# Offensive - [Exploit Workflow](https://notes.m4lwhere.org/offensive/offensive-notes.md): How to work through a vulnerable host - [Recon](https://notes.m4lwhere.org/offensive/recon.md): Recon scripts and details - [OSINT](https://notes.m4lwhere.org/offensive/recon/osint.md): The Internet knows pretty much everything, we just need to ask the right questions - [DNS](https://notes.m4lwhere.org/offensive/recon/dns.md): DNS analysis - [Domain Discovery](https://notes.m4lwhere.org/offensive/recon/dns/domain-discovery.md) - [Layer 2 Config and Analysis](https://notes.m4lwhere.org/offensive/recon/layer-2-config-and-analysis.md): Investigate layer 2 activity on a local network - [Port Scanning and Discovery](https://notes.m4lwhere.org/offensive/recon/nmap.md): I'm knocking on every door - [Port Attacks](https://notes.m4lwhere.org/offensive/recon/port-analysis.md) - [Link it all together](https://notes.m4lwhere.org/offensive/recon/link-it-all-together.md) - [Payloads](https://notes.m4lwhere.org/offensive/payloads.md) - [MSFVenom](https://notes.m4lwhere.org/offensive/payloads/msfvenom.md): Generate msfvenom payloads - [Reverse Shells](https://notes.m4lwhere.org/offensive/payloads/reverse-shells.md): Work in Progress - [Websites](https://notes.m4lwhere.org/offensive/web-exploits.md): Anything and Everything - [Enumeration](https://notes.m4lwhere.org/offensive/web-exploits/enumeration.md): Find information before we attack - [Injection/LFI](https://notes.m4lwhere.org/offensive/web-exploits/injection.md): Command and Database 😍 - [Session Management](https://notes.m4lwhere.org/offensive/web-exploits/session-management.md) - [Brute Forcing](https://notes.m4lwhere.org/offensive/web-exploits/brute-forcing.md): Sometimes just looking isn't enough - [JavaScript & XSS](https://notes.m4lwhere.org/offensive/web-exploits/javascript.md) - [SSRF](https://notes.m4lwhere.org/offensive/web-exploits/ssrf.md): So many things! - [XXE](https://notes.m4lwhere.org/offensive/web-exploits/xxe.md): XML External Entity - [PHP](https://notes.m4lwhere.org/offensive/web-exploits/php.md) - [Password Attacks](https://notes.m4lwhere.org/offensive/password-attacks.md) - [Brute Forcing](https://notes.m4lwhere.org/offensive/password-attacks/brute-forcing.md) - [Mimikatz](https://notes.m4lwhere.org/offensive/password-attacks/mimikatz.md) - [Password Cracking](https://notes.m4lwhere.org/offensive/password-attacks/password-cracking.md) - [Hash Extraction](https://notes.m4lwhere.org/offensive/password-attacks/hash-extraction.md) - [Wordlist Generation](https://notes.m4lwhere.org/offensive/password-attacks/wordlist-generation.md) - [Databases](https://notes.m4lwhere.org/offensive/databases.md) - [SQL](https://notes.m4lwhere.org/offensive/databases/sql.md) - [Mongodb](https://notes.m4lwhere.org/offensive/databases/mongodb.md) - [Microsoft Windows Exploits](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits.md) - [Enumeration](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/enumeration.md) - [Powershell](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/powershell.md) - [Cmd](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/cmd.md) - [Privilege Escalation](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/privilege-escalation.md) - [Active Directory](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/active-directory.md) - [Bloodhound](https://notes.m4lwhere.org/offensive/microsoft-windows-exploits/bloodhound.md) - [Social Engineering](https://notes.m4lwhere.org/offensive/social-engineering.md) - [Netcat & Socat](https://notes.m4lwhere.org/offensive/netcat.md): Netcat rocks my socks - [File Transfers](https://notes.m4lwhere.org/offensive/file-transfers.md) - [Metasploit](https://notes.m4lwhere.org/offensive/metasploit.md): Who cares if it's easy, that's the point right? - [Writing Modules](https://notes.m4lwhere.org/offensive/metasploit/writing-modules.md) - [PS Empire](https://notes.m4lwhere.org/offensive/ps-empire.md): PowerShell Empire used to manage C2 nodes - [Priv Escalation](https://notes.m4lwhere.org/offensive/priv-escalation.md) - [Post Exploitation](https://notes.m4lwhere.org/offensive/post-exploitation.md): Ok, now what do we do?? - [Pivoting](https://notes.m4lwhere.org/offensive/pivoting.md) - [Certs and Secrets](https://notes.m4lwhere.org/offensive/certificates.md): how to generate and analyze certificates - [NGROK](https://notes.m4lwhere.org/offensive/ngrok.md): Using ngrok to access internal services - [Misc.](https://notes.m4lwhere.org/offensive/misc..md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://notes.m4lwhere.org/offensive.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.