Filter Descriptions

Services

Service	Description
Active Directory	Active Directory domain attacks — all AD techniques in one view.
ADCS	Active Directory Certificate Services.
SMB	Server Message Block — file sharing, often on ports 139/445.
HTTP/HTTPS	Web services on ports 80/443/8080/8443.
SSH	Secure Shell — remote access on port 22.
FTP	File Transfer Protocol on port 21.
DNS	Domain Name System on port 53.
LDAP	Lightweight Directory Access Protocol on ports 389/636.
Kerberos	Authentication protocol on port 88.
RDP	Remote Desktop Protocol on port 3389.
WinRM	Windows Remote Management on port 5985/5986.
MSSQL	Microsoft SQL Server on port 1433.
MySQL	MySQL database on port 3306.
SNMP	Simple Network Management Protocol on port 161.
SMTP	Simple Mail Transfer Protocol on port 25/587.
RPC	Remote Procedure Call on port 135 (includes WMI/DCOM).
NFS	Network File System on port 2049.
VNC	Virtual Network Computing on port 5900.
Redis	Redis in-memory database on port 6379.
PostgreSQL	PostgreSQL database on port 5432.

Phases

Phase	Description
Reconnaissance	Passive/active information gathering, port scanning, and service discovery.
Enumeration	Extracting detailed information from discovered services.
Exploitation	Gaining access by exploiting vulnerabilities or using credentials.
Post-Exploitation	Actions after gaining access — credential dumping, data collection.
Privilege Escalation	Escalating from low-privileged user to root/SYSTEM/admin.
Persistence	Maintaining access to the compromised environment.

Techniques

Technique	Description
XSS
Injection
Command Injection
SSRF
LFI/RFI
SSTI
File Upload
XXE
Token Impersonation
Service Misconfig
DLL Hijack
UAC Bypass
Kernel Exploit
Defense Evasion
Perm Abuse
Cron Abuse
Library Hijack
Docker Escape
NFS Abuse
Writable Service
TCC Bypass
Dylib Hijack
LaunchDaemon Abuse
Kerberoasting
AS-REP Roasting
Pass-the-Hash
NTLM Relay
DCSync
Pass-the-Ticket
BloodHound
Password Spraying
ACL Abuse
ADCS Abuse
Delegation Abuse
Ticket Forgery
Credential Theft
CVE Exploit