# Red-Teaming

- [Reconnaissance](https://red.infiltr8.io/redteam/recon.md): MITRE ATT\&CK™ Reconnaissance - Tactic TA0043
- [DNS Enumeration](https://red.infiltr8.io/redteam/recon/dns-enum.md): MITRE ATT\&CK™  Gather Victim Network Information: DNS - T1590.002
- [Subdomains enumeration](https://red.infiltr8.io/redteam/recon/subdomains-enumeration.md)
- [Email Harvesting](https://red.infiltr8.io/redteam/recon/email-harvesting.md): MITRE ATT\&CK™ Account Discovery - Technique T1087
- [Host Discovery](https://red.infiltr8.io/redteam/recon/host-discovery.md)
- [TCP/UDP Service Scanning](https://red.infiltr8.io/redteam/recon/tcp-udp-service-scanning.md): MITRE ATT\&CK™  Network Service Discovery - Technique T1046
- [Vulnerability Scanning](https://red.infiltr8.io/redteam/recon/vulnerability-scanning.md): MITRE ATT\&CK™  Active Scanning: Vulnerability Scanning - Technique T1595.002
- [Google Dorks](https://red.infiltr8.io/redteam/recon/google-dorks.md)
- [GitHub Recon](https://red.infiltr8.io/redteam/recon/open-source-code.md): MITRE ATT\&CK™  Data from Information Repositories - Technique T1213
- [Files Metadata](https://red.infiltr8.io/redteam/recon/files-metadata.md)
- [Maltego](https://red.infiltr8.io/redteam/recon/maltego.md)
- [Specialized Search Engines](https://red.infiltr8.io/redteam/recon/specialized-search-engines.md)
- [Execution](https://red.infiltr8.io/redteam/weapon.md): MITRE ATT\&CK™ Execution - Tactic TA0002
- [Code & Process Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection.md)
- [Loading .NET Reflective Assembly](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/.net-reflective-assembly.md): MITRE ATT\&CK™ Reflective Code Loading - Technique T1620
- [Loading .NET Assembly from Windows Script Hosting](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/.net-assembly-from-windows-script-hosting.md): MITRE ATT\&CK™ Reflective Code Loading - Technique T1620
- [Process Hollowing](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/process-hollowing.md): MITRE ATT\&CK™ Process Injection: Process Hollowing - Technique T1055.012
- [WndProc Callback Shellcode Execution](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/wndproc-callback-shellcode-execution.md)
- [Fibers Shellcode Execution](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/fibers-shellcode-execution.md)
- [Vector Exception Handler Shellcode Execution](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/vector-exception-handler-shellcode-execution.md)
- [NtQueueApcThread & NtTestAlert Shellcode Execution](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/ntqueueapcthread-and-nttestalert-shellcode-execution.md): MITRE ATT\&CK™ Process Injection: Asynchronous Procedure Call - Technique T1055.004
- [Thread Pool Callback Shellcode Execution](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/thread-pool-callback-shellcode-execution.md)
- [Module Stomping Shellcode Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/module-stomping-shellcode-injection.md)
- [Remote .NET Assembly Loading through WaaSRemediation DCOM Abuse](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/remote-.net-assembly-loading-through-waasremediation-dcom-abuse.md)
- [DLL Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/dll-injection.md)
- [CreateRemoteThread Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/createremotethread-injection.md)
- [Reflective DLL Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/reflective-dll-injection.md)
- [NtMapViewOfSection Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/ntmapviewofsection-injection.md)
- [SetWindowHookEx Injection](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/setwindowhookex-injection.md)
- [PoolParty](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/poolparty.md)
- [MockingJay](https://red.infiltr8.io/redteam/weapon/code-and-process-injection/mockingjay.md)
