Bug Bounty - GitBook
رفتن به کانال در Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
نمایش بیشتر7 497
مشترکین
+524 ساعت
+577 روز
+19730 روز
آرشیو پست ها
7 503
H12006 - Write up
WriteUp
| - Passive Reconnaissance
ll - Active Reconnaissance
lll - Server Side Request Forgery
IV - Android Reverse Engineering
V - Know your staff
VI - You will pay for this !
Link 🔗:-
https://techbrunch.gitbook.io/h12006
@GitBook_s
7 503
HackTheBox - Windows
HackTheBox - Forest
HackTheBox - Bastion
HackTheBox - Access
HackTheBox - Optimum
HackTheBox - Bounty
HackTheBox - Granny
HackTheBox - Arctic
HackTheBox - Sniper
HackTheBox - Querier
HackTheBox - Heist
HackTheBox - Remote
HackTheBox - Sauna
HackTheBox - ServMon
Link 🔗:-
https://akshaydeepakshinde.gitbook.io/hackthebox-windows
@GitBook_s
7 503
HackTheBox - Linux
HackTheBox - Registry
HackTheBox - Scavenger
HackTheBox - Ellingson
HackTheBox - OneTwoSeven
HackTheBox - Player
HackTheBox - Zipper
HackTheBox - Dab
HackTheBox - Kotarak
HackTheBox - Ghoul
HackTheBox - Mango
HackTheBox - Feline
HackTheBox - Joker
HackTheBox - Unbalanced
HackTheBox - Obscurity
HackTheBox - Monitors
Link 🔗:-
https://akshaydeepakshinde.gitbook.io/hackthebox-linux
@GitBook_s
7 503
CTF Writeups
CTF Writeups
Tools and Payloads
>TRYHACKME
TryHackMe Overview
>HACKTHEBOX
HackTheBox Overview
>HACKTHEBOX ACADEMY
HTB Academy Overview
>PORTSWIGGER ACADEMY
PortSwigger Overview
>2021 CTFS
Gurugram Cyber Heist CTF 2021
ZH3RO CTF 2.0 2021
NahamCon 2021
>2020 CTFS
VulnCon2020 Overview
Link 🔗:-
https://dhilipsanjay.gitbook.io/ctfs
@GitBook_s
7 503
Engin Demirbilek
>Intro
[Pinned] Community
OSWE Review
>CODE PIECES
C++: Shellcode Launcher
C++: Dynamic DLL Usage
C++: Sendin HTTP GET Request
C++: Sandbox Detection via Registry
C++: Enumerating Environment
C++: DII Injection
VBA: HTTP File Dropper
Environment Enumeration
via Pshell & Cmd
>PROJECTS
Reverse Shell Exploit
chain With AV Bypass
Execute Shellcode
Launcher with DII Injection
Bypassing AVs with simple XOR
Bypassing Defender with Exclusion List
>VULNERABILITY RESEARCH
[TR] Centreon 19.10.8
Remote Code Execution
[TR] rConfig 3.94 Remote Code Execution
[TR] PANDORAFMS 7.0
REMOTE CODE EXECUTION x4
>PENTEST NOTES
An Uncommon OSINT way to Juicy Files
GraphQL Testing Tips
Server Side Request Forgery (SSRF)
Link 🔗:-
https://edemirbilek.gitbook.io/red-team-research
@GitBook_s
7 503
refabr1k's Pentest Notebook
Steganography
Kali USB with persistence memory
useful tools
Understanding ICACLS permissions
>INFO GATHERING
Port Knocking
22 tcp - SSH
25 top - SMTP
53 tcp/udp - DNS
88 tcp - Kerberos
161 udp - SNMP
1098,1099 tcp - Java RMI
8009 tcp - AJP
5901,5902 tcp - VNC
>WEB
XSS cookie stealing
PHP
Webdav
Wordpress
XML RPC
SQL Injection
SSRF
>EXPLOITATION
File Transfers
Buffer Overflow
Bruteforce
PHP rce
Compiling
msfvenom
Reverse shell
Using ENV to escape Bad Characters
shellshock
Ncat Persistent Backdoor
PRIVESC - LINUX
Basic checks
Upgrading Shells
SUID
>PRIVESC - WINDOWS
Basic checks/powershell
Privesc Openings
LonelyPotato - SelmpersonatePrivilege
Enable RDP @ Firewall
NTLM (Pass The Hash)
>WINDOWS
NTDS.dit
Responder / SMB Relay
Attacking AD
>METASPLOIT
Basic Usage
Meterpreter
>UNSORTED
other notes
