Bug Bounty - GitBook
Открыть в Telegram
Everything 4 bug bounty https://t.me/GiftWay32robot?start=_tgr_HwZ24DI5MWJk
Больше7 497
Подписчики
+524 часа
+577 дней
+19730 день
Архив постов
7 498
anishkashukla - Networking
Networking and Topology
Firewall
MAC Adress
OSI Model
IP Adress
Subnetting
IP Adressing Methods
TCP/IP Protocol Suites
Ports
Networking Services
Routing Protocols
WAN Technologies
Network Types
Remote Access Protocols and Services
Authentication Protocols
Cloud Computing
Vlan,Internet and Extranet
Optimization and Fault Tolerance
Security Protocols
Soho Routers
Network Utilities
Networking Issues
Troubleshooting Strategy
Link 🔗:-
https://anishkashukla.gitbook.io/networking/
@GitBook_s
7 498
Try Harder Journey
Recon/Enumeration
Exploitation
Privilege Escalation
Linux/Unix
Reverse Shell CheatSheet
BOF
File upload vulnerabilities
Port Forwarding
File Transfer
Proof
Report
Python
AD Attack
Cloud
OSINT
HTB
Link 🔗:-
https://atryharder.gitbook.io/try-harder-journey
@GitBook_s
7 498
Shikata Ga Nai
>GAINING ACCESS
Nmap
Reverse Shell
Password Cracking
Other Services
Web
>LINUX FOOTHOLD
Linux Tricks
Privesc
>WINDOWS FOOTHOLD
Privesc
>BINARY
Calling Conventions
Debuggers
Examining Binaries
Shellcoding
Bypassing Exploit Mitigation Techniques [Linux]
>STEGO
Stego tools
Link 🔗:-
https://nickbhe.gitbook.io/shikata-ga-nai-1/
@GitBook_s
7 498
Basic Penetration Testing
About Knowledge
Server Enumeration
Web Application
Remote Code Execution
File Transfer
Hash Cracking
Privilege Escalation
Buffer Overflow
About LeeCyberSec
Link 🔗:-
https://leecybersec.gitbook.io/oscp
@GitBook_s
7 498
THM Walkthroughs
Tutorial
Difficulty: Info
Difficulty: Easy
Difficulty: Medium
Difficulty: Hard
Difficulty: Insane
Blank Room (Duplicate Me)
Link 🔗:-
https://thmflags.gitbook.io/thm-walkthroughs
@GitBook_s
7 498
Linux SysOps Handbook
1. Processes
2. User Management
3. Shell Tips and Tricks
4. File Permissions
5. Background Services and Crons
6. Linux Distros
7. Logs, Monitoring, and Troubleshooting
8. Network Essentials
9. System Updates and Patching
10. Storage
11. Notes & Additional Resources
Link 🔗:-
https://abarrak.gitbook.io/linux-sysops-handbook/
@GitBook_s
7 498
Study Notes
>ARCHITECTURE & SYSTEM DESIGN
Messaging Systems
RPC Frameworks
Scalable Web Application Architecture
Parallel vs Concurrent
Concurrency
Load Balancing - Nginx
REST API
WebSockets
Streaming
Serialization
>PROGRAMMING LANGUAGE
JavaScript & Node.js
Java
Erlang
Python
Golang
>SOFTWARE ENGINEERING
Design Patterns
Unit Testing
Legacy Code
Agile & Scrum
>DATABASE
NoSQL
SQL
>DEVOPS & TOOLS
Version Control - Git
Shell - zsh, bash
Docker
Linux Package Management - YUM
Linux Command Line Tools
>SECURITY
OWASP Security
>AI, ML, DL, CV, NLP
Deep Learning
Link 🔗:-
https://aaronice.gitbook.io/study-notes/
@GitBook_s
7 498
OSCP Playbook
>GENERAL
Learning tips
How to hack without Metasploit
>PORT SCANNING
Nmap Scanning
Nmap Scripts
>SERVICES ENUMERATION
SNMP
HTTP(S)
NFS
SMB
DNS
FTP
MsSQL
Oracle
Telnet
TFTP
SSH
SMTP
RDP
POP3
MySQL
LDAP
Kerberos
Finger
(MS)RPC
>PASSWORD ATTACK (BRUTE-FORCE)
Brute-force service password
Wordlist dictionary
Cracking Password
Custom wordlist
>REVERSE SHELL
Cheatsheet
Msfvenom
Linux reverse shell
Interactive TTYS Shell
Listener setup
>LINUX POST EXPLOITATION
Post Exploitation methodology
Checklist
Exploiting SUID Executables
Exploiting SUDO Users
Linux exploitation
Linux post exploitation scripts
Linux Post Exploitation Command List
>WINDOWS POST EXPLOITATION
General
Windows Privesc Technique
Automated enumeration script
Resources Windows Post Exploitation
Manual enumeration
>OTHERS
Active Directory attack
Port Forwarding/ SSH Tunneling
File transfer Methodology
BOF tips
Link 🔗:-
https://fareedfauzi.gitbook.io/oscp-playbook
@GitBook_s
7 498
CTF Playbook
Introduction
Operating System
Basic
Cryptography
Steganography
Digital Forensics
Reverse Engineering
Binary Exploit/ Pwn
Web
PCAP analysis
Misc
A few tips
Other cheatsheet
Link 🔗:-
https://fareedfauzi.gitbook.io/ctf-checklist-for-beginner/
@GitBook_s
7 498
Certified Appsec Practitioner (CAP)
Input Validation Mechanisms
Whitelisting & Blacklisting
Authentication related Vulnerabilities
Brute force Attacks
Password Storage and Password Policy
Cross-Site Scripting
SQL Injection
XML External Entity attack
Cross-Site Request Forgery
Encoding, Encryption and Hashing
Understanding of OWASP
Top 10 Vulnerabilities
Same Origin Policy
Security Headers.
