GITBOOK-4448: No subject

SUMMARY.md

@@ -59,7 +59,6 @@
     * [ZIPs tricks](generic-methodologies-and-resources/basic-forensic-methodology/specific-software-file-type-tricks/zips-tricks.md)
   * [Windows Artifacts](generic-methodologies-and-resources/basic-forensic-methodology/windows-forensics/README.md)
     * [Interesting Windows Registry Keys](generic-methodologies-and-resources/basic-forensic-methodology/windows-forensics/interesting-windows-registry-keys.md)
-* [Brute Force - CheatSheet](generic-methodologies-and-resources/brute-force.md)
 * [Python Sandbox Escape & Pyscript](generic-methodologies-and-resources/python/README.md)
   * [Bypass Python sandboxes](generic-methodologies-and-resources/python/bypass-python-sandboxes/README.md)
     * [LOAD\_NAME / LOAD\_CONST opcode OOB Read](generic-methodologies-and-resources/python/bypass-python-sandboxes/load_name-load_const-opcode-oob-read.md)
@@ -70,16 +69,20 @@
   * [Web Requests](generic-methodologies-and-resources/python/web-requests.md)
   * [Bruteforce hash (few chars)](generic-methodologies-and-resources/python/bruteforce-hash-few-chars.md)
   * [Basic Python](generic-methodologies-and-resources/python/basic-python.md)
-* [Exfiltration](generic-methodologies-and-resources/exfiltration.md)
-* [Tunneling and Port Forwarding](generic-methodologies-and-resources/tunneling-and-port-forwarding.md)
 * [Threat Modeling](generic-methodologies-and-resources/threat-modeling.md)
-* [Search Exploits](generic-methodologies-and-resources/search-exploits.md)
-* [Reverse Shells (Linux, Windows, MSFVenom)](generic-methodologies-and-resources/reverse-shells/README.md)
-  * [MSFVenom - CheatSheet](generic-methodologies-and-resources/reverse-shells/msfvenom.md)
-  * [Reverse Shells - Windows](generic-methodologies-and-resources/reverse-shells/windows.md)
-  * [Reverse Shells - Linux](generic-methodologies-and-resources/reverse-shells/linux.md)
-  * [Expose local to the internet](generic-methodologies-and-resources/reverse-shells/expose-local-to-the-internet.md)
-  * [Full TTYs](generic-methodologies-and-resources/reverse-shells/full-ttys.md)
+
+## Generic Hacking
+
+* [Brute Force - CheatSheet](generic-hacking/brute-force.md)
+* [Exfiltration](generic-hacking/exfiltration.md)
+* [Reverse Shells (Linux, Windows, MSFVenom)](generic-hacking/reverse-shells/README.md)
+  * [MSFVenom - CheatSheet](generic-hacking/reverse-shells/msfvenom.md)
+  * [Reverse Shells - Windows](generic-hacking/reverse-shells/windows.md)
+  * [Reverse Shells - Linux](generic-hacking/reverse-shells/linux.md)
+  * [Expose local to the internet](generic-hacking/reverse-shells/expose-local-to-the-internet.md)
+  * [Full TTYs](generic-hacking/reverse-shells/full-ttys.md)
+* [Search Exploits](generic-hacking/search-exploits.md)
+* [Tunneling and Port Forwarding](generic-hacking/tunneling-and-port-forwarding.md)
 
 ## 🐧 Linux Hardening
 
@@ -295,6 +298,7 @@
 * [Basic PowerShell for Pentesters](windows-hardening/basic-powershell-for-pentesters/README.md)
   * [PowerView/SharpView](windows-hardening/basic-powershell-for-pentesters/powerview.md)
 * [Antivirus (AV) Bypass](windows-hardening/av-bypass.md)
+* [Cobalt Strike](windows-hardening/cobalt-strike.md)
 
 ## 📱 Mobile Pentesting
 
@@ -807,12 +811,6 @@
 * [Esoteric languages](crypto-and-stego/esoteric-languages.md)
 * [Blockchain & Crypto Currencies](crypto-and-stego/blockchain-and-crypto-currencies.md)
 
-## 🦂 C2
-
-* [Salseo](c2/salseo.md)
-* [ICMPsh](c2/icmpsh.md)
-* [Cobalt Strike](c2/cobalt-strike.md)
-
 ## ✍️ TODO
 
 * [Other Big References](todo/references.md)
@@ -867,4 +865,3 @@
 * [Post Exploitation](todo/post-exploitation.md)
 * [Investment Terms](todo/investment-terms.md)
 * [Cookies Policy](todo/cookies-policy.md)
-

generic-methodologies-and-resources/pentesting-methodology.md

@@ -48,7 +48,7 @@ Before attacking a host maybe you prefer to **steal some credentials** **from th
 
 The first thing to do when **looking for vulnerabilities in a host** is to know which **services are running** in which ports. Let's see the[ **basic tools to scan ports of hosts**](pentesting-network/#scanning-hosts).
 
