# PENETRATION NOTE ## PENETRATION CENTER - [Readme](https://www.heresecurity.wiki/about/readme.md) - [收集信息](https://www.heresecurity.wiki/shou-ji-xin-xi.md) - [IP和端口信息](https://www.heresecurity.wiki/shou-ji-xin-xi/ip-he-duan-kou-xin-xi.md) - [ASN](https://www.heresecurity.wiki/shou-ji-xin-xi/ip-he-duan-kou-xin-xi/asn.md) - [NMAP使用](https://www.heresecurity.wiki/shou-ji-xin-xi/ip-he-duan-kou-xin-xi/nmap-shi-yong.md) - [工具](https://www.heresecurity.wiki/shou-ji-xin-xi/ip-he-duan-kou-xin-xi/gong-ju.md) - [历史IP](https://www.heresecurity.wiki/shou-ji-xin-xi/ip-he-duan-kou-xin-xi/li-shi-ip.md) - [域名信息](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi.md) - [CDN是否存在](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi/cdn-shi-fou-cun-zai.md) - [绕过CDN](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi/rao-guo-cdn.md) - [DNS历史记录](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi/dns-li-shi-ji-lu.md) - [SSL证书信息](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi/ssl-zheng-shu-xin-xi.md) - [Whois信息](https://www.heresecurity.wiki/shou-ji-xin-xi/yu-ming-xin-xi/whois-xin-xi.md) - [子域名检查](https://www.heresecurity.wiki/shou-ji-xin-xi/zi-yu-ming-jian-cha.md) - [网站架构和指纹识别](https://www.heresecurity.wiki/shou-ji-xin-xi/wang-zhan-jia-gou-he-zhi-wen-shi-bie.md) - [人员信息](https://www.heresecurity.wiki/shou-ji-xin-xi/ren-yuan-xin-xi.md) - [其他信息](https://www.heresecurity.wiki/shou-ji-xin-xi/qi-ta-xin-xi.md) - [初始访问](https://www.heresecurity.wiki/chu-shi-fang-wen.md) - [Web服务突破](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po.md) - [前端](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/qian-duan.md) - [SQL注入](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru.md) - [判断注入](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/pan-duan-zhu-ru.md) - [数据库类型识别](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/shu-ju-ku-lei-xing-shi-bie.md) - [MSSQL](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/mssql.md) - [MYSQL](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/mysql.md) - [Oracle](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/oracle.md) - [PostgreSQL](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/postgresql.md) - [SQLite](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/sqlite.md) - [DB2](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/db2.md) - [SQLMAP](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/sql-zhu-ru/sqlmap.md) - [XSS](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/xss.md) - [CSRF](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/csrf.md) - [SSRF](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/ssrf.md) - [XML](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/xml.md) - [Xpath注入](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/xpath-zhu-ru.md) - [SSTI](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/ssti.md) - [命令执行](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/ming-ling-zhi-xing.md) - [命令注入](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/ming-ling-zhu-ru.md) - [Fuzz目录](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/fuzz-mu-lu.md) - [CmdHijack](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/cmdhijack.md) - [数据库](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/shu-ju-ku.md) - [PHPstudy后门](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/phpstudy-hou-men.md) - [PHP包含下载读取](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/php-bao-han-xia-zai-du-qu.md) - [PHP FPM之RCE](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/php-fpm-zhi-rce.md) - [PHPMyAdmin利用](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/phpmyadmin-li-yong.md) - [绕过WAF](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/rao-guo-waf.md) - [DNSLOG](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/dnslog.md) - [IIS写权限](https://www.heresecurity.wiki/chu-shi-fang-wen/web-fu-wu-tu-po/iis-xie-quan-xian.md) - [未授权访问](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen.md) - [hadoop](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/hadoop.md) - [memcache](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/memcache.md) - [mongo](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/mongo.md) - [Redis](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/redis.md) - [zookeeper](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/zookeeper.md) - [activemq](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/activemq.md) - [docker](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/docker.md) - [elastic](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/elastic.md) - [jboss](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/jboss.md) - [VNC](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/vnc.md) - [Weblogic](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/weblogic.md) - [Zabbix](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/zabbix.md) - [CouchDB](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/couchdb.md) - [Jenkins](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/jenkins.md) - [Solr](https://www.heresecurity.wiki/chu-shi-fang-wen/wei-shou-quan-fang-wen/solr.md) - [一些Bypass](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass.md) - [Linux绕过disable\_function](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/linux-rao-guo-disablefunction.md) - [Open\_basedir绕过](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/openbasedir-rao-guo.md) - [Windows系统组件com绕过](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/windows-xi-tong-zu-jian-com-rao-guo.md) - [常规函数绕过](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/chang-gui-han-shu-rao-guo.md) - [蚁剑绕过](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/yi-jian-rao-guo.md) - [cgi启动方式](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/cgi-qi-dong-fang-shi.md) - [ImageMagick组件绕过](https://www.heresecurity.wiki/chu-shi-fang-wen/yi-xie-bypass/imagemagick-zu-jian-rao-guo.md) - [鱼叉式攻击](https://www.heresecurity.wiki/chu-shi-fang-wen/yu-cha-shi-gong-ji.md) - [钓鱼邮件](https://www.heresecurity.wiki/chu-shi-fang-wen/yu-cha-shi-gong-ji/diao-yu-you-jian.md) - [钓鱼连接](https://www.heresecurity.wiki/chu-shi-fang-wen/yu-cha-shi-gong-ji/diao-yu-lian-jie.md) - [第三方鱼叉](https://www.heresecurity.wiki/chu-shi-fang-wen/yu-cha-shi-gong-ji/di-san-fang-yu-cha.md) - [近源攻击](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji.md) - [WI-FI破解](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/wifi-po-jie.md) - [无线干扰](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/wu-xian-gan-rao.md) - [钓鱼网络](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/diao-yu-wang-luo.md) - [克隆卡](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/ke-long-ka.md) - [蓝牙](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/lan-ya.md) - [BadUSB](https://www.heresecurity.wiki/chu-shi-fang-wen/jin-yuan-gong-ji/badusb.md) - [MySQL不登陆执行命令](https://www.heresecurity.wiki/chu-shi-fang-wen/mysql-bu-deng-lu-zhi-xing-ming-ling.md) - [MySQL开启外联](https://www.heresecurity.wiki/chu-shi-fang-wen/mysql-kai-qi-wai-lian.md) - [MySQL连接读取文件](https://www.heresecurity.wiki/chu-shi-fang-wen/mysql-lian-jie-du-qu-wen-jian.md) - [MSSQL\&Agent之Job上线](https://www.heresecurity.wiki/chu-shi-fang-wen/mssqlagent-zhi-job-shang-xian.md) - [TomcatAjp之LFI\&RCE](https://www.heresecurity.wiki/chu-shi-fang-wen/tomcatajp-zhi-lfirce.md) - [防御规避](https://www.heresecurity.wiki/fang-yu-gui-bi.md) - [C#源码免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/c-yuan-ma