Recent Comments. Adam has 4 jobs listed on their profile. Active Directory Privilege Relationships: BloodHound CyberPunk » Information Gathering BloodHound is a single page Javascript web application, built on top of Linkurious , compiled with Electron , with a Neo4j database fed by a PowerShell ingestor. Whilst evaluating a new test build for a public network (segregated from the corp network), I was able to run SharpHound and extract the data about that domain. WannaPark - Project aimed at presenting a model to find a vacant parking spot in real time and ensure car safety using Deep Learning (Parking spot Classification and Face recognition) #opensource. Security Consulting and computer data forensics recovery with SecureState information security assessment and protection services. Compile Instructions. py currently has the following limitations: Supports most, but not all BloodHound (SharpHound) features (see below for supported collection methods). A browser info stealer. We will use the SharpHound. Sharphound a partir de Windows XP Wie zum vollständigen Hinweis: Es ist wichtig, zu informieren, dass manuelle Schritte speziell für Fachleute konzipiert sind. Extract the contents of the. For detailed install instructions or more information please see our blog. Sharphound, Eliminar Hacktool. Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming. Sharphound może wydawać fajne, ale w rzeczywistości jest to nazwa wirusa komputerowego. Tutorial Per Liberarsi di Skadtec. Video Tutorial CommandoVM Installation Tutorial What is CommandoVM? It is a fully customized, Windows-based security distribution for penetration testing and red teaming. MOV AX, BX Code depilation salon: Articles, Code samples, Processor code documentation, Low-level programming, Working with debuggers List of Awesome Red Teaming Resources on A Red Teamer's Guide to GPOs and OUs. If you’ve ever run across insecure PXE boot deployments during a pentest, you know that they can hold a wealth of possibilities for escalation. Extract the contents of the. Solução 2 : Passo a passo Hacktool. GitHub Gist: instantly share code, notes, and snippets. Over the past few months, the BloodHound team has been working on a complete rewrite of the C# ingestor. Movement After Initial Compromise SleepZ3R0 and HA12TL3Y BSidesRDU 2018. Smooth Pulls Cold Glue and Traditional PDR Glue Pulling Tutorial - Duration: 13:14. Navigate through the options and you will see the Various Graphs This time we install BloodHound on Windows Server 2008 - The metasploitable3 installation, a. Social Mapper OSINT Social Media Mapping Tool, takes a list of names & images (or LinkedIn company name) and performs automated target searching on a huge scale across multiple social media sites. Rohan Vazarkar, Will Schroeder - Six Degrees of Domain Admin The following post is a guide on performing risk audits for your Active Directory infrastructure with BloodHound. ippSec has a great tutorial on this. Sharphound is written using C# 7. club Natychmiast. Según los analistas de seguridad, se refiere al grupo de archivos maliciosos que está específicamente diseñado para aprovechar las ventajas de varias vulnerabilidades de seguridad OS. py currently has the following limitations: Supports most, but not all BloodHound (SharpHound) features (see below for supported collection methods). Active Directory Privilege Relationships: BloodHound CyberPunk » Information Gathering BloodHound is a single page Javascript web application, built on top of Linkurious , compiled with Electron , with a Neo4j database fed by a PowerShell ingestor. Forgot your password? Click here to reset a CLIENT account or contact us at iServices. Site Description. Automatische Methode zu entfernen Hacktool. Relateret søgning Hvordan man stopper vira Search Baron, Søg efter spyware Search Baron, Antivirus scan Search Baron, Fbi malware fjernelse Search Baron, Gendanne locky filer Search Baron, “Apps, der fjerner vira” Search Baron, Malware anti malware Search Baron, Rydde op malware Search Baron, Trend micro ransomware. One of the biggest problems end users encountered was with the current (soon to be replaced) PowerShell ingestor, particularly in speed of enumeration as well as crippling memory usage. sharphound replied to Heared's topic in Forum's Archive. BloodHound is comprised of three parts: the Neo4j database, the SharpHound data collector, and the BloodHound user interface. 0 , RaySupreme , I-Search Plugin 1. I love these realistic machines. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer. Windows PowerShell is a window command line shell. Sharphound may have entered your pc through these software. Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming. So we want to use BloodHound. That, combined with the changes made to PowerView last year, convinced. Sharphound Usunięcie Przewodnik (dla wersji systemu Windows) Czy wiesz, co jest Hacktool. pro, an another site that has been determined by malware researchers as a notorious browser hijacker infection. information security assessment & protection locations careers sales consulting FAQ certified / cleared staff secure forensics lab blended approach diverse disciplines industry leaders proprietary tool kit banking / financial retail utilities. To find attack paths in Active Directory, BloodHound needs to know who belongs to what security groups, who has local admin rights on which systems, and where users are logged on. Our C# tutorial is designed to help beginners and professionals. By using our site, you acknowledge that you have read and understand our. for sharing this. DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. My First Go with BloodHound December 14, 2016. 9997923441947 http://pbs. Download the current version of neo4j Server for Windows, selecting either 32 or 64 bit. Using Bloodhound to Map the Domain Hausec Infosec October 26, 2017 March 20, 2018 1 Minute Bloodhound is an extremely useful tool that will map out active directory relationships throughout the network. あなたのWindows VistaからのHacktool. However since there is only the Windows Server 2012 running, there will not be much data. Sharphound de Windows 7. Create and configure. The element fires an "ontoggle" event without user interaction on modern Blink-based browsers. Recent Comments. Microsoft provides the SecureString to help protect passwords in memory, but what it does not provide is a perfect solution to actually using the SecureString when sending web requests. 149692298197 99. Relateret søgning Hvordan man stopper vira Search Baron, Søg efter spyware Search Baron, Antivirus scan Search Baron, Fbi malware fjernelse Search Baron, Gendanne locky filer Search Baron, “Apps, der fjerner vira” Search Baron, Malware anti malware Search Baron, Rydde op malware Search Baron, Trend micro ransomware. This is a cool way of graphically looking at things. Sharphound vollständig aus dem System zu entfernen. Security group. A modified version of Mimikatz that may be used to collect Windows credentials. Extract the contents of the. CSharp Online Training - C# is a simple, modern, general-purpose, object-oriented programming language developed by Microsoft within its. Keep updating. com puede haber ingresado a su PC a través de este software. The journey commenced with a single tutorial on HTML in 2006 and elated by the response it. For those trying to get a foothold, understand that this box is setup to be extremely real-world, as in, most corporate environments with this kind of technology are going to have this vulnerability. py currently has the following limitations: Supports most, but not all BloodHound (SharpHound) features (see below for supported collection methods). 0 , FTP Bot 1. L1LL File Ransomware jest groźnym zagrożeniem, widocznym po raz pierwszy na początku 2017, wydaje się być zaprojektowany do przejęcia kontroli nad naruszonym Windows 10 i wykonuje czynności mściwe, które byłyby korzystne dla podmiotów. To zakażenie ślizguje się na komputerze z systemem Windows i zaczyna jak najszybciej tworzyć chaos. The latest Tweets from Ben Pollack (@ben_pollack13). txt) or read online for free. 70-410 Objective 2. For detailed install instructions or more information please see our blog. KitPloit - leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security ☣ Unknown [email protected] Very vulnerable ARM application (CTF style exploitation tutorial) explodingcan * Python 0. Sharphound de Chrome, Quitar Hacktool. 9997923441947 http://pbs. Stealing Admin Cookies Tutorial; Steganography; SQLi Authentication Bypass List; SQLi Cheat Sheet; SQL Injection Tutorial Walkthrough with acunetix. Pressione Win + R juntos e Tipo "msconfig". Cette année, lors de l'évènement LeHack 2019, nous avons assisté au lancement de la seconde édition du WonkaChallenge organisé par Akerva. Let's answer the question now and give guidelines on how to deal with passwords of local administrator accounts stored in AD. I finally had a chance to sit down and play with BloodHound. However since there is only the Windows Server 2012 running, there will not be much data. One example scenario where this could be useful is: Suppose you have both a normal user account and an administrator account on a computer and currently you are logged in as normal user account. That, combined with the changes made to PowerView last year, convinced. The script will set up. 