>ELEARNSECURITY EJPT
eJPT notes
>OSWP
Getting started
WEP Attacks
WPA/WPA2 Attacks
>SCRIPTS
get port from nmap
Curl response
ping sweep
iptables-counter.sh
(DNS) zonetransfer_check.sh
(DNS) dns-rev-brute.sh
(DNS) dns-fwd-brute.sh
(SMB) vuln-scan.sh
(SMB) samba-checker.sh
(SMTP) vrfy.py
(SNMP) mib-check.sh
>ZERODAY VULNERABILITIES EXPLAINED
2020-12 Solarwind supply chain
Link 🔗:-
https://refabr1k.gitbook.io/oscp
@GitBook_s
7 503
HackTheBox
>linux Machines
Easy
Medium
Hard
>Challenges
Web
Pwn
Link 🔗:-
https://ir0nstone.gitbook.io/hackthebox/
@GitBook_s
7 503
Security Knowledge Framework
Introduction
Auth Bypass
Auth Bypass - 1
Auth Bypass - 2
Auth-bypass-3
Auth-bypass-Simple
Client Side Restriction Bypass
Client Side Restriction Bypass - Harder
Client Side Template Injection (CSTI)
Command Injection (CMD)
Command Injection 2 (CMD-2)
Command Injection 3 (CMD-3)
Command Injection 4 (CMD-4)
Command Injection Blind (CMD-Blind)
Content-Security-Policy (CSP)
CORS exploitation
Credentials Guessing
Credentials Guessing - 2
Cross Site Scripting (XSS)
Cross Site Scripting - Attribute (XSS-Attribute)
Cross Site Scripting - href (XSS-href)
Cross Site Scripting - DOM (XSS- DOM)
Cross Site Scripting - DOM-2 (XSS- DOM-2)
Cross Site Scripting - Stored (XSS- Stored)
CSRF
CSRF - Samesite
CSRF - Weak
CSS Injection (CSSI)
Deserialisation Java (DES-Java)
Deserialisation Yaml (DES-Yaml)
Deserialisation Pickle (DES-Pickle)
Deserialisation Pickle 2 (DES-Pickle-2)
DoS Regex
File upload
Formula Injection
GraphQL DOS
GraphQL IDOR
GraphQL Injections
GraphQL Introspection
GraphQL Mutations
Host Header Injection
(Authentication Bypass)
HttpOnly Session Hijacking XSS
Information Leakeage in Comments
Information Leakeage in Metadata
Insecure Direct Object References (IDOR)
JWT Null
JWT Secret
Ldap Injection
Ldap Injection - harder
Local File Inclusion 1 (LFI-1)
Local File Inclusion 2 (LFI-2)
Local File Inclusion 3 (LFI-3)
Parameter Binding
Prototype Pollution
Race Condition
Race Condition File-Write
Ratelimiting (Brute-force login)
Remote File Inclusion (RFI)
Right To Left Override (RTLO)
Server Side Request Forgery (SSRF)
Server Side Template Injection (SSTI)
Session Hijacking XSS
Session Puzzling
Session Management 1
SQLI (Union)
SQLI Login Bypass
SQLI (Like)
SQLI (Blind)
TLS Downgrade
Untrusted Sources (XSSI)
URL Redirection
URL Redirection - Harder
URL Redirection - Harder-2
WebSocket Message Manipulation
XML External Entity (XXE)
Exposed docker daemon
template item
Link 🔗:-
https://skf.gitbook.io/asvs-write-ups/
@GitBook_s
7 503
AppSec
Overview
Write Ups Compilations/Resources
main Resources
Labs
>Cross Site Request Forgery
> Missing Access Controls
>LFI
>XXE
>Injection
Command Injection
Server Side Template Injection
SQL Injection
>SSRF
>Unvalidated Redirects and Forwards
>Verbose Error messages and Stack Traces
Link 🔗:-
https://evanluke.gitbook.io/appsec
@GitBook_s
7 503
Leet Sheet
>Reconnaissance
Automated Reconnaissance
Domains
Scour the Web
Metadata
>Web App Hacking
Enumeration
User Attacks
Database Attacks
Server Attacks
DNS Attacks
Cloud Attacks
Interesting Outdated Attacks
>Network Hacking
General Enumeration
RPC
LDAP
SMB
SNMP
WMI
SSH
Kerberos
NTLM
