# Certification Preparation

- [CPTS - Completed](/pentesting-notes/certification-preparation/cpts-prep.md)
- [Infrastructure Enumeration](/pentesting-notes/certification-preparation/cpts-prep/footprinting.md)
- [Firewall Evasion](/pentesting-notes/certification-preparation/cpts-prep/firewall-evasion.md)
- [Vulnerability Assessment](/pentesting-notes/certification-preparation/cpts-prep/vulnerability-assessment.md)
- [File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods.md)
- [Windows File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/windows-file-transfers.md)
- [Linux File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/linux-file-transfers.md)
- [Code File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/code-file-transfers.md)
- [Miscellaneous File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/miscellaneous-file-transfers.md)
- [Protected File Transfer Methods](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/protected-file-transfers.md)
- [Living off The Land File Transfers](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/living-off-the-land-file-transfers.md)
- [File Transfer Detection](/pentesting-notes/certification-preparation/cpts-prep/file-transfer-methods/file-transfer-detection.md)
- [Shells & Payloads](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads.md)
- [Shell Basics](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads/shell-basics.md)
- [Payloads](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads/payloads.md)
- [Windows Shells](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads/windows-shells.md)
- [NIX Shells](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads/nix-shells.md)
- [Web Shells](/pentesting-notes/certification-preparation/cpts-prep/shells-and-payloads/web-shells.md)
- [Database Services](/pentesting-notes/certification-preparation/cpts-prep/database-services.md)
- [MySQL Enumeration](/pentesting-notes/certification-preparation/cpts-prep/database-services/mysql-enumeration.md)
- [MSSQL Enumeration](/pentesting-notes/certification-preparation/cpts-prep/database-services/mssql-enumeration.md)
- [Oracle TNS Enumeration](/pentesting-notes/certification-preparation/cpts-prep/database-services/oracle-enumeration.md)
- [SQL Basics](/pentesting-notes/certification-preparation/cpts-prep/database-services/sql-basics.md)
- [SQL Injection Cheatsheet](/pentesting-notes/certification-preparation/cpts-prep/database-services/sql-injection-cheatsheet.md)
- [Network Services](/pentesting-notes/certification-preparation/cpts-prep/network-services.md)
- [FTP Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/ftp-enumeration.md)
- [SMB Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/smb-enumeration.md)
- [NFS Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/nfs-enumeration.md)
- [SMTP Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/smtp-enumeration.md)
- [Email Services (IMAP/POP3)](/pentesting-notes/certification-preparation/cpts-prep/network-services/email-enumeration.md)
- [SNMP Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/snmp-enumeration.md)
- [IPMI Enumeration](/pentesting-notes/certification-preparation/cpts-prep/network-services/ipmi-enumeration.md)
- [Attacking Common Services](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services.md)
- [FTP Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/ftp-attacks.md)
- [SMB Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/smb-attacks.md)
- [SQL Database Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/sql-attacks.md)
- [DNS Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/dns-attacks.md)
- [RDP Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/rdp-attacks.md)
- [Email Services Attacks](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/smtp-attacks.md)
- [Skills Assessment Scenarios](/pentesting-notes/certification-preparation/cpts-prep/attacking-common-services/skills-assessment.md)
- [Pivoting, Tunneling & Port Forwarding](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding.md)
- [Module Overview](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/pivoting-overview.md)
- [SSH Tunneling Complete Guide](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/ssh-tunneling.md)
- [Dynamic Port Forwarding](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/dynamic-port-forwarding.md)
- [Remote Port Forwarding](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/remote-port-forwarding.md)
- [Chisel SOCKS5 Tunneling](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/chisel-socks5-tunneling.md)
- [SSHuttle Pivoting](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/sshuttle-pivoting.md)
- [Meterpreter Tunneling](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/meterpreter-tunneling.md)
- [Socat Redirection](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/socat-redirection.md)
- [Plink Windows Pivoting](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/plink-windows-pivoting.md)
- [Netsh Port Forwarding](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/netsh-windows-portforward.md)
- [SocksOverRDP](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/socksoverrdp-windows-pivoting.md)
- [Rpivot Web Pivoting](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/rpivot-web-pivoting.md)
- [DNS Tunneling with dnscat2](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/dnscat2-dns-tunneling.md)
- [ICMP Tunneling with ptunnel-ng](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/ptunnel-ng-icmp-tunneling.md)
- [Complete Skills Assessment](/pentesting-notes/certification-preparation/cpts-prep/pivoting-tunneling-and-port-forwarding/skills-assessment-complete-walkthrough.md)
- [Active Directory Enumeration & Attacks](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks.md)
- [Initial Domain Enumeration](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/initial-enumeration-domain.md)
