GitHub repository with resources for beginners
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters#BugBounty
Bug bounty articles and resources
https://www.zapstiko.com/category/hacking-articles/bug-bounty-hacking-articles/#BugBounty
Advanced guide to finding good bugs
https://www.udemy.com/course/bug-bounty-an-advanced-guide-to-finding-good-bugs/#BugBounty
Bug bounty tips and resources
https://twitter.com/therceman/status/1536774501211553793?t=ARu5YSqtCSOb5JNLypCqIA&s=19#BugBounty
Bug bounty tutorial
https://www.youtube.com/watch?v=9mSLSC7aUcY#Cloud
PowerShell escape sequences
https://www.rlmueller.net/PowerShellEscape.htm#BugBounty
E-book on bug bounty hunting
https://raw.githubusercontent.com/akr3ch/BugBountyBooks/main/Bug%20Bounty%20Bootcamp%20The%20Guide%20to%20Finding%20and%20Reporting%20Web%20Vulnerabilities%20by%20Vickie%20Li.pdf#BugBounty
GitHub repository with bug bounty e-books
https://github.com/akr3ch/BugBountyBooks#BugBounty
GitHub repository with bug bounty scanner
https://github.com/chvancooten/BugBountyScanner#BugBounty
Bug bounty cheat sheet
https://hideandsec.sh/books/cheatsheets-82c/page/bug-bounty#BugBounty
List of bug bounty write-ups
https://pentester.land/list-of-bug-bounty-writeups.html#bug-bounty-writeups-published-in-2022#BugBounty
GitHub repository with Google VRP write-ups
https://github.com/xdavidhu/awesome-google-vrp-writeups#BugBounty
Getting started in bug bounty
https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a#BugBounty
Bug bounty tips and resources
https://twitter.com/ReconVillage/status/1558209255022465024?s=20&t=3aOkudNdQpKCs-Yos1lM4Q#BugBounty
Bug bounty tutorial
https://www.youtube.com/watch?v=p4JgIu1mceI#BugBounty
GitHub repository with bug bounty fetcher
https://github.com/Gomez0015/InitigritiFetcher#BugBounty
GitHub repository with bug bounty write-ups
https://github.com/devanshbatham/Awesome-Bugbounty-Writeups#BugBounty
Bug bounty resources
https://drive.google.com/file/d/1wMGITzEtpt_PgDug37NpmihORv4dcxeJ/view#BugBounty
GitHub repository with bug bounty targets data
https://github.com/arkadiyt/bounty-targets-data#BugBounty
Bug bounty tutorials and resources
https://m.youtube.com/@bugbountypocs/featured#Cloud
Bypassing Google's fix to access their internal admin panels
https://infosecwriteups.com/bypassing-googles-fix-to-access-their-internal-admin-panels-12acd3d821e3#BugBounty
Bug bounty resources
https://gist.github.com/Frycos/62fa664bacd19a85235be19c6e4d7599#BugBounty
Facebook and Instagram bug
https://securityaffairs.com/141571/social-networks/facebook-instagram-bug.html?amp=1#BugBounty
GitHub repository with public bug bounty programs
https://github.com/projectdiscovery/public-bugbounty-programs#BugBounty
Bug bounty tips and resources
https://twitter.com/hacker_/status/1512552850831851531#BugBounty
Bug bounty tips and resources
https://twitter.com/albinowax/status/925743148600647680#BugBounty
Bug bounty tips and resources
https://twitter.com/d0nutptr/status/1110501209528373248#BugBounty
GitHub repository with bug bounty resources
https://github.com/00xtrace/BugBounty#BugBounty
GitHub repository with mind maps for bug bounty
https://github.com/imran-parray/Mind-Maps#BugBounty
Getting started with smart contract bug bounty
https://blog.yeswehack.com/yeswerhackers/getting-started-smart-contract-bug-bounty/#BugBounty
Pimp my Burp
https://blog.yeswehack.com/yeswerhackers/pimpmyburp/pimpmyburp-6-generate-reports-directly-burp-suite/#BugBounty
Bug bounty tutorial
https://www.youtube.com/watch?v=mifj2NVGjKY#Cloud
GitHub repository with bug bounty cheat sheet
https://github.com/EdOverflow/bugbounty-cheatsheet#BugBounty
Bug bounty articles and resources
https://www.jonbottarini.com/tag/bug-bounty/#BugBounty
Automating Managed Identity Token Extraction in Azure Container Registries
https://www.netspi.com/blog/technical/cloud-penetration-testing/automating-managed-identity-token-extraction-in-azure-container-registries/#Cloud
Blog post by Rogier Dijkman
https://rogierdijkman.medium.com/privilege-escalation-via-storage-accounts-bca24373cc2e#Cloud
Privilege Escalation Google Cloud Platform Part 1
https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/#Cloud
Azure Lateral Movement Cloud on Prem
https://cloud.hacktricks.xyz/pentesting-cloud/azure-pentesting/az-lateral-movement-cloud-on-prem/azure-ad-connect-hybrid-identity/phs-password-hash-sync#Cloud
Obtaining Domain Admin from Azure AD via Cloud Kerberos Trust
https://dirkjanm.io/obtaining-domain-admin-from-azure-ad-via-cloud-kerberos-trust/#Cloud
Digging Further into the Primary Refresh Token
https://dirkjanm.io/digging-further-into-the-primary-refresh-token/#Cloud
YouTube Channel
https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A#Cloud
SANS Workshop Building Azure Pentest Lab Red Teams
https://www.sans.org/webcasts/sans-workshop-building-azure-pentest-lab-red-teams/?msc=OOLP#Cloud
Awesome Azure Pentest GitHub Repository
https://github.com/Kyuu-Ji/Awesome-Azure-Pentest#Cloud
Privilege Escalation Google Cloud Platform Part 2
https://rhinosecuritylabs.com/cloud-security/privilege-escalation-google-cloud-platform-part-2/#Cloud
Post-Exploiting a Compromised etcd: Full Control over the Cluster and its Nodes
https://research.nccgroup.com/2023/11/07/post-exploiting-a-compromised-etcd-full-control-over-the-cluster-and-its-nodes/#Cloud
Phishing Microsoft Teams for Initial Access
https://pushsecurity.com/blog/phishing-microsoft-teams-for-initial-access/#Cloud
Microsoft Office Online Server Remote Code Execution
https://www.mdsec.co.uk/2022/10/microsoft-office-online-server-remote-code-execution/#Cloud
Azure Lateral Movement Cloud on Prem
https://cloud.hacktricks.xyz/pentesting-cloud/azure-pentesting/az-lateral-movement-cloud-on-prem/azure-ad-connect-hybrid-identity/federation#Cloud
YouTube Video
https://www.youtube.com/watch?v=SqfDFIQ8kkk#Cloud
YouTube Playlist
https://www.youtube.com/playlist?list=PL__YARLYIdeRDP-KsLIOqnzjc69MvmDde#Cloud
AzureHound Cypher Cheatsheet
https://hausec.com/2020/11/23/azurehound-cypher-cheatsheet/#Cloud
Twitter Status
https://twitter.com/emiliensocchi/status/1587917156842278913?s=46&t=G_4wVtIuqa0TWzwwrCUxww#Cloud
Azure AD Introduction for Red Teamers
https://www.synacktiv.com/publications/azure-ad-introduction-for-red-teamers.html#Cloud
Azure Lateral Movement Cloud on Prem
https://cloud.hacktricks.xyz/pentesting-cloud/azure-pentesting/az-lateral-movement-cloud-on-prem/azure-ad-connect-hybrid-identity/seamless-sso#Cloud
Azure App Tools GitHub Repository
https://github.com/rvrsh3ll/Azure-App-Tools#Cloud
Google Drive File
https://drive.google.com/file/d/1p1tTTIjg3RoJecYSU3CetvNw6-ZZdMXn/view?usp=sharing#BugBounty
Azure AD Connect for Red Teamers
https://blog.xpnsec.com/azuread-connect-for-redteam/#Cloud
365 Stealer Introduction
https://www.alteredsecurity.com/post/introduction-to-365-stealer#Cloud
GCP Enum GitHub Repository
https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_enum#Cloud
Hack AWS in 60 Minutes GitHub Repository
https://github.com/CloudSecurityPartners/hack-aws-in-60-minutes#Cloud
NCC Group Research Author NCC Manning
https://research.nccgroup.com/author/nccmanning/#Cloud
Hacking Your Cloud Tokens Edition 2.0
https://www.trustedsec.com/blog/hacking-your-cloud-tokens-edition-2-0/#Cloud
Kubernetes Made Easy Course
https://www.udemy.com/course/kubernetes-made-easy/?couponCode=UDEMYNOV20#Cloud
Common Conditional Access Misconfigurations and Bypasses in Azure
https://www.trustedsec.com/blog/common-conditional-access-misconfigurations-and-bypasses-in-azure/?utm_content=223371823&utm_medium=social&utm_source=twitter&hss_channel=tw-403811306#Cloud
YouTube Channel
https://www.youtube.com/channel/UCPY5aUREHmbDO4PtR6AYLfQ#Cloud
YouTube Live
https://www.youtube.com/live/6KddjKKKEL4?si=01FqdyVKuM_7yaz0&t=3344#Cloud
Azure AD Cheatsheet
https://web.archive.org/web/20220522212941/https://hideandsec.sh/books/cheatsheets-82c/page/azure-ad#Cloud
CloudFox GitHub Repository
https://github.com/BishopFox/cloudfox?utm_source=linkedin&utm_medium=social&utm_term=&utm_content=external+&utm_campaign=external_link_202209#Cloud
Google Cloud 4 Words GitHub Repository
https://github.com/priyankavergadia/google-cloud-4-words#Cloud
Azure Lateral Movement Cloud on Prem
https://cloud.hacktricks.xyz/pentesting-cloud/azure-pentesting/az-lateral-movement-cloud-on-prem/azure-ad-connect-hybrid-identity/pta-pass-through-authentication#Cloud
Command and Kubectl Talk Follow-up
https://research.nccgroup.com/2020/02/12/command-and-kubectl-talk-follow-up/#Cloud
Finding AWS Account ID of Any S3 Bucket
https://tracebit.com/blog/2024/02/finding-aws-account-id-of-any-s3-bucket/#Cloud
Persistent AWS Access with Role Chain Juggling
https://rhinosecuritylabs.com/aws/cloud-container-attack-tool/#Cloud
BF My GCP Permissions GitHub Repository
https://github.com/carlospolop/bf_my_gcp_permissions#Cloud
Certified Azure Red Team Professional CARTP Exam Review
https://tripla.dk/2021/12/29/certified-azure-red-team-professional-cartp-by-pentester-academy-exam-review/#Cloud
PRTAbuse from Userland with Cobalt Strike
https://red.0xbad53c.com/red-team-operations/azure-and-o365/prt-abuse-from-userland-with-cobalt-strike/#Cloud
YouTube Video
https://www.youtube.com/watch?v=HXM1rBk_wXs#Cloud
Azure AD Pentesting Fundamentals
https://www.cobalt.io/blog/azure-ad-pentesting-fundamentals#Cloud
Discord Channel
https://discord.com/channels/819985942407675945/880404820597551134/970362921433571358#Cloud
YouTube Video
https://www.youtube.com/embed/m33VeLRUi4w#Cloud
Penetration Testing Azure for Ethical Hackers GitHub Repository
https://github.com/PacktPublishing/Penetration-Testing-Azure-for-Ethical-Hackers#Cloud
PayloadsAllTheThings GitHub Repository
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md#Cloud
What the Function Decrypting Azure Function App Keys
https://www.netspi.com/blog/technical/cloud-penetration-testing/what-the-function-decrypting-azure-function-app-keys/#Cloud
GCP Cloud Function Abuse Blog Post
https://blog.codydmartin.com/gcp-cloud-function-abuse/#Cloud
Abusing Azure AD SSO with the Primary Refresh Token
https://dirkjanm.io/abusing-azure-ad-sso-with-the-primary-refresh#Cloud
Run native mobile apps in your browser using Appetize.io, an online emulator for Android and iOS.
https://appetize.io/#Mobile
Explore Boschko's Incinerator, a powerful tool for analyzing and reversing Android applications.
https://boschko.ca/incinerator/amp/#Mobile
Thumbs Up emoji from the Twemoji project by Twitter.
https://cdn.jsdelivr.net/gh/twitter/twemoji@latest/assets/svg/1f44c.sv#Mobile
Fire emoji from the Twemoji project by Twitter.
https://cdn.jsdelivr.net/gh/twitter/twemoji@latest/assets/svg/1f525.sv#Mobile
Codeshare for Frida, a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
https://codeshare.frida.#Mobile
Un guide pour auditer la sécurité des applications iOS en utilisant Needle.
https://connect.ed-diamond.com/MISC/misc-091/auditer-la-securite-d-une-application-ios-avec-needle#Mobile
Article détaillant la mise en place d'un EDR (Endpoint Detection and Response) sous Android.
https://connect.ed-diamond.com/misc/misc-116/un-edr-sous-android#Mobile
Join the discussion on this specific Discord channel.
https://discord.com/channels/819985942407675945/819988038289588244/1032019602877714473#Mobile
APKLab is an integrated solution for Android applications reverse engineering.
https://github.com/APKLab/APKLab#Mobile
Blabb is a tool for security assessments and analysis by MarketStreetCyber.
https://github.com/MarketStreetCyber/Blabb#Mobile
Blabber is another security tool developed by MarketStreetCyber.
https://github.com/MarketStreetCyber/Blabber#Mobile
An automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework.
https://github.com/MobSF/Mobile-Security-Framework-MobSF#Mobile
A detailed analysis of a remote buffer overflow vulnerability in the wifi_stack of Android 11 platform on Samsung A20e.
https://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e#Mobile
ALEAPP parses various logs, events, and Protobufs from Android devices.
https://github.com/abrignoni/ALEAPP#Mobile
iLEAPP is a tool to parse iOS logs, events, and Protobuf data.
https://github.com/abrignoni/iLEAPP#Mobile
A parser for Apple Cloud Notes, extracting and presenting data from iCloud backups.
https://github.com/threeplanetssoftware/apple_cloud_notes_parser#Mobile
PhoneSploit is a framework that utilizes ADB to exploit Android devices.
https://github.com/aerosol-can/PhoneSploit#Mobile
A collection of useful Frida scripts for reverse engineering and instrumentation.
https://github.com/iddoeldor/frida-snippets#Mobile
A comprehensive cheat sheet for mobile hacking and penetration testing.
https://github.com/randorisec/MobileHackingCheatSheet#Mobile
FriList is a tool for managing friends lists on social media platforms.
https://github.com/rsenet/FriList#Mobile
APKFram is a framework for the analysis and reverse engineering of APK files.
https://github.com/rsenet/apkfram.git#Mobile
Objection is a runtime mobile exploration toolkit powered by Frida, designed for performing security assessments of mobile applications.
https://github.com/sensepost/objection#Mobile
Research on Apple's Bluetooth Low Energy Exposé (BLEEE) vulnerabilities.
https://hexway.io/research/apple-bleee/#Mobile
A step-by-step guide on building an Android penetration testing lab.
https://medium.com/purplebox/step-by-step-guide-to-building-an-android-pentest-lab-853b4af6945e#Mobile
The ultimate guide to bypassing SSL pinning, provided by RedHunt Labs.
https://redhuntlabs.com/wp-content/uploads/2021/10/Ultimate-Guide-to-SSL-Pinning-Bypass-RedHunt-Labs-Attack-Surface-Management.pdf#Mobile
How to extract or unpack an .ab file (Android backup file) from your device.
https://stackoverflow.com/questions/18533567/how-to-extract-or-unpack-an-ab-file-android-backup-file#Mobile
Follow Aacle on Twitter for updates and insights.
https://twitter.com/Aacle_#Mobile
Check out this specific tweet from Aacle on Twitter.
https://twitter.com/Aacle_/status/1584916071483858944?s=20&t=_NVI4Fohd_VrJfcOymSCKg#Mobile
An introduction to mobile penetration testing by Hack The Box.
https://www.hackthebox.com/blog/intro-to-mobile-pentesting#Mobile
Guide on setting up Mobexler with VMware and Android Studio.
https://www.randorisec.fr/setting-up-mobexler-vmware-android-studio/#Mobile
XDA Developers is a community of developers and enthusiasts focused on Android development.
https://www.xda-developers.com/#Mobile
Profile of Svetius, a contributor on XDA Developers.
https://www.xda-developers.com/author/svetius#Mobile
Subscribe to this YouTube channel for videos on mobile security.
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQ#Mobile
Watch this video on mobile security from YouTube.
https://www.youtube.com/watch?v=xp8ufidc514#Mobile
Author page on Zero Day Hacker, featuring various articles on mobile security.
https://zerodayhacker.com/author/hjdbvet6z3k#Mobile
Learn how to use an Android emulator for API hacking on Zero Day Hacker.
https://zerodayhacker.com/using-an-android-emulator-for-api-hacking/#Mobile
Introduction to RSA cryptography by express.
https://www.youtube.com/watch?v=RyMmKoSSPN8#Crypto
Express channel for cryptography tutorials and explanations.
https://www.youtube.com/channel/UCFMT8Cx0JO8BRkiZ8vzIa1A#Crypto
Tutorial on RSA encryption in French language.
https://www.youtube.com/watch?v=KfUrZG6Vo2Q#Crypto
Tech AB Info channel with various tech and crypto-related content.
https://www.youtube.com/channel/UCkzVomnoR_X9uE5box2Dw8g#Crypto
Educational series on elliptic curves in cryptography.
https://www.youtube.com/playlist?list=PLYpVTXjEi1oe1OeAllJpNhFoI4B7Ws8Yl#Crypto
Quantum channel featuring videos on quantum cryptography.
https://www.youtube.com/channel/UCgeO7CtfYSdWt0PPZ3vafqw#Crypto
Introduction to supersingular isogenies for post-quantum cryptography.
https://www.youtube.com/watch?v=9B7jq7Mgiwc#Crypto
Videos from Microsoft Research covering various aspects of cryptography.
https://www.youtube.com/channel/UCCb9_Kn8F_Opb3UCGm-lILQ#Crypto
Lecture on the mathematics of lattices in cryptography.
https://youtu.be/LlPXfy6bKIY#Crypto
Videos from Simons Institute discussing advanced topics in cryptography.
https://www.youtube.com/channel/UCW1C2xOfXsIzPgjXyuhkw9g#Crypto
Conference introducing RSA cryptography in French.
https://www.youtube.com/watch?v=FiZwf8GfSzo#Crypto
Crypto challenges and tutorials in French language.
https://www.youtube.com/watch?v=iIesDpv9F4s#Crypto
Videos from Ange Albertini covering various crypto-related topics.
https://www.youtube.com/channel/UCwQvHQ2JdGomedDJFJ9r7DA#Crypto
Mathematics exercises related to cryptography.
https://www.youtube.com/watch?v=IdchTH9bGOs#Crypto
Videos on preparing for cryptography challenges and exams.
https://www.youtube.com/channel/UCn4MPWKkXuS2GlmLH9-Qaew#Crypto
Tech tutorial on SSH and Diffie-Hellman key exchange.
https://youtu.be/VXGt12Nioqc#Crypto
Explanation of cybersecurity concepts in French.
https://www.youtube.com/channel/UCHScE3Ck5G6_Cp0BqPM7YTA#Crypto
Explanation of the AES encryption algorithm.
https://www.youtube.com/watch?v=O4xNJsjtN6E#Crypto
Computerphile channel with videos on computer science topics including cryptography.
https://www.youtube.com/channel/UC9-y-6csu5WGm29I7JiwpnA#Crypto
Explanation of attacking ECB mode encryption.
https://www.youtube.com/watch?v=unn09JYIjOI#Crypto
247CTF channel featuring CTF challenges including cryptography.
https://www.youtube.com/channel/UCtGLeKomT06x3xZ2SZp2l9Q#Crypto
Demonstration of AES-ECB plaintext recovery in a cyber competition.
https://www.youtube.com/watch?v=f-iz_ZAS258#Crypto
John Hammond channel with tutorials on cybersecurity and cryptography.
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw#Crypto
No description available.
https://www.youtube.com/channel/UCEpTctnbaz_m9DpibqG1siw#Crypto
Demonstration of decrypting RSA and ChaCha20 ransomware.
https://www.youtube.com/watch?v=S9NyJD4LiY0#Crypto
0xdf channel featuring cybersecurity and crypto-related content.
https://www.youtube.com/channel/UChO9OAH57Flz35RRX__E25A#Crypto
Explanation of the ChaCha stream cipher.
https://youtu.be/UeIpq-C-GSA#Crypto
Tutorial on exploiting SSH key parsing vulnerabilities.
https://youtu.be/4F1XGsvB2iA#Crypto
IppSec channel featuring cybersecurity walkthroughs including cryptographic challenges.
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA#Crypto
Explanation of creating the first SHA-1 collision and its implications for hash security.
https://www.youtube.com/watch?v=Zl1TZJGfvPo#Crypto
Black Hat channel featuring presentations on cybersecurity including cryptography.
https://www.youtube.com/channel/UCJ6q9Ie29ajGqKApbLqfBOg#Crypto
Introduction to the LEA cryptographic algorithm.
https://maojui.me/Crypto/LEA/#Crypto
Explanation of elliptic curve cryptography from the Nakov Cryptobook.
https://cryptobook.nakov.com/asymmetric-key-ciphers/elliptic-curve-cryptography-ecc#Crypto
Introduction to RSA encryption from SigmaPrime Blog.
https://blog.sigmaprime.io/introduction-to-rsa.html#Crypto
Exploration of attacking RSA for fun and in Capture The Flag competitions (Part 1).
https://bitsdeep.com/posts/attacking-rsa-for-fun-and-ctf-points-part-1/#Crypto
Explanation and usage of JA3 fingerprints in cybersecurity.
https://ja3er.com/#Crypto
Techniques for impersonating JA3 fingerprints in cybersecurity.
https://medium.com/cu-cyber/impersonating-ja3-fingerprints-b9f555880e42#Crypto
Exploration of unsupervised machine learning and JA-3 in cybersecurity.
https://www.darktrace.com/en/blog/beyond-the-hash-how-unsupervised-machine-learning-unlocks-the-true-power-of-ja-3/#Crypto
Tool for conducting RSA-related Capture The Flag challenges.
https://github.com/Ganapati/RsaCtfTool#Crypto
Explanation and demonstration of bit flipping attacks on CBC mode encryption.
https://crypto.stackexchange.com/questions/66085/bit-flipping-attack-on-cbc-mode#Crypto
Reference material on cryptography and engineering.
https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/CandE.md#Crypto
Introduction to RSA encryption.
https://medium.com/@c0D3M/introduction-to-rsa-e8cb39af508e#Crypto
Courses and challenges for learning cryptography.
https://cryptohack.org/courses/#Crypto
Mathematical exploration of elliptic curves in cryptography.
https://www.alpertron.com.ar/ECM.HTM#Crypto
Basic notions in number theory related to cryptography.
https://github.com/zademn/EverythingCrypto/blob/master/E1%20Mathematics/Number_theory/Basic_notions.ipynb#Crypto
Guide to rolling your own AES encryption implementation.
https://github.com/francisrstokes/githublog/blob/main/2022/6/15/rolling-your-own-crypto-aes.md#Crypto
Book covering real-world applications of cryptography.
https://www.amazon.fr/Real-world-Cryptography-David-Wong/dp/1617296716#Crypto
Handbook covering various aspects of cryptography.
https://b-ok.cc/book/17217306/389dcb#Crypto
Challenges and exercises related to cryptography.
https://w3challs.com/challenges/list/crypto#Crypto
Repository of crypto attacks and techniques.
https://github.com/jvdsn/crypto-attacks#Crypto
Book on advanced military cryptography.
https://www.amazon.com/Advanced-Military-Cryptography-Cryptographic-Friedman/dp/0894120115#Crypto
Wiki resource on cryptography.
https://cryptography.fandom.com/wiki/Crypto_Wiki#Crypto
README file on elliptic curves.
https://github.com/ashutosh1206/Crypton/blob/master/Elliptic-Curves/README.md#Crypto
Design principles of the ChaCha20 cipher.
https://loup-vaillant.fr/tutorials/chacha20-design#Crypto
Key derivation in ChaCha20 stream cipher.
https://loup-vaillant.fr/articles/chacha20-key-derivation#Crypto
Usage of ChaCha20 in stream ciphers.
https://libsodium.gitbook.io/doc/advanced/stream_ciphers/chacha20#Crypto
Attack techniques against AES using square attack.
https://github.com/thomasperrot/aes-square-attack#Crypto
Writeup of crypto challenge from CA CTF 2022.
https://www.hackthebox.com/blog/movs-like-jagger-ca-ctf-2022-crypto-writeup#Crypto
Writeup on side channel attacks in cryptography.
https://github.com/0x14mth3n1ght/Writeup/tree/master/FCSC/side_chan/#Crypto
Explanation of the AES encryption algorithm.
https://braincoke.fr/blog/2020/08/the-aes-encryption-algorithm-explained/#Crypto
Cryptanalysis methods using video content.
https://www.nassiben.com/video-based-crypta#Crypto
Introduction to lattice-based cryptography.
https://vozec.fr/crypto-lattice/lattice-introduction/#Crypto
Best practices and handling tips for ECDSA cryptography.
https://blog.trailofbits.com/2020/06/11/ecdsa-handle-with-care/#Crypto
Writeup for the FCSC 2020 challenge "Corrumpere".
https://github.com/Jakobus0/FCSC-2020-write-ups/blob/master/corrumpere_write_up.md#Crypto
Tool or technique involving AES encryption.
https://github.com/Vozec/AES-Flipper#Crypto
Prediction and analysis of PHP mt_rand function.
https://www.ambionics.io/blog/php-mt-rand-prediction#Crypto
Reverse engineering of the mt_rand function.
https://github.com/ambionics/mt_rand-reverse#Crypto
Explanation of creating the first SHA-1 collision.
https://www.youtube.com/watch?v=Zl1TZJGfvPo#Crypto
Working with Expert Witness Files in Linux.
https://dfir.science/2017/11/EWF-Tools-working-with-Expert-Witness-Files-in-Linux.html#Forensics
Various tools by ANSSI-FR for BIOS Management.
https://github.com/ANSSI-FR/bmc-tools#Forensics
Forensics challenges and resources for CTF.
https://trailofbits.github.io/ctf/forensics/#Forensics
Tool to retrieve passwords stored on a system.
https://github.com/AlessandroZ/LaZagneForensic#Forensics
A comprehensive forensics spreadsheet.
https://docs.google.com/spreadsheets/d/1z-44BUA2AVf8uqnoiDDSi7UxbyWy8KJqK4uaYq_0YYg/edit#gid=9#Forensics
HFS file system, partitions, and relevant evidences.
https://www.andreafortuna.org/2020/08/31/ios-forensics-hfs-file-system-partitions-and-relevant-evidences/#Forensics
Resources on iOS forensics.
https://resources.infosecinstitute.com/topic/ios-forensics/#Forensics
Parse and extract data from BPL files.
https://github.com/threeplanetssoftware/bplister#Forensics
Dump iOS Frequent Locations data.
https://github.com/mac4n6/iOS-Frequent-Locations-Dumper#Forensics
Various forensics tools by Mesquidar.
https://github.com/mesquidar/ForensicsTools#Forensics
Digital forensics resources and tools.
https://www.digitalforensics.com/#Forensics
Emulation framework for firmware analysis.
https://github.com/firmadyne/firmadyne/#Forensics
How I cracked Conti Ransomware Group’s leaked source code.
https://medium.com/@whickey000/how-i-cracked-conti-ransomware-groups-leaked-source-code-zip-file-e15d54663a8#Forensics
Video on Linux memory forensics.
https://www.youtube.com/watch?v=uYWTfWV3dQI&ab_channel=IppSec#Forensics
Memory forensics on Android devices.
https://www.pwc.be/en/FY21/documents/Android_memory_forensics.pdf#Forensics
Part 1 of the Cobalt Strike Investigation series.
https://blog.lexfora.com/Cobalt%20Strike%20Investigation%20Part%201.html#Forensics
Detect hidden processes on Unix-like systems.
https://github.com/YJesus/Unhide-NG#Forensics
UNIX and Linux based rootkits techniques and countermeasures.
https://repository.root-me.org/Virologie/EN%20-%20UNIX%20and%20Linux%20based%20Rootkits%20Techniques%20and%20Countermeasures%20-%20Andreas%20Bunten.pdf#Forensics
Cheatsheet for Volatility framework.
https://k-lfa.info/volatility-cheatsheet/#Forensics
Case study on detecting DNS implants.
https://research.nccgroup.com/2022/08/11/detecting-dns-implants-old-kitten-new-tricks-a-saitama-case-study/#Forensics
List of useful forensics tools.
https://k-lfa.info/quelques-tools-forensics/#Forensics
Extract information from Firefox and Thunderbird profiles.
https://github.com/Busindre/dumpzilla#Forensics
Analyze attacks using Cobalt Strike.
https://connect.ed-diamond.com/misc/misc-116/analyser-une-attaque-utilisant-l-outil-d-intrusion-commercial-cobalt-strike#Forensics
Command-line tool for forensics and incident response.
https://github.com/WithSecureLabs/chainsaw#Forensics
Understanding MACB times in Windows Forensic Analysis.
https://andreafortuna.org/2017/10/06/macb-times-in-windows-forensic-analysis/#Forensics
Recover cleared browser history.
https://www.inversecos.com/2022/10/recovering-cleared-browser-history.html?m=1#Forensics
Investigation numérique sous macOS HFS.
https://connect.ed-diamond.com/MISC/misc-107/investigation-numerique-sous-macos-hfs#Forensics
Command-line tool to show information about EWF files.
https://command-not-found.com/ewfinfo#Forensics
Scan for Cobalt Strike beacons.
https://github.com/Apr4h/CobaltStrikeScan#Forensics
Understanding Apple’s binary property list format.
https://medium.com/@karaiskc/understanding-apples-binary-property-list-format-281e6da00dbd#Forensics
Writeups for FCSC 2021 forensics challenges.
https://github.com/SorCelien/CTF-WRITEUPS/blob/main/FCSC-2021/forensics/ordiphone-2.md#Forensics
Writeups for SharkyCTF EZDump challenges.
https://www.synacktiv.com/publications/sharkyctf-ezdump-writeups-linux-forensics-introduction.html#Forensics
Extract kallsyms from Linux kernel memory dumps.
https://github.com/pagabuc/kallsyms-extractor#Forensics
Research paper on forensics.
https://dl.acm.org/doi/fullHtml/10.1145/3485471#Forensics
Slides on Volatility from LSE Summer Week 2016.
https://www.lse.epita.fr/lse-summer-week-2016/slides/lse-summer-week-2016-04-volatility.pdf#Forensics
Convert DWARF debugging information to JSON.
https://github.com/volatilityfoundation/dwarf2json#Forensics
Create specific Volatility profile and symbol table.
https://fahriguresci.com/create-specific-volatility-profile-and-symbol-table/#Forensics
Library to work with Windows EVTX event log files.
https://github.com/omerbenamram/evtx#Forensics
Search Windows EVTX files with precision.
https://bhabeshraj.com/post/search-windows-evtx-files-with-precision/#Forensics
Forensics tool to find and extract data.
https://github.com/d4rk-d4nph3/exfinder#Forensics
Forensic analysis of Windows event logs.
https://andreafortuna.org/2017/10/20/windows-event-logs-in-forensic-analysis/#Forensics
Cracking PIN and password locks on Android.
https://forensics.spreitzenbarth.de/2012/02/28/cracking-pin-and-password-locks-on-android/#Forensics
Breaking the screenlock on Android devices.
https://forensics.spreitzenbarth.de/2015/08/12/breaking-the-screenlock-a-short-update/#Forensics
Finding malware on memory dumps using Volatility and YARA rules.
https://andreafortuna.org/2018/07/16/finding-malware-on-memory-dumps-using-volatility-and-yara-rules/#Forensics
Tool to extract files from .bup archives.
https://github.com/OpenSecurityResearch/unbup#Forensics
Volatility plugin for scanning Zeus malware.
https://github.com/botherder/volatility/blob/master/contrib/plugins/malware/zeusscan.py#Forensics
Post-exploitation tool to extract credentials.
https://github.com/FreeRDP/FreeRDP/wiki/Mimikatz#Forensics
Decrypt encrypted stub data in Wireshark.
https://medium.com/tenable-techblog/decrypt-encrypted-stub-data-in-wireshark-deb132c076e7#Forensics
Tool to retrieve passwords stored on a system.
https://github.com/AlessandroZ/LaZagneForensic#Forensics
Archive of RDP replay blog post.
https://web.archive.org/web/20200424034135/https://www.contextis.com/en/blog/rdp-replay#Forensics
Decrypting IPsec protocols ISAKMP.
https://celaldogan2010.medium.com/decrypting-ipsec-protocols-isakmp-and-5a93991#Forensics
Writeup on RDP network forensics.
https://res260.medium.com/ihack-2020-monster-inc-the-middle-rdp-network-forensics-writeup-91e2fb0f4287#Forensics
Memory forensics writeup on HackTheBox.
https://www.hackthebox.com/blog/memory-forensics-volatility-write-up#Forensics
LiME on Android AVDs for Volatility analysis.
https://gabrio-tognozzi.medium.com/lime-on-android-avds-for-volatility-analysis-a3d2d89a9dd0#Forensics
Digital forensics tools by Eric Zimmerman.
https://ericzimmerman.github.io/#!index.md#Forensics
Illustrated guide to memory forensics with Volatility.
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html#Forensics
Memory forensics and the Windows Subsystem for Linux.
https://dfrws.org/wp-content/uploads/2019/06/paper_memory_forensics_and_the_windows_subsystem_for_linux.pdf#Forensics
Introduction to memory forensics video playlist.
https://www.dfir.training/video-playlists/introduction-to-memory-forensics#Forensics
PowerShell obfuscation detection framework.
https://github.com/danielbohannon/Revoke-Obfuscation#Forensics
Scan for CanaryTokens in files.
https://github.com/0xNslabs/CanaryTokenScanner#Forensics
Anti-forensics techniques on HackTheBox.
https://www.hackthebox.com/blog/anti-forensics-techniques#Forensics
Presentation at DEF CON 24 discussing methods to bypass captive portals and limited networks.
https://www.youtube.com/watch?v=GhUUzGBjhXQ#Network
Discussion on the current state of DNS rebinding attacks and their origins.
https://www.youtube.com/watch?v=y9-0lICNjOQ#Network
Conference on securing mail infrastructure using DNS.
https://www.youtube.com/watch?v=C2gy_vITxLA#Network
Analysis of Modbus traffic focusing on SANS ICS concepts.
https://www.youtube.com/watch?v=OAsLdXzKQo8#Network
Educational video explaining 5G technology using small cars.
https://www.youtube.com/watch?v=ao3jzvDghNI#Network
Detailed guide to pfSense 2.3 covering its features and benefits.
https://www.youtube.com/watch?v=agieD5uiwYY#Network
Article discussing attacks on real VoIP systems using SIPVicious OSS.
https://www.rtcsec.com/article/attacking-real-voip-system-with-sipvicious-oss/#Network
Exploration of unsupervised machine learning and its impact on JA3 technology.
https://www.darktrace.com/en/blog/beyond-the-hash-how-unsupervised-machine-learning-unlocks-the-true-power-of-ja-3/#Network
Medium article detailing methods for impersonating JA3 fingerprints.
https://medium.com/cu-cyber/impersonating-ja3-fingerprints-b9f555880e42#Network
Pinterest board related to cybersecurity and technology.
https://www.pinterest.com/anderson_boschi/#Network
GitHub repository for SNMPv3Brute tool.
https://github.com/applied-risk/snmpv3brute#Network
Recipes and techniques for password cracking.
https://www.ifm.net.nz/cookbooks/passwordcracker.html#Network
Medium article discussing WiFi security hacking in IEEE 802.11 networks.
https://medium.com/@syedhuseyn/ieee-802-11-wifi-security-hacking-149d26a2831#Network
Research article on the WiFiDemon iOS WiFi RCE 0-day vulnerability.
https://blog.zecops.com/research/meet-wifidemon-ios-wifi-rce-0-day-vulnerability-and-a-zero-click-vulnerability-that-was-silently-patched/#Network
Alert from Palo Alto Networks regarding a zero-day vulnerability.
https://thehackernews.com/2021/11/palo-alto-warns-of-zero-day-bug-in.html?m=1#Network
Guide on performing Linux packet captures using tcpdump.
https://cordero.me/linux-packet-captures-with-tcpdump/#Network
Blog post detailing VLAN hopping attacks.
https://papehane.blogspot.com/2018/01/vlan-hopping-attack.html#Network
ICANN resource page explaining DNSSEC and its importance.
https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-20-fr#Network
Mind map for WiFi hacking techniques.
https://github.com/koutto/pi-pwnbox-rogueap/blob/main/mindmap/WiFi-Hacking-MindMap-v1.png#Network
Insights into exploiting AWS vulnerabilities from an attacker's perspective.
https://daycyberwox.com/exploiting-aws-2-attackers-perspective-flaws2cloud#Network
LinkedIn post on hacking protocol chapter RIPV1 by Mike Ghahremani.
https://www.linkedin.com/pulse/hack-protocol-chapter-ripv1-mike-ghahremani/#Network
Blog post on abusing Microsoft Teams Direct Routing.
https://blog.syss.com/posts/abusing-ms-teams-direct-routing/#Network
Tenable TechBlog article on decrypting encrypted stub data in Wireshark.
https://medium.com/tenable-techblog/decrypt-encrypted-stub-data-in-wireshark-deb132c076e7#Network
Medium article analyzing WhatsApp calls.
https://medium.com/@schirrmacher/analyzing-whatsapp-calls-176a9e776213#Network
Blog post from Grimm detailing trust issues.
https://blog.grimm-co.com/2021/09/mama-always-told-me-not-to-trust.html#Network
Blog post on subdomain enumeration using DNSSEC.
https://www.securesystems.de/blog/subdomain-enumeration-with-DNSSEC/#Network
GitHub repository for SeeYouCM Thief tool.
https://github.com/trustedsec/SeeYouCM-Thief#Network
Blog post on unauthenticated dumping of usernames via Cisco Unified Call Manager.
https://www.n00py.io/2022/01/unauthenticated-dumping-of-usernames-via-cisco-unified-call-manager-cucm/#Network
Security Intelligence article dissecting and exploiting TCP/IP RCE vulnerability.
https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/#Network
Medium article diving deep into TLS protocol.
https://medium.com/devops-dudes/deep-dive-into-tls-a9798ac1763a#Network
GitHub repository for Nord-Stream tool.
https://github.com/synacktiv/nord-stream#Network
GitHub repository for OSPFMD5Crack tool.
https://github.com/c4s73r/OSPFMD5Crack/tree/main#Network
French article explaining ARP spoofing, MITM, and DoS attacks.
https://www.it-connect.fr/comprendre-les-attaques-via-arp-spoofing-mitm-dos/#Network
GitHub repository for Wireless Pentesting CheatSheet.
https://github.com/V0lk3n/WirelessPentesting-CheatSheet#Network
GitHub repository for Network Segmentation Cheat Sheet.
https://github.com/sergiomarotco/Network-segmentation-cheat-sheet#Network
APNIC blog post providing an overview of QUIC protocol.
https://blog.apnic.net/2019/03/04/a-quick-look-at-quic/#Network
Docker documentation on packet filtering firewalls.
https://docs.docker.com/network/packet-filtering-firewalls/#Network
Tool for decoding online SMS PDU.
https://www.smsdeliverer.com/online-sms-pdu-decoder.aspx#Network
Medium article investigating Surfshark and NordVPN using JA4T.
https://medium.com/foxio/investigating-surfshark-and-nordvpn-with-ja4t-7bbf5a33aad0#Network
Exploring the implications of hotwiring electric vehicles in 2023.
https://www.youtube.com/watch?v=5tLNRk7mZXo#Hardware
Comparison between office chairs and gaming chairs.
https://www.youtube.com/watch?v=9Yhc6mmdJC4#Hardware
Channel focusing on gaming hardware and technology reviews.
https://youtube.com/c/GamersNexus#Hardware
Investigating the possibility of recovering sound from images.
https://www.youtube.com/watch?v=eUzB0L0mSCI#Hardware
Videos on technology and electronics.
https://www.youtube.com/user/dexsilicium/videos#Hardware
Exploring post-exploitation scenarios after hacking a WiFi router.
https://www.youtube.com/watch?v=bbZvIXU4laI#Hardware
Samy Kamkar discussing radio hacking of cars and hardware.
https://www.youtube.com/watch?v=1RipwqJG50c#Hardware
Discussion on hacking a TP-Link router at Pwn2Own competition.
https://www.youtube.com/watch?v=zjafMP7EgEA#Hardware
Demonstration of breaking out of kiosks using web browsers.
https://www.youtube.com/watch?v=R7srpHUshuI#Hardware
Security analysis of IoT and embedded systems firmware.
