Share
## https://sploitus.com/exploit?id=DBA1C960-11D2-504A-889A-D7F97E4FC3BC
# ๐ฏ Pentest Playbook Index
Welcome to the comprehensive penetration testing playbook. This index serves as the central hub for all methodologies, exploitation scenarios, and quick-reference cheat sheets.
---
## ๐ Web Exploitation (Top Categories)
* **[Web Attack Overview](docs/exploit/web/index.md)**
* **[Authentication & Access Control](docs/exploit/web/web-login-bypass.md)**
* [Broken Access Control](docs/exploit/web/broken-access-control.md)
* [IDOR](docs/exploit/web/idor-attack.md)
* [OAuth Attacks](docs/exploit/web/oauth-attack.md)
* **[Injection Attacks](docs/exploit/web/sql-injection.md)**
* [SQL Injection](docs/exploit/web/sql-injection.md) & [Cheat Sheet](docs/exploit/web/sql-injection-cheat-sheet.md)
* [NoSQL Injection](docs/exploit/web/nosql-injection.md)
* [OS Command Injection](docs/exploit/web/os-command-injection.md)
* [SSTI (Server-Side Template Injection)](docs/exploit/web/ssti.md)
* **[Advanced Web Techniques](docs/exploit/web/web-cache-poisoning.md)**
* [Web Cache Poisoning](docs/exploit/web/web-cache-poisoning.md)
* [Web Cache Deception](docs/exploit/web/web-cache-deception.md)
* [HTTP Request Smuggling](docs/exploit/web/request-smuggling.md)
* [Race Conditions](docs/exploit/web/web-race-condition-attack.md)
* **[Modern Targets](docs/exploit/web/api.md)**
* [API Security](docs/exploit/web/api.md)
* [Web LLM Attacks](docs/exploit/web/llm-chatbot.md)
* [GraphQL](docs/exploit/web/graphql.md)
* [WebSocket](docs/exploit/web/websocket.md)
---
## ๐ง Linux & Privilege Escalation
* **[Linux PrivEsc Core Index](docs/exploit/linux/privilege-escalation/index.md)**
* [Shell Stabilization](docs/exploit/linux/privilege-escalation/index.md#shell-stabilization-pre-escalation)
* [SUID Binaries](docs/exploit/linux/privilege-escalation/index.md#scenario-1-suid-binaries--gtfobins)
* [Sudo Rights](docs/exploit/linux/privilege-escalation/index.md#scenario-2-sudo-rights-sudo--l)
* [Capabilities](docs/exploit/linux/privilege-escalation/index.md#scenario-4-capabilities)
* [Cron Jobs](docs/exploit/linux/privilege-escalation/index.md#scenario-3-cron-jobs)
---
## ๐ช Windows & Active Directory
* **[Windows PrivEsc Core Index](docs/exploit/windows/privilege-escalation/index.md)**
* [Unquoted Service Paths](docs/exploit/windows/privilege-escalation/index.md#scenario-1-unquoted-service-path)
* [Token Impersonation (Potato)](docs/exploit/windows/privilege-escalation/index.md#scenario-4-token-impersonation-potato-attacks)
* [Registry Exploits](docs/exploit/windows/privilege-escalation/registry-keys.md)
* **[Active Directory Attacks](docs/exploit/windows/active-directory/)**
* [Kerberos (AS-REP Roasting, Kerberoasting)](docs/exploit/windows/privilege-escalation/kerberos.md)
* [ADCS Exploitation](docs/exploit/windows/privilege-escalation/adcs.md)
---
## ๐ก Infrastructure & Network
* **[Protocol Exploitation](docs/exploit/network/index.md)**
* [SNMP](docs/exploit/network/protocol/snmp.md)
* [SMB](docs/exploit/network/protocol/smb.md)
* [FTP](docs/exploit/network/protocol/ftp.md)
* **[Port Forwarding & Pivoting](docs/exploit/network/port-forwarding/)**
---
## ๐ ๏ธ Specialized Domains
* **[Cryptography](docs/exploit/cryptography/index.md)**
* **[Cloud Security](docs/exploit/cloud/)** (AWS, Azure, GCP)
* **[Machine Learning Pentesting](docs/exploit/machine-learning/)**
* **[Blockchain & Smart Contracts](docs/exploit/blockchain/)**
* **[Container Escape](docs/exploit/container/)** (Docker, Kubernetes)
---
## ๐ต๏ธ Reconnaissance
* **[Recon Hub](docs/exploit/reconnaissance/index.md)**
* [Subdomain Enumeration](docs/exploit/reconnaissance/subdomain/)
* [OSINT](docs/exploit/reconnaissance/osint/)
* [Fuzzing & Directory Discovery](docs/exploit/web/web-content-discovery.md)
---
## ๐ General Cheat Sheets
* **[Information Disclosure Checklist](docs/exploit/web/information-disclosure.md#quick-cheat-sheet)**
* **[Business Logic Probes](docs/exploit/web/business-logic-attack.md#quick-cheat-sheet)**
* **[File Upload Bypasses](docs/exploit/web/file-upload-attack.md)**
---
*Last Updated: 2026-02-22*