- [LLMNR/NBT-NS Poisoning from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/llmnr-nbt-ns-poisoning-linux.md)
- [LLMNR/NBT-NS Poisoning from Windows](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/llmnr-nbt-ns-poisoning-windows.md)
- [Password Policy Enumeration](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/password-policy-enumeration.md)
- [Password Spraying - Target User Lists](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/password-spraying-user-list.md)
- [Password Spraying from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/password-spraying-linux.md)
- [Password Spraying from Windows](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/password-spraying-windows.md)
- [Security Controls Enumeration](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/security-controls-enumeration.md)
- [Credentialed Enumeration from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/credentialed-enumeration-linux.md)
- [Credentialed Enumeration from Windows](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/credentialed-enumeration-windows.md)
- [Living Off the Land](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/living-off-the-land.md)
- [Kerberoasting from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/kerberoasting-linux.md)
- [Kerberoasting from Windows](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/kerberoasting-windows.md)
- [ACL Enumeration](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/acl-enumeration.md)
- [ACL Abuse Tactics](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/acl-abuse-tactics.md)
- [DCSync Attack](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/dcsync-attack.md)
- [Privileged Access](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/privileged-access.md)
- [Kerberos "Double Hop" Problem](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/kerberos-double-hop-problem.md)
- [Bleeding Edge Vulnerabilities](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/bleeding-edge-vulnerabilities.md)
- [Miscellaneous Misconfigurations](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/miscellaneous-misconfigurations.md)
- [Domain Trusts Primer](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/domain-trusts-primer.md)
- [Child → Parent Trust Attacks](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/child-parent-trust-attacks.md)
- [Child → Parent Trust Attacks - from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/child-parent-trust-attacks-linux.md)
- [Cross-Forest Trust Abuse - from Windows](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/cross-forest-trust-abuse-windows.md)
- [Cross-Forest Trust Abuse - from Linux](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/cross-forest-trust-abuse-linux.md)
- [Skills Assessment Part I - Complete Walkthrough](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/skills-assessment-part-1.md)
- [Skills Assessment Part II - Advanced Professional Methodology](/pentesting-notes/certification-preparation/cpts-prep/active-directory-enumeration-and-attacks/skills-assessment-part-2.md)
- [Remote Management](/pentesting-notes/certification-preparation/cpts-prep/remote-management.md)
- [Remote Management Overview](/pentesting-notes/certification-preparation/cpts-prep/remote-management/remote-management.md)
- [Linux Remote Protocols](/pentesting-notes/certification-preparation/cpts-prep/remote-management/linux-remote-protocols.md)
- [Windows Remote Protocols](/pentesting-notes/certification-preparation/cpts-prep/remote-management/windows-remote-protocols.md)
- [Web Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-enumeration.md)
- [Web Information Gathering](/pentesting-notes/certification-preparation/cpts-prep/web-enumeration/web-information-gathering.md)
- [Subdomain Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-enumeration/subdomain-enumeration.md)
- [Web Application Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-enumeration/web-application-enumeration.md)
- [Web Application Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks.md)
- [Cross-Site Scripting (XSS)](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/xss-cross-site-scripting.md)
- [File Inclusion](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion.md)
- [Basic LFI Techniques](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/basic-lfi-techniques.md)
- [Advanced Bypasses & PHP Filters](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/advanced-bypasses-filters.md)
- [PHP Wrappers for RCE](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/php-wrappers-rce.md)
- [Remote File Inclusion (RFI)](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/remote-file-inclusion.md)
- [File Upload + LFI](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/file-upload-lfi.md)
- [Log Poisoning Techniques](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/log-poisoning-techniques.md)
- [Automated Scanning & Tools](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/automated-scanning-tools.md)
- [Prevention & Hardening](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/prevention-hardening.md)
- [Skills Assessment Walkthrough](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-inclusion/skills-assessment-walkthrough.md)
- [File Upload Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks.md)
- [Upload Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/upload-exploitation.md)
- [Client-Side Validation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/client-side-validation.md)
- [Blacklist Filters](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/blacklist-filters.md)
- [Basic Bypass Techniques](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/basic-bypass-techniques.md)
- [Type Filters](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/type-filters.md)
- [Limited File Uploads](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/limited-file-uploads.md)