https://www.youtube.com/watch?v=9ONXskRt_qQ#Hardware
Man-in-the-middle style attack on a Netgear router from WAN.
https://www.youtube.com/watch?v=NQrKFeS5YUk#Hardware
Discussion on EcoOBD & NitroOBD scam.
https://www.youtube.com/watch?v=fGciVNYHw7U#Hardware
Analysis of the pricing of vehicle keys.
https://www.youtube.com/watch?v=IBJUh0jr9P0#Hardware
Lowering the entry fee to IoT bugfest with Hydrabus.
https://www.youtube.com/watch?v=theYbzPhYH8#Hardware
Keynote speech by Jayson E. Street at Security Fest 2022.
https://www.youtube.com/watch?v=FP5c8_U1G-w#Hardware
Hitchhacker’s guide to iPhone lightning cable hacking at DEF CON 30.
https://www.youtube.com/watch?v=8p3Oi4DL0eI#Hardware
Discussion on banned gadgets that anyone can buy.
https://www.youtube.com/watch?v=rTmJOkmlzro#Hardware
Analysis of the PS5 disassembly by Sony.
https://www.youtube.com/watch?v=9ZmKyjpq9jo#Hardware
Channel focusing on retro electronics and repairs.
https://www.youtube.com/@retrofixer#Hardware
Videos from the Flashback Team on various tech topics.
https://youtube.com/c/FlashbackTeam#Hardware
Analysis of silicon chip in a driver's license.
https://www.youtube.com/watch?v=aTpH34Mvg90#Hardware
Guide to UART root shell attacks.
https://www.youtube.com/watch?v=01mw0oTHwxg#Hardware
Air-gap exfiltration attack via radio signals from SATA cables.
https://www.youtube.com/watch?v=rlmP-csuFIo#Hardware
Site web spécialisé dans les actualités et tests de matériel informatique.
https://tomshardware.fr/#Hardware
Auteur Beapi sur Tom's Hardware France.
https://www.tomshardware.fr/author/beapi/#Hardware
Produit NooElec NESDR SMArt avec aluminium et antennes.
https://www.amazon.fr/NooElec-NESDR-SMArt-Aluminium-antennes/dp/B01GDN1T4S/#Hardware
Calculateur d'antenne collinéaire sans fil.
https://martybugs.net/wireless/collinear.cgi#Hardware
Défi BattleChip du CTF FCSC 2021 sur 0xff.re.
https://ctf.0xff.re/2021/fcsc_2021/battlechip#Hardware
Writeups pour le CTF FCSC 2021 sur le thème du hardware.
https://github.com/dspiricate/writeups/tree/main/FCSC/2021/hardware#Hardware
Article sur J2000.0 sur Wikipedia.
https://fr.wikipedia.org/wiki/J2000.0#Hardware
Tweet de Podalirius.
https://twitter.com/podalirius_/status/1434887791536652290#Hardware
Tweet de Podalirius.
https://twitter.com/podalirius_/status/1436420758188838913#Hardware
Projet RF to Bytes avec RTL-SDR sur nada-labs.net.
https://nada-labs.net/2017/rf-to-bytes-rtl-sdr/#Hardware
Article sur l'entête Ethernet sur FrameIP.
https://www.frameip.com/entete-ethernet/#Hardware
Auteur Sebastien Fontaine sur FrameIP.
https://www.frameip.com/author/sebastien-fontaine/#Hardware
Universal Radio Hacker (URH) sur GitHub.
https://github.com/jopohl/urh#Hardware
Firmware Modification Kit sur GitHub.
https://github.com/rampageX/firmware-mod-kit#Hardware
Awesome-Hardware-and-IoT-Hacking sur GitHub.
https://github.com/CyberSecurityUP/Awesome-Hardware-and-IoT-Hacking#Hardware
Article sur l'infrarouge sur le blog de Flipper Zero.
https://blog.flipperzero.one/infrared/amp/#Hardware
Guide DIY pour créer son propre proxy 4G sur BlackHatWorld.
https://www.blackhatworld.com/seo/diy-how-to-create-your-own-4g-proxy.1234185/#Hardware
Articles de la catégorie Classroom sur le blog de Flipper Zero.
https://blog.flipperzero.one/tag/classroom/#Hardware
Article sur le piratage de voiture sur Programming With Style.
https://programmingwithstyle.com/posts/howihackedmycar/#Hardware
Guide d'apprentissage sur les communications série asynchrones sur Saleae.
https://support.saleae.com/tutorials/learning-portal/learning-resources/learn-asynchronous-serial#Hardware
Firmware Flipper Zero avec plugins sur GitHub.
https://github.com/RogueMaster/flipperzero-firmware-wPlugins#Hardware
Articles How-To sur les gadgets sur HackMag.
https://hackmag.com/security/gadgets-howto/#Hardware
Article sur le relais des YubiKeys par Cube0x0.
https://cube0x0.github.io/Relaying-YubiKeys/#Hardware
Série Enabot Partie 2 sur DebugMen.
https://debugmen.dev/hardware-series/2022/08/01/enabot_series_part_2.html#Hardware
Série Enabot Partie 1 sur DebugMen.
https://debugmen.dev/hardware-series/2022/02/18/enabot_series_part_1.html#Hardware
Article sur l'émulation avec QEMU sur ZDI.
https://www.zerodayinitiative.com/blog/2020/5/27/mindshare-how-to-just-emulate-it-with-qemu#Hardware
Produit Amazon - Kit B01MUFRHQ2.
https://www.amazon.fr/gp/product/B01MUFRHQ2/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&psc=1#Hardware
Produit Amazon - Kit B00TM0W8ZY.
https://www.amazon.fr/gp/product/B00TM0W8ZY/ref=ppx_yo_dt_b_asin_title_o03_s00?ie=UTF8&psc=1#Hardware
Kit de électronique Velleman WSG150 sur Distrelec.
https://www.distrelec.ch/fr/kit-de-electronique-velleman-wsg150/p/18500308?trackQuery=kit+%c3%a9l%c3%a9ctronique&pos=17&origPos=17&origPageSize=50&track=true#Hardware
Kit Roue de la Fortune électronique Velleman WSG152 sur Distrelec.
https://www.distrelec.ch/fr/kit-roue-de-la-fortune-electronique-velleman-wsg152/p/18500324?trackQuery=kit+%c3%a9l%c3%a9ctronique&pos=19&origPos=19&origPageSize=50&track=true#Hardware
Kit de électronique Velleman WSG113 sur Distrelec.
https://www.distrelec.ch/fr/kit-de-electronique-velleman-wsg113/p/18520090?trackQuery=kit+%c3%a9l%c3%a9ctronique&pos=23&origPos=23&origPageSize=50&track=true#Hardware
Station de soudage JBC BT-2BWA 140Watt sur EleShop.
https://eleshop.fr/jbc-bt-2bwa-soldeerstation-140watt.html#Hardware
Pinecil Mini Fer à Souder Portable Intelligent sur EleShop.
https://eleshop.fr/pinecil-mini-fer-a-souder-portable-intelligent.html#Hardware
Guide sur l'évasion des applications GUI sur HackTricks.
https://book.hacktricks.xyz/hardware-physical-access/escaping-from-gui-applications#Hardware
Laboratoires de piratage de kiosques ATM sur Boschko.
https://boschko.ca/atm-kiosk-hacking-labs/amp/#Hardware
Article sur la sortie des kiosques Windows en utilisant uniquement Microsoft Edge sur le blog NVISO.
https://blog.nviso.eu/2022/05/24/breaking-out-of-windows-kiosks-using-only-microsoft-edge/#Hardware
Auteur Firat Acar sur le blog NVISO.
https://blog.nviso.eu/author/firat-acar/#Hardware
Expériences de piratage matériel sur GitHub.
https://github.com/koutto/hardware-hacking/blob/master/Hardware-Hacking-Experiments-Jeremy-Brun-Nouvion-2020.pdf#Hardware
Attaque DMA pratique sur Windows 10 par Synacktiv.
https://www.synacktiv.com/en/publications/practical-dma-attack-on-windows-10.html#Hardware
Article sur UART, U-Boot, et USB sur VoidStar Security.
https://voidstarsec.com/blog/uart-uboot-and-usb#Hardware
HackRF One en français sur GitHub par PierreAdams.
https://github.com/PierreAdams/HackRF-One-French#Hardware
Attaques par implants matériels - Partie 1 sur CSG GovTech.
https://medium.com/csg-govtech/hardware-implant-attacks-part-1-console-access-attacks-on-vulnerable-iot-devices-104662f472dc#Hardware
Dronesploit sur GitHub par dhondta.
https://github.com/dhondta/dronesploit#Hardware
Archive du blog ZeroJay.
https://web.archive.org/web/20201111185235/https://zerojay.com/blog/#Hardware
SF Cabinet sur GitHub par wrongbaud.
https://github.com/wrongbaud/sf-cabinet#Hardware
Bus Pirate sur GitHub par BusPirate.
https://github.com/BusPirate/Bus_Pirate#Hardware
Exploitation des APIs embarquées par le dumping de firmware sur Dana Epp.
https://danaepp.com/exploiting-embedded-apis-by-dumping-firmware#Hardware
HydraBus Framework sur 0x00sec (Cached).
https://webcache.googleusercontent.com/search?q=cache:y33eqtzZJNEJ:https://0x00sec.org/t/hydrabus-framework/17057&cd=8&hl=fr&ct=clnk&gl=fr&client=firefox-b-d#Hardware
Partie 3 du CTF IoT Ph0wn par Sébastien Andrivet.
http://sebastien.andrivet.com/en/posts/ph0wn-my-first-iot-ctf-part-3/#Hardware
Profondeur du protocole: Couche physique USB par Luigi C. Filho sur LinkedIn.
https://www.linkedin.com/pulse/protocol-depth-usb-physical-layer-luigi-c-filho/#Hardware
Ingénierie inverse de l'architecture pinout PLC par SEC Consult.
https://sec-consult.com/blog/detail/reverse-engineering-architecture-pinout-plc/#Hardware
Dumping de flash - Partie I sur Quarkslab.
https://blog.quarkslab.com/flash-dumping-part-i.html#Hardware
Je pirate U-Boot par Synacktiv.
https://www.synacktiv.com/publications/i-hack-u-boot#Hardware
Dumping de firmware d'une caméra Reolink par Micah VanDeusen.
https://micahvandeusen.com/dumping-firmware-from-a-reolink-camera/#Hardware
Guide pratique pour pirater les systèmes CAN Bus à l'aide du simulateur de cluster d'instruments - Partie I par Yogesh Ojha.
https://medium.com/@yogeshojha/car-hacking-101-practical-guide-to-exploiting-can-bus-using-instrument-cluster-simulator-part-i-cd88d3eb4a53#Hardware
Flipper Zero Brute Force sur GitHub par tobiabocchi.
https://github.com/tobiabocchi/flipperzero-bruteforce#Hardware
Jailbreaking the Sonos Era 100 par NCC Group.
https://research.nccgroup.com/2023/12/04/shooting-yourself-in-the-flags-jailbreaking-the-sonos-era-100/#Hardware
JTAG iPhone Pico par MattEyeux.
https://matteyeux.github.io/posts/jtag-iphone-pico/#Hardware
Vidéo YouTube sur ChatGPT et l'avancée de l'IA.
https://www.youtube.com/watch?v=mc2Qli9ImOI#IA
Article sur la fonction de perte log.
https://dasha.ai/en-us/blog/log-loss-function#IA
Tutoriel sur l'apprentissage profond.
https://www.geeksforgeeks.org/deep-learning-tutorial/#IA
Projet DeepExploit pour la sécurité en apprentissage automatique.
https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit#IA
Article sur la détection de fraude avec l'apprentissage automatique chez Netflix.
https://netflixtechblog.com/machine-learning-for-fraud-detection-in-streaming-services-b0b4ef3be3f6#IA
Article sur l'exploitation des modèles GPT personnalisés.
https://hacktback.fr/nos-ressources/exploitation-des-modeles-gpt-personnalises/#IA
DarkGPT Official Edition par FlowGPT.
https://flowgpt.com/p/darkgpt-official-edition#IA
Article sur le premier ver informatique pour les systèmes d'IA.
https://www.clubic.com/actualite-520456-des-chercheurs-creent-le-tout-premier-ver-informatique-capable-de-se-repandre-dans-les-systemes-d-ia.html#IA
Tweet par HeyShrutiMishra.
https://twitter.com/heyshrutimishra/status/1771206798881825005?s=46&t=99dL4GUsW1YjQVX3886QCg#IA
Article sur l'invocation de Ragnarok avec votre Némésis.
https://posts.specterops.io/summoning-ragnarok-with-your-nemesis-7c4f0577c93b#IA
Article sur l'exploitation des modèles ML avec des attaques de fichiers Pickle (partie 1).
https://blog.trailofbits.com/2024/06/11/exploiting-ml-models-with-pickle-file-attacks-part-1/#IA
Articles par Sarah Miller sur Trail of Bits.
https://blog.trailofbits.com/author/sarahmiller239#IA
Conférence sur les origines de l'OSINT par Jean-Marc Manach.
https://www.youtube.com/watch?v=XrTFzZ77eEI#Osint
Techniques avancées d'OSINT sur LinkedIn avec Mishaal Khan.
https://www.youtube.com/watch?v=bz4oZBR3LEk#Osint
Conférence sur OSINT par une chaîne YouTube non identifiée.
https://www.youtube.com/channel/UCSxk_CUfES4ly5Sspc0Vorw#Osint
Atelier en français sur l'OSINT par mot de passe avec h8mail par Khast3x.
https://www.youtube.com/watch?v=u1frAWJE5_Q#Osint
Deuxième partie des origines de l'OSINT par _IntelligenceX/Peter Kleissner.
https://www.youtube.com/watch?v=UsRAziRLsY8#Osint
Techniques de piratage Google pour l'OSINT.
https://securitytrails.com/blog/google-hacking-techniques#Osint
Outil pour la recherche de fuites de données sociales.
https://github.com/MrTuxx/SocialPwned#Osint
Guide des opérateurs de recherche sur Yandex.
https://yandex.com/support/search/query-language/search-operators.html#Osint
Outil d'OSINT pour la recherche d'informations téléphoniques.
https://github.com/sundowndev/PhoneInfoga#Osint
Outil d'OSINT pour l'investigation sur Google Workspace.
https://github.com/mxrch/GHunt#Osint
Tweet par AFP Factuel concernant l'actualité.
https://twitter.com/afpfactuel/status/1413862177304350722?s=21#Osint
Outil pour la recherche de données sensibles dans les dépôts de déchets.
https://github.com/securing/DumpsterDiver#Osint
Défi de suivi de vols pour l'OSINT.
https://haax.fr/fr/writeups/osint-geoint/osint-flight-tracking-challenge/#Osint
Extension Firefox pour l'OSINT sur Facebook et Instagram.
https://addons.mozilla.org/fr/firefox/addon/facebook-instagram-osint/#Osint
Introduction à l'OSINT et ses principes de base.
https://0xraven.fr/articles/osint-101/#Osint
Moteur de recherche et d'analyse de statistiques Telegram.
https://tgstat.ru/en/search#Osint
Guide de pentesting Kubernetes depuis l'extérieur.
https://book.hacktricks.xyz/pentesting/pentesting-kubernetes/pentesting-kubernetes-from-the-outside#Osint
Méthodes pour géolocaliser une photo sur une base militaire US.
https://medium.com/@drstache/using-shadows-and-optics-to-geolocate-a-photo-in-a-us-military-base-29bd3086283c#Osint
Base de données de réseaux sans fil mondiaux.
https://www.cqcore.uk/the-world-of-wigle/#Osint
Articles par l'auteur sur CQCore.
https://www.cqcore.uk/author/cq21_pqp8gp56#Osint
Recherche d'informations sur les identifiants Steam.
https://www.steamidfinder.com/#Osint
Collection ultime d'outils d'OSINT.
https://start.me/p/DPYPMz/the-ultimate-osint-collection#Osint
Tweet par Podalirius sur un sujet non précisé.
https://twitter.com/podalirius_/status/1481670627048132608#Osint
Outil pour la recherche et l'exploitation d'informations.
https://github.com/pixelbubble/ProtOSINT#Osint
Extension Firefox pour la recherche par image.
https://addons.mozilla.org/en-US/firefox/addon/search_by_image/#Osint
Outil pour l'exploration des dispositifs JTAG.
https://github.com/novitae/sterraxcyl#Osint
Outil pour la collecte d'informations LinkedIn.
https://github.com/vysecurity/LinkedInt#Osint
Système de décimalisation des coordonnées DMS.
https://www.fcc.gov/media/radio/dms-decimal#Osint
Analyse GEOINT des frontières sino-birmanes.
https://medium.com/@meakaaet/geoint-1-fronti%C3%A8res-sino-birmanes-f77bdfb581ae#Osint
Outil pour la recherche de secrets dans les dépôts Git.
https://github.com/michenriksen/gitrob#Osint
Outil pour la recherche de fuites d'informations sensibles dans les dépôts Git.
https://github.com/zricethezav/gitleaks#Osint
Outil pour la collecte d'informations sur les courriels, les sous-domaines, etc.
https://github.com/laramies/theHarvester#Osint
Outil pour la recherche de noms d'utilisateur LinkedIn à partir d'adresses électroniques.
https://github.com/initstring/linkedin2username#Osint
Liste des moteurs de recherche pour hackers.
https://github.com/edoardottt/awesome-hacker-search-engines#Osint
Outil pour récupérer du texte à partir d'images floutées.
https://github.com/beurtschipper/Depix#Osint
Présentation sur BlackSide.
https://www.beautiful.ai/player/-MsnhEMkgvXsZpppPkNM/BlackSide#Osint
Guide sur l'extraction de données cachées sur Skype.
https://whitehatinspector.blogspot.com/2021/03/skype-hidden-osint-goldmine.html#Osint
Outil pour deviner les adresses e-mail.
https://github.com/WildSiphon/Mailfoguess#Osint
Service de cartographie en ligne du gouvernement français.
https://www.geoportail.gouv.fr/#Osint
Base de données des entreprises en France.
https://annuaire-entreprises.data.gouv.fr/#Osint
Outils pour l'investigation sur les entreprises.
https://www.societe.ninja/index.html#Osint
Technique pour récupérer des tenues Bitmoji anciennes.
https://webbreacher.com/2022/10/24/grabbing-old-bitmoji-outfits-with-backmoji/#Osint
Outil pour la recherche d'informations sur Google Workspace.
https://github.com/mxrch/GHunt/releases/tag/v2.0.1#Osint
Analyseur de en-têtes de courriel.
https://mxtoolbox.com/EmailHeaders.aspx#Osint
Article sur Google par Elsicarius.
https://elsicarius.fr/google-vous-connaissez#Osint
Six outils pour aider à la géolocalisation.
https://nixintel.info/osint-tools/six-tools-to-help-with-geolocation/#Osint
Outil pour la collecte d'informations LinkedIn.
https://github.com/vysecurity/LinkedInt#Osint
Guide pour comprendre et utiliser les identifiants Google dans une stratégie OSINT.
https://www.eduba.school/blog/comment-comprendre-et-utiliser-les-google-id-dans-une-strategie-osint#Osint
Alimentation publique de l'intelligence.
https://github.com/CriticalPathSecurity/Public-Intelligence-Feeds#Osint
Outil pour la recherche sur le Dark Web.
https://github.com/megadose/OnionSearchtion#Osint
Outil pour l'analyse des menaces et de l'intelligence.
https://www.spiderfoot.net/#Osint
Extension Firefox pour convertir le favicon en MurmurHash.
https://addons.mozilla.org/fr/firefox/addon/favicon-to-murmurhash/#Osint
Tweet par EPCyber sur un sujet non précisé.
https://twitter.com/epcyber/status/1630207876382744584?t=LE4pnzCmIpedmrZag1qdrg&s=19#Osint
Outil pour l'analyse et la collecte d'informations dans le cloud.
https://github.com/7WaySecurity/cloud_osint#Osint
Outil pour la collecte d'informations exposées.
https://github.com/utkusen/wholeaked#Osint
Outil pour l'analyse des menaces et de l'intelligence.
https://github.com/smicallef/spiderfoot#Osint
Outil pour la recherche par image.
https://github.com/dessant/search-by-image#Osint
Personnalisation de PimEyes pour contourner les restrictions.
https://github.com/ItsIgnacioPortal/PimEyes-Crack-UserStyle#Osint
Outil de recherche visuelle de Pinterest.
https://help.pinterest.com/fr/article/pinterest-lens#Osint
Générateur de dorks pour les recherches Google.
https://yuraloginoff.github.io/dork-generator/#Osint
Outil pour la recherche de fuites d'informations sur les employés.
https://github.com/infobyte/emploleaks#Osint
Outil pour obtenir l'adresse IP distante d'un utilisateur Telegram.
https://github.com/lleon1435/telegram-get-remote-ip#Osint
Articles par Sam0x90 sur le renseignement sur les menaces.
https://github.com/Sam0x90/CTI#Osint
Analyse du renseignement basée sur les graphes.
https://linkurious.com/blog/graph-based-intelligence-analysis/#Osint
Outil pour la collecte d'informations sur WhatsApp.
https://github.com/jasperan/whatsapp-osint#Osint
Outil pour la recherche de mémoires compromis.
https://github.com/travisbrown/memory.lol#Osint
Fondamentaux du renseignement sur les menaces.
https://github.com/curated-intel/CTI-fundamentals#Osint
Système d'interconnexion des registres de propriété bénéficiaire.
https://e-justice.europa.eu/38590/EN/beneficial_ownership_registers_interconnection_system_boris?EUROPEAN_UNION&action=maximize&idSubpage=1#Osint
Collection d'outils OSINT.
https://github.com/cipher387/osint_stuff_tool_collection#Osint
Extension Firefox pour la gestion de notes.
https://addons.mozilla.org/fr/firefox/addon/noobox_2/#Osint
Extension Firefox pour la gestion de comptes.
https://addons.mozilla.org/fr/firefox/addon/multi-account-containers/#Osint
Outil pour l'analyse de l'information en ligne.
https://scanner.deepware.ai/#Osint
Post de forum par Analyst1.
https://analyst1.com/this-forum-is-a-bunch-of-communists-and-they-set-me-up-lockbit-spills-the-tea-regarding-their-recent-ban-on-russian-speaking-forums/#Osint
Forum pour la discussion des violations de données.
https://breachforums.is/showthread.php?tid=97611#Osint
Outils pour l'investigation sur les entreprises.
https://www.societe.ninja/index.html#Osint
Extension pour la gestion des onglets Chrome.
https://extpose.com/ext/haogkfoekgcdihiijdhjnpnbbodkgfmb#Osint
Guide pour l'anonymat en ligne.
https://anonymousplanet.org/guide.html#Osint
Outil pour l'analyse des métadonnées.
https://github.com/franckferman/MetaDetective#Osint
Liste d'extensions de navigateur pour l'OSINT.
https://github.com/osintambition/Awesome-Browser-Extensions-for-OSINT#Osint
Introduction to fuzzing - YouTube
https://www.youtube.com/watch?v=o-3c2OGsxlk#Programming
Array Map in 100 Seconds - YouTube
https://www.youtube.com/watch?v=DC471a9qrU4#Programming
Chaîne YouTube Low Level Learning
https://www.youtube.com/@LowLevelLearning#Programming
DATA STRUCTURES you MUST know (as a Software Developer) - YouTube
https://www.youtube.com/watch?v=sVxBVvlnJsM#Programming
LLVM et les runtime modernes - YouTube
https://www.youtube.com/watch?v=AeQzAfrxbe4#Programming
Pyrser Selector Language par Lionel Auroux - YouTube
https://www.youtube.com/watch?v=POk5X6QGRRU#Programming
COMMENT DEVELOPPER UN INTERPRÉTEUR ASSEMBLEUR EN GOLANG #golangtuto - YouTube
https://www.youtube.com/watch?v=FcTAHvmGxf8#Programming
Créer un compilateur avec LLVM et ANTLR4 - YouTube
https://www.youtube.com/watch?v=2teHuAAvQeI#Programming
LSE Week - Discovery of Pyrser - Lionel Auroux - YouTube
https://www.youtube.com/watch?v=FY4U2gQcoXo#Programming
Utilisation de Tesseract pour l'OCR
https://nanonets.com/blog/ocr-with-tesseract/#Programming
Cheat sheet pour supprimer des conteneurs Docker
https://shisho.dev/blog/posts/docker-remove-cheatsheet/#Programming
Guide de piratage du runtime Golang
https://github.com/golang/go/blob/master/src/runtime/HACKING.md#Programming
Introduction aux threads en C/C++
https://ocamil.com/index.php/c-c/c-c-les-thread#Programming
AI For Beginners par Microsoft
https://github.com/microsoft/AI-For-Beginners#Programming
Writeups de CTF sur le shellcoding
https://github.com/VulnHub/ctf-writeups/blob/master/2015/ringzer0/shellcoding.md#Programming
Nouvelle méthode de calcul matriciel en IA
https://trustmyscience.com/intelligence-artificielle-nouvelle-methode-calcul-matriciel-acceleration-ordinateurs/#Programming
Articles par Moles sur Trust My Science
https://trustmyscience.com/author/moles/#Programming
Guide sur les expressions régulières en Python sur W3Schools
https://www.w3schools.com/python/python_regex.asp#Programming
Introduction to Machine Learning - Partie 1
https://ahampriyanshu.com/blog/intro-to-ml-part-1-introduction/#Programming
TheAlgorithms GitHub Repository
https://github.com/TheAlgorithms#Programming
Bibliothèque Empire Listeners
https://github.com/EmpireProject/Empire/blob/master/lib/listeners/#Programming
Gestion de la mémoire et collecte des déchets en Python
https://towardsdatascience.com/memory-management-and-garbage-collection-in-python-c1cb51d1612c#Programming
Documentation PyDoc pour Python
https://docs.python.org/fr/3/library/pydoc.html#Programming
Z3 Playground par 0vercl0k
https://github.com/0vercl0k/z3-playground#Programming
Cours CryptoZombies sur la blockchain
https://cryptozombies.io/en/course/#Programming
Décodage des erreurs de Rust
https://medium.com/swlh/unwrapping-rusts-errors-552e583e2963#Programming
Cours Rust pour débutants
https://training.zeropointsecurity.co.uk/courses/rust-for-n00bs#Programming
Guide des intrinsics Intel
https://www.intel.com/content/www/us/en/docs/intrinsics-guide/index.html#Programming
LazyGit GitHub Repository
https://github.com/jesseduffield/lazygit#Programming
Cours Rust offensif
https://redteamsorcery.teachable.com/p/offensive-rust#Programming
Rust Tips and Tricks par Kudaes
https://github.com/Kudaes/rust_tips_and_tricks#Programming
Exemples Flask par Swafox
https://github.com/Swafox/Flask-examples#Programming
Langage de programmation Inox
https://github.com/inoxlang/inox#Programming
Ce que j'ai appris sur les méthodes formelles
https://jakob.space/blog/what-ive-learned-about-formal-methods.html#Programming
Py-Tree-Sitter par Tree-Sitter
https://github.com/tree-sitter/py-tree-sitter#Programming
Exercices de programmation Exercism
https://exercism.org/#Programming
Plongée profonde dans le VM de Python - Load Const Bug
https://doar-e.github.io/blog/2014/04/17/deep-dive-into-pythons-vm-story-of-load_const-bug/#Programming
Introduction à la pagination
https://os.phil-opp.com/paging-introduction/#Programming
Écriture d'un débogueur Windows - Partie 2
https://www.codeproject.com/Articles/132742/Writing-Windows-Debugger-Part-2#Programming
Compilers: Principles, Techniques, and Tools
https://a.co/d/hUXgWDr#Programming
Tutoriel sur l'obfuscation avec LLVM
https://github.com/quarkslab/llvm-passes/blob/master/doc/llvm_obfuscation_tutorial.rst#Programming
Bachelor's Thesis by Marius Schulz
https://github.com/mariusschulz/bachelors-thesis/blob/master/thesis.pdf#Programming
CLOC (Count Lines of Code) GitHub Repository
https://github.com/AlDanial/cloc#Programming
Software Engineering Notes - Clean Architecture
https://github.com/LordNoteworthy/software-engineering-notes/blob/main/Clean-Architecture.md#Programming
Intro to C for Windows Developers - SANS Webcast
https://www.sans.org/webcasts/intro-c-windows-devs/#Programming
LIEF (Library to Instrument Executable Formats) GitHub Repository
https://github.com/lief-project/LIEF#Programming
Writing a Windows Fuzzer from Scratch
https://www.legacyy.xyz/vr/windows/2023/10/23/writing-a-windows-fuzzer-from-scratch.html#Programming
Gephi (Graph Visualization and Manipulation Software) GitHub Repository
https://github.com/gephi/gephi#Programming
Graph Databases with Neo4j
https://www.infoq.com/fr/articles/graph-nosql-neo4j/#Programming
Neo4j Labs GitHub Repository
https://github.com/neo4j-labs/neo4rs#Programming
Aura Graph Database by Neo4j
https://neo4j.com/cloud/platform/aura-graph-database/?ref=nav-get-started-cta#Programming
Raspberry Pi OS Tutorials with Rust
https://github.com/rust-embedded/rust-raspberrypi-OS-tutorials#Programming
Binary Tree on Wikipedia
https://fr.wikipedia.org/wiki/Arbre_binaire#Programming
Awesome Rust GitHub Repository
https://github.com/rust-unofficial/awesome-rust#Programming
Write a C Interpreter Tutorial
https://github.com/lotabout/write-a-C-interpreter/tree/master/tutorial/en#Programming
Compilers: Principles, Techniques, and Tools
https://www.amazon.com/Compilers-Principles-Techniques-Tools-2nd/dp/0321486811#Programming
Bell Labs on Wikipedia
https://fr.wikipedia.org/wiki/Laboratoires_Bell#Programming
Bifrost GitHub Repository
https://github.com/its-a-feature/bifrost#Programming
Docker Update Container on Code Change
https://stackoverflow.com/questions/63279765/docker-how-to-update-your-container-when-your-code-changes#Programming
Unreal Engine C++ Quick Start Guide
https://docs.unrealengine.com/5.3/en-US/unreal-engine-cpp-quick-start/#Programming
Computation Subtyping
https://okmij.org/ftp/Computation/Subtyping/#Programming
Vidéo sur l'ingénierie sociale dans le noyau Windows
https://www.youtube.com/watch?v=eF-nJnPycXs#Pwn
Vidéo sur l'exploitation de heap
https://www.youtube.com/watch?v=1xGss7qd6oA#Pwn
Vidéo sur le dépassement de tampon dans les environnements iOS/Android ARM64
https://www.youtube.com/watch?v=CmTA05bcawk#Pwn
Vidéo sur les techniques d'exploitation du noyau Windows
https://www.youtube.com/watch?v=f8hTwFpRphU#Pwn
Vidéo sur l'exploitation du noyau Windows 10
https://www.youtube.com/watch?v=Gu_5kkErQ6Y#Pwn
Explication simple des attaques Rowhammer
https://www.youtube.com/watch?v=rGaF15-ko5w#Pwn
Vidéo sur le Temple Of Pwn 12 - Ret2DlResolve
https://www.youtube.com/watch?v=6qMabyX0yPw#Pwn
Vidéo sur l'exploitation binaire de heap avec Matt E!
https://www.youtube.com/watch?v=Im1SqwOVsEQ#Pwn
Introduction à l'exploitation de heap
https://www.youtube.com/watch?v=nnF4Avttbns#Pwn
Exploitation binaire : Les raiders du chunk perdu par Thomas DUBIER
https://www.youtube.com/watch?v=zcLQ4YrgfNQ#Pwn
Conditions de course et vulnérabilité Time of Check to Time of Use (TOCTTOU)
https://www.youtube.com/watch?v=PH73lpG2B1M#Pwn
Utilisation de Seccomp pour limiter la surface d'attaque du noyau
https://www.youtube.com/watch?v=q6n4Q3lgjSA#Pwn
Explication sur le ROP (Return Oriented Programming)
https://www.youtube.com/watch?v=zRI8diZTEB0#Pwn
Exploitation binaire - Heap-Based Partie 2 - Double free
https://www.youtube.com/watch?v=NTSiUtzbWQs#Pwn
Introduction aux bases du dépassement de tampon de heap
https://www.youtube.com/watch?v=LsA-bYhPS6s#Pwn
Cadres de pile (System V AMD64 ABI)
https://www.youtube.com/watch?v=JO6GkjJvkTk#Pwn
Découverte de pwntools avec switch & masterfox
https://www.youtube.com/watch?v=y5gsiVjfPHg#Pwn
Exploitation de heap Glibc pour le plaisir et le profit
https://www.youtube.com/watch?v=U7EwhCQBRZM#Pwn
Introduction basique à Heap Feng Shui
https://www.youtube.com/watch?v=zWgS6fTw4Ts#Pwn
Exploitation binaire Pwn
https://www.youtube.com/playlist?list=PL1-BhNrIYWnm3HK-8PBL-qhHwWjI-mjb8#Pwn
1, 2, 3, PWNED ! par Louka Jacques-Chevallier
https://www.youtube.com/watch?v=hmt8M9YLwTg#Pwn
Exploitation de la faille DRAM Rowhammer pour obtenir des privilèges noyau
https://www.youtube.com/watch?v=0U7511Fb4to#Pwn
Trouver le dépassement de tampon avec le fuzzing
https://www.youtube.com/watch?v=Do1Ri8TCF0Q#Pwn
François Boisson : Buffer Overflow ou explication de «une faille d...
https://www.youtube.com/watch?v=u-OZQkv2ebw&start=1s#Pwn
Internes de Windows
https://www.youtube.com/playlist?list=PLIXt8mu2KcUL5-5xyMnwD2yGP1__45QqO#Pwn
Exploitation binaire - Buffer overflow Heap Based partie 1
https://www.youtube.com/watch?v=PFqEKkj7wWs#Pwn
Société de sécurité de l'information et des systèmes
https://youtube.com/channel/UCofdfNbVHmhmYhSQriJhLag#Pwn
37C3 - Operation Triangulation: What You Get When Attack iPhones o...
https://www.youtube.com/watch?v=1f6YyH62jFE#Pwn
The Heap: what does malloc() do? - bin 0x14
https://www.youtube.com/watch?v=HPDBOhiKaD8#Pwn
HEXACON2022 - Life and death of an iOS attacker by Luca Todesco
https://www.youtube.com/watch?v=8mQAYeozl5I#Pwn
Blind Buffer Overflow exploitation to leak secret data - rhme2 Anim...
https://www.youtube.com/watch?v=SstD1O4_kwc#Pwn
Flipping Bits in Memory Without Accessing Them - Papers...
https://www.youtube.com/watch?v=1iBpLhFN_OA#Pwn
How do use-after-free exploits work? - bin 0x16
https://www.youtube.com/watch?v=ZHghwsTRyzQ#Pwn
String Oriented Programming
https://www.youtube.com/watch?v=DvtBCSYwTiA#Pwn
Temple Of PWN
https://youtube.com/playlist?list=PLiCcguURxSpbD9M0ha-Mvs-vLYt-VKlWt#Pwn
Write Up - Blind rop
https://www.youtube.com/watch?v=pGOGITkVzuM#Pwn
Qu'est ce que le Heap Spray ?
https://www.youtube.com/watch?v=woKGxIrKFBc#Pwn
Hacking Livestream #25: Blind ROP
https://www.youtube.com/watch?v=OAk23u9b-88#Pwn
Reverse Engineering #0 - Reverse un programme (cracking dynamique a...
