# CSbyGB - Pentips ## CSbyGB - PenTips - [Welcome to CSbyGB's Pentips](https://csbygb.gitbook.io/pentips/cs-by-gb-pentips/readme.md) - [Basics](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/basics.md) - [DNS](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/dns.md) - [FTP](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/ftp.md) - [HTTP & HTTPS](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/http-https.md) - [IMAP](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/imap.md) - [IPMI](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/ipmi.md) - [MSSQL](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/mssql.md) - [MYSQL](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/mysql.md) - [NFS](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/nfs.md) - [Oracle TNS](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/oracle-tns.md) - [POP3](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/pop3.md) - [RDP](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/rdp.md) - [RPC](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/rpc.md) - [Rservices](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/rservices.md) - [Rsync](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/rsync.md) - [SMB](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/smb.md) - [SMTP](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/smtp.md) - [SNMP](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/snmp.md) - [SSH](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/ssh.md) - [VOIP and related protocols](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/voip.md) - [Winrm](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/winrm.md) - [WMI](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/wmi.md) - [Useful tips when you find unknown ports](https://csbygb.gitbook.io/pentips/networking-protocols-and-network-pentest/unknown-ports.md) - [Introduction](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/intro.md) - [Information Gathering](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/information-gathering.md) - [Scanning & Enumeration](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/scanenum.md) - [Exploitation (basics)](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/exploitation-basics.md) - [Password Attacks](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/password-attacks.md) - [Post Exploitation](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/post-exploitation.md) - [Lateral Movement](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/lateral-movement.md) - [Proof-of-Concept](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/proof-of-concept.md) - [Post-Engagement](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/post-engagement.md) - [MITRE ATT\&CK](https://csbygb.gitbook.io/pentips/ethical-hacking-general-methodology/mitre-attack.md) - [External Pentest](https://csbygb.gitbook.io/pentips/external-pentest/external-pentest.md) - [Introduction to HTTP and web](https://csbygb.gitbook.io/pentips/web-pentesting/web.md) - [Enumeration](https://csbygb.gitbook.io/pentips/web-pentesting/enumeration.md) - [OWASP Top 10](https://csbygb.gitbook.io/pentips/web-pentesting/owasptop10.md) - [General Methodo & Misc Tips](https://csbygb.gitbook.io/pentips/web-pentesting/misc-tips.md) - [Web Services and API](https://csbygb.gitbook.io/pentips/web-pentesting/api.md) - [Vunerabilities and attacks](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns.md) - [Clickjacking](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/clickjacking.md) - [CORS (Misconfigurations)](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/cors.md) - [CSRF](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/csrf.md) - [SSRF](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/ssrf.md) - [Bypass captcha](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/captcha-bypass.md) - [Template Injection (client and server side)](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/template-injection.md) - [MFA bypass](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/mfa-bypass.md) - [XXE](https://csbygb.gitbook.io/pentips/web-pentesting/webvulns/xxe.md) - [Exposed git folder](https://csbygb.gitbook.io/pentips/web-pentesting/exposed-git.md) - [Docker exploitation and Docker vulnerabilities](https://csbygb.gitbook.io/pentips/web-pentesting/docker-exploitation.md) - [Websockets](https://csbygb.gitbook.io/pentips/web-pentesting/websockets.md) - [Android](https://csbygb.gitbook.io/pentips/mobile-app-pentest/android.md) - [IOS](https://csbygb.gitbook.io/pentips/mobile-app-pentest/ios.md) - [Wireless