{"version":1,"pages":[{"id":"8jyMcKzdUaujoA42m9jJ","title":"What is Pentest List Wiki?","pathname":"/","siteSpaceId":"sitesp_qsBwN"},{"id":"lRmyfeNnLmREUSEFBNFa","title":"External Infrastructure","pathname":"/offensive-security/external-infrastructure","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"}]},{"id":"GLSrGIgK91PyDLdJ7H1A","title":"Discovery","pathname":"/offensive-security/external-infrastructure/discovery","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"}]},{"id":"fTK1n0tbERArN4vYU939","title":"Email Address Discovery","pathname":"/offensive-security/external-infrastructure/discovery/email-address-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find email addresses.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Discovery"}]},{"id":"HcjRIScwNcYMmdsTzdE8","title":"Subdomain Discovery","pathname":"/offensive-security/external-infrastructure/discovery/subdomain-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find subdomains.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Discovery"}]},{"id":"oulhWi0y3rAVcSP6Ovsg","title":"Data Discovery","pathname":"/offensive-security/external-infrastructure/discovery/data-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find sensitive data.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Discovery"}]},{"id":"o0Iit6VNtljz8JrSpr6P","title":"Port & Service Discovery","pathname":"/offensive-security/external-infrastructure/discovery/port-and-service-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find open ports and services","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Discovery"}]},{"id":"S3t0gcHHQpBRTBF49ZaV","title":"Exploitation","pathname":"/offensive-security/external-infrastructure/exploitation","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"}]},{"id":"13dlBQWlffAnR9uIpsJ9","title":"Password Spraying","pathname":"/offensive-security/external-infrastructure/exploitation/password-spraying","siteSpaceId":"sitesp_qsBwN","description":"How to password spray.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Exploitation"}]},{"id":"y9YpE7pJnbLTncc04dlt","title":"Vulnerability Scanning","pathname":"/offensive-security/external-infrastructure/exploitation/vulnerability-scanning","siteSpaceId":"sitesp_qsBwN","description":"How to find security vulnerabilities.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"External Infrastructure"},{"label":"Exploitation"}]},{"id":"ddi6u5PhMKbc4Ghvhp31","title":"Internal Infrastructure","pathname":"/offensive-security/internal-infrastructure","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"}]},{"id":"WFg7cbX4Jnp6MVnGvmed","title":"General Discovery","pathname":"/offensive-security/internal-infrastructure/general-discovery","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"}]},{"id":"SN4kM0dtmBwKd5ZM0Xek","title":"AD Attack Path Discovery","pathname":"/offensive-security/internal-infrastructure/general-discovery/ad-attack-path-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find exploitable active directory paths.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"General Discovery"}]},{"id":"5XT7itgAhWTHbMXQZ2mD","title":"Port & Service Discovery","pathname":"/offensive-security/internal-infrastructure/general-discovery/port-and-service-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find open ports and services on an internal network.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"General Discovery"}]},{"id":"GT6layiriReTdAVMvHGd","title":"Credential Discovery","pathname":"/offensive-security/internal-infrastructure/credential-discovery","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"}]},{"id":"f8MR5Cs49gPbsPSB2eOw","title":"Passwords and NetNTLM","pathname":"/offensive-security/internal-infrastructure/credential-discovery/passwords-and-netntlm","siteSpaceId":"sitesp_qsBwN","description":"How to find cleartext passwords and NetNTLM hashes.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"m636jxCNa6J2KE2PtSyU","title":"SAM & LSA secrets","pathname":"/offensive-security/internal-infrastructure/credential-discovery/sam-and-lsa-secrets","siteSpaceId":"sitesp_qsBwN","description":"How to find local user passwords, hashes and secrets.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"arbunTXpgENjXforroiU","title":"NTDS.dit secrets","pathname":"/offensive-security/internal-infrastructure/credential-discovery/ntds.dit-secrets","siteSpaceId":"sitesp_qsBwN","description":"How to find sensitive data in NTDS.dit.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"1ZJJ8Vh9FZI52p0MHSwJ","title":"LSASS secrets","pathname":"/offensive-security/internal-infrastructure/credential-discovery/lsass-secrets","siteSpaceId":"sitesp_qsBwN","description":"How to find sensitive data in the LSASS.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"DAuAdv4t3uhMtcyYC5YH","title":"DCSync","pathname":"/offensive-security/internal-infrastructure/credential-discovery/dcsync","siteSpaceId":"sitesp_qsBwN","description":"How to find sensitive data using a DCSync.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"0W6d48QmsXaA03Jg1RDF","title":"DPAPI secrets","pathname":"/offensive-security/internal-infrastructure/credential-discovery/dpapi-secrets","siteSpaceId":"sitesp_qsBwN","description":"How to find local user sensitive data.