https://www.youtube.com/watch?v=kyq4V3UtA5w#Pwn
Bypass NX/ASLR via leak de la libc
https://www.youtube.com/watch?v=8skdPGCEuxE#Pwn
Browser Exploitation
https://youtube.com/playlist?list=PLhixgUqwRTjwufDsT1ntgOY9yjZgg5H_t#Pwn
Browser Exploitation - Max Zinkus
https://www.youtube.com/watch?v=3szZpS58Dqg#Pwn
OCR with Tesseract - NanoNets Blog
https://nanonets.com/blog/ocr-with-tesseract/#Pwn
Docker Remove Cheatsheet
https://shisho.dev/blog/posts/docker-remove-cheatsheet/#Pwn
Go Runtime Hacking
https://github.com/golang/go/blob/master/src/runtime/HACKING.md#Pwn
C/C++ Les Thread - Ocamil
https://ocamil.com/index.php/c-c/c-c-les-thread#Pwn
AI For Beginners - Microsoft
https://github.com/microsoft/AI-For-Beginners#Pwn
CTF Writeups - VulnHub
https://github.com/VulnHub/ctf-writeups/blob/master/2015/ringzer0/shellcoding.md#Pwn
Nouvelle Méthode Calcul Matriciel - Trust My Science
https://trustmyscience.com/intelligence-artificielle-nouvelle-methode-calcul-matriciel-acceleration-ordinateurs/#Pwn
Auteur Moles - Trust My Science
https://trustmyscience.com/author/moles/#Pwn
Python Regex - W3Schools
https://www.w3schools.com/python/python_regex.asp#Pwn
Introduction to Machine Learning - Ahampriyanshu
https://ahampriyanshu.com/blog/intro-to-ml-part-1-introduction/#Pwn
Empire Listeners
https://github.com/EmpireProject/Empire/blob/master/lib/listeners/#Pwn
Memory Management in Python
https://towardsdatascience.com/memory-management-and-garbage-collection-in-python-c1cb51d1612c#Pwn
Bachelors Thesis
https://github.com/mariusschulz/bachelors-thesis/blob/master/thesis.pdf#Pwn
Clean Architecture
https://github.com/LordNoteworthy/software-engineering-notes/blob/main/Clean-Architecture.md#Pwn
Intro to C for Windows Devs
https://www.sans.org/webcasts/intro-c-windows-devs/#Pwn
Writing a Windows Fuzzer from Scratch
https://www.legacyy.xyz/vr/windows/2023/10/23/writing-a-windows-fuzzer-from-scratch.html#Pwn
Neo4j Aura Graph Database
https://neo4j.com/cloud/platform/aura-graph-database/?ref=nav-get-started-cta#Pwn
Raspberry Pi OS Tutorials
https://github.com/rust-embedded/rust-raspberrypi-OS-tutorials#Pwn
Binary Tree - Wikipedia FR
https://fr.wikipedia.org/wiki/Arbre_binaire#Pwn
Write a C Interpreter
https://github.com/lotabout/write-a-C-interpreter/tree/master/tutorial/en#Pwn
Compilers: Principles, Techniques, and Tools
https://www.amazon.com/Compilers-Principles-Techniques-Tools-2nd/dp/0321486811#Pwn
Bell Labs - Wikipedia FR
https://fr.wikipedia.org/wiki/Laboratoires_Bell#Pwn
Docker Update Container on Code Change
https://stackoverflow.com/questions/63279765/docker-how-to-update-your-container-when-your-code-changes#Pwn
Unreal Engine C++ Quick Start
https://docs.unrealengine.com/5.3/en-US/unreal-engine-cpp-quick-start/#Pwn
C23: A Slightly Better C
https://lemire.me/blog/2024/01/21/c23-a-slightly-better-c/#Pwn
LVGL Monthly Newsletter
https://blog.lvgl.io/2024-01-23/monthly-newsletter#Pwn
You Probably Don't Need to Learn C
https://nedbatchelder.com/blog/202401/you_probably_dont_need_to_learn_c.html#Pwn
Lord of the Ring0 Part 1
https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html#Pwn
How do use-after-free exploits work? - bin 0x16
https://www.youtube.com/watch?v=ZHghwsTRyzQ#Pwn
The Heap: How does malloc() work? - bin 0x14
https://www.youtube.com/watch?v=HPDBOhiKaD8#Pwn
Optimize Python - Lightender Blog
https://blog.lightender.fr/articles/optimizePython#Pwn
Tweet - Franc0Fernand0
https://twitter.com/Franc0Fernand0/status/1803763733224698124?t=jWrnAc4mmcdBJiMGPeljvQ&s=19#Pwn
BROP - README.md
https://github.com/nushosilayer8/pwn/blob/master/brop/README.md#Pwn
Null Byte Poisoning - 0x00sec
https://0x00sec.org/t/null-byte-poisoning-the-magic-byte/3874#Pwn
Signal Oriented Programming - Development
https://devel0pment.de/?p=688#Pwn
The Heap: How do use-after-free exploits work? - bin 0x16
https://www.youtube.com/watch?v=ZHghwsTRyzQ#Pwn
Introduction to the Heap - Ir0nstone
https://ir0nstone.gitbook.io/notes/types/heap/introduction-to-the-heap#Pwn
Heap-Based Buffer Overflow
https://www.0x0ff.info/2014/heap-based-buffer-overflow/#Pwn
Linux Heap Exploitation - Sensepost
https://sensepost.com/blog/2018/linux-heap-exploitation-intro-series-set-you-free-part-1/#Pwn
Signal Oriented Programming - Development
https://devel0pment.de/?p=688#Pwn
Return-Oriented Programming (ROP) - InfoSecFrench
https://www.youtube.com/watch?v=Do1Ri8TCF0Q#Pwn
Linux Heap Exploitation
https://courseupload.com/linux-heap-exploitation-200321/#Pwn
PicoCTF 2019 Heap Challenges
https://faraz.faith/2019-10-12-picoctf-2019-heap-challs/#Pwn
Signal-Oriented Programming - Stormshield
https://thisissecurity.stormshield.com/2015/01/03/playing-with-signals-an-overview-on-sigreturn-oriented-programming/#Pwn
Mehdi Talbi - Stormshield
https://thisissecurity.stormshield.com/author/mehditalbi/#Pwn
SROP - README.md
https://github.com/nushosilayer8/pwn/blob/master/srop/README.md#Pwn
Awesome Browser Exploit
https://github.com/Escapingbug/awesome-browser-exploit#Pwn
Binary Exploitation - Welchbj
https://github.com/welchbj/ctf/blob/master/docs/binary-exploitation.md#Pwn
Linux/Unix Privilege Escalation - HackTricks
https://book.hacktricks.xyz/linux-unix/privilege-escalation/seccomp#Pwn
Day 0 - zlkidda
https://medium.com/@zlkidda/day-0-quest-for-my-first-zero-day-writing-my-shell-code-847f493b71d0#Pwn
Getting into Browser Exploitation
https://liveoverflow.com/getting-into-browser-exploitation-new-series-introduction-browser-0x00/#Pwn
Shellcoding Cheatsheet - Sec4Us
https://sec4us.com.br/cheatsheet/shellcoding#Pwn
PBCTF 2021 Nightclub Writeup
https://www.willsroot.io/2021/10/pbctf-2021-nightclub-writeup-more-fun.html#Pwn
FILE Structure Exploitation - Perfect Blue Blog
https://blog.perfect.blue/FILE-Structure-Exploitation/#Pwn
Browser Exploitation - Connor McGarr
https://connormcgarr.github.io/browser1/#Pwn
HackSys Extreme Vulnerable Driver - GitHub
https://github.com/hacksysteam/HackSysExtremeVulnerableDriver#Pwn
Buffer Overflow Guide - Alomancy
https://alomancy.gitbook.io/guides/guides/bof#Pwn
Complete Guide to Stack Buffer Overflow - Steflan Security
https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/#Pwn
Stefano Lanaro - Steflan Security
https://steflan-security.com/author/stefano-lanaro96/#Pwn
Heap Exploitation Video - Tenor
https://media.tenor.co/videos/52d59aa7bbbb13d7e964f0267c618fb8/mp4#Pwn
Satellite Bus Writeup - Solar-Wine
https://github.com/solar-wine/writeups/blob/master/Satellite%20Bus/Sun%3F%20On%20my%20Sat%3F%20Again%3F/writeup.md#Pwn
Browser Exploitation Video
https://www.youtube.com/watch?v=kyq4V3UtA5w#Pwn
Browser Exploitation Channel - InfoSec
https://www.youtube.com/channel/UC7iUQz7WRKyJFn6p51tJwfQ#Pwn
Understanding GLIBC Malloc - SploitFun
https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/#Pwn
Safe Linking - Checkpoint Research
https://research.checkpoint.com/2020/safe-linking-eliminating-a-20-year-old-malloc-exploit-primitive/#Pwn
Safe Linking Mitigation - Research Innovations
https://www.researchinnovations.com/post/bypassing-the-upcoming-safe-linking-mitigation#Pwn
Tweet - Podalirius
https://twitter.com/podalirius_/status/1433367842582405122#Pwn
Null Pointer Bypass - cr0 Blog
https://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html#Pwn
NES Console Writing - Copetti
https://www.copetti.org/writings/consoles/nes/#Pwn
Dropping SUID Rights in Shellcodes - Podalirius
https://podalirius.net/fr/articles/unix-shells-dropping-suid-rights-in-shellcodes/#Pwn
Writing Your First Shellcode - Zeste de Savoir
https://zestedesavoir.com/articles/158/ecrivez-votre-premier-shellcode-en-asm-x86/#Pwn
Linux Kernel ROP Part 1 - Trustwave
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/linux-kernel-rop-ropping-your-way-to-part-1/#Pwn
Linux Kernel ROP Part 2 - Trustwave
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/linux-kernel-rop-ropping-your-way-to-part-2/#Pwn
SMEP Bypass Techniques - Vitaly Nikolenko
https://fr.slideshare.net/VitalyNikolenko/linux-smep-bypass-techniques#Pwn
SMEP/KASLR Bypass - Blackbunny
https://web.archive.org/web/20171029060939/http://www.blackbunny.io/linux-kernel-x86-64-bypass-smep-kaslr-kptr_restric/#Pwn
Sécurité matérielle et systèmes
https://www.amazon.fr/S%C3%A9curit%C3%A9-mat%C3%A9rielle-syst%C3%A8mes-Vuln%C3%A9rabilit%C3%A9-dexploitation/dp/210079096X#Pwn
Double Free Attacks - Sensepost
https://sensepost.com/blog/2017/linux-heap-exploitation-intro-series-riding-free-on-the-heap-double-free-attacks/#Pwn
Hardened Flag Store - Bruce30262
https://bruce30262.github.io/hxp-CTF-2017-hardened-flag-store/#Pwn
Linux/Unix Privilege Escalation - HackTricks
https://book.hacktricks.xyz/linux-unix/privilege-escalation/seccomp#Pwn
Day 0 - zlkidda
https://medium.com/@zlkidda/day-0-quest-for-my-first-zero-day-writing-my-shell-code-847f493b71d0#Pwn
ROPing on Aarch64 - Perfect Blue Blog
https://blog.perfect.blue/ROPing-on-Aarch64#Pwn
FILE Structure Exploitation - Dhaval Kapil
https://dhavalkapil.com/blogs/FILE-Structure-Exploitation/#Pwn
Tweet - CyberWarship
https://twitter.com/CyberWarship/status/1455545245513527298/photo/1#Pwn
FILE Structure Exploitation - Perfect Blue Blog
https://blog.perfect.blue/FILE-Structure-Exploitation/#Pwn
Browser Exploitation - Connor McGarr
https://connormcgarr.github.io/browser1/#Pwn
HackSys Extreme Vulnerable Driver - GitHub
https://github.com/hacksysteam/HackSysExtremeVulnerableDriver#Pwn
Buffer Overflow Guide - Alomancy
https://alomancy.gitbook.io/guides/guides/bof#Pwn
Complete Guide to Stack Buffer Overflow - Steflan Security
https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/#Pwn
Stefano Lanaro - Steflan Security
https://steflan-security.com/author/stefano-lanaro96/#Pwn
Heap Exploitation Video - Tenor
https://media.tenor.co/videos/52d59aa7bbbb13d7e964f0267c618fb8/mp4#Pwn
Satellite Bus Writeup - Solar-Wine
https://github.com/solar-wine/writeups/blob/master/Satellite%20Bus/Sun%3F%20On%20my%20Sat%3F%20Again%3F/writeup.md#Pwn
Browser Exploitation Video
https://www.youtube.com/watch?v=kyq4V3UtA5w#Pwn
Browser Exploitation Channel - InfoSec
https://www.youtube.com/channel/UC7iUQz7WRKyJFn6p51tJwfQ#Pwn
Understanding GLIBC Malloc - SploitFun
https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/#Pwn
Safe Linking - Checkpoint Research
https://research.checkpoint.com/2020/safe-linking-eliminating-a-20-year-old-malloc-exploit-primitive/#Pwn
Safe Linking Mitigation - Research Innovations
https://www.researchinnovations.com/post/bypassing-the-upcoming-safe-linking-mitigation#Pwn
Tweet - Podalirius
https://twitter.com/podalirius_/status/1433367842582405122#Pwn
Null Pointer Bypass - cr0 Blog
https://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html#Pwn
NES Console Writing - Copetti
https://www.copetti.org/writings/consoles/nes/#Pwn
Dropping SUID Rights in Shellcodes - Podalirius
https://podalirius.net/fr/articles/unix-shells-dropping-suid-rights-in-shellcodes/#Pwn
Writing Your First Shellcode - Zeste de Savoir
https://zestedesavoir.com/articles/158/ecrivez-votre-premier-shellcode-en-asm-x86/#Pwn
Linux Kernel ROP Part 1 - Trustwave
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/linux-kernel-rop-ropping-your-way-to-part-1/#Pwn
Linux Kernel ROP Part 2 - Trustwave
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/linux-kernel-rop-ropping-your-way-to-part-2/#Pwn
SMEP Bypass Techniques - Vitaly Nikolenko
https://fr.slideshare.net/VitalyNikolenko/linux-smep-bypass-techniques#Pwn
SMEP/KASLR Bypass - Blackbunny
https://web.archive.org/web/20171029060939/http://www.blackbunny.io/linux-kernel-x86-64-bypass-smep-kaslr-kptr_restric/#Pwn
Sécurité matérielle et systèmes
https://www.amazon.fr/S%C3%A9curit%C3%A9-mat%C3%A9rielle-syst%C3%A8mes-Vuln%C3%A9rabilit%C3%A9-dexploitation/dp/210079096X#Pwn
Double Free Attacks - Sensepost
https://sensepost.com/blog/2017/linux-heap-exploitation-intro-series-riding-free-on-the-heap-double-free-attacks/#Pwn
Hardened Flag Store - Bruce30262
https://bruce30262.github.io/hxp-CTF-2017-hardened-flag-store/#Pwn
Linux/Unix Privilege Escalation - HackTricks
https://book.hacktricks.xyz/linux-unix/privilege-escalation/seccomp#Pwn
Day 0 - zlkidda
https://medium.com/@zlkidda/day-0-quest-for-my-first-zero-day-writing-my-shell-code-847f493b71d0#Pwn
ROPing on Aarch64 - Perfect Blue Blog
https://blog.perfect.blue/ROPing-on-Aarch64#Pwn
FILE Structure Exploitation - Dhaval Kapil
https://dhavalkapil.com/blogs/FILE-Structure-Exploitation/#Pwn
Tweet - CyberWarship
https://twitter.com/CyberWarship/status/1455545245513527298/photo/1#Pwn
Linux Kernel Pwn Basics - MEM2019
https://mem2019.github.io/jekyll/update/2019/01/11/Linux-Kernel-Pwn-Basics.html#Pwn
Fastbin Attack - Guy in a Tuxedo
https://guyinatuxedo.github.io/28-fastbin_attack/explanation_fastbinAttack/index.html#Pwn
CCSC 2021 Writeups - Csotiriou
https://blog.csotiriou.com/post/ccsc-2021-writeups/#Pwn
Format String Attack - OWASP
https://owasp.org/www-community/attacks/Format_string_attack#Pwn
Day 0 Podcast
https://dayzerosec.com/podcast/ddr4-rowhammer-azure-bugs-essential-0days-and-backdoored-ida.html#Pwn
SLUB Overflow - Docfate111
https://docfate111.github.io/blog/securityresearch/2021/11/08/SLUBoverflow.html#Pwn
Exploiting DRAM Rowhammer Bug - Google Project Zero
https://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html#Pwn
Attacking Co-hosted VM - Stormshield
https://thisissecurity.stormshield.com/2017/10/19/attacking-co-hosted-vm-hacker-hammer-two-memory-modules/#Pwn
Rampage Attack Explained - Cyber.tn
https://cyber.tn/rampage-attack-explained-exploiting-rowhammer-on-android-again/#Pwn
FCSC 2020 Writeups - GW3L
https://github.com/gw3l/FCSC-2020-Writeups/blob/master/HelloRootkitty.md#Pwn
Exploit Mitigations Disabled - red0xff
https://red0xff.github.io/posts/when_exploit_mitigations_are_disabled_on_modern_systems/#Pwn
Hello Rootkitty - Hug0 Vincent
https://hug0vincent.github.io/2020/05/hello-rootkitty/#Pwn
Rowhammer FFS DDR3 - Hammertux
https://github.com/hammertux/hammertux.github.io/blob/master/_posts/2021-02-19-rowhammer-ffs-ddr3.md#Pwn
BROP Attack - YT Liu
https://web.archive.org/web/20180228212208/https://ytliu.info/blog/2014/05/31/blind-return-oriented-programming-brop-attack-yi/#Pwn
TokyoWesterns CTF 2018 Write-Up - david942j
https://david942j.blogspot.com/2018/09/write-up-tokyowesterns-ctf-2018.html#Pwn
Linux Kernel Exploitation - xairy
https://github.com/xairy/linux-kernel-exploitation#Pwn
Null Pointer Dereference Exploitation - w3challs Blog
http://web.archive.org/web/20160404210408/http://blog.w3challs.com/index.php?post/2014/01/19/D%C3%A9r%C3%A9f%C3%A9rencement-de-pointeur-NULL-Exploitation-du-kernel-pour-les-nuls#Pwn
Azeria Labs Cheatsheet
https://azeria-labs.com/downloads/cheatsheetv1.1-1920x1080.png#Pwn
Windows Memory Corruption Exploits Part I - CyberArk
https://www.cyberark.com/resources/threat-research-blog/a-modern-exploration-of-windows-memory-corruption-exploits-part-i-stack-overflows#Pwn
Linux Kernel Pwn - Efiens Blog
https://blog.efiens.com/post/midas/linux-kernel-pwn-modprobe/#Pwn
Binary Function Analysis - Quarkslab
https://blog.quarkslab.com/weisfeiler-lehman-graph-kernel-for-binary-function-analysis.html#Pwn
UAF Mitigation and Bypass - Yumpu
https://www.yumpu.com/en/document/read/35526819/demott-uaf-migitation-and-bypass/64#Pwn
Browser Exploitation - Connor McGarr
https://connormcgarr.github.io/browser1/#Pwn
HackSys Extreme Vulnerable Driver - GitHub
https://github.com/hacksysteam/HackSysExtremeVulnerableDriver#Pwn
Buffer Overflow Guide - Alomancy
https://alomancy.gitbook.io/guides/guides/bof#Pwn
Complete Guide to Stack Buffer Overflow - Steflan Security
https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/#Pwn
BROP Attack - YT Liu
http://web.archive.org/web/20160504121503/http://ytliu.info/blog/2014/05/31/blind-return-oriented-programming-brop-attack-yi/#Pwn
Linux Insides Theory - 0xAX
https://0xax.gitbooks.io/linux-insides/content/Theory/linux-theory-1.html#Pwn
GDB Debugging Guide - anvbis
https://gist.github.com/anvbis/64907e4f90974c4bdd930baeb705dedf#Pwn
Source Engine RCE - Secret Club
https://secret.club/2021/05/13/source-engine-rce-join.html#Pwn
Linux Insides Theory - 0xAX
https://0xax.gitbooks.io/linux-insides/content/Theory/linux-theory-1.html#Pwn
Linux Initialization - 0xAX
https://github.com/0xAX/linux-insides/blob/master/Initialization/linux-initialization-1.md#Pwn
TempleOfPwn Exploit - GitHub
https://github.com/LMS57/TempleOfPwn/blob/main/fsop/exploit.py#Pwn
Format Strings GOT Overwrite - Ret2ROP Blog
https://ret2rop.blogspot.com/2018/10/format-strings-got-overwrite-remote.html?m=1#Pwn
Exploitation Stack Buffer Overflow - Zenika Blog
https://blog.zenika.com/2021/02/22/exploitation-stack-buffer-overflow-blind-return-oriented-programming/amp/#Pwn
Web Security Articles - GitHub
https://github.com/zongdeiqianxing/WebSecurityArticles/blob/e2f5e3db5cc28ed1c0232a0ef3352246e75540a0/xz.aliyun.com/xianzhi-all.20200905.md#Pwn
Google CTF Pwn CFI - GitHub
https://github.com/google/google-ctf/blob/master/2017/quals/2017-pwn-cfi/challenge/exploit.py#Pwn
Memory Corruption Without Corruption - GitHub Blog
https://github.blog/2022-07-27-corrupting-memory-without-memory-corruption/#Pwn
SLUB Refresher - Paolo Monti
https://github.com/PaoloMonti42/salt/blob/master/docs/0x00_SLUB_refresher.md#Pwn
Heap Overflow Study - Samsung KSPP
https://samsung.github.io/kspp-study/heap-ovfl.html#Pwn
Braindead Buffer Overflow Guide - Boschko
https://boschko.ca/braindead-buffer-overflow-guide-to-pass-the-oscp-blindfolded/#Pwn
Linux Kernel Exploitation CTF - 0x434b
https://0x434b.dev/dabbling-with-linux-kernel-exploitation-ctf-challenges-to-learn#Pwn
FCSC 2022 Writeup - Voydstack
https://github.com/voydstack/FCSC2022/blob/main/pwn/formatage/README.md#Pwn
Learning Browser Exploitation - Bruce30262
https://bruce30262.github.io/Learning-browser-exploitation-via-33C3-CTF-feuerfuchs-challenge/#Pwn
Linux Source Scripts - Elixir
https://elixir.bootlin.com/linux/latest/source/scripts#Pwn
Linux Kernel Blog - Guillaume Gomez
https://blog.guillaume-gomez.fr/Linux-kernel/1/1#Pwn
StarCTF OOB V8 - Faraz Faiz
https://faraz.faith/2019-12-13-starctf-oob-v8-indepth/#Pwn
LiveOverflow Browser Exploitation
https://liveoverflow.com/topic/browser-exploitation/#Pwn
Format String Notes - ir0nstone
https://github.com/ir0nstone/pwn-notes/blob/master/types/stack/format-string.md#Pwn
Exploit 101 Format Strings - Axcheron
https://axcheron.github.io/exploit-101-format-strings/#Pwn
House of Corrosion - CptGibbon
https://github.com/CptGibbon/House-of-Corrosion#Pwn
Return to VDSO - Void Security
https://www.voidsecurity.in/2014/12/return-to-vdso-using-elf-auxiliary.html#Pwn
Windows Kernel Exploitation - VulnDev
https://vulndev.io/2022/09/24/windows-kernel-exploitation-arbitrary-memory-mapping-x64/#Pwn
Firefox OOB to RCE - VulnDev
https://vulndev.io/2022/09/09/browser-exploitation-firefox-oob-to-rce/#Pwn
HEVD Use After Free - VulnDev
https://vulndev.io/2022/07/14/windows-kernel-exploitation-hevd-x64-use-after-free/#Pwn
CS6265 Tutorial - Georgia Tech
https://tc.gts3.org/cs6265/2019/tut/tut01-warmup1.html#Pwn
GCTF2021 eBPF - MEM2019
https://mem2019.github.io/jekyll/update/2021/07/19/GCTF2021-eBPF.html#Pwn
Chrome Browser Exploitation - Jhalon
https://jhalon.github.io/chrome-browser-exploitation-1/#Pwn
Integer Overflow Attack - Comparitech
https://www.comparitech.com/blog/information-security/integer-overflow-attack/#Pwn
InverseCos Tweet
https://twitter.com/inversecos/status/1597469492065447941?t=f878mW5pOOvxHppudNt0Sw&s=19#Pwn
Exploiting C++ VTables - Defuse.ca
https://defuse.ca/exploiting-cpp-vtables.htm#Pwn
Apocalypse CTF Writeup - Dplastico
https://dplastico.github.io/2022/05/25/Apocalypse_ctf.html#Pwn
Stack Alignment Ubuntu 18.04 - Cameron Wickes
https://www.cameronwickes.co.uk/stack-alignment-ubuntu-18-04-movaps/#Pwn
Playing with PCI Device Memory - NixHacker
https://nixhacker.com/playing-with-pci-device-memory/#Pwn
Exploiting Off-by-One Buffer Overflow - NixHacker
https://nixhacker.com/exploiting-off-by-one-buffer-overflow/#Pwn
Heap Exploit Intro - TyeYeah
https://tyeyeah.github.io/2021/05/12/2021-05-12-Heap-Exploit-Intro/#Pwn
Linux Kernel Building Exploit Preparation - TyeYeah
https://tyeyeah.github.io/2021/04/20/2021-04-20-Linux-Kernel-Building-Exploit-Preparation/#Pwn
Heap Exploitation in Real World - hac425xxx
https://github.com/hac425xxx/heap-exploitation-in-real-world#Pwn
Gadget Sequence for x86_64 ROP - Void Security
https://www.voidsecurity.in/2013/07/some-gadget-sequence-for-x8664-rop.html#Pwn
ElephantSeal Tweet
https://twitter.com/ElephantSe4l/status/1616986509801930752?t=IPuFavgJxQMNWIwYnhS89g&s=19#Pwn
Exploit Development Playlist - YouTube
https://www.youtube.com/playlist?list=PL1-BhNrIYWnm3HK-8PBL-qhHwWjI-mjb8#Pwn
HEVD Stackoverflow SMEP Bypass - H0mbre
https://h0mbre.github.io/HEVD_Stackoverflow_SMEP_Bypass_64bit/#Pwn
Kernel Exploit Practice - pr0cf5
https://github.com/pr0cf5/kernel-exploit-practice/blob/master/return-to-user/README.md#Pwn
Safe Linking - Check Point Research
https://research.checkpoint.com/2020/safe-linking-eliminating-a-20-year-old-malloc-exploit-primitive/#Pwn
Exploiting DNS Bug - Check Point Research
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin:-exploiting-a-17-year-old-bug-in-windows-dns-servers/#Pwn
Exploiting SIGRed - DataFarm Cybersecurity
https://datafarm-cybersecurity.medium.com/exploiting-sigred-cve-2020-1350-on-windows-server-2012-2016-2019-80dd88594228#Pwn
Linux Kernel Modprobe - Lkmidas
https://lkmidas.github.io/posts/20210223-linux-kernel-pwn-modprobe/#Pwn
Exploitation Series - Blahcat
https://blahcat.github.io/pages/exploitation-series.html#Pwn
ARM Exploitation Guide - AD2001
https://ad2001.gitbook.io/a-noobs-guide-to-arm-exploitation/#Pwn
Abusing Exceptions Part 2 - Bill Demirkapi
https://billdemirkapi.me/abusing-exceptions-for-code-execution-part-2/#Pwn
Exploit Development Playlist - YouTube
https://www.youtube.com/playlist?list=PL1-BhNrIYWnm3HK-8PBL-qhHwWjI-mjb8#Pwn
ROP Tricks - T00sh
https://github.com/t00sh/tosh-codes/blob/master/_posts/2013-08-26-rop-tricks-1.md#Pwn
Exploitation Series - Blahcat
https://blahcat.github.io/pages/exploitation-series.html#Pwn
OpenSSH Pre-Auth Double Free - JFrog
https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/#Pwn
Fastbin Attack - Guy in a Tuxedo
https://guyinatuxedo.github.io/28-fastbin_attack/explanation_fastbinAttack/index.html#Pwn
Fastbin Attack Tutorial - 0x00sec
https://0x00sec.org/t/heap-exploitation-fastbin-attack/3627#Pwn
Linux Kernel Modprobe - Lkmidas
https://lkmidas.github.io/posts/20210223-linux-kernel-pwn-modprobe/#Pwn
ROP Bypass NX ASLR PIE Canary - IronHackers
https://ironhackers.es/en/tutoriales/pwn-rop-bypass-nx-aslr-pie-y-canary/#Pwn
Memory Protections Guide - MDanilor
https://mdanilor.github.io/posts/memory-protections/#Pwn
Nintendo DSi Browser Hack - Farlow
https://farlow.dev/2023/03/02/hacking-the-nintendo-dsi-browser#Pwn
ARM IoT Exploit Lab - Ringzer0
https://www.ringzer0.training/archive/2022-august/arm-iot-exploitlab.html#Pwn
HackSecureIMS - Lexterl33t
https://github.com/Lexterl33t/hacksecureims/blob/main/README.md#Pwn
One Shellcode to Rule Them All - Shane Wilton
https://www.slideshare.net/ShaneWilton/one-shellcode-to-rule-them-all#Pwn
QEMU iPod Touch - Part 2
https://devos50.github.io/blog/2022/ipod-touch-qemu-pt2/#Pwn
Glibc Heap Exploitation Basics
http://blog.k3170makan.com/2018/12/glibc-heap-exploitation-basics.html#Pwn
Allocated vs Fastbin
https://3.bp.blogspot.com/-qj4RLjVNHLA/XBDCMEeZaVI/AAAAAAAAGK8/oOU_3VxXPOMYlSw8JU7QAmrxZWiHzXvpQCLcBGAs/s1600/allocatedVsFastbin.png#Pwn
Ret2ASLR - Google Security Research
https://github.com/google/security-research/tree/master/pocs/cpus/ret2aslr#Pwn
Windows 10 NT Heap Exploitation - AngelBoy
https://www.slideshare.net/AngelBoy1/windows-10-nt-heap-exploitation-english-version#Pwn
Linux Kernel Exploit Development - Breaking Bits
https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development#Pwn
Chrome Browser Exploitation - Jhalon
https://jhalon.github.io/chrome-browser-exploitation-1/#Pwn
Managing Inputs for Payload Injection - StackExchange
https://reverseengineering.stackexchange.com/questions/13928/managing-inputs-for-payload-injection#Pwn
Pwn Adventure 3 - Jaiminton
https://www.jaiminton.com/Game-Hacking/Pwn-Adventure-3#Pwn
Null Dereferences Exploitation - Google Project Zero
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html#Pwn
Attacking JS Engines - Side Channel Blog
https://www.sidechannel.blog/en/attacking-js-engines/#Pwn
K-Type Confusion Exploit - Medium
https://wafzsucks.medium.com/how-a-simple-k-typeconfusion-took-me-3-months-long-to-create-a-exploit-f643c94d445f#Pwn
Chrome Browser Exploitation - Jhalon
https://jhalon.github.io/chrome-browser-exploitation-1/#Pwn
Re-enabling FSOP on Libc 2.35 - Mymaqn
https://github.com/Mymaqn/reenabling_fsop_on_libc2_35#Pwn
Android Kernel Exploitation - CloudFuzz
https://cloudfuzz.github.io/android-kernel-exploitation/chapters/environment-setup.html#Pwn
Glibc Heap Exploitation Techniques - 0x434b
https://0x434b.dev/overview-of-glibc-heap-exploitation-techniques/#Pwn
GTIRB Stack Stamp - GrammaTech
https://github.com/GrammaTech/gtirb-stack-stamp#Pwn
Apple Safari CopyWithin Exploit - ZDI
https://www.zerodayinitiative.com/blog/2023/10/17/cve-2023-38600-story-of-an-innocent-apple-safari-copywithin-gone-way-outside#Pwn
OpenSecurityTraining Vulns1001
https://p.ost2.fyi/courses/course-v1:OpenSecurityTraining2+Vulns1001_C-family+2023_v1/about#Pwn
Babel ACE Vulnerability - Steak Enthusiast
https://steakenthusiast.github.io/2023/10/11/CVE-2023-45133-Finding-an-Arbitrary-Code-Execution-Vulnerability-In-Babel/#Pwn
Windows Kernel Wild Copy Exploit - Theori
https://blog.theori.io/exploiting-windows-kernel-wild-copy-with-user-fault-handling-cve-2023-28218-89f5189d0926#Pwn
Edge Sandbox Escape - EdgeVR
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself/#Pwn
0CTF-TCTF 2023 Writeup - Chovid99
https://chovid99.github.io/posts/0ctf-tctf-2023/#Pwn
CSGO Attack Surface - Synacktiv
https://www.synacktiv.com/en/publications/exploring-counter-strike-global-offensive-attack-surface#Pwn
Libc GOT Chain - ThisUsernameIsTaken
https://github.com/thisusernameistaken/LibcGOTchain#Pwn
RWCTF Writeup - HackCyom
https://www.hackcyom.com/2024/01/rwctf-lets-party-in-the-house-wu/#Pwn
Awesome Browser Exploit - EscapingBug
https://github.com/Escapingbug/awesome-browser-exploit/blob/master/README.md#Pwn
CTF 2019 OOB V8 Challenge - Ir0nstone
https://ir0nstone.gitbook.io/notes/types/browser-exploitation/ctf-2019-oob-v8/the-challenge#Pwn
StarCTF OOB V8 Writeup - Faraz
https://faraz.faith/2019-12-13-starctf-oob-v8-indepth/#Pwn
Simple Bugs Complex Exploits - Elttam
https://www.elttam.com/blog/simple-bugs-with-complex-exploits/#Pwn
Operation Triangulation - Securelist
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/#Pwn
Triangulation Validators - Securelist
https://securelist.com/triangulation-validators-modules/110847/#Pwn
Operation Triangulation Overview - Securelist
https://securelist.com/operation-triangulation/109842/#Pwn
TriangleDB Implant - Securelist
https://securelist.com/triangledb-triangulation-implant/110050/#Pwn
Google VRP Bug Report
https://bughunters.google.com/reports/vrp/38FmYpr1h#Pwn
Heap Management Gist - Theldus
https://gist.github.com/Theldus/4e1efc07ec13fb84fa10c2f3d054dccd#Pwn
Halfempty Tool - Google Project Zero
https://github.com/googleprojectzero/halfempty#Pwn
TP-Link Buffer Overflow - Boschko
https://boschko.ca/tp-link-tddp-bof/amp/#Pwn
Pixel 8 Kernel Code Execution - Github Blog
https://github.blog/2024-03-18-gaining-kernel-code-execution-on-an-mte-enabled-pixel-8/#Pwn
Trail of Bits Twitter
https://twitter.com/trailofbits/status/1773704923479232886?t=5QcN9OLGu96Kxw9ZxHe3aw&s=19#Pwn
American Conquest Exploit - Synacktiv
https://www.synacktiv.com/publications/exploiting-american-conquest#Pwn
Fuzzing XML and JSON - GNUCitizen
https://www.gnucitizen.org/blog/fuzzing-xml-and-json-pt-1/#Pwn
Heap Diagram - Cloudburst
https://raw.githubusercontent.com/cloudburst/libheap/master/heap.png#Pwn
Intro to V8 Exploitation - Matteo Malvica
https://www.matteomalvica.com/blog/2024/06/05/intro-v8-exploitation-maglev/#Pwn
Fortigate RCE with CVE-2024-21762 - AssetNote
https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762#Pwn
dhondta - gist 1
https://gist.github.com/dhondta/d2151c82dcd9a610a7380df1c6a0272c#Stegano
dhondta - gist 2
https://gist.github.com/dhondta/feaf4f5fb3ed8d1eb7515abe8cde4880#Stegano
dhondta - gist 3
https://gist.github.com/dhondta/30abb35bb8ee86109d17437b11a1477a#Stegano
How to Convert/Decode a Slow Scan Television (SSTV) Audio File to Images using QSSTV in Ubuntu 18.04
https://ourcodeworld.com/articles/read/956/how-to-convert-decode-a-slow-scan-television-transmissions-sstv-audio-file-to-images-using-qsstv-in-ubuntu-18-04#Stegano
Hiding Messages in x86 Binaries Using Semantic Duals
https://blog.yossarian.net/2020/08/16/Hiding-messages-in-x86-binaries-using-semantic-duals#Stegano
Plainsight Enciphering Demo
https://www.jamieweb.net/blog/plainsight-enciphering-demo/#Stegano
dhondta/python-tinyscript
https://github.com/dhondta/python-tinyscript#Stegano
Hiding Information by Changing an Image's Height
https://blog.cyberhacktics.com/hiding-information-by-changing-an-images-height/#Stegano
dhondta - gist 4
https://gist.github.com/dhondta/90a07d9d106775b0cd29bb51ffe15954#Stegano
Les Images PNG : Comment ça marche ? Comment corriger manuellement les erreurs ?
https://elsicarius.fr/les-images-png-comment-ca-marche-comment-corriger-manuellement-les-erreurs#Stegano
ElSicarius - S3cur3_tr4a4xx_adm1n_acc0unt
https://elsicarius.fr/author/s3cur3_tr4a4xx_adm1n_acc0unt#Stegano
Chaîne YouTube nanobyte
https://www.youtube.com/channel/UCSPIuWADJIMIf9Erf--XAsA/videos#Ring0
DEF CON 29 - Guillaume Fournier, Sylvain Afchain, Sylvain Baubeau
https://www.youtube.com/watch?v=5zixNDolLrg#Ring0
[Linux Kernel Exploitation] NULL pointer dereference bypass smep / ...
https://www.youtube.com/watch?v=Rx3sRn5garA#Ring0
WTF is ACPI ? - LSE Week 2012
https://www.youtube.com/watch?v=iHuo-y1gFAs#Ring0
Breaking the x86 Instruction Set
https://www.youtube.com/watch?v=KrksBdWcZgQ#Ring0
Write your own Operating System
https://www.youtube.com/channel/UCQdZltW7bh1ta-_nCH7LWYw/featured#Ring0
Conférence @Elf - de Kernel Module à eBPF
https://www.youtube.com/watch?v=FTdrqxf4loE#Ring0
How Do Linux Kernel Drivers Work? - Learning Resource
https://www.youtube.com/watch?v=juGNPLdjLH4#Ring0
Making an OS (x86)
https://www.youtube.com/playlist?list=PLm3B56ql_akNcvH8vvJRYOc7TbYhRs19M#Ring0
OffensiveCon20 - Alexander Popov - Exploiting a Linux Kernel Vulnerability
https://www.youtube.com/watch?v=J6xIohyARSU#Ring0
Temple Of PWN 13 - Kernel Exploitation
https://www.youtube.com/watch?v=dZgvLbuJiQ4#Ring0
Race Conditions and Time of Check to Time of Use TOCTTOU Vulnerabilities
https://www.youtube.com/watch?v=PH73lpG2B1M#Ring0
Hacking - Rootkit Development 09 - Hooking SysCall Read
https://www.youtube.com/watch?v=_BSZKj_rF5A#Ring0
Hacking - Rootkit Development 01
https://www.youtube.com/watch?v=8dZFJEc-8uI#Ring0
Virtual Memory: 3 What is Virtual Memory?