pentest](https://csbygb.gitbook.io/pentips/wireless-pentest/wireless.md) - [Cloud Pentest](https://csbygb.gitbook.io/pentips/cloud-pentest/cloud.md) - [Google Cloud Platform](https://csbygb.gitbook.io/pentips/cloud-pentest/gcp.md) - [AWS](https://csbygb.gitbook.io/pentips/cloud-pentest/aws.md) - [Thick Client](https://csbygb.gitbook.io/pentips/thick-client-pentest/thick-client.md) - [ATM](https://csbygb.gitbook.io/pentips/hardware-pentest/atm.md) - [IoT](https://csbygb.gitbook.io/pentips/hardware-pentest/iot.md) - [Secure code review](https://csbygb.gitbook.io/pentips/secure-code-review/code-review.md) - [Java notes for Secure Code Review](https://csbygb.gitbook.io/pentips/secure-code-review/java-code-review.md) - [MITRE ATLAS](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/mitre-atlas.md) - [OWASP ML and LLM](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/owasp-ml-and-llm.md) - [Hugging face](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/hugging-face.md) - [AI Python](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/ai-python.md) - [Gemini](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/gemini.md) - [Ollama](https://csbygb.gitbook.io/pentips/ai-and-ai-pentest/ollama.md) - [Web Application and API Pentest Checklist](https://csbygb.gitbook.io/pentips/checklist/web-and-api-pentest-checklist.md) - [Linux Privesc Checklist](https://csbygb.gitbook.io/pentips/checklist/linux-privesc-checklist.md) - [Mobile App Pentest Checklist](https://csbygb.gitbook.io/pentips/checklist/mobile-app-pentest-checklist.md) - [Burpsuite](https://csbygb.gitbook.io/pentips/tools/burpsuite.md) - [Android Studio](https://csbygb.gitbook.io/pentips/tools/android-studio.md) - [Frida](https://csbygb.gitbook.io/pentips/tools/frida.md) - [CrackMapExec](https://csbygb.gitbook.io/pentips/tools/crackmapexec.md) - [Netcat and alternatives](https://csbygb.gitbook.io/pentips/tools/netcat-and-alternatives.md) - [Nmap](https://csbygb.gitbook.io/pentips/tools/nmap.md) - [Nuclei](https://csbygb.gitbook.io/pentips/tools/nuclei.md) - [Evil Winrm](https://csbygb.gitbook.io/pentips/tools/evil-winrm.md) - [Metasploit](https://csbygb.gitbook.io/pentips/tools/metasploit.md) - [Covenant](https://csbygb.gitbook.io/pentips/tools/covenant.md) - [Mimikatz](https://csbygb.gitbook.io/pentips/tools/mimikatz.md) - [Passwords, Hashes and wordlist tools](https://csbygb.gitbook.io/pentips/tools/passwords-tools.md) - [WFuzz](https://csbygb.gitbook.io/pentips/tools/wfuzz.md) - [WPScan](https://csbygb.gitbook.io/pentips/tools/wpscan.md) - [Powershell Empire](https://csbygb.gitbook.io/pentips/tools/empire-powershell.md) - [Curl](https://csbygb.gitbook.io/pentips/tools/curl.md) - [Vulnerability Scanning tools](https://csbygb.gitbook.io/pentips/tools/vulnerability-scanning-tools.md) - [Payload Tools](https://csbygb.gitbook.io/pentips/tools/payload-generation-tools.md) - [Out of band Servers](https://csbygb.gitbook.io/pentips/tools/out-of-band-servers.md) - [STEWS](https://csbygb.gitbook.io/pentips/tools/stews.md) - [Webcrawlers](https://csbygb.gitbook.io/pentips/tools/web-crawlers.md) - [Websocat](https://csbygb.gitbook.io/pentips/tools/websocat.md) - [General tips](https://csbygb.gitbook.io/pentips/vm-and-labs/labstips.md) - [Setup your pentest lab](https://csbygb.gitbook.io/pentips/vm-and-labs/lab-setup.md) - [Initial Foothold](https://csbygb.gitbook.io/pentips/linux/initial-foothold.md) - [Useful commands and tools for pentest on Linux](https://csbygb.gitbook.io/pentips/linux/useful.md) - [Privilege Escalation](https://csbygb.gitbook.io/pentips/linux/privesc.md) - [Kernel Exploits](https://csbygb.gitbook.io/pentips/linux/privesc/kernel.md) - [Password and file permission](https://csbygb.gitbook.io/pentips/linux/privesc/pass-file-perm.md) - [Sudo](https://csbygb.gitbook.io/pentips/linux/privesc/sudo.md) - [SUID](https://csbygb.gitbook.io/pentips/linux/privesc/suid.md) - [Capabilities](https://csbygb.gitbook.io/pentips/linux/privesc/capabilities.md) - [Scheduled tasks](https://csbygb.gitbook.io/pentips/linux/privesc/cron.md) - [NFS Root Squashing](https://csbygb.gitbook.io/pentips/linux/privesc/nfs-root-squashing.md) - [Services](https://csbygb.gitbook.io/pentips/linux/privesc/services.md) - [PATH Abuse](https://csbygb.gitbook.io/pentips/linux/privesc/path.md) - [Wildcard Abuse](https://csbygb.gitbook.io/pentips/linux/privesc/wildcard.md) - [Privileged groups](https://csbygb.gitbook.io/pentips/linux/privesc/groups.md) - [Exploit codes Cheat Sheet](https://csbygb.gitbook.io/pentips/linux/privesc/cheat-sheet-exploits.md) - [Offensive