Skip to content

rastidoust/rastidoust.github.io

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

Index.md

Index.md

 
 

README.md

README.md

 
 

_config.yml

_config.yml

 
 

Repository files navigation

syllabus

Introduction

  • Defination

  • Framework

  • MITRE ATT&CK

MITRE CALDERA

  • Introduction

  • configuration

  • Use Case

2. Initial Access

  • Public-Facing Exploit

    • CVE-2022-6099

    • PHP-8.1.0 RCE

    • CVE-2021-34473

    • CVE-2021-21972

  • Client Side

    • Macro Attack

    • XML macro

    • SYLK

    • DDE

    • ActiveX

  • Social Engineering

  • Internal

    • Responder

    • Shell Command Files

    • XSL

3. Execution

Trust Windows Tools

WMI

COM-DCOM

Csharp Execution

4. Privilege Escalation

Token Manipulation

Kernel Exploitation

SUID Binary

Capability Escalation

5. Defense Evasion

Csharp Shellcode

Invoke Obfuscation

cpp lanucher

DLL Injection

APC

Early bird Injection

ThreadPool

Fibers

Resource Injection

PE In Memory

Bypass Restriction

6. Credential Access

Windows Local

Windows DC

Kerberos Attack

7.Persistent

WMI Subscription

Application Shimming

logon Helper

Com-Hijacking

Linux Persistent

8. Discovery

Account Discovery

Application Discovery

Network Resource Discovery

Cloud Infrastructure Discovery

9. Lateral Movement

windows Remote Management

DCOM

PTT

Tunnelling

pivotnacci

Chisel

10. Exfiltration

split Data with Powershell

Split Data With ICMP

Compress Data

Exfiltration over cloud

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published