¿ Necesitas empezar con el pentesting web y ser un ethical hacker ? Con esta tabla de S4vitar (ethical hacker , Twichyoutube ) podrás ver sus videos y filtrarlo según necesites. Podrás filtrar por:

  • Dificultad de la máquina a vulnerar
  • Certificación a la que quieras presentarte ( OSCP , EWPT , eCPPT, eJPT... )
  • Por los tipos de vulnerabilidades más conocidas ( SQLI , XSS , CSRF ...)

 

 

Nombre de la máquinaipSODificultadDescripciónCertificacionesVideo youtube
Tentacle10.10.10.224LinuxDifícilDNS Enumeration (dnsenum)
SQUID Proxy
WPAD Enumeration
OpenSMTPD v2.0.0 Exploit
SSH using Kerberos (gssapi)
Abusing .k5login file
Abusing krb5.keytab file
eCPPTv2
eCPTXv2
OSCP
OSEP
eWPT
eWPTXv2
OSWE
Active Directory
Video
Validation10.10.11.116LinuxFácilSQLI (Error Based)
SQLI -> RCE (INTO OUTFILE)
Information Leakage
eJPT
eWPT
Video
Mischief10.10.10.92LinuxInsaneSNMP Enumeration
Information Leakage
IPV6
ICMP Data Exfiltration (Python Scapy)
OSCP
eWPT
eWPTXv2
eCPPTv2
eCPTXv2
OSWE
Video
Reddish10.10.10.94LinuxInsaneAbusing Node-Red
Chisel & Socat Usage
Redis-Cli Exploitation
Rsync Abusing
Cron Exploitation
Disk Mount
File Transfer Tips
PIVOTING