Man-in-the-Middle
WinRM
>Post Exploitation
Windows
Linux
Docker Container
General
>Various
CVEs
SSH Agent Hijacking
Password Cracking
Cryptography
Non-Hacking
Malware
Forensics
>Binary Exploitation
Base Knowledge
Format Strings Exploits
Stack Smashing
Heap Exploits
Time-of-Check to Time-of-Use
Shellcode
Decompilation
Debugging
Exploit Mitigations and Protections
Exploit Protection Bypassing
Passing Input
Fuzzing
Automatic Exploitation
>phisical security
Mechanical Locks
Electronic Locks
Other Attacks
Destructive Entry
Elevator Attacks
>Social Engineering
Phishing
Link 🔗:-
https://heinosass.gitbook.io/leet-sheet
@GitBook_s
7 503
AWS CCP Notes by Karan Singh
>The Absolute Basics
>IAM
>EC2
>ELB & ASG
>S3
>Dtabase/Analytics
>Analytics
>Other Cumputing Services
>Development & Provisioning
>Content Delivery
>Communication and Step Function
>Monitoring
>VPC &Networking
>Shared Responsibility Model
>Security & Compliance
>Machine Learning
>Organizations
>Pricing
>Billing & Support
>Advanced Identity
>Architecting on the Cloud
Link 🔗:-
https://karansingh.gitbook.io/ccpnotes
@GitBook_s
7 503
wiki.hackerlab.cz
>Web Pentesting
HTTP Request Smuggling
SSTI
Insecure Deserialization
Brute Force
Shell Fu - onliners
CORS
Special Chars & NULL Bytes
XSS
XEE
SQL Injection
Blind SQL Injection
SQLmap
NoSQL Injection
CRLF Injection
Input Validation - Fuzz1
HTTP Headers - X-Forwarded
Log4j
Enumeration with Wordlists
Bug Bounty - Web Recon
HTTP Proxy Override
CSV Injection
Windows Forbiden File Name
Path Traversal
OS Command Injection
Open Redirect
JWT Token
Upload RCE
GUID and UUIDs
>Toolset
Git - Repo and Tools
Docker for Pentesters
>Infrastructure Pentesting
Windows Post Exploitation
Dump File Analysis
Active Directory
NFS Enumration
>Other Pentest Project
Security Projects
>Wifi Pentesting
Kali Linux - Alpha card AWUS 1900(VirtualBox)
Active Card & Monitor Mode
Aircrack-ng Suite
Certs
>Linux
Network Manager
>Books
The Hacker Playbook 3
Link 🔗:-
https://hackerlab.gitbook.io/wiki.hackerlab.cz/
@GitBook_s
7 503
Go Notebook
Syntax Helpers
Idioms
Design Patterns
Hello World
Tic Tac Toe
HTTP Server
Concurrency
WebSocket Server
User Authentication
Numerical Computing
Link 🔗:-
https://calvinfeng.gitbook.io/gonotebook
@GitBook_s
7 503
Hive
>Recon
Passive(OSINT)
Active
Web Recon
Firewall Evasion
>Web Attack
Server Side
Client Side
>Network Attacks
Network Services
Network Devices
MITM & Poisoning
Wireless Attacks
Sniffing
Denial of Service
>Red Team
Windows
Active Directory
Linux
Command & Control (C2)
Shells & Payloads
Payload Delivery
Pivoiting
Exfiltration/File Transfer
Password Attacks
Defense Evasion
>Malvare Development
Evasion Concepts primer
Shellcode Placement
Shellcode Encoding & Encryption
Binary Properties & Code Signing
Code Obfuscation
>Blue Team
Treat Modeling/Hunting/Intelligence
Linux Hardening
Security Architecture
>Purple Teaming
Adversary Emulation
>Programing
C Programing
Assembly (NASM)
>Miscellaneous
GNU Screen/tmux
SSH Tricks
Cats
Curl
Cross-compilling Binaries
Link 🔗:-
https://7h3w4lk3r.gitbook.io/the-hive
@GitBook_s
7 503
SecJournal
>RESOURCES DUMP
>WHAT IS SECURITY
>PENTESTING METHODOLOGY
Methodology
>NETWORKS
Networking
Adresses
OSI Model
Packets