- [Code Execution](https://red.infiltr8.io/redteam/weapon/code-execution.md)
- [CMSTP](https://red.infiltr8.io/redteam/weapon/code-execution/cmstp.md)
- [MSBuild](https://red.infiltr8.io/redteam/weapon/code-execution/msbuild.md)
- [MSHTA](https://red.infiltr8.io/redteam/weapon/code-execution/mshta.md)
- [Microsoft Office Execution](https://red.infiltr8.io/redteam/weapon/code-execution/microsoft-office-execution.md)
- [Windows Script Host (WSH)](https://red.infiltr8.io/redteam/weapon/code-execution/wsh.md)
- [Outlook Home Page Abuse (Specula)](https://red.infiltr8.io/redteam/weapon/code-execution/outlook-home-page-abuse-specula.md)
- [Powershell Without Powershell.exe](https://red.infiltr8.io/redteam/weapon/code-execution/whithout-powershell.md)
- [RegSrv32](https://red.infiltr8.io/redteam/weapon/code-execution/regsrv32.md)
- [Scheduled Tasks](https://red.infiltr8.io/redteam/weapon/code-execution/scheduled-tasks.md): MITRE ATT\&CK™  Scheduled Task/Job  - Technique T1053.002
- [Services](https://red.infiltr8.io/redteam/weapon/code-execution/services.md): MITRE ATT\&CK™   System Services - Service Execution  - Technique T1569.002
- [Windows Library Files](https://red.infiltr8.io/redteam/weapon/code-execution/windows-library-files.md)
- [HTML Help Files](https://red.infiltr8.io/redteam/weapon/code-execution/html-help-files.md)
- [WMI](https://red.infiltr8.io/redteam/weapon/code-execution/wmic.md): MITRE ATT\&CK™  Windows Management Instrumentation - Technique T1047
- [Script Exploits](https://red.infiltr8.io/redteam/weapon/code-execution/script-exploits.md)
- [Sliver](https://red.infiltr8.io/redteam/weapon/code-execution/sliver.md)
- [Initial Access](https://red.infiltr8.io/redteam/delivery.md): MITRE ATT\&CK™ Initial Access - Tactic TA0001
- [Network Services](https://red.infiltr8.io/redteam/delivery/network-services.md)
- [Password Attacks](https://red.infiltr8.io/redteam/delivery/password-attacks.md)
- [Phishing](https://red.infiltr8.io/redteam/delivery/phishing.md)
- [HTML Smuggling](https://red.infiltr8.io/redteam/delivery/phishing/html-smuggling.md): MITRE ATT\&CK™ Obfuscated Files or Information: HTML Smuggling - Technique T1027.006
- [Phishing with Calendars (.ICS Files)](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-calendars-.ics-files.md)
- [Phishing With Microsoft Office](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office.md)
- [MS Office - VBA (Macros)](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/vba.md)
- [MS Office - RTF Files RCE](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/ms-word-rtf-files-rce.md)
- [MS Office - Custom XML parts](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/ms-office-custom-xml-parts.md)
- [MS Office - Excel 4.0 (XLM) Macros](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/ms-office-excel-4.0-xlm-macros.md)
- [MS Office - VBA Stomping](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/ms-office-vba-stomping.md): MITRE ATT\&CK™ Hide Artifacts: VBA Stomping - Technique T1564.007
- [MS Office - Remote Dotm Template Injection](https://red.infiltr8.io/redteam/delivery/phishing/phishing-with-ms-office/ms-office-remote-dotm-template-injection.md)
- [Phishing via Proxy](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy.md)
- [Adversary in the Middle (AitM) Phishing](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/adversary-in-the-middle-aitm-phishing.md): MITRE ATT\&CK™ Adversary-in-the-Middle - Technique T1557
- [EvilGoPhish](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/adversary-in-the-middle-aitm-phishing/evilgophish.md): MITRE ATT\&CK™ Adversary-in-the-Middle - Technique T1557
- [Evilginx](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/adversary-in-the-middle-aitm-phishing/evilginx.md): MITRE ATT\&CK™ Adversary-in-the-Middle - Technique T1557
- [Muraena](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/adversary-in-the-middle-aitm-phishing/muraena.md): MITRE ATT\&CK™ Adversary-in-the-Middle - Technique T1557