-mian-sha.md) - [直接编译](https://www.heresecurity.wiki/fang-yu-gui-bi/c-yuan-ma-mian-sha/zhi-jie-bian-yi.md) - [加密处理](https://www.heresecurity.wiki/fang-yu-gui-bi/c-yuan-ma-mian-sha/jia-mi-chu-li.md) - [CSC+InstallUtil](https://www.heresecurity.wiki/fang-yu-gui-bi/c-yuan-ma-mian-sha/csc+installutil.md) - [XOR和AES编码](https://www.heresecurity.wiki/fang-yu-gui-bi/c-yuan-ma-mian-sha/xor-he-aes-bian-ma.md) - [Powershell免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha.md) - [直接生成](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/zhi-jie-sheng-cheng.md) - [行为检测](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/xing-wei-jian-ce.md) - [分块免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/fen-kuai-mian-sha.md) - [拆分+C编译](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/chai-fen-+c-bian-yi.md) - [CobaltStrike+Powershell免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/cobaltstrike+powershell-mian-sha.md) - [obfuscation](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/obfuscation.md) - [Out-EncryptedScript](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/out-encryptedscript.md) - [PyFuscation](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/pyfuscation.md) - [Xencrypt](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/xencrypt.md) - [Invoke-Shellcode](https://www.heresecurity.wiki/fang-yu-gui-bi/powershell-mian-sha/invoke-shellcode.md) - [Python源码免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/python-yuan-ma-mian-sha.md) - [pyinstaller加载C代码编译](https://www.heresecurity.wiki/fang-yu-gui-bi/python-yuan-ma-mian-sha/pyinstaller-jia-zaicdai-ma-bian-yi.md) - [pyinstaller加载py代码编译](https://www.heresecurity.wiki/fang-yu-gui-bi/python-yuan-ma-mian-sha/pyinstaller-jia-zai-py-dai-ma-bian-yi.md) - [加载器分离](https://www.heresecurity.wiki/fang-yu-gui-bi/python-yuan-ma-mian-sha/jia-zai-qi-fen-li.md) - [Base64编码+Pyinstaller打包](https://www.heresecurity.wiki/fang-yu-gui-bi/python-yuan-ma-mian-sha/base64-bian-ma-+pyinstaller-da-bao.md) - [MSF+shellcode免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/msf+shellcode-mian-sha.md) - [nps\_payload](https://www.heresecurity.wiki/fang-yu-gui-bi/msf+shellcode-mian-sha/nps_payload.md) - [编码器](https://www.heresecurity.wiki/fang-yu-gui-bi/msf+shellcode-mian-sha/bian-ma-qi.md) - [c和c++源码免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/msf+shellcode-mian-sha/c-he-c++-yuan-ma-mian-sha.md) - [加载器免杀](https://www.heresecurity.wiki/fang-yu-gui-bi/jia-zai-qi-mian-sha.md) - [shellcode\_launcher](https://www.heresecurity.wiki/fang-yu-gui-bi/jia-zai-qi-mian-sha/shellcode_launcher.md) - [SSI加载](https://www.heresecurity.wiki/fang-yu-gui-bi/jia-zai-qi-mian-sha/ssi-jia-zai.md) - [GreatSCT](https://www.heresecurity.wiki/fang-yu-gui-bi/greatsct.md) - [hanzoInjection](https://www.heresecurity.wiki/fang-yu-gui-bi/hanzoinjection.md) - [InstallUtil](https://www.heresecurity.wiki/fang-yu-gui-bi/installutil.md) - [MSBuilt](https://www.heresecurity.wiki/fang-yu-gui-bi/msbuilt.md) - [MSF捆绑](https://www.heresecurity.wiki/fang-yu-gui-bi/msf-kun-bang.md) - [Mshta](https://www.heresecurity.wiki/fang-yu-gui-bi/mshta.md) - [Phantom-Evasion](https://www.heresecurity.wiki/fang-yu-gui-bi/phantom-evasion.md) - [RC4](https://www.heresecurity.wiki/fang-yu-gui-bi/rc4.md) - [Ruby](https://www.heresecurity.wiki/fang-yu-gui-bi/ruby.md) - [Shellter](https://www.heresecurity.wiki/fang-yu-gui-bi/shellter.md) - [the backdoor factory](https://www.heresecurity.wiki/fang-yu-gui-bi/the-backdoor-factory.md) - [Veil](https://www.heresecurity.wiki/fang-yu-gui-bi/veil.md) - [zirikatu](https://www.heresecurity.wiki/fang-yu-gui-bi/zirikatu.md) - [捆绑器](https://www.heresecurity.wiki/fang-yu-gui-bi/kun-bang-qi.md) - [avet](https://www.heresecurity.wiki/fang-yu-gui-bi/avet.md) - [carboncopy](https://www.heresecurity.wiki/fang-yu-gui-bi/carboncopy.md) - [c代码加载图片马](https://www.heresecurity.wiki/fang-yu-gui-bi/c-dai-ma-jia-zai-tu-pian-ma.md) - [DLL劫持](https://www.heresecurity.wiki/fang-yu-gui-bi/dll-jie-chi.md) - [Evasion模块](https://www.heresecurity.wiki/fang-yu-gui-bi/evasion-mo-kuai.md) - [Golang](https://www.heresecurity.wiki/fang-yu-gui-bi/golang.md) - [权限提升](https://www.heresecurity.wiki/quan-xian-ti-sheng.md) - [Windows提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan.md) - [RDP\&Firewall](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall.md) - [RDP连接记录](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/rdp-lian-jie-ji-lu.md) - [注册表开启](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/zhu-ce-biao-kai-qi.md) - [注入点开启](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/zhu-ru-dian-kai-qi.md) - [MSF开启](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/msf-kai-qi.md) - [wmic开启](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/wmic-kai-qi.md) - [防火墙](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/fang-huo-qiang.md) - [爆破RDP](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/bao-po-rdp.md) - [多用户登陆](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/duo-yong-hu-deng-lu.md) - [删除痕迹](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rdp-and-firewall/shan-chu-hen-ji.md) - [impactet工具包](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/impactet-gong-ju-bao.md) - [Windows exploit suggester](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/windows-exploit-suggester.md) - [Searchsploit](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/searchsploit.md) - [watson](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/watson.md) - [激活guest](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/ji-huo-guest.md) - [MSF](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/msf.md) - [本机文件和脚本](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/ben-ji-wen-jian-he-jiao-ben.md) - [BypassUAC](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/bypassuac.md) - [AppLocker](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/applocker.md) - [PowerUp](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/powerup.md) - [Powerup AlwaysInstallElevated](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/powerup-alwaysinstallelevated.md) - [AlwaysInstallElevated提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/alwaysinstallelevated-ti-quan.md) - [MSSQL](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/mssql.md) - [MYSQL udf](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/mysql-udf.md) - [PrintNightmare](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/printnightmare.md) - [HiveNightmare](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/hivenightmare.md) - [Wesng](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/wesng.md) - [CVE-2020-1472](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/cve-2020-1472.md) - [DNS组到DomainAdmin](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/dns-zu-dao-domainadmin.md) - [SeImpersonatePrivilege](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/seimpersonateprivilege.md) - [SpoolFool](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/spoolfool.md) - [Trusted Service Paths](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/trusted-service-paths.md) - [Vulnerable