记录一下Windows系统的Notes/Tricks. I am trying to. Klik for at vide, hvordan du Fjerne Search Baron fra Windows System’en. com; The-Process; TinyMCE 3. Tutorial para Quadra Hacktool. Penetration testers and red teamers alike commonly used to accomplish this by executing powershell. Fala galera beleza? Hoje vou falar um pouquinho sobre a VM Commando, na verdade se trata de um projeto da FireEye que visa trazer uma serie de ferramentas de intrusão, pen-test e security para os sistemas operacionais Windows (isso mesmo kkk dificil de encontrar) tendo versões para Windows 7 e 10. Sharphound? Hacktool. Active Deception For Red & Blue Teams Lab Manual & Playbook Getting Started The Schedule External Reconnaissance #1. SpecuCheck * C 0. Brief update: awesome video from Defcon was recently posted. post-2624146701546283142 2018-06-05T10:11:00. Jerry is retried vulnerable lab presented by Hack the Box. Sharphound is written using C# 7. Windows 10 And 8. post-4774548933302961685 2018-06-13T10:30:00. To find attack paths in Active Directory, BloodHound needs to know who belongs to what security groups, who has local admin rights on which systems, and where users are logged on. BloodHound. There are some stealth options but I am focusing on collecting everything for this run. Intro In the previous blog post, we focused on SharpHound from an operational perspective, discussing some of the new features, as well as improved features from the original ingestor. SpecuCheck * C 0. 0 , Flip PDF Professional 2. null(killvxk) 님의 Total Stargazer는 753이고 인기 순위는 142위 입니다. Threat Analysis On Hacktool. Penetration testers and red teamers alike commonly used to accomplish this by executing powershell. Using Bloodhound to Map the Domain Hausec Infosec October 26, 2017 March 20, 2018 1 Minute Bloodhound is an extremely useful tool that will map out active directory relationships throughout the network. If you don't know what BloodHound is or you never worked with it, I highly recommend you to search for tutorials and to try it out. This is a cool way of graphically looking at things. Sharphound 手動で とともに 除去 ガイド ために Windows Vista. C# - Basic Syntax - C# is an object-oriented programming language. CSharp Online Training - C# is a simple, modern, general-purpose, object-oriented programming language developed by Microsoft within its. This is just my directory listing of security tools I found interesting. Tutorial do Pozbyć się frash-news. By default, PowerShell is configured to prevent the execution of PowerShell scripts on Windows systems. This is a cool way of graphically looking at things. After diving into group scoping, I realized a few subtle misconceptions I previously had concerning trusts and group memberships. First off, a huge THANK YOU to everyone that shares their tools and experience. For detailed install instructions or more information please see our blog. There are, of course, already a ton of great reviews out there, but perhaps you'll find some value in mine. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation path. Once a system is compromised there are many avenues to consider. Adam Pottle shared. py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. py currently has the following limitations: Supports most, but not all BloodHound (SharpHound) features (see below for supported collection methods). Todo bajo el lenguaje de programacion JAVA y varias de sus librerías por lo que manejarse un mínimo con el lenguaje de programación es necesario. To easily compile this project, use Visual Studio 2017. roycewilliams-github-starred. Cette année, lors de l'évènement LeHack 2019, nous avons assisté au lancement de la seconde édition du WonkaChallenge organisé par Akerva. Ventanas Scanner es un anti-spyware en tiempo real de gran alcance y que está certificado por la certificación de West Coast Labs Checkmark. NET initiative led by Anders Hejlsberg. for the SharpHound executable and passed in via reflection. Sharphound es otra infección troyana dañina que infecta un amplio rango de OS. SharpHound. com Competitive Analysis, Marketing Mix and Traffic. Active 28 days ago. 4 , XPert Tools Pro 2. So we want to use BloodHound. Whilst evaluating a new test build for a public network (segregated from the corp network), I was able to run SharpHound and extract the data about that domain. Brief update: awesome video from Defcon was recently posted. Sharphound vom PC:-Möchten Sie ? Kein Grund zur