eCPPTv2
eCPTXv2
Video
Return10.10.11.108WindowsFácilAbusing Printer
Abusing Server Operators Group
Service Configuration Manipulation
eJPT
OSCP (Escalada)
Video
Horizontall10.10.11.105LinuxFácilInformation Leakage
Port Forwarding
Strapi CMS Exploitation
Laravel Exploitation
eWPT
eJPT
Video
Pressed10.10.11.142LinuxDifícilPassword Guessing
WordPress Abusing RPC Calls
WordPress XML-RPC Create WebShell
PwnKit Exploit
OSCP
eWPT
eWPTXv2
OSWE
Video
Epsilon10.10.11.134LinuxMediaGit Source Leak Exploit (GitHack)
AWS Enumeration
Lambda Function Enumeration
Authentication Bypass
Abusing JWT
Server Side Template Injection (SSTI)
Tar Symlink Exploitation
eWPT
eWPTXv2
OSCP
OSWE
Video
Jeeves10.10.10.63WindowsMediaJenkins Exploitation (Groovy Script Console)
RottenPotato (SeImpersonatePrivilege)
PassTheHash (Psexec)
Breaking KeePass
Alternate Data Streams (ADS)
OSCP
eJPT
eWPT
Video
Pit10.10.10.241LinuxMediaInformation Leakage
SNMP Enumeration (Snmpwalk/Snmpbulkwalk)
SeedDMS Exploitation
SELinux (Extra)
SNMP Code Execution
OSCP
eWPT
Video
Blackfield10.10.10.192WindowsDifícilSMB Enumeration
Kerberos User Enumeration (Kerbrute)
ASRepRoast Attack (GetNPUsers)
Bloodhound Enumeration
Abusing ForceChangePassword Privilege (net rpc)
Lsass Dump Analysis (Pypykatz)
Abusing WinRM
SeBackupPrivilege Exploitation
DiskShadow
Robocopy Usage
NTDS Credentials Extraction (secretsdump)
OSCP
OSEP
Active Directory
Video
EarlyAccess10.10.11.110LinuxDifícilXSS Injection
XSS Cookie Stealing
Cookie Hijacking
Code Analysis
Building a Key Generator (PYTHON)
SQLI (Error Based)
LFI && Wrappers
Bash Scripting for Host Discovering
Information Leakage
Pivoting
Abusing Docker
Abusing Capabilities
eCPPTv2
eCPTXv2
OSCP
eWPT
eWPTXv2
OSWE
Video
Flustered10.10.11.131LinuxMediaAbusing Squid Proxy
Abusing GlusterFS
Information Leakage
Server Side Template Injection (SSTI)[RCE]
Abusing Azure Storage
OSCP
eJPT
eWPT
eWPTXv2
eCPPTv2
OSWE
Video
Love10.10.10.239WindowsFácilServer Side Request Forgery (SSRF)
Exploiting Voting System
Abusing AlwaysInstallElevated (msiexec/msi file)
eJPT
eWPT
OSCP (Escalada)
Video
NodeBlog10.10.11.139LinuxFácilNoSQL Injection (Authentication Bypass)
XXE File Read
NodeJS Deserialization Attack (IIFE Abusing)
Mongo Database Enumeration
eJPT
eWPT
Video
NunChucks10.10.11.122LinuxFácilNodeJS SSTI (Server Side Template Injection)
AppArmor Profile Bypass (Privilege Escalation)
eJPT
eWPT
Video
Bolt10.10.11.114LinuxMediaInformation Leakage
Subdomain Enumeration
SSTI (Server Side Template Injection)
Abusing PassBolt
Abusing GPG
eJPT
eWPT
eWPTXv2
OSWE
Video
GoodGames10.10.11.130LinuxFácilSQLI (Error Based)
Hash Cracking Weak Algorithms
Password Reuse
Server Side Template Injection (SSTI)
Docker Breakout (Privilege Escalation) [PIVOTING]
eJPT
eWPT
eCPPTv2
OSCP (Escalada)
Video
Hawk10.10.10.102LinuxMediaOpenSSL Cipher Brute Force and Decryption
Drupal Enumeration/Exploitation
H2 Database Exploitation
eJPT
eWPT
Video
Monitors10.10.10.238LinuxDifícilInformation Leakage
WordPress Plugin Exploitation (Spritz)
Local File Inclusion (LFI)
Cacti 1.2.12 Exploitation
Apache OfBiz Deserialization Attack (RCE)
Docker Breakout (cap_sys_module Capabilitie) [PRIVILEGE ESCALATION]
eCPPTv2
eWPT
eWPTXv2
OSCP
OSWE
Video
Intelligence10.10.10.248WindowsMediaInformation Leakage
Kerberos Enumeration (Kerbrute)
Creating a DNS Record (dnstool.py) [Abusing ADIDNS]
Intercepting Net-NTLMv2 Hashes with Responder
BloodHound Enumeration
Abusing ReadGMSAPassword Rights (gMSADumper)
Pywerview Usage
Abusing Unconstrained Delegation
Abusing AllowedToDelegate Rights (getST.py) (User Impersonation)
Using .ccache file with
wmiexec.py (KRB5CCNAME)
OSCP
OSEP
Active Directory
Video
Scavenger10.10.10.155LinuxDifícilDomain Zone Transfer (AXFR)
SQLI (Error Based) [WHOIS]
PCAP Analysis (Tshark && Wireshark)
Abusing Rootkit
eWPTVideo
Driver10.10.11.106WindowsFácilPassword Guessing
SCF Malicious File
Print Spooler Local Privilege Escalation (PrintNightmare) [CVE-2021-1675]
OSCP (Escalada)
eJPT
Video
Minion10.10.10.57WindowsInsaneServer Side Request Forgery (SSRF) [Internal Port Discovery]
ICMP Reverse Shell (PowerShell) [Firewall Bypassing]
Alternate Data Streams (ADS)
Firewall Evasion [Firewall Rules Manipulation]
eWPTXv2
OSWE
Video
