- https://securityxploded.com/memory-execution-of-executable.php
- https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
- https://ponderthebits.com/2018/02/windows-rdp-related-event-logs-identification-tracking-and-investigation/
- https://j00ru.vexillium.org/syscalls/nt/64/
- https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
- https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified_Pre-Owned.pdf
- https://blog.rchapman.org/posts/Linux_System_Call_Table_for_x86_64/ https://hackeradam.com/x86-64-linux-syscalls/
- https://www.gladir.com/LEXIQUE/ASM/jumpif.htm
- https://visualgdb.com/gdbreference/commands/x
- https://learn.microsoft.com/en-us/windows/win32/secauthz/access-mask-format?redirectedfrom=MSDN
- https://medium.com/@youcef.s.kelouaz/writing-a-sliver-c2-powershell-stager-with-shellcode-compression-and-aes-encryption-9725c0201ea8
- https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html#as-rep-roasting
- https://rioasmara.com/2020/07/04/kerberoasting-as-req-pre-auth-vs-non-pre-auth/
- https://www.roguelynn.com/words/explain-like-im-5-kerberos/
- https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2023_02.svg
- https://captmeelo.com/redteam/maldev/2022/02/16/libraries-for-maldev.html
- https://0xpat.github.io/Malware_development_part_1/
- https://ajpc500.github.io/nim/Shellcode-Injection-using-Nim-and-Syscalls/
- https://www.doyler.net/security-not-included/executing-shellcode-with-python
- https://mncmb.github.io/Basic-windows-shellcode-injection-with-python/
- https://blog.f0b.org/2022/05/process-injection-on-linux-injecting-into-processes/
- https://cocomelonc.github.io/tutorial/2021/10/27/windows-shellcoding-1.html
- https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/ https://securitycafe.ro/2015/12/14/introduction-to-windows-shellcode-development-part-2/
- https://en.wikipedia.org/wiki/Executable_and_Linkable_Format https://www.man7.org/linux/man-pages/man5/elf.5.html
- https://hackmd.io/@rayanlecat/SkpuOxDSn
- https://www.cert.ssi.gouv.fr/uploads/guide-ad.html
- https://ad-lab.gitbook.io/building-a-windows-ad-lab/lab-setup/building-the-lab/creating-bank.local/creating-amsterdam.bank.local/creating-fileserver-file01
- https://www.thehacker.recipes/
- https://blog.thc.org/infecting-ssh-public-keys-with-backdoors
- https://posts.specterops.io/pass-the-hash-is-dead-long-live-localaccounttokenfilterpolicy-506c25a7c167
- https://xsleaks.dev/
- https://tracker.viriback.com/
- https://www.semperis.com/blog/golden-gmsa-attack/
- https://offsec.almond.consulting/authenticating-with-certificates-when-pkinit-is-not-supported.html
- https://inf0sec.fr/
- https://lolbas-project.github.io/#
- https://gtfobins.github.io/
- https://atomicredteam.io/command-and-control/T1105/
- https://redcanary.com/blog/
- https://unprotect.it/technique/dll-unhooking/
- https://s3cur3th1ssh1t.github.io/Cat_Mouse_or_Chess/
- https://nuts7.fr/zerologon/
- https://bushido-sec.com/index.php/2023/06/25/the-art-of-fuzzing-windows-binaries/
- https://beta.hackndo.com/
- https://0xinfection.github.io/posts/wmi-recon-enum/
- https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf?%3F%3F%3F%3F%3Futm_source=content
- https://dmcxblue.gitbook.io/red-team-notes/execution/windows-management-instrumentation-wmi
- https://check.merox.io/advanced?domain=hardis.fr&type=dmarc&selector=
- https://start.me/p/wMrA5z/cyber-threat-intelligence
- https://portswigger.net/research/exploiting-xss-in-hidden-inputs-and-meta-tags
- https://www.trustedsec.com/blog/hacking-your-cloud-tokens-edition-2-0/
- https://deobfuscate.relative.im/
- https://www.cisa.gov/sites/default/files/2023-07/aa23-201a_csa_threat_actors_exploiting_citrix-cve-2023-3519_to_implant_webshells.pdf
- https://research.aurainfosec.io/pentest/hook-line-and-phishlet/
- https://beginninghacking.net/2022/07/29/letsdefend-pdf-analysis/