windows](https://csbygb.gitbook.io/pentips/windows/offensive-win.md) - [Enumeration and general Win tips](https://csbygb.gitbook.io/pentips/windows/initial-foothold.md) - [Privilege Escalation](https://csbygb.gitbook.io/pentips/windows/privesc.md) - [Active Directory](https://csbygb.gitbook.io/pentips/windows/active-directory.md) - [Attacking Active Directory](https://csbygb.gitbook.io/pentips/windows/attacking-ad.md) - [LLMNR Poisoning](https://csbygb.gitbook.io/pentips/windows/attacking-ad/llmnr.md) - [SMB Relay Attacks](https://csbygb.gitbook.io/pentips/windows/attacking-ad/smb-relay-attack.md) - [Shell Access](https://csbygb.gitbook.io/pentips/windows/attacking-ad/shell-access.md) - [IPv6 Attacks](https://csbygb.gitbook.io/pentips/windows/attacking-ad/ipv6-attacks.md) - [Passback Attacks](https://csbygb.gitbook.io/pentips/windows/attacking-ad/passback.md) - [Abusing ZeroLogon](https://csbygb.gitbook.io/pentips/windows/attacking-ad/zerologon.md) - [Post-Compromise Enumeration](https://csbygb.gitbook.io/pentips/windows/post-compromise-enum.md) - [Powerview or SharpView (.NET equivalent)](https://csbygb.gitbook.io/pentips/windows/post-compromise-enum/powerview-sharpview.md) - [AD Manual Enumeration](https://csbygb.gitbook.io/pentips/windows/post-compromise-enum/manual-enum-ad.md) - [Bloodhound](https://csbygb.gitbook.io/pentips/windows/post-compromise-enum/bloodhound.md) - [Post Compromise Enumeration - Resources](https://csbygb.gitbook.io/pentips/windows/post-compromise-enum/post-compromise-enumeration-resources.md) - [Post Compromise Attacks](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack.md) - [Pass the Password / Hash](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/pass-hash.md) - [Token Impersonation - Potato attacks](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/token-impersonation.md) - [Kerberos](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/kerberoasting.md) - [GPP/cPassword Attacks](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/gpp.md) - [URL File Attack](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/url-file-attack.md) - [PrintNightmare](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/printnightmare.md) - [Printer Bug](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/printer-bug.md) - [AutoLogon exploitation](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/autologon.md) - [Always Installed Elevated exploitation](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/alwaysinstallelevated.md) - [UAC Bypass](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/uacbypass.md) - [Abusing ACL](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/abusing-acl.md) - [Unconstrained Delegation](https://csbygb.gitbook.io/pentips/windows/post-compromise-attack/unconstrained-delegation.md) - [Persistence](https://csbygb.gitbook.io/pentips/windows/persistence.md) - [AV Evasion](https://csbygb.gitbook.io/pentips/windows/avevasion.md) - [Weaponization](https://csbygb.gitbook.io/pentips/windows/weaponization.md) - [Useful commands in Powershell, CMD and Sysinternals](https://csbygb.gitbook.io/pentips/windows/powershell-cmd.md) - [Windows Internals](https://csbygb.gitbook.io/pentips/windows/internals.md) - [Python programming](https://csbygb.gitbook.io/pentips/programming/python.md) - [My scripts](https://csbygb.gitbook.io/pentips/programming/myscripts.md) - [Kotlin](https://csbygb.gitbook.io/pentips/programming/kotlin.md) - [Assembly](https://csbygb.gitbook.io/pentips/binary-exploitation/assembly.md) - [Buffer Overflow - Stack based - Winx86](https://csbygb.gitbook.io/pentips/binary-exploitation/buffer-overflow-stack-win86.md) - [Buffer Overflow - Stack based - Linux x86](https://csbygb.gitbook.io/pentips/binary-exploitation/buffer-overflow-stack-linux.md) - [OSINT](https://csbygb.gitbook.io/pentips/osint/osint.md) - [Create an OSINT lab](https://csbygb.gitbook.io/pentips/osint/lab.md) - [Sock Puppets](https://csbygb.gitbook.io/pentips/osint/sock-puppets.md) - [Search engines](https://csbygb.gitbook.io/pentips/osint/search-engines.md) - [OSINT Images](https://csbygb.gitbook.io/pentips/osint/image-osint.md) - [OSINT Email](https://csbygb.gitbook.io/pentips/osint/email.md) - [OSINT Password](https://csbygb.gitbook.io/pentips/osint/password.md) - [OSINT Usernames](https://csbygb.gitbook.io/pentips/osint/usernames.md) - [OSINT People](https://csbygb.gitbook.io/pentips/osint/people.md) - [OSINT Social Media](https://csbygb.gitbook.io/pentips/osint/social-media.md) - [OSINT Websites](https://csbygb.gitbook.io/pentips/osint/website.md) - [OSINT Business](https://csbygb.gitbook.io/pentips/osint/business.md) - [OSINT