https://www.youtube.com/watch?v=qlH4-oHnBb8#Ring0
Create Your Own Kernel In C++
https://www.codeproject.com/Articles/1225196/Create-Your-Own-Kernel-In-C-2#Ring0
Linux Insides - Booting
https://0xax.gitbooks.io/linux-insides/content/Booting/linux-bootstrap-1.html#Ring0
Modules Kernel Linux - Kali Linux
https://www.kali-linux.fr/hacking/modules-kernel-linux#Ring0
8086 BIOS and DOS Interrupts
http://www.ablmcc.edu.hk/~scy/CIT/8086_bios_and_dos_interrupts.htm#Ring0
CTF Writeups - Kernel
https://ctftime.org/writeups?tags=kernel&hidden-tags=kernel#Ring0
Linux Kernel Exploitation by xairy
https://github.com/xairy/linux-kernel-exploitation#Ring0
A Guide to Kernel Exploitation - l34n
https://github.com/l34n/CySecBooks/blob/master/A%20Guide%20to%20Kernel%20Exploitation%20Attacking%20the%20Core.pdf#Ring0
Le Monde du Kernel - Hackndo
https://beta.hackndo.com/le-monde-du-kernel/#Ring0
Les Failles Kernel - Hackndo
https://beta.hackndo.com/les-failles-kernel/#Ring0
Exploit Database - Linux Kernel
https://www.exploit-db.com/exploits/45045#Ring0
Linux Kernel Pwn Part 1 - lkmidas
https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/#Ring0
Understanding the Linux Kernel - wogh8732
https://wogh8732.tistory.com/323#Ring0
Introduction to Kernel - Kern Emporium
https://kernemporium.github.io/kernel/intro/#Ring0
Null Pointer Dereference - bases-hacking.org
https://bases-hacking.org/null-pointer-dereference.html#Ring0
Kernel Play Guide - NSKernel
https://nskernel.gitbook.io/kernel-play-guide/#Ring0
TutoOS - A. Michelizza
http://a.michelizza.free.fr/pmwiki.php?n=TutoOS.TutoOS#Ring0
Kernel 101 - Arjun Sreedharan
https://arjunsreedharan.org/post/82710718100/kernel-101-lets-write-a-kernel#Ring0
Learning KVM - David942j
https://david942j.blogspot.com/2018/10/note-learning-kvm-implement-your-own.html#Ring0
Introduction to eBPF - Zenika Blog
https://blog.zenika.com/2019/07/15/decouverte-ebpf/#Ring0
Anatomy of a BzImage - LWN.net
https://lwn.net/Articles/717293/#Ring0
Kernel ROP - hxp CTF 2020 Writeup
https://hxp.io/blog/81/hxp-CTF-2020-kernel-rop/#Ring0
Windows Kernel Exploitation - m101
https://m101.github.io/binholic/2018/04/28/windows-kernel-exploitation-token.html#Ring0
Lord of the Ring0 - Idov31
https://idov31.github.io/2022-07-14-lord-of-the-ring0-p1/#Ring0
Linux Kernel Hacking - Yardenshafir
https://github.com/yardenshafir/IoRingReadWritePrimitive#Ring0
MiniOS Kernel - 0xMirasio
https://github.com/0xMirasio/kernel-MiniOS#Ring0
Linux Kernel - Xcellerator
https://xcellerator.github.io/categories/linux/#Ring0
Linux Kernel Hacking - Xcellerator
https://github.com/xcellerator/linux_kernel_hacking#Ring0
Linux Kernel Defence Map - a13xp0p0v
https://github.com/a13xp0p0v/linux-kernel-defence-map#Ring0
Conférence @TheLaluka - Pentest Web 101
https://www.youtube.com/watch?v=gPsm_Iz_yak#Web
It's a PHP Unserialization Vulnerability Jim, but Not as We Know It
https://www.youtube.com/watch?v=OrEar0TiS90#Web
Hacking Modern Desktop apps with XSS and RCE Workshop
https://www.youtube.com/watch?v=xILfQGkLXQo#Web
#HITB2017AMS D2T1 - Everybody Wants SOME: Advance Same Origin Methods
https://www.youtube.com/watch?v=OvarkOxxdic#Web
Backslash Powered Scanning: Hunting Unknown Vulnerability Classes
https://www.youtube.com/watch?v=apOLZ67TZd0#Web
Club EH RM 05 - Intro to JSON Web Token Exploitation
https://www.youtube.com/watch?v=d7wmUz57Nlg#Web
Sql injection in SOAP API (API testing )
https://www.youtube.com/watch?v=UINLbiq19NQ#Web
Présentation - Modèle de classification XSS
https://www.youtube.com/watch?v=a0KUWOfXC_I#Web
Les bonnes pratiques OAuth2/OIDC conjuguées au présent, passé simple et futur
https://www.youtube.com/watch?v=PhQJKKrV5i0#Web
Advanced PHP Deserialization - Phar Files
https://www.youtube.com/watch?v=fHZKSCMWqF4#Web
Burpsuite tricks - xanhacks
https://www.youtube.com/watch?v=1Ae94tigBiM#Web
Edge Side Include Injection: Abusing Caching Servers into SSRF and Local File Inclusion
https://www.youtube.com/watch?v=6t50uRAxFT8#Web
Two Bugs To Rule Them All: Taking Over The PHP Supply Chain by Thomas Orlita
https://www.youtube.com/watch?v=RLcK0kRGpjw#Web
Olivier Arteau -- Prototype pollution attacks in NodeJS applications
https://www.youtube.com/watch?v=LUsiFV3dsK8#Web
Intro to PHP Deserialization / Object Injection
https://www.youtube.com/watch?v=HaW15aMzBUM#Web
PHP Type Juggling - Why === is Important - Sponsored Content
https://www.youtube.com/watch?v=idC5SAsKhlE#Web
Hack A Blazor WASM App (At Your Own Risk)
https://www.youtube.com/watch?v=Xx1eMlscXrQ#Web
Relative Path Overwrite XSS - Baptiste Moine
https://www.youtube.com/watch?v=Ama6jrsjRlM#Web
HackTheBox "Business CTF" - discordvm - Node.js Sandbox Escape
https://www.youtube.com/watch?v=pzh6--wIp24#Web
Hacking ELECTRON: JavaScript Desktop Applications w/ 7aSecurity
https://www.youtube.com/watch?v=P8QvSjL8F9w#Web
Creating Custom Nuclei Templates and Workflows
https://www.youtube.com/watch?v=bHXkQjtBOLo#Web
XSS Filter Bypass | Escape Quotes | Part 9
https://www.youtube.com/watch?v=DOLb_hNOpXk#Web
OAUTH 2.1 expliqué simplement (même si tu n'es pas dev) ! (Julien Tasso)
https://www.youtube.com/watch?v=YdShQveywpo#Web
Explorez différents thèmes de sécurité web sur Hackitude
https://www.hackitude.in/labs-web-security-academy-th%C3%A8mes#Web
Préparation pour l'Offensive Security Web Expert (AWAE)
https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/#Web
Tool for HTTP/2 cleartext (h2c) smuggling
https://github.com/BishopFox/h2csmuggler#Web
Google assists in the detection of malware on Brave.com
https://arstechnica.com/gadgets/2021/07/with-help-from-google-impersonated-brave-com-website-pushes-malware/#Web
Twitter post discussing a security topic by Podalirius
https://twitter.com/podalirius_/status/1420072160450785280#Web
Interactive labs to learn web security on PortSwigger
https://portswigger.net/web-security/all-labs#Web
Gist repository with security-related content by terjanq
https://gist.github.com/terjanq/458d8ec1148e96f7ccbdccfd908c56f6#Web
Writeups from FCSC 2021 related to web security challenges
https://github.com/dspiricate/writeups/tree/main/FCSC/2021/web/Shared%20notes#Web
Exploration of polyglot files in hacking scenarios
https://medium.com/swlh/polyglot-files-a-hackers-best-friend-850bf812dd8a#Web
Overview of classic and blind NoSQL injection techniques
https://www.dailysecurity.fr/nosql-injections-classique-blind/#Web
Checklist for web penetration testing from Pentestbook
https://pentestbook.six2dez.com/others/web-checklist#Web
Article in French discussing the benefits of Next.js
https://practicalprogramming.fr/pourquoi-next-js#Web
Tool to evaluate Content Security Policy headers
https://csp-evaluator.withgoogle.com/#Web
Another Twitter post discussing a security topic by Podalirius
https://twitter.com/podalirius_/status/1447455234071146497#Web
Articles related to cybersecurity and web topics on 0xHorizon
https://0xhorizon.eu/articles/#Web
Research on HTTP request smuggling
https://github.com/mattiasgrenfeldt/bachelors-thesis-http-request-smuggling/#Web
SlideShare presentation on HTTP response splitting
https://fr.slideshare.net/h4xorhead/http-response-splitting-39437258#Web
OWASP guide on HTTP response splitting attacks
https://owasp.org/www-community/attacks/HTTP_Response_Splitting#Web
Exploit for bypassing PHP escapeshellarg and escapeshellcmd
https://github.com/kacperszurek/exploits/blob/master/GitList/exploit-bypass-php-escapeshellarg-escapeshellcmd.md#Web
Tool for generating payloads for Python deserialization attacks
https://github.com/j0lt-github/python-deserialization-attack-payload-generator#Web
Blog post detailing a PHP-FPM local root exploit
https://www.ambionics.io/blog/php-fpm-local-root#Web
Article on finding and exploiting JavaScript prototype pollution vulnerabilities
https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2#Web
Information on conducting HTTP response splitting attacks
https://resources.infosecinstitute.com/topic/http-response-splitting-attack/#Web
Explanation and mitigation techniques for CSWSH attacks
https://infosecwriteups.com/cross-site-websocket-hijacking-cswsh-ce2a6b0747fc#Web
Techniques for exploiting PHP deserialization vulnerabilities
https://medium.com/swlh/exploiting-php-deserialization-56d71f03282a#Web
Information about the PHP serialization format
https://en.wikipedia.org/wiki/PHP_serialization_format#Web
Collection of wordlists for web applications
https://github.com/p0dalirius/webapp-wordlists#Web
Blog post detailing a remote code execution vulnerability in Joomla
https://blog.hacktivesecurity.com/index.php/2019/10/03/rusty-joomla-rce/#Web
Article on reflected XSS vulnerabilities
https://0xhorizon.eu/fr/articles/xss-reflected/#Web
Tool for bypassing IP source restrictions
https://github.com/p0dalirius/ipsourcebypass#Web
Exploration of PHP stream wrappers and filters
https://blog.eleven-labs.com/fr/php-stream-wrappers-filters/#Web
Exploit for CVE-2018-16509 affecting Ghostscript in PIL
https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509#Web
Articles and insights on cybersecurity from Vaadata
https://www.vaadata.com/blog/fr/#Web
Twitter post discussing a security topic by Podalirius
https://twitter.com/podalirius_/status/1488921781637365771#Web
Tool for generating Content Security Policy (CSP) headers
https://github.com/Ruulian/CSPass#Web
GitHub issue discussing React framework
https://github.com/facebook/react/issues/3473#Web
Firefox add-on for viewing and editing web API definitions
https://addons.mozilla.org/fr/firefox/addon/wizdler/#Web
Articles and tips on enhancing Burp Suite functionality
https://blog.yeswehack.com/category/yeswerhackers/pimpmyburp/#Web
Cheat sheets for various web application security topics from OWASP
https://cheatsheetseries.owasp.org/index.html#Web
Techniques for data theft using CSS attacks on web applications
https://sekurak.pl/wykradanie-danych-w-swietnym-stylu-czyli-jak-wykorzystac-css-y-do-atakow-na-webaplikacje/#Web
Document on a web security topic on HackMD
https://hackmd.io/@Chivato/HyWsJ31dI#Web
Research on new cross-site scripting (XSS) attack vectors
https://portswigger.net/research/new-xss-vectors#Web
Exploration of Symfony secret fragment vulnerabilities
https://www.ambionics.io/blog/symfony-secret-fragment#Web
Research on exploiting Symfony vulnerabilities with EOS
https://www.synacktiv.com/en/publications/looting-symfony-with-eos.html#Web
Cheat sheet for web penetration testing
https://cheatsheet.haax.fr/web-pentest/#Web
Exploiting PHP sessions for local file inclusion (LFI) to remote code execution (RCE)
https://www.rcesecurity.com/2017/08/from-lfi-to-rce-via-php-sessions/#Web
Technique for finding unique values in JavaScript arrays
https://levelup.gitconnected.com/how-to-find-unique-values-by-property-in-an-array-of-objects-in-javascript-50ca23db8ccc#Web
Tool for testing HTTP response splitting vulnerabilities
https://github.com/Nefcore/CRLFsuite#Web
Tool for automating exploitation of deserialization vulnerabilities
https://github.com/wh1t3p1g/ysomap#Web
Tool for exploiting XXE (XML External Entity) vulnerabilities
https://github.com/enjoiz/XXEinjector#Web
Guide on SSRF vulnerabilities and exploitation
https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery#Web
Tool for exploiting SSRF via Gopher protocol
https://github.com/tarunkant/Gopherus#Web
Comprehensive guide and resources for bug bounty hunting
https://github.com/daffainfo/AllAboutBugBounty#Web
Guide and resources for bug bounty programs
https://github.com/Anlominus/Bug-Bounty#Web
Twitter post discussing a security topic by MeAsHacker_HNA
https://twitter.com/MeAsHacker_HNA/status/1538862575617814528#Web
Another Twitter post discussing a security topic by Podalirius
https://twitter.com/podalirius_/status/1554132093608804354#Web
Python shell script for Node.js security testing
https://github.com/ajinabraham/Node.Js-Security-Course/blob/master/nodejsshell.py#Web
Article on HTTP response splitting vulnerabilities
https://0xhorizon.eu/fr/articles/http-response-splitting/#Web
Simplified explanation of bit-shifting blind SQL injection
http://blog.k3170makan.com/2012/01/bit-shifting-blind-injection-simplified.html#Web
Walkthrough of Damn Vulnerable Web Application
https://sharpforce.gitbook.io/cybersecurity/walkthroughs/damn-vulnerable-web-application/damn-vulnerable-web-application-dvwa#Web
Exploiting LFI to RCE via PHP filters
https://book.hacktricks.xyz/pentesting-web/file-inclusion/lfi2rce-via-php-filters#Web
Resources and tools for ElectronJS security testing
https://github.com/doyensec/awesome-electronjs-hacking#Web
Discussion on parameter tampering and RCE in Node.js applications
https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/#Web
Cheat sheet for Node.js red team operations
https://github.com/aadityapurani/NodeJS-Red-Team-Cheat-Sheet#Web
Challenges and techniques for sandboxing Node.js applications
https://pwnisher.gitlab.io/nodejs/sandbox/2019/02/21/sandboxing-nodejs-is-hard.html#Web
Notes on exploiting PHP object injection vulnerabilities
https://gist.github.com/jcreedcmu/4f6e6d4a649405a9c86bb076905696af?permalink_comment_id=3846798#Web
Introduction to prototype pollution vulnerabilities
https://shieldfy.io/security-wiki/prototype-pollution/introduction-to-prototype-pollution/#Web
Article on DOM clobbering vulnerabilities
https://medium.com/@shilpybanerjee/dom-clobbering-its-clobbering-time-f8dd5c8fbc4b#Web
Blog post from Twitter on Twitter Silhouette
https://blog.twitter.com/engineering/en_us/topics/insights/2018/twitter_silhouette#Web
Exploration of cross-site leaks vulnerabilities
https://www.appsecmonkey.com/blog/xs-leaks#Web
Exploiting insecure deserialization vulnerabilities
https://vickieli.dev/insecure%20deserialization/pop-chains/#Web
Exploration of PHP unserialize function and vulnerabilities
https://medium.com/swlh/diving-into-unserialize-3586c1ec97e#Web
Tool for JWT token manipulation
https://github.com/rishuranjanofficial/JWTweak#Web
Tool for JWT token analysis and manipulation
https://github.com/TRIKKSS/JWTSWISSKNIFE#Web
Exploiting path truncation vulnerabilities
https://www.dailysecurity.fr/les-path-truncations/#Web
Tool for dumping Local File Inclusion (LFI) vulnerabilities
https://github.com/p0dalirius/LFIDump#Web
Blog post discussing the Gopherus tool
https://spyclub.tech/2018/08/14/2018-08-14-blog-on-gopherus/#Web
Common vulnerabilities and exploitation in GraphQL
https://the-bilal-rizwan.medium.com/graphql-common-vulnerabilities-how-to-exploit-them-464f9fdce696#Web
Guide on exploiting GraphQL endpoints for bug bounty
https://blog.yeswehack.com/yeswerhackers/how-exploit-graphql-endpoint-bug-bounty/#Web
Cheat sheet for GraphQL vulnerabilities
https://0xn3va.gitbook.io/cheat-sheets/web-application/graphql-vulnerabilities#Web
Tool for mining parameters from web applications
https://github.com/PortSwigger/param-miner#Web
Exploiting PHP object injection vulnerabilities
https://snoopysecurity.github.io/web-application-security/2021/01/08/02_php_object_injection_exploitation-notes.html#Web
Techniques for exploiting PHP unserialize for RCE
https://notsosecure.com/remote-code-execution-php-unserialize#Web
Exploiting memory corruption bugs in JavaScript
https://www.bleepingcomputer.com/news/security/invisible-characters-could-be-hiding-backdoors-in-your-javascript-code/#Web
Twitter post discussing a security topic by Bughunter
https://twitter.com/_bughunter/status/1577622994897215488?t=3PEK40bh0MBAVIMHl-OaaQ&s=19#Web
Twitter post discussing a security topic by Intigriti
https://twitter.com/intigriti/status/1582334895405531137?s=46&t=cTpgYzx6oqBSszNo0uvpDQ#Web
Tool for generating PHP filter chains
https://github.com/synacktiv/php_filter_chain_generator#Web
Cheat sheet for server-side request forgery (SSRF)
https://0xn3va.gitbook.io/cheat-sheets/web-application/server-side-request-forgery#Web
Twitter post discussing a security topic by Vercel
https://twitter.com/vercel/status/1584964835984703491?t=BfM8iyBIAYaCLsvHuCdRhQ&s=19#Web
Research on using backslash for scanning and vulnerability hunting
https://portswigger.net/research/backslash-powered-scanning-hunting-unknown-vulnerability-classes#Web
Experience in creating Nuclei templates for security testing
https://www.andysvints.com/nuclei-templates-creation-my-experience/#Web
Overview of hacker tools like Nuclei for security testing
https://blog.intigriti.com/2021/05/10/hacker-tools-nuclei/#Web
Burp Suite extension for security testing
https://portswigger.net/bappstore/526f5564b7414bfe978e650d8ea6567b#Web
Tool for bypassing security controls in web applications
https://github.com/teambi0s/dfunc-bypasser#Web
Techniques for bypassing PHP disable_functions with Chankro
https://0xdf.gitlab.io/2019/08/02/bypassing-php-disable_functions-with-chankro.html#Web
Tool for reconnaissance and intelligence gathering
https://github.com/yogeshojha/rengine#Web
Checklist for API security testing
https://gitlab.com/pentest-tools/API-Security-Checklist#Web
Techniques for time-based data exfiltration
https://securitycafe.ro/2017/02/28/time-based-data-exfiltration/#Web
Advanced usage tricks for FFUF tool
https://www.acceis.fr/ffuf-advanced-tricks/#Web
Information on cross-site leaks and vulnerabilities
https://xsleaks.dev/#Web
Addon for security testing and exploitation
https://addons.mozilla.org/fr/firefox/addon/pwnfox/#Web
Resource hub for web security enthusiasts
https://websec.fr/#Web
Using Android emulator for API security testing
https://zerodayhacker.com/using-an-android-emulator-for-api-hacking/#Web
Exploration of URIs and their security implications
https://elsicarius.fr/les-uri-vous-connaissez#Web
Automation techniques for blind SQL injection over WebSocket
https://rayhan0x01.github.io/ctf/2021/04/02/blind-sqli-over-websocket-automation.html#Web
Techniques for bypassing CAPTCHAs using Python
https://cloudsek.com/how-to-bypass-captchas-easily-using-python-and-other-methods/#Web
Framework for building Node.js web applications
https://github.com/adonisjs/core#Web
Tool for parsing and interacting with Swagger APIs
https://gitlab.com/onemask/swaggerparser#Web
Exploiting blind XXE (XML External Entity) vulnerabilities
https://portswigger.net/web-security/xxe/blind#Web
Interactive exploration tool for GraphQL schemas
https://ivangoncharov.github.io/graphql-voyager/#Web
Interactive GraphQL IDE and testing tool
https://github.com/graphql/graphql-playground#Web
Tricks and techniques for PHP security testing
https://devansh.xyz/ctfs/2021/09/11/php-tricks.html#Web
Writeup and exploitation techniques for BUUCTF web challenges
https://exp10it.cn/2022/11/buuctf-web-writeup-8/#Web
Tool for editing and visualizing GraphQL schemas
https://graphqleditor.com/fr/#Web
Fuzzing techniques for XSS via nested parsers
https://swarm.ptsecurity.com/fuzzing-for-xss-via-nested-parsers-condition/#Web
Issue discussion on GitHub regarding PHP
https://github.com/php/php-src/issues/10469#Web
CVE-2022-35914 exploitation in GLPI using HTMLawed
https://mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914/#Web
Slides on MXSS (Mutation XSS) vulnerability CVE-2020-26870
https://slides.com/kevin-mizu/mxss-cve-2020-26870#Web
Slides on HTML sanitization techniques
https://slides.com/kevin-mizu/html-sanitizer#Web
Tool for bypassing URL parsers
https://github.com/laluka/bypass-url-parser#Web
Collection of source code and resources
https://www.sourcecodester.com/#Web
Exploitation of UUID for compromising accounts
https://www.xmco.fr/veille-vulnerabilites-fr/exploitation-uuid-compromission-compte/#Web
Tool for exploiting vulnerabilities in GLPI
https://github.com/Feals-404/GLPIAnarchy#Web
Research on hidden HTTP request smuggling attack vectors
https://github.com/PortSwigger/http-request-smuggler#Web
Research on hidden OAuth attack vectors
https://portswigger.net/research/hidden-oauth-attack-vectors#Web
Write-ups and explanations for OWASP Application Security Verification Standard
https://owasp-skf.gitbook.io/asvs-write-ups/#Web
Detection and exploitation techniques for server-side prototype pollution
https://blog.yeswehack.com/talent-development/server-side-prototype-pollution-how-to-detect-and-exploit/#Web
Explanation and examples of server-side prototype pollution vulnerabilities
https://portswigger.net/web-security/prototype-pollution/server-side#Web
Article on cache poisoning affecting Akamai edge nodes
https://medium.com/@jacopotediosi/worldwide-server-side-cache-poisoning-on-all-akamai-edge-nodes-50k-bounty-earned-f97d80f3922b#Web
Addon for interacting with SOAP web services
https://addons.mozilla.org/en-US/firefox/addon/wizdler/#Web
Twitter post discussing server-side cache poisoning
https://twitter.com/kevin_mizu/status/1628665943797669890?s=46&t=1ohrl4OjJp9gO0lreTvpgA#Web
Blog post discussing cross-site smallish scripting
https://www.trustedsec.com/blog/cross-site-smallish-scripting-xsss/#Web
Tool for exploiting blind SSRF vulnerabilities
https://github.com/assetnote/blind-ssrf-chains#Web
Illustrated guide to OAuth 2.0 flows
https://darutk.medium.com/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85#Web
Article on insecurities in SAML
https://joonas.fi/2021/08/saml-is-insecure-by-design/#Web
Write-up of Hack The Box machine "Oouch"
https://0xdf.gitlab.io/2020/08/01/htb-oouch.html#Web
Study resources for the Burp Suite Certified Practitioner exam
https://github.com/botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study#Web
Collection of vulnerable code snippets for educational purposes
https://github.com/yeswehack/vulnerable-code-snippets#Web
Tool for finding potential prototype pollution vulnerabilities
https://github.com/yeswehack/pp-finder#Web
Collection of security challenges
https://github.com/Blaklis/my-challenges#Web
Guide for pentesters on GraphQL security testing
https://www.acceis.fr/graphql-for-pentesters/#Web
Tool for analyzing data flow and dependencies
https://github.com/usdAG/FlowMate#Web
Compilation of top web hacking techniques for 2023
https://portswigger.net/polls/top-10-web-hacking-techniques-2023#Web
Explanation of HATEOAS (Hypermedia as the Engine of Application State)
https://en.wikipedia.org/wiki/HATEOAS#Web
Guide on hacking HTMX applications
https://infosecwriteups.com/hacking-htmx-applications-f8d29665faf#Web
Collection of awesome Web Application Firewalls (WAFs)
https://github.com/0xInfection/Awesome-WAF#Web
Tool for crawling domains and scanning for endpoints, secrets, and more
https://github.com/edoardottt/cariddi#Web
Techniques for bypassing Jinja2 template injection filters
https://0day.work/jinja2-template-injection-filter-bypasses/#Web
Guide for testing for mass assignment vulnerabilities
https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/20-Testing_for_Mass_Assignment#Web
Research on PRSSI vulnerabilities
https://portswigger.net/research/detecting-and-exploiting-path-relative-stylesheet-import-prssi-vulnerabilities#Web
Analysis of Grafana vulnerability CVE-2021-43798
https://vulncheck.com/blog/grafana-cve-2021-43798#Web
Tool for reflective cross-site scripting (RXSS) testing
https://github.com/elkokc/reflector#Web
Plugin for adding webshell functionality to WordPress
https://github.com/p0dalirius/Wordpress-webshell-plugin#Web
Description non disponible
https://www.youtube.com/watch?v=CHk2XzFKwNc#Red-team
Description non disponible
https://www.youtube.com/watch?v=3TOiqGMCAOg#Red-team
Description non disponible
https://www.youtube.com/watch?v=jMKtlS9H_TQ#Red-team
Description non disponible
https://www.youtube.com/watch?v=CKfjLnEMfvI#Red-team
Description non disponible
https://www.youtube.com/watch?v=Ns-PvO6xUOI#Red-team
Description non disponible
https://www.youtube.com/watch?v=UuhEzY4d6KM#Red-team
Description non disponible
https://www.youtube.com/watch?v=_TEnBLt2JF4#Red-team
Description non disponible
https://www.youtube.com/watch?v=-iSMrYZbbgo#Red-team
Description non disponible
https://www.youtube.com/watch?v=bv53rYl34og#Red-team
Description non disponible
https://www.youtube.com/watch?v=TfG9lBYCOq8&start=690#Red-team
Description non disponible
https://www.youtube.com/watch?v=TwLLL8Ain24#Red-team
Description non disponible
https://www.youtube.com/watch?v=VWQY5R2A6X8#Red-team
Description non disponible
https://www.youtube.com/watch?v=IiMladUbL6E#Red-team
Description non disponible
https://www.youtube.com/watch?v=69xsb_TeazA#Red-team
Description non disponible
https://www.youtube.com/watch?v=XAvAVKXXC_8#Red-team
Description non disponible
https://www.youtube.com/watch?v=StSLxFbVz0M#Red-team
Description non disponible
https://www.youtube.com/@user-lf7lp1el9j/featured#Red-team
Description non disponible
https://www.youtube.com/watch?v=qIbrozlf2wM#Red-team
Description non disponible
https://www.youtube.com/watch?v=UAkC-brF6iQ#Red-team
Description non disponible
https://www.youtube.com/watch?v=2UruLKYwyEc#Red-team
Description non disponible
https://www.youtube.com/watch?v=IbA7Ung39o4#Red-team
Description non disponible
https://www.youtube.com/watch?v=0Z3VadqyFiM#Red-team
Description non disponible
https://youtube.com/playlist?list=PLXooO-eTihBuvLEEP304PULUf4VIUsBy8&si=MNOL0ng7AgOZz7mO#Red-team
Description non disponible
https://www.youtube.com/watch?v=cBgqgZUiU5I#Red-team
Description non disponible
https://www.youtube.com/watch?v=l8nkXCOYQC4#Red-team
Description non disponible
https://www.youtube.com/watch?v=edIMUcxCueA#Red-team
Description non disponible
https://www.youtube.com/watch?v=ME7IGHPcSKw#Red-team
Description non disponible
https://www.youtube.com/live/xcDp6SAwC2s?si=V7rfWr0RUW0xh8kf#Red-team
Description non disponible
https://www.youtube.com/watch?v=4jRFocEEX2M#Red-team
Description non disponible
https://www.youtube.com/@gemini_security/featured#Red-team
Description non disponible
https://www.youtube.com/watch?v=Ni1RqTwPiIQ#Red-team
Description non disponible
https://www.youtube.com/watch?v=z8GIjk0rfbI#Red-team
Description non disponible
https://www.youtube.com/watch?v=TGzMR9GfnIs#Red-team
Description non disponible
https://www.youtube.com/watch?v=IPFpyulNcRQ#Red-team
Description non disponible
https://www.youtube.com/watch?v=d9pvNlZ9GGQ#Red-team
GitHub repository for PackMyPayload tool.
https://github.com/mgeeky/PackMyPayload#Red-team
GitHub repository for Cobalt Strike Aggressor Scripts Collection.
https://github.com/bytecod3r/Cobaltstrike-Aggressor-Scripts-Collection#Red-team
Article on Witchetty steganography espionage.
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/witchetty-steganography-espionage#Red-team
Article on Browser in the Browser Phishing Attack.
https://mrd0x.com/browser-in-the-browser-phishing-attack/#Red-team
GitHub repository for ProtectMyTooling tool by mgeeky.
https://github.com/mgeeky/ProtectMyTooling#Red-team
GitHub repository for SigThief tool by secretsquirrel.
https://github.com/secretsquirrel/SigThief#Red-team
GitHub repository for LazySign tool by jfmaes.
https://github.com/jfmaes/LazySign#Red-team
GitHub repository for ATP PowerShell Scripts by Mr-Un1k0d3r.
https://github.com/Mr-Un1k0d3r/ATP-PowerShell-Scripts#Red-team
GitHub repository for DarkLoadLibrary tool by bats3c.
https://github.com/bats3c/DarkLoadLibrary#Red-team
GitHub repository for c_syscalls tool by janoglezcampos.
https://github.com/janoglezcampos/c_syscalls#Red-team
GitHub repository for ScareCrow tool by Optiv.
https://github.com/optiv/ScareCrow#Red-team
Article on hiding Cobalt Strike traffic.
https://www.tarlogic.com/blog/hidding-cobalt-strike-traffic/#Red-team
GitHub repository for RedWarden tool by mgeeky.
https://github.com/mgeeky/RedWarden#Red-team
GitHub repository for VXUG Papers by vxunderground.
https://github.com/vxunderground/VXUG-Papers/#Red-team
Slides on Malware Development for Dummies.
https://github.com/chvancooten/maldev-for-dummies/blob/main/Slides/Malware%20Development%20for%20Dummies%20-%20Hack%20in%20Paris%2030-06-2022%20%26%2001-07-2022.pdf#Red-team
GitHub repository for maldev-for-dummies by chvancooten.
https://github.com/chvancooten/maldev-for-dummies#Red-team
GitHub repository for NimPackt-v1 tool by chvancooten.
https://github.com/chvancooten/NimPackt-v1#Red-team
GitHub repository for OffensiveNim tool by byt3bl33d3r.
https://github.com/byt3bl33d3r/OffensiveNim#Red-team
GitHub repository for OffensiveCSharp tool by matterpreter.
https://github.com/matterpreter/OffensiveCSharp#Red-team
Article on bypassing AV DLL side loading.
https://www.flangvik.com/2019/07/24/Bypassing-AV-DLL-Side-Loading.html#Red-team
Article on blinding EDR on Windows.
https://synzack.github.io/Blinding-EDR-On-Windows/#Red-team
Article on creating an EDR and bypassing it - Part 1.
https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/#Red-team
Author page for Ceri Coburn on Ethical Chaos.
https://ethicalchaos.dev/author/ceri-coburn/#Red-team
GitHub repository for ObfLoader tool by D1rkMtr.
https://github.com/D1rkMtr/ObfLoader#Red-team
Article on malware development on Inf0sec.
https://inf0sec.fr/article-19.php#Red-team
Article on malware development on Inf0sec.
https://inf0sec.fr/article-20.php#Red-team
GitHub repository for CS Situational Awareness BOF tool by trustedsec.
https://github.com/trustedsec/CS-Situational-Awareness-BOF#Red-team
Article on evading EDR with ScareCrow.
https://adamsvoboda.net/evading-edr-with-scarecrow/#Red-team
Article on EDR bypass methods.
https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/#Red-team
Red Actor article on Malware Development Detection.
https://red-actor.notion.site/Malware-Development-Detection-414b4670df1c4a07bf6321540573bcca#Red-team
GitHub repository for ObfLoader tool by D1rkMtr.
https://github.com/D1rkMtr/ObfLoader#Red-team
Tweet by OtterHacker on Twitter.
https://twitter.com/OtterHacker/status/1578412886346502145#Red-team
Tweet by Kleiton0x7e on Twitter.
https://twitter.com/kleiton0x7e/status/1578017869866016769#Red-team
Article on malware development part 1.
https://0xpat.github.io/Malware_development_part_1/#Red-team
GitHub repository for Windows Signed Binary by Mr-Un1k0d3r.
https://github.com/Mr-Un1k0d3r/Windows-SignedBinary#Red-team
Article on Microsoft Teams Webhooks.
https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook#Red-team
GitHub repository for AtomPePacker tool by ORCx41.
https://github.com/ORCx41/AtomPePacker#Red-team
Tweet by Alh4zr3d on Twitter.
https://twitter.com/Alh4zr3d/status/1582007737847644165?t=qMOzxLzuRBQM27s59DHM_A&s=19#Red-team
Article on recreating an ISO payload for fun.
https://blog.sunggwanchoi.com/recreating-an-iso-payload-for-fun-and-no-profit/amp/#Red-team
Article on hiding API call strings with ordinals.
https://rioasmara.com/2020/11/15/hide-api-call-strings-with-ordinals/#Red-team
Article on malware development part 2.
https://0xpat.github.io/Malware_development_part_2/#Red-team
Article on Tor fronting utilizing hidden services.
https://www.vincentyiu.com/red-team/domain-fronting/tor-fronting-utilising-hidden-services-to-hide-attack-infrastructure#Red-team
GitHub repository for Tor fronting profile by mdsecresearch.
https://github.com/mdsecresearch/Publications/blob/master/tools/redteam/malleable/tor-fronting.profile#Red-team
Article sur le contournement des supervisions des EDR.
https://connect.ed-diamond.com/misc/misc-118/techniques-de-contournement-de-la-supervision-des-edr#Red-team
Article on kernel tracing injection detection.
https://blog.redbluepurple.io/windows-security-research/kernel-tracing-injection-detection#Red-team
GitHub repository for DripLoader tool by xuanxuan0.
https://github.com/xuanxuan0/DripLoader#Red-team
Article on removing kernel callbacks using signed drivers.
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/#Red-team
Article sur le tour d'horizon des mécanismes de supervision des EDR.
https://connect.ed-diamond.com/misc/misc-116/tour-d-horizon-des-mecanismes-de-supervision-des-edr#Red-team
Article on Windows callbacks.
http://blog.deniable.org/posts/windows-callbacks/#Red-team
GitHub repository for Dumpert tool by outflanknl.
https://github.com/outflanknl/Dumpert#Red-team
Article on BYOVKD.
https://public.cnotools.studio/bring-your-own-vulnerable-kernel-driver-byovkd/exploits/data-only-attack-neutralizing-etwti-provider#Red-team
GitHub repository for EtwExplorer tool by zodiacon.
https://github.com/zodiacon/EtwExplorer#Red-team
GitHub repository for SilkETW tool by mandiant.
https://github.com/mandiant/SilkETW#Red-team
Article on domain fronting.
https://www.orangecyberdefense.com/fr/insights/blog/ethical-hacking/focus-sur-le-domain-fronting#Red-team
GitHub repository for Payload Download Cradles tool by VirtualAlllocEx.
https://github.com/VirtualAlllocEx/Payload-Download-Cradles#Red-team
Article on Maldev: Cloning & Signing.
https://captmeelo.com/redteam/maldev/2022/11/07/cloning-signing.html#Red-team
GitHub repository for SharpCompile tool by SpiderLabs.
https://github.com/SpiderLabs/SharpCompile#Red-team
GitHub repository for NoPowerShell tool by bitsadmin.
https://github.com/bitsadmin/nopowershell#Red-team
Article on NSO Zero-Click by Google Project Zero.
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html#Red-team
Tweet by 0xor0ne on Twitter.
https://twitter.com/0xor0ne/status/1590317045073465344?t=RuemA-Zoo3KqolHb5KfdYQ&s=19#Red-team
GitHub repository for Spoofing Gate tool by timwhitez.
https://github.com/timwhitez/Spoofing-Gate#Red-team
GitHub repository for RecycledGate tool by thefLink.
https://github.com/thefLink/RecycledGate#Red-team
GitHub repository for SysWhispers2 tool by jthuraisamy.
https://github.com/jthuraisamy/SysWhispers2#Red-team
Article on PNG steganography by Avast Decoded.
https://decoded.avast.io/martinchlumecky/png-steganography/#Red-team
Article on staged vs stageless handlers.
https://buffered.io/posts/staged-vs-stageless-handlers/#Red-team
GitHub repository for CobaltStrikeBypassDefender tool by Processus-Thief.
https://github.com/Processus-Thief/CobaltStrikeBypassDefender#Red-team
GitHub repository for SharpGmailC2 tool by reveng007.
https://github.com/reveng007/SharpGmailC2#Red-team
GitHub repository for CarbonCopy tool by paranoidninja.
https://github.com/paranoidninja/CarbonCopy#Red-team
GitHub repository for Offensive Snippets by 0xAbdullah.
https://github.com/0xAbdullah/Offensive-Snippets#Red-team
GitHub repository for PortBender tool by praetorian-inc.
https://github.com/praetorian-inc/PortBender#Red-team
GitHub repository for Presentations by Octoberfest7.
https://github.com/Octoberfest7/Presentations#Red-team
GitHub repository for BeastArsenal tool by CZashi.
https://github.com/CZashi/BeastArsenal#Red-team
Article on Fantastic Rootkits Part 1 by CyberArk.
https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1#Red-team
GitHub repository for cThreadHijack tool by connormcgarr.
https://github.com/connormcgarr/cThreadHijack#Red-team
Article on leveraging Microsoft Teams for initial access.
https://posts.inthecyber.com/leveraging-microsoft-teams-for-initial-access-42beb07f12c4#Red-team
GitHub repository for Codecepticon tool by Accenture.
https://github.com/Accenture/Codecepticon#Red-team
Article on OPSEC by XORL.
https://xorl.wordpress.com/2020/03/29/everything-you-wanted-to-know-about-opsec-and-some-more/#Red-team
Article on malware development part 6.
https://0xpat.github.io/Malware_development_part_6/#Red-team
Archive of VySecurity Rocks.
https://web.archive.org/web/20210329173433/https://vysecurity.rocks/?#Red-team
GitHub repository for Sharperner tool by aniqfakhrul.
https://github.com/aniqfakhrul/Sharperner#Red-team
GitHub repository for DebugOff tool by 0xor0ne.
https://github.com/0xor0ne/debugoff#Red-team
Article on hiding Windows API calls part 1.
https://trikkss.github.io/posts/hiding_windows_api_calls_part1/#Red-team
Article on EDR observations.
https://www.signal-labs.com/blog/edr-observations#Red-team
Article on automating Red Team infrastructure with Terraform.
https://www.ired.team/offensive-security/red-team-infrastructure/automating-red-team-infrastructure-with-terraform#Red-team
GitHub repository for RedWarden tool by mgeeky.
https://github.com/mgeeky/RedWarden#Red-team
Tweet by DallasFR2 on Twitter.
https://twitter.com/DallasFR2/status/1610717054780280834?s=20&t=EVUO2DNQoMEcT0h5s9UhsA#Red-team
GitHub repository for UnhookingPatch tool by D1rkMtr.
https://github.com/D1rkMtr/UnhookingPatch#Red-team
GitHub repository for Offensive Tools by post-cyberlabs.
https://github.com/post-cyberlabs/Offensive_tools/tree/main/PostDump#Red-team
Phishing techniques and strategies.
https://tyeyeah.github.io/2022/08/06/2022-08-06-Go-Phishing/#Red-team
Methods for bypassing antivirus software.
https://tyeyeah.github.io/2021/08/02/2021-08-02-Bypass-Anti-Virus/#Red-team
Guide on creating phishing attacks from scratch.
https://www.opencyber.com/phishing-from-scratch/#Red-team
Exploring User APC in WOW64 architecture.
https://repnz.github.io/posts/apc/wow64-user-apc/#Red-team
GitHub repository for PwnAuth tool by mandiant.
https://github.com/mandiant/PwnAuth#Red-team
GitHub repository for Inline Execute PE tool by Octoberfest7.
https://github.com/Octoberfest7/Inline-Execute-PE#Red-team
Techniques for hiding malicious activities.
https://0xdarkvortex.dev/hiding-in-plainsight/#Red-team
GitHub repository for CRTO tool by h3ll0clar1c3.
https://github.com/h3ll0clar1c3/CRTO#Red-team
Article on security topics by inf0sec.
https://inf0sec.fr/article-21.php#Red-team
GitHub repository for Conti Pentester Guide Leak by ForbiddenProgrammer.
https://github.com/ForbiddenProgrammer/conti-pentester-guide-leak#Red-team
GitHub repository for OperatorsKit tool by REDMED-X.
https://github.com/REDMED-X/OperatorsKit#Red-team
GitHub repository for RedTeaming CheatSheet by 0xJs.
https://github.com/0xJs/RedTeaming_CheatSheet#Red-team
How to decrypt Manage Engine PMP passwords for fun and domain admin - a red teaming tale.
https://www.shielder.com/blog/2022/09/how-to-decrypt-manage-engine-pmp-passwords-for-fun-and-domain-admin-a-red-teaming-tale/#Red-team
Exploiting explorer context menu for persistence.
https://ristbs.github.io/2023/02/15/hijack-explorer-context-menu-for-persistence-and-fun.html#Red-team
Twitter post by n00py1.
https://twitter.com/n00py1/status/1626268178803302401?t=St6HqkL1NtWMBXhfxhbPvw&s=19#Red-team
Malware evasion techniques against antivirus.
https://cocomelonc.github.io/malware/2023/02/12/malware-av-evasion-11.html#Red-team
GitHub repository for Red Teamer by Christbowel.
https://github.com/Christbowel/Red-Teamer#Red-team
Sliver C2 leveraged by many threat actors.
https://www.cybereason.com/blog/sliver-c2-leveraged-by-many-threat-actors#Red-team
GitHub repository for NTDLL Gadget Injection by LloydLabs.
https://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection#Red-team
Bypassing Windows Defender techniques.
https://mrfey.fr/ARTICLES/Bypass_Defender#Red-team
Exploiting Keepass for DLL hijacking.
https://skr1x.github.io/keepass-dll-hijacking/#Red-team
Behind the mask: spoofing call stacks dynamically with timers.
https://www.cobaltstrike.com/blog/behind-the-mask-spoofing-call-stacks-dynamically-with-timers/#Red-team
Defining Cobalt Strike reflective loader.
https://securityintelligence.com/posts/defining-cobalt-strike-reflective-loader/#Red-team
Persistence techniques using context menu.
https://pentestlab.blog/2023/03/13/persistence-context-menu/#Red-team
Simplifying development of Universal Distributed Reflective Loader (UDRL).
https://www.cobaltstrike.com/blog/revisiting-the-udrl-part-1-simplifying-development/#Red-team
GitHub repository for OffensiveCpp by lsecqt.
https://github.com/lsecqt/OffensiveCpp#Red-team
GitHub repository for WinShellcode by DallasFR.
https://github.com/DallasFR/WinShellcode#Red-team
Direct syscalls: a journey from high to low.
https://redops.at/en/blog/direct-syscalls-a-journey-from-high-to-low#Red-team
Linking browser processes via LNK files.
https://www.mandiant.com/resources/blog/lnk-between-browsers#Red-team
Twitter post by RistBs.
https://twitter.com/RistBs/status/1654181601775874048#Red-team
Introducing ReSocks - a tool for SOCKS proxy redirection.
https://blog.redteam-pentesting.de/2023/introducing-resocks/#Red-team
Security risks associated with Google's .ZIP top-level domain.
https://medium.com/@bobbyrsec/the-dangers-of-googles-zip-tld-5e1e675e59a5#Red-team
GitHub repository for UnhookingPatch by TheD1rkMtr.
https://github.com/TheD1rkMtr/UnhookingPatch#Red-team
Curated list of awesome EDR bypass resources.
https://github.com/tkmru/awesome-edr-bypass#Red-team
Harnessing the power of Cobalt Strike profiles for EDR evasion.
https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/#Red-team
Comparing direct syscalls and indirect syscalls.
https://redops.at/en/blog/direct-syscalls-vs-indirect-syscalls#Red-team
GitHub repository for RemotePatcher by Hagrid29.
https://github.com/Hagrid29/RemotePatcher#Red-team
GitHub repository for LethalHTA by codewhitesec.
https://github.com/codewhitesec/LethalHTA#Red-team
Using VSTO Office files for phishing - the new macro nightmare.
https://medium.com/@airlockdigital/make-phishing-great-again-vsto-office-files-are-the-new-macro-nightmare-e09fcadef010#Red-team
GitHub repository for LockScream by BlacksunLabs.
https://github.com/BlacksunLabs/LockScream#Red-team
Introduction to malware analysis and evasion techniques.
https://otterhacker.github.io/Malware/Introduction/0%20-%20Introduction.html#Red-team
Guide on building a red team infrastructure in 2023.
https://www.securesystems.de/blog/building-a-red-team-infrastructure-in-2023/#Red-team
Tips for setting up red team infrastructure.
https://notes.huskyhacks.dev/blog/red-team-infrastructure-done-right#Red-team
La Hack: Process injection without the standard WIN32API.
https://github.com/OtterHacker/Conferences/blob/main/La%20Hack%20-%20Process%20Injection%20Without%20the%20standard%20WIN32API.pdf#Red-team
Comprehensive guide to red teaming techniques and tools.
https://redteam.guide/#Red-team
GitHub repository for VX-API by vxunderground.
https://github.com/vxunderground/VX-API#Red-team
GitHub repository for HellShell by NUL0x4C.
https://github.com/NUL0x4C/HellShell#Red-team
Blog post about Cat, Mouse, or Chess.
https://s3cur3th1ssh1t.github.io/Cat_Mouse_or_Chess/#Red-team
Malware evasion tricks and techniques.
https://cocomelonc.github.io/malware/2023/07/07/malware-tricks-34.html#Red-team
Exploring Windows event log monitoring.
https://jsecurity101.medium.com/uncovering-windows-events-b4b9db7eac54#Red-team
Analysis of design issues in modern EDRs and bypass techniques.
https://www.binarly.io/posts/Design_issues_of_modern_EDRs_bypassing_ETW-based_solutions/index.html#Red-team
GitHub repository for Build a Phish by ralphte.
https://github.com/ralphte/build_a_phish#Red-team
GitHub repository for Red Team Tips by 6vr.
https://github.com/6vr/Red-Team-Tips#Red-team
Clustering Microsoft Office macros.
https://github.com/InQuest/microsoft-office-macro-clustering/blob/60392f1f8181d43dee4848e755f0043a29f7189f/macros/214795ce10ff25f038d347cb43c2f495fc025d2a3c66a45fe57708459ddca332.macro#Red-team
Techniques for evading antivirus detection.
https://redfoxsecurity.medium.com/antivirus-evasion-26a30f072f76#Red-team
GitHub repository for Evasion Practice by cinzinga.
https://github.com/cinzinga/Evasion-Practice#Red-team
GitHub repository for Hookbot Source by 0xperator.
https://github.com/0xperator/hookbot_source#Red-team
GitHub repository for HardHatC2 by DragoQCC.
https://github.com/DragoQCC/HardHatC2#Red-team
Phishing techniques using hooks.
https://research.aurainfosec.io/pentest/hook-line-and-phishlet/#Red-team
GitHub repository for OSEP Breaking Chains by gh0x0st.
https://github.com/gh0x0st/OSEP-Breaking-Chains#Red-team
Introduction to CSSHide tool.
https://inbits-sec.com/posts/new-tool-csshide/#Red-team
GitHub repository for s6_pcie_microblaze by Cr4sh.
https://github.com/Cr4sh/s6_pcie_microblaze#Red-team
Using Okta for red teaming activities.
https://www.trustedsec.com/blog/okta-for-red-teamers/#Red-team
GitHub repository for Aggressor Scripts by harleyQu1nn.
https://github.com/harleyQu1nn/AggressorScripts#Red-team
GitHub repository for Reflective Ntdll by reveng007.
https://github.com/reveng007/ReflectiveNtdll#Red-team
GitHub repository for Red Tips by vysecurity.
https://github.com/vysecurity/RedTips#Red-team
Token impersonation with WTS API.
https://www.linkedin.com/posts/omri-baso_wts-api-wastelandremote-token-impersonation-activity-7110245080971554816-fuPq?utm_source=share&utm_medium=member_android#Red-team
Techniques for in-memory unhooking.
https://inbits-sec.com/posts/in-memory-unhooking/#Red-team
Red teaming notes and techniques.
https://dmcxblue.gitbook.io/red-team-notes-2-0/#Red-team
GitHub repository for AlternativeShellcodeExec by aahmad097.
https://github.com/aahmad097/AlternativeShellcodeExec#Red-team
Debating the effectiveness of Cobalt Strike.
https://blog.xpnsec.com/how-to-argue-like-cobalt-strike/#Red-team
Investigating EDR internal communication.
https://sensepost.com/blog/2023/filter-mute-operation-investigating-edr-internal-communication/#Red-team
Introduction to EDR concepts.
https://blog.maikxchd.com/endpoint-detection-and-response-for-dummies#Red-team
GitHub repository for CheekyBlinder by br-sn.
https://github.com/br-sn/CheekyBlinder#Red-team
Analysis of EDR Sandblast and GodFault.
https://github.com/gabriellandau/EDRSandblast-GodFault#Red-team
Using the Exception Directory for resolving system service numbers.
https://www.mdsec.co.uk/2022/04/resolving-system-service-numbers-using-the-exception-directory/#Red-team
GitHub repository for HellsGate by am0nsec.
https://github.com/am0nsec/HellsGate#Red-team
Evasion technique using NoSysWhisper.
https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/#Red-team
GitHub repository for Recycled Injector by florylsk.
https://github.com/florylsk/RecycledInjector#Red-team
GitHub repository for HandleKatz by codewhitesec.
https://github.com/codewhitesec/handlekatz#Red-team
GitHub repository for TartarusGate by trickster0.
https://github.com/trickster0/TartarusGate#Red-team
Backdooring ClickOnce.NET for initial access.
https://infosecwriteups.com/backdooring-clickonce-net-for-initial-access-a-practical-example-1eb6863c0579#Red-team
GitHub repository for Handle Grant Access by FiYHer.
https://github.com/FiYHer/handle_grant_access#Red-team
Materials from DEFCON-31 Syscalls Workshop.
https://github.com/VirtualAlllocEx/DEFCON-31-Syscalls-Workshop#Red-team
GitHub repository for pyMalleableC2 by byt3bl33d3r.
https://github.com/byt3bl33d3r/pyMalleableC2#Red-team
Revisiting LNK phishing in 2023.
https://assume-breach.medium.com/home-grown-red-team-lnk-phishing-revisited-in-2023-364daf70a06a#Red-team
Techniques for bypassing Windows SmartScreen.
https://www.gironsec.com/blog/2020/12/bypassing-windows-smartscreen/#Red-team
Using ClickOnce for trusted code execution.
https://posts.specterops.io/less-smartscreen-more-caffeine-ab-using-clickonce-for-trusted-code-execution-1446ea8051c5#Red-team
GitHub repository for BOF Template by Cobalt-Strike.
https://github.com/Cobalt-Strike/bof_template#Red-team
GitHub repository for InjectOpi by peperunas.
https://github.com/peperunas/injectopi#Red-team
GitHub repository for SharpDllProxy by Flangvik.
https://github.com/Flangvik/SharpDllProxy#Red-team
Exploring the Brute Ratel C4 tool.