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Credential Discovery"}]},{"id":"dzZLp0gVnrbCbNbly1Ml","title":"Movement","pathname":"/offensive-security/internal-infrastructure/movement","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"}]},{"id":"HioMEjxTvfwtz7QnawOm","title":"Credential Spraying","pathname":"/offensive-security/internal-infrastructure/movement/credential-spraying","siteSpaceId":"sitesp_qsBwN","description":"How to find and use internal credentials.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Movement"}]},{"id":"yFJSaFgRVAbmXqjsgeiW","title":"SMB Relaying","pathname":"/offensive-security/internal-infrastructure/movement/smb-relaying","siteSpaceId":"sitesp_qsBwN","description":"How to relay credentials.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Movement"}]},{"id":"D0fglk2mOQvf3uKXNzUt","title":"Pass The Hash","pathname":"/offensive-security/internal-infrastructure/movement/pass-the-hash","siteSpaceId":"sitesp_qsBwN","description":"How to Pass The Hash Attack.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Movement"}]},{"id":"QVSbY34i4Vzza2kQu7CJ","title":"Infiltration/Exfiltration","pathname":"/offensive-security/internal-infrastructure/infiltration-exfiltration","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"}]},{"id":"hx0tVLDAjOhxgYyE2yV1","title":"Pivoting (Proxying)","pathname":"/offensive-security/internal-infrastructure/infiltration-exfiltration/pivoting-proxying","siteSpaceId":"sitesp_qsBwN","description":"How to pivot and proxy from an internal network","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Internal Infrastructure"},{"label":"Infiltration/Exfiltration"}]},{"id":"PYD6YCU1umfGHRPcnSii","title":"Web Application","pathname":"/offensive-security/web-application","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"}]},{"id":"QMAJQ3LmSDnqOMi3lucx","title":"Discovery","pathname":"/offensive-security/web-application/discovery","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"}]},{"id":"zVVzAArbAHUFSIR8ofYL","title":"Testing API Keys","pathname":"/offensive-security/web-application/discovery/testing-api-keys","siteSpaceId":"sitesp_qsBwN","description":"How to exploit an API key.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"hPTNKyzPw2cyFd3ybQXK","title":"Vulnerability Scan","pathname":"/offensive-security/web-application/discovery/vulnerability-scan","siteSpaceId":"sitesp_qsBwN","description":"How to vulnerability scan a web application and API.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"ozqPQJYnvQXVEZ56LoQ8","title":"Web Content Discovery","pathname":"/offensive-security/web-application/discovery/web-content-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to discover files and directories.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"zF1ZU9AtFQdeMy2au290","title":"Parameter Discovery","pathname":"/offensive-security/web-application/discovery/parameter-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to discover web parameters.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"tk7pmRaYwfpkunpo6nKd","title":"VHOST Discovery","pathname":"/offensive-security/web-application/discovery/vhost-discovery","siteSpaceId":"sitesp_qsBwN","description":"How to find virtual hosts on a web server.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"T6V5MPCekKraFzXxCMVa","title":"CMS Scanners","pathname":"/offensive-security/web-application/discovery/cms-scanners","siteSpaceId":"sitesp_qsBwN","description":"How to review a Content Management System.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Discovery"}]},{"id":"VTodOqa9jiYPfyixYkEE","title":"Exploitation","pathname":"/offensive-security/web-application/exploitation","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"}]},{"id":"ClJbSc2boUcGyB9I779p","title":"Authentication","pathname":"/offensive-security/web-application/exploitation/authentication","siteSpaceId":"sitesp_qsBwN","description":"How to exploit web application authentication","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"}]},{"id":"XsOKaAZPgEKBMWKjLoBE","title":"Email Address Forms","pathname":"/offensive-security/web-application/exploitation/authentication/email-address-forms","siteSpaceId":"sitesp_qsBwN","description":"How to exploit login and forgotten password forms.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"},{"label":"Authentication"}]},{"id":"GhxASIbzKY8D5zW7bEoE","title":"AWS Cognito","pathname":"/offensive-security/web-application/exploitation/authentication/aws-cognito","siteSpaceId":"sitesp_qsBwN","description":"How to exploit AWS Cognito.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"},{"label":"Authentication"}]},{"id":"wqlur2vx6QrEraJL4FaF","title":"JSON Web Tokens","pathname":"/offensive-security/web-application/exploitation/json-web-tokens","siteSpaceId":"sitesp_qsBwN","description":"How to exploit JSON Web Tokens.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"}]},{"id":"LzdLgJ6M46FYwCDmDSSR","title":"Injection Attacks","pathname":"/offensive-security/web-application/exploitation/injection-attacks","siteSpaceId":"sitesp_qsBwN","description":"How to exploit injection attacks.