- [Advanced Bypass Methods](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/advanced-bypass-methods.md)
- [Other Upload Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/other-upload-attacks.md)
- [Prevention & Hardening](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/prevention-and-hardening.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/file-upload-attacks/skills-assessment-walkthrough.md)
- [Command Injection](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection.md)
- [Detection Methods](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/detection-methods.md)
- [Basic Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/basic-exploitation.md)
- [Advanced Operators](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/advanced-operators.md)
- [Filter Identification](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/filter-identification.md)
- [Bypassing Space Filters](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/bypassing-space-filters.md)
- [Bypassing Character Filters](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/bypassing-character-filters.md)
- [Bypassing Blacklisted Commands](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/bypassing-blacklisted-commands.md)
- [Advanced Command Obfuscation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/advanced-command-obfuscation.md)
- [Evasion Tools](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/evasion-tools.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/command-injection/skills-assessment-walkthrough.md)
- [Web Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/web-attacks.md)
- [HTTP Verb Tampering](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/web-attacks/http-verb-tampering.md)
- [Insecure Direct Object References (IDOR)](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/web-attacks/idor-attacks.md)
- [XML External Entity (XXE) Injection](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/web-attacks/xxe-injection.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/web-attacks/skills-assessment.md)
- [Attacking Common Applications](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications.md)
- [WordPress Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/wordpress-discovery-enumeration.md)
- [WordPress Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/wordpress-attacks.md)
- [Joomla Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/joomla-discovery-enumeration.md)
- [Joomla Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/joomla-attacks.md)
- [Drupal Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/drupal-discovery-enumeration.md)
- [Drupal Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/drupal-attacks.md)
- [Tomcat Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/tomcat-discovery-enumeration.md)
- [Tomcat Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/tomcat-attacks.md)
- [Jenkins Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/jenkins-discovery-enumeration.md)
- [Jenkins Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/jenkins-attacks.md)
- [Splunk Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/splunk-discovery-enumeration.md)
- [Splunk Attacks & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/splunk-attacks.md)
- [GitLab Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/gitlab-discovery-enumeration.md)
- [ColdFusion Discovery & Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/coldfusion-discovery-enumeration.md)
- [IIS Tilde Enumeration](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/iis-tilde-enumeration.md)
- [CGI Shellshock Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/cgi-shellshock-attacks.md)
- [LDAP Injection Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/ldap-injection-attacks.md)
- [osTicket Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/osticket-attacks.md)
- [PRTG Attacks](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/prtg-attacks.md)
- [Binary Reverse Engineering](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/binary-reverse-engineering.md)
- [Other Notable Applications](/pentesting-notes/certification-preparation/cpts-prep/web-application-attacks/attacking-common-applications/other-notable-applications.md)
- [Password Attacks & Lateral Movement](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement.md)
- [Complete Assessment Workflows](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/complete-assessment-workflows.md)
- [Skills Assessment - Complete Password Attacks Workflow](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/complete-assessment-workflows/skills-assessment-workflow.md)
- [Active Directory Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/active-directory-attacks.md)
- [NTDS.dit Extraction & Analysis](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/active-directory-attacks/active-directory-ntds-attacks.md)
- [Active Directory Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/active-directory-attacks/active-directory-attacks.md)
- [Lateral Movement Techniques](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/lateral-movement-techniques.md)
- [Pass the Hash (PtH) Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/lateral-movement-techniques/pass-the-hash.md)
- [Pass the Ticket (PtT) Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/lateral-movement-techniques/pass-the-ticket.md)
- [Pass the Certificate (ESC8 & ADCS)](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/lateral-movement-techniques/pass-the-certificate.md)
- [Pass the Ticket from Linux](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/lateral-movement-techniques/pass-the-ticket-linux.md)
- [Windows Password Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/windows-password-attacks.md)
- [Windows Password Techniques](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/windows-password-attacks/windows-passwords.md)