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/#Red-team
Creating an ISO payload for testing.
https://blog.sunggwanchoi.com/recreating-an-iso-payload-for-fun-and-no-profit/#Red-team
GitHub repository for DotNetToJScript by tyranid.
https://github.com/tyranid/DotNetToJScript#Red-team
GitHub repository for Entropy Reducer by Maldev-Academy.
https://github.com/Maldev-Academy/EntropyReducer#Red-team
Finding LOLBins in AV uninstallers.
https://nasbench.medium.com/lolbined-finding-lolbins-in-av-uninstallers-bf29427d3cd8#Red-team
Investigating ClickOnce droppers.
https://www.bordergate.co.uk/clickonce-droppers/#Red-team
Whaaaat animated GIF.
https://media.discordapp.net/attachments/374638047649595412/1107593968725786644/whaaaat.gif#Red-team
Using one-click techniques for compromise.
https://blog.redxorblue.com/2020/07/one-click-to-compromise-fun-with.html#Red-team
GitHub repository for CatMyPhish by Mr-Un1k0d3r.
https://github.com/Mr-Un1k0d3r/CatMyPhish#Red-team
Using ClickOnce for attacks.
https://www.netspi.com/blog/technical/adversary-simulation/all-you-need-is-one-a-clickonce-love-story/#Red-team
GitHub repository for Malicious ClickOnce Generator by Mr-Un1k0d3r.
https://github.com/Mr-Un1k0d3r/MaliciousClickOnceGenerator#Red-team
GitHub repository for Ninjasploit by FSecureLABS.
https://github.com/FSecureLABS/Ninjasploit#Red-team
Analysis of packed binaries.
https://dplastico.github.io/sin%20categor%C3%ADa/2022/04/21/packed-binaries.html#Red-team
Introduction to a new packing method for reflective PE.
https://pentest.blog/introducing-new-packing-method-first-reflective-pe-packer/#Red-team
Series on making an executable packer.
https://fasterthanli.me/series/making-our-own-executable-packer#Red-team
GitHub repository for Awesome Red Team Cheatsheet by RistBS.
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet/blob/master/Miscs/Malware%20Development.md#Red-team
Revisiting LNK phishing in 2023.
https://assume-breach.medium.com/home-grown-red-team-lnk-phishing-in-2023-revisited-again-2b8c885b9836#Red-team
GitHub repository for PPLFault by gabriellandau.
https://github.com/gabriellandau/PPLFault#Red-team
Tutorial on writing a PE packer.
https://wirediver.com/tutorial-writing-a-pe-packer-intro/#Red-team
Are you ready to run? R2R stomp.
https://research.checkpoint.com/2023/r2r-stomping-are-you-ready-to-run/#Red-team
Security implications of vulnerable drivers.
https://www.elastic.co/security-labs/forget-vulnerable-drivers-admin-is-all-you-need#Red-team
GitHub repository for Offensive C by Reijaff.
https://github.com/Reijaff/offensive_c#Red-team
Malware development and tactics, techniques, and procedures.
https://chrollo-dll.gitbook.io/chrollo/security-blogs/malware-development-and-ttps#Red-team
Primer on evasion concepts.
https://7h3w4lk3rs-organization.gitbook.io/the-hive/malware-development/evasion-concepts-primer#Red-team
GitHub repository for Malware Projects by 0xBinarySl3uth.
https://github.com/0xBinarySl3uth/Malware-Projects#Red-team
Detecting hypervisors using SystemHypervisorDetailInformation.
https://medium.com/@matterpreter/hypervisor-detection-with-systemhypervisordetailinformation-26e44a57f80e#Red-team
GitHub repository for Red Team Code Snippets by 0xTriboulet.
https://github.com/0xTriboulet/Red_Team_Code_Snippets#Red-team
Exploring DLL notification injection.
https://shorsec.io/blog/dll-notification-injection/#Red-team
GitHub repository for Shellcode Template by Cracked5pider.
https://github.com/Cracked5pider/ShellcodeTemplate#Red-team
Presentation slides on various security topics.
https://drive.google.com/file/d/1cP3eVLrPsBS8RQWmSsnzgudpiqwcVoyf/view#Red-team
Exploring Heaven's Gate technique on Linux.
https://redcanary.com/blog/heavens-gate-technique-on-linux/#Red-team
GitHub repository for Learning EDR and EDR Evasion by reveng007.
https://github.com/reveng007/Learning-EDR-and-EDR_Evasion#Red-team
GitHub repository for ClickonceHunter by zyn3rgy.
https://github.com/zyn3rgy/ClickonceHunter#Red-team
Exploring DLL sideloading.
https://crypt0ace.github.io/posts/DLL-Sideloading/#Red-team
GitHub repository for NovaLdr by BlackSnufkin.
https://github.com/BlackSnufkin/NovaLdr#Red-team
Exploring the use of EDR telemetry for offensive research.
https://atos.net/en/lp/securitydive/using-edr-telemetry-for-offensive-research#Red-team
Workshop materials on advanced process injection techniques.
https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop#Red-team
Strategies and tactics for aggressive phishing campaigns.
https://medium.com/@fakasler/phishing-with-dynamite-7d33d8fac038#Red-team
Techniques for creating and deploying custom staged payloads with Metasploit.
https://medium.com/@nickswink7/red-teaming-tactics-unlocking-the-power-of-custom-staged-payloads-w-metasploit-d3db71567572#Red-team
Exploring the combination of indirect dynamic syscalls and API hashing.
https://labs.cognisys.group/posts/Combining-Indirect-Dynamic-Syscalls-and-API-Hashing/#Red-team
Exploring advanced offensive security techniques.
https://theevilbit.github.io/beyond/#Red-team
Methods for bypassing macOS TCC restrictions using iCloud.
https://wojciechregula.blog/post/bypass-tcc-via-icloud/#Red-team
Advanced techniques for attacking EDR solutions - Part 3.
https://riccardoancarani.github.io/2023-11-07-attacking-an-edr-part-3/#Red-team
Techniques and strategies for Red Teams using Build Your Own Recon (BYOR) approach.
https://blogs.pivotsec.in/red-teams-byor-technique/#Red-team
Tools and resources for offensive security research in Go programming language.
https://github.com/Enelg52/OffensiveGo#Red-team
Exploring Command and Control (C2) frameworks and their code.
https://badoption.eu/blog/2023/01/31/code_c2.html#Red-team
Strategies and techniques for attacking EDR solutions - Part 1.
https://her0ness.github.io/2023-08-03-c2-Attacking-an-EDR-Part-1/#Red-team
Tools and techniques for injecting DoublePulsar into usermode.
https://github.com/WithSecureLabs/doublepulsar-usermode-injector#Red-team
Exploring the best EDR solutions available on the market.
https://xacone.github.io/BestEdrOfTheMarket.html#Red-team
Exploring cross-platform Command and Control (C2) frameworks.
https://github.com/gloxec/CrossC2#Red-team
Insights and research from Objective-See on macOS security.
https://objective-see.org/blog/blog_0x4F.html#Red-team
Insights and research from Objective-See on macOS security.
https://objective-see.org/blog/blog_0x64.html#Red-team
Insights into Advanced Persistent Threat (APT) activity on macOS.
https://themittenmac.com/what-does-apt-activity-look-like-on-macos/#Red-team
Techniques and strategies for bypassing macOS Gatekeeper security.
https://redcanary.com/threat-detection-report/techniques/gatekeeper-bypass/#Red-team
Research and insights into vulnerabilities in macOS Gatekeeper.
https://archive.org/details/Gatekeeper_Exposed#Red-team
Insights and research from Objective-See on macOS security.
https://objective-see.org/blog/blog_0x49.html#Red-team
Techniques for bypassing macOS Transparency, Consent, and Control (TCC) with old apps.
https://wojciechregula.blog/post/macos-red-teaming-bypass-tcc-with-old-apps/#Red-team
Exploiting CVE-2023-26818 to bypass macOS TCC using Dylib Injection with Telegram.
https://www.vicarius.io/vsociety/posts/cve-2023-26818-macos-tcc-bypass-with-telegram-using-dylib-injection-part1#Red-team
Techniques and methods for Dylib Hijacking on macOS.
http://lockboxx.blogspot.com/2019/10/macos-red-teaming-211-dylib-hijacking.html?m=1#Red-team
Understanding and exploiting Dylib Hijacking vulnerabilities on OS X.
https://www.virusbulletin.com/virusbulletin/2015/03/dylib-hijacking-os-x#Red-team
The EmPyre project for post-exploitation on Windows and Linux systems.
https://github.com/EmpireProject/EmPyre#Red-team
A tool to scan for Dylib Hijacking vulnerabilities on macOS.
https://github.com/objective-see/DylibHijackScanner#Red-team
Exploiting CVE-2023-32407 to bypass macOS TCC restrictions (Lateralus technique).
https://gergelykalman.com/lateralus-CVE-2023-32407-a-macos-tcc-bypass.html#Red-team
Exploiting CVE-2023-32422 to bypass macOS TCC restrictions (SQLol technique).
https://gergelykalman.com/sqlol-CVE-2023-32422-a-macos-tcc-bypass.html#Red-team
Tools and techniques for process injection and evasion.
https://github.com/SafeBreach-Labs/PoolParty#Red-team
Introduction to evading Endpoint Detection and Response (EDR) systems.
https://kylemistele.medium.com/a-beginners-guide-to-edr-evasion-b98cc076eb9a#Red-team
Exploring new process injection techniques with PoolParty.
https://thehackernews.com/2023/12/new-poolparty-process-injection.html#Red-team
Techniques for injecting code using Windows Thread Pools.
https://www.safebreach.com/blog/process-injection-using-windows-thread-pools#Red-team
Tools and techniques for GhostDriver automation.
https://github.com/BlackSnufkin/GhostDriver#Red-team
Techniques for injecting code using ClickOnce AppDomain Manager.
https://github.com/weaselsec/ClickOnce-AppDomain-Manager-Injection#Red-team
Building phishing infrastructures for cyber operations.
https://badoption.eu/blog/2023/12/03/PhishingInfra.html#Red-team
Tools and techniques for manipulating system interactions.
https://github.com/souzomain/Shaco#Red-team
Exploring the Mortar Loader for cyber operations.
https://kpmg.com/nl/en/home/insights/2023/12/mortar-loader.html#Red-team
Tools and techniques for interacting with system processes.
https://github.com/Idov31/Nidhogg#Red-team
Exploring heap encryption techniques in .NET.
https://github.com/lap1nou/CLR_Heap_encryption#Red-team
Understanding DCOM (Distributed Component Object Model) in Visual Studio.
https://adepts.of0x.cc/visual-studio-dcom/#Red-team
Tools and techniques for exploring browsers remotely.
https://github.com/muraenateam/necrobrowser#Red-team
Exploring techniques for searching phone numbers.
https://phonesearch.gofyeo.com/#Red-team
Strategies for creating an opsec-safe loader for Red Team operations.
https://labs.nettitude.com/blog/creating-an-opsec-safe-loader-for-red-team-operations/#Red-team
Exploring next-generation malwares with ByteViper.
https://ghost-pepper.gitbook.io/byte-viper/next-gen-malwares/byteviper#Red-team
Understanding the Croc in the Middle attack.
https://hackmag.com/security/croc-in-the-middle/#Red-team
Tools and techniques for achieving invisibility in cyber operations.
https://github.com/h4wkst3r/InvisibilityCloak#Red-team
Approaches to detection and mitigation in the Purple Team methodology.
https://trustedsec.com/blog/detection-alchemy-the-purple-team-way#Red-team
Insights and research from Objective-See on macOS security.
https://objective-see.org/blog/blog_0x77.html#Red-team
Creating and deploying malicious Pluggable Authentication Modules (PAMs) for cyber operations.
https://rosesecurityresearch.com/crafting-malicious-pluggable-authentication-modules-for-persistence-privilege-escalation-and-lateral-movement#Red-team
In-depth analysis of the Bitwarden Heist cyber incident.
https://blog.redteam-pentesting.de/2024/bitwarden-heist/#Red-team
Exploring the concept of bringing your own interpreter for Red Team operations.
https://synzack.github.io/Bring-Your-Own-Interpreter/#Red-team
Tools and techniques for silencing Endpoint Detection and Response (EDR) systems.
https://github.com/netero1010/EDRSilencer#Red-team
Strategies and techniques for phishing attacks targeting Microsoft Teams.
https://pushsecurity.com/blog/phishing-microsoft-teams-for-initial-access/#Red-team
Collection of Red Team presentations and talks.
https://github.com/outflanknl/Presentations#Red-team
Tools and techniques for using XLL-DROPPER.
https://github.com/EvilGreys/XLL-DROPPER-#Red-team
Techniques for enhancing detection using fake DLLs, guard pages, and Virtual Exception Handlers (VEh).
https://redops.at/en/blog/leveraging-fake-dlls-guard-pages-and-veh-for-enhanced-detection#Red-team
GraphStrike tool for Red Teaming operations.
https://github.com/RedSiege/GraphStrike#Red-team
Insights from the developers of GraphStrike.
https://redsiege.com/blog/2024/01/graphstrike-developer/#Red-team
Techniques for weaponizing JavaScript in Red Team operations.
https://trustedsec.com/blog/js-tap-weaponizing-javascript-for-red-teams#Red-team
Automation techniques for C2 infrastructure using Terraform, Nebula, Caddy, and Cobalt Strike.
https://blog.malicious.group/automating-c2-infrastructure-with-terraform-nebula-caddy-and-cobalt-strike/#Red-team
Automation techniques for C2 infrastructure using Terraform, Nebula, Caddy, and Cobalt Strike.
https://blog.malicious.group/automating-c2-infrastructure-with-terraform-nebula-caddy-and-cobalt-strike/#Red-team
LinkedIn post discussing obtaining an unhooked copy.
https://www.linkedin.com/posts/malwaretech_a-super-easy-way-to-get-an-unhooked-copy-activity-7160688970530488320-YPKh?utm_source=share&utm_medium=member_android#Red-team
Techniques and tools for Active Directory enumeration in Red Team operations.
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/#Red-team
Automation tool for spear phishing campaigns.
https://sensepost.com/blog/2024/mail-in-the-middle-a-tool-to-automate-spear-phishing-campaigns/#Red-team
Techniques for achieving persistence in Linux Red Team operations.
https://www.linode.com/docs/guides/linux-red-team-persistence-techniques/#Red-team
Understanding and executing code injection techniques on macOS.
https://knight.sc/malware/2019/03/15/code-injection-on-macos.html#Red-team
Exploring macOS X security features and vulnerabilities.
https://0xf00sec.github.io/2024/03/09/MacOs-X.html#Red-team
Twitter post discussing cybersecurity and hacking.
https://twitter.com/JustasMasiulis/status/1764171634469122165#Red-team
LinkedIn post discussing Red Team cybersecurity.
https://www.linkedin.com/posts/joas-antonio-dos-santos_hacking-redteam-cybersecurity-activity-7176185758909644801-WxFE?utm_source=share&utm_medium=member_ios#Red-team
Collection of Red Team scripts and tools.
https://github.com/api0cradle/RedTeamScripts#Red-team
Tools and techniques for WiFi penetration testing.
https://wifipumpkin3.github.io/#Red-team
Offensive Security Exploitation Professional (OSEP) resources.
https://github.com/In3x0rabl3/OSEP/tree/main#Red-team
Exploring SigFlip evasion techniques and bypassing Authenticode.
https://github.com/med0x2e/SigFlip#Red-team
Rio Asmara's blog post on SigFlip evasion.
https://rioasmara.com/2023/04/09/sigflip-evasion-bypass-authenticode/#Red-team
Tools and techniques for utilizing LOLDrivers.
https://github.com/yardenshafir/LOLDrivers#Red-team
Conférence SSTIC 2017 sur la désobfuscation binaire et la reconstruction de fonctions.
https://www.youtube.com/watch?v=C_Pece5mJto#Reverse
Livestream sur le reverse engineering d'une protection basée sur une machine virtuelle.
https://www.youtube.com/watch?v=nKhX0Pk3a5A#Reverse
Webinaire de l'ESD academy sur les techniques avancées de hacking.
https://www.youtube.com/watch?v=BEsPHK-XGEA#Reverse
Livestream sur Nanomites dans le contexte du hacking.
https://www.youtube.com/watch?v=XEX_RNVHcgY#Reverse
Chaîne YouTube de LaurieWired avec diverses vidéos sur la sécurité informatique.
https://www.youtube.com/@lauriewired/videos#Reverse
Réunion de juillet du DCG937 sur le reverse engineering C# et la modification de jeux Unity3D.
https://www.youtube.com/watch?v=nTZRhG6-yW8#Reverse
Conférence sur la Symbolic Execution par Jannis Kirschner.
https://www.youtube.com/watch?v=gudLFiK0x5I#Reverse
Conférence HITB2021AMS sur la rencontre entre le framework Qiling et la Symbolic Execution.
https://www.youtube.com/watch?v=8omtif6CnnY#Reverse
Guide sur la reconnaissance des chaînes chiffrées en macro dans les malwares.
https://www.youtube.com/watch?v=fEAGYjhKzJY#Reverse
Chaîne YouTube de DuMp-GuY TrIcKsTeR avec diverses vidéos sur la sécurité informatique.
https://www.youtube.com/@DuMpGuYTrIcKsTeR/featured#Reverse
Conférence sur l'aide au reverse engineering avec LLVM, par Lionel Auroux lors de la LSE Week 2013.
https://www.youtube.com/watch?v=NYMgCnJE9rY#Reverse
Vidéo sur l'utilisation de bruteratel framework pour les payloads.
https://www.youtube.com/watch?v=4UBFcJ6Ap7c&start=862#Reverse
Guide sur le débogage de code x64 optimisé.
https://www.youtube.com/watch?v=MUNRvqpske0#Reverse
Guide sur le processus de reverse engineering et d'exploitation de vulnérabilités complexes.
https://www.youtube.com/watch?v=7ySes8NCt78#Reverse
Tutoriel sur le décodage des opcodes, partie 2.
https://www.youtube.com/watch?v=vldAvlsLHrU#Reverse
Conférence HackSecuReims 2020 sur l'anatomie et la méthodologie des réponses à incident.
https://www.youtube.com/watch?v=MTSE_ktGuOc#Reverse
Guide sur le reverse engineering des défis Flare-On 2023.
https://www.youtube.com/watch?v=wpHMVMkcvpI#Reverse
Tutoriel sur le décodage des opcodes, partie 1.
https://www.youtube.com/watch?v=0GcrWchPleU#Reverse
Cours complet d'analyse de malwares en plus de 5 heures.
https://www.youtube.com/watch?v=qA0YcYMRWyI#Reverse
Guide sur l'utilisation de Frida pour le hooking sur Android.
https://www.youtube.com/watch?v=GWgr0xk8DTM#Reverse
Chaîne YouTube de Invoke RE avec diverses vidéos sur le reverse engineering.
https://www.youtube.com/@InvokeReversing/videos#Reverse
Chaîne YouTube de OALabs avec diverses vidéos sur le reverse engineering et l'analyse de malwares.
https://www.youtube.com/c/OALabs/videos#Reverse
Guide sur le reverse engineering de WannaCry, partie 1.
https://www.youtube.com/watch?v=Sv8yu12y5zM#Reverse
Guide pour débutants sur le reverse engineering d'un crash sur Ubuntu 22.04.
https://www.youtube.com/watch?v=_o1NyYQLec0#Reverse
Techniques pour améliorer l'exécution symbolique avec Angr.
https://www.youtube.com/watch?v=4yPmdJj18to#Reverse
Guide sur le reverse engineering des malwares utilisés par APT 29 pour des attaques de phishing.
https://www.youtube.com/watch?v=a7W6rhkpVSM#Reverse
Chaîne YouTube de HACKADAY avec diverses vidéos sur la sécurité informatique.
https://www.youtube.com/@hackaday/playlists#Reverse
Chaîne YouTube de cazz avec diverses vidéos sur la sécurité informatique.
https://www.youtube.com/@cazz/#Reverse
Guide sur l'auto-apprentissage du reverse engineering en 2022.
https://www.youtube.com/watch?v=gPsYkV7-yJk#Reverse
Tutoriel sur le reverse engineering et le patching de jeux, en haute résolution.
https://www.youtube.com/watch?v=cwBoUuy4nGc#Reverse
Introduction au reverse engineering sur Linux.
https://www.youtube.com/watch?v=TUtQcezMDUU#Reverse
Conférence sur l'instrumentation dynamique de binaires avec l'outil Frida, enregistrée le 14 juin 2016.
https://www.youtube.com/watch?v=CnwhZDcubqo#Reverse
Cours HackadayU sur le reverse engineering avec Ghidra, classe 2.
https://www.youtube.com/watch?v=uyWVztMHWtk#Reverse
GitHub repository for Sytrace, a tool for tracing system calls.
https://github.com/hexabeast/Sytrace#Reverse
Blog on reversing techniques and resources.
https://0xinfection.github.io/reversing/#Reverse
GitHub repository for pe_tree, a Python module for parsing PE files.
https://github.com/blackberry/pe_tree#Reverse
GitHub repository listing reversing challenges.
https://github.com/N4NU/Reversing-Challenges-List#Reverse
GitHub repository for dissection, tools for disassembling binaries.
https://github.com/mewmew/dissection#Reverse
Stack Overflow question on retrieving hints from PE file import by name struct.
https://stackoverflow.com/questions/41581363/how-we-can-get-hint-in-image-import-by-name-struct-in-pe-file#Reverse
GitHub repository for pics, various binaries and related tools.
https://github.com/corkami/pics#Reverse
Website for Pwn Adventure, a game for hacking challenges.
https://www.pwnadventure.com/#Reverse
Series of articles on applied reverse engineering.
https://revers.engineering/applied-reverse-engineering-series/#Reverse
Begin.re, a platform for reverse engineering tutorials and challenges.
https://www.begin.re/#Reverse
Triplefault.io, blog and resources for reverse engineering.
https://www.triplefault.io/#Reverse
GitHub repository for various reverse engineering resources.
https://github.com/mytechnotalent/Reverse-Engineering#Reverse
PDF file on ELF 101, introduction to ELF binaries.
https://github.com/corkami/pics/blob/master/binary/elf101/elf101.pdf#Reverse
GitHub repository for corkami pics, various binary resources.
https://github.com/corkami/pics/tree/master/binary#Reverse
Presentation on advanced binary analysis.
https://gosecure.github.io/presentations/2020-05-15-advanced-binary-analysis/#Reverse
Article on understanding and analyzing ELF binaries on Linux.
https://linux-audit.com/elf-binaries-on-linux-understanding-and-analysis/#Reverse
Articles by Michele Bolen on Linux ELF binaries.
https://linux-audit.com/author/mboelen/#Reverse
GitHub repository for reverse engineering resources.
https://github.com/wtsxDev/reverse-engineering#Reverse
GitHub repository for hashdb, a tool for hash database management.
https://github.com/OALabs/hashdb#Reverse
GitHub repository for pyinstxtractor, a tool for extracting Python executables.
https://github.com/extremecoders-re/pyinstxtractor#Reverse
Article on Windows internals focusing on PE files.
https://0xrick.github.io/win-internals/pe5/#Reverse
GitHub repository for Hacking Windows, tools and resources.
https://github.com/mytechnotalent/Hacking-Windows#Reverse
Notion page on le_stagiaire.
https://datamix.notion.site/le_stagiaire-2f1ae5211f004f34b4b37e8a4b8aacd6#Reverse
Notion page on Not_that_hard.
https://datamix.notion.site/Not_that_hard-6aeba9b11fe64be98889af46bbee2e85#Reverse
GitHub repository for Qiling Framework, an advanced emulation framework.
https://github.com/qilingframework/qiling#Reverse
GitHub repository for jadx, a decompiler for Android APK files.
https://github.com/skylot/jadx#Reverse
Google Project Zero deep dive into NSO zero-click vulnerabilities.
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html#Reverse
Article on how to write a CrackMe for CTF competitions.
https://www.pelock.com/articles/how-to-write-a-crackme-for-a-ctf-competition#Reverse
Article on Nanomites malware analysis on Linux.
https://malwareandstuff.com/nanomites-on-linux/#Reverse
Article on bypassing ptrace and ld preload.
https://nuculabs.dev/2020/01/02/bypassing-ptrace-ld-preload/#Reverse
Article on Dofus and reverse engineering.
https://blog.jaichange.fr/dofus-et-le-reverse-engineering/#Reverse
Article on Moqhao malware analysis.
https://www.xanhacks.xyz/p/moqhao-malware-analysis/#Reverse
Article on defeating Nanomites malware.
https://prog0.re/posts/htb/indefinite-defeating-nanomites/#Reverse
Article on analyzing Golang executables.
https://www.pnfsoftware.com/blog/analyzing-golang-executables/#Reverse
GitHub repository for PE Bear, a PE file analysis tool.
https://github.com/hasherezade/pe-bear#Reverse
Article on hunting for malicious PowerShell scripts.
https://www.splunk.com/en_us/blog/security/hunting-for-malicious-powershell-using-script-block-logging.html#Reverse
GitHub repository for Leddx, a tool for analyzing Linux executables.
https://github.com/Lexterl33t/Leddx#Reverse
GitHub repository for Capa, an IDA Pro plugin.
https://github.com/mandiant/capa/tree/master/capa/ida/plugin#Reverse
GitHub repository for hashdb IDA, a hash database plugin for IDA Pro.
https://github.com/OALabs/hashdb-ida#Reverse
Blog post on reversing AES crypto functions.
https://www.goggleheadedhacker.com/blog/post/reversing-crypto-functions-aes#Reverse
Writeup for FCSC 2022 challenge hyper-packer.
https://ctf.0xff.re/2022/fcsc_2022/hyper-packer#Reverse
Compiler Explorer, an interactive compiler exploration tool.
https://godbolt.org/#Reverse
Stack Overflow question on BIOS ROM mapping.
https://stackoverflow.com/questions/7804724/how-is-the-bios-rom-mapped-into-address-space-on-pc#Reverse
Article on Smokeloader malware analysis.
https://n1ght-w0lf.github.io/malware%20analysis/smokeloader/#Reverse
Article on Gootkit malware analysis.
https://connect.ed-diamond.com/MISC/misc-100/analyse-du-malware-bancaire-gootkit-et-de-ses-mecanismes-de-protection#Reverse
Article on Kasada JavaScript VM obfuscation.
https://opcodes.fr/publications/2021-08/kasada-javascript-vm-obfuscation-reverse-part1#Reverse
Article series on malware analysis.
https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/#Reverse
Tweet by Inversecos.
https://twitter.com/inversecos/status/1597469492065447941?t=f878mW5pOOvxHppudNt0Sw&s=19#Reverse
GitHub repository for GDS decompressor.
https://github.com/bruvzg/gdsdecomp#Reverse
GitHub repository for Bashfuscator, a Bash obfuscator.
https://github.com/Bashfuscator/Bashfuscator#Reverse
Writeup for inctf Jazz challenge.
http://aassfxxx.infos.st/write-up-inctf-jazz.html#Reverse
Article on Nanomites malware analysis on Linux.
https://malwareandstuff.com/nanomites-on-linux/#Reverse
Blog post on symbolic execution for Nanomites malware.
https://doar-e.github.io/blog/2014/10/11/taiming-a-wild-nanomite-protected-mips-binary-with-symbolic-execution-no-such-crackme/#Reverse
Article on debug blocker for Linux applications using Nanomites.
https://www.codeproject.com/Articles/621236/Nanomite-and-Debug-Blocker-for-Linux-Applications#Reverse
Blog post on unscrambling Lua code.
https://vovohelo.medium.com/unscrambling-lua-7bccb3d5660#Reverse
Blog post on using Angr to defeat code obfuscation.
https://napongizero.github.io/blog/Defeating-Code-Obfuscation-with-Angr#Reverse
GitHub repository for AngryGhidra, Ghidra scripts and plugins.
https://github.com/Nalen98/AngryGhidra#Reverse
GitHub repository for AngryIDA, IDA Pro scripts and plugins.
https://github.com/Brandon-Everhart/AngryIDA#Reverse
GitHub repository with Angr examples.
https://github.com/angr/angr-doc/tree/master/examples#Reverse
GitHub repository for luadec 5.1, a Lua 5.1 decompiler.
https://github.com/sztupy/luadec51#Reverse
SourceForge page for Unluac, a Lua decompiler.
https://sourceforge.net/projects/unluac/files/#Reverse
Article on debugging ARM binaries under x86 Linux.
https://0x90909090.blogspot.com/2014/01/how-to-debug-arm-binary-under-x86-linux.html#Reverse
Article on bypassing anti-debug techniques.
https://www.orangecyberdefense.com/fr/insights/blog/reponse-a-incident/bypass-des-anti-debugs-de-neurevt#Reverse
Website for JEB Community Edition, an interactive disassembly tool.
https://www.pnfsoftware.com/jeb/community-edition#Reverse
GitHub repository for KoiVM, a virtualization tool for .NET.
https://github.com/Loksie/KoiVM-Virtualization#Reverse
GitHub repository for Venturi77 Call Hijacker.
https://github.com/AxDSan/Venturi77CallHijacker#Reverse
Article on easily reversing .NET applications.
https://vozec.fr/articles/comment-reverse-du-.net-facilement/#Reverse
GitHub repository for ExtremeDumper, a memory dumping tool.
https://github.com/wwh1004/ExtremeDumper#Reverse
.NET Deobfuscator, open-source library for .NET deobfuscation.
https://opensourcelibs.com/lib/.net-deobfuscator#Reverse
Writeup for inctf Jazz challenge.
http://aassfxxx.infos.st/write-up-inctf-jazz.html#Reverse
Writeup for Rustytheclown challenge.
https://vozec.fr/writeups/rustytheclown-lehack2022/#Reverse
Writeup for SecLounge CTF 2020 challenges.
https://cujo.com/first-seclounge-ctf-2020-re-and-misc-challenges/#Reverse
Notes on Backdoor 2017 No Calm 350 challenge.
https://vishnudevtj.github.io/notes/backdoor-2017-no-calm-350#Reverse
Blog post on reversing F4B challenge.
https://blog.tetrane.com/2016/11/reversing-f4b-challenge-part1.html#Reverse
Triton Library, resources for Triton binary analysis framework.
https://triton-library.github.io/#Reverse
GitHub repository for pydumpck, a Python library for dumping process memory.
https://github.com/serfend/pydumpck#Reverse
Blog post on automating solving anti-debug binaries with Angr.
https://cothan.blog/post/automate-solving-anti-debug-binary-with-angr/#Reverse
Blog post series on Angr introduction.
https://blog.notso.pro/2019-03-25-angr-introduction-part1/#Reverse
Blog post on unpacking challenges.
https://kernemporium.github.io/posts/unpacking/#Reverse
GitHub repository for Godot Unpacker, a tool for unpacking Godot Engine games.
https://github.com/tehskai/godot-unpacker#Reverse
GitHub repository for PinCTF, a Capture The Flag platform.
https://github.com/ChrisTheCoolHut/PinCTF#Reverse
GitHub repository for arm_now, a Docker image for emulating ARM systems.
https://github.com/nongiach/arm_now#Reverse
Blog post on reversing basics, Ground Zero Part 1.
https://0xdarkvortex.dev/ground-zero-part-1-reverse-engineering-basics/#Reverse
Template for Angr CTF challenges.
https://www.ctfnote.com/reverse/angr/template#Reverse
Binary Research, articles and tools for binary analysis.
https://binaryresearch.github.io/#Reverse
GitHub repository for Unfork, a tool for analyzing GitHub forks.
https://github.com/whitequark/unfork#Reverse
Blog post on Windows PE internals.
https://dev.to/wireless90/exploring-the-export-table-windows-pe-internals-4l47#Reverse
Blog post on Flare-on 7 challenge break.
https://explained.re/posts/flare-on-7-break/#Reverse
GitHub repository for radare2-r2pipe, a radare2 scripting library.
https://github.com/radareorg/radare2-r2pipe#Reverse
GitHub repository for DP701, a tool for analyzing 701 assembly code.
https://github.com/pr701/dp701#Reverse
Blog post on understanding GLIBC malloc.
https://sploitfun.wordpress.com/2015/02/10/understanding-glibc-malloc/#Reverse
Blog post on syscalls used by GLIBC malloc.
https://sploitfun.wordpress.com/2015/02/11/syscalls-used-by-malloc/#Reverse
Image illustrating heap internals.
https://tyeyeah.github.io/imghost/hei/heap.png#Reverse
Blog post on symbolic execution and Angr.
https://tyeyeah.github.io/2020/03/05/2020-03-05-Learn-Symbolic-Execution-and-angr/#Reverse
GitHub repository for ReBeacon Source.
https://github.com/WBGlIl/ReBeacon_Src#Reverse
Sample Nanomites malware from Abuse.ch.
https://bazaar.abuse.ch/sample/90ba5aebd28cb029273ecea4d256e43c38e0e8a5cc7790b4c972ac3c07d9ac5c/#Reverse
Demonstrations of JavaScript Abstract Syntax Trees with JointJS.
http://jointjs.com/demos/javascript-ast#Reverse
Article on SegmentFault about reverse engineering.
https://segmentfault.com/a/1190000041765775/en#Reverse
GitHub repository for the Babel Handbook in French.
https://github.com/jamiebuilds/babel-handbook/blob/master/translations/fr/README.md#Reverse
Writeup for PwnMeCTF 2022 challenge.
https://njord.re/blog/pwnmectf2022_wu/#Reverse
Article on hunting for Timer Queue timers.
https://labs.withsecure.com/publications/hunting-for-timer-queue-timers#Reverse
GitHub repository for TickTock, a tool for timer-based attacks.
https://github.com/WithSecureLabs/TickTock#Reverse
Blog post on reverse engineering integrity checks in Black Ops 3.
https://momo5502.com/posts/2022-11-17-reverse-engineering-integrity-checks-in-black-ops-3/#Reverse
GitHub repository for boiii, a tool for analyzing Black Ops 3.
https://github.com/momo5502/boiii/#Reverse
Blog post on TokyoWesterns 2019 challenges.
https://blog.h25.io/TokyoWesterns-2019/#Reverse
GitHub repository for Manticore, a symbolic execution tool.
https://github.com/trailofbits/manticore#Reverse
Article on differential fault analysis on white box AES implementations.
https://blog.quarkslab.com/differential-fault-analysis-on-white-box-aes-implementations.html#Reverse
Tweet by 0xor0ne.
https://twitter.com/0xor0ne/status/1619025003151855632?s=20&t=Pj8-oAhEZcAHMGXrXjCLag#Reverse
Article on cryptography in white box implementations.
https://connect.ed-diamond.com/MISC/mischs-005/cryptographie-en-boite-blanche-cacher-des-cles-dans-du-logiciel#Reverse
Wiki page for UnKnoWnCheaTs Game Hacking.
https://www.unknowncheats.me/wiki/UnKnoWnCheaTs_Game_Hacking_Wiki#Reverse
Blog post on reversing basics, Ground Zero Part 1.
https://0xdarkvortex.dev/ground-zero-part-1-reverse-engineering-basics/#Reverse
Template for Angr CTF challenges.
https://www.ctfnote.com/reverse/angr/template#Reverse
Binary Research, articles and tools for binary analysis.
https://binaryresearch.github.io/#Reverse
GitHub repository for Unfork, a tool for analyzing GitHub forks.
https://github.com/whitequark/unfork#Reverse
Blog post on Windows PE internals.
https://dev.to/wireless90/exploring-the-export-table-windows-pe-internals-4l47#Reverse
Blog post on Flare-on 7 challenge break.