Sorge, wenn Sie nicht in der Lage sind Hacktool. Ventanas Scanner es un anti-spyware en tiempo real de gran alcance y que está certificado por la certificación de West Coast Labs Checkmark. One vulnerability that we frequently look for when testing thick client applications is plain text passwords that are exposed in memory. Sharphoundの手動削除を開始する前に、まずあなたがセーフモードとネットワークでPCを起動する必要があります。. Encontrar Hacktool. Es wird empfohlen, die Verwendung von Hacktool. Best of all, everything is free!" For tracking and doing the labs you need to create an accout. Sharphound is written using C# 7. Enter a site above to get started. Perfect WAY TO Delete Filebit. Acl in active directory keyword after analyzing the system lists the list of keywords related and the list of websites with related content, in addition you can see which keywords most interested customers on the this website. Find examples of pen testing methods and tools in videos by Ippsec (as of 26th June 2019) - get_ippsec_details. You can find it here: DEF CON 24 - Andy Robbins. Sharphound de Chrome, Quitar Hacktool. Sharphound 手動で とともに 除去 ガイド ために Windows Vista. Commando VM uses the Chocolatey. Microsoft provides the SecureString to help protect passwords in memory, but what it does not provide is a perfect solution to actually using the SecureString when sending web requests. sharphound replied to Heared's topic in Forum's Archive. To find attack paths in Active Directory, BloodHound needs to know who belongs to what security groups, who has local admin rights on which systems, and where users are logged on. Rohan Vazarkar, Will Schroeder - Six Degrees of Domain Admin The following post is a guide on performing risk audits for your Active Directory infrastructure with BloodHound. Psexec Privilege Escalation. Sharphound vom PC:-Möchten Sie ? Kein Grund zur Sorge, wenn Sie nicht in der Lage sind Hacktool. Welcome to CommandoVM a fully customizable, Windows-based security distribution for penetration testing and red teaming. Welcome to Alexa's Site Overview. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer. 'nuget' is not recognized but other nuget commands working. 4 , XPert Tools Pro 2. Smooth Pulls Cold Glue and Traditional PDR Glue Pulling Tutorial - Duration: 13:14. In this video we cover the steps to download, install, and configure. CommandoVM Installation Tutorial What is CommandoVM? It is a fully customized, Windows-based security distribution for penetration testing and red teaming. I finally had a chance to sit down and play with BloodHound. Sharphound Desinstalação Processo de Windows 8 / 8. It's definitely handy. Convert JSON to CSV Use this tool to convert JSON into CSV (Comma Separated Values) or Excel. You can find it here: DEF CON 24 - Andy Robbins. This is a brand new learning resource providing free training on web security vulnerabilities, techniques for finding and exploiting bugs, and defensive measures for avoiding them. Create and configure. Sharphound de Windows 7. com,1999:blog-8317222231133660547. jpg intercax intercax In Part 5 of ‘MBE for Consumer. One example scenario where this could be useful is: Suppose you have both a normal user account and an administrator account on a computer and currently you are logged in as normal user account. Grow your team on GitHub. Effektive retningslinjer at slippe af hFra Windows 10 Manuelt Enkle tips til Slet Hacktool. Bloodhound/Sharphound. 8 , usbcar , OnyX (Mavericks)…. Forgot your password? Click here to reset a CLIENT account or contact us at iServices. By default, PowerShell is configured to prevent the execution of PowerShell scripts on Windows systems. Según los analistas de seguridad, se refiere al grupo de archivos maliciosos que está específicamente diseñado para aprovechar las ventajas de varias vulnerabilidades de seguridad OS. Once complete, head over to the Data Collection section to start collecting data, or check out the included database using BloodHound. Adam has 4 jobs listed on their profile. DECAF++, the new version of DECAF, taint analysis is around 2X faster making it the fastest, to the best of our knowledge, whole-system dynamic taint analysis framework. Gaining access to PXE boot images can provide an attacker with a domain joined system, domain credentials, and lateral or vertical movement opportunities. 'nuget' is not recognized but other nuget commands working. BloodHound. This command enables one to run a command in the context of another user account. Relateret søgning Hvordan man stopper vira Search Baron, Søg efter spyware Search Baron, Antivirus scan Search Baron, Fbi malware fjernelse Search Baron, Gendanne locky filer Search Baron, “Apps, der fjerner vira” Search Baron, Malware anti malware Search Baron, Rydde op malware Search Baron, Trend micro ransomware. exe to run a base64 encoded command on the remote host, which would return a beacon. 