- [Credential Hunting in Windows](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/windows-password-attacks/credential-hunting-windows.md)
- [Linux Password Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/linux-password-attacks.md)
- [Credential Hunting in Linux](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/linux-password-attacks/credential-hunting-linux.md)
- [Network & Service Attacks](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/network-and-service-attacks.md)
- [Network Services Brute Force](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/network-and-service-attacks/network-services.md)
- [Network Traffic Credential Hunting](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/network-and-service-attacks/credential-hunting-network.md)
- [Network Shares Credential Hunting](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/network-and-service-attacks/credential-hunting-shares.md)
- [Hash Cracking & Tools](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/hash-cracking-and-tools.md)
- [Hashcat Techniques](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/hash-cracking-and-tools/hashcat.md)
- [John the Ripper](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/hash-cracking-and-tools/john-the-ripper.md)
- [Custom Wordlists & Rules](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/hash-cracking-and-tools/custom-wordlists-rules.md)
- [Cracking Protected Files](/pentesting-notes/certification-preparation/cpts-prep/password-attacks-and-lateral-movement/hash-cracking-and-tools/cracking-protected-files.md)
- [Windows Privilege Escalation](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation.md)
- [Module Overview](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/windows-priv-esc.md)
- [Situational Awareness](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/situational-awareness.md)
- [Initial Enumeration](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/initial-enumeration.md)
- [Communication with Processes](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/communication-with-processes.md)
- [SeImpersonate & SeAssignPrimaryToken](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/seimpersonate-privilege-escalation.md)
- [SeDebugPrivilege](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/sedebug-privilege-escalation.md)
- [SeTakeOwnershipPrivilege](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/setakeownership-privilege-escalation.md)
- [Windows Built-in Groups](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/windows-builtin-groups.md)
- [Event Log Readers](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/event-log-readers.md)
- [DnsAdmins](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/dnsadmins-privilege-escalation.md)
- [Hyper-V Administrators](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/hyperv-administrators.md)
- [Print Operators](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/print-operators.md)
- [Server Operators](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/server-operators.md)
- [UAC Bypass](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/uac-bypass.md)
- [Weak Permissions](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/weak-permissions.md)
- [Kernel Exploits](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/kernel-exploits.md)
- [Vulnerable Services](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/vulnerable-services.md)
- [Credential Hunting](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/credential-hunting.md)
- [Other Files](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/other-files.md)
- [Further Credential Theft](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/further-credential-theft.md)
- [Citrix Breakout](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/citrix-breakout.md)
- [Interacting with Users](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/interacting-with-users.md)
- [Pillaging](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/pillaging.md)
- [Miscellaneous Techniques](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/miscellaneous-techniques.md)
- [Windows Server 2008](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/windows-server-2008.md)
- [Windows 7 Exploitation](/pentesting-notes/certification-preparation/cpts-prep/windows-privilege-escalation/windows-7-exploitation.md)
- [Linux Privilege Escalation](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation.md)
- [Module Overview](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/linux-priv-esc.md)
- [Environment Enumeration](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/environment-enumeration.md)
- [Services & Internals Enumeration](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/services-internals-enumeration.md)
- [Credential Hunting](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/credential-hunting.md)
- [PATH Abuse](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/path-abuse.md)
- [Wildcard Abuse](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/wildcard-abuse.md)
- [Escaping Restricted Shells](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/escaping-restricted-shells.md)
- [Special Permissions](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/special-permissions.md)
- [Sudo Rights Abuse](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/sudo-rights-abuse.md)
- [Privileged Groups](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/privileged-groups.md)
- [Capabilities](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/capabilities.md)
- [Vulnerable Services](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/vulnerable-services.md)
- [Cron Job Abuse](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/cron-job-abuse.md)
- [LXD Container Escape](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/lxd-container-escape.md)
- [Docker Container Escape](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/docker-container-escape.md)