Services](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/vulnerable-services.md) - [Whitelist白名单](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/whitelist-bai-ming-dan.md) - [令牌窃取](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/ling-pai-qie-qu.md) - [密码窃取](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/mi-ma-qie-qu.md) - [弱注册表权限](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/ruo-zhu-ce-biao-quan-xian.md) - [RottenPotato](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/rottenpotato.md) - [JuicyPotato](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/juicypotato.md) - [RoguePotato](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/roguepotato.md) - [EFSPotato](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/efspotato.md) - [Runas](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/runas.md) - [SamAccountSpoofing](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/samaccountspoofing.md) - [SeBackupPrivilege](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/sebackupprivilege.md) - [DLL劫持](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/dll-jie-chi.md) - [WSL子系统](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/wsl-zi-xi-tong.md) - [不安全的GUI应用程序](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/bu-an-quan-de-gui-ying-yong-cheng-xu.md) - [从administrator到system](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/cong-administrator-dao-system.md) - [打印机漏洞](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/da-yin-ji-lou-dong.md) - [服务中的不正确权限](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/fu-wu-zhong-de-bu-zheng-que-quan-xian.md) - [环境变量优先](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/huan-jing-bian-liang-you-xian.md) - [恢复服务帐户的权限](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/hui-fu-fu-wu-zhang-hu-de-quan-xian.md) - [弱权限的PATH目录](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/ruo-quan-xian-de-path-mu-lu.md) - [特权文件写入](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/te-quan-wen-jian-xie-ru.md) - [未引用的服务路径](https://www.heresecurity.wiki/quan-xian-ti-sheng/windows-ti-quan/wei-yin-yong-de-fu-wu-lu-jing.md) - [Linux提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan.md) - [MYSQL Linux Root](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/mysql-linux-root.md) - [可写文件提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/ke-xie-wen-jian-ti-quan.md) - [Sudo提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/sudo-ti-quan.md) - [查找辅助信息](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/cha-zhao-fu-zhu-xin-xi.md) - [查找可能泄露的密码](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/cha-zhao-ke-neng-xie-lou-de-mi-ma.md) - [环境变量提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/huan-jing-bian-liang-ti-quan.md) - [漏洞提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/lou-dong-ti-quan.md) - [通配符提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/tong-pei-fu-ti-quan.md) - [一些检测工具](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/yi-xie-jian-ce-gong-ju.md) - [MYSQL漏洞](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/mysql-lou-dong.md) - [LD\_Preload提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/ldpreload-ti-quan.md) - [Linux Exploit Suggester](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/linux-exploit-suggester.md) - [LinuxSUID提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/linuxsuid-ti-quan.md) - [Linux计划任务](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/linux-ji-hua-ren-wu.md) - [Lxd提权](https://www.heresecurity.wiki/quan-xian-ti-sheng/linux-ti-quan/lxd-ti-quan.md) - [文件操作](https://www.heresecurity.wiki/wen-jian-cao-zuo.md) - [传输](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu.md) - [php](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/php.md) - [powershell](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/powershell.md) - [py](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/py.md) - [scp](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/scp.md) - [vbs](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/vbs.md) - [wget](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/wget.md) - [bitsadmin](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/bitsadmin.md) - [certutil](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/certutil.md) - [curl](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/curl.md) - [ftp](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/ftp.md) - [js](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/js.md) - [nc](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/nc.md) - [perl](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuan-shu/perl.md) - [创建](https://www.heresecurity.wiki/wen-jian-cao-zuo/chuang-jian.md) - [Windows查找文件](https://www.heresecurity.wiki/wen-jian-cao-zuo/windows-cha-zhao-wen-jian.md) - [Linux查找文件](https://www.heresecurity.wiki/wen-jian-cao-zuo/linux-cha-zhao-wen-jian.md) - [查找可写目录](https://www.heresecurity.wiki/wen-jian-cao-zuo/cha-zhao-ke-xie-mu-lu.md) - [解压](https://www.heresecurity.wiki/wen-jian-cao-zuo/jie-ya.md) - [压缩](https://www.heresecurity.wiki/wen-jian-cao-zuo/ya-suo.md) - [内网和域](https://www.heresecurity.wiki/nei-wang-he-yu.md) - [信息搜集](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji.md) - [Windows安全标识符SID](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/windows-an-quan-biao-shi-fu-sid.md) - [临时HTTP服务架设](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/lin-shi-http-fu-wu-jia-she.md) - [Cmd](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/cmd.md) - [Wmi](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/wmi.md) - [Powershell基础操作](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/powershell-ji-chu-cao-zuo.md) - [Powerview](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/powerview.md) - [Linux](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/linux.md) - [ADDomain](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/addomain.md) - [BloodHoundAD](https://www.heresecurity.wiki/nei-wang-he-yu/xin-xi-sou-ji/bloodhoundad.md) - [端口映射和转发](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa.md) - [iptables](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/iptables.md) - [lcx](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/lcx.md) - [msf](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/msf.md) - [netsh](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/netsh.md) - [ssf](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/ssf.md) - [ssh](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/ssh.md) - [Ligolo](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/ligolo.md) - [chisel](https://www.heresecurity.wiki/nei-wang-he-yu/duan-kou-ying-she-he-zhuan-fa/chisel.md) - [命令与控制](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi.md) - [Metasploit](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit.md) - [常规使用](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit/chang-gui-shi-yong.md) - [细节使用](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit/xi-jie-shi-yong.md) - [meterpreter](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit/meterpreter.md) - [模块](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit/mo-kuai.md) - [与cs和empire交互](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/metasploit/yu-cs-he-empire-jiao-hu.md) - [CobaltStrike](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike.md) - [安装](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/an-zhuang.md) - [部署](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/bu-shu.md) - [连接](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/lian-jie.md) - [监听](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/jian-ting.md) - [模块](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/mo-kuai.md) - [交互](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/jiao-hu.md) - [攻击模块](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/gong-ji-mo-kuai.md) - [视图模块](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/shi-tu-mo-kuai.md) - [Beacon](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/beacon.md) - [钓鱼邮件](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/diao-yu-you-jian.md) - [隔离网络](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/ge-li-wang-luo.md) - [权限维持](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/quan-xian-wei-chi.md) - [代理](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/dai-li.md) - [Malleable