🔐
SecWiki
  • Home
  • General
    • Interesting Links
      • Curriculum
    • Pentest Labs, Wargames Sites
      • How To Vulnhub with VirtualBox
  • Network Pentest
    • Courses
      • TCM - Zero to Hero
        • Week 1: Setup
          • ipsweep.sh
        • Week 2: Python 101
          • python101.py
          • bof.py
        • Week 3: Python 102
          • python102.py
          • scanner.py
        • Week 4: Passive OSINT
        • Week 5: Scanning Tools & Tactics
          • nmap
          • Nessus
          • msfconsole
        • Week 6: Enumeration
        • Week 7: Exploitation, Shells, and Some Credential Stuffing
        • Week 8: LLMNR/NBT-NS Poisoning
        • Week 9: NTLM
        • Week 10: MS17-010, GPP/cPasswords, and Kerberoasting
        • Week 11: File Transfers, Pivoting, Reporting
        • Commands
      • Penetration Testing Student (PTS)
      • OSCP Study
    • Recon
      • OSINT
    • Enumeration
      • Samba Shares
      • ProFtpd
    • Gaining Access
      • Reverse Shells
    • Privilege Escalation
      • Meterpreter
      • Spawning a TTY Shell
      • Reverse Shell Cheat Sheet
      • Cracking Hashes
      • Restricted Linux Shell Escape
      • Linux Privilege Escalation
        • lxd
        • sytemctl
      • Windows Privilege Escalation
        • Active Directory
          • What is AD?
        • User Enumeration
    • Post Exploitation
      • Cleanup
      • Maintaining Access
      • Pivoting
      • File Transfers
      • Covering Tracks
    • Vulnerabilities Checklist
    • Report Writing
  • Web App Pentest
    • Tools
      • Burp Suite
      • THC-Hydra BruteForce
    • Injection
      • SQL Injection
    • Broken Authentication
    • Sensitive Data Exposure
      • SQLite3
    • XML External Entity
      • XML Background
      • XPath Injection
    • Broken Access Control
    • Security Misconfiguration
    • Upload/Download
      • Download Bypass: Poison Null Byte
    • XSS
      • DOMXSS
      • Persistent XSS
      • Reflected (Client-side) XSS
      • Data URLs
    • Insecure Deserialization
    • Components with Known Vulnerabilities
    • Insufficient Logging and Monitoring
    • Server-Side Request Forgery (SSRF)
  • CTF
    • Intro to CTF
    • Forensics
      • Challenges
    • Steganography
    • Reverse Engineering
    • Tools
  • Network Security
    • Courses
      • Sec+
      • IBM Cybersecurity Analyst Professional Certificate
      • ISCI CNSS Course
        • Introduction to Network Security
          • Network Basics
          • Basic Network Utilities
          • The OSI Model
          • Threat Classification
          • Security Terminology
          • Approaches of Network Security
          • Law and Network Security
        • Types of Attacks
          • Denial of Service Attacks
          • Buffer Overflow Attacks
          • IP Spoofing
          • Session Hijacking
        • Fundamentals of Firewalls
          • What is a Firewall
          • Firewall Types
          • Firewall Implementation
          • Proxy Servers
          • Windows Firewalls
          • Linux Firewalls
        • Intrusion-Detection Systems
          • IDS Concepts
          • Components and Processes of IDS
          • Implementing IDS
          • Honeypots
        • Fundamentals of Encryption
          • The History of Encryption
          • Modern Encryption Methods
          • Windows and Linux Encryption
          • Hashing
          • Cracking Passwords
        • Virtual Private Networks (VPN)
          • Introduction to VPN
          • VPN Protocols
          • IPSec
          • SSL/TLS
          • VPN Solutions
        • Operating System Hardening
          • Configuring Windows
          • Configuring Linux
          • Operating System Patches
        • Virus Attacks and How to Defend
          • Virus Types and Attacks
          • Virus Scanners
          • Antivirus
          • Virus Infection and Identification
          • Trojan Horses
          • Spyware or Adware
        • Security Policies
          • User Policies Definition
          • System Administration Policies
          • Access Control
        • Assessing System Security
          • Risk Assessment
          • Conducting an Initial Assessment
          • Probing the Network
          • Vulnerabilities
          • Documenting Security
        • Security Standards
          • ISO Standards
          • NIST Standards
          • General Data Protection Regulation (GDPR)
          • PCI DSS
        • Physical Security and Recovery
          • Physical Security
          • Disaster Recovery
          • Fault Tolerance
        • Attackers Techniques
          • Hacking Preparation
          • The Attack Phase
          • Hacking Wi-Fi
    • The Web
    • The OSI Model
    • Malware Traffic Analysis with Wireshark
  • Digital Forensics
    • Autopsy - open-source digital forensics platform
  • Exploit Dev/Analysis
    • Code Review
      • Tools
    • Buffer Overflows
    • Static Analysis
      • Antivirus Scanning
      • Hashing
      • File strings
      • Packed and Obfuscated Malware
        • Demo: UPX
      • Portable Executable File Format (PE)
        • Tools
        • Linked Libraries and Functions
        • PE File Headers and Sections
  • Shell
    • ./missing-semester
      • Course overview + the shell
      • Shell Tools and Scripting
      • Editors (Vim)
      • Data Wrangling
      • Command-line Environment
    • Bash Tricks
    • .bashrc
    • Random Commands
      • sed
  • Hardware
    • NAND2Tetris
      • Boolean Functions and Gate Logic
      • Boolean Arithmetic and the ALU
      • Memory
      • Machine Language
      • Computer Architecture
      • Assembler
  • Other
    • K8s
      • Chapter 1: From Monolith to Microservices
      • Chapter 2: Container Orchestration
      • Chapter 3: Kubernetes
      • Chapter 4: Kubernetes Architecture
Powered by GitBook
On this page

