Xheni's Wiki
About security stuff and not only.
Books
Online Resources
Cryptography
Application Security
Mobile Security
Penetration Testing
Incident Response
Digital Forensics
Cloud Security
Cyber Threats
Hardware Security
Blockchain
Built with jekyll, made with ❤️ by
Xheni
- 2021.
Penetration Testing
https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
https://github.com/jivoi/offsec_pdfs
Methodology
https://0x00sec.org/t/shared-thoughts-after-6-years-in-pentesting/2492
https://www.offensive-security.com/kali-linux/kali-rolling-iso-of-doom/
https://kali.training/
https://www.offensive-security.com/metasploit-unleashed/
http://synack.blog/posts/red-teaming-and-pentesting-tips/index.html
Kali
BlackArch
Parrot
Reconnaissance
Exploitation
https://github.com/Ekultek/WhatWaf
https://github.com/NetSPI/SQLInjectionWiki
https://github.com/1N3/IntruderPayloads
<>
Privilege Escalation
Windows
https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-windows-services-all-roads-lead-to-system-whitepaper.pdf
https://foxglovesecurity.com/2016/01/16/hot-potato/
https://foxglovesecurity.com/2016/09/26/rotten-potato-privilege-escalation-from-service-accounts-to-system/
https://foxglovesecurity.com/2017/08/25/abusing-token-privileges-for-windows-local-privilege-escalation/
Linux
macOS
Pivoting
https://github.com/earthquake/xfltreat/
https://www.jpcert.or.jp/english/pub/sr/20170612ac-ir_research_en.pdf
https://gallery.technet.microsoft.com/ATA-Playbook-ef0a8e38/file/169827/1/ATA%20Playbook.pdf
Post-Exploitation
https://github.com/EmpireProject/Empire
https://github.com/EmpireProject/EmPyre
https://githlub.com/byt3bl33d3r/DeathStar
https://github.com/BloodHoundAD/BloodHound
https://github.com/GoFetchAD/GoFetch
https://github.com/vysec/ANGRYPUPPY
https://github.com/nccgroup/redsnarf
https://github.com/FuzzySecurity/PowerShell-Suite
https://github.com/vysec/ps1-toolkit
https://github.com/BeetleChunks/redsails
https://github.com/mubix/post-exploitation-wiki
https://github.com/Ne0nd0g/merlin
Reporting & Documentation
https://github.com/SerpicoProject/Serpico
Challenges
http://challenge.nixu.com/
http://www.underthewire.tech/wargames.htm
https://www.hackthebox.eu/