Pentest-Armoury
Here’s a list of resources that I’ve found useful. In the land of Pentestopia some of these guides have become Canonical. There are so many amazingly helpful sites!!! I’ll add to them as I go along. Huge thanks and respect go out to those listed here for providing such valuable learning and reference material. Add them all to your Bookmarks!
NetSecFocus TJNull's OSCP HTB list
TJNull has a great resource An absolute must for anyone working towards the OSCP qualification. He’s also compiled a list of HTB machines that are OSCP-like. There is also a playlist is also to be found on YouTube of relevant Ippsec walkthroughs.
Ippsec's Youtube vids(OSCP-prep)
There’s no better Youtube resource to learn from than Ippsec’s vids. If you think there is…‘FITE ME!!!’
Oxdf hacks stuff
This dude does the best writeups. His site is an amazing collection of HTB walthroughs and lots of other interesting materials. When I first started, not that long ago, I first gravitated to his writeups for a few reasons, they were in dark theme (so easier on the eyes at night) but also because they were concise, comprehensive and interesting. Its definately something I had in mind (the dark theme) when starting this blog.
Red Teaming Experiments
A pretty comprehensive and very useful command cheat-sheet from ired.team
Basic Linux Privilege Escalation
g0tmi1k’s guide is THE go-to guide for linux privesc.
Windows Privilege Escalation
FuzzySecurity’s whole site is an Aladdin’s Cave!
Absolomb’s Security Blog is an excellent guide for this, and is a particular favourite.
Reverse-shell Cheat-sheet
pentestmonkey’s cheatsheets are definately another invaluable resource.
GTFOBins
Another goto resource for linux privesc.
OSCP help
scund00r’s Passing OSCP helped immensely in the PWK labs. His site in general is a goldmine!
highon.coffee
Another valuable resource is Arr0way’s Pentesting Cheat-sheet
Wordpress xmlrpc exploitation
Bilal Rizwan’s page on the subject introduced me to this possible vector.
pentest-tools and stuff
Jiovi/pentest repostitory on github has lots of very useful stuff worth checking out.
Pentest Methodology
Follow this list and you can’t go wrong. ;)
Misc Cheatsheets
here’s a bunch of helpful cheatsheets
Posts:
- LaCasaDePapel
- Lightweight
- Swagshop
- Tally
- Bitlab
- Jeeves
- Jail
- Forest
- Hawk
- Bart
- Netmon
- Safe
- Devops
- Falafel
- Networked
- Jarvis
- Chatterbox
- Bankrobber
- Grandpa
- TartarSauce
- Sunday
- Conceal
- Valentine
- Friendzone
- Kotarak
- Granny
- Node
- Jerry
- SolidState
- Silo
- Bashed
- Active
- Blue
- Bastard
- Waldo
- Irked
- Beep
- Nibbles
- Arctic
- Poison
- Nineveh
- Optimum
- Cronos
- Bounty
- Devel
- Legacy
- Shocker
- Sense
- Lame