- [Logrotate Exploitation](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/logrotate-exploitation.md)
- [Miscellaneous Techniques](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/miscellaneous-techniques.md)
- [Shared Libraries](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/shared-libraries.md)
- [Shared Object Hijacking](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/shared-object-hijacking.md)
- [Python Library Hijacking](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/python-library-hijacking.md)
- [Sudo CVE Exploits](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/sudo-cve-exploits.md)
- [Polkit/Pwnkit](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/polkit-pwnkit.md)
- [Dirty Pipe](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/dirty-pipe.md)
- [Netfilter Kernel Exploits](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/netfilter-kernel-exploits.md)
- [Linux Hardening](/pentesting-notes/certification-preparation/cpts-prep/linux-privilege-escalation/linux-hardening.md)
- [Documentation & Reporting](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting.md)
- [Notetaking & Organization](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/notetaking-organization.md)
- [Types of Reports](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/types-of-reports.md)
- [Components of a Report](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/components-of-a-report.md)
- [How to Write Up a Finding](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/how-to-write-up-a-finding.md)
- [Reporting Tips and Tricks](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/reporting-tips-and-tricks.md)
- [HTB Academy Example](/pentesting-notes/certification-preparation/cpts-prep/documentation-and-reporting/htb_academy_example.md)
- [Attacking Enterprise Networks](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks.md)
- [External Information Gathering](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/external-information-gathering.md)
- [Service Enumeration & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/service-enumeration-exploitation.md)
- [Web Enumeration & Exploitation](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/web-enumeration-exploitation.md)
- [Initial Access](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/initial-access.md)
- [Post-Exploitation Persistence](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/post-exploitation-persistence.md)
- [Internal Information Gathering](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/internal-information-gathering.md)
- [Exploitation & Privilege Escalation](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/exploitation-privilege-escalation.md)
- [Lateral Movement](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/lateral-movement.md)
- [Active Directory Compromise](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/active-directory-compromise.md)
- [Post-Exploitation](/pentesting-notes/certification-preparation/cpts-prep/attacking-enterprise-networks/post-exploitation.md)
- [CWEE Preparation](/pentesting-notes/certification-preparation/cwee-prep.md)
- [Injection Attacks](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction.md)
- [XPath Injection](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1.md)
- [Authentication Bypass](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1/auth-bypass.md)
- [Data Exfiltration](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1/data-exfiltration.md)
- [Advanced Data Exfiltration](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1/advanced-data-exfiltration.md)
- [Blind Exploitation](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1/blind-exploitation.md)
- [Prevention & Tools](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-1/prevention-and-tools.md)
- [LDAP Injection](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-2.md)
- [Authentication Bypass](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-2/auth-bypass.md)
- [Data Exfiltration & Blind Exploitation](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-2/data-exfiltration-blind.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-2/prevention.md)
- [HTML Injection in PDF Generators](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-3.md)
- [Exploitation](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-3/exploitation.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-3/prevention.md)
- [NoSQL Injection](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4.md)
- [Bypassing Authentication](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4/authentication-bypass.md)
- [In-Band Data Extraction](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4/in-band-data-extraction.md)
- [Blind Data Extraction](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4/blind-data-extraction.md)
- [Automating Blind Extraction](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4/automating-blind-extraction.md)
- [Server-Side JavaScript Injection](/pentesting-notes/certification-preparation/cwee-prep/injection-attacks/introduction-4/server-side-javascript-injection.md)
- [Attacking Authentication Mechanisms](/pentesting-notes/certification-preparation/cwee-prep/introduction.md)
- [JWT](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt.md)
- [Attacking Signature Verification](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt/attacking-signature-verification.md)
- [Attacking the Signing Secret](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt/attacking-signing-secret.md)
- [Algorithm Confusion](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt/algorithm-confusion.md)
- [Further JWT Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt/further-jwt-attacks.md)
- [JWT Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction/jwt/tools-and-prevention.md)
- [OAuth](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction.md)
