2FA1

abuse_elevation_control_mechanism1

access_control_list2

access_token_manipulation1

account_discovery3

account_manipulation1

active_directory4

active_directory_enumeration5

active_directory_exploitation5

active_scanning3

adb1

adcs_abuse2

additional_local_or_domain_groups1

android1

api7

apk2

arbitrary_code_execution1

arbitrary_file_read8

backdoor1

brute_force3

buffer_overflow2

capabilities4

ccache_files1

chromium1

code_injection3

code_repositories2

collection2

command-and-scripting-interpreter1

command_and_control2

command_and_scripting_interpreter2

cookie_hijacking2

credential_access3

credential_stuffing1

credentials_in_files3

cron_abuse3

cross_site_scripting1

cryptography1

cve26

cve_exploitation18

data_from_information_repositories2

data_leak_exploitation16

data_leaks38

dcsync_attack1

debugging1

defense_evasion2

devtools6

dfir5

discovery3

dns8

dockerlabs32

domain_account1

domain_groups1

domain_or_tenant_policy_modification1

email_collection1

escaping_docker2

execution3

exfiltration1

exfiltration_over_c2_channel1

exploit_public-facing_application3

exploitation_for_client_execution1

exposure_of_information_through_directory_listing2

file_and_directory_discovery1

foothold17

forensics6

format_string_attack1

ftp10

fuzzing_web31

gather_victim_host_information3

git4

group_policy_modification1

hack_the_box62

hardware1

hash_dumping3

http61

https1

idor2

incorrect_privilege_assignment2

information_gathering68

ingress_tool_transfer1

initial_access3

insecure_deserialization3

insecure_storage_of_sensitive_information2

insertion_of_sensitive_information_into_log_file1

insufficiently_protected_credentials1

interactive_tty15

java_script2

javascript1

kerberos8

lateral_movement34

ldap8

lfi8

linux71

llmnr_poisoning1

local_account2

local_accounts1

local_email_collection1

make_and_impersonate_token1

metasploit2

misconfiguration_exploitation10

misconfigurations15

mssql1

mssql_command_execution1

network_service_discovery1

onion1

os_command_injection12

pass_the_hash4

pass_the_ticket1

password_attacks33

password_cracking2

password_spraying2

path_hijacking1

path_traversal6

permission_groups_discovery1

persistence1

phishing1

php9

pivoting1

port_forwarding9

port_swigger2

powershell1

private_keys1

privilege_escalation69

protocol_tunneling1

pwd1

python_library_hijacking1

rce22

reconnaissance3

reg_abuse1

remote_services3

resource_based_constrained_delegation1

reverse_engineering4

reversing1

rfi5

rpc2

scanning_ip_blocks3

search_victim-owned_websites3

sebackupprivilege_abuse1

shadow_credentials_attack2

sid_enum2

smb11

smtp1

snmp1

soc1

software3

spearphishing_link1

sql_injection1

sqli4

sqli_blind7

ssh62

ssrf3

ssti4

steal_or_forge_authentication_certificates1

steal_or_forge_kerberos_tickets1

steal_web_session_cookie1

steganography3

sudo_abuse33

sudo_and_sudo_caching1

suid13

symlink_abuse3

system_owner/user_discovery2

targeted_kerberoast_attack1

tcp77

tgs2

tgt2

the_hackers_labs4

tor1

udp1

unix_shell1

unpac_the_hash2

unsecured_credentials3

upnp3

use_alternate_authentication_material2

use_of_hard_coded_credentials1

use_of_weak_hash1

valid_accounts2

vulnerability_exploitation26

vulnerability_scanning3

weak_password_requirements1

web_analysis57

web_session_cookie1

windows19

windows_remote_management1

winrm8

wordlist_scanning1

wordpress4

xml_injection1

xss6