Wireless](https://csbygb.gitbook.io/pentips/osint/wireless.md) - [OSINT Tools](https://csbygb.gitbook.io/pentips/osint/tools.md) - [Write an OSINT report](https://csbygb.gitbook.io/pentips/osint/report.md) - [Flipper Zero](https://csbygb.gitbook.io/pentips/pentester-hardware-toolbox/flipper.md) - [OMG cables](https://csbygb.gitbook.io/pentips/pentester-hardware-toolbox/omgcables.md) - [Rubber ducky](https://csbygb.gitbook.io/pentips/pentester-hardware-toolbox/rubber-ducky.md) - [File transfers between target and attacking machine](https://csbygb.gitbook.io/pentips/post-exploitation/file-transfers.md) - [Maintaining Access](https://csbygb.gitbook.io/pentips/post-exploitation/maintaining-access.md) - [Pivoting](https://csbygb.gitbook.io/pentips/post-exploitation/pivoting.md) - [Cleaning up](https://csbygb.gitbook.io/pentips/post-exploitation/cleanup.md) - [How to report your findings](https://csbygb.gitbook.io/pentips/reporting/pentest-report.md) - [Red Team](https://csbygb.gitbook.io/pentips/red-team/redteam.md) - [Defenses Enumeration](https://csbygb.gitbook.io/pentips/red-team/av-enumeration.md) - [AV Evasion](https://csbygb.gitbook.io/pentips/red-team/av-evasion-shellcode.md) - [Hackthebox Tracks](https://csbygb.gitbook.io/pentips/writeups/htbtracks.md) - [Hackthebox - Introduction to Android Exploitation - Track](https://csbygb.gitbook.io/pentips/writeups/htbtracks/htb-intro-to-android-exploitation-track.md) - [Hackthebox Writeups](https://csbygb.gitbook.io/pentips/writeups/htbwriteups.md) - [Hackthebox - Academy](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-academy.md) - [Hackthebox - Access](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-access.md) - [Hackthebox - Active](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-active.md) - [Hackthebox - Ambassador](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-ambassador.md) - [Hackthebox - Arctic](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-arctic.md) - [Hackthebox - Awkward](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-awkward.md) - [Hackthebox - Backend](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-backend.md) - [Hackthebox - BackendTwo](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-backendtwo.md) - [Hackthebox - Bastard](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-bastard.md) - [Hackthebox - Bastion](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-bastion.md) - [Hackthebox - Chatterbox](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-chatterbox.md) - [Hackthebox - Devel](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-devel.md) - [Hackthebox - Driver](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-driver.md) - [Hackthebox - Explore](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-explore.md) - [Hackthebox - Forest](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-forest.md) - [Hackthebox - Good games](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-goodgames.md) - [Hackthebox - Grandpa](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-grandpa.md) - [Hackthebox - Granny](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-granny.md) - [Hackthebox - Inject](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-inject.md) - [Hackthebox - Jeeves](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-jeeves.md) - [Hackthebox - Jerry](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-jerry.md) - [Hackthebox - Lame](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-lame.md) - [Hackthebox - Late](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-late.md) - [Hackthebox - Love](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-love.md) - [Hackthebox - Mentor](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-mentor.md) - [Hackthebox - MetaTwo](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-metatwo.md) - [Hackthebox - Monteverde](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-monteverde.md) - [Hackthebox - Nibbles](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-nibbles.md) - [Hackthebox - Optimum](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-optimum.md) - [Hackthebox - Paper](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-paper.md) - [Hackthebox - Photobomb](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-photobomb.md) - [Hackthebox - Poison](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-poison.md) - [Hackthebox - Precious](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-precious.md) - [Hackthebox - Querier](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-querier.md) - [Hackthebox - Resolute](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-resolute.md) - [Hackthebox - RouterSpace](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-routerspace.md) - [Hackthebox - Sauna](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-sauna.md) - [Hackthebox - SecNotes](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-secnotes.md) - [Hackthebox - Shoppy](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-shoppy.md) - [Hackthebox - Soccer](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-soccer.md) - [Hackthebox - Steamcloud](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-steamcloud.md) - [Hackthebox - Toolbox](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-toolbox.md) - [Hackthebox - Vault](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-vault.md) - [Hackthebox - Updown](https://csbygb.gitbook.io/pentips/writeups/htbwriteups/htb-updown.md) - [TryHackme Writeups](https://csbygb.gitbook.io/pentips/writeups/thmwriteups.md) - [TryHackMe - Anonymous](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-anonymous.md) - [TryHackMe - Blaster](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-blaster.md) - [TryHackMe - CMesS](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-cmess.md) - [TryHackMe - ConvertMyVideo](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-convertmyvideo.md) - [TryHackMe - Corridor](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-corridor.md) - [TryHackMe - LazyAdmin](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-lazyadmin.md) - [TryHackMe - Looking Glass](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-looking-glass.md) - [TryHackMe - Nahamstore](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-nahamstore.md) - [TryHackMe - Overpass3](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-overpass3.md) - [TryHackMe - OWASP Top 10 2021](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-owasp-top-10-2021.md) - [TryHackMe - SimpleCTF](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-simplectf.md) - [TryHackMe - SQL Injection Lab](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-sqli-labs.md) - [TryHackMe - Sudo Security Bypass](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-sudosecuritybypass.md) - [TryHackMe - Tomghost](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-tomghost.md) - [TryHackMe - Ultratech](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-ultratech.md) - [TryHackMe - Vulnversity](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-vulnversity.md) - [TryHackMe - Wonderland](https://csbygb.gitbook.io/pentips/writeups/thmwriteups/thm-wonderland.md) - [Giskard Red Writeups](https://csbygb.gitbook.io/pentips/writeups/giskard-red.md) - [Giskard - Yes & No (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-yesno1.md) - [Giskard - Yes & No (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-yesno2.md) - [Giskard - JSON Translator](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-json-translator.md) - [Giskard - SQL Helper (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-sql-helper1.md) - [Giskard - SQL Helper (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-sql-helper2.md) - [Giskard - SQL Helper (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-sql-helper3.md) - [Giskard - Math Teacher (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-math-teacher1.md) - [Giskard - Math Teacher (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-math-teacher2.md) - [Giskard - Math Teacher (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-math-teacher3.md) - [Giskard - Tech Teacher (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-tech-teacher1.md) - [Giskard - Tech Teacher (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-tech-teacher2.md) - [Giskard - Tech Teacher (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-tech-teacher3.md) - [Giskard - Einstein (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-einstein1.md) - [Giskard - Einstein (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-einstein2.md) - [Giskard - Einstein (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-einstein3.md) - [Giskard - Mozart biographer](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-mozart-biographer.md) - [Giskard - Mozart biographer, smarter](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-mozart-biographer-smarter.md) - [Giskard - Trustful Historian (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-trustful-historian1.md) - [Giskard - Trustful Historian (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-trustful-historian2.md) - [Giskard - Trustful Historian (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-trustful-historian3.md) - [Giskard - Email Assistant (Level 1)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-email-assistant1.md) - [Giskard - Email Assistant (Level 2)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-email-assistant2.md) - [Giskard - Email Assistant (Level 3)](https://csbygb.gitbook.io/pentips/writeups/giskard-red/giskard-email-assistant3.md) - [Vulnmachines Writeups](https://csbygb.gitbook.io/pentips/writeups/vulnmachines-writeups.md) - [Web Labs Basic](https://csbygb.gitbook.io/pentips/writeups/vulnmachines-writeups/vulnmachine-web-basic.md) - [Web Labs Intermediate](https://csbygb.gitbook.io/pentips/writeups/vulnmachines-writeups/vulnmachine-web-intermediate.md) - [Cloud Labs](https://csbygb.gitbook.io/pentips/writeups/vulnmachines-writeups/vulnmachines-cloud.md) - [Mobile Hacking Lab](https://csbygb.gitbook.io/pentips/writeups/mhlwriteups.md) - [Mobile Hacking Lab - Lab - Config Editor](https://csbygb.gitbook.io/pentips/writeups/mhlwriteups/mhl-lab-config.md) - [Mobile Hacking Lab - Lab - Strings](https://csbygb.gitbook.io/pentips/writeups/mhlwriteups/mhl-strings.md) - [Portswigger Web Security Academy - XSS](https://csbygb.gitbook.io/pentips/writeups/ps-xss.md) - [PS - DomXSS](https://csbygb.gitbook.io/pentips/writeups/ps-xss/ps-domxss.md) - [Portswigger Web Security Academy - Web LLM attacks](https://csbygb.gitbook.io/pentips/writeups/ps-web-llm.md) - [PS - Exploiting LLM APIs with excessive agency](https://csbygb.gitbook.io/pentips/writeups/ps-web-llm/ps-excessive-agency.md) - [PS - Exploiting vulnerabilities in LLM APIs](https://csbygb.gitbook.io/pentips/writeups/ps-web-llm/ps-exploiting-vulnerabilities-in-llm-apis.md) - [PS - Indirect prompt injection](https://csbygb.gitbook.io/pentips/writeups/ps-web-llm/ps-indirect-prompt-injection.md) - [PS - Exploiting insecure output handling in LLMs](https://csbygb.gitbook.io/pentips/writeups/ps-web-llm/ps-insecure-output-handling.md) - [PS - Web cache deception](https://csbygb.gitbook.io/pentips/writeups/ps-web-cache-deception.md) - [PS - Exploiting path mapping for web cache deception](https://csbygb.gitbook.io/pentips/writeups/ps-web-cache-deception/ps-mapping-web-cache-deception.md) - [OWASP projects and challenges writeups](https://csbygb.gitbook.io/pentips/writeups/owasp-writeups.md) - [OWASP MAS Crackmes](https://csbygb.gitbook.io/pentips/writeups/owasp-writeups/owasp-mas-crackmes.md) - [Vulnerable APIs](https://csbygb.gitbook.io/pentips/writeups/vulnerable-apis.md) - [Vampi](https://csbygb.gitbook.io/pentips/writeups/vulnerable-apis/va-vampi.md) - [Damn Vulnerable Web Service](https://csbygb.gitbook.io/pentips/writeups/vulnerable-apis/va-dvws-node.md) - [Damn Vulnerable RESTaurant](https://csbygb.gitbook.io/pentips/writeups/vulnerable-apis/va-dvrestaurant.md) - [Various Platforms](https://csbygb.gitbook.io/pentips/writeups/various.md) - [flAWS 1&2](https://csbygb.gitbook.io/pentips/writeups/various/various-flaws.md) - [How to make a gitbook](https://csbygb.gitbook.io/pentips/digital-skills/howto-gitbook.md) - [Marp](https://csbygb.gitbook.io/pentips/digital-skills/marp.md) - [Linux Tips](https://csbygb.gitbook.io/pentips/digital-skills/useful-linux.md) - [Docker](https://csbygb.gitbook.io/pentips/digital-skills/docker.md) - [VSCodium](https://csbygb.gitbook.io/pentips/digital-skills/vscodium.md) - [Git Tips](https://csbygb.gitbook.io/pentips/digital-skills/git-tips.md) - [Obsidian](https://csbygb.gitbook.io/pentips/digital-skills/obsidian.md) - [Running Samsung Notes on Linux via a Windows VM](https://csbygb.gitbook.io/pentips/digital-skills/samsung-notes.md) - [Durable skills wheel/Roue des compétences durables](https://csbygb.gitbook.io/pentips/durable-skills/wheel.md) - [Projects](https://csbygb.gitbook.io/pentips/projects/intro.md) - [Technical Projects](https://csbygb.gitbook.io/pentips/projects/intro/technical-projects.md) - [General Projects](https://csbygb.gitbook.io/pentips/projects/intro/general-projects.md) - [My Talks about Web Pentest](https://csbygb.gitbook.io/pentips/talks/web-talks.md) - [My talks about Android Application hacking](https://csbygb.gitbook.io/pentips/talks/android-app.md) - [Other of my talks and Podcast](https://csbygb.gitbook.io/pentips/talks/other-talks-podcasts.md) - [A list of random resources](https://csbygb.gitbook.io/pentips/resources/resources.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://csbygb.gitbook.io/pentips/cs-by-gb-pentips/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.