1. FTP
   1. Vuln
      1. Anonymous Login
      2. Insecure ACL (R/W priv)
      3. Dictionary Based Attack
   2. Tools
      1. FTP Client
      2. Nmap
      3. FileZilla
      4. Browser
      5. hydra
2. SMB
   1. Vuln
      1. SMB Guest Session
      2. SMB Null Session
      3. Dictionary Based Attack
   2. Tools
      1. smbmap
      2. smbclient
      3. impacket-smbclient.py
      4. nmap
      5. crackmapexec
      6. hydra
3. SSH
   1. Vuln
      1. Dictionary Based Attack
   2. Tools
      1. Hydra
      2. Crackmapexec
4. WinRM
   1. Tools
      1. Evil-Winrm
      2. Crackmapexec
5. RDP
   1. Vuln
      1. Dictionary Based Attack
      2. OS Information Disclosure
   2. Tools
      1. Hydra
      2. nmap
      3. winexe
      4. pth-winexe
6. SMTP
   1. Vuln
      1. Username Enumeration
      2. mail spoofing
      3. mail injection
      4. Can be helpful when found LFI
   2. Tools
      1. smtp-user-enum
      2. telnet
      3. swaks
7. MySQL
   1. Vuln
      1. Dictionary Based Attack
      2. Insecure Privileges
      3. Information Disclosure
      4. FILE
   2. Tools
      1. Hydra
      2. nmap
      3. mysql client
8. NFS
   1. Vuln
      1. Open Network Share
   2. Tools
      1. showmount
      2. mount
      3. nmap
9. SNMP
   1. Vuln
      1. Sensitive Information Disclosure
   2. Tools
      1. snmp-check
      2. snmp-walk
10. MSSQL
    1. Vuln
       1. Common Passwords
    2. Tools
       1. impacket-mssqlclient
       2. enable_xp_cmdshell
11. HTTP/S
    1. Vuln
       1. Hidden directory enumeration
       2. Subdomain Enumeration
       3. vhost enumeration
    2. Tools
       1. Gobuster
       2. Nikto
12. #OSCP Preperation
13. Robensive
14. Advanced Network Exploitation Expert -Gitbook
15. Advanced Network Exploitation Expert -YouTube