ru
Feedback
Bug Bounty - GitBook

Bug Bounty - GitBook

Открыть в Telegram
7 497
Подписчики
+524 часа
+577 дней
+19730 день
Архив постов
anishkashukla - Networking Networking and Topology Firewall MAC Adress OSI Model IP Adress Subnetting IP Adressing Methods TCP/IP Protocol Suites Ports Networking Services Routing Protocols WAN Technologies Network Types Remote Access Protocols and Services Authentication Protocols Cloud Computing Vlan,Internet and Extranet Optimization and Fault Tolerance Security Protocols Soho Routers Network Utilities Networking Issues Troubleshooting Strategy Link 🔗:- https://anishkashukla.gitbook.io/networking/ @GitBook_s

Try Harder Journey Recon/Enumeration Exploitation Privilege Escalation Linux/Unix Reverse Shell CheatSheet BOF File upload vulnerabilities Port Forwarding File Transfer Proof Report Python AD Attack Cloud OSINT HTB Link 🔗:- https://atryharder.gitbook.io/try-harder-journey @GitBook_s

Shikata Ga Nai >GAINING ACCESS Nmap Reverse Shell Password Cracking Other Services Web >LINUX FOOTHOLD Linux Tricks Privesc >WINDOWS FOOTHOLD Privesc >BINARY Calling Conventions Debuggers Examining Binaries Shellcoding Bypassing Exploit Mitigation Techniques [Linux] >STEGO Stego tools Link 🔗:- https://nickbhe.gitbook.io/shikata-ga-nai-1/ @GitBook_s

Basic Penetration Testing About Knowledge Server Enumeration Web Application Remote Code Execution File Transfer Hash Cracking Privilege Escalation Buffer Overflow About LeeCyberSec Link 🔗:- https://leecybersec.gitbook.io/oscp @GitBook_s

THM Walkthroughs Tutorial Difficulty: Info Difficulty: Easy Difficulty: Medium Difficulty: Hard Difficulty: Insane Blank Room (Duplicate Me) Link 🔗:- https://thmflags.gitbook.io/thm-walkthroughs @GitBook_s

Linux SysOps Handbook 1. Processes 2. User Management 3. Shell Tips and Tricks 4. File Permissions 5. Background Services and Crons 6. Linux Distros 7. Logs, Monitoring, and Troubleshooting 8. Network Essentials 9. System Updates and Patching 10. Storage 11. Notes & Additional Resources Link 🔗:- https://abarrak.gitbook.io/linux-sysops-handbook/ @GitBook_s

Study Notes >ARCHITECTURE & SYSTEM DESIGN Messaging Systems RPC Frameworks Scalable Web Application Architecture Parallel vs Concurrent Concurrency Load Balancing - Nginx REST API WebSockets Streaming Serialization >PROGRAMMING LANGUAGE JavaScript & Node.js Java Erlang Python Golang >SOFTWARE ENGINEERING Design Patterns Unit Testing Legacy Code Agile & Scrum >DATABASE NoSQL SQL >DEVOPS & TOOLS Version Control - Git Shell - zsh, bash Docker Linux Package Management - YUM Linux Command Line Tools >SECURITY OWASP Security >AI, ML, DL, CV, NLP Deep Learning Link 🔗:- https://aaronice.gitbook.io/study-notes/ @GitBook_s

OSCP Playbook >GENERAL Learning tips How to hack without Metasploit >PORT SCANNING Nmap Scanning Nmap Scripts >SERVICES ENUMERATION SNMP HTTP(S) NFS SMB DNS FTP MsSQL Oracle Telnet TFTP SSH SMTP RDP POP3 MySQL LDAP Kerberos Finger (MS)RPC >PASSWORD ATTACK (BRUTE-FORCE) Brute-force service password Wordlist dictionary Cracking Password Custom wordlist >REVERSE SHELL Cheatsheet Msfvenom Linux reverse shell Interactive TTYS Shell Listener setup >LINUX POST EXPLOITATION Post Exploitation methodology Checklist Exploiting SUID Executables Exploiting SUDO Users Linux exploitation Linux post exploitation scripts Linux Post Exploitation Command List >WINDOWS POST EXPLOITATION General Windows Privesc Technique Automated enumeration script Resources Windows Post Exploitation Manual enumeration >OTHERS Active Directory attack Port Forwarding/ SSH Tunneling File transfer Methodology BOF tips Link 🔗:- https://fareedfauzi.gitbook.io/oscp-playbook @GitBook_s

