https://blog.harmj0y.net/ https://www.hackingarticles.in/penetration-testing/ https://www.hackingarticles.in/active-directory-enumeration-bloodhound/ https://www.bleepingcomputer.com/news/security/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year/ https://notes.sfoffo.com/ https://github.com/R3DRUN3/cyberhall/tree/main/CTF/htb https://github.com/fozavci/TradecraftDevelopment-Fundamentals https://github.com/adhdproject/adhdproject.github.io/tree/master/Tools/Attack https://www.hexacorn.com/products_and_freebies.html https://www.google.com/search?client=firefox-b-1-d&q=BOF+Development+and+Tradecraft#ip=1 https://github.com/fozavci/TradecraftDevelopment-Fundamentals/blob/main/Tradecraft%20Development%20in%20Adversary%20Simulations.pdf https://github.com/fozavci/WeaponisingCSharp-Fundamentals https://github.com/fozavci/TradecraftDevelopment-Fundamentals https://www.cobaltstrike.com/blog/simplifying-bof-development https://www.outflank.nl/blog/2024/04/29/ost-release-blog-edr-tradecraft-presets-powershell-tradecraft-and-more/ https://github.com/fozavci/TradecraftDevelopment-Fundamentals/tree/main/Exercises Google: maelstrom c2 the hacker playbook credentials external c2 external c3 safa laundering c2 traffic https://reactos.org/download/ https://github.com/cheetz/THP3_Updates https://shogunlab.gitbook.io/building-c2-implants-in-cpp-a-primer https://github.com/huntandhackett/PassiveAggression https://github.com/thibmaek/awesome-raspberry-pi https://github.com/R3DRUN3/sploitcraft/blob/main/windows/atomic-red-team/README.md https://github.com/blacklanternsecurity https://github.com/cheetz/THP-ChatSupportSystem/blob/master/lab.txt https://github.com/jaredhaight/PowerShellClassLab https://github.com/outflanknl/Invoke-ADLabDeployer https://www.lrqa.com/en/cyber-labs/apache-mod_python-for-red-teams/ https://offensivedefence.co.uk/ https://devsecopsguides.com/ https://canarytokens.org/nest/generate https://en.hackndo.com/service-principal-name-spn/ C2 Matrix: https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit?gid=0#gid=0 https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet https://github.com/kgretzky/evilginx2 https://github.com/iojaiustin/evilholmes A post exploitation framework designed to operate covertly on heavily monitored environments https://github.com/bats3c/shad0w A *nix Enumerator & Auto Privilege Escalation tool. https://github.com/twelvesec/rootend Passwords Recovery Tool https://github.com/twelvesec/passcat Information gathering tool - OSINT https://github.com/twelvesec/gasmask Crawl and extract (regular or onion) webpages through TOR network https://github.com/MikeMeliz/TorCrawl.py Python-based web scraper for a darkweb marketplace on the Tor network. https://github.com/joelhagvall/tor-onion-site-scraper A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx. https://github.com/waelmas/frameless-bitb Youtube as C2 channel - Control Windows systems uploading videos to Youtube https://github.com/ricardojoserf/SharpCovertTube https://medium.com/@red.whisperer/credential-stuffing-like-an-apt-mastering-credentials-harvesting-0018dc3c8134 https://pentestlab.blog/2020/03/02/phishing-windows-credentials/ https://medium.com/@pentesterclubpvtltd/injecting-malicious-code-into-pdf-files-and-creating-a-pdf-dropper-089675e982b1 https://twelvesec.com/2020/10/19/advanced-level-resources-for-web-application-penetration-testing/ https://twelvesec.com/2020/05/21/intermediate-level-resources-for-web-application-penetration-testing/ https://twelvesec.com/2020/03/04/entry-level-resources-for-penetration-testing/ https://twelvesec.com/2018/10/10/iot-penetration-testing-part-1/ https://twelvesec.com/2022/11/18/basic-knowledge-to-get-started-with-penetration-testing/ Python tool to check rootkits in Windows kernel https://github.com/ExaTrack/Kdrill Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework https://github.com/CICADA8-Research/RemoteKrbRelay This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes through the use of runspace. https://github.com/Mr-B0b/SpaceRunner https://blog.spookysec.net/analyzing-brc4-badgers/ https://blog.spookysec.net/cs-beacon-analysis/ This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty. https://github.com/Ignitetechnologies/HackTheBox-CTF-Writeups This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks https://github.com/Ignitetechnologies/Credential-Dumping Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE) https://github.com/ly4k/SpoolFool https://github.com/Ignitetechnologies/OSCP_Tools https://github.com/milkdevil/incognito2 https://www.av-test.org/en/statistics/malware/ https://privatebin.net/ https://www.outflank.nl/blog/2018/08/14/html-smuggling-explained/' https://newtonpaul.com/tag/c2/ https://fortynorthsecurity.com/blog/customizing-c2concealer/ https://fortynorthsecurity.com/blog/introducing-c2concealer/ https://bluescreenofjeff.com/2017-01-24-how-to-write-malleable-c2-profiles-for-cobalt-strike/ https://posts.specterops.io/a-deep-dive-into-cobalt-strike-malleable-c2-6660e33b0e0b https://www.exploit-db.com/search?q= https://www.stationx.net/sabsa/ https://www.openphish.com/ https://wazuh.com/ https://www.microsoft.com/en-us/software-download/windows11 ???? Oh my tmux! My self-contained, pretty & versatile tmux configuration made with ?? https://github.com/gpakosz/.tmux https://www.kali.org/docs/containers/installing-docker-on-kali/ Kali Linux Fixes for Newly Imported VM's https://github.com/Dewalt-arch/pimpmykali https://0xdf.gitlab.io/cheatsheets/offsec PHP, ASP/ASPX Shells: https://www.r57shell.net/single.php?id=13 https://www.r57shell.net/index.php https://epi052.github.io/feroxbuster-docs/docs/overview/ https://rustscan.github.io/RustScan/ https://redteam.guide/docs/definitions/ https://redteam.guide/docs/checklists/red-team-checklist/ A carriage return character can be used to hide a cron job in a crontab https://github.com/0xceba/hide_crontab_carriage_return picoCTF gamifies learning hacking with capture-the-flag puzzles created by trusted computer security and privacy experts at Carnegie Mellon University. https://picoctf.org/ https://www.blackhillsinfosec.com/pentesting-threat-hunting-and-soc-an-overview/ https://www.scriptjunkie.us/2011/04/why-encoding-does-not-matter-and-how-metasploit-generates-exes/ https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/ https://agrohacksstuff.io/ https://agrohacksstuff.io/posts/tunnelling-by-command-line/ https://agrohacksstuff.io/posts/pwntools-tricks-and-examples/ https://cheatsheet.haax.fr/ https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/welcome-to-the-microsoft-incident-response-ninja-hub/4243594 https://tierzerosecurity.co.nz/2024/09/18/blind-edr-revisited.html https://corelight.com/blog/detecting-netsupport-manager-abuse https://practicalsecurityanalytics.com/extracting-credentials-from-windows-logs/ https://blog.sevagas.com/ https://blog.sevagas.com/IMG/pdf/code_injection_series_part1.pdf https://blog.sevagas.com/?Bypass-Defender-and-other-thoughts-on-Unicode-RTLO-attacks&lang=en https://www.academy.attackiq.com/learning-paths https://www.fo-sec.com/writeups https://s1.breakthecode.tech/ Sektor7 Malware Development Intermediate https://mega.nz/folder/GURSmRxA#rJ_MGC3aWWZVtNgxtgqRqw