g6adoc

Top 30 Nmap Command Examples For Sys/Network Admins

https://www.cyberciti.biz/networking/nmap-command-examples-tutorials/

Nmap Cheat Sheet

https://hackertarget.com/nmap-cheatsheet-a-quick-reference-guide/

10 nmap Commands Every Sysadmin Should Know

http://bencane.com/2013/02/25/10-nmap-commands-every-sysadmin-should-know/

metasploit-framework/modules/auxiliary/scanner/http/files_dir.rb

https://github.com/rapid7/metasploit-framework/blob/cac890a797d0d770260074dfe703eb5cfb63bd46/modules/auxiliary/scanner/http/files_dir.rb

metasploit-framework/data/wmap/

https://github.com/rapid7/metasploit-framework/tree/cac890a797d0d770260074dfe703eb5cfb63bd46/data/wmap

DefenseCode ThunderScan SAST Advisory

Apache Tomcat Directory/Path Traversal

http://defensecode.com/advisories/DC-2017-03-001_DefenseCode_ThunderScan_SAST_Apache_Tomcat_Security_Advisory.pdf

http://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/course-info.aspx?id=8%27%20union%20select%201%27

0921

tomcat 7.0.X exploit

https://securityonline.info/apache-tomcat-remote-code-execution-vulnerability/

https://github.com/breaktoprotect/CVE-2017-12615

======

MSSQL SQL Injection

====== http://blog.harryadinanta.com/exploit/Using-sqlmap-to-exploit-sql-injection-running-on-top-of-ASP-NET-and-MSSQL-2012/

http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet

https://www.exploit-db.com/papers/12975/

https://www.owasp.org/index.php/Blind_SQL_Injection

http://securityidiots.com/Web-Pentest/SQL-Injection/MSSQL/MSSQL-Union-Based-Injection.html

https://upshell.wordpress.com/2011/06/11/mssql-tips-sql-injection/

http://www.sqlinjectionwiki.com/categories/1/mssql-sql-injection-cheat-sheet/

https://technet.microsoft.com/zh-tw/library/cc512676.aspx

https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-alonso-parada.pdf

https://www.slideshare.net/chemai64/timebased-blind-sql-injection-using-heavy-queries-34887073

http://www.hexatier.com/time-based-blind-sql-injection/