0 , Shinesoft Video Converter , 3D Sokoban Customizer 1. Runas is a very useful command on Windows OS. Our C# tutorial is designed to help beginners and professionals. Tutorial do Pozbyć się frash-news. GitHub Gist: instantly share code, notes, and snippets. Sharphound itens de inicialização relacionados. Windows 10 And 8. Just about every tool here I learned about…. pdf), Text File (. Sharphound? Hacktool. com da Internet Explorer. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Since all the cool kids are doing it, I figured I would try and offer some input on the PWK/OSCP course and certification. I take absolutely no credit for the modules used in this script. Linkurious helps organizations fight fraud, money-laundering, cyber-security and crimes with a detection and investigation platform for the visualization and analysis of connected data. Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Disabling MS Advanced Threat Protection and Advanced Threat Analytics - Free download as PDF File (. Sharphound削除します. First off, a huge THANK YOU to everyone that shares their tools and experience. py currently has the following limitations: Supports most, but not all BloodHound (SharpHound) features (see below for supported collection methods). " Introduced in Neo4j release 3. There are, of course, already a ton of great reviews out there, but perhaps you'll find some value in mine. exe after some AV Evasion removing strings etc. 70-410 Objective 2. After diving into group scoping, I realized a few subtle misconceptions I previously had concerning trusts and group memberships. 1 Notes Part 2. Security Consulting and computer data forensics recovery with SecureState information security assessment and protection services. It brings up a lot of questions. 8 XSS - Payload examples; tmux;. Sharphound is written using C# 7. 1-833-297-0442 Pop-up: wskazówek, które Odinstaluj W prostych kliknięć Z System operacyjny Czy wiesz o 1-833-297-0442 Pop-up? 1-833-297-0442 Pop-up to poważne zagrożenie dla systemu, które może zainfekować system System operacyjny bez Twojej wiedzy. I am trying to. red - Red is a next-generation programming language strongly inspired by Rebol, but with a broader field of usage thanks to its native-code compiler, from system programming to high-level scripting and cross-platform reactive GUI, while providing modern support for concurrency, all in a zero-install, zero-config, single 1MB file!. Adam has 4 jobs listed on their profile. Sharphound en resumen. Active 28 days ago. Jerry is retried vulnerable lab presented by Hack the Box. A modified version of the PlugX RAT. Sharphound vollständig aus dem System zu entfernen. Social Mapper OSINT Social Media Mapping Tool, takes a list of names & images (or LinkedIn company name) and performs automated target searching on a huge scale across multiple social media sites. The Web Security Academy contains high-quality learning materials, interactive vulnerability labs, and video tutorials. Create and configure. The threat can invade your system without letting you know and then perform the malicious tasks in the OS background. Join them to grow your own development teams, manage permissions, and collaborate on projects. DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Inne zainfekowane pliki dll z powodu frash. Sharphound vom PC:-Möchten Sie ? Kein Grund zur Sorge, wenn Sie nicht in der Lage sind Hacktool. Gaining access to PXE boot images can provide an attacker with a domain joined system, domain credentials, and lateral or vertical movement opportunities. Sharphound en resumen. Steganography brute-force utility to uncover hidden data inside files. Best of all, everything is free!" For tracking and doing the labs you need to create an accout. Detalles de Hacktool. This version of BloodHound is only compatiable with BloodHound 2. The Web Security Academy contains high-quality learning materials, interactive vulnerability labs, and video tutorials. exe after some AV Evasion removing strings etc. 8 XSS - Payload examples; tmux;. 