Offensive Security

Offensive Security involves simulating cyberattacks to identify vulnerabilities in systems, networks, and applications to enhance security. The document outlines various offensive techniques categorized into system hacking, network hacking, web application security, Active Directory exploitation, and IoT security. Each category includes specific methods and tools for executing these techniques effectively.

Uploaded by

Sandeep Varma Kalidindi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

122 views3 pages

Offensive Security

Uploaded by

Sandeep Varma Kalidindi

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

OFFENSIVE SECURITY

Offensive Security is the practice of simulating real-world cyberattacks to identify and exploit
vulnerabilities in systems, networks, or applications for the purpose of improving overall
security.
Below is the list of offensive techniques which need to be curated as per the needs of our labs.

System Hacking
1) Password Cracking – Windows SAM Extraction
a. Extract and crack local Windows user password hashes from the SAM database
2) Scanning & Enumeration
a. Discover live hosts, open ports, and running services using tools like nmap.
3) Pass-the-Hash Attack
a. Authenticate to systems using stolen NTLM hash instead of plaintext password.
4) Vulnerability Scanning with Nessus/OpenVAS
a. Scan target systems for known vulnerabilities and misconfigurations.
5) Exploitation Using Metasploit Framework
a. Exploit known vulnerabilities using Metasploit to gain access to target systems.
6) Man-in-the-Middle (MITM) Attack
a. Intercept and manipulate network traffic between two devices on the same
network.
7) Bind Shells
a. Open a command shell on the target that listens for an incoming connection.
8) Reverse Shells
a. Initiate a connection from the target back to the attacker’s machine.
9) DLL Hijacking
a. Replace a legitimate DLL with a malicious one to execute code when a program
runs.
10) Scheduled Task Persistence
a. Create a scheduled task to maintain access after system reboot.
11) Registry Run Key Persistence
a. Add a registry entry to ensure malware or payload runs at system startup.
12) Privilege Escalation – Linux
a. Exploit system misconfigurations to elevate privileges to root on Linux systems.
13) Post-Exploitation with Meterpreter
a. Use Metasploit's Meterpreter for advanced post-exploitation tasks.
14) Token Impersonation
a. Steal and use access tokens to impersonate privileged users.
15) UAC Bypass
a. Bypass User Account Control to run commands with elevated privileges.
16) Windows Rootkit Installation
a. Install kernel-level malware to hide processes, files, and connections.
17) Linux Rootkit Installation
a. Load kernel modules to hide malicious activity on Linux systems.
18) Buffer Overflow Exploitation
a. Overwrite memory buffers to execute arbitrary code and gain control.
19) Service Misconfiguration Abuse
a. Exploit poorly configured services to escalate privileges or gain access.
20) Linux Capabilities Abuse
a. Exploit extended file capabilities for privilege escalation on Linux.
21) Reverse Shell Post-Exploitation
a. Maintain access and perform reconnaissance after gaining initial foothold.

Network Hacking
1. ARP Spoofing / MITM Attack
2. MAC Flooding Attack
3. VLAN Hopping
4. STP Manipulation (Spanning Tree Protocol)
5. DHCP Starvation & Rogue DHCP Server
6. DNS Spoofing / Cache Poisoning
7. DNS / ICMP Tunneling
8. TCP Session Hijacking
9. TCP/UDP/ICMP Flood (DoS Attack)
10. Man-in-the-Middle (MITM) using BetterCAP
11. Wireless Deauthentication Attack
12. BGP Route Injection (Route Hijacking)

Web Application Security

1) SQL Injection (Manual & Automated)
2) Cross-Site Scripting (XSS) – Reflected and Stored
3) Command Injection in Web Apps
4) File Inclusion Vulnerabilities (LFI/RFI)
5) Directory Traversal and Path Manipulation
6) IDOR (Insecure Direct Object Reference)
7) CSRF (Cross-Site Request Forgery)
8) Session Hijacking and Fixation
9) JWT Token Tampering
10) OAuth Misconfiguration Exploitation
Active Directory (AD) Exploitation
1) Pass-the-Hash (PtH) Attack
2) Golden Ticket Attack
3) Silver Ticket Attack
4) Kerberoasting
5) AS-REP Roasting
6) Exploiting Weak Group Policy Preferences (GPP)
7) NTLM Relay Attack
8) LDAP Enumeration & Privilege Escalation

IoT Security
1. Extracting Firmware from an IoT Device
2. Firmware Emulation with Firmadyne
3. Reverse Engineering Firmware with Ghidra
4. Finding Hardcoded Credentials in Firmware
5. Bluetooth Sniffing and Pairing Hijacking
6. Wi-Fi Pineapple Rogue Access Point Attack
7. Zigbee Packet Sniffing and Injection
8. Radio Reception with RTL-SDR
9. Spectrum Scanning and Signal Identification
10. Wireless Communication Exploitation