- [Stealing Access Tokens](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction/stealing-access-tokens.md)
- [Improper CSRF Protection](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction/improper-csrf-protection.md)
- [Additional OAuth Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction/additional-vulnerabilities.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction/prevention.md)
- [SAML](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction-1.md)
- [Signature Exclusion Attack](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction-1/signature-exclusion-attack.md)
- [Signature Wrapping Attack](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction-1/signature-wrapping-attack.md)
- [Additional SAML Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction-1/additional-saml-vulnerabilities.md)
- [SAML Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction/introduction-1/saml-tools-and-prevention.md)
- [Advanced XSS and CSRF Exploitation](/pentesting-notes/certification-preparation/cwee-prep/introduction-1.md)
- [Lab Environment](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/lab-environment.md)
- [\[CSRF Exploitation\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation.md)
- [Same-Origin Policy & CORS](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation/same-origin-policy-and-cors.md)
- [CORS Misconfigurations](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation/cors-misconfigurations.md)
- [Bypassing CSRF Tokens via CORS](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation/bypassing-csrf-tokens-via-cors-misconfigurations.md)
- [Misc CSRF Exploitation](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation/misc-csrf-exploitation.md)
- [CSRF Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/csrf-exploitation/csrf-vulnerability-prevention.md)
- [\[XSS Exploitation\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/introduction.md)
- [Launching Attacks from Victim's Session](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/launching-attacks-from-victim-session.md)
- [Enumerating Internal APIs](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/enumerating-internal-apis.md)
- [Exploiting Internal Web Apps I](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/exploiting-internal-web-applications-1.md)
- [Exploiting Internal Web Apps II](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/exploiting-internal-web-applications-2.md)
- [Content-Security Policy (CSP)](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/content-security-policy-csp.md)
- [Bypassing Weak CSPs](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/bypassing-weak-csps.md)
- [XSS Filter Bypasses](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/xss-filter-bypasses.md)
- [XSS Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/xss-exploitation/xss-vulnerability-prevention.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-1/skills-assessment.md)
- [Abusing HTTP Misconfigurations](/pentesting-notes/certification-preparation/cwee-prep/introduction-2.md)
- [\[Host Header Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/introduction.md)
- [Bypassing Flawed Validation](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/bypassing-flawed-validation.md)
- [Password Reset Poisoning](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/password-reset-poisoning.md)
- [Web Cache Poisoning](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/web-cache-poisoning.md)
- [Web Cache Deception](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/web-cache-deception.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/host-header-attacks/prevention.md)
- [\[Web Cache Poisoning\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning/introduction.md)
- [Identifying Unkeyed Parameters](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning/identifying-unkeyed-parameters.md)
- [Web Cache Poisoning Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning/web-cache-poisoning-attacks.md)
- [Advanced Techniques](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning/advanced-cache-poisoning-techniques.md)
- [Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/web-cache-poisoning/tools-and-prevention.md)
- [\[Session Puzzling\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/introduction.md)
- [Weak Session IDs](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/weak-session-ids.md)
- [Common Session Variables - Auth Bypass](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/common-session-variables-auth-bypass.md)
- [Common Session Variables - Account Takeover](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/common-session-variables-account-takeover.md)
- [Premature Session Population](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/premature-session-population-auth-bypass.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/prevention.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/session-puzzling/skills-assessment.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-2/skills-assessment.md)
- [HTTP Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-3.md)
- [\[CRLF Injection\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection/introduction.md)
- [Log Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection/log-injection.md)
- [HTTP Response Splitting](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection/http-response-splitting.md)
- [SMTP Header Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection/smtp-header-injection.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/crlf-injection/prevention.md)
- [\[HTTP Request Smuggling\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/introduction.md)
- [CL.TE Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/cl-te.md)
- [TE.CL Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/te-cl.md)
- [TE.TE Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/te-te.md)