TLS security
TLS Certificate Misconfiguration
Symmetric and Asymmetric Ciphers
Server-Side Request Forgery
Authorization and Session
Management related flaws
Insecure Direct Object Reference (IDOR)
Privilege Escalation
Parameter Manipulation attacks
Securing Cookies.
Insecure File Uploads
Code Injection Vulnerabilities
Business Logic Flaws
Directory Traversal Vulnerabilities
Security Misconfigurations.
Information Disclosure.
Vulnerable and Outdated Components.
Common Supply Chain Attacks and Prevention Methods.
Link 🔗:-
https://rkive.gitbook.io/certified-appsec-practitioner-cap
@GitBook_s
7 498
Hackers Rest
Hacker's Rest
>Tools & Cheatsheets
Hacking Methodology
Hands-on Practice
>LINUX
Linux Basics
Hardening & Setup
Red Team Notes
Vim
>WINDOWS
Windows Basics
PowerShell
Hardening & Setup
Red Team Notes
>MACOS
MacOS Basics
Hardening & Configuration
Red Team Notes
>WEB
Burp Suite
DNS
Web Notes
>MOBILE
iOS
Android
>OS AGNOSTIC
Basic Enumeration
Cryptography & Encryption
Network Hardware
OS Agnostic
OSINT
Password Cracking
Pivoting
Reverse Engineering & Binary Exploitation
Scripting
SQL
SSH & SCP
Steganography
Wireless
Unsorted
Link 🔗:-
https://zweilosec.gitbook.io/hackers-rest
@GitBook_s
7 498
awae oswe preparation
>GENERAL
Resources
POCS
>BY VULNERABILITY
SQL Injection
Deserialization
XSS
XXE
SSTI
File Upload Restrictions Bypass
REGEX
>BY LANGUAGE
PHP
Java
NodeJS
Random
Other Repositories
Link 🔗:-
https://jorgectf.gitbook.io/awae-oswe-preparation-resources
@GitBook_s
7 498
Software Security
>PREREQUISITES
Prerequisites
>INTRODUCTION
Cyber security principles
Basic web concepts
Basic browser security concepts
Basic security concepts
>ACCESS CONTROL: BASICS
Authentication
Authorization
Session Management
CSRF
SSRF
>ACCESS CONTROL: ADVANCED
Authentication
>INJECTION ATTACKS
Injection attacks
SQL Injection
Command Injection
Cross-site scripting
Subresource integrity
Sandboxing
>HTTPS
HTTPS
Introduction to cryptography
PKI
Setting up HTTPS
References
>HTTP HEADERS FOR SECURITY
HTTP Headers
>THREAT MODELING
Threat modeling introduction
Threat modeling basics
Inspiration for threats
>BRINGING IT ALL TOGETHER
Acomperhensive overview of controls
Link 🔗:-
https://apwt.gitbook.io/software-security
@GitBook_s
7 498
ressurect notes
>WEB
Web Pentesting Checklist
Insecure Deserialization
Blind XPath Injection
GraphQL
Reverse Shells
Content-Security-Policy
LLM (Large Language Models)
>WINDOWS API
C# - P/Invoke
>MISCELLANEOUS TOPICS
Phishing with Gophish
Pentest Diaries
>HACK THE BOX
Intelligence
Seal
Under Construction
Previse
Return
Sauna
Nest
>TRYHACKME
Wordpress CVE-2021-29447
Attacktiv
Fortress
internal
>CHEATSHEET
JSON-jq
Docker
Hidden Secrets
Database Exploitation
C Sharp
Reversing
SSH
Python
Privilege Escalation
Socat
OSINT
Link 🔗:-
https://ressurect.gitbook.io/notes
@GitBook_s
7 498
0xTen
>CTFS
Hackthebox
UHC
pwnable.kr
Boitatech
DEFCON
RealWorldCTF
Dice CTF
Insomnihack
ClearSaleCTF
InCTF
ASIS CTF
N1CTF
HacktivityCon
>PWN
ROP
Heap
Format string
Kernel
Browser
>WEB
SQLi
Link 🔗:-
https://0xten.gitbook.io/public
@GitBook_s
7 498
kashz jewels
>OS-LINUX
>OS-WINDOWS
>SHELLCODES
>ACTIVE-DIRECTORY
>OSINT
>BUFFER OVERFLOW GUIDE
>HASH-N-CRACK
>TRICKS
>PROTOCOLS
>CHEATSHEET
>SERVICES
Link 🔗:-
https://kashz.gitbook.io/kashz-jewels
@GitBook_s
7 498
StaphySec
Resources
Tricks
