OSWA WEB-300 筆記 Part 1,涵蓋 Managed .NET Code, Decompiling Java Classes 教學、ManageEngine AMUserResourceSyncServlet servlet SQLi 攻擊。
Posts for: #Offsec
[AI] Penetration Testing Notes: Recon, Web, Privilege Escalation, AD, and Pivoting
Penetration testing notes by CHW covering reconnaissance, enumeration, web exploitation, privilege escalation, Active Directory, tunneling, and practical labs.
[AI] Red Team Notes: OPSEC, Lateral Movement, AD Persistence, and Operator Workflow
Red team notes by CHW covering OPSEC, lateral movement, Active Directory persistence, credential attacks, pivoting, and operator-focused offensive workflows.
[AI] Web Security Notes: Web Recon, XSS, SSTI, SSRF, IDOR, and Exploitation Cases
Web security notes by CHW covering web reconnaissance, XSS, SSTI, SSRF, IDOR, exploitation workflows, and practical offensive security labs.
[OSWA, WEB-200] Instructional notes - Part 2
OSWA WEB-200 筆記 Part 2,聚焦 SSTI、command injection、SSRF、IDOR 與常見 Web 漏洞重點。
[OSWA, WEB-200] Instructional notes - Part 1
OSWA WEB-200 筆記 Part 1,涵蓋 web application recon、Burp Suite、XSS、CSRF、SQLi 與 XML 攻擊。