- https://videos.didierstevens.com/2022/10/14/png-mimikatz-exe/
- https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ron%20Ben-Yizhak%20-%20NoFilter%20Abusing%20Windows%20Filtering%20Platform%20for%20privilege%20escalation.pdf
- https://www.synacktiv.com/publications/old-bug-shallow-bug-exploiting-ubuntu-at-pwn2own-vancouver-2023
- https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/
- https://mystic0x1.github.io/posts/methods-to-backdoor-an-aws-account/
- https://www.ired.team/offensive-security/persistence/dll-proxying-for-persistence
- https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation/dll-hijacking
- https://itm4n.github.io/dll-proxying/
- https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows
- https://mcsi-library.readthedocs.io/articles/2022/10/powershell-shellcode-part-2.html
- https://san3ncrypt3d.com/2021/08/13/VBAShell/
- https://devblogs.microsoft.com/scripting/learn-how-it-pros-can-use-the-powershell-ast/
- https://pen300.hide01.ir/index.html#video-path=media/video/CSCEO_06_04.mp4&time-offset=91
- https://themayor.notion.site/53512dc072c241589fc45c577ccea2ee?v=7b908e7e76a9416f98f40d9d3843d3cb&p=c5402d9f520a4cd68d4f903019e11f26
- https://research.openanalysis.net/powershell/shellcode/noobsnight/2022/11/24/powershell-shellcode.html
- https://www.youtube.com/watch?v=OuL-7GPhhAQ
- https://www.reddit.com/r/rfelectronics/comments/i4tbu2/an_rf_book_list/?rdt=47958
- https://infocon.org/skills/Ham%20Radio%20Crash%20Course%20-%20Radio/
- https://biot.com/capstats/bpf.html scapy filter syntax
- https://web.archive.org/web/20230403234851/https://pre.empt.dev/posts/maelstrom-the-implant/
- https://www.onworks.net/os-distributions/debian-based/free-kali-linux-online
- https://unix.stackexchange.com/questions/517524/install-tails-with-persistent-storage-on-virtualbox
- https://search.censys.io/
- https://www.shodan.io/
- https://exposingtheinvisible.org/en/guides/vpn-over-tor/
- https://web-check.xyz/
- https://book.blueteamguides.com/
- https://montysecurity.medium.com/analyzing-a-multi-stage-lnk-dropper-d9f0f97fcb02
- https://www.thalesgroup.com/fr/group/journaliste/press-release/cyberthreat-handbook-thales-et-verint-presentent-leur-whos-who-des
- https://www.protect.airbus.com/blog/active-directory-a-canary-under-your-hat/
- https://www.unifiedkillchain.com/assets/The-Unified-Kill-Chain.pdf
- https://exploit.in/
- https://thehackernews.com/
- https://www.rapid7.com/blog/series/emergent-threats/emergent-threats/
- https://attackerkb.com/activity-feed
- https://attackerkb.com/topics
- https://specterops.github.io/TierZeroTable/ https://posts.specterops.io/what-is-tier-zero-part-1-e0da9b7cdfca https://posts.specterops.io/what-is-tier-zero-part-2-6e1d14fddcaf
- https://malpedia.caad.fkie.fraunhofer.de/
- https://thedfirreport.com/
- https://mitre-attack.github.io/attack-navigator/
- https://caldera.mitre.org/
- https://www.youtube.com/watch?v=78RIsFqo9pM
- https://posts.specterops.io/uncovering-the-unknowns-a47c93bb6971
- https://docs.docker.com/network/packet-filtering-firewalls/ https://docs.docker.com/network/
- https://www.microsoft.com/fr-fr/evalcenter/download-windows-server-2022
- https://www.packetlevel.ch/html/scapy/scapyipv6.html
- https://www.kernel.org/doc/html/latest/filesystems/proc.html
- https://www.forensicxlab.com/posts/hibernation/
- https://invictus-ir.medium.com/a-defenders-guide-to-graphrunner-part-i-e01dcc6b6fa7
- https://luemmelsec.github.io/Relaying-101/
- https://tria.ge/
- https://hybrid-analysis.com/
- https://www.virustotal.com/
- https://www.filescan.io/scan
- https://www.joesandbox.com/
- https://www.ired.team/offensive-security/credential-access-and-credential-dumping/dump-credentials-from-lsass-process-without-mimikatz
- https://0xrick.github.io/
- https://www.exploit-db.com/
- https://wikileaks.org/vault7/
- https://unprotect.it/
- https://otx.alienvault.com/