- [Modlishka](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/adversary-in-the-middle-aitm-phishing/modlishka.md): MITRE ATT\&CK™ Adversary-in-the-Middle - Technique T1557
- [Browser in the Middle (BitM) Phishing](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/browser-in-the-middle-bitm-phishing.md)
- [cuddlephish](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/browser-in-the-middle-bitm-phishing/cuddlephish.md)
- [EvilnoVNC](https://red.infiltr8.io/redteam/delivery/phishing/phishing-via-proxy/browser-in-the-middle-bitm-phishing/evilnovnc.md)
- [Persistence](https://red.infiltr8.io/redteam/persistence.md): MITRE ATT\&CK™ Persistence - Tactic TA0003
- [Active Directory](https://red.infiltr8.io/redteam/persistence/active-directory.md)
- [Windows](https://red.infiltr8.io/redteam/persistence/windows.md)
- [Accessibility features Backdoor](https://red.infiltr8.io/redteam/persistence/windows/accessibility-features-backdoor.md): MITRE ATT\&CK™  Event Triggered Execution - Accessibility Features - Technique T1546.008
- [AEDebug Keys Persistence](https://red.infiltr8.io/redteam/persistence/windows/aedebug-keys.md)
- [Image File Execution Options (IFEO) Persistence](https://red.infiltr8.io/redteam/persistence/windows/image-file-execution-options.md): MITRE ATT\&CK™ Event Triggered Execution: Image File Execution Options Injection - Technique T1546.012
- [Logon Triggered Persistence](https://red.infiltr8.io/redteam/persistence/windows/logon-triggered.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution - Technique T1547
- [LSA Persistence](https://red.infiltr8.io/redteam/persistence/windows/lsa.md)
- [Security Support Provider DLLs](https://red.infiltr8.io/redteam/persistence/windows/lsa/security-support-provider-dlls.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Security Support Provider - Technique T1547.005
- [Authentication Package](https://red.infiltr8.io/redteam/persistence/windows/lsa/authentication-package.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Authentication Package - Technique T1547.002
- [Natural Language 6 DLLs Persistence](https://red.infiltr8.io/redteam/persistence/windows/natural-language-6-dlls.md)
- [Run Keys Persistence](https://red.infiltr8.io/redteam/persistence/windows/run-keys.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder - Technique T1547.001
- [Winlogon Persistence](https://red.infiltr8.io/redteam/persistence/windows/winlogon.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Winlogon Helper DLL - Technique T1547.001
- [WMI Event Subscription Persistence](https://red.infiltr8.io/redteam/persistence/windows/wmi-event-subscription.md): MITRE ATT\&CK™  Event Triggered Execution: Windows Management Instrumentation Event Subscription - Technique T1546.003
- [Linux](https://red.infiltr8.io/redteam/persistence/linux.md)
- [SSH for Persistence](https://red.infiltr8.io/redteam/persistence/linux/ssh.md): MITRE ATT\&CK™ Persistence - Tactic TA0003
- [GSocket for Persistence](https://red.infiltr8.io/redteam/persistence/linux/gsocket-for-persistence.md): MITRE ATT\&CK™ Persistence - Tactic TA0003
- [Udev rules](https://red.infiltr8.io/redteam/persistence/linux/udev-rules.md)
- [Defense Evasion](https://red.infiltr8.io/redteam/evasion.md): MITRE ATT\&CK™ Defense Evasion - Tactic TA0005
- [Endpoint Detection Respons (EDR) Bypass](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass.md)
- [Bring Your Own Vulnerable Driver (BYOVD)](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/bring-your-own-vulnerable-driver-byovd.md): MITRE ATT\&CK™ Exploitation for Privilege Escalation - Technique T1068
- [Safe Mode With Networking](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/safe-mode-with-networking.md): MITRE ATT\&CK™ Impair Defenses: Disable or Modify Tools - Technique T1562.001