C2](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/malleable-c2.md) - [部署VPN](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/bu-shu-vpn.md) - [横向移动](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/heng-xiang-yi-dong.md) - [加载脚本](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/jia-zai-jiao-ben.md) - [克隆](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/ke-long.md) - [浏览器劫持](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/liu-lan-qi-jie-chi.md) - [与msf和empire交互](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/yu-msf-he-empire-jiao-hu.md) - [上线提醒](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/shang-xian-ti-xing.md) - [office宏](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/cobaltstrike/office-hong.md) - [Empire](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire.md) - [安装](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/an-zhuang.md) - [生成](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/sheng-cheng.md) - [监听](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/jian-ting.md) - [模块](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/mo-kuai.md) - [连接靶机及其他操作](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/lian-jie-ba-ji-ji-qi-ta-cao-zuo.md) - [权限提升](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/quan-xian-ti-sheng.md) - [横向移动](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/heng-xiang-yi-dong.md) - [后门](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/hou-men.md) - [与cs和msf交互](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/yu-cs-he-msf-jiao-hu.md) - [Empire\_Word](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/empire/empire_word.md) - [下载并执行](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/xia-zai-bing-zhi-xing.md) - [DNS TXT Command](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/dns-txt-command.md) - [Dropbox](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/dropbox.md) - [Gmail](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/gmail.md) - [Jsrat](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/jsrat.md) - [koadic](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/koadic.md) - [Openssl](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/openssl.md) - [Powershell](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/powershell.md) - [SILENTTRINITY](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/silenttrinity.md) - [telegram](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/telegram.md) - [反弹shell](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/fan-tan-shell.md) - [交互式shell](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/jiao-hu-shi-shell.md) - [browser](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/browser.md) - [crackmap](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/crackmap.md) - [工具](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/gong-ju.md) - [dnscat](https://www.heresecurity.wiki/nei-wang-he-yu/ming-ling-yu-kong-zhi/dnscat.md) - [HASH操作](https://www.heresecurity.wiki/hash-cao-zuo.md) - [mimikatz](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz.md) - [mimikatz](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/mimikatz.md) - [mimipenguin](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/mimipenguin.md) - [Powershell\_Bypass](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/powershell_bypass.md) - [Procdump64+mimikatz](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/procdump64+mimikatz.md) - [SqlDumper+mimikatz](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/sqldumper+mimikatz.md) - [调用mimikatz远程抓取](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/diao-yong-mimikatz-yuan-cheng-zhua-qu.md) - [横向批量抓HASH](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/heng-xiang-pi-liang-zhua-hash.md) - [绕过卡巴斯基](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/rao-guo-ka-ba-si-ji.md) - [远程LSASS进程转储 Physmem2profit](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/yuan-cheng-lsass-jin-cheng-zhuan-chu-physmem2profit.md) - [Cisco\_Jabber转储lsass](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/ciscojabber-zhuan-chu-lsass.md) - [dotnet2.0](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/dotnet2.0.md) - [dotnet4.0Msbuild](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/dotnet4.0msbuild.md) - [Dumpert](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/dumpert.md) - [JScript](https://www.heresecurity.wiki/hash-cao-zuo/mimikatz/jscript.md) - [域HASH提取](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu.md) - [NTDSDumpex](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/ntdsdumpex.md) - [Ntdsutil](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/ntdsutil.md) - [Powersploit](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/powersploit.md) - [Vssadmin](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/vssadmin.md) - [Wmivssadmin](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/wmivssadmin.md) - [impacket工具包](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/impacket-gong-ju-bao.md) - [mimikatz](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/mimikatz.md) - [MSF](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/msf.md) - [esentutl](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/esentutl.md) - [Nishang脚本](https://www.heresecurity.wiki/hash-cao-zuo/yu-hash-ti-qu/nishang-jiao-ben.md) - [缓存HASH获取](https://www.heresecurity.wiki/hash-cao-zuo/huan-cun-hash-huo-qu.md) - [Quarks pwdump](https://www.heresecurity.wiki/hash-cao-zuo/huan-cun-hash-huo-qu/quarks-pwdump.md) - [注册表](https://www.heresecurity.wiki/hash-cao-zuo/huan-cun-hash-huo-qu/zhu-ce-biao.md) - [Ninjacopy](https://www.heresecurity.wiki/hash-cao-zuo/huan-cun-hash-huo-qu/ninjacopy.md) - [获取其他密码](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma.md) - [foxmail](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/foxmail.md) - [navicat](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/navicat.md) - [seatbelt](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/seatbelt.md) - [securecrt](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/securecrt.md) - [vncpass](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/vncpass.md) - [chrome](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/chrome.md) - [firefox](https://www.heresecurity.wiki/hash-cao-zuo/huo-qu-qi-ta-mi-ma/firefox.md) - [破解工具](https://www.heresecurity.wiki/hash-cao-zuo/po-jie-gong-ju.md) - [medusa](https://www.heresecurity.wiki/hash-cao-zuo/po-jie-gong-ju/medusa.md) - [hydra](https://www.heresecurity.wiki/hash-cao-zuo/po-jie-gong-ju/hydra.md) - [GoogleColab破解HASH](https://www.heresecurity.wiki/hash-cao-zuo/googlecolab-po-jie-hash.md) - [Invoke