BookMarks

00. Anonymous

• https://unsee.cc/

• https://paste.offsec.com/

01. Notebooks

• https://book.hacktricks.xyz/

• https://gtfobins.github.io/

• https://wadcoms.github.io/

• https://lolbas-project.github.io/

• https://www.explainshell.com/

• https://ppn.snovvcrash.rocks/

• https://www.ired.team/

• https://0xrick.github.io/

• https://howto.thec2matrix.com/

• https://ptestmethod.readthedocs.io/

• https://gitbook.seguranca-informatica.pt/

• https://vk9-sec.com/

• https://butter0verflow.github.io/

• https://blueteamdope.gitbook.io/penetration-testing-playbook/

• https://hunter2.gitbook.io/darthsidious/

• https://guyinatuxedo.github.io/

• https://notes.offsec-journey.com/

• https://pentestbook.six2dez.com/

• https://persistence-info.github.io/

02. OSCP Notes

• https://sushant747.gitbooks.io/total-oscp-guide/content/

• https://github.com/rkhal101/Hack-the-Box-OSCP-Preparation

• https://refabr1k.gitbook.io/oscp/

• https://oscpnotes.infosecsanyam.in/

• https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html

• https://infosecwriteups.com/how-i-passed-oscp-with-100-points-in-12-hours-without-metasploit-in-my-first-attempt-dc8d03366f33

• https://rana-khalil.gitbook.io/hack-the-box-oscp-preparation/

• https://cd6629.gitbook.io/ctfwriteups/oscp-cheatsheet-unfinished

• https://casvancooten.com/posts/2021/03/getting-the-osep-certification-evasion-techniques-and-breaching-defenses-pen-300-course-review/

• https://fareedfauzi.gitbook.io/oscp-notes/

• https://www.tarlogic.com/en/blog/how-to-attack-kerberos/

03. Awesome Cheatsheet 📜

• Bash

• Curl

• VIM

• LFI

• MSF

• mysql

• Docker

• cronatb

• MacOS

• Regexp

• Python3

• msfvenom

• MobApps

• PowerView-2.0

• PowerView-3.0

• Deserialization

• PHP htaccess injection

• Reverse Shell Cheat Sheet

• WebHackersWeapons

04. Windows Privilege Escalation

• Sherlock

• Watson

• PowerSploit

• WindowsExploits

• Windows-Exploit-Suggester

• Microsoft Wont-Fix-List

• Ghostpack CompiledBinaries

05. Linux Privilege Escalation

• LinEnum

• LinPEAS

• SharpCollection

• Linux Exploit Suggester

• Linux Exploit Suggester 2

• Linux Soft Exploit Suggester

• Basic Linux Privilege Escalation

• Linux privilege escalation auditing tool

06. Other

06.1 Binary Exp

• https://tc.gts3.org/cs6265/2019/tut/tut01-warmup1.html

• https://guyinatuxedo.github.io/index.html

• https://github.com/Gallopsled/pwntools-tutorial

• https://butter0verflow.github.io/

06.2 File Upload

• https://infosecwriteups.com/all-about-unrestricted-file-upload-a4ecf243b86b

06.3 Bug Bounty

• https://kathan19.gitbook.io/howtohunt/

06.4 Malware analysis

• Decompiled Pegasus Spyware

06.5 Other

• https://github.com/juanjoSanz/aws-pentesting-lab

• https://github.com/andrew-d/static-binaries/

• https://medium.com/mii-cybersec/how-to-dealing-with-flutterapp-penetration-testing-another-way-bypass-ssl-pinning-ed6755217c85

• https://github.com/streaak/keyhacks

• https://missing.csail.mit.edu/2020/editors/

• https://www.eicar.org/?page_id=3950

• https://lelinhtinh.github.io/de4js/

06.6 Active Directory

• https://blog.xpnsec.com/

• https://yingshaoxo.gitbook.io/university-notes/