- [Vulnerable Software](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/vulnerable-software.md)
- [Exploitation Techniques](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/exploitation-techniques.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-request-smuggling/prevention.md)
- [\[HTTP/2 Downgrading\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-2-downgrading.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-2-downgrading/introduction.md)
- [Downgrading Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-2-downgrading/downgrading.md)
- [Advanced H2 Vulnerabilities](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-2-downgrading/advanced-h2-vulnerabilities.md)
- [Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/http-2-downgrading/prevention.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-3/skills-assessment.md)
- [HTTPS/TLS Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-4.md)
- [\[Introduction to HTTPS/TLS\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/introduction-to-https-tls.md)
- [Public Key Infrastructure](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/introduction-to-https-tls/public-key-infrastructure.md)
- [TLS 1.2 Handshake](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/introduction-to-https-tls/tls-1-2-handshake.md)
- [TLS 1.3](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/introduction-to-https-tls/tls-1-3.md)
- [\[Padding Oracle Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/padding-oracle-attacks.md)
- [Padding Oracles](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/padding-oracle-attacks/padding-oracles.md)
- [POODLE & BEAST](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/padding-oracle-attacks/poodle-beast.md)
- [Bleichenbacher & DROWN](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/padding-oracle-attacks/bleichenbacher-drown.md)
- [\[Misc Attacks & Misconfigurations\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/misc-attacks-and-misconfigurations.md)
- [Heartbleed Bug](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/misc-attacks-and-misconfigurations/heartbleed-bug.md)
- [\[Further Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/further-attacks.md)
- [SSL Stripping](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/further-attacks/ssl-stripping.md)
- [Cryptographic Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/further-attacks/cryptographic-attacks.md)
- [Downgrade Attacks](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/further-attacks/downgrade-attacks.md)
- [Testing TLS Configuration](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/testing-tls-configuration.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-4/skills-assessment.md)
- [Blind SQL Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-5.md)
- [Introduction to Blind SQLi](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/blind-sqli-intro.md)
- [\[Boolean-based SQLi\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/boolean-based-sqli.md)
- [Identifying Boolean-based](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/boolean-based-sqli/identifying-boolean-based.md)
- [Designing the Oracle](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/boolean-based-sqli/designing-the-oracle.md)
- [Extracting Data](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/boolean-based-sqli/extracting-data.md)
- [Optimizing](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/boolean-based-sqli/optimizing.md)
- [\[Time-based SQLi\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/time-based-sqli.md)
- [Identifying Time-based](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/time-based-sqli/identifying-time-based.md)
- [Designing Time Oracle](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/time-based-sqli/designing-time-oracle.md)
- [Data Extraction](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/time-based-sqli/data-extraction.md)
- [OOB DNS Exfiltration](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/time-based-sqli/oob-dns-exfiltration.md)
- [\[MSSQL-specific Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/mssql-specific-attacks.md)
- [Remote Code Execution](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/mssql-specific-attacks/remote-code-execution.md)
- [Leaking NetNTLM Hashes](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/mssql-specific-attacks/leaking-netntlm-hashes.md)
- [File Read](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/mssql-specific-attacks/file-read.md)
- [Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/prevention.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-5/skills-assessment.md)
- [Whitebox Pentesting](/pentesting-notes/certification-preparation/cwee-prep/introduction-6.md)
- [\[Process\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process.md)
- [Overview](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process/overview.md)
- [Code Review](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process/code-review.md)
- [Local Testing](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process/local-testing.md)
- [Proof of Concept](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process/proof-of-concept.md)
- [Patching & Remediation](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/process/patching-remediation.md)
- [\[Code Review Case Study\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/code-review-case-study.md)
- [Authentication](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/code-review-case-study/authentication.md)
- [Services](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/code-review-case-study/services.md)
- [\[Local Testing Case Study\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/local-testing-case-study.md)
- [Planning](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/local-testing-case-study/planning.md)