Dcsync](https://www.heresecurity.wiki/hash-cao-zuo/invoke-dcsync.md) - [laZagne](https://www.heresecurity.wiki/hash-cao-zuo/lazagne.md) - [MSF](https://www.heresecurity.wiki/hash-cao-zuo/msf.md) - [QuarksPwDump](https://www.heresecurity.wiki/hash-cao-zuo/quarkspwdump.md) - [开启Wdigest](https://www.heresecurity.wiki/hash-cao-zuo/kai-qi-wdigest.md) - [密码策略](https://www.heresecurity.wiki/hash-cao-zuo/mi-ma-ce-le.md) - [密码破解网站](https://www.heresecurity.wiki/hash-cao-zuo/mi-ma-po-jie-wang-zhan.md) - [Empire](https://www.heresecurity.wiki/hash-cao-zuo/empire.md) - [Getpass](https://www.heresecurity.wiki/hash-cao-zuo/getpass.md) - [横向移动](https://www.heresecurity.wiki/heng-xiang-yi-dong.md) - [探测存活主机](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji.md) - [For+Ping命令查询存活主机](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/for+ping-ming-ling-cha-xun-cun-huo-zhu-ji.md) - [NbtScan](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/nbtscan.md) - [NetDiscover](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/netdiscover.md) - [NMAP](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/nmap.md) - [rp scan](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/rp-scan.md) - [代理nmap扫描](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/dai-li-nmap-sao-miao.md) - [内外网资产对应](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/nei-wai-wang-zi-chan-dui-ying.md) - [MSF](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-cun-huo-zhu-ji/msf.md) - [探测服务&端口](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou.md) - [常见端口](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/chang-jian-duan-kou.md) - [MSF](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/msf.md) - [Nc](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/nc.md) - [Powershell](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/powershell.md) - [PTScan](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/ptscan.md) - [SMB](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/smb.md) - [CobaltStrike+K8Aggressor](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/cobaltstrike+k8aggressor.md) - [Linux\_Samba服务](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/linuxsamba-fu-wu.md) - [Masscan](https://www.heresecurity.wiki/heng-xiang-yi-dong/tan-ce-fu-wu-duan-kou/masscan.md) - [执行命令\&IPC&计划任务](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhi-xing-ming-ling-ipc-ji-hua-ren-wu.md) - [AT](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhi-xing-ming-ling-ipc-ji-hua-ren-wu/at.md) - [IPC](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhi-xing-ming-ling-ipc-ji-hua-ren-wu/ipc.md) - [Schtasks](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhi-xing-ming-ling-ipc-ji-hua-ren-wu/schtasks.md) - [Wmic](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhi-xing-ming-ling-ipc-ji-hua-ren-wu/wmic.md) - [代理](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li.md) - [goproxy](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/goproxy.md) - [shadowsocks](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/shadowsocks.md) - [sock4a](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/sock4a.md) - [socks5](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/socks5.md) - [socks5web](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/socks5web.md) - [ssf](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/ssf.md) - [ssh](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/ssh.md) - [代理软件](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/dai-li-ruan-jian.md) - [chisel](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/chisel.md) - [earthworm](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/earthworm.md) - [revsocks](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/revsocks.md) - [Gost](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/gost.md) - [gotohttp](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/gotohttp.md) - [rustdesk](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/rustdesk.md) - [frp](https://www.heresecurity.wiki/heng-xiang-yi-dong/dai-li/frp.md) - [NTLM中继和中间人攻击](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji.md) - [Ntlmrelayx+资源受限委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/ntlmrelayx+-zi-yuan-shou-xian-wei-pai.md) - [Responder/LLMNR毒害](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/responderllmnr-du-hai.md) - [DNS Poisonning](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/dns-poisonning.md) - [MS08-068 NTLM反射](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/ms08068-ntlm-fan-she.md) - [RemotePotato0](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/remotepotato0.md) - [SMB签名禁用和IPv4](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/smb-qian-ming-jin-yong-he-ipv4.md) - [SMB签名禁用和IPv6](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/smb-qian-ming-jin-yong-he-ipv6.md) - [WebDav中继](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/webdav-zhong-ji.md) - [捕获和破解Net NTLMv1和NTLMv1哈希](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/bu-huo-he-po-jie-net-ntlmv1-he-ntlmv1-ha-xi.md) - [CVE-2019-1040](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/cve-2019-1040.md) - [CVE-2019-1384](https://www.heresecurity.wiki/heng-xiang-yi-dong/ntlm-zhong-ji-he-zhong-jian-ren-gong-ji/cve-2019-1384.md) - [ActiveDirectory的ACL和ACE](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace.md) - [GenericAll](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/genericall.md) - [GenericWrite](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/genericwrite.md) - [WriteDACL](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/writedacl.md) - [WriteOwner](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/writeowner.md) - [读取GMSA密码](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/du-qu-gmsa-mi-ma.md) - [读取LAPS密码](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/du-qu-laps-mi-ma.md) - [强制更改密码](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-de-acl-he-ace/qiang-zhi-geng-gai-mi-ma.md) - [ActiveDirectory证书服务](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu.md) - [ESC1-配置错误的证书模板](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc1-pei-zhi-cuo-wu-de-zheng-shu-mu-ban.md) - [ESC2-配置错误的证书模板](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc2-pei-zhi-cuo-wu-de-zheng-shu-mu-ban.md) - [ESC3-配置错误的注册代理模板](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc3-pei-zhi-cuo-wu-de-zhu-ce-dai-li-mu-ban.md) - [ESC4-访问控制漏洞](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc4-fang-wen-kong-zhi-lou-dong.md) - [ESC6-EDITF\_ATTRIBUTESUBJECTALTNAME2](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc6-editf_attributesubjectaltname2.md) - [ESC7-易受攻击的证书颁发机构访问控制](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc7-yi-shou-gong-ji-de-zheng-shu-ban-fa-ji-gou-fang-wen-kong-zhi.md) - [ESC8-ADCS中继攻击](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/esc8adcs-zhong-ji-gong-ji.md) - [Pass-The-Certificate](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/pass-the-certificate.md) - [查找证书服务器](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/cha-zhao-zheng-shu-fu-wu-qi.md) - [经过认证的CVE-2022-26923](https://www.heresecurity.wiki/heng-xiang-yi-dong/activedirectory-zheng-shu-fu-wu/jing-guo-ren-zheng-de-cve202226923.md) - [DCOM-Exploitation](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation.md) - [DCOM](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation/dcom.md) - [通过MMC应用程序类进行DCOM](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation/tong-guo-mmc-ying-yong-cheng-xu-lei-jin-xing-dcom.md) - [通过Office