Made by : https://github.com/nickapic

Ko-Fi if you want to support me : https://ko-fi.com/nickapic


Network Security


Networking

Network Quick Recap(Hacking)

What is RDP (3389) ?

SMB (443)

Redis (6379)

Telnet

FTP

NFS

Linux


Linux Fundamentals

Navigating the File Systems

Find

Network Commands

User and Privileges

File Manipulation

Services and Installing Tools

LocalStack

Scanning and Enumeration


Metasploit

Linux Priv Esc

Windows Privilege Escalation

PWDFeedBack (Priv Esc)

Nikto

DirBuster

Enumerating with BurpSuite

SMB Enumerating

SSH Ennumeration

FTP Ennumeration

Researching for Exploits

Scanner Alts

Nessus

Printer Hacking 101

Active Directories


What are they ?

Components

What are they?

Things to Look For

Lab Setup

Attacking AD(Init) LMNR

Attacks AD (SMB Relay)

Gaining Shell Access

IPv6 Attacks

Other Attacking Strategies

Ennumeration (Powerview and Bloodhound)

Post Exploitation (Pass Attacks)

Post Exploitation (Token Imper.)

Post Exploitation (Kerberoasting)

Post Exploitation (GPP Attacks)

Mimikatz and Golden Ticket

Resources

Bloodhound

Attacking Kerberos

Kerbrute

Initial Ennumeration

Zero Logon Vulnerability

Impacket Toolkit

Domain Trusts

PowerView Cheatsheet

Web Exploitation Techniques


OWASP TOP 10 and Testing Checklist

OWASP JuiceShop Setup

Burp Suite

Workflow

Open Redirect

SQL Injection

Broken Authentication

Authentication Attacks (THM)

Sensitive Data Exposure

XML External Entities (Attack)

Broken Access Control

Security Misconfigurtation

Cross Side Scripting (XSS)

Cross Site Request Forgery (CSRF)

Insecure Deserialization

Server Side Request Forgery

Using Components with Known Vulns

SSTI (Server Side Template Injection)

Insufficient Logging and Monitoring

Local File Inclusions and Remote File Inclusions

Fix web page redirect

GitHack (Git Hacking)

Redis (Redis CLI Hijacking)

Postgres SQL

IDOR (Insecure Direct Object Reference)

Prototype Pollution

Server Side Injection

NPM Package Confusion Attack

Auth Attacks (JWT)

OAuth Attacks

LDAP Related Attacks

Solved Machine Reports


Kioptrix Level 1

Legacy(HTB)

Lame(HTB)

Blue(HTB)

Devel(HTB)

Jerry(HTB)

Nibbles(HTB)

Optimum(HTB)

Bashed(HTB)

Grandpa and Grandma(HTB)

Netmon

Wgel (THM)

Traceback

Vulnversity

OSINT(THM)

Basic Pentesting(THM)

Anonymous (THM)

Kenobi (THM)

Toolsrus

Easy CTF(THM)

Templed

Lian-Yu (In Progress)

Lazy Admin

Attacktive Directory (Active Directory)

Alfred (Jenkins and Nishang)

Apocoalyst (Wordpress and web redirection)

Popcorn (HTTP Request Tampering)

UltraTech (Node API and Docker Priv)

Jack of All Trades( Stego and Web on common ports)

Pepega Energy (Net users and TeamViewer)

Fowsniff CTF

Anonforce(GPG and ASC)

Library(Python Privesc)

DAV (Webdav plugin XAMMP)

Thompson(Tomcat and Cronjob)

Sauna (Acitve Directory)

Tony the Tiger (JAVA Serialization)

Beep (Password Resuse and LFI)

Book(SQL Trunctuation,XSS PDF, Logrotate)

Year of the Rabbit( Puzzle and SudoBypass)

Jurrasic Park (SQL Injection)

Blueprint (Mimikatz and Oscommerce RCE)

Blog(THM)

SneakyMailer

Food KoTH

KoTH (Tips and Tricks)

Dave (NoSQL)

Brainstorm (Buffer Overflow)

Lord of The Root (Port Knocking,dir busting,sqlmap)

Gatekeeper

Jack (Wordpress, ure_other_roles)

Blog