https://explained.re/posts/flare-on-7-break/#Reverse
GitHub repository for radare2 r2pipe
https://github.com/radareorg/radare2-r2pipe#Reverse
Tweet by Lxt33r about reverse engineering
https://twitter.com/lxt33r/status/1609896059677061120#Reverse
Blog post about hacking Google Home devices
https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html#Reverse
Writeup for Star 2022 reverse engineering challenge
https://github.com/0x14mth3n1ght/Writeup/tree/master/Star2022/Reverse#Reverse
GitHub repository for IDA Pro library auto flags
https://github.com/0xMirasio/IDALibcAutoFlags#Reverse
Blog post discussing JavaScript antidebugging techniques
https://x-c3ll.github.io/posts/javascript-antidebugging/#Reverse
Introduction to Unicorn Engine
https://sudonull.com/post/7857-First-steps-with-Unicorn-Engine#Reverse
Tutorial on using Unicorn Engine
https://eternal.red/2018/unicorn-engine-tutorial/#Reverse
Introduction to reverse engineering from CTF Wiki
https://ctf-wiki.mahaloz.re/reverse/introduction/#Reverse
Decrypting BazarLoader strings using Unicorn Engine
https://medium.com/walmartglobaltech/decrypting-bazarloader-strings-with-a-unicorn-15d2585272a9#Reverse
Reversing embedded device bootloader U-Boot (Part 1)
https://www.shielder.com/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.1/#Reverse
Reversing embedded device bootloader U-Boot (Part 2)
https://www.shielder.com/blog/2022/03/reversing-embedded-device-bootloader-u-boot-p.2/#Reverse
Hunting for bugs in Telegram's animated stickers remote attack surface
https://www.shielder.com/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/#Reverse
Document on reverse engineering and tampering from OWASP MASTG
https://github.com/OWASP/owasp-mastg/blob/master/Document/0x06c-Reverse-Engineering-and-Tampering.md#Reverse
Reverse engineering virtual machine protected binaries
https://resources.infosecinstitute.com/topic/reverse-engineering-virtual-machine-protected-binaries/#Reverse
Document on game hacking in PDF format
https://www.docdroid.net/rtoAc2n/game-hacking-pdf#Reverse
Article on hacking Unity Mono games
https://oniithecat.github.io/articles/unity-mono-game-hacking/#Reverse
Post about RISC-V bytes with QEMU GDB
https://danielmangum.com/posts/risc-v-bytes-qemu-gdb/#Reverse
Issue #1078 in Triton repository
https://github.com/JonathanSalwan/Triton/issues/1078#Reverse
GitHub repository for Reverse Engineering Basics
https://github.com/w3th4nds/Reverse_Engineering#Reverse
Tweet by birchb0y about reverse engineering
https://twitter.com/birchb0y/status/1644812374740815881?s=46#Reverse
GitHub repository for Awesome Malware Analysis
https://github.com/rshipp/awesome-malware-analysis#Reverse
Thesis on Bulldozer
https://github.com/ceres-c/bulldozer/blob/master/thesis.pdf#Reverse
Course on MIT OCW: Fundamentals of Program Analysis
https://ocw.mit.edu/courses/6-820-fundamentals-of-program-analysis-fall-2015/#Reverse
Video on Twitch about reverse engineering
https://www.twitch.tv/videos/1716069219#Reverse
InsomniHack 2023 InsoBug writeup
https://itm4n.github.io/insomnihack-2023-insobug/#Reverse
Blog post on dynamic shellcode analysis
https://miasm.re/blog/2016/02/12/dynamic_shellcode_analysis.html#Reverse
Writeup for FCSC 2021 challenge
https://github.com/loulous24/FCSC/blob/master/FCSC2021/WU_vmv.md#Reverse
Analyzing ELF binaries with malformed headers - Part 3
https://binaryresearch.github.io/2020/01/15/Analyzing-ELF-Binaries-with-Malformed-Headers-Part-3-Solving-A-Corrupted-Keygenme.html#Reverse
CTF writeup for Hola Amigo
https://ctf.0xff.re/2023/fcsc-2023/hola-amigo#Reverse
GitHub repository for GDB Dashboard
https://github.com/cyrus-and/gdb-dashboard#Reverse
GitHub repository for UPX Recovery Tool
https://github.com/NozomiNetworks/upx-recovery-tool#Reverse
GitHub repository for UXN Disassembler
https://github.com/Liorst4/uxn-disassembler#Reverse
GitHub repository for Win Reverse
https://github.com/wtsxDev/reverse-engineering#Reverse
Article on Starlink hacking
https://radioactive.blog/2023/06/23/starlink_hacking/#Reverse
Tutorial on how to reverse engineer a Unity game
https://www.kodeco.com/36285673-how-to-reverse-engineer-a-unity-game#Reverse
GitHub repository for Unity Game Hacking
https://github.com/imadr/Unity-game-hacking#Reverse
GitHub repository for libRetroReversing
https://github.com/RetroReversing/libRetroReversing#Reverse
Blog post on reverse engineering online games
https://0xbaadf00dsec.blogspot.com/2016/01/reverse-engineering-online-games.html#Reverse
GitHub repository for Android Boot Image Editor
https://github.com/cfig/Android_boot_image_editor#Reverse
Blog post on Konami Arcade DRM
https://mon.im/2017/12/konami-arcade-drm.html#Reverse
Writeups for Business CTF License Generator
https://github.com/Lexterl33t/wu-htb-buisness-ctf-license-generator#Reverse
Re-Writeups for JustCTF 2020
https://blog.efiens.com/post/midas/justctf2020-re-writeups/#Reverse
Tool for loading and manipulating binaries in IDA Pro for Nintendo Switch
https://github.com/pgarba/switchidaproloader#Reverse
Comprehensive toolkit for various reverse engineering tasks
https://github.com/geeksniper/reverse-engineering-toolkit#Reverse
Utility to unpack and analyze software obfuscated with ConfuserEx
https://github.com/hackovh/ConfuserEx-Unpacker-2#Reverse
DIE is a cross-platform utility for exploring and analyzing executables
https://github.com/horsicq/DIE-engine#Reverse
Framework and tools for automated reverse engineering tasks
https://github.com/buzzer-re/Shinigami#Reverse
Project repository for D810, focusing on embedded systems security and analysis
https://gitlab.com/eshard/d810#Reverse
Tool to reverse-engineer and defeat protections applied by NET Reactor
https://github.com/SychicBoy/NETReactorSlayer#Reverse
Lighthouse is a dynamic analysis tool for identifying vulnerabilities in software binaries
https://github.com/gaasedelen/lighthouse#Reverse
Coverage-guided analysis tool for binaries, developed by ForAllSecure
https://github.com/ForAllSecure/bncov#Reverse
Publicly shared folder containing various tools and resources for reverse engineering
https://mega.nz/folder/Pe5WwRJT#Reverse
Courses and training materials on reverse engineering and exploitation techniques
https://courses.zero2auto.com/#Reverse
Techniques and workflows for reversing control flow flattening in binaries using Binary Ninja
https://www.lodsb.com/removing-control-flow-flattening-with-binary-ninja#Reverse
Tweet discussing latest advancements in reverse engineering
https://twitter.com/mr_phrazer/status/1686648031880630272#Reverse
Tool for injecting code into Electron applications for analysis and testing
https://github.com/tintinweb/electron-inject#Reverse
Documentation for Windows LDR data table entry structure
https://ntdoc.m417z.com/ldr_data_table_entry32#Reverse
Collection of utilities and scripts to assist in reversing Rust binaries
https://github.com/cha5126568/rust-reversing-helper#Reverse
Practical guide and recipes for using LLVM in compiler construction and analysis
https://github.com/hiro-9999/book-2/blob/master/LLVM%20Cookbook.pdf#Reverse
Tool to convert LLVM IR (Intermediate Representation) to C code
https://github.com/staticafi/llvm2c#Reverse
Write-up and resources for SEKAICTF 2023 Security CTF competition
https://fazect.github.io/sekaictf2023-sfc/#Reverse
Tools and utilities for analyzing and reversing binaries
https://github.com/janisslsm/goomba77#Reverse
Insights and techniques for reverse engineering Microsoft technologies
https://www.msreverseengineering.com/#Reverse
Tool for mapping and understanding binary structures and behaviors
https://github.com/nccgroup/Cartographer#Reverse
Analysis and research on the Lockbit ransomware variant
https://chuongdong.com/reverse%20engineering/2022/03/19/LockbitRansomware/#Reverse
Tools and techniques for detecting and analyzing code obfuscation
https://github.com/mrphrazer/obfuscation_detection#Reverse
Personal blog discussing various topics including reverse engineering
https://dimitrifourny.github.io/#Reverse
Community-driven modding platform for Unity games
https://github.com/LavaGang/MelonLoader#Reverse
Tool for exploring and understanding Unity game internals
https://github.com/sinai-dev/UnityExplorer#Reverse
Tool for binary comparison and differential analysis
https://github.com/google/bindiff#Reverse
Viewer for BinDiff results integrated with Binary Ninja
https://github.com/PistonMiner/binaryninja-bindiff-viewer#Reverse
Tools and methodologies for auditing and analyzing binary code
https://github.com/LordNoteworthy/binary-auditing-solutions#Reverse
Research and analysis on silent SMS localization techniques
https://mandomat.github.io/2023-09-21-localization-with-silent-SMS/#Reverse
Updates and enhancements in Binary Ninja version 3.5
https://binary.ninja/2023/09/15/3.5-expanded-universe.html#Reverse
Rust library for code generation and analysis
https://docs.rs/goldberg/latest/goldberg/#Reverse
Techniques and tools for obfuscating Rust binaries with LLVM
https://vrls.ws/posts/2023/06/obfuscating-rust-binaries-using-llvm-obfuscator-ollvm/#Reverse
In-depth analysis of a custom malware packing technique
https://vulnerablelife.wordpress.com/2017/07/02/deep-dive-into-a-custom-malware-packer/#Reverse
Analysis and insights into the WannaCry ransomware attack
https://chrollo-dll.gitbook.io/chrollo/security-blogs/malware-analysis-and-re/wannacry-ransomware#Reverse
Tool for analyzing and understanding executable binaries
https://github.com/ThunderCls/xAnalyzer#Reverse
Decompiler for analyzing binary code and generating structured source code
https://github.com/x64dbg/snowman#Reverse
Insights and visualizations into the Go language Garbage Collector
https://www.aadhav.me/posts/visualizing-the-go-gc#Reverse
Disassembler and debugger for the Chip-8 virtual machine
https://github.com/Lexterl33t/chip8dasm#Reverse
Blog covering various topics including reverse engineering and security research
https://blog.thalium.re/#Reverse
Extensions and plugins for enhancing Ghidra capabilities
https://github.com/StarCrossPortal/ghidracraft#Reverse
Guide on fixing branch obfuscation in binaries using Binary Ninja
https://www.lodsb.com/binary-ninja-workflows-fixing-branch-obfuscation?ref=twitter-share#Reverse
Ghidra plugin for embedding Rickroll payloads
https://github.com/nneonneo/ghidra-rickroll#Reverse
Tools and utilities for reverse engineering silicon chips
https://github.com/below/HelloSilicon#Reverse
Analysis and techniques for reversing Apple FairPlay DRM obfuscation
https://nicolo.dev/en/blog/fairplay-apple-obfuscation/#Reverse
Introduction and usage of SMT solvers in software reverse engineering
https://de-engineer.github.io/SMT-Solvers/#Reverse
Guide and resources for beginners in malware reverse engineering
https://intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/#Reverse
Next-generation debugger for analyzing and debugging binaries
https://github.com/HyperDbg/HyperDbg#Reverse
Analysis of the latest Lockbit ransomware variant
https://www.trendmicro.com/en_us/research/22/g/lockbit-ransomware-group-augments-its-latest-variant--lockbit-3-.html#Reverse
Tool to disable debugging and analysis capabilities in binaries
https://github.com/0xor0ne/debugoff#Reverse
Guide on reversing macOS malware with practical examples
https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/#Reverse
New project focused on developing a fuzzer for security testing
https://h0mbre.github.io/New_Fuzzer_Project/#Reverse
Collection of macOS malware samples and analysis tools
https://github.com/objective-see/Malware#Reverse
Analysis of IPStorm malware written in Golang targeting Windows
https://maldbg.com/ipstorm-golang-malware-windows#Reverse
Analysis of SysJoker malware in the context of Israel-Hamas cyber conflict
https://research.checkpoint.com/2023/israel-hamas-war-spotlight-shaking-the-rust-off-sysjoker/#Reverse
Plugin for IDA Pro integrating Bing search capabilities
https://github.com/p1ay8y3ar/idaBingGPTPlugin#Reverse
Technical walkthrough on achieving remote code execution via Steam Remote Play
https://blog.thalium.re/posts/achieving-remote-code-execution-in-steam-remote-play/#Reverse
Tool for extracting Unity Il2Cpp binaries for analysis
https://github.com/Perfare/Il2CppDumper#Reverse
Challenges and solutions from 0ctf-tctf-2023 CTF competition
https://github.com/Septyem/My-Public-CTF-Challenges/tree/master/0ctf-tctf-2023/how2compile#Reverse
Research and tools for analyzing and understanding firmware
https://github.com/synacktiv/frinet#Reverse
Introduction to obfuscation techniques and tools
https://blog.es3n1n.eu/posts/obfuscator-pt-1/#Reverse
Presentation on breaking DRM protection in Polish trains
https://media.ccc.de/v/37c3-12142-breaking_drm_in_polish_trains#Reverse
Tool for decompiling and executing Java bytecode
https://github.com/LaurieWired/JADXecute#Reverse
Curated list of resources and tools for reverse engineering
https://github.com/HACKE-RC/awesome-reversing#Reverse
In-depth analysis of Rust binaries feature by feature
https://research.checkpoint.com/2023/rust-binary-analysis-feature-by-feature/#Reverse
Historical overview of Digital Equipment Corporation (DEC)
https://mahaloz.re/dec-history-pt1#Reverse
Continuation of the historical overview of Digital Equipment Corporation (DEC)
https://mahaloz.re/dec-history-pt2#Reverse
Comparison and analysis of reversing techniques for Rust and C binaries
https://lockpin010.medium.com/comparative-analysis-reversing-rust-and-c-binaries-aa9e4b472539#Reverse
Debugger and analysis tool for RAD games
https://github.com/EpicGames/raddebugger#Reverse
Analysis and reverse engineering of a North Korean simulation game
https://digitalnk.com/blog/2019/04/21/reverse-engineering-a-north-korean-sim-city-game/#Reverse
Project to port North Korean dictionaries using Rust
https://digitalnk.com/blog/2020/05/08/porting-north-korean-dictionaries-with-rust/#Reverse
Analysis of Convuster adware targeting macOS, written in Rust
https://securelist.com/convuster-macos-adware-in-rust/101258/#Reverse
Online tool for deobfuscating and analyzing obfuscated code
https://deobfuscate.relative.im/#Reverse
Post discussing various security topics on InfoSec Exchange
https://infosec.exchange/@cxiao/111812315841787228#Reverse
Analysis of KrustyLoader malware linked to Ivanti ConnectSecure compromises
https://www.synacktiv.com/publications/krustyloader-rust-malware-linked-to-ivanti-connectsecure-compromises#Reverse
Analysis and techniques for reverse engineering Cobalt Strike binaries
https://binary.ninja/2022/07/22/reverse-engineering-cobalt-strike.html#Reverse
Insights and resources related to Rust programming language
https://www.eventhelix.com/rust/#Reverse
Information and analysis of PEiD tool for detecting packers, cryptors, and compilers
https://www.aldeid.com/wiki/PEiD#Reverse
Analysis of techniques used by hackers to evade antivirus software using PaaS
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/paas-or-how-hackers-evade-antivirus-software/#Reverse
Libraries used by RedLineStealer2020 malware
https://github.com/rootpencariilmu/Redlinestealer2020/tree/main/Libraries#Reverse
Tutorial and techniques for handling format arguments in programming
https://blog.m-ou.se/format-args/#Reverse
Analysis of panic metadata in Rust binaries
https://cxiao.net/posts/2023-12-08-rust-reversing-panic-metadata/#Reverse
Explanation and analysis of binary type inference techniques in Ghidra
https://blog.trailofbits.com/2024/02/07/binary-type-inference-in-ghidra/#Reverse
Patreon page for Kemono.su community
https://kemono.su/patreon/user/61490802#Reverse
Exploration of guarded regions in reverse engineering
https://reversing.info/posts/guardedregions/#Reverse
Blog covering various security and reverse engineering topics
https://embracethered.com/blog/#Reverse
Guide on learning Binary Ninja for reverse engineering purposes
https://console-cowboys.blogspot.com/2024/01/learning-binary-ninja-for-reverse.html#Reverse
Guide on reverse RPC and its lazy implementation
https://sabotagesec.com/the-lazy-guide-to-reverse-rpc/#Reverse
Tool for integrating various reverse engineering tools and techniques
https://github.com/dnakov/r2d2?s=09#Reverse
Helper tool for managing type layouts in Rust with Binary Ninja
https://github.com/cxiao/rust_type_layout_helper_bn#Reverse
LinkedIn post discussing Binary Ninja 4.0 and Dorsai
https://www.linkedin.com/posts/joshstroschein_binary-ninja-40-dorsai-activity-7168734979315757058-4l2Y?utm_source=share&utm_medium=member_ios#Reverse
Blog covering various aspects of reverse engineering and security
https://whereisr0da.github.io/blog/posts#Reverse
Extensions and tools for enhancing Ghidra capabilities
https://github.com/Nalen98/AngryGhidra#Reverse
Tool for obfuscating binaries using O-MVLL technique
https://github.com/open-obfuscator/o-mvll/tree/main?tab=readme-ov-file#Reverse
Resources and tools for iOS reverse engineering
https://github.com/kpwn/iOSRE/tree/master#Reverse
Guide on reverse engineering iOS applications
https://github.com/iosre/iOSAppReverseEngineering/blob/master/iOSAppReverseEngineering.pdf#Reverse
Analysis and techniques for evading debuggers in malware
https://anti-debug.checkpoint.com/#Reverse
Analysis and techniques for evading security and analysis tools
https://evasions.checkpoint.com/#Reverse
Analysis and exploitation of HEVD (HackSys Extreme Vulnerable Driver)
https://mdanilor.github.io/posts/hevd-0/#Reverse
Techniques and practices for securing images in software
https://connormcgarr.github.io/secure-images/#Reverse
Presentation on attacking Active Directory Federation Services (AD FS)
https://www.youtube.com/watch?v=5dj4vOqqGZw#Windows
Exploration of COM (Component Object Model) in Windows systems
https://www.youtube.com/watch?v=dfMuzAZRGm4#Windows
Discussion on LDAP and Kerberos attacks against Active Directory
https://www.youtube.com/watch?v=2Xfd962QfPs#Windows
Presentation on calling Windows APIs and its implications
https://www.youtube.com/watch?v=EsPcKkESYPA#Windows
Minimal rights and ACE (Access Control Entries) in Active Directory
https://www.youtube.com/watch?v=M7Z5h6reGc4#Windows
Discovery and analysis of a zero-day vulnerability in MS-RPC service
https://www.youtube.com/watch?v=rrfI6dXMJQQ#Windows
Story behind a significant discovery or achievement related to Windows security
https://www.youtube.com/watch?v=UIreUeVrczM#Windows
Techniques for importing and analyzing executable code segments in Windows
https://www.youtube.com/watch?v=FaqAT_57O64#Windows
Deep dive into Windows internals focusing on process management
https://www.youtube.com/watch?v=4AkzIbmI3q4#Windows
Methods for tracing memory allocations in Windows using various APIs
https://www.youtube.com/watch?v=MPnsPlDJbhI#Windows
Strategies and techniques for penetration testing Active Directory
https://youtube.com/playlist?list=PLziMzyAZFGMf8rGjtpV6gYbx5hozUNeSZ#Windows
Experience sharing and lessons learned from Active Directory attacks
https://www.youtube.com/watch?v=KRWT7Kep2lE#Windows
Understanding Kerberos delegation in Windows environments
https://www.youtube.com/watch?v=xDFRUYv1-eU#Windows
Exploration of escalation paths to achieve domain admin privileges
https://www.youtube.com/watch?v=lxd2rerVsLo#Windows
Coverage of NorthSec 2023 conference focusing on Windows security
https://www.youtube.com/live/v5Qw_MVPwF0?feature=share#Windows
Fundamental concepts of Active Directory for Capture The Flag players
https://www.youtube.com/watch?v=g_l_vKYyb5E#Windows
Discussion on BloodHound and its use in adversary resilience strategies
https://www.youtube.com/watch?v=0r8FzbOg2YU#Windows
Tutorial on PowerShell techniques related to managing users and passwords in Active Directory
https://www.youtube.com/watch?v=66ZD1J-AR2c#Windows
Analysis and hunting techniques for forged Kerberos tickets in Windows environments
https://www.youtube.com/watch?v=IXtgMjJ706Y#Windows
Exploration from Windows drivers to Endpoint Detection and Response (EDR)
https://www.youtube.com/watch?v=yacpjV6kWpM#Windows
Methods for bypassing Microsoft Defender in on-premises environments
https://www.youtube.com/watch?v=bzLvOu1awKM#Windows
Tutorial on network enumeration using NMAP in Windows environments
https://www.youtube.com/watch?v=0o-3wcU3FNc#Windows
Discussion on credential coercion and relay attacks in Windows networks
https://www.youtube.com/watch?v=b0lLxLJKaRs#Windows
Guide on joining Linux machines to Active Directory using Ubuntu 20.04
https://www.youtube.com/watch?v=3TPgxpjgYsU#Windows
Exploration of system calls related to malware development on Windows
https://www.youtube.com/watch?v=-M2_mZg_2Ew#Windows
Introduction to understanding Kerberos delegation in Windows environments
https://www.youtube.com/watch?v=p9QFdITuvgU#Windows
Technical overview of PETITPOTAM vulnerability in Windows environments
https://www.youtube.com/watch?v=tgHBm83COZ4#Windows
Tutorial in French on monitoring Active Directory with LDAPmonitor
https://www.youtube.com/watch?v=JnxiB68aLqs#Windows
Guide on setting up PowerShell prompt with Oh My Posh on Windows 11
https://www.youtube.com/watch?v=5-aK2_WwrmM#Windows
Exploitation techniques for MSDT (Microsoft Support Diagnostic Tool) 0-day vulnerability
https://www.youtube.com/watch?v=dGCOhORNKRk#Windows
Techniques for bypassing Kerberos delegation limitations in Windows
https://www.youtube.com/watch?v=byykEId3FUs#Windows
Deep dive into Sysmon (System Monitor) internals in Windows environments
https://www.youtube.com/watch?v=x8ru9HQNeVg#Windows
Guide on joining an Active Directory domain
https://www.youtube.com/watch?v=19pNfFnBfI8#Windows
Special episode on cracking in Microsoft Azure cloud with Hashcat
https://www.youtube.com/watch?v=rXcgNrZ29Dc#Windows
Tutorial on parsing BloodHound data manually using JQ
https://www.youtube.com/watch?v=o3W4H0UfDmQ#Windows
Setting up server and workstation virtual environments for Active Directory
https://www.youtube.com/watch?v=pKtDQtsubio#Windows
Deep dive into understanding Component Object Model (COM) in Windows
https://www.youtube.com/watch?v=8tjrFm2K30Q&start=131#Windows
Course covering the basics of Active Directory
https://youtube.com/playlist?list=PLSuzYIVSEUT4VSB0m0NdiML2V0PDWQyAN#Windows
Crash course on Windows internals
https://www.youtube.com/watch?v=I_nJltUokE0#Windows
Playlist covering PowerShell techniques for penetration testers
https://youtube.com/playlist?list=PLziMzyAZFGMeDcGdkEDPfD1mgZ8HVJMJ0#Windows
Strategies for staying undetected using Windows container isolation
https://www.youtube.com/watch?v=Cm-zFx6hwzk#Windows
Techniques for bypassing BitLocker encryption on Windows
https://www.youtube.com/watch?v=wTl4vEednkQ#Windows
Story or tutorial on becoming a Domain Controller
https://www.youtube.com/watch?v=EcLSz2x4Q4c#Windows
Techniques for searching RPC functions to coerce authentications in Windows
https://www.youtube.com/watch?v=JWI_khgpyYM#Windows
Exploration of unexplored aspects of Active Directory ACLs
https://www.youtube.com/watch?v=z8thoG7gPd0#Windows
Presentation on attacking battle-hardened Windows systems
https://www.youtube.com/watch?v=6vOiHKDRhbM#Windows
Webinar on discovering, simulating, and detecting Cobalt Strike attacks
https://www.youtube.com/watch?v=AhKtJWcsc94#Windows
Discussion on compromising AD FS (Active Directory Federation Services) certificates
https://www.youtube.com/watch?v=MpCbICF76qQ#Windows
Introduction to ROADtools for exploring Azure Active Directory in Red Team engagements
https://www.youtube.com/watch?v=o5QDt30Pw_o#Windows
Playlist covering Windows local privilege escalation techniques
https://www.youtube.com/playlist?list=PLjG9EfEtwbvIrGFTx4XctK8IxkUJkAEqP#Windows
Exploration of TikiLateral techniques in Windows environments
https://www.youtube.com/watch?v=iR-eoN0qr1k#Windows
Guide on using Backup Operators in Windows environments
https://www.youtube.com/watch?v=YaDBUfCQXW4#Windows
Guide on setting up a virtual Windows Active Directory domain
https://www.youtube.com/watch?v=Bm3mihQNGI4#Windows
Getting started with Windows malware development
https://www.youtube.com/watch?v=L9SI-PZ8-j8#Windows
Abusing Microsoft SQL Server using SQLRecon tool
https://www.youtube.com/watch?v=LsYSePobFWA#Windows
Techniques pour contourner les limitations de la délégation Kerberos dans les environnements Windows
https://www.youtube.com/watch?v=7_iv_eaAFyQ#Windows
Playlist covering PowerShell techniques for penetration testers
https://www.youtube.com/playlist?list=PLJQHPJLj_SQatUsJy3O4k-VQlllquDmDr#Windows
Deep dive into Kerberos authentication in Windows environments
https://www.youtube.com/watch?v=5N242XcKAsM#Windows
Techniques pour hacker un ordinateur équipé d'un antivirus
https://www.youtube.com/watch?v=mug800lunGg&start=301#Windows
Strategies and techniques for attacking and defending Active Directory
https://youtube.com/playlist?list=PLziMzyAZFGMdVFAyW3MVTO0P9jMmVQkTB#Windows
Malware development techniques in C for executing shellcode using WinAPI
https://www.youtube.com/watch?v=6g8w1MSz9xA#Windows
SCCM (System Center Configuration Manager) and credential exploitation
https://www.youtube.com/watch?v=ibFQgsAMjwI#Windows
Recipes and techniques for cybersecurity professionals
https://www.thehacker.recipes/#Windows
Beta platform for cybersecurity resources and techniques
https://beta.hackndo.com/#Windows
Methodology and techniques for Active Directory exploitation
https://book.hacktricks.xyz/windows/active-directory-methodology#Windows
Methods and resources for Active Directory attacks
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md#Windows
Cheat sheet for Active Directory exploitation techniques
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet#Windows
Toolkit for red teaming operations
https://github.com/infosecn1nja/Red-Teaming-Toolkit#Windows
Methodology and techniques for Active Directory exploitation
https://book.hacktricks.xyz/windows/active-directory-methodology#Windows
Techniques and strategies for attacking Active Directory
https://zer1t0.gitlab.io/posts/attacking_ad/#Windows
Tools and resources for Active Directory security assessment
https://www.pingcastle.com/#Windows
Exploration and techniques related to S4U2Pwnage
https://www.harmj0y.net/blog/activedirectory/s4u2pwnage/#Windows
Techniques for manipulating Active Directory operations
https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html#Windows
Guide on writing Windows shellcode
https://idafchev.github.io/exploit/2017/09/26/writing_windows_shellcode.html#Windows
Introduction to Azure AD for Red Team operations
https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html#Windows
Notes and cheatsheet for Windows security
https://m0chan.github.io/2019/07/30/Windows-Notes-and-Cheatsheet.html#Windows
Analysis of the Zerologon vulnerability in Active Directory
https://www.silicon.fr/zerologon-faille-critique-active-directory-346780.html#Windows
Tool for managing Windows certificates
https://github.com/GhostPack/Certify#Windows
Abusing key trust account mapping for takeover
https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab#Windows
Cheat sheet for Active Directory exploitation
https://github.com/tiyeuse/Active-Directory-Cheatsheet/#Windows
Cheat sheet for Active Directory exploitation techniques
https://github.com/fuzz-security/Active-Directory-Exploitation-Cheat-Sheet#Windows
Exploration of ACL attack paths in Active Directory
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/#Windows
Overview of top vulnerabilities in Active Directory
https://www.infosecmatter.com/top-16-active-directory-vulnerabilities/#Windows
Techniques and strategies for penetration testing Active Directory
https://hausec.com/2019/03/12/penetration-testing-active-directory-part-ii/#Windows
Guide on attacking domain trusts in Active Directory environments
http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/#Windows
Exploitation techniques for DACL in Active Directory
http://theredwindows.net/index.php/2021/02/12/exploitation-dacl-en-active-directory/#Windows
Toolkit for abusing unconstrained delegation in Active Directory
https://dirkjanm.io/krbrelayx-unconstrained-delegation-abuse-toolkit/#Windows
Guide to NTLM relaying techniques in Windows environments
https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html#Windows
Techniques for attacking AD permissions using BloodHound
https://stealthbits.com/blog/attacking-active-directory-permissions-with-bloodhound/#Windows
Basic understanding and techniques for Active Directory
https://ruuand.github.io/Active_Directory/#Windows
Analysis and defense against MS14-068 exploitation
https://labs.f-secure.com/archive/digging-into-ms14-068-exploitation-and-defence/#Windows
Tweet discussing cybersecurity topics
https://twitter.com/podalirius_/status/1449735314013052931#Windows
Techniques for evading Endpoint Detection and Response with ScareCrow
https://adamsvoboda.net/evading-edr-with-scarecrow/#Windows
Techniques for decoding in-memory shellcode to evade Antivirus
https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/#Windows
Using Windows API unhooking for process injection against Bitdefender
https://shells.systems/defeat-bitdefender-total-security-using-windows-api-unhooking-to-perform-process-injection/#Windows
Techniques for parsing PE files and defeating hooking mechanisms
https://www.solomonsklash.io/pe-parsing-defeating-hooking.html#Windows
Analysis and usage of MimiDrv for privilege escalation
https://posts.specterops.io/mimidrv-in-depth-4d273d19e148#Windows
Understanding and usage of Herpaderping technique
https://jxy-s.github.io/herpaderping/#Windows
Tips and tricks for using Cobalt Strike effectively
https://github.com/cube0x0/SharpeningCobaltStrike#Windows
Techniques for Kerberos authentication relay
http://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html#Windows
Red teaming operations in Azure environments
https://github.com/rootsecdev/Azure-Red-Team#Windows
Techniques for post-exploitation in Windows environments
https://inf0sec.fr/article-18.php#Windows
Understanding and techniques for process hollowing
https://wiki-tech.io/S%C3%A9curit%C3%A9/Pentest/Process-Hollowing#Windows
Using vulnerable drivers to read LSASS with Mimikatz
https://gorkemkaradeniz.medium.com/defeating-runasppl-utilizing-vulnerable-drivers-to-read-lsass-with-mimikatz-28f4b50b1de5#Windows
Techniques for exploiting LSASS with RunAsPPL
https://itm4n.github.io/lsass-runasppl/#Windows
Collection of tools and techniques for Cobalt Strike
https://github.com/mgeeky/cobalt-arsenal#Windows
Walkthrough and techniques for HTB Hades machine
https://snovvcrash.rocks/2020/12/28/htb-hades.html#Windows
Collection of PowerShell scripts for offensive security
https://github.com/S3cur3Th1sSh1t/PowerSharpPack#Windows
Understanding and techniques for delegation in Windows systems
https://cheatsheet.haax.fr/windows-systems/privilege-escalation/delegations/#Windows
Comprehensive guide to offensive security with SharpAllTheThings
https://github.com/N7WEra/SharpAllTheThings/blob/master/README.md#Windows
Techniques for NTLM relaying via Cobalt Strike
https://rastamouse.me/ntlm-relaying-via-cobalt-strike/#Windows
Articles on cybersecurity and offensive security
https://posts.specterops.io/#Windows
Collection of offensive security tools in C#
https://github.com/Flangvik/SharpCollection#Windows
Tweet discussing cybersecurity topics
https://twitter.com/mpgn_x64/status/1453018750253424643#Windows
Manual techniques for post-exploitation file transfers on Windows
https://isroot.nl/2018/07/09/post-exploitation-file-transfers-on-windows-the-manual-way/#Windows
Exploiting Exchange for achieving domain admin privileges
https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/#Windows
Privilege escalation techniques using ACLs in Active Directory
https://blog.fox-it.com/2018/04/26/escalating-privileges-with-acls-in-active-directory/#Windows
Techniques for Active Directory enumeration using RPCClient
https://www.hackingarticles.in/active-directory-enumeration-rpcclient/#Windows
Comprehensive guide to lateral movement techniques
https://riccardoancarani.github.io/2019-10-04-lateral-movement-megaprimer/#Windows
Tool for discovering hidden paths in web applications
https://github.com/franc-pentest/ldeep#Windows
Overview of Active Directory forest security
https://web.archive.org/web/20210123100256/https://hackmag.com/security/ad-forest/#Windows
Overview of Command and Control techniques
https://0xrick.github.io/misc/c2/#Windows
Understanding the Kerberos key list attack
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers/#Windows
Tool for decrypting Outlook encrypted messages
https://www.errno.fr/OutlookDecrypt/OutlookDecrypt#Windows
Techniques for taking over installer files
https://github.com/klinix5/InstallerFileTakeOver#Windows
Techniques for bypassing Antivirus using direct system calls
https://pwnedcoffee.com/blog/red-team-tactics/bypassing-antivirus-using-direct-system-calls/#Windows
Countermeasures for internal hacking in Windows environments
https://download1583.mediafire.com/lt52e50w0bpg/vwtgg2og61xqdsr/Internal+Hacking+-+Contre+mesures+en+environnement+windows.pdf#Windows
Challenges and tutorials for Windows PowerShell scripting
https://underthewire.tech/#Windows
Toolkit for migrating data and settings between machines
https://github.com/0xthirteen/MoveKit#Windows
PowerShell script to bypass Proxy Auto-Configuration (PAC)
https://github.com/ricardojba/Invoke-noPac#Windows
Official user guide for Cobalt Strike
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/welcome_main.htm#Windows
Community-driven toolkit for Cobalt Strike users
https://cobalt-strike.github.io/community_kit/#Windows
Cheatsheet for Active Directory Certificate Services
https://hideandsec.sh/books/cheatsheets-82c/page/active-directory-certificate-services#Windows
Automated detection and response for threat hunting
https://github.com/Orange-Cyberdefense/GOAD#Windows
Guide to Windows privilege escalation techniques
https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a#Windows
Tool for auditing and security assessment in Active Directory
https://github.com/Zer1t0/cerbero#Windows
Tool for auditing and security assessment in Active Directory
https://github.com/Zer1t0/sepriv#Windows
Techniques for bypassing Credential Guard in Windows
https://teamhydra.blog/2020/08/25/bypassing-credential-guard/#Windows
Techniques for bypassing LSA Protection without Mimikatz on Windows 10
https://redcursor.com.au/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10/#Windows
Techniques for remote NTLM relaying using Meterpreter
https://diablohorn.com/2018/08/25/remote-ntlm-relaying-through-meterpreter-on-windows-port-445/#Windows
Techniques for remote NTLM relaying in Windows environments
https://blog.spookysec.net/remote-ntlm-relaying/#Windows
Privilege escalation techniques for Windows systems using Potatoes method
https://jlajara.gitlab.io/others/2020/11/22/Potatoes_Windows_Privesc.html#Windows
Video on Tenor platform
https://media.tenor.co/videos/68ae089b05b0bf14224a9a11ca41bf05/mp4#Windows
Tool for controlling Active Directory paths by ANSSI
https://github.com/ANSSI-FR/AD-control-paths#Windows
Cheatsheet for Active Directory penetration testing
https://www.hackingdream.net/2021/04/active-directory-penetration-testing-cheatsheet.html#Windows
Basic attack vectors for IPv6 in Active Directory environments
https://xedex.gitbook.io/internalpentest/internal-pentest/active-directory/initial-attack-vectors/ipv6-attacks/basic-attack#Windows
Cheatsheet for transferring files in Windows environments
https://infinitelogins.com/2020/09/04/windows-file-transfer-cheatsheet/#Windows
Notes on domain privilege escalation techniques
https://notes.offsec-journey.com/active-directory/domain-privilege-escalation#Windows
Exploitation techniques for Multi-Factor Authentication inconsistencies on Microsoft services
https://www.blackhillsinfosec.com/exploiting-mfa-inconsistencies-on-microsoft-services/#Windows
Documentation on Red Team Infrastructure
https://github.com/psychsecurity/Red-Team-Infrastructure/blob/master/README.md#Windows
Techniques for attacking domain controllers
https://medium.com/@hyphens443/attacking-domain-controllers-a45b9cb9651c#Windows
Guide for setting up a lab environment for Active Directory penetration testing
https://www.hackingarticles.in/active-directory-pentesting-lab-setup/#Windows
Steps to set up an Active Directory penetration testing lab
https://www.hebunilhanli.com/wonderland/ad-pentest/ad-pentest-lab-setup/#Windows
Guide on building and attacking an Active Directory lab using PowerShell
https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/#Windows
Active Directory kill chain attack and defense strategies
https://0x1.gitlab.io/pentesting/Active-Directory-Kill-Chain-Attack-and-Defense/#Windows
Guide on building an Active Directory lab environment
https://robertscocca.medium.com/building-an-active-directory-lab-82170dd73fb4#Windows
Guide on building a basic Active Directory lab
https://macrosec.tech/index.php/2021/07/19/building-a-basic-active-directory-lab/#Windows
Mind map for Active Directory penetration testing
https://www.linkedin.com/posts/ethical-hackers-academy_active-directory-pentesting-mind-map-activity-6888507705984724992-d05a#Windows
Article on certified pre-owned security assessments
https://posts.specterops.io/certified-pre-owned-d95910965cd2#Windows
Protocols NBT-NS LLMNR and Exploitation of Vulnerabilities
http://remivernier.com/index.php/2018/08/26/protocoles-nbt-ns-llmnr-et-exploitation-des-failles/#Windows
Cheat sheet for Cobalt-Strike operations
https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet#Windows
Cheat sheet for Active Directory operations
https://github.com/RistBS/Active-directory-Cheat-sheet#Windows
Binaries for Offensive Python Pipeline
https://github.com/Qazeer/OffensivePythonPipeline/tree/main/binaries#Windows
Detecting and compromising Azure environments
https://www.inversecos.com/2022/01/how-to-detect-and-compromise-azure.html#Windows
Useful LDAP queries for Windows Active Directory penetration testing
https://podalirius.net/en/articles/useful-ldap-queries-for-windows-active-directory-pentesting/#Windows
Cheat sheet for Beacon tool
https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993#Windows
Tampering with EDR techniques
https://www.infosec.tirol/master-of-puppets-part-ii-how-to-tamper-the-edr/#Windows
Red teaming exercises in Azure environments
https://github.com/rootsecdev/Azure-Red-Team#Windows
Unknown image from Discord
https://media.discordapp.net/attachments/932717525328859277/937028825529847838/unknown.png?ex=667af719&is=6679a599&hm=d0187aed8ed441faa956dce0cfedcec4e9caf3e4443e992b84b1e0e3d745b571&#Windows
Advanced pentesting of Windows Server AD and Office 365 environments
https://www.linkedin.com/posts/joas-antonio-dos-santos_windows-server-ad-and-o365-advanced-pentestpdf-activity-6893640499841114112-ChFm#Windows
Techniques for hooking Heaven's Gate
https://medium.com/@fsx30/hooking-heavens-gate-a-wow64-hooking-technique-5235e1aeed73#Windows
Analysis of the 0x33 segment selector Heaven's Gate
https://www.malwaretech.com/2014/02/the-0x33-segment-selector-heavens-gate.html#Windows
Heaven's Gate exploitation techniques
https://9b113d1a.blogspot.com/2017/06/heavens-gate-la-porte-du-ciel-ou-des.html?m=1#Windows
Video from Twitter platform
https://twitter.com/podalirius_/status/1490734021332160525#Windows
Review of the Red Team Operator Course
https://dmfrsecurity.com/2021/05/13/review-red-team-operator-malware-development-intermediate-course-by-sektor7-institute/#Windows
Code injection and process injection techniques
https://www.ired.team/offensive-security/code-injection-process-injection#Windows
Abusing Windows API techniques
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet/tree/master/Win%20API%20Abusing/Process%20Injection%20Techniques#Windows
Quick wins using Bloodhound
https://github.com/kaluche/bloodhound-quickwin#Windows
Direct syscalls using SysWhispers2
https://alice.climent-pommeret.red/posts/direct-syscalls-hells-halos-syswhispers2/#Windows
Video from Twitter platform
https://twitter.com/podalirius_/status/1495805393607483400#Windows
Techniques for removing kernel callbacks using signed drivers
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/#Windows
Disabling Windows Defender using Group Policy
https://www.prajwaldesai.com/turn-off-windows-defender-using-group-policy/#Windows
Techniques for extracting Windows credentials using native tools
https://www.bordergate.co.uk/extracting-windows-credentials-using-native-tools/#Windows
Hack The Box - Sauna walkthrough
https://web.archive.org/web/20200809052237/https://vulndev.io/ctf/2020/07/18/htb-sauna.html#Windows
Bypassing AMSI using PowerShell
https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell#Windows
Exploiting Windows using Potato techniques
https://hideandsec.sh/books/windows-sNL/page/in-the-potato-family-i-want-them-all#Windows
Chaining multiple techniques for domain takeover using RBCD
https://orangecyberdefense.com/global/blog/sensepost/chaining-multiple-techniques-and-tools-for-domain-takeover-using-rbcd/#Windows
Exploit PH article on Active Directory
https://exploit.ph/category/active-directory.html#Windows
Techniques for DLL hijacking
https://sh0ckfr.com/pages/martine-a-la-recherche-de-la-dll-hijacking-perdue/#Windows
Tool for exploring domain trust relationships
https://github.com/sixdub/DomainTrustExplorer#Windows
Strategies for divide and conquer in security
https://polarized-macaw-687.notion.site/Divide-and-Conquer-e4d13cb9a2f6485a89003e6a627f9b26#Windows
Simulator for Sysmon configurations
https://github.com/ScarredMonk/SysmonSimulator#Windows
Windows persistence techniques
https://research.splunk.com/stories/windows_persistence_techniques/#Windows
Resources for Windows exploitation
https://github.com/FULLSHADE/WindowsExploitationResources#Windows
Techniques for using Microsoft Teams for covering Cobalt Strike traffic
https://www.blackarrow.net/leveraging-microsoft-teams-to-persist-and-cover-up-cobalt-strike-traffic/#Windows
Kerberos attack techniques
https://pentestbook.six2dez.com/post-exploitation/windows/ad/kerberos-attacks#Windows
Cheat sheet for Windows Active Directory exploitation
https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/#Windows
Post from Twitter platform
https://twitter.com/_dirkjan/status/1306280553281449985#Windows
Lateral movement through remote services
https://www.hackingarticles.in/lateral-movement-remote-services-mitret1021/#Windows
Comprehensive guide on relaying
https://www.trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022/#Windows
Tool for automated Windows credential collection
https://github.com/SnaffCon/Snaffler#Windows
Tool for recovering passwords from KeePass databases
https://github.com/denandz/KeeFarce#Windows
Case study on Active Directory exploitation
https://blog.harmj0y.net/activedirectory/a-case-study-in-wagging-the-dog-computer-takeover/#Windows
Tool for executing commands on Windows systems
https://github.com/cube0x0/SharpMapExec#Windows
Guide on using the Protected Users group in Active Directory
https://www.it-connect.fr/active-directory-utilisez-le-groupe-protected-users-pour-les-admins/#Windows
Methods for bypassing AMSI
https://pentestlaboratories.com/2021/05/17/amsi-bypass-methods/#Windows
Blog by Worm1984
https://pentestlaboratories.com/author/worm1984/#Windows
Techniques for bypassing antivirus to run Mimikatz
https://www.blackhillsinfosec.com/bypass-anti-virus-run-mimikatz/#Windows
Blog by Sierra Szutz
https://www.blackhillsinfosec.com/author/sierra-szutz/#Windows