进行DCOM](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation/tong-guo-office-jin-xing-dcom.md) - [通过ShellBrowserWindow进行DCOM](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation/tong-guo-shellbrowserwindow-jin-xing-dcom.md) - [通过ShellExecute进行DCOM](https://www.heresecurity.wiki/heng-xiang-yi-dong/dcom-exploitation/tong-guo-shellexecute-jin-xing-dcom.md) - [Kerberoasting](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting.md) - [申请票据](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/shen-qing-piao-ju.md) - [破解密码](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/po-jie-mi-ma.md) - [导出票据](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/dao-chu-piao-ju.md) - [SPN发现](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/spn-fa-xian.md) - [GetUserSPNs](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/getuserspns.md) - [重写票据](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberoasting/zhong-xie-piao-ju.md) - [MSF添加路由](https://www.heresecurity.wiki/heng-xiang-yi-dong/msf-tian-jia-lu-you.md) - [Ngrok内网穿透](https://www.heresecurity.wiki/heng-xiang-yi-dong/ngrok-nei-wang-chuan-tou.md) - [PASS-THE-HASH](https://www.heresecurity.wiki/heng-xiang-yi-dong/pass-the-hash.md) - [PASS-THE-TICKET](https://www.heresecurity.wiki/heng-xiang-yi-dong/pass-the-ticket.md) - [PASS-THE-KEY](https://www.heresecurity.wiki/heng-xiang-yi-dong/pass-the-key.md) - [组策略对象GPO](https://www.heresecurity.wiki/heng-xiang-yi-dong/zu-ce-le-dui-xiang-gpo.md) - [WinRM无文件执行](https://www.heresecurity.wiki/heng-xiang-yi-dong/winrm-wu-wen-jian-zhi-xing.md) - [方程式内网不产生session](https://www.heresecurity.wiki/heng-xiang-yi-dong/fang-cheng-shi-nei-wang-bu-chan-sheng-session.md) - [隔离主机payload](https://www.heresecurity.wiki/heng-xiang-yi-dong/ge-li-zhu-ji-payload.md) - [攻击MSSQL数据库](https://www.heresecurity.wiki/heng-xiang-yi-dong/gong-ji-mssql-shu-ju-ku.md) - [攻击MySQL数据库](https://www.heresecurity.wiki/heng-xiang-yi-dong/gong-ji-mysql-shu-ju-ku.md) - [共享](https://www.heresecurity.wiki/heng-xiang-yi-dong/gong-xiang.md) - [获取保存的RDP密码](https://www.heresecurity.wiki/heng-xiang-yi-dong/huo-qu-bao-cun-de-rdp-mi-ma.md) - [快速定位域管理登过的机器](https://www.heresecurity.wiki/heng-xiang-yi-dong/kuai-su-ding-wei-yu-guan-li-deng-guo-de-ji-qi.md) - [添加域管命令](https://www.heresecurity.wiki/heng-xiang-yi-dong/tian-jia-yu-guan-ming-ling.md) - [ASEPRoasting](https://www.heresecurity.wiki/heng-xiang-yi-dong/aseproasting.md) - [CVE-2019-0708](https://www.heresecurity.wiki/heng-xiang-yi-dong/cve-2019-0708.md) - [GPP-Password](https://www.heresecurity.wiki/heng-xiang-yi-dong/gpp-password.md) - [MS08\_067](https://www.heresecurity.wiki/heng-xiang-yi-dong/ms08_067.md) - [MS17\_010](https://www.heresecurity.wiki/heng-xiang-yi-dong/ms17_010.md) - [MSF管道监听](https://www.heresecurity.wiki/heng-xiang-yi-dong/msf-guan-dao-jian-ting.md) - [账户委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/zhang-hu-wei-pai.md) - [资源受限委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/zi-yuan-shou-xian-wei-pai.md) - [域内爆破](https://www.heresecurity.wiki/heng-xiang-yi-dong/yu-nei-bao-po.md) - [危险的内置组使用](https://www.heresecurity.wiki/heng-xiang-yi-dong/wei-xian-de-nei-zhi-zu-shi-yong.md) - [域与域](https://www.heresecurity.wiki/heng-xiang-yi-dong/yu-yu-yu.md) - [kerberos青铜比特攻击CVE-2020-17049](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberos-qing-tong-bi-te-gong-ji-cve202017049.md) - [kerberos无约束委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberos-wu-yue-shu-wei-pai.md) - [kerberos约束委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/kerberos-yue-shu-wei-pai.md) - [基于kerberos资源的约束委派](https://www.heresecurity.wiki/heng-xiang-yi-dong/ji-yu-kerberos-zi-yuan-de-yue-shu-wei-pai.md) - [PrivExchange攻击](https://www.heresecurity.wiki/heng-xiang-yi-dong/privexchange-gong-ji.md) - [PXE启动映像攻击](https://www.heresecurity.wiki/heng-xiang-yi-dong/pxe-qi-dong-ying-xiang-gong-ji.md) - [RODC-只读域控制器入侵](https://www.heresecurity.wiki/heng-xiang-yi-dong/rodc-zhi-du-yu-kong-zhi-qi-ru-qin.md) - [WSUS部署](https://www.heresecurity.wiki/heng-xiang-yi-dong/wsus-bu-shu.md) - [SCCM部署](https://www.heresecurity.wiki/heng-xiang-yi-dong/sccm-bu-shu.md) - [权限维持](https://www.heresecurity.wiki/quan-xian-wei-chi.md) - [Windows](https://www.heresecurity.wiki/quan-xian-wei-chi/windows.md) - [关闭防病毒软件](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/guan-bi-fang-bing-du-ruan-jian.md) - [启动文件夹](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/qi-dong-wen-jian-jia.md) - [DLL劫持计划任务](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dll-jie-chi-ji-hua-ren-wu.md) - [DLL注入](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dll-zhu-ru.md) - [DSRM+注册表ACL后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dsrm+-zhu-ce-biao-acl-hou-men.md) - [Empire](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/empire.md) - [Guest激活](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/guest-ji-huo.md) - [HookPasswordChangeNotify](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/hookpasswordchangenotify.md) - [Invoke ADSBackdoor](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/invoke-adsbackdoor.md) - [Invoke Tasks后门&权限维持](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/invoke-tasks-hou-men-quan-xian-wei-chi.md) - [Kerberoasting后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/kerberoasting-hou-men.md) - [Metsvc](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/metsvc.md) - [MOF](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/mof.md) - [Shadow-Credentials](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/shadow-credentials.md) - [ADS\&JavaScript](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ads-and-javascript.md) - [ADS隐藏webshell](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ads-yin-cang-webshell.md) - [Bitadmin](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/bitadmin.md) - [CLR Injection](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/clr-injection.md) - [COM OBJECT hijacking](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/com-object-hijacking.md) - [DCShadow\&SIDHistory](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dcshadow-and-sidhistory.md) - [DCSync后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dcsync-hou-men.md) - [DLL代理劫持右键](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dll-dai-li-jie-chi-you-jian.md) - [DLL劫持](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/dll-jie-chi.md) - [Persistence](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/persistence.md) - [RID劫持](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/rid-jie-chi.md) - [rootkit](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/rootkit.md) - [RPC后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/rpc-hou-men.md) - [S4U2Self后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/s4u2self-hou-men.md) - [Skeleton Key万能钥匙](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/skeleton-key-wan-neng-yao-shi.md) - [Squibledoo](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/squibledoo.md) - [Windows FAX DLL Injection](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/windows-fax-dll-injection.md) - [WinRM端口复用](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/winrm-duan-kou-fu-yong.md) - [WMIC事件订阅](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/wmic-shi-jian-ding-yue.md) - [WMI