- [Windows Defender Application Control (WDAC): Killing EDR](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/windows-defender-application-control-wdac-killing-edr.md): MITRE ATT\&CK™ Impair Defenses: Disable or Modify Tools - Technique T1562.001
- [Load Unsigned Drivers](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/load-unsigned-drivers.md)
- [Minifilter Altitude](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/minifilter-altitude.md)
- [Hypervisor Code Integrity (HVCI) Disallowed Images](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/hypervisor-code-integrity-hvci-disallowed-images.md)
- [Windows Filtering Platform (WFP)](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/windows-filtering-platform-wfp.md)
- [Userland Hooking Bypass](https://red.infiltr8.io/redteam/evasion/endpoint-detection-respons-edr-bypass/userland-hooking-bypass.md)
- [UAC Bypass](https://red.infiltr8.io/redteam/evasion/uac.md): MITRE ATT\&CK™ Impair Defenses: Disable or Modify Tools - Technique T1562.001
- [AMSI Bypass](https://red.infiltr8.io/redteam/evasion/amsi.md): MITRE ATT\&CK™ Impair Defenses: Disable or Modify Tools - Technique T1562.001
- [ETW evasion](https://red.infiltr8.io/redteam/evasion/etw-evasion.md): MITRE ATT\&CK™ Impair Defenses: Disable or Modify Tools - Technique T1562.002
- [Living Off The Land](https://red.infiltr8.io/redteam/evasion/living-off-the-land.md)
- [Windows Sysinternals](https://red.infiltr8.io/redteam/evasion/living-off-the-land/sysinternals.md)
- [LOLBAS Project](https://red.infiltr8.io/redteam/evasion/living-off-the-land/lolbas.md)
- [File Operations](https://red.infiltr8.io/redteam/evasion/living-off-the-land/file-operations.md)
- [File Executions](https://red.infiltr8.io/redteam/evasion/living-off-the-land/file-executions.md)
- [Signature Evasion](https://red.infiltr8.io/redteam/evasion/signature-evasion.md)
- [Obfuscation](https://red.infiltr8.io/redteam/evasion/obf.md)
- [PowerShell Obfuscation](https://red.infiltr8.io/redteam/evasion/obf/powershell-obfuscation.md)
- [Commandline Obfusaction](https://red.infiltr8.io/redteam/evasion/obf/commandline-obfusaction.md)
- [PE Obfuscation](https://red.infiltr8.io/redteam/evasion/obf/pe-obfuscation.md)
- [String Encryption](https://red.infiltr8.io/redteam/evasion/obf/string-encryption.md)
- [AppLocker Bypass](https://red.infiltr8.io/redteam/evasion/applocker-bypass.md)
- [Mark-of-the-Web (MotW) Bypass](https://red.infiltr8.io/redteam/evasion/motw-bypass.md): MITRE ATT\&CK™  Subvert Trust Controls: Mark-of-the-Web Bypass - Technique T1553.005
- [PowerShell Constrained Language Mode (CLM) Bypass](https://red.infiltr8.io/redteam/evasion/powershell-constrained-language-mode-clm-bypass.md)
- [Kill Windows Defender](https://red.infiltr8.io/redteam/evasion/kill-windows-defender.md)
- [Virtualization-based security (VBS) Bypass](https://red.infiltr8.io/redteam/evasion/virtualization-based-security-vbs-bypass.md)
- [Credential Guard bypass](https://red.infiltr8.io/redteam/evasion/virtualization-based-security-vbs-bypass/credential-guard-bypass.md)
- [hypervisor-protected code integrity (HVCI) Bypass](https://red.infiltr8.io/redteam/evasion/virtualization-based-security-vbs-bypass/hypervisor-protected-code-integrity-hvci-bypass.md)
- [Windows Defender Application Control (WDAC) Bypass](https://red.infiltr8.io/redteam/evasion/virtualization-based-security-vbs-bypass/windows-defender-application-control-wdac-bypass.md)
- [Sandbox Evasion](https://red.infiltr8.io/redteam/evasion/sandbox-evasion.md): MITRE ATT\&CK™ Virtualization/Sandbox Evasion- Technique T1497
- [Discovery](https://red.infiltr8.io/redteam/discovery.md): MITRE ATT\&CK™ Discovery - Tactic TA0007
- [Active Directory](https://red.infiltr8.io/redteam/discovery/active-directory.md)
- [Windows](https://red.infiltr8.io/redteam/discovery/windows.md)