Combined Knowledge
>WEBSITE SECURITY
Web
SQL Injection
Access Control
Authentication Bypass
Business Logic
Information Disclosure
Directory Traversal
Command Injection
File Upload Vulnerabilities
Server-Side Request Forgery
Cross-Origin Resource Sharing
Cross-Site Request Forgery
Cross-Site Scripting
JSON Web Tokens
API Testing
WebSockets
Deserialization
Prototype Pullution
Server-Side Template Injection
XXE Injection
Web Cach Poisoning
HTTP Request Smuggling
OAuth Authentication
Bug Bounties
>BUFFER OVERFLOWS
Buffer Overflows
OSCP BOF (OUTDATED)
Ret2Libc
ROP Chaining
Canary Bypass
ASLR Bypass
>ACTIVE DIRECTORY
Active Directory
Tools
Windows Authentication
Kerberos
ACLs and GPOs
LDAP
>WRITEUPS
HTB Season 3
HTB Season 2
HTB Season 1
HTB Season
Proving Grounds Practice
>EVASION
Evasion
>ADVERSARY EMULATION
Red Teaming
Link 🔗:-
https://rouvin.gitbook.io/ibreakstuff
@GitBook_s
7 503
𝗥𝗲𝗱 𝗧𝗲𝗮𝗺 & 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗔𝗻𝗮𝗹𝘆𝘀𝗶𝘀
>RED TEAMING
•Cheat Sheet
•Active Directory 101
•Fuzzing and Web
•Initial Foothold
•Privilege Escalation (Privesc)
•Lateral Movement (Pivoting)
•Persistence
•Command and Control (C&C)
•Data Exfiltration
•CVE & Exploits / CTF
>MALWARE ANALYSIS
•Unpacking
•Basic tips
•Malware instrumentation with frida
>MOBILE
•Reverse iOS ipa
•Reverse Android APKs
•Basic tips
>IOT / REVERSE / FIRMWARE
•Basic tips
•Reverse IoT devices
Link 🔗:-
https://gitbook.seguranca-informatica.pt/
@GitBook_s
7 503
𝗥𝗲𝗱 𝗧𝗲𝗮𝗺 𝗡𝗼𝘁𝗲𝘀
>RED TEAM TECHNIQUES
~Initial Access
•T1190: Exploit Public-Facing Applications
•T1133: External Remote Services
•T1566: Phishing
•T1195: Supply Chain Compromise
•T1078: Valid Accounts
•T1199: Trusted Relationship
~Execution
•T1047:Windows Management Instrumentation
•T1204: User Execution
•T1569: Service Execution
•T1053: Scheduled Tasks/Job
•T1106: Native API
•T1559: Inter-Process Communication
•T1203: Exploitation for Client Execution
•T1059: Command and Scripting Interpreter
~Persistence
•T1574: Hijack Execution Flow
•T1133:External Remote Services
•T1546:Event Triggered Execution
•T1543:Create or Modify System Process
•T1136: Create Account
•T1554:Compromise Client Software Binary
•T1547:Boot or Logon AutoStart Execution
•T1197: BITS Jobs
•T1053: Scheduled Tasks/Job
•T1098: Account Manipulation..
>RED TEAM INFRASTRUCTURE
~Reconnaissance
•Passive
•Active
~Weaponization
•Macros
•HTA
•ZIP
•ISO
~Delivery
•Gophish
•EvilGinx
•PwnDrop
~Situational Awareness
•Covenant and C#
•Empire and PowerShell
~Credential Dumping
•Mimikatz
•Lsass Dumping
•SharpChromium
~Persistence
•Userland Persistence
•Elevated Persistence
~Defense Evasion
•Disable or Modify Tools
•Obfuscating Files
~Privilege Escalation
•PowerUp
•PrivescCheck
~Lateral Movement
•RDP
•PowerShell Remoting
Link 🔗:-
https://dmcxblue.gitbook.io/red-team-notes-2-0/red-team
@GitBook_s
7 503
𝗢𝗳𝗳𝘀𝗲𝗰 𝗝𝗼𝘂𝗿𝗻𝗲𝘆 𝗡𝗼𝘁𝗲𝘀
>LEARNING RESOURCES
•Web App Pentesting
>RECONNAISANCE
•OSINT
•Vulnerability Scabbing
>RESOURCE DEVELOPMENT
•Password Crack Rig
•Malware
•C2 Infrastructure
•Phishing Infrastructure
>INITIAL ACCESS
•Phishing
•Password Spray
•Malicious Outlook Rules
>HOST TRIAGE
•Situational Awareness
>INTERNAL RECONNAISSANCE
•Enumeration
•Lateral Movement
•Misc.