Techniques for bypassing AV using XML
https://kymb0.github.io/malwaredev-bypass-av-xml/#Windows
Offensive security toolkit in Golang
https://github.com/MrTuxx/OffensiveGolang#Windows
Write-up on BzhCTF event
https://tipi-hack.github.io/2022/04/01/bzhctf-bons-baisers-de-russie.html#Windows
Explanation of Active Directory deception techniques
https://cybertrap.com/en/blog/how-does-active-directory-deception-work/#Windows
Tool for dumping LDAP domain data
https://github.com/dirkjanm/ldapdomaindump#Windows
Techniques for evading antivirus detection
https://www.purpl3f0xsecur1ty.tech/2021/03/30/av_evasion.html#Windows
Techniques for relaying credentials with NTLMRelayx
https://blog.fox-it.com/2017/05/09/relaying-credentials-everywhere-with-ntlmrelayx/#Windows
Tool for exploiting Exchange privileges
https://github.com/dirkjanm/privexchange/#Windows
Security implications of SID filtering
https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-7-trust-account-attack-from-trusting-to-trusted#Windows
Guide on Windows privilege escalation
https://medium.com/r3d-buck3t/windows-privesc-with-sebackupprivilege-65d2cd1eb960#Windows
Exploitation and detection of Windows Backup Operator
https://systemweakness.com/expoiting-and-detecting-privilege-escalation-via-a-windows-backup-operator-attack-and-detection-a97e67644214#Windows
Guide on exploiting Windows Backup Operator for privilege escalation
https://systemweakness.com/expoiting-and-detecting-privilege-escalation-via-a-windows-backup-operator-attack-and-detection-a97e67644214#Windows
Techniques for using machine account passwords
https://secarma.com/using-machine-account-passwords-during-an-engagement/#Windows
Tool for dumping Active Directory connector data
https://github.com/fox-it/adconnectdump#Windows
Starkiller post-exploitation framework
https://github.com/BC-SECURITY/Starkiller#Windows
Techniques for bypassing AMSI manually
https://s3cur3th1ssh1t.github.io/Bypass_AMSI_by_manual_modification/#Windows
Introduction to Azure AD for Red Teamers
https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html#Windows
Tool for detecting and analyzing hollowed PE files
https://github.com/hasherezade/hollows_hunter#Windows
Guide on Responder LLMNR poisoning
https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/#Windows
Azure AD attack and defense strategies
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#Windows
Guide on bypassing AppLocker using CLM
https://seyptoo.github.io/clm-applocker/#Windows
Analysis and bypass techniques for Cortex XDR
https://mrd0x.com/cortex-xdr-analysis-and-bypass/#Windows
Bypassing PowerShell protections (AMS, CLM)
http://theredwindows.net/index.php/2021/05/16/contournement-des-protections-de-powershell-1-ep-amsi-clm/#Windows
Techniques for lateral movement using PSRemoting
https://klezvirus.github.io/RedTeaming/LateralMovement/LateralMovementPSRemoting/#Windows
Bypassing PowerShell Constrained Language Mode using Runspaces
https://www.secjuice.com/powershell-constrainted-language-mode-bypass-using-runspaces/#Windows
Tool for checking AppLocker bypass
https://sparcflow.github.io/GibsonBird/blob/master/chapter4/applocker-bypas-checker.ps1#Windows
Guide on building C2 implants in C++
https://shogunlab.gitbook.io/building-c2-implants-in-cpp-a-primer/#Windows
Guide on privilege escalation using SeBackupPrivilege
https://medium.com/r3d-buck3t/windows-privesc-with-sebackupprivilege-65d2cd1eb960#Windows
Guide on building a free Active Directory lab in Azure
https://kamran-bilgrami.medium.com/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f#Windows
Cheatsheet for using Azurehound Cypher
https://hausec.com/2020/11/23/azurehound-cypher-cheatsheet/#Windows
Details on CVE-2022-29072 vulnerability
https://github.com/kagancapar/CVE-2022-29072#Windows
Toolkit for Directory Services Internals
https://github.com/MichaelGrafnetter/DSInternals#Windows
Tweet from RastaMouse on Twitter
https://twitter.com/_RastaMouse/status/1516443366120210432#Windows
Tool for spraying credentials in Active Directory
https://github.com/outflanknl/Spray-AD#Windows
Details on Windows callbacks
http://web.archive.org/web/20200326040826/http://deniable.org/windows/windows-callbacks#Windows
Introduction to Kernel Exploitation Part 1
https://www.abatchy.com/2018/01/kernel-exploitation-2#Windows
Details on Windows 10 EPROCESS Structure
https://keramas.github.io/2020/06/21/Windows-10-2004-EPROCESS-Structure.html#Windows
Security implications of SID filtering
https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-7-trust-account-attack-from-trusting-to-trusted#Windows
Tool for exploiting Kerberos and Active Directory
https://github.com/davidprowe/BadBlood#Windows
Tool for offensive security operations
https://github.com/chryzsh/DarthSidious#Windows
Tool for automated lab deployment
https://github.com/AutomatedLab/AutomatedLab#Windows
Guide on building a virtual Active Directory lab
https://medium.com/@vartaisecurity/lab-building-guide-virtual-active-directory-5f0d0c8eb907#Windows
Guide on setting up Windows Domain Controller with Vagrant
https://github.com/rgl/windows-domain-controller-vagrant#Windows
Resources and tools related to BloodHound
https://github.com/chryzsh/awesome-bloodhound#Windows
Collection of resources for Windows security
https://github.com/chryzsh/awesome-windows-security#Windows
Techniques for improving speed and duration of operations
https://posts.specterops.io/move-faster-stay-longer-6b4efab9c644#Windows
Details on Certified Pre-Owned attacks
https://posts.specterops.io/certified-pre-owned-d95910965cd2#Windows
Details on Certified Pre-Owned attacks
https://posts.specterops.io/certified-pre-owned-d95910965cd2#Windows
Introduction to driver development
https://www.codeproject.com/articles/9504/driver-development-part-1-introduction-to-drivers#Windows
Details on CVE-2022-29072 vulnerability
https://github.com/kagancapar/CVE-2022-29072#Windows
Details on Windows Internals
https://0xrick.github.io/win-internals/pe1/#Windows
Techniques for bypassing injection detection
https://blog.redbluepurple.io/offensive-research/bypassing-injection-detection#Windows
Tool for remote operations in C#
https://github.com/trustedsec/CS-Remote-OPs-BOF#Windows
Guide on pentesting everything
https://viperone.gitbook.io/pentest-everything/everything/everything-active-directory#Windows
Tool for optimizing BloodHound
https://www.digitemis.com/rakound-notre-outil-pentest-pour-tirer-le-meilleur-de-bloodhound/#Windows
Techniques for capturing and relaying Net-NTLM hashes
https://infinitelogins.com/2020/11/16/capturing-relaying-net-ntlm-hashes-without-kali-linux-using-inveigh/#Windows
Tool for enumeration and exploitation of Active Directory
https://github.com/AidenPearce369/ADReaper#Windows
Techniques for IPv6 exploitation in Active Directory
https://medium.com/@browninfosecguy/ipv6-exploitation-in-ad-environment-b22a7c3ec8af#Windows
Cheat sheet for Cobalt Strike operations
https://github.com/S1ckB0y1337/Cobalt-Strike-CheatSheet#Windows
Techniques for Cobalt Strike process injection
https://hideandsec.sh/books/red-teaming-tactics/page/cobalt-strike-process-injection#Windows
Guide on using BloodHound for Red Teaming
https://ristbs.github.io/Dive-Into-Bloodhound/#Windows
Tool for enumeration and exploitation in Active Directory
https://mpgn.gitbook.io/crackmapexec/#Windows
Introduction to Azure AD for Red Teamers
https://hideandsec.sh/books/cheatsheets-82c/page/azure-ad#Windows
Details on Active Directory security descriptors
http://www.selfadsi.org/deep-inside/ad-security-descriptors.htm#Windows
Tool for scanning IPv4 ports using PowerShell
https://github.com/BornToBeRoot/PowerShell_IPv4PortScanner#Windows
Cheat sheet for various Windows commands and techniques
https://github.com/BlWasp/CME_cheatSheet#Windows
Cheat sheet for MSSQL commands and techniques
https://hideandsec.sh/books/cheatsheets-82c/page/mssql#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://medium.com/nets3c/remote-enumeration-of-network-interfaces-without-any-authentication-the-oxid-resolver-896cff530d37#Windows
Part 1 of series on OXID Resolver by Airbus Cyber Security
https://airbus-cyber-security.com/fr/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/#Windows
Part 2 of series on OXID Resolver by Airbus Cyber Security
https://airbus-cyber-security.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/#Windows
Insights into Kerberos pre-authentication exploitation
https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E9%80%9A%E8%BF%87Kerberos-pre-auth%E8%BF%9B%E8%A1%8C%E7%94%A8%E6%88%B7%E6%9E%9A%E4%B8%BE%E5%92%8C%E5%8F%A3%E4%BB%A4%E7%88%86%E7%A0%B4#Windows
Exploration of PetitPotam attack techniques
https://blog.zsec.uk/chasing-the-silver-petit-potam/#Windows
Analysis of CVE-2022-26923 for AD domain privilege escalation
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4#Windows
Basic introduction to Active Directory concepts
https://www.hackthebox.com/blog/introduction-to-active-directory#Windows
Tools and techniques for Active Directory enumeration and exploitation
https://www.linkedin.com/posts/kondah_tools-active-directory-activity-6930193645400645632-nYV1?utm_source=linkedin_share&utm_medium=ios_app#Windows
Methods for attacking networks secured with smart cards in AD environments
https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#Windows
Overview of DCOM technology in Windows
https://www.varonis.com/fr/blog/dcom-technologie-distributed-component-object-model#Windows
Guide on using SMB-based tools for remote execution in Windows
https://nv2lt.github.io/windows/smb-psexec-smbexec-winexe-how-to/#Windows
Tool for retrieving bad passwords from AD environments
https://github.com/improsec/Get-bADpasswords#Windows
Custom queries for BloodHound in AD environments
https://github.com/awsmhacks/awsmBloodhoundCustomQueries#Windows
Tool for extracting credentials from Windows systems
https://github.com/GhostPack/SafetyKatz#Windows
Cheat sheet for WinDbg debugging tool
https://github.com/repnz/windbg-cheat-sheet#Windows
Introduction to PyCobaltHound for threat hunting
https://blog.nviso.eu/2022/05/09/introducing-pycobalthound/?amp#Windows
Comprehensive guide on using Rubeus for attacking Active Directory
https://www.hackingarticles.in/a-detailed-guide-on-rubeus/#Windows
Techniques for coercing NTLM authentication from SCCM
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a#Windows
Tool for smart brute-forcing techniques
https://github.com/ShutdownRepo/smartbrute#Windows
Phishing techniques using XLL files
https://github.com/Octoberfest7/XLL_Phishing#Windows
Methods for exploiting Role-Based Access Control using normal user privileges
https://www.tiraniddo.dev/2022/05/exploiting-rbcd-using-normal-user.html#Windows
Techniques for malware hunting using Process Monitor
https://nasbench.medium.com/hunting-malware-with-windows-sysinternals-process-monitor-e67476f44514#Windows
Technique for injecting assemblies into processes
https://github.com/kyleavery/inject-assembly#Windows
In-depth exploration of Kerberos delegation vulnerabilities
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/#Windows
Techniques for bypassing Windows security using Go
https://medium.com/@justen.walker/breaking-all-the-rules-using-go-to-call-windows-api-2cbfd8c79724#Windows
Exploration of BloodHound and AD Certificate Services abuse
https://capturethetalent.co.uk/certifried-bloodhound-more-ad-cs-abuse/#Windows
Overview of Advanced Threat Analytics in Windows environments
https://docs.microsoft.com/fr-fr/advanced-threat-analytics/what-is-ata#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/#Windows
Insights into Kerberos pre-authentication exploitation
https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E9%80%9A%E8%BF%87Kerberos-pre-auth%E8%BF%9B%E8%A1%8C%E7%94%A8%E6%88%B7%E6%9E%9A%E4%B8%BE%E5%92%8C%E5%8F%A3%E4%BB%A4%E7%88%86%E7%A0%B4#Windows
Exploration of PetitPotam attack techniques
https://blog.zsec.uk/chasing-the-silver-petit-potam/#Windows
Analysis of CVE-2022-26923 for AD domain privilege escalation
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4#Windows
Basic introduction to Active Directory concepts
https://www.hackthebox.com/blog/introduction-to-active-directory#Windows
Tools and techniques for Active Directory enumeration and exploitation
https://www.linkedin.com/posts/kondah_tools-active-directory-activity-6930193645400645632-nYV1?utm_source=linkedin_share&utm_medium=ios_app#Windows
Methods for attacking networks secured with smart cards in AD environments
https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#Windows
Overview of DCOM technology in Windows
https://www.varonis.com/fr/blog/dcom-technologie-distributed-component-object-model#Windows
Guide on using SMB-based tools for remote execution in Windows
https://nv2lt.github.io/windows/smb-psexec-smbexec-winexe-how-to/#Windows
Tool for retrieving bad passwords from AD environments
https://github.com/improsec/Get-bADpasswords#Windows
Custom queries for BloodHound in AD environments
https://github.com/awsmhacks/awsmBloodhoundCustomQueries#Windows
Tool for extracting credentials from Windows systems
https://github.com/GhostPack/SafetyKatz#Windows
Cheat sheet for WinDbg debugging tool
https://github.com/repnz/windbg-cheat-sheet#Windows
Introduction to PyCobaltHound for threat hunting
https://blog.nviso.eu/2022/05/09/introducing-pycobalthound/?amp#Windows
Comprehensive guide on using Rubeus for attacking Active Directory
https://www.hackingarticles.in/a-detailed-guide-on-rubeus/#Windows
Techniques for coercing NTLM authentication from SCCM
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a#Windows
Tool for smart brute-forcing techniques
https://github.com/ShutdownRepo/smartbrute#Windows
Phishing techniques using XLL files
https://github.com/Octoberfest7/XLL_Phishing#Windows
Methods for exploiting Role-Based Access Control using normal user privileges
https://www.tiraniddo.dev/2022/05/exploiting-rbcd-using-normal-user.html#Windows
Techniques for malware hunting using Process Monitor
https://nasbench.medium.com/hunting-malware-with-windows-sysinternals-process-monitor-e67476f44514#Windows
Technique for injecting assemblies into processes
https://github.com/kyleavery/inject-assembly#Windows
In-depth exploration of Kerberos delegation vulnerabilities
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/#Windows
Techniques for bypassing Windows security using Go
https://medium.com/@justen.walker/breaking-all-the-rules-using-go-to-call-windows-api-2cbfd8c79724#Windows
Exploration of BloodHound and AD Certificate Services abuse
https://capturethetalent.co.uk/certifried-bloodhound-more-ad-cs-abuse/#Windows
Overview of Advanced Threat Analytics in Windows environments
https://docs.microsoft.com/fr-fr/advanced-threat-analytics/what-is-ata#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/#Windows
Insights into Kerberos pre-authentication exploitation
https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E9%80%9A%E8%BF%87Kerberos-pre-auth%E8%BF%9B%E8%A1%8C%E7%94%A8%E6%88%B7%E6%9E%9A%E4%B8%BE%E5%92%8C%E5%8F%A3%E4%BB%A4%E7%88%86%E7%A0%B4#Windows
Exploration of PetitPotam attack techniques
https://blog.zsec.uk/chasing-the-silver-petit-potam/#Windows
Analysis of CVE-2022-26923 for AD domain privilege escalation
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4#Windows
Basic introduction to Active Directory concepts
https://www.hackthebox.com/blog/introduction-to-active-directory#Windows
Tools and techniques for Active Directory enumeration and exploitation
https://www.linkedin.com/posts/kondah_tools-active-directory-activity-6930193645400645632-nYV1?utm_source=linkedin_share&utm_medium=ios_app#Windows
Methods for attacking networks secured with smart cards in AD environments
https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#Windows
Overview of DCOM technology in Windows
https://www.varonis.com/fr/blog/dcom-technologie-distributed-component-object-model#Windows
Guide on using SMB-based tools for remote execution in Windows
https://nv2lt.github.io/windows/smb-psexec-smbexec-winexe-how-to/#Windows
Tool for retrieving bad passwords from AD environments
https://github.com/improsec/Get-bADpasswords#Windows
Custom queries for BloodHound in AD environments
https://github.com/awsmhacks/awsmBloodhoundCustomQueries#Windows
Tool for extracting credentials from Windows systems
https://github.com/GhostPack/SafetyKatz#Windows
Cheat sheet for WinDbg debugging tool
https://github.com/repnz/windbg-cheat-sheet#Windows
Introduction to PyCobaltHound for threat hunting
https://blog.nviso.eu/2022/05/09/introducing-pycobalthound/?amp#Windows
Comprehensive guide on using Rubeus for attacking Active Directory
https://www.hackingarticles.in/a-detailed-guide-on-rubeus/#Windows
Techniques for coercing NTLM authentication from SCCM
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a#Windows
Tool for smart brute-forcing techniques
https://github.com/ShutdownRepo/smartbrute#Windows
Phishing techniques using XLL files
https://github.com/Octoberfest7/XLL_Phishing#Windows
Methods for exploiting Role-Based Access Control using normal user privileges
https://www.tiraniddo.dev/2022/05/exploiting-rbcd-using-normal-user.html#Windows
Techniques for malware hunting using Process Monitor
https://nasbench.medium.com/hunting-malware-with-windows-sysinternals-process-monitor-e67476f44514#Windows
Technique for injecting assemblies into processes
https://github.com/kyleavery/inject-assembly#Windows
In-depth exploration of Kerberos delegation vulnerabilities
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/#Windows
Techniques for bypassing Windows security using Go
https://medium.com/@justen.walker/breaking-all-the-rules-using-go-to-call-windows-api-2cbfd8c79724#Windows
Exploration of BloodHound and AD Certificate Services abuse
https://capturethetalent.co.uk/certifried-bloodhound-more-ad-cs-abuse/#Windows
Overview of Advanced Threat Analytics in Windows environments
https://docs.microsoft.com/fr-fr/advanced-threat-analytics/what-is-ata#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/#Windows
Detailed exploration of remote enumeration using OXID Resolver
https://airbus-cyber-security.com/the-oxid-resolver-part-2-accessing-a-remote-object-inside-dcom/#Windows
Insights into Kerberos pre-authentication exploitation
https://3gstudent.github.io/%E6%B8%97%E9%80%8F%E6%8A%80%E5%B7%A7-%E9%80%9A%E8%BF%87Kerberos-pre-auth%E8%BF%9B%E8%A1%8C%E7%94%A8%E6%88%B7%E6%9E%9A%E4%B8%BE%E5%92%8C%E5%8F%A3%E4%BB%A4%E7%88%86%E7%A0%B4#Windows
Exploration of PetitPotam attack techniques
https://blog.zsec.uk/chasing-the-silver-petit-potam/#Windows
Analysis of CVE-2022-26923 for AD domain privilege escalation
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4#Windows
Basic introduction to Active Directory concepts
https://www.hackthebox.com/blog/introduction-to-active-directory#Windows
Tools and techniques for Active Directory enumeration and exploitation
https://www.linkedin.com/posts/kondah_tools-active-directory-activity-6930193645400645632-nYV1?utm_source=linkedin_share&utm_medium=ios_app#Windows
Methods for attacking networks secured with smart cards in AD environments
https://ethicalchaos.dev/2020/10/04/attacking-smart-card-based-active-directory-networks/#Windows
Methods for attacking networks secured with smart cards in AD environments
https://ethicalchaos.dev/author/ceri-coburn/#Windows
Overview of DCOM technology in Windows
https://www.varonis.com/fr/blog/dcom-technologie-distributed-component-object-model#Windows
Guide on using SMB-based tools for remote execution in Windows
https://nv2lt.github.io/windows/smb-psexec-smbexec-winexe-how-to/#Windows
Tool for retrieving bad passwords from AD environments
https://github.com/improsec/Get-bADpasswords#Windows
Custom queries for BloodHound in AD environments
https://github.com/awsmhacks/awsmBloodhoundCustomQueries#Windows
Tool for extracting credentials from Windows systems
https://github.com/GhostPack/SafetyKatz#Windows
Cheat sheet for WinDbg debugging tool
https://github.com/repnz/windbg-cheat-sheet#Windows
Introduction to PyCobaltHound for threat hunting
https://blog.nviso.eu/2022/05/09/introducing-pycobalthound/?amp#Windows
Comprehensive guide on using Rubeus for attacking Active Directory
https://www.hackingarticles.in/a-detailed-guide-on-rubeus/#Windows
Techniques for coercing NTLM authentication from SCCM
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a#Windows
Tool for smart brute-forcing techniques
https://github.com/ShutdownRepo/smartbrute#Windows
Phishing techniques using XLL files
https://github.com/Octoberfest7/XLL_Phishing#Windows
Methods for exploiting Role-Based Access Control using normal user privileges
https://www.tiraniddo.dev/2022/05/exploiting-rbcd-using-normal-user.html#Windows
Techniques for malware hunting using Process Monitor
https://nasbench.medium.com/hunting-malware-with-windows-sysinternals-process-monitor-e67476f44514#Windows
Technique for injecting assemblies into processes
https://github.com/kyleavery/inject-assembly#Windows
In-depth exploration of Kerberos delegation vulnerabilities
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/#Windows
Techniques for bypassing Windows security using Go
https://medium.com/@justen.walker/breaking-all-the-rules-using-go-to-call-windows-api-2cbfd8c79724#Windows
Exploration of BloodHound and AD Certificate Services abuse
https://capturethetalent.co.uk/certifried-bloodhound-more-ad-cs-abuse/#Windows
Overview of Advanced Threat Analytics in Windows environments
https://docs.microsoft.com/fr-fr/advanced-threat-analytics/what-is-ata#Windows
Tweet about Active Directory techniques
https://twitter.com/malmoeb/status/1530862908871163905?t=Zrn9YCWY0Y7clMRsx7FybQ&s=19#Windows
Kerberos attacks and detections in Windows environments
https://medium.com/@deepakkeshav98/3-machine-lab-3-kerberos-attacks-and-detections-d0e4548d94d1#Windows
Techniques for hunting COM objects in Windows
https://www.mandiant.com/resources/hunting-com-objects#Windows
Overview of Kerberos delegation and SPNs in Windows AD
https://www.secureauth.com/blog/kerberos-delegation-spns-and-more/#Windows
Author page on SecureAuth discussing Windows security topics
https://www.secureauth.com/author/ttan/#Windows
Tool for reconnaissance and enumeration in Active Directory
https://github.com/digitemis/Rakound#Windows
Tool for creating databases in BloodHound for AD analysis
https://github.com/BloodHoundAD/BloodHound-Tools/tree/master/DBCreator#Windows
Tool for Active Directory security assessments and reporting
https://github.com/vletoux/pingcastle#Windows
Articles and techniques related to Cobalt Strike
https://posts.specterops.io/tagged/cobalt-strike#Windows
Documentation on artifacts and antivirus evasion in Cobalt Strike
https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/topics/artifacts-antivirus_sleep-mask-kit.htm#Windows
Tool for evading detection in Windows environments
https://github.com/optiv/ScareCrow#Windows
Author page discussing various Windows security topics
https://blog.ilearned.eu/author/lancelot.html#Windows
Tool for embedding PowerShell scripts into PNG files
https://github.com/peewpw/Invoke-PSImage#Windows
Tool for remote malware and RAT control in Windows
https://github.com/MerlynXS/S-500-G2-Rat-Hvnc-Hidden-Broswers-Hidden-Apps-OperaGX-Rat-Remote-Malware#Windows
Slideshare presentation on exploiting MS SQL using SQL Recon
https://slideshare.net/SanjivKawa/abusing-ms-sql-using-sqlrecon#Windows
Tool for running processes with elevated privileges in Windows
http://buaq.net/go-72951.html#Windows
Technical information on Windows security
https://unsafe.sh/go-61472.html#Windows
Blog post on performing malicious actions in Windows environments
https://remyhax.xyz/posts/do-harm/#Windows
Twitter video related to Windows security
https://video.twimg.com/tweet_video/D4DQoemW4AAvuad.mp4#Windows
Tool for exploiting Kerberos in Windows environments
https://ristbs.github.io/Kekeo-KUHL_M_TSSSP/#Windows
Tool for decrypting Outlook data in Windows
https://www.errno.fr/OutlookDecrypt/OutlookDecrypt.html#Windows
Tool for bypassing Windows security mechanisms
https://github.com/iSECPartners/jailbreak#Windows
Tool for simulating user activity in Windows environments
https://github.com/ubeeri/Invoke-UserSimulator#Windows
Article on Office VBA and AMSI in Windows
https://www.microsoft.com/security/blog/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/#Windows
Analysis of Lazarus shellcode execution methods in Windows
https://research.nccgroup.com/2021/01/23/rift-analysing-a-lazarus-shellcode-execution-method/#Windows
Tool for identifying vulnerabilities in Windows
https://github.com/ShutdownRepo/pywhisker#Windows
Article on Active Directory security using BloodHound
https://www.consultingit.fr/fr/?option=com_content&view=article&id=688:active-directory-securite-avec-bloodhound-en-pentest&catid=31#Windows
Write-up on LeHack 2019 focusing on Windows security
https://akerva.com/blog/wonkachall-2-lehack-2019-write-up-part-2-windows/#Windows
Slides on bypassing AV and EDR solutions in Windows
https://github.com/klezVirus/inceptor/blob/main/slides/Inceptor%20-%20Bypass%20AV-EDR%20solutions%20combining%20well%20known%20techniques.pdf#Windows
Tool for coercing DFS in Windows environments
https://github.com/Wh04m1001/DFSCoerce#Windows
Gist discussing Windows security techniques
https://gist.github.com/sckalath/ec7af6a1786e3de6c309#Windows
Tool for using Cobalt Strike for offensive security in Windows
https://github.com/pandasec888/taowu-cobalt-strike#Windows
Extension kit for Cobalt Strike in Windows environments
https://github.com/josephkingstone/cobalt_strike_extension_kit/#Windows
Windows Privilege Escalation Awesome Scripts Suite - WinPEAS
https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS#Windows
Guide on local privilege escalation in Windows
https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation#Windows
Hands-on exercises with BloodHound for AD security
https://github.com/SadProcessor/HandsOnBloodHound#Windows
Tool for running custom queries in BloodHound
https://github.com/SadProcessor/CypherDog#Windows
Tool for assessing trust relationships in AD environments
https://github.com/davidprowe/BadBlood#Windows
Techniques for attacking Azure AD and PowerZure introduction
https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a#Windows
Tool for Active Directory enumeration and exploitation
https://github.com/lkarlslund/adalanche#Windows
Cheatsheets for Active Directory in Python
https://hideandsec.sh/books/cheatsheets-82c/page/active-directory-python-edition#Windows
Article discussing Windows security techniques
https://karol-mazurek95.medium.com/crimson-wisp-994cbcd1d0bb#Windows
Tool for extracting and analyzing Windows Defender data
https://github.com/HackingLZ/ExtractedDefender#Windows
Methodologies for breaking out of Windows kiosks using Edge
https://blog.nviso.eu/2022/05/24/breaking-out-of-windows-kiosks-using-only-microsoft-edge/#Windows
Workshop on Active Directory Certificate Services exploitation
https://github.com/Orange-Cyberdefense/leHACK-2022/blob/main/Workshop-ADCS-leHACK-2022-v1.0.pdf#Windows
Talk on exploitation of Windows tokens
https://github.com/Orange-Cyberdefense/leHACK-2022/blob/main/Talk-Exploitation-de-tokens-Windows-leHACK-2022-v1.0.pdf#Windows
Useful BloodHound Cypher queries for AD security
https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/red-teaming/bloodhound/Handy-BloodHound-Cypher-Queries.md#Windows
Techniques for obfuscating C2 during red team engagements
https://labs.jumpsec.com/obfuscating-c2-during-a-red-team-engagement/#Windows
Tweet related to Windows security
https://twitter.com/_xpn_/status/1542837007382110208#Windows
Cheatsheet for offensive techniques in Windows
https://github.com/matthieu-hackwitharts/Win32_Offensive_Cheatsheet#Windows
Explanation of Kerberos authentication in Windows
https://www.tarlogic.com/blog/how-kerberos-works/#Windows
Tool for finding kernel data structures in Windows
https://github.com/yardenshafir/KernelDataStructureFinder#Windows
Using process creation properties to catch evasion techniques in Windows
https://www.microsoft.com/security/blog/2022/06/30/using-process-creation-properties-to-catch-evasion-techniques/#Windows
Techniques from NtObjectManager to PetitPotam in Windows
https://clearbluejar.github.io/posts/from-ntobjectmanager-to-petitpotam/#Windows
Reverse engineering PsExec for knowledge and fun
https://cybergeeks.tech/reverse-engineering-psexec-for-fun-and-knowledge/#Windows
Tweet related to Windows security
https://twitter.com/podalirius_/status/1545044317844099072#Windows
Twitter video related to Windows security
https://twitter.com/podalirius_/status/1545058556038336512#Windows
Tool for performing NTLMv1 authentication attacks in Windows
https://github.com/evilmog/ntlmv1-multi#Windows
Tool for Kerberoasting in Windows environments
https://github.com/nidem/kerberoast#Windows
Guide on Windows privilege escalation techniques
https://pentester.blog/?p=794#Windows
Cheatsheets for Windows security
https://hideandsec.sh/books/windows-sNL/page/in-the-potato-family-i-want-them-all#Windows
Tool for managing Azure AD environments
https://github.com/Gerenios/AADInternals#Windows
Cheatsheet for CARTP techniques in Windows environments
https://github.com/0xJs/CARTP-cheatsheet/#Windows
Tool for extracting data from Microsoft Windows operating systems
https://github.com/NetSPI/MicroBurst#Windows
Introduction to Azure AD for red teamers
https://www.synacktiv.com/publications/azure-ad-introduction-for-red-teamers.html#Windows
Tool for auditing and maintaining Microsoft 365 environments
https://github.com/LMGsec/o365creeper#Windows
Journey into DPAPI and updating ADConnectDump
https://dirkjanm.io/updating-adconnectdump-a-journey-into-dpapi/#Windows
Methodology for Active Directory penetration testing
https://book.hacktricks.xyz/windows-hardening/active-directory-methodology#Windows
Methods for attacking MS SQL Servers
https://www.offsec-journey.com/post/attacking-ms-sql-servers#Windows
Defense strategies against Azure AD attacks
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense#Windows
Dissection of RPC Windows techniques
https://docs.google.com/viewerng/viewer?url=https://actes.sstic.org/SSTIC06/Dissection_RPC_Windows/SSTIC06-article-Pouvesle-Dissection_RPC_Windows.pdf#Windows
Tool for managing SPIDER activities in Windows environments
https://github.com/blacklanternsecurity/MANSPIDER#Windows
Tool for dumping credentials in Windows environments
https://github.com/lgandx/PCredz#Windows
Tool for bypassing UAC in Windows environments
https://github.com/hackerhouse-opensource/iscsicpl_bypassUAC#Windows
Techniques for achieving persistence in Windows
https://persistence-info.github.io/#Windows
Tweet related to Windows security
https://twitter.com/mpgn_x64/status/1549150980859650053?s=21&t=8ptdY28LX_7SwMSXpwKKBg#Windows
Tweet related to Windows security
https://twitter.com/nas_bench/status/1550836225652686848?t=4Dn1Hd8bVqyH1Z8iNeCfzw&s=19#Windows
Tweet related to Windows security
https://twitter.com/_Mayyhem/status/1540338845832679424#Windows
Tool for protecting tools used in penetration testing
https://github.com/mgeeky/ProtectMyTooling#Windows
Tool for exploiting vulnerabilities in Windows environments
https://github.com/SecIdiot/FOLIAGE#Windows
Workshop on Azure security practices
https://github.com/mandiant/Azure_Workshop#Windows
Analysis of a European offensive actor exploiting 0-day exploits
https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/#Windows
Posts authored by eRavena on Microsoft security blog
https://www.microsoft.com/security/blog/author/eravena/#Windows
Tool for bypassing UAC controls in Windows
https://github.com/FatRodzianko/SharpBypassUAC#Windows
Tool for compressing assembly code
https://github.com/zacbre/AssemblyCompressor#Windows
Slides on malware development presented at Hack in Paris 2022
https://github.com/chvancooten/maldev-for-dummies/blob/main/Slides/Malware%20Development%20for%20Dummies%20-%20Hack%20in%20Paris%2030-06-2022%20%26%2001-07-2022.pdf#Windows
Operational security notes for SliverC2 usage
https://red-actor.notion.site/SliverC2-OPSEC-Notes-b0dc84158cdb4ee48b06f66fd21c5ec2#Windows
New authentication and request methods in Certipy 4.0
https://research.ifcr.dk/certipy-4-0-esc9-esc10-bloodhound-gui-new-authentication-and-request-methods-and-more-7237d88061f7?gi=ef2d0840ab10#Windows
Exploring the Brute RateL technique in beacon communication
https://www.mdsec.co.uk/2022/08/part-3-how-i-met-your-beacon-brute-ratel/#Windows
Guide on setting up QEMU for kernel mode debugging
https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/setting-up-qemu-kernel-mode-debugging-using-exdi#Windows
Tool for filtering team communications
https://github.com/Flangvik/TeamFiltration#Windows
Analysis on cleartext password exposure via NPPSpy
https://www.huntress.com/blog/cleartext-shenanigans-gifting-user-passwords-to-adversaries-with-nppspy?hss_channel=tw-3330464153#Windows
Tool for stealing passwords using NPPSpy
https://github.com/gtworek/PSBits/tree/master/PasswordStealing/NPPSpy#Windows
Slides on useful LDAP queries for AD pentesting
https://podalirius.net/en/articles/useful-ldap-queries-for-windows-active-directory-pentesting/#Windows
Insights on delegation in Windows environments
https://blog.harmj0y.net/redteaming/another-word-on-delegation/#Windows
Posts authored by harmj0y on their blog
https://blog.harmj0y.net/author/harmj0y/#Windows
Release notes for Masky v0.0.3
https://z4ksec.github.io/posts/masky-release-v0.0.3/#Windows
Techniques for exploiting Windows Group Policy Preferences
https://podalirius.net/en/articles/exploiting-windows-group-policy-preferences/#Windows
Analysis on threat actor tactics post-Macro world
https://www.proofpoint.com/us/blog/threat-insight/how-threat-actors-are-adapting-post-macro-world#Windows
Overview of DirSync functionality
https://simondotsh.com/infosec/2022/07/11/dirsync.html#Windows
Presentation on CastGuard at Blackhat 2022
https://github.com/microsoft/MSRC-Security-Research/blob/master/presentations/2022_08_BlackHatUSA/CastGuard%20Blackhat%202022.pdf#Windows
Posts by snovvcrash on Twitter
https://twitter.com/snovvcrash/status/1564606422184345604?s=21&t=1z_8lCnLv-dAfcbLrLpUcA#Windows
Posts by d4rksystem on Twitter
https://twitter.com/d4rksystem/status/1564313431569825792?t=qixpxUc3-z2PrC1IALYAdw&s=19#Windows
Posts by gray_sec on Twitter
https://twitter.com/gray_sec/status/1565396721336815617#Windows
Posts by RemkoWeijnen on Twitter
https://twitter.com/remkoweijnen/status/1565051115716153345?s=21&t=doVxZbyr0aRwE4JWJxXYMQ#Windows
Tool for running UUID operations
https://github.com/boku7/Ninja_UUID_Runner#Windows
Methodology for reverse engineering Windows drivers
https://voidsec.com/windows-drivers-reverse-engineering-methodology/#Windows
Tool for hiding drivers in Windows environments
https://github.com/CZashi/HiderDrv#Windows
Tool for privilege escalation using JuicyPotato technique
https://github.com/antonioCoco/JuicyPotatoNG#Windows
Discussion on improvements in JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/#Windows
Tool for analyzing Azure AD environments
https://www.azadvertizer.net/index.html#Windows
Posts by HackerOtter on Twitter
https://twitter.com/hackerotter/status/1573320493033299968?s=46&t=IdrRXKl6NiJwSSs-6ZUZ9A#Windows
Tools for Linux and Windows penetration testing
https://github.com/lefayjey/linWinPwn#Windows
Exploiting PKI vulnerabilities
https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/#Windows
Bypass and privilege escalation techniques using Shift+F10
https://k4m1ll0.com/ShiftF10Bypass-and-privesc.html#Windows
Comparison of signature-based vs behavior-based detection
https://s3cur3th1ssh1t.github.io/Signature_vs_Behaviour/#Windows
Techniques for executing remote PE files in a fileless manner
https://github.com/D1rkMtr/FilelessRemotePE#Windows
Tool for dumping LSASS memory contents
https://github.com/D1rkMtr/DumpThatLSASS#Windows
Tool for manipulating handle permissions
https://github.com/codewhitesec/HandleKatz#Windows
Tutorial on token theft techniques
https://cocomelonc.github.io/tutorial/2022/09/25/token-theft-1.html#Windows
Techniques for dumping LSASS using duplicated handles
https://rastamouse.me/dumping-lsass-with-duplicated-handles/#Windows
Abusing AD Certificate Services for attacks
https://rayrt.gitlab.io/posts/Active-Directory-Certificate-Services-Abuse/#Windows
Discussion on new attack paths in STS
https://www.semperis.com/blog/new-attack-paths-as-requested-sts/#Windows
Collection of miscellaneous PowerShell scripts
https://github.com/rvrsh3ll/Misc-Powershell-Scripts#Windows
Tool for bypassing PowerShell restrictions
https://github.com/bitsadmin/nopowershell#Windows
Tool for fingerprinting Exchange servers
https://github.com/tijldeneut/Security/blob/master/Exchange-fingerprinter.py#Windows
Best practices for detecting and preventing LSASS attacks
http://www.microsoft.com/security/blog/2022/10/05/detecting-and-preventing-lsass-credential-dumping-attacks/#Windows
Exploring system calls in the Windows kernel
https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/#Windows
Tool for Rust programming language security testing
https://github.com/OPENCYBER-FR/RustHound#Windows
Overview of ZeroLogon vulnerability
https://0xss0rz.github.io/2021-05-31-ZeroLogon/#Windows
Using BloodHound.py with Kerberos
https://github.com/jazzpizazz/BloodHound.py-Kerberos.git#Windows
Techniques for AD computer object takeover
https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/resource-based-constrained-delegation-ad-computer-object-take-over-and-privilged-code-execution#Windows
Integration of Kerberos between Linux and Windows AD
https://www.vgemba.net/microsoft/Kerberos-Linux-Windows-AD/#Windows
Analysis of AD CS misconfigurations
https://http418infosec.com/ad-cs-what-can-be-misconfigured#Windows
Cheat sheet for offensive techniques in Win32 environments
https://github.com/matthieu-hackwitharts/Win32_Offensive_Cheatsheet#Windows
Techniques for abusing Windows tokens
https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/#Windows
Overview of CVE-2020-17049 Kerberos Bronze Bit
https://www.netspi.com/blog/technical/network-penetration-testing/cve-2020-17049-kerberos-bronze-bit-overview/#Windows
Analysis and proof of concept for CVE-2022-33679
https://www.login-securite.com/2022/11/03/analyse-et-poc-de-la-cve-2022-33679/#Windows
Proof of concept for CVE-2022-33679
https://github.com/Bdenneu/CVE-2022-33679#Windows
Additional examples for using Impacket
https://github.com/icyguider/MoreImpacketExamples#Windows
Tool for executing processes as different users
https://github.com/antonioCoco/RunasCs#Windows
Exploring the attack surface of SCCM client push accounts
https://www.hub.trimarcsecurity.com/post/push-comes-to-shove-exploring-the-attack-surface-of-sccm-client-push-accounts#Windows
Authentification interprotocolaire sous Windows et élévation de privilèges
https://connect.ed-diamond.com/MISC/misc-090/authentification-interprotocolaire-sous-windows-et-elevation-de-privileges#Windows
Playing with relayed credentials
https://web.archive.org/web/20220518143031/https://www.secureauth.com/blog/playing-with-relayed-credentials/#Windows
Brute force attack against NTLMv2 response
https://msmania.github.io/2016/09/19/brute-force-attack-against-ntlmv2-response.html#Windows
We love relaying credentials: A technical guide to relaying credentials everywhere
https://www.secureauth.com/blog/we-love-relaying-credentials-a-technical-guide-to-relaying-credentials-everywhere#Windows
The adventures of JFronske
https://www.secureauth.com/author/jfronske/#Windows
From RPCView to PetitPotam
https://itm4n.github.io/from-rpcview-to-petitpotam/#Windows
Credential Guard bypass
https://itm4n.github.io/credential-guard-bypass/#Windows
Active Directory NTLM attack security advisory
https://www.crowdstrike.com/blog/active-directory-ntlm-attack-security-advisory/#Windows
Podcast episode on Spotify
https://open.spotify.com/episode/0fC7SmcbzX5yPna1v09Rwj#Windows
Technical analysis of CVE-2022-33679 and CVE-2022-33647 Kerberos vulnerabilities
https://securityboulevard.com/2022/10/technical-analysis-of-cve-2022-33679-and-cve-2022-33647-kerberos-vulnerabilities/amp/#Windows
GitHub repository for CallbackHell
https://github.com/ly4k/CallbackHell#Windows
Article discussing the turbulent history of the Windows Print Spooler service
https://podalirius.net/fr/articles/windows-print-spooler-service-a-turbulent-history/#Windows
Blog post detailing the journey from a stolen laptop to accessing the company network
https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network#Windows
GitHub repository for Orpheus by TrustedSec
https://github.com/trustedsec/orpheus#Windows
GitHub repository for DetectionLab
https://github.com/clong/DetectionLab#Windows
Article covering almost all methods of file transfer
https://medium.com/@PenTest_duck/almost-all-the-ways-to-file-transfer-1bd6bf710d65#Windows
Blog post on relaying to AD Certificate Services over RPC
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/#Windows
GitHub repository for Certipy
https://github.com/sploutchy/Certipy#Windows
Publication diving into Microsoft Defender for Identity
https://www.synacktiv.com/publications/a-dive-into-microsoft-defender-for-identity.html#Windows
Article on NoFix LPE using KrbRelay with Shadow Credentials
https://icyguider.github.io/2022/05/19/NoFix-LPE-Using-KrbRelay-With-Shadow-Credentials.html#Windows
GitHub repository for Exchange penetration testing
https://github.com/kh4sh3i/exchange-penetration-testing#Windows
Website for Microsoft Exchange updates
https://www.msexchangeupdates.com/#Windows
GitHub repository for Spartacus by Accenture
https://github.com/Accenture/Spartacus#Windows
Article on WSUS spoofing for movement and coerced authentications
https://www.thehacker.recipes/ad/movement/mitm-and-coerced-authentications/wsus-spoofing#Windows
Blog post on CertPotato: using ADCS to privilege escalate from virtual and network service accounts to local system
https://sensepost.com/blog/2022/certpotato-using-adcs-to-privesc-from-virtual-and-network-service-accounts-to-local-system#Windows
GitHub repository for SysmonEoP
https://github.com/Wh04m1001/SysmonEoP#Windows
GitHub repository for SharpEfsPotato
https://github.com/bugch3ck/SharpEfsPotato#Windows
GitHub repository for SilentMoonwalk
https://github.com/klezVirus/SilentMoonwalk#Windows
Article revisiting Delegate 2 Thyself
https://exploit.ph/revisiting-delegate-2-thyself.html#Windows
Blog post on shadow credentials
https://shenaniganslabs.io/2021/06/21/Shadow-Credentials.html#Windows
Blog post titled "Let's Talk About Kerberos"
https://johndcyber.com/lets-talk-about-kerberos-6376d0bd7d91#Windows
Blog post titled "Diamond And Sapphire Tickets"
https://pgj11.com/posts/Diamond-And-Sapphire-Tickets/#Windows
Article diving deep into ASREPRoasting
https://ristbs.notion.site/ASREPRoasting-Deep-Dive-b2bca7b747474053b23669f26e114157#Windows
Blog post on Windows protocols in Python
https://www.hackthebox.com/blog/windows-protocols-python#Windows
Publication diving into Microsoft Defender for Identity
https://www.synacktiv.com/en/publications/a-dive-into-microsoft-defender-for-identity.html#Windows
Twitter post by @_nwodtuhs
https://twitter.com/_nwodtuhs/status/1604900697685704704#Windows
Article assessing SMSA
https://simondotsh.com/infosec/2022/12/12/assessing-smsa.html#Windows
Article titled "No Shells Required: Using Impacket to..."
