# TurboWindX ## TurboWindX - [Welcome](https://book.turbosec.net/master.md): Reject weakness, embrace discipline. - [Known Tools & Technologies](https://book.turbosec.net/hacking-methodologies/known-tools-and-technologies.md): This list contains technologies and principles that I have learned through the years. - [Kill Chain](https://book.turbosec.net/hacking-methodologies/layers.md) - [Phyisical and hardware](https://book.turbosec.net/hacking-methodologies/layer-0-phyisical-and-hardware.md): If you have physical access to the device, check this out. - [Full Screen Escape](https://book.turbosec.net/hacking-methodologies/layer-0-phyisical-and-hardware/full-screen-escape.md): Sometimes you are stuck inside a full screen interface/GUI and you can tell you're just a few clicks away from a shell. - [Checklist - WebApps](https://book.turbosec.net/checklist-webapps.md): Quick checklist for penetration test - [Checklist - Windows](https://book.turbosec.net/checklist-windows.md) - [External Recon](https://book.turbosec.net/all-the-other-layers-recon.md): Sometimes, the information you need is offered to you. - [Ports & services scanning](https://book.turbosec.net/all-the-other-layers-recon/scanning.md): Send the scouts first. - [Web Recon](https://book.turbosec.net/all-the-other-layers-recon/web-recon.md): Gotta love the internet - [CMS](https://book.turbosec.net/all-the-other-layers-recon/web-recon/cms.md): Gotta love those external libraries. - [Wordpress](https://book.turbosec.net/all-the-other-layers-recon/web-recon/cms/wordpress.md): Generic methodologies and some CVEs - [Path traversal & LFI/RFI](https://book.turbosec.net/all-the-other-layers-recon/web-recon/path-traversal-and-lfi-rfi.md) - [XSS - Cross site scripting](https://book.turbosec.net/all-the-other-layers-recon/web-recon/xss-cross-site-scripting.md) - [XML External Entity - XXE](https://book.turbosec.net/all-the-other-layers-recon/web-recon/xml-external-entity-xxe.md) - [Internal Recon](https://book.turbosec.net/internal-recon.md): Go in - [Active Directory](https://book.turbosec.net/internal-recon/active-directory.md) - [Post Exploitation](https://book.turbosec.net/post-exploitation.md) - [Container/Sandbox Breakout](https://book.turbosec.net/post-exploitation/container-sandbox-breakout.md): Virtual inceptions - [Privilege Escalation](https://book.turbosec.net/post-exploitation/privilege-escalation.md): boot -> root - [Hashing & Cracking](https://book.turbosec.net/post-exploitation/privilege-escalation/hashing-and-cracking.md) - [Persistence](https://book.turbosec.net/post-exploitation/persistence.md) - [Windows](https://book.turbosec.net/post-exploitation/persistence/windows.md) - [Data Exfiltration](https://book.turbosec.net/post-exploitation/data-exfiltration.md) - [Steganography](https://book.turbosec.net/post-exploitation/data-exfiltration/steganography.md): There are many ways to embed data into different file formats. Common file formats are often used by hackers to hide data in them. By doing so, exfiltration time is often longer but stealthier. - [Pivot & Tunneling](https://book.turbosec.net/post-exploitation/data-exfiltration/tunneling.md): Sshhhhhhhhhhhhhh - [Shells](https://book.turbosec.net/shells.md) - [Protocols](https://book.turbosec.net/protocols.md) - [FTP](https://book.turbosec.net/protocols/ftp.md) - [SSH](https://book.turbosec.net/protocols/port-22-ssh.md) - [DNS](https://book.turbosec.net/protocols/port-53-dns.md): Domain Name System - [IPP](https://book.turbosec.net/protocols/port-631-ipp.md): Printer go brrrrrrr - [Binary Exploitation](https://book.turbosec.net/binary-exploitation.md): 10101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010 - [Linux - Simple reverse & crack](https://book.turbosec.net/binary-exploitation/linux-simple-reverse-and-crack.md) - [Memory Analysis](https://book.turbosec.net/memory-analysis.md) - [Forensics](https://book.turbosec.net/forensics.md) - [Android & iOS](https://book.turbosec.net/android-and-ios.md) - [Database Injection & Exploitation](https://book.turbosec.net/database-injection.md) - [DDoS](https://book.turbosec.net/ddos.md) - [Kubernetes & Docker](https://book.turbosec.net/kubernetes-and-docker.md): I got containers on containers on containers on containers on containers - [Phish](https://book.turbosec.net/phish.md): prep the hooks --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on a page URL with the `ask` query parameter: ``` GET https://book.turbosec.net/master.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.