everything OSINT](/pentest-everything/everything/everything-osint.md)
- [Discovering Email Addresses](/pentest-everything/everything/everything-osint/discovering-email-addresses.md)
- [Dork Tools](/pentest-everything/everything/everything-osint/dork-tools.md)
- [Image OSINT](/pentest-everything/everything/everything-osint/image-osint.md)
- [Metadata OSINT](/pentest-everything/everything/everything-osint/metadata-osint.md)
- [Password OSINT](/pentest-everything/everything/everything-osint/password-osint.md)
- [Phone Number OSINT](/pentest-everything/everything/everything-osint/phone-number-osint.md)
- [Search Engine Operators](/pentest-everything/everything/everything-osint/search-engine-operators.md)
- [Social Media OSINT Tools](/pentest-everything/everything/everything-osint/social-media-osint-tools.md)
- [OSINT CTFs](/pentest-everything/everything/everything-osint/osint-ctfs.md)
- [Username OSINT](/pentest-everything/everything/everything-osint/username-osint.md)
- [Everything Web](/pentest-everything/everything/everything-web.md)
- [Command Injection](/pentest-everything/everything/everything-web/command-injection.md)
- [Enumeration](/pentest-everything/everything/everything-web/enumeration.md)
- [File Upload](/pentest-everything/everything/everything-web/file-upload.md): https://owasp.org/www-community/vulnerabilities/Unrestricted\_File\_Upload
- [Sub Domain Enumeration](/pentest-everything/everything/everything-web/sub-domain-enumeration.md)
- [XSS](/pentest-everything/everything/everything-web/xss.md)
- [Host Discovery](/pentest-everything/everything/host-discovery.md)
- [Pivoting and Portforwarding](/pentest-everything/everything/pivoting-and-portforwarding.md)
- [Ports](/pentest-everything/everything/ports.md)
- [Nmap Commands for port discovery](/pentest-everything/everything/ports/nmap-commands-for-port-discovery.md)
- [Port 21 | FTP](/pentest-everything/everything/ports/port-21-or-ftp.md)
- [Port 25 | SMTP](/pentest-everything/everything/ports/25-smtp.md)
- [Port 53 | DNS](/pentest-everything/everything/ports/port-53-dns.md)
- [Port 88 | Kerberos](/pentest-everything/everything/ports/port-88-or-kerberos.md)
- [Ports 111 | 32771 | rpcbind](/pentest-everything/everything/ports/ports-111-or-32771-or-rpcbind.md)
- [Port 123 | NTP](/pentest-everything/everything/ports/port-123-or-ntp.md)
- [Ports 137 | 138 | 139 | NetBIOS](/pentest-everything/everything/ports/ports-137-or-138-or-139-or-netbios.md)
- [Ports 139 | 445 | SMB](/pentest-everything/everything/ports/ports-139-445-smb.md)
- [Ports 161 | 162 | SNMP](/pentest-everything/everything/ports/ports-161-162-snmp.md)
- [Port 389 | LDAP](/pentest-everything/everything/ports/ldap.md)
- [Ports 1099 | Java RMI](/pentest-everything/everything/ports/ports-1099-or-java-rmi.md)
- [Ports 2049 | NFS](/pentest-everything/everything/ports/ports-2049-nfs.md)
- [Port 3389 | RDP](/pentest-everything/everything/ports/port-3389-or-rdp.md)
- [Ports 8080 | 8180 | Apache Tomcat](/pentest-everything/everything/ports/ports-8080-8180-apache-tomcat.md)
- [PowerShell](/pentest-everything/everything/powershell.md)
- [Constrained Language Mode](/pentest-everything/everything/powershell/constrained-language-mode.md)
- [Download and Execution Methods](/pentest-everything/everything/powershell/download-and-execution-methods.md)
- [Resources](/pentest-everything/everything/powershell/resources.md)
- [Restricted Mode](/pentest-everything/everything/powershell/restricted-mode.md)