CTF Playbook Introduction Operating System Basic Cryptography Steganography Digital Forensics Reverse Engineering Binary Exploit/ Pwn Web PCAP analysis Misc A few tips Other cheatsheet Link 🔗:- https://fareedfauzi.gitbook.io/ctf-checklist-for-beginner/ @GitBook_s

Certified Appsec Practitioner (CAP) Input Validation Mechanisms Whitelisting & Blacklisting Authentication related Vulnerabilities Brute force Attacks Password Storage and Password Policy Cross-Site Scripting SQL Injection XML External Entity attack Cross-Site Request Forgery Encoding, Encryption and Hashing Understanding of OWASP Top 10 Vulnerabilities Same Origin Policy Security Headers. TLS security TLS Certificate Misconfiguration Symmetric and Asymmetric Ciphers Server-Side Request Forgery Authorization and Session Management related flaws Insecure Direct Object Reference (IDOR) Privilege Escalation Parameter Manipulation attacks Securing Cookies. Insecure File Uploads Code Injection Vulnerabilities Business Logic Flaws Directory Traversal Vulnerabilities Security Misconfigurations. Information Disclosure. Vulnerable and Outdated Components. Common Supply Chain Attacks and Prevention Methods. Link 🔗:- https://rkive.gitbook.io/certified-appsec-practitioner-cap @GitBook_s

Hackers Rest Hacker's Rest >Tools & Cheatsheets Hacking Methodology Hands-on Practice >LINUX Linux Basics Hardening & Setup Red Team Notes Vim >WINDOWS Windows Basics PowerShell Hardening & Setup Red Team Notes >MACOS MacOS Basics Hardening & Configuration Red Team Notes >WEB Burp Suite DNS Web Notes >MOBILE iOS Android >OS AGNOSTIC Basic Enumeration Cryptography & Encryption Network Hardware OS Agnostic OSINT Password Cracking Pivoting Reverse Engineering & Binary Exploitation Scripting SQL SSH & SCP Steganography Wireless Unsorted Link 🔗:- https://zweilosec.gitbook.io/hackers-rest @GitBook_s

awae oswe preparation >GENERAL Resources POCS >BY VULNERABILITY SQL Injection Deserialization XSS XXE SSTI File Upload Restrictions Bypass REGEX >BY LANGUAGE PHP Java NodeJS Random Other Repositories Link 🔗:- https://jorgectf.gitbook.io/awae-oswe-preparation-resources @GitBook_s

Software Security >PREREQUISITES Prerequisites >INTRODUCTION Cyber security principles Basic web concepts Basic browser security concepts Basic security concepts >ACCESS CONTROL: BASICS Authentication Authorization Session Management CSRF SSRF >ACCESS CONTROL: ADVANCED Authentication >INJECTION ATTACKS Injection attacks SQL Injection Command Injection Cross-site scripting Subresource integrity Sandboxing >HTTPS HTTPS Introduction to cryptography PKI Setting up HTTPS References >HTTP HEADERS FOR SECURITY HTTP Headers >THREAT MODELING Threat modeling introduction Threat modeling basics Inspiration for threats >BRINGING IT ALL TOGETHER Acomperhensive overview of controls Link 🔗:- https://apwt.gitbook.io/software-security @GitBook_s

ressurect notes >WEB Web Pentesting Checklist Insecure Deserialization Blind XPath Injection GraphQL Reverse Shells Content-Security-Policy LLM (Large Language Models) >WINDOWS API C# - P/Invoke >MISCELLANEOUS TOPICS Phishing with Gophish Pentest Diaries >HACK THE BOX Intelligence Seal Under Construction Previse Return Sauna Nest >TRYHACKME Wordpress CVE-2021-29447 Attacktiv Fortress internal >CHEATSHEET JSON-jq Docker Hidden Secrets Database Exploitation C Sharp Reversing SSH Python Privilege Escalation Socat OSINT Link 🔗:- https://ressurect.gitbook.io/notes @GitBook_s

0xTen >CTFS Hackthebox UHC pwnable.kr Boitatech DEFCON RealWorldCTF Dice CTF Insomnihack ClearSaleCTF InCTF ASIS CTF N1CTF HacktivityCon >PWN ROP Heap Format string Kernel Browser >WEB SQLi Link 🔗:- https://0xten.gitbook.io/public @GitBook_s

kashz jewels >OS-LINUX >OS-WINDOWS >SHELLCODES >ACTIVE-DIRECTORY >OSINT >BUFFER OVERFLOW GUIDE >HASH-N-CRACK >TRICKS >PROTOCOLS >CHEATSHEET >SERVICES Link 🔗:- https://kashz.gitbook.io/kashz-jewels @GitBook_s