Sizzle10.10.10.103WindowsInsaneSMBCacls Enumeration
Malicious SCF File (Getting NetNTLMv2 Hash)
Ldap Enumeration (LdapDomainDump)
Abusing Microsoft Active Directory Certificate Services
Creating Certificate Signing Requests (CSR) [Openssl]
CLM / AppLocker Break Out (Escaping ConstrainedLanguage)
PSByPassCLM Usage (CLM / AppLocker Break out)
Msbuild (CLM / AppLocker Break Out)
Kerberoasting Attack (Rubeus)
Kerberoasting Attack (Chisel Port Forward - GetUserSPNs.py)
WINRM Connections
BloodHound Enumeration
DCSync Attack (secretsdump.py)
DCSync Attack (Mimikatz)
PassTheHash (wmiexec.py)
OSCP
OSEP
Active Directory
Video
Toolbox10.10.10.236WindowsFácilPostgreSQL Injection (RCE)
Abusing boot2docker [Docker-Toolbox]
Pivoting
eWPT
OSCP (Intrusión)
eJPT
eCPPTv2
Video
Enterprise10.10.10.61LinuxMediaWordPress Lcars Plugin SQLI Vulnerability
SQL Injection (boolean-based blind, error-based, time-based blind)
WordPress Exploitation [www-data] (Theme Edition - 404.php Template)
Joomla Exploitation [www-data] (Template Manipulation)
Docker Breakout
Ghidra Binary Analysis
Buffer Overflow (No ASLR - PIE enabled) [RET2LIBC] (Privilege Escalation)
eWPT
eCPPTv2
eCPTXv2
Buffer Overflow
Video
Chaos10.10.10.120LinuxMediaPassword Guessing
Abusing e-mail service (claws-mail)
Crypto Challenge (Decrypt Secret Message - AES Encrypted)
LaTeX Injection (RCE)
Bypassing rbash (Restricted Bash)
Extracting Credentials from Firefox Profile
eWPT
eJPT
Video
SteamCloud10.10.11.133LinuxFácilKubernetes API Enumeration (kubectl)
Kubelet API Enumeration (kubeletctl)
Command Execution through kubeletctl on the containers
Cluster Authentication (ca.crt/token files) with kubectl
Creating YAML file for POD creation
Executing commands on the new POD
Reverse Shell through YAML file while deploying the POD
eWPTXv2
OSWE
Video
Seal10.10.10.250LinuxMediaInformation Leakage (GitBucket)
Breaking Parser Logic - Abusing Reverse Proxy / URI Normalization
Exploiting Tomcat (RCE) [Creating malicious WAR]
Abusing existing YML Playbook file [Cron Job]
Ansible-playbook exploitation (sudo privilege)
eWPT
eWPTXv2
OSCP (Intrusión)
OSWE
Video
Hancliffe10.10.11.115WindowsDifícilAbusing URI Normalization
Server Side Template Injection (SSTI) [NUXEO Vulnerability]
Unified Remote 3 Exploitation (RCE)
Decrypt Mozilla protected passwords
Reversing EXE in Ghidra
Buffer Overflow (Socket Reuse Technique) [AVANZADO]
Buffer Overflow
OSED
OSCP (Intrusión)
eWPT
eWPTXv2
OSWE
Video
Antique10.10.11.107LinuxFácilSNMP Enumeration
Network Printer Abuse
CUPS Administration Exploitation (ErrorLog)
EXTRA -> (DirtyPipe) [CVE-2022-0847]
eJPTVideo
Object10.10.11.132WindowsDifícilJenkins Exploitation (New Job + Abusing Build Periodically)
Jenkins Exploitation (Abusing Trigger builds remotely using TOKEN)
Firewall Enumeration Techniques
Jenkins Password Decrypt
BloodHound Enumeration
Abusing ForceChangePassword with PowerView
Abusing GenericWrite (Set-DomainObject - Setting Script Logon Path)
Abusing WriteOwner (Takeover Domain Admins Group)
OSCP
OSEP
OSWE
Active Directory
Video
Stratosphere10.10.10.64LinuxMediaApache Struts Exploitation (CVE-2017-5638)
Python Library Hijacking (Privilege Escalation)
eWPT
eJPT
Video
Devzat10.10.11.118LinuxMediaFuzzing Directory .git (GIT Project Recomposition)
Web Injection (RCE)
Abusing InfluxDB (CVE-2019-20933)
Abusing Devzat Chat /file command (Privilege Escalation)
EXTRA (Crypto CTF Challenge | N Factorization)
eWPT
eJPT
Video
Helpline10.10.10.132WindowsDifícilManageEngine ServiceDesk Plus User Enumeration
ManageEngine ServiceDesk Plus Authentication Bypassing
ManageEngine ServiceDesk Plus Remote Code Execution
Disabling Windows Defender (PowerShell)
Mimikatz - Getting NTLM User Hashes (lsadump::sam)
Reading Event Logs with Powershell (RamblingCookieMonster) [Get-WinEventData]
Decrypting EFS files with Mimikatz
Getting the certificate with Mimikatz (crypto::system)
Decrypting the masterkey with Mimikatz (dpapi::masterkey)
Decrypting the private key with Mimikatz (dpapi::capi)
Building a correct PFX with Openssl
Installing the PFX via certutil
Installing VNC in the box via msiexec
Connecting to the VNC service using vncviewer
Converting Secure String File to PlainText
Using RunAs to execute commands as the administrator
eWPT
OSCP
Video