- https://bazaar.abuse.ch/
- https://www.malshare.com/
- https://soc6s.fr/blog-cti/
- https://cybernews.com/news/
- https://www.darkreading.com/attacks-breaches https://www.darkreading.com/threat-intelligence https://www.darkreading.com/vulnerabilities-threats
- https://connect.ed-diamond.com/misc
- https://gbhackers.com/category/vulnerability-android-2/
- https://gbhackers.com/category/threatsattacks/
- https://ntlm.info/
- https://www.tomtombinary.xyz/articles/aliens-versus-predators-2/
- https://www.ledger.com/blog/hacking-adhd-strategies-for-the-modern-developer
- https://davidebove.com/blog/2021/03/27/how-to-dump-process-memory-in-linux/ linux memory dump
- https://andreacristaldi.github.io/APTmap/
- https://icanhaspii.github.io/
- https://www.youtube.com/watch?v=Kqwa-9Tanzw AWS forensic DFIR
- https://apackets.com/
- https://gitlab.com/akihe/radamsa
- https://www.acceis.fr/attaque-par-retro-passage-ldap/
- https://maldevacademy.com/
- https://publication.osintambition.org/8-basic-methods-of-automating-the-collection-of-information-from-company-websites-9757f3cd1e06
- https://www.jamf.com/blog/punycode-attacks/#:~:text=By%20default%2C%20many%20web%20browsers%20use%20the%20xn--,a%20measure%20to%20defend%20against%20Homograph%20phishing%20attacks
- https://hackropole.fr/fr/challenges/web/fcsc2020-web-babel-web/
- https://darkcoding.net/software/a-very-small-rust-binary-indeed/
- https://whoamianony.top/posts/ad-cs-new-ways-to-abuse-manageca-permissions/
- https://otterhacker.github.io/
- https://redlabs.enterprisesecurity.io/
- https://pwnedlabs.io/
- https://azure.enterprisesecurity.io
- https://www.youtube.com/watch?v=SqfDFIQ8kkk
- https://www.youtube.com/watch?app=desktop&v=ggTDxrtxWyM
- https://elixir.bootlin.com/linux/v5.15.137/A/ident/inet_addr
- https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp?filter=123
- https://youtube.com/watch?v=QskRb95sQNI
- https://www.rayanle.cat/umbrella-htb-uni-ctf-2023/
- https://0xfa7e.github.io/post/cpts-vs-oscp/
- https://www.outflank.nl/free-training-course-microsoft-office-offensive-tradecraft-for-red-teamers/?source=oftw
- https://archive.is/2019.01.16-232458/https://x89k.cf/infosec/2018/11/03/oscpsurvivalguide.html
- https://www.synacktiv.com/publications/writing-a-decent-win32-keylogger-13
- https://ss64.com/bash/syntax-keyboard.html
- https://hunter.how/
- https://rbaskets.in/web
- https://r3kapig-not1on.notion.site/2023-4828bf0bb74e45cabce2288370402dc0
- https://swisskyrepo.github.io/InternalAllTheThings/
- https://secret.club/2020/04/23/directory-deletion-shell.html
- https://www.synacktiv.com/en/publications/kubernetes-namespaces-isolation-what-it-is-what-it-isnt-life-universe-and-everything
- https://labs.nettitude.com/blog/creating-an-opsec-safe-loader-for-red-team-operations/
- https://malwaretech.com/2023/12/an-introduction-to-bypassing-user-mode-edr-hooks.html
- https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
- https://drive.google.com/drive/u/0/folders/1if6MCeBCj8sxWwJIKhtgwU0GBuBW8uLx?s=09
- https://blog.redteam-pentesting.de/2024/bitwarden-heist/
- https://github.com/HotCakeX/Harden-Windows-Security/wiki/WDAC-policy-for-BYOVD-Kernel-mode-only-protection
- https://www.vergiliusproject.com/kernels/x64/Windows%2011/23H2%20(2023%20Update)
- https://ntdoc.m417z.com/
- http://undocumented.ntinternals.net/
- http://terminus.rewolf.pl/terminus/
- http://ropgadget.com/posts/abusing_win_functions.html
- https://www.rapid7.com/blog/post/2019/01/03/santas-elfs-running-linux-executables-without-execve/
- https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
- https://itm4n.github.io/insomnihack-2024-cache-cache/
- https://www.hudsonrock.com/search
- https://www.offensiveosint.io/
- https://www.whoxy.com/
- https://crt.sh/
- https://dnsdumpster.com/
- https://epieos.com/
- https://castrickclues.com/
- https://app.ens.domains/