StaphySec Resources Tricks Brute Force - CheatSeet File Transfer Hashcat Cheatsheet Curl >Tools Cracking Information Gathering XSS Obfuscation Credentials Theft/Win Content Management System(CMS) >Programing and Scripting Virtualenv & Switching Versions Python >Shells Shells(Linux,Windows,Msfvenom) >Linux Cheatsheet EOP Linux Tools and Resources Blogs >Windows Cheatsheet EOP Windows Tools and Resources Useful commands and Modules >Blogs Miscellaneous resources >Pentesting 21 Pentesting FTP 22 Pentesting SSH 25,465,587 Pentesting SMTP 53 Pentesting DNS 110,995 Pentesting POP 135 Pentesting WMI 139,445 SMB Pentesting 143,993 Pentesting IMAP 161,162,10161,10162/udp Pentesting SNMP 623 /UDP/TCP - IPMI 1433 Pentesting mssql 2049 NFS Pentesting 3306 Pentesting Mysql 3389 Pentesting RDP 5985,5986 WinRm >Pentesting Web SQL Injections Command injection File Uploads Abusing Intermediary Applications HTTP Verb Tampering IDOR File Inclusion/Directory Traversal XXE-XEE-XML External Entity SSRF SSI/ESI SSTI XSLT Server Side Injection(Extensible Stylesheet Language Transformations) Link 🔗:- https://staphysec.gitbook.io/staphysec @GitBook_s

Zeyu's CTF Writeups Home Playground OSCP >My Challenges SEETF 2023 The InfoSecurity Challenges 2022 SEETF 2022 Cyber Leage Major 1 Standcon CTF 2021 >2023 DEF CON CTF 2023 Qualifiers Hxp CTF Qualifiers >2022 niteCTF 2022 STACK the Flags 2022 LackeCTF Qualifiers The InfoSecurity Challenges 2022 BalsnCTF 2022 BSidesTLV 2022 CTF Grey CAt The Flag 2022 DEF CON CTF 2022 Qualifiers Securinets CTF Finals 2022 NahamCon CTF 2022 Securinets CTF Quals 2022 CTF.SG CTF YaCTF 2022 DiceCTF 2022 TetCTF 2022 >2021 hxp CTF 2021 HTX Investigator's Challenge 2021 Metasploit Community CTF MetaCTF CyberGames CyberSecurityRumble Ctf The InfoSecurity Challenge (TISC) 2021 SPbCTF's Student CTF Quals Asian Cyber Security Challenge (ACSC) 2021 CSAW CTF Qualification Round 2021 YauzaCTF 2021 InCTF 2021 UIUCTF 2021 Google CTF 2021 TyfoonCon CTF 2021 DSTA Brainhack CDDC21 BCACTF 2.0 Zh3ro CTF V2 Pwn2Win CTF 2021 NorzhCTF 2021 DawgCTF 2021 UMDCTF 2021 Midnight Sun CTF 2021 picoCTF 2021 DSO-NUS CTF 2021 Link 🔗:- https://ctf.zeyu2001.com/ @GitBooks

infosecgirls Introduction Application Details >INITIAL SETUP WITH OWASP ZAP OWASP ZAP Setup OWASP ZAP Modes Automated Scan Report Generation >INITIAL SETUP WITH BURP. Start Burp Suite Add FoxyProxy Addon Add New Proxy In FoxyProxy Configure Proxy Listener Install Burp's CA Certificate In Firefox Getting Rid of Unnecessary Browser Traffic >QUICK BASICS Disable Intercept Mode in Burp Enable Intercept Mode in Burp Send to Repeater Send to Comparer >WEB APPLICATION PENTESTING A1 - Injection A2 - Broken Authentication A3 - Sensitive Data Exposure A4- XML External Entities (XXE) A5 - Broken Access Control A6 - Security Misconfiguration A7 - Cross-Site Scripting (XSS) A8 - Insecure Deserialization A9 - Using Components with Known Vulnerabilities 10 - Insufficient Logging & Monitoring References About Us >ADDITIONAL CONTENT Insecure Direct Object Reference Security Misconfiguration Password Guessing Attack User Enumeration Custom Iterator Null Payload Request in Browser: Privilege Escalation Check >BURP EXTENDERS Target Proxy Intruder Repeater Sequencer Decoder Comparer Extender Link 🔗:- https://infosecgirls.gitbook.io/infosecgirls-training/v/appsec/ @GitBook_s