- [System Information](https://red.infiltr8.io/redteam/discovery/windows/system-information.md): MITRE ATT\&CK™  System Information Discovery - Technique T1082
- [Processes & Services](https://red.infiltr8.io/redteam/discovery/windows/processes-and-services.md): MITRE ATT\&CK™  Process Discovery & System Service Discovery  - Technique T1057 & T1007
- [Scheduled Tasks](https://red.infiltr8.io/redteam/discovery/windows/scheduled-tasks.md)
- [Installed applications](https://red.infiltr8.io/redteam/discovery/windows/installed-applications.md): MITRE ATT\&CK™ Software Discovery - Technique T1518
- [Network Configuration](https://red.infiltr8.io/redteam/discovery/windows/network-configuration.md): MITRE ATT\&CK™ System Network Configuration Discovery - Technique T1016
- [FIle/Folder ACLs](https://red.infiltr8.io/redteam/discovery/windows/acls.md): MITRE ATT\&CK™ File and Directory Discovery - Technique T1083
- [Knowing your Shell](https://red.infiltr8.io/redteam/discovery/windows/knowing-your-shell.md)
- [Security Solutions](https://red.infiltr8.io/redteam/discovery/windows/av.md): MITRE ATT\&CK™ Software Discovery: Security Software Discovery - Technique T1518.001
- [Linux](https://red.infiltr8.io/redteam/discovery/linux.md)
- [OS Details](https://red.infiltr8.io/redteam/discovery/linux/os-details.md)
- [Process & Services](https://red.infiltr8.io/redteam/discovery/linux/process-and-services.md)
- [Privilege Escalation](https://red.infiltr8.io/redteam/privilege-escalation.md): MITRE ATT\&CK™ Privilege Escalation  - Tactic TA0004
- [Windows](https://red.infiltr8.io/redteam/privilege-escalation/windows.md)
- [Tools ⚙️](https://red.infiltr8.io/redteam/privilege-escalation/windows/tools.md)
- [Unsecured Credentials](https://red.infiltr8.io/redteam/privilege-escalation/windows/credentials-in-files.md): MITRE ATT\&CK™  Unsecured Credentials: Credentials In Files - Technique T1552.001
- [Abusing Tokens](https://red.infiltr8.io/redteam/privilege-escalation/windows/abusing-tokens.md)
- [Insecure Services](https://red.infiltr8.io/redteam/privilege-escalation/windows/services.md): MITRE ATT\&CK™  Hijack Execution Flow - Technique T1574
- [Weak Service Permissions](https://red.infiltr8.io/redteam/privilege-escalation/windows/services/weak-service-permissions.md): MITRE ATT\&CK™ Hijack Execution Flow - Technique T1574
- [Weak File/Folder Permissions](https://red.infiltr8.io/redteam/privilege-escalation/windows/services/weak-files-permissions.md): MITRE ATT\&CK™ Hijack Execution Flow - Technique T1574
- [Weak Registry Permissions](https://red.infiltr8.io/redteam/privilege-escalation/windows/services/weak-registry-permissions.md): MITRE ATT\&CK™ Hijack Execution Flow - Services Registry Permissions Weakness - Technique T1574.011
- [Unquoted Service Path](https://red.infiltr8.io/redteam/privilege-escalation/windows/services/unquoted-service-path.md): MITRE ATT\&CK™ Hijack Execution Flow - Path Interception by Unquoted Path - Technique T1574.09
- [AlwaysInstallElevated](https://red.infiltr8.io/redteam/privilege-escalation/windows/alwaysinstallelevated.md): MITRE ATT\&CK™  System Binary Proxy Execution: Msiexec - Technique T1218.007
- [AutoLogon Registry](https://red.infiltr8.io/redteam/privilege-escalation/windows/autologon-registry.md)
- [Insecure Scheduled Tasks](https://red.infiltr8.io/redteam/privilege-escalation/windows/insecure-scheduled-tasks.md)
- [Weak File/Folder Permissions](https://red.infiltr8.io/redteam/privilege-escalation/windows/insecure-scheduled-tasks/weak-file-folder-permissions.md)
- [DLL Hijacking](https://red.infiltr8.io/redteam/privilege-escalation/windows/dll-hijacking.md)
- [Linux](https://red.infiltr8.io/redteam/privilege-escalation/linux.md)
- [Kernel Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits.md)
- [OverlayFs Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/overlayfs-exploits.md)
- [GameOverlayFs](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/overlayfs-exploits/gameoverlayfs.md): CVE-2023-2640 & CVE-2023-32629
