# Exploitation Guide

- [01 Reconnaissance](/calvin-lai-security/tools/01-reconnaissance.md)
- [02 Port Enumeration](/calvin-lai-security/tools/02-eumernation.md)
- [03 Web Enumeration](/calvin-lai-security/tools/03-web-enum-and-exploit.md)
- [04 Windows Enum & Exploit](/calvin-lai-security/tools/04-windows-enum-and-exploit.md)
- [Windows Credential Dumping](/calvin-lai-security/tools/04-windows-enum-and-exploit/windows-credential-dumping.md)
- [Credential Dumping: SAM](/calvin-lai-security/tools/04-windows-enum-and-exploit/windows-credential-dumping/dumping-windows-credentials.md): Dumping the NTL Hash
- [Credential Dumping: DCSync](/calvin-lai-security/tools/04-windows-enum-and-exploit/windows-credential-dumping/credential-dumping-dcsync.md): May 2022
- [Kerberos Attack](/calvin-lai-security/tools/04-windows-enum-and-exploit/09-kerberos-attack.md): January 2020
- [RDP](/calvin-lai-security/tools/04-windows-enum-and-exploit/rdp.md)
- [05 File Enumeration](/calvin-lai-security/tools/05-file-enumeration.md)
- [06 Reverse Shell Cheat Sheet](/calvin-lai-security/tools/exploitation-command.md): The syntax of generating reverse TCP shell payload
- [Windows Reverse Shell](/calvin-lai-security/tools/exploitation-command/windows-reverse-shell.md): This page is going to show the generation of reverse shell payload for Windows environment.
- [Linux Reverse Shell](/calvin-lai-security/tools/exploitation-command/linux-reverse-shell.md): This page is going to show the generation of reverse shell payload for Linux environment.
- [07 SQL Injection](/calvin-lai-security/tools/06-sql-injection.md)
- [08 BruteForce](/calvin-lai-security/tools/08-bruteforce.md)
- [09 XSS Bypass Checklist](/calvin-lai-security/tools/09-xss.md): XSS ByPass, CTF
- [10 Spring Boot](/calvin-lai-security/tools/10-spring-boot.md)
- [11 WPA](/calvin-lai-security/tools/11-wpa.md): aircrack-ng
- [12 Payload list](/calvin-lai-security/tools/12-payload-list.md): XXS, injection, open-redirect, XXE, rfi & lfi