Advance Penetration Testing Kali Linux Training
0% (1)
Advance Penetration Testing Kali Linux Training
4 pages
Top 50 Cybersecurity Threats Overview
No ratings yet
Top 50 Cybersecurity Threats Overview
4 pages
Certified Ethical Hacker (CEH) v12 Outline
100% (1)
Certified Ethical Hacker (CEH) v12 Outline
8 pages
Top 50 Cyber Attacks
No ratings yet
Top 50 Cyber Attacks
4 pages
CSFA PPT
No ratings yet
CSFA PPT
18 pages
100+ Hacker Techniques Explained
No ratings yet
100+ Hacker Techniques Explained
5 pages
Majorproject
No ratings yet
Majorproject
17 pages
New Cybersecurity Course Outline
No ratings yet
New Cybersecurity Course Outline
12 pages
Ethical Hacking and Prevention: Course Contents
No ratings yet
Ethical Hacking and Prevention: Course Contents
4 pages
Ethical Hacking and Prevention Course Details in PDF
No ratings yet
Ethical Hacking and Prevention Course Details in PDF
24 pages
1713442552250ethecial Hacking V12
No ratings yet
1713442552250ethecial Hacking V12
5 pages
Red Team Operation Course (Online)
100% (1)
Red Team Operation Course (Online)
16 pages
Eh - Unit 4
No ratings yet
Eh - Unit 4
26 pages
SOC 200 Syllabus
No ratings yet
SOC 200 Syllabus
7 pages
Handout 2.1 Ethical Hacking Pentesting and Anonymity
No ratings yet
Handout 2.1 Ethical Hacking Pentesting and Anonymity
23 pages
Hacking Principals
No ratings yet
Hacking Principals
10 pages
6) CEH v12 - System Hacking & Malware Threats Notes
No ratings yet
6) CEH v12 - System Hacking & Malware Threats Notes
32 pages
Ethical Hacking Summary
No ratings yet
Ethical Hacking Summary
11 pages
Ethical: Hacking and
No ratings yet
Ethical: Hacking and
4 pages
Unit III Operating System Vulnerabilities
No ratings yet
Unit III Operating System Vulnerabilities
6 pages
CompTIA-Security-notes - CompTIA Security+ SY0-601 Notes (Passed 788 Points)
100% (1)
CompTIA-Security-notes - CompTIA Security+ SY0-601 Notes (Passed 788 Points)
36 pages
Hacking Primer: BY Intramantra Global Solution PVT LTD, Indore
No ratings yet
Hacking Primer: BY Intramantra Global Solution PVT LTD, Indore
34 pages
Ethical Hacking: by Sachin Tyagi
No ratings yet
Ethical Hacking: by Sachin Tyagi
27 pages
Fundamental Cyber Security Training
No ratings yet
Fundamental Cyber Security Training
9 pages
Cyber Security Training Overview
No ratings yet
Cyber Security Training Overview
9 pages
Ethical Hacking Lec 1
No ratings yet
Ethical Hacking Lec 1
66 pages
Topics Under Ethical Hacking
No ratings yet
Topics Under Ethical Hacking
2 pages
Cs Easy
No ratings yet
Cs Easy
5 pages
CompTIA Security+
No ratings yet
CompTIA Security+
74 pages
System Hacking Techniques
No ratings yet
System Hacking Techniques
346 pages
Red Team Operations
No ratings yet
Red Team Operations
16 pages
Ethical Hacker Pro V1 Competency Assessment Objectives
No ratings yet
Ethical Hacker Pro V1 Competency Assessment Objectives
3 pages
Hack I.T. - Security Through Pen - Neznamy
No ratings yet
Hack I.T. - Security Through Pen - Neznamy
1,873 pages
Penetration Testing and Security Concepts Quiz
No ratings yet
Penetration Testing and Security Concepts Quiz
13 pages
Cyber Security Course Content
0% (1)
Cyber Security Course Content
6 pages
Initial Access & Execution Techniques
No ratings yet
Initial Access & Execution Techniques
41 pages
6.system Hacking
No ratings yet
6.system Hacking
50 pages
Ethical Hacking Guide & Techniques
No ratings yet
Ethical Hacking Guide & Techniques
13 pages
CompTIA PenTest+ Exam Guide
No ratings yet
CompTIA PenTest+ Exam Guide
15 pages
Decoding Cyber Attacks
No ratings yet
Decoding Cyber Attacks
10 pages
Ethical Hacking Curriculum
No ratings yet
Ethical Hacking Curriculum
4 pages
Ethical Hacking Unveiling The Secrets
No ratings yet
Ethical Hacking Unveiling The Secrets
11 pages
Comptia 01 Sec+ Study Guide
No ratings yet
Comptia 01 Sec+ Study Guide
33 pages
Certified Info Security Expert Course
No ratings yet
Certified Info Security Expert Course
18 pages
CISEv20: Certified Info Security Expert
100% (1)
CISEv20: Certified Info Security Expert