- [CVE-2023-0386](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/overlayfs-exploits/cve-2023-0386-overlayfs.md): CVE-2023-0386
- [CVE-2021-3493](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/overlayfs-exploits/cve-2021-3493.md): CVE-2021-3493
- [CVE-2023-32233 (CAP\_NET\_ADMIN)](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/nf_tables.md): CVE-2023-32233
- [Dirty Pipe](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/dirtypipe.md): CVE-2022-0847
- [DirtyCow](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/dirtycow.md)
- [RDS](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/rds.md)
- [Full Nelson](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/full-nelson.md)
- [Mempodipper](https://red.infiltr8.io/redteam/privilege-escalation/linux/kernel-exploits/mempodipper.md)
- [GLIBC Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/glibc-exploits.md)
- [Looney Tunables](https://red.infiltr8.io/redteam/privilege-escalation/linux/glibc-exploits/looney-tunables.md): CVE-2023-4911
- [Polkit Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/polkit-exploits.md): Privilege Escalation
- [PwnKit](https://red.infiltr8.io/redteam/privilege-escalation/linux/polkit-exploits/pwnkit.md): CVE-2021-4034
- [D-Bus Authentication Bypass](https://red.infiltr8.io/redteam/privilege-escalation/linux/polkit-exploits/d-bus-authentication-bypass.md): CVE-2021-3560
- [Sudo Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits.md): Privilege Escalation
- [Sudo Binaries](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/sudo-binaries.md)
- [Sudo Misconfigurations](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/sudo-misconfigurations.md)
- [Reuse Sudo Tokens](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/reuse-sudo-tokens.md)
- [User Restriction Bypass](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/bypass-of-user-restrictions.md): CVE-2019-14287
- [Pwfeedback BOF](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/pwfeedback-bof.md): CVE-2019-18634
- [Baron Samedit](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/sudo-baron-samedit.md): CVE-2021–3156
- [Sudoedit Bypass](https://red.infiltr8.io/redteam/privilege-escalation/linux/sudo-exploits/sudoedit-bypass.md): CVE-2023-22809
- [SUID Binaries](https://red.infiltr8.io/redteam/privilege-escalation/linux/suid-binaries.md)
- [Script Exploits](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits.md)
- [Python](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/python.md)
- [Pip Download Code Execution](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/python/pypi-package.md)
- [PyInstaller Code Execution](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/python/pyinstaller.md)
- [Pytorch Models/PTH Files Code Execution](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/python/pytorch-models-pth-files-code-execution.md)
- [Ruby](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/ruby.md)
- [Bash](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/bash.md)
- [Perl](https://red.infiltr8.io/redteam/privilege-escalation/linux/script-exploits/perl.md)
- [Scheduled tasks](https://red.infiltr8.io/redteam/privilege-escalation/linux/scheduled-tasks.md)
- [Cron Jobs](https://red.infiltr8.io/redteam/privilege-escalation/linux/scheduled-tasks/cron-jobs.md)
- [Systemd timers](https://red.infiltr8.io/redteam/privilege-escalation/linux/scheduled-tasks/systemd-timers.md)
- [Interesting Groups](https://red.infiltr8.io/redteam/privilege-escalation/linux/groups.md)
- [Lxd](https://red.infiltr8.io/redteam/privilege-escalation/linux/groups/lxd.md)
- [Capabilities](https://red.infiltr8.io/redteam/privilege-escalation/linux/capabilities.md)
- [NFS no\_root\_squash/no\_all\_squash](https://red.infiltr8.io/redteam/privilege-escalation/linux/nfs-no_root_squash-no_all_squash.md)