Persistence](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/wmi-persistence.md) - [创建服务](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/chuang-jian-fu-wu.md) - [登录初始化](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/deng-lu-chu-shi-hua.md) - [MSSQL后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/mssql-hou-men.md) - [Netsh Helper DLL](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/netsh-helper-dll.md) - [NPPSpy记录密码](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/nppspy-ji-lu-mi-ma.md) - [NSSM](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/nssm.md) - [Password Filter DLL](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/password-filter-dll.md) - [添加签名](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/tian-jia-qian-ming.md) - [通过控制面板加载项维持权限](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/tong-guo-kong-zhi-mian-ban-jia-zai-xiang-wei-chi-quan-xian.md) - [通过自定义.net垃圾回收机制进行DLL注入](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/tong-guo-zi-ding-yi-.net-la-ji-hui-shou-ji-zhi-jin-xing-dll-zhu-ru.md) - [唯一IP访问](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/wei-yi-ip-fang-wen.md) - [影子用户](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ying-zi-yong-hu.md) - [映像劫持](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ying-xiang-jie-chi.md) - [注入SSP被动收集密码](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/zhu-ru-ssp-bei-dong-shou-ji-mi-ma.md) - [基于域策略文件权限后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ji-yu-yu-ce-le-wen-jian-quan-xian-hou-men.md) - [计划任务](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/ji-hua-ren-wu.md) - [进程注入](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/jin-cheng-zhu-ru.md) - [使用AMSI扫描接口维持权限](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/shi-yong-amsi-sao-miao-jie-kou-wei-chi-quan-xian.md) - [受限委派后门](https://www.heresecurity.wiki/quan-xian-wei-chi/windows/shou-xian-wei-pai-hou-men.md) - [Linux](https://www.heresecurity.wiki/quan-xian-wei-chi/linux.md) - [apt后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/apt-hou-men.md) - [bash rc](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/bash-rc.md) - [Kbeast\_rootkit](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/kbeast_rootkit.md) - [Linux cron后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/linux-cron-hou-men.md) - [OpenSSH后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/openssh-hou-men.md) - [Reptile](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/reptile.md) - [SSHD后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/sshd-hou-men.md) - [SSH wrapper后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/ssh-wrapper-hou-men.md) - [SSH公私钥登录](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/ssh-gong-si-yao-deng-lu.md) - [Strace记录ssh密码](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/strace-ji-lu-ssh-mi-ma.md) - [SUID Shell](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/suid-shell.md) - [进程注入](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/jin-cheng-zhu-ru.md) - [文件处理](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/wen-jian-chu-li.md) - [用户启动文件](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/yong-hu-qi-dong-wen-jian.md) - [启动项服务后门](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/qi-dong-xiang-fu-wu-hou-men.md) - [后门驱动程序](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/hou-men-qu-dong-cheng-xu.md) - [IPTables端口复用](https://www.heresecurity.wiki/quan-xian-wei-chi/linux/iptables-duan-kou-fu-yong.md) - [web服务&中间件](https://www.heresecurity.wiki/quan-xian-wei-chi/web-fu-wu-zhong-jian-jian.md) - [Java](https://www.heresecurity.wiki/quan-xian-wei-chi/web-fu-wu-zhong-jian-jian/java.md) - [Nginx](https://www.heresecurity.wiki/quan-xian-wei-chi/web-fu-wu-zhong-jian-jian/nginx.md) - [Apache](https://www.heresecurity.wiki/quan-xian-wei-chi/web-fu-wu-zhong-jian-jian/apache.md) - [IIS](https://www.heresecurity.wiki/quan-xian-wei-chi/web-fu-wu-zhong-jian-jian/iis.md) - [赏金技巧](https://www.heresecurity.wiki/shang-jin-ji-qiao.md) - [TOP系列](https://www.heresecurity.wiki/shang-jin-ji-qiao/top-xi-lie.md) - [Top25LFI参数](https://www.heresecurity.wiki/shang-jin-ji-qiao/top-xi-lie/top25lfi-can-shu.md) - [Top25RCE参数](https://www.heresecurity.wiki/shang-jin-ji-qiao/top-xi-lie/top25rce-can-shu.md) - [Top25ssrf](https://www.heresecurity.wiki/shang-jin-ji-qiao/top-xi-lie/top25ssrf.md) - [Top25重定向dorks](https://www.heresecurity.wiki/shang-jin-ji-qiao/top-xi-lie/top25-zhong-ding-xiang-dorks.md) - [一行命令](https://www.heresecurity.wiki/shang-jin-ji-qiao/yi-hang-ming-ling.md) - [一条正则命令获取私钥或密码](https://www.heresecurity.wiki/shang-jin-ji-qiao/yi-hang-ming-ling/yi-tiao-zheng-ze-ming-ling-huo-qu-si-yao-huo-mi-ma.md) - [使用grep快速去除垃圾数据](https://www.heresecurity.wiki/shang-jin-ji-qiao/yi-hang-ming-ling/shi-yong-grep-kuai-su-qu-chu-la-ji-shu-ju.md) - [字典](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian.md) - [从站点生成字典](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian/cong-zhan-dian-sheng-cheng-zi-dian.md) - [来自github的字典](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian/lai-zi-github-de-zi-dian.md) - [已泄露的密码整理出的字典](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian/yi-xie-lou-de-mi-ma-zheng-li-chu-de-zi-dian.md) - [loT高频率账户密码](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian/lot-gao-pinlzhang-hu-mi-ma.md) - [查找git和svn的字典](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-dian/cha-zhao-git-he-svn-de-zi-dian.md) - [403 bypass](https://www.heresecurity.wiki/shang-jin-ji-qiao/403-bypass.md) - [CMS](https://www.heresecurity.wiki/shang-jin-ji-qiao/cms.md) - [favico信息](https://www.heresecurity.wiki/shang-jin-ji-qiao/favico-xin-xi.md) - [Github](https://www.heresecurity.wiki/shang-jin-ji-qiao/github.md) - [git和svn](https://www.heresecurity.wiki/shang-jin-ji-qiao/git-he-svn.md) - [sql注入检测](https://www.heresecurity.wiki/shang-jin-ji-qiao/sql-zhu-ru-jian-ce.md) - [参数污染](https://www.heresecurity.wiki/shang-jin-ji-qiao/can-shu-wu-ran.md) - [测试是否存在heartbleed漏洞](https://www.heresecurity.wiki/shang-jin-ji-qiao/ce-shi-shi-fou-cun-zai-heartbleed-lou-dong.md) - [命令注入Bypass](https://www.heresecurity.wiki/shang-jin-ji-qiao/ming-ling-zhu-ru-bypass.md) - [配置错误的云存储桶](https://www.heresecurity.wiki/shang-jin-ji-qiao/pei-zhi-cuo-wu-de-yun-cun-chu-tong.md) - [通过.json的信息泄露](https://www.heresecurity.wiki/shang-jin-ji-qiao/tong-guo-.json-de-xin-xi-xie-lou.md) - [未认证的ElasticsearchDB](https://www.heresecurity.wiki/shang-jin-ji-qiao/wei-ren-zheng-de-elasticsearchdb.md) - [子域名接管](https://www.heresecurity.wiki/shang-jin-ji-qiao/zi-yu-ming-jie-guan.md) - [2FA双因子认证绕过](https://www.heresecurity.wiki/shang-jin-ji-qiao/2fa-shuang-yin-zi-ren-zheng-rao-guo.md) - [绕过登录限制](https://www.heresecurity.wiki/shang-jin-ji-qiao/rao-guo-deng-lu-xian-zhi.md) - [云安全](https://www.heresecurity.wiki/yun-an-quan.md) - [GCP](https://www.heresecurity.wiki/yun-an-quan/gcp.md) - [初始访问](https://www.heresecurity.wiki/yun-an-quan/gcp/chu-shi-fang-wen.md) - [枚举](https://www.heresecurity.wiki/yun-an-quan/gcp/mei-ju.md) - [权限维持](https://www.heresecurity.wiki/yun-an-quan/gcp/quan-xian-wei-chi.md) - [特权升级和横向移动](https://www.heresecurity.wiki/yun-an-quan/gcp/te-quan-sheng-ji-he-heng-xiang-yi-dong.md) - [AWS](https://www.heresecurity.wiki/yun-an-quan/aws.md) - [AWS的服务](https://www.heresecurity.wiki/yun-an-quan/aws/aws-de-fu-wu.md) - [工具](https://www.heresecurity.wiki/yun-an-quan/aws/gong-ju.md) - [初始访问](https://www.heresecurity.wiki/yun-an-quan/aws/chu-shi-fang-wen.md) - [枚举](https://www.heresecurity.wiki/yun-an-quan/aws/mei-ju.md) - [权限提升](https://www.heresecurity.wiki/yun-an-quan/aws/quan-xian-ti-sheng.md) - [权限维持](https://www.heresecurity.wiki/yun-an-quan/aws/quan-xian-wei-chi.md) - [将EBS卷挂载到EC2Linux](https://www.heresecurity.wiki/yun-an-quan/aws/jiang-ebs-juan-gua-zai-dao-ec2linux.md) - [禁用CloudTrail](https://www.heresecurity.wiki/yun-an-quan/aws/jin-yong-cloudtrail.md) - [使用AMI映像复制EC2](https://www.heresecurity.wiki/yun-an-quan/aws/shi-yong-ami-ying-xiang-fu-zhi-ec2.md) - [通过API密钥获得AWS控制台访问权限](https://www.heresecurity.wiki/yun-an-quan/aws/tong-guo-api-mi-yao-huo-de-aws-kong-zhi-tai-fang-wen-quan-xian.md) - [通过混淆Cloudtrail日志和GuardDuty来掩盖踪迹](https://www.heresecurity.wiki/yun-an-quan/aws/tong-guo-hun-xiao-cloudtrail-ri-zhi-he-guardduty-lai-yan-gai-zong-ji.md) - [Golden