http://blog.redxorblue.com/2019/12/no-shells-required-using-impacket-to.html#Windows
Article on Windows Active Directory exploitation cheat sheet and command reference
https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/#Windows
Blog post on free micropatches for PetitPotam
https://blog.0patch.com/2021/08/free-micropatches-for-petitpotam.html?m=1#Windows
Article on Serioussam AKA Hivenightmare vulnerability for local privilege escalation on Windows 10
https://medium.com/attivotechblogs/serioussam-aka-hivenightmare-vulnerability-local-privilege-escalation-on-windows-10-2289fb81c933#Windows
Article on Hivenightmare zero day allowing anyone to be system on Windows 10 and 11
https://www.malwarebytes.com/blog/news/2021/07/hivenightmare-zero-day-lets-anyone-be-system-on-windows-10-and-11#Windows
GitHub repository for MSRPC to ATT&CK
https://github.com/jsecurity101/MSRPC-to-ATTACK#Windows
GitHub repository for Windows coerced authentication methods
https://github.com/p0dalirius/windows-coerced-authentication-methods#Windows
Article on digging into PsExec with HTB Nest
https://0xdf.gitlab.io/2020/01/26/digging-into-psexec-with-htb-nest.html#Windows
Article on passing the challenge to defeat Windows Defender Credential Guard
https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22#Windows
GitHub repository for NTLM Scanner
https://github.com/preempt/ntlm-scanner#Windows
GitHub repository for GPO2SQL
https://github.com/aurel26/gpo2sql#Windows
Slideshare on attacking the Active Directory of Linux using FreeIPA
https://www.slideshare.net/JulianCatrambone/freeipa-attacking-the-active-directory-of-linux#Windows
Blog post on TabShell OWASSRF
https://blog.viettelcybersecurity.com/tabshell-owassrf/#Windows
GitHub repository for CVE-2023-21752
https://github.com/Wh04m1001/CVE-2023-21752#Windows
Blog post on Offensive Windows IPC 2: RPC
https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html#Windows
Blog post on ZeroLogon: attacking and defending
https://blog.zsec.uk/zerologon-attacking-defending/#Windows
Article on zeroing in on ZeroLogon: crypto more than zeros
https://medium.com/@TalBeerySec/zeroing-in-on-zerologon-crypto-more-than-zeros-5d90fe5e4fd3#Windows
Article on Zerologon: hacking Windows Servers with a bunch of zeros
https://nakedsecurity.sophos.com/2020/09/17/zerologon-hacking-windows-servers-with-a-bunch-of-zeros/#Windows
Twitter post by Filip Dragovic
https://twitter.com/filip_dragovic/status/1613565872844734465?s=20#Windows
Blog post titled "Domain Pentest Intro"
https://tyeyeah.github.io/2020/03/12/2020-03-12-Domain-Pentest-Intro/#Windows
GitHub repository for NTLMRawUnHide
https://github.com/mlgualtieri/NTLMRawUnHide#Windows
GitHub repository for GoSecretsDump
https://github.com/C-Sto/gosecretsdump#Windows
Twitter post by Chaignc
https://twitter.com/chaignc/status/1360512959596929024#Windows
GitHub repository for Priv2Admin
https://github.com/gtworek/Priv2Admin#Windows
Article on Kerberoasting without SPNs
https://swarm.ptsecurity.com/kerberoasting-without-spns/#Windows
Blog post on the curious case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06#Windows
Deep dive into Zerologon vulnerability
https://blog.diffense.co.kr/2020/10/06/Zerologon.html#Windows
GitHub repository for msFlagsDecoder
https://github.com/p0dalirius/msFlagsDecoder#Windows
Cheat sheet on Windows remote execution techniques
https://cheatsheet.haax.fr/windows-systems/exploitation/remote_execution_techniques/#Windows
Microsoft Sysinternals PsExec tool documentation
https://learn.microsoft.com/fr-fr/sysinternals/downloads/psexec#Windows
GitHub repository for hashgrab
https://github.com/xct/hashgrab#Windows
GitHub repository for cme-wmi
https://github.com/Orange-Cyberdefense/cme-wmi#Windows
Microsoft Teams premium features blog post
https://www.microsoft.com/en-us/microsoft-365/blog/2023/02/01/microsoft-teams-premium-cut-costs-and-add-ai-powered-productivity/#Windows
GitHub repository for Bad-Pdf
https://github.com/deepzec/Bad-Pdf#Windows
Article on internal information disclosure using hidden NTLM authentication
https://medium.com/swlh/internal-information-disclosure-using-hidden-ntlm-authentication-18de17675666#Windows
Article on capturing and relaying Net NTLM hashes without Kali Linux using Inveigh
https://infinitelogins.com/2020/11/16/capturing-relaying-net-ntlm-hashes-without-kali-linux-using-inveigh/#Windows
Author page for Infinite Logins
https://infinitelogins.com/author/1nfinitelogins/#Windows
Blog post on running as system using Evil-WinRM
https://malicious.link/post/2020/run-as-system-using-evil-winrm/#Windows
Microsoft Teams premium features blog post
https://www.microsoft.com/en-us/microsoft-365/blog/2023/02/01/microsoft-teams-premium-cut-costs-and-add-ai-powered-productivity/#Windows
GitHub repository for BackupOperatorToDA
https://github.com/mpgn/BackupOperatorToDA#Windows
Article revisiting unconstrained delegation
https://m365internals.com/2021/10/27/revisiting-unconstrained-delegation/#Windows
Paper on security vulnerability 962
https://paper.seebug.org/962/#Windows
Blog post on Metasploit Framework 6.3 release
https://www.rapid7.com/blog/post/2023/01/30/metasploit-framework-6-3-released/#Windows
Blog post on Potatoes Windows privilege escalation
https://jlajara.gitlab.io/Potatoes_Windows_Privesc#Windows
Pluralsight course on Windows internals
https://p30download.ir/fa/entry/70419/pluralsight-windows-internals#Windows
Blog post on relaying to ADFS attacks
https://www.praetorian.com/blog/relaying-to-adfs-attacks/#Windows
GitHub repository for ldappersistence
https://github.com/leonardoml97/ldappersistence#Windows
LocalPotato website for local privilege escalation
https://www.localpotato.com/localpotato_html/LocalPotato.html#Windows
GitHub repository for UnmanagedPowerShell
https://github.com/mmnoureldin/UnmanagedPowerShell#Windows
GitHub repository for Red-Teamer
https://github.com/Christbowel/Red-Teamer#Windows
GitHub repository for RedTeam Tools
https://github.com/A-poc/RedTeam-Tools#Windows
GitHub repository for SharpSystemTriggers
https://github.com/cube0x0/SharpSystemTriggers/#Windows
GitHub repository for TrustedInstallerPOC
https://github.com/FourCoreLabs/TrustedInstallerPOC#Windows
Article on malware AV evasion techniques
https://cocomelonc.github.io/malware/2023/02/20/malware-av-evasion-12.html#Windows
Article on Read-Only Domain Controllers (RODC)
https://www.it-connect.fr/rodc-controleur-de-domaine-en-lecture-seule/#Windows
Blog post on the Kerberos Key List Attack and Read-Only Domain Controllers
https://www.secureauth.com/blog/the-kerberos-key-list-attack-the-return-of-the-read-only-domain-controllers/#Windows
GitHub repository for powerview.py
https://github.com/aniqfakhrul/powerview.py#Windows
Blog post on sacrificial session
https://unshade.tech/sacrificial-session#Windows
GitHub repository for Churrasco
https://github.com/Re4son/Churrasco/#Windows
GitHub repository for SharpCollection
https://github.com/Flangvik/SharpCollection/tree/master/NetFramework_4.0_Any#Windows
Article on SRP protecting Windows folder in Windows 10
https://malwaretips.com/threads/srp-protecting-windows-folder-in-win-10.80283/#Windows
GitHub repository for scmanager
https://0xv1n.github.io/posts/scmanager/#Windows
Twitter post by Gabriel Landau
https://twitter.com/gabriellandau/status/1630663187379920902?s=46&t=XuwW89LGgXMjCMS9Xs-yTw#Windows
Blog post on Kerberos delegation, SPNs, and more
https://www.secureauth.com/blog/kerberos-delegation-spns-and-more/#Windows
LinkedIn post on Active Directory pentesting notes
https://www.linkedin.com/posts/segev-eliezer_active-directory-pentesting-notes-ugcPost-7036383888058834944-O1QL?utm_source=share&utm_medium=member_ios#Windows
GitHub repository for Windows LPE AFD CVE-2023-21768
https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768#Windows
Article on 50 methods for dumping LSASS
https://redteamrecipe.com/50-Methods-For-Dump-LSASS/#Windows
Blog post on Seized CA CTF 2022 forensics writeup
https://www.hackthebox.com/blog/seized-ca-ctf-2022-forensics-writeup#Windows
GitHub repository for ldapper
https://github.com/Synzack/ldapper#Windows
Blog post on exploiting CVE-2023-23397 Microsoft Outlook Elevation of Privilege Vulnerability
https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/#Windows
GitHub repository for CVE-2023-23397-POC-Powershell
https://github.com/api0cradle/CVE-2023-23397-POC-Powershell#Windows
GitHub repository for InfinityHook
https://github.com/everdox/InfinityHook#Windows
GitHub repository for PPLmedic
https://github.com/itm4n/PPLmedic#Windows
Blog post on breaking trust transitivity in AD security research
https://www.semperis.com/blog/ad-security-research-breaking-trust-transitivity/#Windows
Article on external trusts being evil
https://exploit.ph/external-trusts-are-evil.html#Windows
Blog post on Protected Users in Active Directory
https://sensepost.com/blog/2023/protected-users-you-thought-you-were-safe-uh/#Windows
GitHub repository for GoMapEnum
https://github.com/nodauf/GoMapEnum#Windows
Blog post on CVE-2023-23397 critical Microsoft Outlook privilege escalation vulnerability
https://www.darkrelay.com/post/cve-2023-23397-critical-microsoft-outlook-privilege-escalation-vulnerability#Windows
Article on debugging protected processes
https://itm4n.github.io/debugging-protected-processes/#Windows
GitHub repository for PowerShdll
https://github.com/p3nt4/PowerShdll#Windows
Twitter post by Gabriel Landau
https://twitter.com/_xpn_/status/1648105737707462664?s=46&t=JxgY2AX1dUYukchnp53zJw#Windows
Article on Windows secrets extraction
https://www.synacktiv.com/publications/windows-secrets-extraction-a-summary#Windows
Article on proof of concept for critical Microsoft Word RCE bug
https://www.bleepingcomputer.com/news/security/proof-of-concept-released-for-critical-microsoft-word-rce-bug/#Windows
Article on introduction to golden certificates
https://cyberstoph.org/posts/2019/12/an-introduction-to-golden-certificates/#Windows
Article on a deep look into Psexec and lateral movement
https://web.archive.org/web/20220309071610/https://www.contextis.com/en/blog/lateral-movement-a-deep-look-into-psexec#Windows
LinkedIn update by Segev Eliezer
https://www.linkedin.com/feed/update/urn:li:activity:7059115384674635776#Windows
GitHub repository for ItWasAllADream
https://github.com/byt3bl33d3r/ItWasAllADream#Windows
Paper on Skeleton Key malware presented at VB2016
https://docs.google.com/viewerng/viewer?url=https://www.virusbulletin.com/uploads/pdf/magazine/2016/vb201601-skeleton-key.pdf#Windows
Source code for kuhl_m_misc.c, a module in Mimikatz
https://github.com/gentilkiwi/mimikatz/blob/master/mimikatz/modules/kuhl_m_misc.c#Windows
GitHub repository listing Windows kernel exploits
https://github.com/njahrckstr/Windows_Kernel_Sploit_List#Windows
Deep dive on LSAdumpLSA patch and inject with Mimikatz
https://blog.3or.de/mimikatz-deep-dive-on-lsadumplsa-patch-and-inject.html#Windows
GitHub repository for ETWHash
https://github.com/nettitude/ETWHash#Windows
Blog post on exploring impersonation through the named pipe filesystem driver
https://posts.specterops.io/exploring-impersonation-through-the-named-pipe-filesystem-driver-15f324dfbaf2#Windows
Blog post on hunting with Active Directory replication metadata
https://posts.specterops.io/hunting-with-active-directory-replication-metadata-1dab2f681b19#Windows
GitHub repository for GodPotato
https://github.com/BeichenDream/GodPotato#Windows
GitHub repository for RunAsPasswd
https://github.com/Sq00ky/RunAsPasswd#Windows
Blog post on compromised systems
https://naacbin.gitlab.io/compromised/#Windows
Blog post on CVE-2023-28231 RCE in Microsoft Windows DHCPv6 Service
https://www.zerodayinitiative.com/blog/2023/5/1/cve-2023-28231-rce-in-the-microsoft-windows-dhcpv6-service#Windows
GitHub repository for CVE-2023-28231
https://github.com/glavstroy/CVE-2023-28231#Windows
GitHub repository for ADTimeline
https://github.com/ANSSI-FR/ADTimeline#Windows
Blog post on printer security vulnerabilities
https://www.synacktiv.com/publications/the-printer-goes-brrrrr-again#Windows
Microsoft TechCommunity blog on advanced threat hunting
https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/advanced-threat-hunting-within-active-directory-domain-services/m-p/3820214#Windows
GitHub repository for Windows API function cheatsheets
https://github.com/snowcra5h/windows-api-function-cheatsheets#Windows
GitHub repository for Domain Audit
https://github.com/0xJs/domain_audit#Windows
Article on security from Anquanke
https://www.anquanke.com/post/id/266883#Windows
Blog post on S4fuckMe2selfAndUAndU2proxy Kerberos delegations
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/#Windows
Blog post on CVE-2023-21554
https://www.zoemurmure.top/posts/cve_2023_21554/#Windows
Blog post on Pass-the-Hash mitigation
https://posts.specterops.io/pass-the-hash-is-dead-long-live-localaccounttokenfilterpolicy-506c25a7c167#Windows
GitHub repository for MiniKerberos
https://github.com/skelsec/minikerberos/#Windows
Windows version comparison tool
https://files.rg-adguard.net/version/f0bd8307-d897-ef77-dbd6-216fefbe94c5#Windows
GitHub repository for Hidden Desktop
https://github.com/WKL-Sec/HiddenDesktop#Windows
GitHub repository for WinDiff
https://github.com/ergrelet/windiff#Windows
Blog post on directory deletion shell
https://secret.club/2020/04/23/directory-deletion-shell.html#Windows
Website on process and application security by NTCore
https://ntcore.com/?page_id=388#Windows
Blog post on Golden GMSA attack
https://www.semperis.com/blog/golden-gmsa-attack/#Windows
Author page for Yuval Gorden on Semperis blog
https://www.semperis.com/author/yuvalgorden/#Windows
GitHub repository for Linikatz by CiscoCXSecurity
https://github.com/CiscoCXSecurity/linikatz#Windows
LinkedIn post on hacking Windows
https://www.linkedin.com/posts/brcyrr_hacking-windows-ugcPost-7080094555986927616-7TrP#Windows
Blog posts tagged with Internals on ScorpioSoftware
https://scorpiosoftware.net/tag/internals/#Windows
Windows security blog by Modexp
https://modexp.wordpress.com/#Windows
Blog post on autochk rootkit analysis
https://repnz.github.io/posts/autochk-rootkit-analysis/#Windows
GitHub repository for RdpThief
https://github.com/0x09AL/RdpThief#Windows
Blog post on fileless shellcodes
https://kleiton0x00.github.io/posts/Shellcodes-are-dead-long-live-fileless-shellcodes/#Windows
GitHub repository for MagicSigner
https://github.com/namazso/MagicSigner#Windows
Blog post on Ghidra threatcheck tool
https://offensivedefence.co.uk/posts/threatcheck-ghidra/#Windows
Blog post on detecting syscalls with Fennec
https://web.archive.org/web/20230304082027/https://mez0.cc/posts/detecting-syscalls-with-fennec/#Windows
Blog post on Lord of the Ring0
https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html#Windows
Blog post on CloudEye from LNK to shellcode
https://gi7w0rm.medium.com/cloudeye-from-lnk-to-shellcode-4b5f1d6d877#Windows
Blog post on divide and conquer technique
https://badoption.eu/blog/2023/07/15/divideconqer.html#Windows
Article on Windows privilege escalation malware technique
https://medium.com/@s12deff/windows-privilege-escalation-malware-technique-714e0fe256ab#Windows
Blog post on process killer driver
https://alice.climent-pommeret.red/posts/process-killer-driver/#Windows
Blog post on tracking WSL activity with API hooking
https://www.hackthebox.com/blog/tracking-wsl-activity-with-api-hooking#Windows
GitHub repository for Autobloody
https://github.com/CravateRouge/autobloody#Windows
LinkedIn post on hunting process injection
https://www.linkedin.com/posts/husamshbib_hunting-process-injection-by-windows-api-activity-7091689113694683136-8Gby#Windows
GitHub repository for KrbJack
https://github.com/almandin/krbjack#Windows
GitHub repository for NTDS to SQLite
https://github.com/almandin/ntdsdotsqlite#Windows
GitHub repository for RoastInTheMiddle
https://github.com/0xe7/RoastInTheMiddle#Windows
Blog post on abusing KCD without protocol transition
https://snovvcrash.rocks/2022/03/06/abusing-kcd-without-protocol-transition.html#Windows
Blog post on LAPSV2 internals
https://blog.xpnsec.com/lapsv2-internals/#Windows
Blog post on bypassing UAC with SSPI datagram
https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html?m=1#Windows
GitHub repository for Windows Research Kernel (WRK)
https://github.com/HighSchoolSoftwareClub/Windows-Research-Kernel-WRK-#Windows
GitHub repository for Windows kernel address leaks
https://github.com/sam-b/windows_kernel_address_leaks#Windows
GitHub repository for WarbirdVM by Airbus SecLab
https://github.com/airbus-seclab/warbirdvm#Windows
Blog post on Windows Warbird privilege escalation
https://blog.xpnsec.com/windows-warbird-privesc/#Windows
GitHub repository for MSSqlPwner by ScorpionesLabs
https://github.com/ScorpionesLabs/MSSqlPwner#Windows
Thesis on threats to edge computing
https://www.theseus.fi/handle/10024/806660#Windows
Blog post on DPAPI in-depth with tooling
https://www.insecurity.be/blog/2020/12/24/dpapi-in-depth-with-tooling-standalone-dpapi/#Windows
Author page for Tijl on Insecurity blog
https://www.insecurity.be/blog/author/tijl/#Windows
Blog post on abusing forgotten permissions in Active Directory
https://dirkjanm.io/abusing-forgotten-permissions-on-precreated-computer-objects-in-active-directory/#Windows
Blog post on relaying potatoes in Windows RPC protocol
https://www.sentinelone.com/labs/relaying-potatoes-another-unexpected-privilege-escalation-vulnerability-in-windows-rpc-protocol/#Windows
Blog post on Windows exploitation tricks by Google Project Zero
https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html#Windows
Blog post on Protected Users in Active Directory
https://sensepost.com/blog/2023/protected-users-you-thought-you-were-safe-uh/#Windows
Blog post on relaying NTLM authentication over RPC
https://blog.compass-security.com/2020/05/relaying-ntlm-authentication-over-rpc/#Windows
Author page for Sheinige on Compass Security blog
https://blog.compass-security.com/author/sheinige/#Windows
GitHub repository for Awesome Potatoes
https://github.com/bodik/awesome-potatoes#Windows
Blog post on Kerberos 102 overview
https://www.chudamax.com/posts/kerberos-102-overview/#Windows
Documentation on allocated altitudes in Windows drivers
https://github.com/MicrosoftDocs/windows-driver-docs/blob/b76d581d853c8da61fe0604a44e68ab16deca785/windows-driver-docs-pr/ifs/allocated-altitudes.md#Windows
Blog post on Windows Components Object Model
https://www.221bluestreet.com/offensive-security/windows-components-object-model#Windows
Twitter post by Directory Ranger
https://twitter.com/directoryranger/status/1705505689957794146?s=46&t=XuwW89LGgXMjCMS9Xs-yTw#Windows
Twitter profile for Directory Ranger
https://twitter.com/DirectoryRanger#Windows
Blog post on SCCM hierarchy takeover
https://posts.specterops.io/sccm-hierarchy-takeover-41929c61e087#Windows
Microsoft Docs page on WinRS command
https://learn.microsoft.com/fr-fr/windows-server/administration/windows-commands/winrs#Windows
GitHub repository for MalDev for Dummies
https://github.com/chvancooten/maldev-for-dummies/#Windows
Blog post on syncing into the shadows
https://jsecurity101.medium.com/syncing-into-the-shadows-bbd656dd14c8#Windows
GitHub repository for S4UTomato
https://github.com/wh0amitz/S4UTomato#Windows
GitHub Gist for c24cfd1bd141d14d4925043ee7e03c82
https://gist.github.com/tyranid/c24cfd1bd141d14d4925043ee7e03c82#Windows
Blog post on the evolution of Windows authentication
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-evolution-of-windows-authentication/ba-p/3926848#Windows
Blog post on fuzzing Windows RPC with RPCView
https://itm4n.github.io/fuzzing-windows-rpc-rpcview/#Windows
GitHub repository for RPCForge
https://github.com/sogeti-esec-lab/RPCForge#Windows
GitHub repository for Akamai RPC Toolkit
https://github.com/akamai/akamai-security-research/tree/main/rpc_toolkit#Windows
Blog post on analysing RPC with Ghidra and Neo4j
https://blog.xpnsec.com/analysing-rpc-with-ghidra-neo4j/#Windows
GitHub repository for InterProcessCommunication-Samples
https://github.com/csandker/InterProcessCommunication-Samples#Windows
GitHub repository for Ariadne
https://github.com/seeinglogic/ariadne#Windows
Photos from OffSec 2023 event
https://photos.app.goo.gl/R1tcPhNCGpag4bxp9#Windows
Blog post on building an offensive RPC interface
https://sensepost.com/blog/2021/building-an-offensive-rpc-interface/#Windows
GitHub repository for CertSync
https://github.com/zblurx/certsync#Windows
GitHub repository for RogueWinRM
https://github.com/antonioCoco/RogueWinRM#Windows
GitHub repository for ContainYourself by Deep Instinct
https://github.com/deepinstinct/ContainYourself#Windows
Blog post on reversing Windows Container Episode I
https://blog.quarkslab.com/reversing-windows-container-episode-i-silo.html#Windows
Exploration et recherche de Check Point dans le Windows Sandbox
https://research.checkpoint.com/2021/playing-in-the-windows-sandbox/#Windows
Page d'auteur d'Alexil sur Check Point Research
https://research.checkpoint.com/author/alexil/#Windows
GitHub repository pour LinikatzV2 par Orange-Cyberdefense
https://github.com/Orange-Cyberdefense/LinikatzV2#Windows
Exploration des vulnérabilités de Microsoft Office 2023
https://blog.pksecurity.io/2023/10/04/microsoft-office.html#Windows
Présentation sur 10 ans d'escalade de privilèges Windows avec Potatoes par AntonioCoco
https://github.com/antonioCoco/infosec-talks/blob/main/10_years_of_Windows_Privilege_Escalation_with_Potatoes.pdf#Windows
Guide sur les types de connexion Windows et la recherche de credentials
https://www.alteredsecurity.com/post/fantastic-windows-logon-types-and-where-to-find-credentials-in-them#Windows
Stratégies pour identifier et prévenir efficacement les attaques APT sur Windows
https://grootfreelearning.com/windows-apt-warfare-identify-and-prevent-attacks-effectively/#Windows
Page d'auteur d'Abdullahzk777gmail-com sur Groot Free Learning
https://grootfreelearning.com/author/abdullahzk777gmail-com/#Windows
GitHub repository pour Windows Drive Remapping EoP par Blue Frost Security
https://github.com/bluefrostsecurity/Windows-Drive-Remapping-EoP#Windows
Post LinkedIn sur Rubeus par JMetayer
https://www.linkedin.com/posts/jmetayer_rubeus-ugcPost-7129701730358824961-YjQc?utm_source=share&utm_medium=member_ios#Windows
Exploration de Decoder Cloud sur NTAuthCertificates à Silver Certificate
https://decoder.cloud/2023/09/05/from-ntauthcertificates-to-silver-certificate/#Windows
Page d'auteur de Decoderblogblog sur Decoder Cloud
https://decoder.cloud/author/decoderblogblog/#Windows
Techniques de red teaming macOS pour obtenir des identifiants AD depuis Nomad
https://wojciechregula.blog/post/macos-red-teaming-get-ad-credentials-from-nomad/#Windows
GitHub repository pour EvilRDP par Skelsec
https://github.com/skelsec/evilrdp#Windows
Nouvelles façons d'abuser des permissions ManageCA dans AD CS
https://whoamianony.top/posts/ad-cs-new-ways-to-abuse-manageca-permissions/#Windows
GitHub repository pour ADCSKiller par Grimlockx
https://github.com/grimlockx/ADCSKiller#Windows
Techniques d'obfuscation à travers le polymorphisme et l'instanciation
https://mark.rxmsolutions.com/obfuscation-thru-polymorphism-and-instantiation/#Windows
GitHub repository pour PySQLRecon par Tw1sm
https://github.com/Tw1sm/PySQLRecon#Windows
GitHub repository pour Kerberos.NET par dotnet
https://github.com/dotnet/Kerberos.NET#Windows
GitHub repository pour SCCMHunter par GarrettFoster13
https://github.com/garrettfoster13/sccmhunter#Windows
Shell de suppression de répertoire
https://secret.club/2020/04/23/directory-deletion-shell.html#Windows
Pentesting avec PsExec dans la cybersécurité
https://www.linkedin.com/posts/narekkay_psexec-pentesting-cybersecurity-activity-7148350555956961282-OeOo?utm_source=share&utm_medium=member_ios#Windows
Icône de processeur central
https://www.iconfinder.com/icons/4100303/central_processing_unit_computer_brain_computer_hardware_cpu_mainframe_of_computer_icon#Windows
Optimisation des performances Kerberos
https://trustedsec.com/blog/i-wanna-go-fast-really-fast-like-kerberos-fast#Windows
GitHub repository pour Marvel Lab par jsecurity101
https://github.com/jsecurity101/Marvel-Lab#Windows
Heist de Bitwarden
https://blog.redteam-pentesting.de/2024/bitwarden-heist/#Windows
GitHub repository pour SignToolEx par Hackerhouse OpenSource
https://github.com/hackerhouse-opensource/SignToolEx#Windows
GitHub repository pour Moriarty par BC-SECURITY
https://github.com/BC-SECURITY/Moriarty#Windows
Pentesting avec LDAP sécurisé et le liage de canal LDAP
https://rootsecdev.medium.com/pentesting-with-secure-ldap-and-ldap-channel-binding-fd5baa0f7345#Windows
Requêtes Cypher dans BloodHound Enterprise
https://posts.specterops.io/cypher-queries-in-bloodhound-enterprise-c7221a0d4bb3#Windows
GitHub repository pour SharpGhostTask par dmcxblue
https://github.com/dmcxblue/SharpGhostTask#Windows
Escalade de privilèges local dans le service VSStandardCollectorService150
https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/#Windows
GitHub repository pour CVE-2024-20656 par Wh04m1001
https://github.com/Wh04m1001/CVE-2024-20656#Windows
Enseigner à Impacket le respect du SSO Windows avec Python SSPI
https://swarm.ptsecurity.com/python-sspi-teaching-impacket-to-respect-windows-sso/#Windows
Sécurité cybernétique dans Active Directory
https://www.linkedin.com/posts/secnumcloud_activedirectory-cybersaezcuritaez-hackcyom-activity-7156685270061387776-pF8y?utm_source=share&utm_medium=member_ios#Windows
GitHub repository pour BoFHound par Fortalice
https://github.com/fortalice/bofhound#Windows
GitHub repository pour SOAPHound par FalconForceTeam
https://github.com/FalconForceTeam/SOAPHound#Windows
Document blanc Trimarc sur le propriétaire ou pwnd
https://www.hub.trimarcsecurity.com/post/trimarc-whitepaper-owner-or-pwnd#Windows
GitHub repository pour AllTools par Zodiacon
https://github.com/zodiacon/AllTools#Windows
GitHub repository pour AutoHotkey
https://github.com/AutoHotkey/AutoHotkey#Windows
Interaction d'autentification avec le serveur ADCS
https://decoder.cloud/2024/02/26/hello-im-your-adcs-server-and-i-want-to-authenticate-against-you/#Windows
Technique d'abus Cypher ADCS ESC14
https://posts.specterops.io/adcs-esc14-abuse-technique-333a004dc2b9#Windows
Parsing MSDN pour la documentation des techniques de développement
https://signal-labs.com/parsing-msdn-for-documented-technique-dev/#Windows
Vulnérabilités TOCTOU
https://lucabarile.github.io/Blog/toctou/index.html#Windows
OneMore STEAM EOP 0Day
https://amonitoring.ru/article/onemore_steam_eop_0day/#Windows
GitHub repository pour LDAPNomNom par LKarlslund
https://github.com/lkarlslund/ldapnomnom#Windows
Pwned par le facteur
https://posts.specterops.io/pwned-by-the-mail-carrier-0750edfad43b#Windows
Exploitation de PrintNightmare
https://itm4n.github.io/printnightmare-exploitation/#Windows
Gestionnaire de configuration incorrecte : négligé et surprivilegié
https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d#Windows
GitHub repository pour Misconfiguration Manager par Subat0mik
https://github.com/subat0mik/Misconfiguration-Manager/blob/main/attack-techniques/_attack-techniques-list.md#Windows
GitHub repository pour Teams NTLM Leak par Soufiane Tahiri
https://github.com/soufianetahiri/TeamsNTLMLeak/#Windows
GitHub repository pour Nullinux par m8sec
https://github.com/m8sec/nullinux#Windows
GitHub repository pour PatchGuardBypass par AdamOron
https://github.com/AdamOron/PatchGuardBypass#Windows
Régression vers NETNTLMv1 pour compromettre
https://www.r-tec.net/r-tec-blog-netntlmv1-downgrade-to-compromise.html#Windows
Chemins d'attaque AD CS dans BloodHound Part 2
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-2-ac7f925d1547#Windows
GitHub repository pour Kernel Special APC ReadProcessMemory par IcEy-999
https://github.com/IcEy-999/Kernel-Special-APC-ReadProcessMemory#Windows
GitHub repository pour Hyper-V Internals par gerhart01
https://github.com/gerhart01/Hyper-V-Internals/tree/master#Windows
Ingénierie inverse complète du pilote BlackEnergy V.2
https://daniel25097.medium.com/blackenergy-v-2-full-driver-reverse-engineering-c9fd6d071946#Windows
Comprendre Windows Authenticode
https://reversea.me/index.php/authenticode-i-understanding-windows-authenticode/#Windows
Comprendre Windows Authenticode
https://reversea.me/index.php/author/duroz/#Windows
searchcode is a free source code search engine. Code snippets and open source (free software) repositories are indexed and searchable.
https://searchcode.com/#Osint
An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x
https://github.com/JonathanSalwan/VMProtect-devirtualization#Reverse
Colton Skees Mazeworks Security [email protected]
https://arxiv.org/pdf/2406.10016#Reverse
A Guide to the Arsenal of Windows Kernel Tricks Employed by Kernel-Mode Malware
https://artemonsecurity.com/rootkits_bootkits_v2.pdf#Windows
NTFS Reference Sheet
https://www.writeblocked.org/resources/NTFS_CHEAT_SHEETS.pdf#Forensics
MBR GPT cheatsheet
https://www.writeblocked.org/resources/MBR_GPT_cheatsheet.pdf#Forensics
Research-oriented team, specializing in Windows internals, obfuscation techniques, and product security. We make public contributions and are dedicated to driving progress in InfoSec.
https://github.com/backengineering#Reverse
Research-oriented team, specializing in Windows internals, obfuscation techniques, and product security. We make public contributions and are dedicated to driving progress in InfoSec.
https://blog.back.engineering/#Reverse
If you enable SSHd on a Domain Controller, every domain user can log in
https://x.com/decoder_it/status/1809172242120519894?t=Xgh7R2DWKMDD_JUPQBW-Eg#Windows
Python library leveraging Volatility 3 to simplify and enhance memory forensics
https://github.com/PyDFIR/pyDFIRRam#Forensics
A collection of tools, scripts and personal research - nasbench/Misc-Research
https://github.com/nasbench/Misc-Research/blob/main/LOLBINs/StandaloneRunner.md#Windows
ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aim-ing to detect memory corruption vulnerabilities...
https://arxiv.org/pdf/2406.08719#Ring0
One way to go from a boot sector loaded by the BIOS with the CPU in 16-bit real mode to the CPU set up in 64-bit long mode. The setup is pretty bare-bones and there’s tons more to do.
https://thasso.xyz/2024/07/13/setting-up-an-x86-cpu.html#Programming
Check if your information has been leaked in a data breach!
https://t.me/haxalotBot#Osint
JTAGulator alternative based on Raspberry Pi Pico.
https://github.com/Aodrulez/blueTag#Hardware
Buzzer is a fuzzer toolchain that allows to write eBPF fuzzing strategies.
https://github.com/google/buzzer#Pwn
Chunk Loader is a Chrome/firefox extension that allows users to load and import JavaScript chunks from a specified URL. This tool is designed for security researchers/bugbounty hunters to help them find bugs in react apps.
https://github.com/ElSicarius/chunkloader#Web
Wondering if the tool is safe and worth using? I've done my research, so you won't have to.
https://www.osintteam.com/uncover-digital-footprints-with-osint-industries-a-complet-review/#Osint
How to configure an Android Phone for Pentesting
https://www.blackhillsinfosec.com/start-to-finish-configuring-an-android-phone-for-pentesting/#Mobile
A Look at Modern Windows Kernel Exploitation/Hacking - Off By One Security
https://www.youtube.com/watch?v=nauAlHXrkIk#Windows
This HTML parsing behavior is absolutely wtf... - Mizu twitter
https://x.com/kevin_mizu/status/1813951932639092785?t=tubG3GRxnZtv2lYh2_wJPA&s=19#Web
The information resource for all wireless device applications filed with the FCC.
https://fccid.io/#Hardware
Analyze packet traces and share them with the networking community.
https://app.packetsafari.com/#Network
A theoretical perspective
https://infosecwriteups.com/return-oriented-programming-on-risc-v-part-1-dd9817b52d2b#Pwn
Tutorial of ARM Stack Overflow Exploit – Defeating ASLR with ret2plt
https://www.fortinet.com/blog/threat-research/tutorial-of-arm-stack-overflow-exploit-defeating-aslr-with-ret2plt#Pwn
Always Check for the Hidden API when Web Scraping - John Watson Rooney
https://www.youtube.com/watch?v=DqtlR0y0suo#Programming