70-410 Objective 2. For detailed install instructions or more information please see our blog. Smooth Pulls Cold Glue and Traditional PDR Glue Pulling Tutorial - Duration: 13:14. Security group. Sharphound Fra Kontrolpanel. The threat can invade your system without letting you know and then perform the malicious tasks in the OS background. After reading your article about PowerShell execution policy it's sound to me. Extract the contents of the. One example scenario where this could be useful is: Suppose you have both a normal user account and an administrator account on a computer and currently you are logged in as normal user account. Using the Interface. あなたのWindows VistaからのHacktool. Sharphound Usunięcie Przewodnik (dla wersji systemu Windows) Czy wiesz, co jest Hacktool. Sharphound es otra infección troyana dañina que infecta un amplio rango de OS. Según los analistas de seguridad, se refiere al grupo de archivos maliciosos que está específicamente diseñado para aprovechar las ventajas de varias vulnerabilidades de seguridad OS. kr로 놀러 오세요!. This is just my directory listing of security tools I found interesting. Active Directory Privilege Relationships: BloodHound CyberPunk » Information Gathering BloodHound is a single page Javascript web application, built on top of Linkurious , compiled with Electron , with a Neo4j database fed by a PowerShell ingestor. MOV AX, BX Code depilation salon: Articles, Code samples, Processor code documentation, Low-level programming, Working with debuggers List of Awesome Red Teaming Resources on A Red Teamer's Guide to GPOs and OUs. Fala galera beleza? A Microsoft retornou com a promoção de retake para suas de certificação, a iniciativa trata de um segundo voucher para realizar a prova novamente em caso de falha na primeira tentativa, ou seja, você paga por uma prova e acaba realizando duas se necessário, suas chances dobram para passar nas certificações Microsoft, essa é a chance da galera que quer investir ou. com,1999:blog-8317222231133660547. com/search/label. From a defense perspective, this would be very helpful to identify potential exploitation paths. Navigate through the options and you will see the Various Graphs This time we install BloodHound on Windows Server 2008 - The metasploitable3 installation, a. Sharphound? Hacktool. pro, an another site that has been determined by malware researchers as a notorious browser hijacker infection. I was able to then check this later at my leisure on BloodHound. This was so much fun. Commando VM uses the Chocolatey. Welcome to CommandoVM – a completely customizable, Windows-based safety distribution for penetration checking out ^(https://www. This is a brand new learning resource providing free training on web security vulnerabilities, techniques for finding and exploiting bugs, and defensive measures for avoiding them. kr로 놀러 오세요!. Sharphound Freier Scanner zu machen, die von den Experten vor allem für unerfahrene Anwender ausgelegt ist. ippSec has a great tutorial on this. In those tutorials I will not be using the Toolkit. Go To English Version 超过100万源码资源,1000万源码文件免费下载. Brief update: awesome video from Defcon was recently posted. Bloodhound/Sharphound. What marketing strategies does Dcsync use? Get traffic statistics, SEO keyword opportunities, audience insights, and competitive analytics for Dcsync. Stealing Admin Cookies Tutorial; Steganography; SQLi Authentication Bypass List; SQLi Cheat Sheet; SQL Injection Tutorial Walkthrough with acunetix. 7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. Sharphound de Windows 7. failed many times to get proper payload and finally got user! and now stuck with priv sec user t** i'm new with windows, but this is an interesting box, any help with priv esc appreciated. Sharphound Fra Kontrolpanel. You can find it here: DEF CON 24 - Andy Robbins. Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming. Sharphound vollständig aus dem System zu entfernen. Sharphound Supresión automática en Windows 8. information security assessment & protection locations careers sales consulting FAQ certified / cleared staff secure forensics lab blended approach diverse disciplines industry leaders proprietary tool kit banking / financial retail utilities. exe after some AV Evasion removing strings etc. Microsoft provides the SecureString to help protect passwords in memory, but what it does not provide is a perfect solution to actually using the SecureString when sending web requests. One of the biggest problems end users encountered was with the current (soon to be replaced) PowerShell ingestor, particularly in speed of enumeration as well as crippling memory usage. club Natychmiast. Smooth Pulls Cold Glue and Traditional PDR Glue Pulling Tutorial - Duration: 13:14. 8 XSS - Payload examples; tmux; uploading a shell via an IMAGE; Useful random things; Using NIKTO through a proxy; wfuzz; Windows-cheatsheet; Windows Enumeration.