- [Linux Active Directory](https://red.infiltr8.io/redteam/privilege-escalation/linux/linux-active-directory.md)
- [Credential Access](https://red.infiltr8.io/redteam/credentials.md): MITRE ATT\&CK™ Credential Access - Tactic TA0006
- [Password Stores](https://red.infiltr8.io/redteam/credentials/password-stores.md)
- [Windows Credential Manager](https://red.infiltr8.io/redteam/credentials/password-stores/windows-credential-manager.md)
- [KeePass](https://red.infiltr8.io/redteam/credentials/password-stores/keepass.md): MITRE ATT\&CK™ Credentials from Password Stores: Password Managers - Technique T1555.005
- [Web Browsers](https://red.infiltr8.io/redteam/credentials/password-stores/credentials-from-web-browsers.md): MITRE ATT\&CK™  Credentials from Password Stores: Credentials from Web Browsers  - Technique T1555.003
- [Unsecured Credentials](https://red.infiltr8.io/redteam/credentials/unsecured-credentials.md)
- [Credentials In Files](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/credentials-in-files.md): MITRE ATT\&CK™ Unsecured Credentials: Credentials In Files - Technique T1552.00
- [PowerShell Credentials](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/powershell-logging.md): MITRE ATT\&CK™  Unsecured Credentials - Technique T1552
- [VNC Config](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/vnc-config.md): MITRE ATT\&CK™ Unsecured Credentials: Credentials In Files - Technique T1552.00
- [SSH Private Keys](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/ssh-private-keys.md): MITRE ATT\&CK™ Unsecured Credentials: Private Keys - T1552.004
- [Git Repositories](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/git-repositories.md)
- [Veeam Backup](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/veeam-backup.md): MITRE ATT\&CK™ Credential Access - Tactic TA0006
- [Network shares](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/network-shares.md)
- [Cred Network protocols](https://red.infiltr8.io/redteam/credentials/unsecured-credentials/network-protocols.md)
- [OS Credentials](https://red.infiltr8.io/redteam/credentials/os-credentials.md)
- [Windows & Active Directory](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory.md): MITRE ATT\&CK™ OS Credential Dumping - Technique T1003
- [SAM & LSA secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/sam-and-lsa-secrets.md): MITRE ATT\&CK™ Sub-techniques T1003.002, T1003.004 and T1003.005
- [DPAPI secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/dpapi-protected-secrets.md): MITRE ATT\&CK™ Sub-technique T1555.003
- [NTDS secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/ntds.md): MITRE ATT\&CK™ Sub-technique T1003.003
- [LSASS secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/lsass.md): MITRE ATT\&CK™ Sub-technique T1003.001
- [DCSync](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/dcsync.md): MITRE ATT\&CK™ Sub-technique T1003.006
- [Kerberos key list](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/kerberos-key-list.md)
- [Group Policy Preferences](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/group-policies-preferences.md): MITRE ATT\&CK™ Sub-technique T1552.006
- [AutoLogon Registry](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/autologon-registry.md)
- [In-memory secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/passwords-in-memory.md)
- [Cached Kerberos tickets](https://red.infiltr8.io/redteam/credentials/os-credentials/windows-and-active-directory/cached-kerberos-tickets.md): MITRE ATT\&CK™ Steal or Forge Kerberos Tickets - Technique T1558
- [Linux](https://red.infiltr8.io/redteam/credentials/os-credentials/linux.md)
- [Shadow File](https://red.infiltr8.io/redteam/credentials/os-credentials/linux/shadow-file.md): MITRE ATT\&CK™ OS Credential Dumping: /etc/passwd and /etc/shadow - Technique T1003.008
