Share
## https://sploitus.com/exploit?id=DBA1C960-11D2-504A-889A-D7F97E4FC3BC
# ๐ŸŽฏ Pentest Playbook Index

Welcome to the comprehensive penetration testing playbook. This index serves as the central hub for all methodologies, exploitation scenarios, and quick-reference cheat sheets.

---

## ๐ŸŒ Web Exploitation (Top Categories)
*   **[Web Attack Overview](docs/exploit/web/index.md)**
*   **[Authentication & Access Control](docs/exploit/web/web-login-bypass.md)**
    *   [Broken Access Control](docs/exploit/web/broken-access-control.md)
    *   [IDOR](docs/exploit/web/idor-attack.md)
    *   [OAuth Attacks](docs/exploit/web/oauth-attack.md)
*   **[Injection Attacks](docs/exploit/web/sql-injection.md)**
    *   [SQL Injection](docs/exploit/web/sql-injection.md) & [Cheat Sheet](docs/exploit/web/sql-injection-cheat-sheet.md)
    *   [NoSQL Injection](docs/exploit/web/nosql-injection.md)
    *   [OS Command Injection](docs/exploit/web/os-command-injection.md)
    *   [SSTI (Server-Side Template Injection)](docs/exploit/web/ssti.md)
*   **[Advanced Web Techniques](docs/exploit/web/web-cache-poisoning.md)**
    *   [Web Cache Poisoning](docs/exploit/web/web-cache-poisoning.md) 
    *   [Web Cache Deception](docs/exploit/web/web-cache-deception.md) 
    *   [HTTP Request Smuggling](docs/exploit/web/request-smuggling.md)
    *   [Race Conditions](docs/exploit/web/web-race-condition-attack.md) 
*   **[Modern Targets](docs/exploit/web/api.md)**
    *   [API Security](docs/exploit/web/api.md)
    *   [Web LLM Attacks](docs/exploit/web/llm-chatbot.md)
    *   [GraphQL](docs/exploit/web/graphql.md)
    *   [WebSocket](docs/exploit/web/websocket.md)

---

## ๐Ÿง Linux & Privilege Escalation
*   **[Linux PrivEsc Core Index](docs/exploit/linux/privilege-escalation/index.md)**
    *   [Shell Stabilization](docs/exploit/linux/privilege-escalation/index.md#shell-stabilization-pre-escalation)
    *   [SUID Binaries](docs/exploit/linux/privilege-escalation/index.md#scenario-1-suid-binaries--gtfobins)
    *   [Sudo Rights](docs/exploit/linux/privilege-escalation/index.md#scenario-2-sudo-rights-sudo--l)
    *   [Capabilities](docs/exploit/linux/privilege-escalation/index.md#scenario-4-capabilities)
    *   [Cron Jobs](docs/exploit/linux/privilege-escalation/index.md#scenario-3-cron-jobs)

---

## ๐ŸชŸ Windows & Active Directory
*   **[Windows PrivEsc Core Index](docs/exploit/windows/privilege-escalation/index.md)**
    *   [Unquoted Service Paths](docs/exploit/windows/privilege-escalation/index.md#scenario-1-unquoted-service-path)
    *   [Token Impersonation (Potato)](docs/exploit/windows/privilege-escalation/index.md#scenario-4-token-impersonation-potato-attacks)
    *   [Registry Exploits](docs/exploit/windows/privilege-escalation/registry-keys.md)
*   **[Active Directory Attacks](docs/exploit/windows/active-directory/)**
    *   [Kerberos (AS-REP Roasting, Kerberoasting)](docs/exploit/windows/privilege-escalation/kerberos.md)
    *   [ADCS Exploitation](docs/exploit/windows/privilege-escalation/adcs.md)

---

## ๐Ÿ“ก Infrastructure & Network
*   **[Protocol Exploitation](docs/exploit/network/index.md)**
    *   [SNMP](docs/exploit/network/protocol/snmp.md)
    *   [SMB](docs/exploit/network/protocol/smb.md)
    *   [FTP](docs/exploit/network/protocol/ftp.md)
*   **[Port Forwarding & Pivoting](docs/exploit/network/port-forwarding/)**

---

## ๐Ÿ› ๏ธ Specialized Domains
*   **[Cryptography](docs/exploit/cryptography/index.md)**
*   **[Cloud Security](docs/exploit/cloud/)** (AWS, Azure, GCP)
*   **[Machine Learning Pentesting](docs/exploit/machine-learning/)**
*   **[Blockchain & Smart Contracts](docs/exploit/blockchain/)**
*   **[Container Escape](docs/exploit/container/)** (Docker, Kubernetes)

---

## ๐Ÿ•ต๏ธ Reconnaissance
*   **[Recon Hub](docs/exploit/reconnaissance/index.md)**
    *   [Subdomain Enumeration](docs/exploit/reconnaissance/subdomain/)
    *   [OSINT](docs/exploit/reconnaissance/osint/)
    *   [Fuzzing & Directory Discovery](docs/exploit/web/web-content-discovery.md)

---

## ๐Ÿ“ General Cheat Sheets
*   **[Information Disclosure Checklist](docs/exploit/web/information-disclosure.md#quick-cheat-sheet)**
*   **[Business Logic Probes](docs/exploit/web/business-logic-attack.md#quick-cheat-sheet)**
*   **[File Upload Bypasses](docs/exploit/web/file-upload-attack.md)**

---
*Last Updated: 2026-02-22*