# Offensive

- [Exploit Workflow](/offensive/offensive-notes.md): How to work through a vulnerable host
- [Recon](/offensive/recon.md): Recon scripts and details
- [OSINT](/offensive/recon/osint.md): The Internet knows pretty much everything, we just need to ask the right questions
- [DNS](/offensive/recon/dns.md): DNS analysis
- [Domain Discovery](/offensive/recon/dns/domain-discovery.md)
- [Layer 2 Config and Analysis](/offensive/recon/layer-2-config-and-analysis.md): Investigate layer 2 activity on a local network
- [Port Scanning and Discovery](/offensive/recon/nmap.md): I'm knocking on every door
- [Port Attacks](/offensive/recon/port-analysis.md)
- [Link it all together](/offensive/recon/link-it-all-together.md)
- [Payloads](/offensive/payloads.md)
- [MSFVenom](/offensive/payloads/msfvenom.md): Generate msfvenom payloads
- [Reverse Shells](/offensive/payloads/reverse-shells.md): Work in Progress
- [Websites](/offensive/web-exploits.md): Anything and Everything
- [Enumeration](/offensive/web-exploits/enumeration.md): Find information before we attack
- [Injection/LFI](/offensive/web-exploits/injection.md): Command and Database 😍
- [Session Management](/offensive/web-exploits/session-management.md)
- [Brute Forcing](/offensive/web-exploits/brute-forcing.md): Sometimes just looking isn't enough
- [JavaScript & XSS](/offensive/web-exploits/javascript.md)
- [SSRF](/offensive/web-exploits/ssrf.md): So many things!
- [XXE](/offensive/web-exploits/xxe.md): XML External Entity
- [PHP](/offensive/web-exploits/php.md)
- [Password Attacks](/offensive/password-attacks.md)
- [Brute Forcing](/offensive/password-attacks/brute-forcing.md)
- [Mimikatz](/offensive/password-attacks/mimikatz.md)
- [Password Cracking](/offensive/password-attacks/password-cracking.md)
- [Hash Extraction](/offensive/password-attacks/hash-extraction.md)
- [Wordlist Generation](/offensive/password-attacks/wordlist-generation.md)
- [Databases](/offensive/databases.md)
- [SQL](/offensive/databases/sql.md)
- [Mongodb](/offensive/databases/mongodb.md)
- [Microsoft Windows Exploits](/offensive/microsoft-windows-exploits.md)
- [Enumeration](/offensive/microsoft-windows-exploits/enumeration.md)
- [Powershell](/offensive/microsoft-windows-exploits/powershell.md)
- [Cmd](/offensive/microsoft-windows-exploits/cmd.md)
- [Privilege Escalation](/offensive/microsoft-windows-exploits/privilege-escalation.md)
- [Active Directory](/offensive/microsoft-windows-exploits/active-directory.md)
- [Bloodhound](/offensive/microsoft-windows-exploits/bloodhound.md)
- [Social Engineering](/offensive/social-engineering.md)
- [Netcat & Socat](/offensive/netcat.md): Netcat rocks my socks
- [File Transfers](/offensive/file-transfers.md)
- [Metasploit](/offensive/metasploit.md): Who cares if it's easy, that's the point right?
- [Writing Modules](/offensive/metasploit/writing-modules.md)
- [PS Empire](/offensive/ps-empire.md): PowerShell Empire used to manage C2 nodes
- [Priv Escalation](/offensive/priv-escalation.md)
- [Post Exploitation](/offensive/post-exploitation.md): Ok, now what do we do??
- [Pivoting](/offensive/pivoting.md)
- [Certs and Secrets](/offensive/certificates.md): how to generate and analyze certificates
- [NGROK](/offensive/ngrok.md): Using ngrok to access internal services
- [Misc.](/offensive/misc..md)