SAML Attack](https://www.heresecurity.wiki/yun-an-quan/aws/golden-saml-attack.md) - [InstanceConnect 将SSH密钥推送到EC2实例](https://www.heresecurity.wiki/yun-an-quan/aws/instanceconnect-jiang-ssh-mi-yao-tui-song-dao-ec2-shi-li.md) - [Lambda 提取函数的代码](https://www.heresecurity.wiki/yun-an-quan/aws/lambda-ti-qu-han-shu-de-dai-ma.md) - [Shadow Copy attack](https://www.heresecurity.wiki/yun-an-quan/aws/shadow-copy-attack.md) - [SSM 命令执行](https://www.heresecurity.wiki/yun-an-quan/aws/ssm-ming-ling-zhi-xing.md) - [动态数据库](https://www.heresecurity.wiki/yun-an-quan/aws/dong-tai-shu-ju-ku.md) - [Azure](https://www.heresecurity.wiki/yun-an-quan/azure.md) - [侦察工具](https://www.heresecurity.wiki/yun-an-quan/azure/zhen-cha-gong-ju.md) - [枚举](https://www.heresecurity.wiki/yun-an-quan/azure/mei-ju.md) - [钓鱼](https://www.heresecurity.wiki/yun-an-quan/azure/diao-yu.md) - [非法同意](https://www.heresecurity.wiki/yun-an-quan/azure/fei-fa-tong-yi.md) - [向所有EnterpriseApplications添加凭据](https://www.heresecurity.wiki/yun-an-quan/azure/xiang-suo-you-enterpriseapplications-tian-jia-ping-ju.md) - [为AzureWeb应用程序生成SSH](https://www.heresecurity.wiki/yun-an-quan/azure/wei-azureweb-ying-yong-cheng-xu-sheng-cheng-ssh.md) - [Azure存储Blob](https://www.heresecurity.wiki/yun-an-quan/azure/azure-cun-chu-blob.md) - [Pass-The-PRT](https://www.heresecurity.wiki/yun-an-quan/azure/pass-the-prt.md) - [Pass-The-Certificate](https://www.heresecurity.wiki/yun-an-quan/azure/pass-the-certificate.md) - [Intunes管理](https://www.heresecurity.wiki/yun-an-quan/azure/intunes-guan-li.md) - [动态组成员资格](https://www.heresecurity.wiki/yun-an-quan/azure/dong-tai-zu-cheng-yuan-zi-ge.md) - [Administrative Unit](https://www.heresecurity.wiki/yun-an-quan/azure/administrative-unit.md) - [部署模板](https://www.heresecurity.wiki/yun-an-quan/azure/bu-shu-mu-ban.md) - [应用程序代理](https://www.heresecurity.wiki/yun-an-quan/azure/ying-yong-cheng-xu-dai-li.md) - [条件访问](https://www.heresecurity.wiki/yun-an-quan/azure/tiao-jian-fang-wen.md) - [令牌](https://www.heresecurity.wiki/yun-an-quan/azure/ling-pai.md) - [自动化runbook](https://www.heresecurity.wiki/yun-an-quan/azure/zi-dong-hua-runbook.md) - [虚拟机runCommand](https://www.heresecurity.wiki/yun-an-quan/azure/xu-ni-ji-runcommand.md) - [KeyVault](https://www.heresecurity.wiki/yun-an-quan/azure/keyvault.md) - [AzureAD](https://www.heresecurity.wiki/yun-an-quan/azure/azuread.md) - [AzureAD连接](https://www.heresecurity.wiki/yun-an-quan/azure/azuread-lian-jie.md) - [Aliyun](https://www.heresecurity.wiki/yun-an-quan/aliyun.md) - [osskey](https://www.heresecurity.wiki/yun-an-quan/aliyun/osskey.md) - [Docker](https://www.heresecurity.wiki/yun-an-quan/docker.md) - [未授权API](https://www.heresecurity.wiki/yun-an-quan/docker/wei-shou-quan-api.md) - [权限维持](https://www.heresecurity.wiki/yun-an-quan/docker/quan-xian-wei-chi.md) - [逃逸](https://www.heresecurity.wiki/yun-an-quan/docker/tao-yi.md) - [kubernetes](https://www.heresecurity.wiki/yun-an-quan/kubernetes.md) - [未授权API](https://www.heresecurity.wiki/yun-an-quan/kubernetes/wei-shou-quan-api.md) - [枚举](https://www.heresecurity.wiki/yun-an-quan/kubernetes/mei-ju.md) - [权限提升](https://www.heresecurity.wiki/yun-an-quan/kubernetes/quan-xian-ti-sheng.md) - [定时任务](https://www.heresecurity.wiki/yun-an-quan/kubernetes/ding-shi-ren-wu.md) - [工具](https://www.heresecurity.wiki/yun-an-quan/gong-ju.md) - [Redteam红队](https://www.heresecurity.wiki/redteam-hong-dui.md) - [Web类](https://www.heresecurity.wiki/redteam-hong-dui/web-lei.md) - [web程序漏洞](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/web-cheng-xu-lou-dong.md) - [编辑器漏洞](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/bian-ji-qi-lou-dong.md) - [默认密码](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/mo-ren-mi-ma.md) - [wso2](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/wso2.md) - [从LFI到RCE](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/cong-lfi-dao-rce.md) - [深x服](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/shenxfu.md) - [天r信](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/tianrxin.md) - [邮件地址payload](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/you-jian-di-zhi-payload.md) - [Web server日志分析命令](https://www.heresecurity.wiki/redteam-hong-dui/web-lei/web-server-ri-zhi-fen-xi-ming-ling.md) - [免杀技巧](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao.md) - [cshot远程shellcode](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/cshot-yuan-cheng-shellcode.md) - [Pezor免杀](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/pezor-mian-sha.md) - [内存中解码shellcode绕过av](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/nei-cun-zhong-jie-ma-shellcode-rao-guo-av.md) - [一些可尝试绕过白名单的执行](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/yi-xie-ke-chang-shi-rao-guo-bai-ming-dan-de-zhi-xing.md) - [在Windows Server 2016和2019中绕过WindowsDefender](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/zai-windows-server-2016-he-2019-zhong-rao-guo-windowsdefender.md) - [绕过安全狗脚本](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/rao-guo-an-quan-gou-jiao-ben.md) - [360白名单](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/360-bai-ming-dan.md) - [Bypass AMSI](https://www.heresecurity.wiki/redteam-hong-dui/mian-sha-ji-qiao/bypass-amsi.md) - [Bypass技巧](https://www.heresecurity.wiki/redteam-hong-dui/bypass-ji-qiao.md) - [Bypass mod\_security](https://www.heresecurity.wiki/redteam-hong-dui/bypass-ji-qiao/bypass-mod_security.md) - [绕过lsa protection](https://www.heresecurity.wiki/redteam-hong-dui/bypass-ji-qiao/rao-guo-lsa-protection.md) - [系统类](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei.md) - [ImportDLLInjection 通过修改内存中的PE头来注入DLL的另一种方法](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/importdllinjection-tong-guo-xiu-gai-nei-cun-zhong-de-pe-tou-lai-zhu-ru-dll-de-ling-yi-zhong-fang-fa.md) - [动态调用进程注入逻辑](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/dong-tai-diao-yong-jin-cheng-zhu-ru-luo-ji.md) - [父进程破坏](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/fu-jin-cheng-po-huai.md) - [进程挖空(MitreT1055.012)](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/jin-cheng-wa-kong-mitret1055.012.md) - [使用WindowsDefender下载文件](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/shi-yong-windowsdefender-xia-zai-wen-jian.md) - [通过挂起EventLog服务线程禁用Windows事件日志](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/tong-guo-gua-qi-eventlog-fu-wu-xian-cheng-jin-yong-windows-shi-jian-ri-zhi.md) - [隐藏windows服务](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/yin-cang-windows-fu-wu.md) - [远程解压文件](https://www.heresecurity.wiki/redteam-hong-dui/xi-tong-lei/yuan-cheng-jie-ya-wen-jian.md) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://www.heresecurity.wiki/about/readme.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.