Here is where I upload some of my notes. Typically they are related to information security.
All dark mode notes can be found in their HTML format on my website: https://0xd4y.com/.
https://0xd4y.com/2022/09/11/Hands-on-AWS-Penetration-Testing-Notes/
- Privilege escalation techniques
- AWS pentest tools
- Bypassing GuardDuty and Cloudtrail
- And much more!
https://0xd4y.com/2022/03/15/AWS-Security-Specialty-Notes/
- Notes from security engineer point of view
- Securely configuring AWS environments
- Security responsibility & access management
- Monitoring, logging, and auditing
- Best practices and automation
- Encryption and data security
https://0xd4y.com/2022/10/01/GCP-Penetration-Testing-Notes/
- GCP fundamentals
- Privilege escalation techniques
- Common misconfigurations
- Pivoting to G Suite
- Avoiding alerts
- GCP networking
https://0xd4y.com/2022/10/24/GCP-Penetration-Testing-Notes-2/
- Privilege escalation techniques (IAM and Non-IAM)
- GKE, Google Cloud Storage, Cloud Build, etc.
- Remediation
- Tools
https://0xd4y.com/2023/02/28/Active-Directory-Pentesting-Notes/
- Common tactics, techniques, and procedures used by threat actors
- Active Directory security fundamentals
- Common tools used for AD pentesting
- Bypassing security mechanisms
https://0xd4y.com/2023/04/05/CRTP-Notes/
- Local privilege escalation
- Domain privilege escalation
- Tools for AD pentesting and red teaming
- AV bypassing
- Web exploitation
- AD best practices
- Defense
- Threat detection
- Trust relationships
- AD fundamentals
https://0xd4y.com/2023/06/12/CRTE-Notes/
- LAPS, gMSA, and Azure AD exploitation
- Delegation
- AD pentesting and red teaming tools
- Tunneling
- Bypassing defenses
- Evading detection
- Certification Authority
- Advanced SQL exploitation
- Cross-forest attacks
https://0xd4y.com/2023/01/19/Wi-Fi-Pentesting-Notes/
- MITM SSL
- Hotspot attacks
- Gaining access to hidden SSIDs
- Wireless IDS and IPS
- WEP, WPA-PSK, and WPA2-PSK attacks
- Spoofing attacks and detection