18 pages
IS Attacks
No ratings yet
IS Attacks
3 pages
Cybersecurity Concepts and Solutions
No ratings yet
Cybersecurity Concepts and Solutions
21 pages
The Ultimate Penetration Testing Methodology (2025 Edition) - VeryLazyTech
No ratings yet
The Ultimate Penetration Testing Methodology (2025 Edition) - VeryLazyTech
8 pages
Certified Penetration Testing Professional CPTP
No ratings yet
Certified Penetration Testing Professional CPTP
12 pages
Advanced OS Presentation
No ratings yet
Advanced OS Presentation
22 pages
ITEC 1010 Final Exam Review
No ratings yet
ITEC 1010 Final Exam Review
6 pages
Computer Systems Hardware Software Electronic Data Disruption Misdirection
No ratings yet
Computer Systems Hardware Software Electronic Data Disruption Misdirection
3 pages
Comprehensive Guide to Cybersecurity
No ratings yet
Comprehensive Guide to Cybersecurity
3 pages
Module 06 System Hacking
No ratings yet
Module 06 System Hacking
384 pages
Cyber Security
No ratings yet
Cyber Security
21 pages
Cybersecurity Event Sources List
No ratings yet
Cybersecurity Event Sources List
29 pages
MITRE ATTCK Framework Spreadsheet
No ratings yet
MITRE ATTCK Framework Spreadsheet
11 pages
Video Wall Hikvision Dsd2055nheg
No ratings yet
Video Wall Hikvision Dsd2055nheg
2 pages
ERT Threat Alert OpIsrael 2014
No ratings yet
ERT Threat Alert OpIsrael 2014
21 pages
HP 245 G7 Notebook PC
No ratings yet
HP 245 G7 Notebook PC
9 pages
Computer-Science-Model-Paper-XI - (Paper I)
No ratings yet
Computer-Science-Model-Paper-XI - (Paper I)
12 pages
DL AMC Optimization
No ratings yet
DL AMC Optimization
18 pages
TinyML: Enabling Low-Power Embedded Systems
No ratings yet
TinyML: Enabling Low-Power Embedded Systems
53 pages
Splunk 2002 With Answers
No ratings yet
Splunk 2002 With Answers
31 pages
Guide de Configuration Réseau
No ratings yet
Guide de Configuration Réseau
6 pages
Queue Data Structure Overview
No ratings yet
Queue Data Structure Overview
11 pages
Virtual Machine Installation Guide: Sightline
No ratings yet
Virtual Machine Installation Guide: Sightline
32 pages
PCNSE (326 Questions)
No ratings yet
PCNSE (326 Questions)
136 pages
How To Create A RAM Disk On Linux - Operating Systems & Open Source - Linux - Level1Techs Forums
No ratings yet
How To Create A RAM Disk On Linux - Operating Systems & Open Source - Linux - Level1Techs Forums
6 pages
Online Hall-Ticket Generation: (Software Requirements Specification)
No ratings yet
Online Hall-Ticket Generation: (Software Requirements Specification)
10 pages
Utkarsh Sharma Profile Resume CV 2
No ratings yet
Utkarsh Sharma Profile Resume CV 2
3 pages
It8570e
No ratings yet
It8570e
417 pages
STMS V8.2 Getting Started and Administration Guide
No ratings yet
STMS V8.2 Getting Started and Administration Guide
65 pages
CX Freeze
No ratings yet
CX Freeze
41 pages
Project Report II
No ratings yet
Project Report II
26 pages
Mars Rover Project Report
No ratings yet
Mars Rover Project Report
44 pages
Introduction To C
No ratings yet
Introduction To C
56 pages
Resume Gautam Joshi Turing
No ratings yet
Resume Gautam Joshi Turing
1 page
Coverage
No ratings yet
Coverage
37 pages
Maintenance and Service Guide HP 250 g8 - PDF - 2728968 - en-US-1
No ratings yet
Maintenance and Service Guide HP 250 g8 - PDF - 2728968 - en-US-1
90 pages
SCTP PDF
No ratings yet
SCTP PDF
45 pages
MMOM Order Meal Use Case Realization
No ratings yet
MMOM Order Meal Use Case Realization
3 pages
Edge Computing
No ratings yet
Edge Computing
15 pages
Sample Questions For Oracle 1z0 1085 25 Exam by Medina
No ratings yet
Sample Questions For Oracle 1z0 1085 25 Exam by Medina
9 pages
Blockchain
No ratings yet
Blockchain
4 pages
Secure Fog-Based Cloud Storage Scheme
100% (1)
Secure Fog-Based Cloud Storage Scheme
6 pages
Current Advancements in Stereo Vision
100% (1)
Current Advancements in Stereo Vision
234 pages

Offensive Security

Uploaded by

Offensive Security

Uploaded by

OFFENSIVE SECURITY

Web Application Security

You might also like