-### **4-** [Searching service version exploits](search-exploits.md)
+### **4-** [Searching service version exploits](../generic-hacking/search-exploits.md)
 
 Once you know which services are running, and maybe their version, you have to **search for known vulnerabilities**. Maybe you get lucky and there is a exploit to give you a shell...
 
@@ -59,7 +59,7 @@ If there isn't any fancy exploit for any running service, you should look for **
 **Inside this book you will find a guide to pentest the most common services** (and others that aren't so common)**. Please, search in the left index the** _**PENTESTING**_ **section** (the services are ordered by their default ports).
 
 **I want to make a special mention of the** [**Pentesting Web**](../network-services-pentesting/pentesting-web/) **part (as it is the most extensive one).**\
-Also, a small guide on how to[ **find known vulnerabilities in software**](search-exploits.md) can be found here.
+Also, a small guide on how to[ **find known vulnerabilities in software**](../generic-hacking/search-exploits.md) can be found here.
 
 **If your service is not inside the index, search in Google** for other tutorials and **let me know if you want me to add it.** If you **can't find anything** in Google, perform your **own blind pentesting**, you could start by **connecting to the service, fuzzing it and reading the responses** (if any).
 
@@ -69,15 +69,15 @@ There are also several tools that can perform **automatic vulnerabilities assess
 
 #### **5.2 Brute-Forcing services**
 
-In some scenarios a **Brute-Force** could be useful to **compromise** a **service**. [**Find here a CheatSheet of different services brute forcing**](brute-force.md)**.**
+In some scenarios a **Brute-Force** could be useful to **compromise** a **service**. [**Find here a CheatSheet of different services brute forcing**](../generic-hacking/brute-force.md)**.**
 
 ### 6- [Phishing](phishing-methodology/)
 
 If at this point you haven't found any interesting vulnerability you **may need to try some phishing** in order to get inside the network. You can read my phishing methodology [here](phishing-methodology/):
 
-### **7-** [**Getting Shell**](reverse-shells/)
+### **7-** [**Getting Shell**](../generic-hacking/reverse-shells/)
 
-Somehow you should have found **some way to execute code** in the victim. Then, [a list of possible tools inside the system that you can use to get a reverse shell would be very useful](reverse-shells/).
+Somehow you should have found **some way to execute code** in the victim. Then, [a list of possible tools inside the system that you can use to get a reverse shell would be very useful](../generic-hacking/reverse-shells/).
 
 Specially in Windows you could need some help to **avoid antiviruses**: [**Check this page**](../windows-hardening/av-bypass.md)**.**\\
 
@@ -89,9 +89,9 @@ If you have troubles with the shell, you can find here a small **compilation of
 * [**Windows (CMD)**](../windows-hardening/basic-cmd-for-pentesters.md)
 * [**Windows (PS)**](../windows-hardening/basic-powershell-for-pentesters/)
 
-### **9 -** [**Exfiltration**](exfiltration.md)
+### **9 -** [**Exfiltration**](../generic-hacking/exfiltration.md)
 
-You will probably need to **extract some data from the victim** or even **introduce something** (like privilege escalation scripts). **Here you have a** [**post about common tools that you can use with these purposes**](exfiltration.md)**.**
+You will probably need to **extract some data from the victim** or even **introduce something** (like privilege escalation scripts). **Here you have a** [**post about common tools that you can use with these purposes**](../generic-hacking/exfiltration.md)**.**
 
 ### **10- Privilege Escalation**
 
@@ -129,7 +129,7 @@ TODO: Complete persistence Post in Windows & Linux
 ### 12 - Pivoting
 
 With the **gathered credentials** you could have access to other machines, or maybe you need to **discover and scan new hosts** (start the Pentesting Methodology again) inside new networks where your victim is connected.\
-In this case tunnelling could be necessary. Here you can find [**a post talking about tunnelling**](tunneling-and-port-forwarding.md).\
+In this case tunnelling could be necessary. Here you can find [**a post talking about tunnelling**](../generic-hacking/tunneling-and-port-forwarding.md).\
 You definitely should also check the post about [Active Directory pentesting Methodology](../windows-hardening/active-directory-methodology/). There you will find cool tricks to move laterally, escalate privileges and dump credentials.\
 Check also the page about [**NTLM**](../windows-hardening/ntlm/), it could be very useful to pivot on Windows environments..
 
@@ -171,4 +171,3 @@ Learn & practice GCP Hacking: <img src="../.gitbook/assets/grte.png" alt="" data
 
 </details>
 {% endhint %}
-