{"version":1,"pages":[{"id":"mTdRSFaui6TVlIIoBk5A","title":"Windows","pathname":"/","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"D0o5hwWRCAGFQAIhh8cm","title":"Recon - Initial Access","pathname":"/windows/recon-initial-access","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"iOpKuNMouQFpQIJzye29","title":"Privilege Escalation","pathname":"/windows/privilege-escalation","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"Igf1cZAz0i9eRCTYFm1V","title":"Enable Privs","pathname":"/windows/privilege-escalation/enable-privs","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Privilege Escalation"}]},{"id":"H342FAUXtmmdcebErXT2","title":"SeBackupPrivilege","pathname":"/windows/privilege-escalation/sebackupprivilege","siteSpaceId":"sitesp_YVw8q","description":"This privilege is a win. We can create a shadow copy of the OS and read secret files such as SYSTEM, SECURITY, NTDS.dit etc","breadcrumbs":[{"label":"Windows"},{"label":"Privilege Escalation"}]},{"id":"Zr2B0pLiBqgKUWjdHBsq","title":"SeImpersonatePrivilege","pathname":"/windows/privilege-escalation/seimpersonateprivilege","siteSpaceId":"sitesp_YVw8q","description":"If you have this permission you are most likely a service account and you will %99 end up as NT Authority/System","breadcrumbs":[{"label":"Windows"},{"label":"Privilege Escalation"}]},{"id":"WGCIeEMdzZwIohGXRHxt","title":"SeDebugPrivilege","pathname":"/windows/privilege-escalation/sedebugprivilege","siteSpaceId":"sitesp_YVw8q","description":"Most powerful privilege you can get. Easy system shell","breadcrumbs":[{"label":"Windows"},{"label":"Privilege Escalation"}]},{"id":"3Ek05DXKIs14Gy5OAg4o","title":"Kerberoasting","pathname":"/windows/kerberoasting","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"rRkPsBBjv0gEu4e0Quqc","title":"Lateral Movement","pathname":"/windows/lateral-movement","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"bYHy7QPveZO5yZrKsymp","title":"MSSQL","pathname":"/windows/mssql","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"k4Z6J2csyMZgnQXZ4nD2","title":"AD Related","pathname":"/windows/ad-related","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"5fohD1bL11ZfQxSdDyjr","title":"Bypass-Evasion Techniques","pathname":"/windows/bypass-evasion-techniques","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"LhucwspXbGQvz1F5HsJY","title":"Post Exploitation","pathname":"/windows/post-exploitation","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"U0M1u2ds7MDzAF3CxNJp","title":"Miscellaneous","pathname":"/windows/miscellaneous","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"jHfRCMWq1lEWCgiOcj7Q","title":"UAC Bypass","pathname":"/windows/uac-bypass","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"pItpLhyjt5gPFT4vMfjj","title":"Exploits","pathname":"/windows/exploits","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"hzvbbk1ZGwo5w3ByrFiP","title":"MS03-026 - RPC DCOM","pathname":"/windows/exploits/ms03-026-rpc-dcom","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"UT3gAm7cNJLnE3hQRfim","title":"MS04-011 - LSASRV","pathname":"/windows/exploits/ms04-011-lsasrv","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"CDHxClpGHMOcTicNjpMD","title":"MS08-67 - Netapi","pathname":"/windows/exploits/ms08-67-netapi","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"pYAr7qQN3s67N14EG6D6","title":"MS17-010 - Eternalblue","pathname":"/windows/exploits/ms17-010-eternalblue","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"vqMeHX2qm392gtzcsQXZ","title":"CVE-2019-1388","pathname":"/windows/exploits/cve-2019-1388","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"Pn3QSkUT1MGoktDlVoqg","title":"CVE-2020-1472 - Zerologon","pathname":"/windows/exploits/cve-2020-1472-zerologon","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"eN0T0ZizH5ZJpeDyKM6K","title":"CVE-2020-16938","pathname":"/windows/exploits/cve-2020-16938","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"SXiRYTYWEg7vmayY0rot","title":"CVE-2021-1675 - PrintNightmare","pathname":"/windows/exploits/cve-2021-1675-printnightmare","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"SZV3LHqSOM1M3SpmiblW","title":"CVE-2022-21999 - SpoolFool","pathname":"/windows/exploits/cve-2022-21999-spoolfool","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"},{"label":"Exploits"}]},{"id":"POon7WWtz0Mn7cHGBvvt","title":"Coerced Auth","pathname":"/windows/coerced-auth","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Windows"}]},{"id":"nzgjklgujoJxCc29wh9Y","title":"Linux","pathname":"/linux","siteSpaceId":"sitesp_YVw8q","description":"Linux section won't have much details compared to windows."},{"id":"Gv936g4ZJYTs15p24Lh1","title":"Abusing Active Directory ACLs","pathname":"/abusing-active-directory-acls","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"qwp7Pkl2QMlPPH9axyl0","title":"ReadLAPSPassword","pathname":"/abusing-active-directory-acls/readlapspassword","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Abusing Active Directory ACLs"}]},{"id":"kUcVN3AHyJNm7UyEYcPv","title":"WriteDacl","pathname":"/abusing-active-directory-acls/writedacl","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Abusing Active Directory ACLs"}]},{"id":"oJ0NZtu2tk36gc4Lrepx","title":"GenericWrite","pathname":"/abusing-active-directory-acls/genericwrite","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Abusing Active Directory ACLs"}]},{"id":"lyfa8f5SN1oUuIBhVCnV","title":"ForceChangePassword","pathname":"/abusing-active-directory-acls/forcechangepassword","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Abusing Active Directory ACLs"}]},{"id":"0TKAmeNYEIElgaIyJ8xj","title":"WriteOwner","pathname":"/abusing-active-directory-acls/writeowner","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Abusing Active Directory ACLs"}]},{"id":"xi4kEPrbeBLdyBBgXAeb","title":"Port Forwarding - Tunneling","pathname":"/port-forwarding-tunneling","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"dPz2kkRGMx4s8B59evqZ","title":"Cloud","pathname":"/cloud","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"Rj3PbNWCqSdybaznVKUF","title":"Mobile","pathname":"/mobile","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"pRv9RAJaD0DvzkB6cs4d","title":"Malware Development","pathname":"/malware-development","siteSpaceId":"sitesp_YVw8q","description":""},{"id":"R4enZDDKRCgLgJ0Uhwpn","title":"Process Migration","pathname":"/malware-development/process-migration","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"TJorpyK9cywkWda2CGwK","title":"Process Hollowing","pathname":"/malware-development/process-hollowing","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"o1TqZUJVIRWE9IYJ3XOC","title":"Dynamic API Resolution","pathname":"/malware-development/dynamic-api-resolution","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"tv3QsyX0rULFJjP2QMI4","title":"Suspended Threads","pathname":"/malware-development/suspended-threads","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"mxzuoyuMu9Jaq3Q5znUh","title":"PPID Spoofing","pathname":"/malware-development/ppid-spoofing","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"0WI4ALxfaCxrgCPHafBK","title":"Thread Stack Spoofing","pathname":"/malware-development/thread-stack-spoofing","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"81QMM7HzUBYxowdl4oGI","title":"ETW (Event Tracing for Windows)","pathname":"/malware-development/etw-event-tracing-for-windows","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"FaVR04NCxaIIW8cd0dET","title":"AMSI Bypass","pathname":"/malware-development/amsi-bypass","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"QM6RcCYHQwX35i9IxlWh","title":"Tools","pathname":"/malware-development/tools","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]},{"id":"UDyRE7GKOHSTlyJ1VRMo","title":"Esoteric","pathname":"/malware-development/esoteric","siteSpaceId":"sitesp_YVw8q","description":"","breadcrumbs":[{"label":"Malware Development"}]}]}