If you want this website to improve faster, please star my GitHub repository to make it more known!  🌟

Cybersecurity

My notes notes about Cybersecurity.


 

 

Getting Started

read

Websites to learn, practice, find news, look for news, along with CVE lookup, credentials leak lookup, or stuff like that.

Virtual Machines

read

Notes/links to find a VM (Windows, Kali, CTF...) and install it.

H@king process

read

H@king box

read

Stuff that couldn't be put somewhere else.


1. Investigation πŸ”Ž

Investigation

read

Step 1: Dig information from afar.

Investigate Files

read

Find metadata from a PDF, an image... Learn about steganography, tricks...


2. Discovery πŸ—ΊοΈ

Discovery

read

Step 2: approach your targets to learn more about them.

Nmap

read

The Network Mapper. Find open ports, running services, and common vulnerabilities.

Nessus

read

Automated though noisy tool to find open ports, running services, many vulnerabilities...


Services 🧟️

Discovery & Exploitation


Services

read

Notes about discovery/misconfigurations of services (SSH, FTP, SMTP...).

Brute force services

read

Use hydra to brute force SSH, FTP...

Printers

read

How to exploit printers.


3. Exploitation πŸ’₯

Exploitation

read

Step 3: exploit a vulnerability to get something from your target.

Exploitation: Shells

read

Learn about reverse, bind, and web shells. Learn about tools/techniques to stabilize them.

Metasploit

read

The Metasploit framework, a well-known penetration testing tool.

msfvenom

read

Utility to generate a bind/reverse shells, along with notes about meterpreter reverse shells and multi handler.


Exploitation: Web - part 1 πŸ•ΈοΈ

Exploit webservers

read

Notes on webservers.

Methodology

read

Steps and tools to exploit webservers.

HTTP Headers

read

Learn how HTTP headers could be exploited.

Fuzzing / Fuzz

read

Something that can be used for many things (forced browsing, brute force...).

Forced browsing

read

Find routes, hidden folders/files, configuration-related files...

Subdomains

read

Expand your attack scope by discovering new domains.

Frameworks

read

Find and exploit frameworks such as WordPress.

Cookies

read

Cookies/Sessions vulnerabilities

XML External Entity

read

XML External Entity (XEE)


Exploitation: Web - part 2 πŸ•ΈοΈ

Forms

read

Knowledge related to forms.

Brute force Forms

read

Examples with ffuf, wfuzz, hydra...

File/Path exploits

read

File inclusion and Path Traversal

XSS (JavaScript)

read

XSS vulnerabilities

SSRF

read

Server-Side Request Forgery

Command injection

read

A flaw may lead to Remote Command Execution (RCE).

File upload

read

A flaw may lead to Remote Code Execution (RCE).

Burp Suite

read

Suite of tools for web pentesting.


Exploitation: Network 🌐

Exploit network

read

Notes about networking tools.


Exploitation: Databases πŸ–₯️

Exploit databases

read

Notes about databases.

SQL injections

read

Learn about SQLi (SQL injections).

SQLMap

read

Tool to automate SQLi exploitation.


4. Privilege escalation πŸ”“

Privilege escalation

read

Methodology used from a regular user to get an administrative account.

Linux Priv. Esc.

read

Key escalation vectors on Linux.

Windows Priv. Esc.

read

Key escalation vectors on Windows.


5. Post-exploitation 🧹

Post-exploitation

read

Once you got root/system/administrator, what do hackers do?


πŸ›‘οΈοΈ Defense βš”οΈοΈ

CyberDefense

read

Tools for IP/malware lookup...

Digital Forensics

read

Notes about forensics, i.e. investigating cyber crimes.


βš’οΈ Random βš’οΈ

Crack a hash

read

Use john the ripper to crack insecure passwords/passphrases using their hash (SSH key, GPG/ZIP/RAR...).

Encoding

read

Learn about base64...