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"}]},{"id":"t30Zwp1RTEmAW6smztfl","title":"SQL Injection","pathname":"/offensive-security/web-application/exploitation/injection-attacks/sql-injection","siteSpaceId":"sitesp_qsBwN","description":"How to exploit SQL and noSQL Injection.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"},{"label":"Injection Attacks"}]},{"id":"9khuIduJWBdL8lh1dWKM","title":"Cross-Site Scripting","pathname":"/offensive-security/web-application/exploitation/injection-attacks/cross-site-scripting","siteSpaceId":"sitesp_qsBwN","description":"How to exploit cross-site scripting (XSS).","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"},{"label":"Injection Attacks"}]},{"id":"DZKTjSW0oFDFY9xsDZDF","title":"HTTP Headers","pathname":"/offensive-security/web-application/exploitation/injection-attacks/http-headers","siteSpaceId":"sitesp_qsBwN","description":"How to exploit HTTP Headers.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Exploitation"},{"label":"Injection Attacks"}]},{"id":"6wpC0suFUPhXocv6ELrx","title":"Bypasses","pathname":"/offensive-security/web-application/bypasses","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"}]},{"id":"MmphVC91rxHFNWjbrJbq","title":"Cloudflare Bypass","pathname":"/offensive-security/web-application/bypasses/cloudflare-bypass","siteSpaceId":"sitesp_qsBwN","description":"How to bypass Cloudflare.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Bypasses"}]},{"id":"kZIaDETNSGh6LpJF6JOI","title":"HTTP 403 Bypass","pathname":"/offensive-security/web-application/bypasses/http-403-bypass","siteSpaceId":"sitesp_qsBwN","description":"How to bypass HTTP 403 statuses.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Web Application"},{"label":"Bypasses"}]},{"id":"hw3Hp4m37nyEVFXtaGJM","title":"Mobile (iOS/Android)","pathname":"/offensive-security/mobile-ios-android","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"}]},{"id":"VfTipm6OdnvWDaTCwKqP","title":"iOS","pathname":"/offensive-security/mobile-ios-android/ios","siteSpaceId":"sitesp_qsBwN","description":"How to perform an iOS Security Assessment","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Mobile (iOS/Android)"}]},{"id":"fGVLleAFHU8D3vMQhPfd","title":"IPA Decryption","pathname":"/offensive-security/mobile-ios-android/ios/ipa-decryption","siteSpaceId":"sitesp_qsBwN","description":"How to decrypt and IPA file.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Mobile (iOS/Android)"},{"label":"iOS"}]},{"id":"hM9kabqFJPojY7YdRSyo","title":"Filesystem Analysis","pathname":"/offensive-security/mobile-ios-android/ios/filesystem-analysis","siteSpaceId":"sitesp_qsBwN","description":"How to analyse an iOS filesystem.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Mobile (iOS/Android)"},{"label":"iOS"}]},{"id":"kPePbj4KPU7BvY4vlhW1","title":"Static Analysis","pathname":"/offensive-security/mobile-ios-android/ios/static-analysis","siteSpaceId":"sitesp_qsBwN","description":"How to review an IPA file.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Mobile (iOS/Android)"},{"label":"iOS"}]},{"id":"6ShdlZYy1nFVSt2MvboC","title":"Cloud","pathname":"/offensive-security/cloud","siteSpaceId":"sitesp_qsBwN","breadcrumbs":[{"label":"OFFENSIVE SECURITY"}]},{"id":"p6mu69yw0wbjv0TpbzSg","title":"AWS","pathname":"/offensive-security/cloud/aws","siteSpaceId":"sitesp_qsBwN","description":"How to perform an AWS security assessment","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"}]},{"id":"yjP0RbtU3J9V38azwcMQ","title":"Vulnerability Scanners","pathname":"/offensive-security/cloud/aws/vulnerability-scanners","siteSpaceId":"sitesp_qsBwN","description":"Tools to exploit AWS.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"},{"label":"AWS"}]},{"id":"aaN5sBNCzLrCoQa39wxV","title":"S3 Buckets","pathname":"/offensive-security/cloud/aws/s3-buckets","siteSpaceId":"sitesp_qsBwN","description":"How to exploit S3 Buckets.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"},{"label":"AWS"}]},{"id":"QpBMTK9DxVmlMLigZ1f7","title":"Azure","pathname":"/offensive-security/cloud/azure","siteSpaceId":"sitesp_qsBwN","description":"How to perform an Azure security assessment","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"}]},{"id":"LBAGmWxIiziZhcZRarw2","title":"Vulnerability Scanners","pathname":"/offensive-security/cloud/azure/vulnerability-scanners","siteSpaceId":"sitesp_qsBwN","description":"Tools to exploit Azure.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"},{"label":"Azure"}]},{"id":"VpuzUEOLGZt6PcHQ4qxz","title":"m365 & Entra ID","pathname":"/offensive-security/cloud/azure/m365-and-entra-id","siteSpaceId":"sitesp_qsBwN","description":"Tools to exploit m365 and Entra ID.","breadcrumbs":[{"label":"OFFENSIVE SECURITY"},{"label":"Cloud"},{"label":"Azure"}]},{"id":"jvpLK9tqixmQHubQAiSj","title":"Forged Kerberos Tickets","pathname":"/defensive-security/forged-kerberos-tickets","siteSpaceId":"sitesp_qsBwN","description":"How to detect forged Kerberos tickets.","breadcrumbs":[{"label":"DEFENSIVE SECURITY"}]},{"id":"wSCR6Hq7KQWKAo5RmxEy","title":"Logon Event Visualisation","pathname":"/defensive-security/logon-event-visualisation","siteSpaceId":"sitesp_qsBwN","description":"How to detect forged Kerberos tickets.","breadcrumbs":[{"label":"DEFENSIVE SECURITY"}]}]}