- [In-memory secrets](https://red.infiltr8.io/redteam/credentials/os-credentials/linux/passwords-in-memory.md): MITRE ATT\&CK™ OS Credential Dumping: Proc Filesystem - Technique T1003.007
- [Linux Cached Kerberos tickets](https://red.infiltr8.io/redteam/credentials/os-credentials/linux/cached-kerberos-tickets.md): MITRE ATT\&CK™ Steal or Forge Kerberos Tickets - Technique T1558
- [Samba LDB files](https://red.infiltr8.io/redteam/credentials/os-credentials/linux/samba-ldb-files.md)
- [Samba DCSync (Vampire)](https://red.infiltr8.io/redteam/credentials/os-credentials/linux/samba-dcsync-vampire.md)
- [MITM and coerced auths](https://red.infiltr8.io/redteam/credentials/mitm-and-coerced-auths.md)
- [Password Attacks](https://red.infiltr8.io/redteam/credentials/passwd.md)
- [Default, weak & Leaked Passwords](https://red.infiltr8.io/redteam/credentials/passwd/default-weak-and-leaked-passwords.md)
- [Generate Wordlists](https://red.infiltr8.io/redteam/credentials/passwd/generate-wordlists.md)
- [Brute-Force](https://red.infiltr8.io/redteam/credentials/passwd/brute-force.md): MITRE ATT\&CK™ Brute Force - Technique T1110
- [Online - Attacking Services](https://red.infiltr8.io/redteam/credentials/passwd/brute-force/online-attacking-services.md): MITRE ATT\&CK™ Brute Force - Technique T1110
- [Offline - Password Cracking](https://red.infiltr8.io/redteam/credentials/passwd/brute-force/offline-password-cracking.md): MITRE ATT\&CK™ Brute Force: Password Cracking - Technique T1110.002
- [Impersonation](https://red.infiltr8.io/redteam/credentials/impersonation.md)
- [Lateral Movement](https://red.infiltr8.io/redteam/pivoting.md): MITRE ATT\&CK™ Lateral Movement - Tactic TA0008
- [Port Forwarding](https://red.infiltr8.io/redteam/pivoting/portfwd.md): MITRE ATT\&CK™ Protocol Tunneling  - Technique T1572
- [TLS Tunneling (Ligolo-ng)](https://red.infiltr8.io/redteam/pivoting/tls-tunneling-ligolo-ng.md): MITRE ATT\&CK™ Protocol Tunneling  - Technique T1572
- [HTTP(s) Tunneling](https://red.infiltr8.io/redteam/pivoting/http-tunneling.md): MITRE ATT\&CK™ Protocol Tunneling  - Technique T1572
- [SSH Tunneling](https://red.infiltr8.io/redteam/pivoting/ssh-tunneling.md): MITRE ATT\&CK™ Protocol Tunneling  - Technique T1572
- [DNS Tunneling](https://red.infiltr8.io/redteam/pivoting/dnstunneling.md): MITRE ATT\&CK™ Protocol Tunneling  - Technique T1572
- [SMB-based](https://red.infiltr8.io/redteam/pivoting/smb-based.md): MITRE ATT\&CK™ Remote Services: SMB/Windows Admin Shares - Technique T1021.002
- [WinRM](https://red.infiltr8.io/redteam/pivoting/winrm.md): MITRE ATT\&CK™  Remote Services: Windows Remote Management   - Technique T1021.006
- [Remote WMI](https://red.infiltr8.io/redteam/pivoting/remote-wmi.md): MITRE ATT\&CK™  Windows Management Instrumentation - Technique T1047
- [DCOM](https://red.infiltr8.io/redteam/pivoting/dcom.md): MITRE ATT\&CK™ Remote Services: Distributed Component Object Model - Technique T1021.003
- [Scheduled Tasks (ATSVC)](https://red.infiltr8.io/redteam/pivoting/scheduled-tasks-atsvc.md)
- [Services (SVCCTL)](https://red.infiltr8.io/redteam/pivoting/services-svcctl.md)
- [Exfiltration](https://red.infiltr8.io/redteam/exfiltration.md): MITRE ATT\&CK™ Exfiltration - Tactic TA0036
- [Exfiltration over ICMP](https://red.infiltr8.io/redteam/exfiltration/icmp.md): MITRE ATT\&CK™  - Exfiltration Over Alternative Protocol - Technique T1048
- [Exfiltration Over DNS](https://red.infiltr8.io/redteam/exfiltration/dns.md): MITRE ATT\&CK™  - Exfiltration Over Alternative Protocol - Technique T1048
- [Exfiltration Over HTTP(s)](https://red.infiltr8.io/redteam/exfiltration/http.md): MITRE ATT\&CK™  - Exfiltration Over Alternative Protocol - Technique T1048
- [Exfiltration Over SMB](https://red.infiltr8.io/redteam/exfiltration/smb.md): MITRE ATT\&CK™ - Exfiltration - Tactic TA0010


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://red.infiltr8.io/redteam.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.