# Dudji's Docs ## Docs - [Attacks](https://hackbook.dudji.com/attacks/index.md): Vulnerability-first thinking — attack techniques organized by type and target. - [Privilege Escalation](https://hackbook.dudji.com/attacks/privilege-escalation/index.md): Escalate from low-privilege user to root or SYSTEM. - [Linux Privilege Escalation](https://hackbook.dudji.com/attacks/privilege-escalation/linux.md): Common Linux privilege escalation techniques — from enumeration to root. - [Web Attacks](https://hackbook.dudji.com/attacks/web/index.md): Web application attack techniques — vulnerability-first thinking. - [Local File Inclusion](https://hackbook.dudji.com/attacks/web/local-file-inclusion.md): Exploit LFI vulnerabilities to read files, leak credentials, and achieve remote code execution. - [SQL Injection](https://hackbook.dudji.com/attacks/web/sql-injection.md): From data extraction to OS command execution — SQL injection techniques and methodology. - [Blind SQL Injection](https://hackbook.dudji.com/attacks/web/sql-injection/blind-sql-injection.md): Extract data from databases where query results aren't returned in the HTTP response. - [SQL Injection UNION Attacks](https://hackbook.dudji.com/attacks/web/sql-injection/sql-injection-union-attacks.md): Use UNION to retrieve data from other database tables via SQL injection. - [WordPress Enumeration](https://hackbook.dudji.com/attacks/web/wordpress/enumeration.md): Systematic WordPress reconnaissance to map users, plugins, themes, and exposed attack paths. - [WordPress Exploitation](https://hackbook.dudji.com/attacks/web/wordpress/exploitation.md): Practical exploitation paths in WordPress after successful enumeration. - [WordPress Fundamentals](https://hackbook.dudji.com/attacks/web/wordpress/fundamentals.md): Default WordPress structure, core files, configuration, and role model. - [WordPress Hardening](https://hackbook.dudji.com/attacks/web/wordpress/hardening.md): Practical controls to reduce WordPress attack surface and limit impact. - [WordPress](https://hackbook.dudji.com/attacks/web/wordpress/index.md): Enumerate, assess, and exploit common WordPress attack paths. - [Hackbook](https://hackbook.dudji.com/index.md): A structured offensive security knowledge base — methodology, attacks, tech, payloads, and tools. - [Payloads](https://hackbook.dudji.com/payloads/index.md): Payload library — ready-to-use payloads for various attack scenarios. - [Enumeration](https://hackbook.dudji.com/playbook/enumeration/index.md): Systematic enumeration to identify vulnerabilities, misconfigurations, and attack paths. - [Web Enumeration](https://hackbook.dudji.com/playbook/enumeration/web-enumeration.md): Enumerate web applications — directories, parameters, technologies, and hidden attack surface. - [Exploitation](https://hackbook.dudji.com/playbook/exploitation/index.md): Turning enumeration findings into initial access. - [Playbook](https://hackbook.dudji.com/playbook/index.md): Methodology & flow — a structured approach to offensive engagements. - [Post-Exploitation](https://hackbook.dudji.com/playbook/post-exploitation/index.md): Actions on objectives — persistence, lateral movement, and exfiltration. - [Recon](https://hackbook.dudji.com/playbook/recon/index.md): Passive and active reconnaissance — mapping the target before you touch it. - [Infrastructure Based Enumeration](https://hackbook.dudji.com/playbook/recon/infrastructure-based-enumeration.md): Map the external and internal infrastructure footprint before deep host probing. - [Tech](https://hackbook.dudji.com/tech/index.md): Tech-specific patterns — deep dives into operating systems, services, and infrastructure. - [Authentication & Authorization](https://hackbook.dudji.com/tech/linux/authentication-authorization.md): Linux authentication internals — PAM, passwd, shadow, SSH, and sudo. - [Bash Scripting](https://hackbook.dudji.com/tech/linux/bash-scripting.md): Compact Bash fundamentals for arguments, variables, flow control, operators, functions, and debugging. - [Filesystem navigation](https://hackbook.dudji.com/tech/linux/filesystem-navigation.md) - [Filtering text processing](https://hackbook.dudji.com/tech/linux/filtering-text-processing.md) - [Linux](https://hackbook.dudji.com/tech/linux/index.md): Linux internals from an offensive security perspective. - [Network configuration](https://hackbook.dudji.com/tech/linux/network-configuration.md) - [Permissions](https://hackbook.dudji.com/tech/linux/permissions.md) - [Pillaging](https://hackbook.dudji.com/tech/linux/pillaging.md) - [Processes services](https://hackbook.dudji.com/tech/linux/processes-services.md) - [Security hardening](https://hackbook.dudji.com/tech/linux/security-hardening.md) - [Storage & Devices](https://hackbook.dudji.com/tech/linux/storage-devices.md): Disks, partitions, mount points, and device files in Linux. - [System enumeration](https://hackbook.dudji.com/tech/linux/system-enumeration.md) - [System logs](https://hackbook.dudji.com/tech/linux/system-logs.md) - [User management](https://hackbook.dudji.com/tech/linux/user-management.md) - [Exploitation Frameworks](https://hackbook.dudji.com/tools/exploitation-frameworks/index.md): Frameworks for exploit development, payload management, and post-exploitation modules. - [Metasploit Core](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/core.md): Modules, targeting, and workflow basics in msfconsole. - [Metasploit Encoders](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/encoders.md): Encoder workflows, SGN examples, and AV detection reality checks. - [Firewall and IDS/IPS Evasion](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/evasion.md): Endpoint protection, perimeter defense, detection evasion, and AV bypass techniques. - [Metasploit](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/index.md): Exploitation framework usage, split into focused sections. - [Meterpreter](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/meterpreter.md): Meterpreter payload, post-exploitation, and privilege escalation workflows. - [MSFVenom](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/msfvenom.md): Payload generation, encoding, and real-world deployment workflows. - [Metasploit Payloads](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/payloads.md): Payload families, staged vs single payloads, and payload selection. - [Metasploit Plugins](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/plugins.md): Plugin installation, usage, Nessus integration, custom plugins, and Mixins in Metasploit. - [Metasploit Sessions](https://hackbook.dudji.com/tools/exploitation-frameworks/metasploit/sessions.md): Session management, backgrounding, and job control. - [Tools](https://hackbook.dudji.com/tools/index.md): Cyber arsenal — tool references, cheatsheets, and usage guides. - [Network Scanning](https://hackbook.dudji.com/tools/network-scanning/index.md): Host discovery, service detection, and network mapping tools. - [Nmap](https://hackbook.dudji.com/tools/network-scanning/nmap.md): Host discovery, service enumeration, and firewall or IDS/IPS evasion techniques. - [Burp Suite](https://hackbook.dudji.com/tools/web-testing/burp-suite.md): Web application testing with Burp Suite. - [Web Testing](https://hackbook.dudji.com/tools/web-testing/index.md): Interception, manipulation, and web application security testing tools. ## OpenAPI Specs - [openapi](https://hackbook.dudji.com/api-reference/openapi.json)