Brute Force - CheatSeet
File Transfer
Hashcat
Cheatsheet
Curl
>Tools
Cracking
Information Gathering
XSS
Obfuscation
Credentials Theft/Win
Content Management System(CMS)
>Programing and Scripting
Virtualenv & Switching Versions
Python
>Shells
Shells(Linux,Windows,Msfvenom)
>Linux
Cheatsheet
EOP Linux Tools and Resources
Blogs
>Windows
Cheatsheet
EOP Windows Tools and Resources
Useful commands and Modules
>Blogs
Miscellaneous resources
>Pentesting
21 Pentesting FTP
22 Pentesting SSH
25,465,587 Pentesting SMTP
53 Pentesting DNS
110,995 Pentesting POP
135 Pentesting WMI
139,445 SMB Pentesting
143,993 Pentesting IMAP
161,162,10161,10162/udp Pentesting SNMP
623 /UDP/TCP - IPMI
1433 Pentesting mssql
2049 NFS Pentesting
3306 Pentesting Mysql
3389 Pentesting RDP
5985,5986 WinRm
>Pentesting Web
SQL Injections
Command injection
File Uploads
Abusing Intermediary Applications
HTTP Verb Tampering
IDOR
File Inclusion/Directory Traversal
XXE-XEE-XML External Entity
SSRF
SSI/ESI
SSTI
XSLT Server Side Injection(Extensible Stylesheet Language Transformations)
Link 🔗:-
https://staphysec.gitbook.io/staphysec
@GitBook_s
7 498
Zeyu's CTF Writeups
Home
Playground
OSCP
>My Challenges
SEETF 2023
The InfoSecurity Challenges 2022
SEETF 2022
Cyber Leage Major 1
Standcon CTF 2021
>2023
DEF CON CTF 2023 Qualifiers
Hxp CTF Qualifiers
>2022
niteCTF 2022
STACK the Flags 2022
LackeCTF Qualifiers
The InfoSecurity Challenges 2022
BalsnCTF 2022
BSidesTLV 2022 CTF
Grey CAt The Flag 2022
DEF CON CTF 2022 Qualifiers
Securinets CTF Finals 2022
NahamCon CTF 2022
Securinets CTF Quals 2022
CTF.SG CTF
YaCTF 2022
DiceCTF 2022
TetCTF 2022
>2021
hxp CTF 2021
HTX Investigator's Challenge 2021
Metasploit Community CTF
MetaCTF CyberGames
CyberSecurityRumble Ctf
The InfoSecurity Challenge (TISC) 2021
SPbCTF's Student CTF Quals
Asian Cyber Security Challenge (ACSC) 2021
CSAW CTF Qualification Round 2021
YauzaCTF 2021
InCTF 2021
UIUCTF 2021
Google CTF 2021
TyfoonCon CTF 2021
DSTA Brainhack CDDC21
BCACTF 2.0
Zh3ro CTF V2
Pwn2Win CTF 2021
NorzhCTF 2021
DawgCTF 2021
UMDCTF 2021
Midnight Sun CTF 2021
picoCTF 2021
DSO-NUS CTF 2021
Link 🔗:-
https://ctf.zeyu2001.com/
@GitBooks
7 498
infosecgirls
Introduction
Application Details
>INITIAL SETUP WITH OWASP ZAP
OWASP ZAP
Setup OWASP ZAP
Modes
Automated Scan
Report Generation
>INITIAL SETUP WITH BURP.
Start Burp Suite
Add FoxyProxy Addon
Add New Proxy In FoxyProxy
Configure Proxy Listener
Install Burp's CA Certificate In Firefox
Getting Rid of Unnecessary Browser Traffic
>QUICK BASICS
Disable Intercept Mode in Burp
Enable Intercept Mode in Burp
Send to Repeater
Send to Comparer
>WEB APPLICATION PENTESTING
A1 - Injection
A2 - Broken Authentication
A3 - Sensitive Data Exposure
A4- XML External Entities (XXE)
A5 - Broken Access Control
A6 - Security Misconfiguration
A7 - Cross-Site Scripting (XSS)
A8 - Insecure Deserialization
A9 - Using Components with Known Vulnerabilities
10 - Insufficient Logging & Monitoring
References
About Us
>ADDITIONAL CONTENT
Insecure Direct Object Reference
Security Misconfiguration
Password Guessing Attack
User Enumeration
Custom Iterator
Null Payload
Request in Browser:
Privilege Escalation Check
>BURP EXTENDERS
Target
Proxy
Intruder
Repeater
Sequencer
Decoder
Comparer
Extender
Link 🔗:-
https://infosecgirls.gitbook.io/infosecgirls-training/v/appsec/
@GitBook_s