Was this helpful?

  1. General

Interesting Links

A log to keep track of media

PreviousHomeNextCurriculum

Last updated 4 years ago

Was this helpful?

3/21

2/21

1/21

12/20

11/20

10/20

  • https://github.com/horshark/thm_hacking_encyclopedia/blob/master/THM_hacking_encyclopedia.pdf

9/20

8/20

  • LFI and RFI Attacks

7/20

6/20

5/20

4/20

- Red Team Village CTF Writeup

HALF OF CURL’S VULNERABILITIES ARE C MISTAKES
(Very) Basic Intro to Elliptic Curve Cryptography
It rather involved being on the other side of this airtight hatchway
CVE Stuffing
Privilege Escalation via Python Library Hijacking
Linux Privilege Escalation Using Capabilities
Stealing Your Private YouTube Videos, One Frame at a Time
A Deep Dive Into Hyperjacking
How I hijacked the top-level domain of a sovereign state
Sockets In Your Shell
Turning the frustration of a mobile game into a reverse engineering training
Weaknesses in the Key Scheduling Algorithm of RC4
Removing Exponential Backoff from TCP
https://readme.localtest.me/
The Great iPwn : Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit
Parsing JSON at the CLI: A Practical Introduction to `jq` (and more!)
Google Dork Techniques
SSH Pivoting
.git hacking
Off-the-Record Communication, or, Why Not To Use PGP
Exploiting X11 Unauthenticated Access
Windows Subsystem for Linux: The lost potential
Linux and Unix sha1sum command tutorial with examples
https://blog.cyberhacktics.com/carving-files-from-memory-with-volatility/
https://blog.cyberhacktics.com/memory-forensics-on-windows-10-with-volatility/
Does CSRF prevention also prevent reflected XSS attack
The 'javascript' resource identifier scheme
Sources and Sinks - Code Review Basics
Let’s play a game: what is the deadly bug here?
https://www.benkuhn.net/autocomplete/
Architecture Playbook
A parable about privacy/encryption
CrackMapExec
PDF Shadow Attacks
Reverse Engineering Snapchat
SAT solver on top of regex matcher
What happens when you update your DNS?
Run Your Own Authoritative DNS Servers
PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth (CVE-2020-1048 & more)
Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently
https://emaragkos.gr/resources/
White hat social engineering: How to become an admin of a system
STRIDE and Threat Modeling
Application Security Testing of Thick Client Applications
BSides SF 2020 CTF: Infrastructure Engineering and Lessons Learned
Security 101 Series
Reverse shell with Netcat: some use cases
From DnsAdmins to SYSTEM to Domain Compromise
Microsoft Buys Corp.com So Bad Guys Can’t
HackTheBox Basic Setup Hosts File