- [Eval Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/local-testing-case-study/eval-injection.md)
- [Target Function](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/local-testing-case-study/target-function.md)
- [Code Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/local-testing-case-study/code-injection.md)
- [\[PoC Case Study\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/poc-case-study.md)
- [Command Execution](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/poc-case-study/command-execution.md)
- [HTTP Response Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/poc-case-study/http-response-injection.md)
- [Blind Exploitation](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/poc-case-study/blind-exploitation.md)
- [Exploit Development](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/poc-case-study/exploit-development.md)
- [Applied Patching](/pentesting-notes/certification-preparation/cwee-prep/introduction-6/patching-case-study.md)
- [Modern Web Exploitation](/pentesting-notes/certification-preparation/cwee-prep/introduction-7.md)
- [\[DNS Rebinding\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding/introduction.md)
- [SSRF Filter Bypasses](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding/ssrf-filter-bypasses.md)
- [DNS Rebinding SSRF Bypass](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding/dns-rebinding-ssrf-bypass.md)
- [SOP Bypass](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding/sop-bypass.md)
- [Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/dns-rebinding/tools-and-prevention.md)
- [\[Second-Order Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks/introduction.md)
- [Second-Order IDOR (Whitebox)](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks/second-order-idor.md)
- [Second-Order IDOR (Blackbox)](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks/second-order-idor-blackbox.md)
- [Second-Order LFI](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks/second-order-lfi.md)
- [Second-Order Command Injection](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/second-order-attacks/second-order-command-injection.md)
- [\[WebSocket Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks.md)
- [Introduction](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/introduction.md)
- [Burp Analysis](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/burp-analysis.md)
- [XSS via WebSockets](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/xss-via-websockets.md)
- [SQLi via WebSockets](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/sqli-via-websockets.md)
- [CSWH](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/cswh.md)
- [Tools & Prevention](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/websocket-attacks/tools-and-prevention.md)
- [Skills Assessment](/pentesting-notes/certification-preparation/cwee-prep/introduction-7/skills-assessment.md)
- [\[Deserialization Attacks\]](/pentesting-notes/certification-preparation/cwee-prep/deserialization-attacks.md)
- [Introduction to Serialization](/pentesting-notes/certification-preparation/cwee-prep/deserialization-attacks/introduction-to-serialization.md)
- [Introduction to Deserialization Attacks](/pentesting-notes/certification-preparation/cwee-prep/deserialization-attacks/introduction-to-deserialization-attacks.md)
- [\[PHP Deserialization\]](/pentesting-notes/certification-preparation/cwee-prep/deserialization-attacks/php-deserialization.md)
- [Identifying Vulnerability](/pentesting-notes/certification-preparation/cwee-prep/deserialization-attacks/php-deserialization/identifying-vulnerability.md)
- [PJPT - Completed](/pentesting-notes/certification-preparation/pjpt-prep.md)
- [Quick Reference](/pentesting-notes/certification-preparation/pjpt-prep/pjpt-quick-reference.md)
- [Master Checklist](/pentesting-notes/certification-preparation/pjpt-prep/master-checklist.md)
- [Mind Maps & Attack Flows](/pentesting-notes/certification-preparation/pjpt-prep/mind-maps-and-attack-flows.md)
- [Attack Flow Diagram](/pentesting-notes/certification-preparation/pjpt-prep/mind-maps-and-attack-flows/pjpt-gitbook-mindmap.md)
- [Techniques Mind Map](/pentesting-notes/certification-preparation/pjpt-prep/mind-maps-and-attack-flows/pjpt-gitbook-techniques-map.md)
- [Active Directory Techniques](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques.md)
- [LLMNR Poisoning](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/llmnr-poisoning.md)
- [Kerberoasting](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/kerberoasting.md)
- [GPP/cPassword Attacks](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/gpp-cpassword-attacks.md)
- [Pass Attacks (PTH/PTT)](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/pass-attacks.md)
- [Domain Enumeration](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/domain-enumeration.md)
- [Golden Ticket Attacks](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/golden-ticket-attacks.md)
- [IPv6 Attacks](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/ipv6-attacks.md)
- [SMB Relay Attacks](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/smb-relay-attacks.md)
- [Token Impersonation](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/token-impersonation.md)
- [NTDS.dit Extraction](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/ntds-dit-extraction.md)
- [Windows Persistence](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/windows-persistence-techniques.md)
- [Post-Compromise Strategy](/pentesting-notes/certification-preparation/pjpt-prep/active-directory-techniques/post-compromise-attack-strategy.md)
- [Web & Wireless](/pentesting-notes/certification-preparation/pjpt-prep/web-and-wireless.md)
- [SQL Injection Techniques](/pentesting-notes/certification-preparation/pjpt-prep/web-and-wireless/sql-injection-techniques.md)
- [WPA2 PSK Cracking](/pentesting-notes/certification-preparation/pjpt-prep/web-and-wireless/wpa2-psk-cracking.md)