- https://dns.decentraweb.org/sld
- https://0x434b.dev/overview-of-glibc-heap-exploitation-techniques/
- https://iter.ca/post/gh-sig-pwn/
- https://hunter.io/
- https://phonebook.cz/
- https://intelx.io/
- https://wigle.net/
- https://publicwww.com/
- https://exploit.in/
- https://xss.is/
- https://www.hackcyom.com/2024/01/from-zero-to-hero-ad-adventure-1/
- https://osintframework.com/
- https://map.malfrats.industries/
- https://start.me/
- https://inteltechniques.com/
- https://www.pappers.fr/recherche
- https://www.info-clipper.com/
- https://www.own.security/blog/probiv-an-illegal-service-used-for-many-purposes
- https://www.thispersondoesnotexist.com/
- https://thispersonnotexist.org/
- https://this-person-does-not-exist.com/en
- https://thispersondoesnotexist.tools/
- https://fmhy.xyz/
- https://app.osintracker.com/investigations
- https://app.apollo.io/
- https://www.falstad.com/circuit/circuitjs.html
- https://everycircuit.com/
- https://illicit.services/
- https://www.blackhillsinfosec.com/wp-content/uploads/2021/03/SLIDES_OPSECFundamentalsRemoteRedTeams-1.pdf
- https://sensepost.com/blog/2024/sensecon-23-from-windows-drivers-to-an-almost-fully-working-edr/
- https://trustedsec.com/blog/js-tap-weaponizing-javascript-for-red-teams
- https://blog.malicious.group/automating-c2-infrastructure-with-terraform-nebula-caddy-and-cobalt-strike/
- https://cube0x0.github.io/Pocing-Beyond-DA/
- https://www.netspi.com/blog/technical/network-penetration-testing/exploiting-adidns/
- https://janbakker.tech/evilginx-resources-for-microsoft-365/
- https://msrc.microsoft.com/update-guide/
- https://0xswitch.fr/
- https://zweilosec.gitbook.io/
- https://0xdf.gitlab.io/
- https://axelp.io/MouseTrap
- https://www.freecodecamp.org/news/rtlo-in-hacking/
- https://redops.at/en/blog/exploring-hells-gate
- https://redops.at/en/blog/edr-analysis-leveraging-fake-dlls-guard-pages-and-veh-for-enhanced-detection
- https://chrollo-dll.gitbook.io/chrollo/security-blogs/cloud-pentesting/aws/cloudgoat-vulnerable-lambda
- https://medium.com/@sam.rothlisberger/embed-a-malicious-executable-in-a-normal-pdf-or-exe-81ee5339707e
- https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/
- https://pauljerimy.com/security-certification-roadmap/
- https://riccardoancarani.github.io/
- https://her0ness.github.io/
- https://posts.specterops.io/adcs-esc13-abuse-technique-fda4272fbd53
- https://medium.com/@lsecqt/weaponizing-dll-hijacking-via-dll-proxying-3983a8249de0
- https://matheuzsecurity.github.io/hacking/linux-threat-hunting-persistence/
- https://godbolt.org/
- https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/
- https://www.outflank.nl/blog/2019/05/05/evil-clippy-ms-office-maldoc-assistant/
- https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/
- https://medium.com/@airlockdigital/make-phishing-great-again-vsto-office-files-are-the-new-macro-nightmare-e09fcadef010
- https://sabotagesec.com/the-lazy-guide-to-reverse-rpc/
- https://itm4n.github.io/fuzzing-windows-rpc-rpcview/
- https://forensics.wiki/
- https://docs.google.com/document/d/1KByZzrdwQhrXGPPCf9tUzERZyRzg0xOpGbWoDURZxTI/edit
- https://www.dre.vanderbilt.edu/~schmidt/android/android-4.0/dalvik/docs/dex-format.html
- https://source.android.com/docs/core/runtime/dex-format?hl=fr
- https://torrentcome.github.io/def/dex/
- https://www.guitmz.com/page/4/
- https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html
- https://reverse.zip/categories/introduction-au-reverse/
- https://graphviz.org/
- https://blu3eye.gitbook.io/malware-insight
- https://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6e
- https://blog.lexfo.fr/lockbit-malware.html
- https://fy.blackhats.net.au/
- https://blog.malicious.group/writing-your-own-rdi-srdi-loader-using-c-and-asm/
- http://www.cse.yorku.ca/~oz/hash.html
grgmrtn255/Links
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published