>DEFENSE EVASION
•Dynamic Analysis
•Static Analysis
•General
•Windows Internals
•Execution
•.NET Post Exploitation
•Powershell
•AMSI
>PRIVILEGE ESCALATION
•Domain Privilege Escalation
•Local Priv Esc - Windows
•Local Priv Esc - Linux
>LATERAL MOVEMENT
•Tunnels & Port Forward
>PERSISTENCE
•Local Persistence
•Domain Persistence
>LINUX
•Enumeration
•Lateral Movement
•Misc.
•Exploitation Techniques
•Exploit Dev
>KALI LINUX FU
•Kali Fu
•File System
>SCANNING & ENUMERATION
•Redis
•Port Scan
•RPC
•Kerberos
•WinRM
•Telnet
•PBX
•RDP
•Finger
•VNC
•Mail Servers
•SSH
•SMB
•Content Management Systems
•FTP
•Web Server
•DNS
•LDAP
•Database Services
•IKE VPN Service
•SNMP
•Sniffing
>WEB APP VULNERABILITIES
•Directory Traversal
•Server-Side Template Injection
•HTTP Parameter Pollution
•Sensitive Data Exposure
•Broken Access Control
•Business Logic Testing
•Broken Authentication
•XXE
•File Inclusion
•SSRF
•Injection
•Insecure Deserialization
•Cross-Site-Scripting (XSS)
>API PENTESTING
•Resources
>PROGRAMMING
•Bash
>MAINTAINING ACCESS
•C2 - Command & Control
•Notes
>CLOUD SECURITY PENTEST
•Penetration Testing AWS Storage
•Pentesting Azure
•Pentesting Cloud Networks
>BLUE TEAM
•Home Lab
•Reverse Engineering
•Forensics
>REVERSE ENGINEERING
•Malware Analysis
•Buffer Overflow
•Learning Resources
>HOME LAB PROJECT
•Initial Configuration
•Active Directory
>EXFILTRATION
•Attack Vectors
>WIRELESS PENTESTING
•Radius
Link 🔗:-
https://notes.offsec-journey.com/
@GitBook_s
7 503
𝗣𝗲𝗻𝘁𝗲𝘀𝘁 𝗕𝗼𝗼𝗸 𝗯𝘆 𝗻𝟯𝘁_𝗵𝘂𝗻𝘁𝟯𝗿
>Cloud Pentesting
•AWS Security Testing
•Azure Pentesting
•GCP Pentesting
>Web Application Pentesting
•XSS <Cross Site Scripting>
•XSS Filter Evasion and WAF Bypassing Tactics
•SSRF <Server Side Request Forgery>
•Open Redirect Vulnerability
•Command Injection
•File Upload
•Rate Limit Bypass Techniques
•IDOR
•Web Cache Poisoning /Web Cache Deception
•CSRF <Cross Site Request Forgery>
•XPATH injection
•LDAP Injection
•JWT Vulnerabilities <Json Web Tokens>
•CORS - Misconfigurations & Bypass
•Reset/Forgotten Password Bypass
•CRLF (%0D%0A) Injection
•Clickjacking
•Hostile Domain/Subdomain takeover
•Server Side Inclusion/Edge Side Inclusion Injection
•HTTP Request Smuggling / HTTP Desync Attack
•SAML Attacks
•OAuth to Account takeover
•Cross-site WebSocket hijacking (CSWSH)
•Uncovering CloudFlare
•Email Header Injection
•Unicode Normalization vulnerability
•Registration Vulnerabilities
•Race Condition
Link 🔗:-
https://n3t-hunt3r.gitbook.io/pentest-book/
@GitBook_s
