├── .gitignore ├── Active_Directory ├── Exploitation-ACL_exploiting.md ├── Exploitation-Azure_AD_Connect.md ├── Exploitation-Certificate_Services.md ├── Exploitation-Credentials_theft_shuffling.md ├── Exploitation-DC_CVE.md ├── Exploitation-GPO_users_rights.md ├── Exploitation-GPP_and_shares_searching.md ├── Exploitation-Kerberos_AS_REP_Roasting.md ├── Exploitation-Kerberos_Kerberoasting.md ├── Exploitation-Kerberos_Silver_Tickets.md ├── Exploitation-Kerberos_delegations.md ├── Exploitation-Kerberos_tickets_usage.md ├── Exploitation-NTLM_capture_and_relay.md ├── Exploitation-Operators_to_Domain_Admins.md ├── Exploitation-Password_spraying.md ├── Exploitation-gMS_accounts.md ├── Post_Exploitation-Kerberos_Golden_Tickets.md ├── Post_Exploitation-Persistence.md ├── Post_Exploitation-Trusts_hopping.md ├── Post_Exploitation-ntds_dit_dumping.md ├── Recon-AD_scanners.md └── Recon-Domain_Recon.md ├── Android └── Static_Analysis.md ├── BinExploit ├── Linux │ └── ELF64_ROP_leaks.md └── Reverse.md ├── Cloud └── Azure.md ├── DFIR ├── Cloud │ ├── AWS.md │ ├── Azure.md │ └── README.md ├── Common │ ├── Browsers_forensics.md │ ├── Docker_forensics.md │ ├── Email_forensics.md │ ├── Image_acquisition_and_mounting.md │ ├── Memory_forensics.md │ └── Web_logs_analysis.md ├── Linux │ ├── README.md │ ├── TTPs_Analysis │ │ ├── README.md │ │ └── Timestomping.md │ └── _Artefacts_overview.md ├── Tools │ ├── Dissect.md │ ├── KAPE.md │ ├── README.md │ ├── Splunk.md │ ├── Velociraptor.md │ └── plaso.md └── Windows │ ├── Artefacts │ ├── Amcache.md │ ├── EVTX.md │ ├── Jumplist.md │ ├── LNKFile.md │ ├── MFT.md │ ├── MISC.md │ ├── Outlook_files.md │ ├── Prefetch.md │ ├── RecentFilecache.md │ ├── RecycleBin.md │ ├── SRUM.md │ ├── Shellbags.md │ ├── Shimcache.md │ ├── Timestamps.md │ ├── User_Access_Logging.md │ ├── UsnJrnl.md │ └── _Artefacts_overview.md │ ├── README.md │ └── TTPs_Analysis │ ├── Accounts_usage.md │ ├── ActiveDirectory_persistence.md │ ├── ActiveDirectory_replication_metadata.md │ ├── EVTX_integrity.md │ ├── Lateral_movement.md │ ├── Local_persistence.md │ ├── PowerShell_activity.md │ ├── Program_execution.md │ ├── README.md │ ├── System_uptime.md │ └── Timestomping.md ├── General ├── External_recon.md ├── File_Transfer.md ├── Passwords_cracking.md ├── Pivoting.md ├── Ports_scan.md └── Shells.md ├── L7 ├── 1-Methodology.md ├── 1099_JavaRMI │ └── Methodology.md ├── 111-2049_NFS │ └── Methodology.md ├── 11211_memcached │ └── Methodology.md ├── 113_Ident │ └── Methodology.md ├── 135_MSRPC │ └── Methodology.md ├── 137-139_NetBIOS │ └── Methodology.md ├── 1433_MSSQL │ └── Methodology.md ├── 1521_ORACLE_DB │ └── Methodology.md ├── 161_SNMP │ └── Methodology.md ├── 21_FTP │ └── Methodology.md ├── 22_SSH │ └── Methodology.md ├── 25_SMTP │ └── Methodology.md ├── 27017-27018_MongoDB │ └── Methodology.md ├── 3128_Proxy │ └── Methodology.md ├── 3306_MySQL │ └── Methodology.md ├── 3389_RDP │ └── Methodology.md ├── 389-3268_LDAP │ └── Methodology.md ├── 445_SMB │ └── Methodology.md ├── 512-513_REXEC-RLOGIN │ └── Methodology.md ├── 53_DNS │ └── Methodology.md ├── 554_RTSP │ └── Methodology.md ├── 5985-5986_WSMan │ └── Methodology.md ├── 8000_JDWP │ └── Methodology.md └── 9100_Printers │ └── Methodology.md ├── Linux ├── Local_privilege_escalation.md └── Post_exploitation.md ├── Miscellaneous ├── Coverage_guideded_fuzzing.md ├── Regex101.md └── WinDbg_kernel.md ├── README.md ├── Red_Team ├── Cobalt_Strike.md ├── EDR_bypass_with_EDRSandBlast.md ├── OpSec_OperatingSystems.md └── Phishing_OfficeDocuments.md ├── SUMMARY.md ├── WebApps ├── CMS_and_softwares │ ├── ColdFusion.md │ ├── DotNetNuke.md │ ├── Jenkins.md │ ├── Jira.md │ ├── Ovidentia.md │ ├── README.md │ ├── WebDAV.md │ └── WordPress.md ├── Exploitation-Authentication.md ├── Exploitation-File_upload.md ├── Exploitation-GraphQL.md ├── Exploitation-LDAP_injections.md ├── Exploitation-Local_and_remote_file_inclusions.md ├── Exploitation-NoSQL_injections │ ├── NoSQLMap.md │ ├── README.md │ └── mongoDB.md ├── Exploitation-Overview.md ├── Exploitation-SQL_injections │ ├── MSSQL.md │ ├── MySQL.md │ ├── README.md │ ├── SQLMAP.md │ └── SQLite.md ├── Recon-Application_mapping.md ├── Recon-Attack_surface.md ├── Recon-Hostnames_discovery.md └── Recon-Server_exposure.md └── Windows ├── Bypass_AppLocker.md ├── Bypass_PS_ConstrainedLanguageMode.md ├── Lateral_movements ├── CrackMapExec.md ├── Local_credentials_reuse.md ├── Over_DCOM.md ├── Over_SMB.md ├── Over_WMI.md ├── Over_WinRM.md └── README.md ├── Local_privilege_escalation.md ├── Post_exploitation ├── Credentials_dumping.md ├── Defense_evasion.md ├── Local_persistence.md └── README.md └── Shellcode_and_PE_loader.md /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/.gitignore -------------------------------------------------------------------------------- /Active_Directory/Exploitation-ACL_exploiting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-ACL_exploiting.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Azure_AD_Connect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Azure_AD_Connect.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Certificate_Services.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Certificate_Services.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Credentials_theft_shuffling.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Credentials_theft_shuffling.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-DC_CVE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-DC_CVE.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-GPO_users_rights.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-GPO_users_rights.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-GPP_and_shares_searching.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-GPP_and_shares_searching.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Kerberos_AS_REP_Roasting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Kerberos_AS_REP_Roasting.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Kerberos_Kerberoasting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Kerberos_Kerberoasting.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Kerberos_Silver_Tickets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Kerberos_Silver_Tickets.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Kerberos_delegations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Kerberos_delegations.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Kerberos_tickets_usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Kerberos_tickets_usage.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-NTLM_capture_and_relay.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-NTLM_capture_and_relay.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Operators_to_Domain_Admins.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Operators_to_Domain_Admins.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-Password_spraying.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-Password_spraying.md -------------------------------------------------------------------------------- /Active_Directory/Exploitation-gMS_accounts.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Exploitation-gMS_accounts.md -------------------------------------------------------------------------------- /Active_Directory/Post_Exploitation-Kerberos_Golden_Tickets.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Post_Exploitation-Kerberos_Golden_Tickets.md -------------------------------------------------------------------------------- /Active_Directory/Post_Exploitation-Persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Post_Exploitation-Persistence.md -------------------------------------------------------------------------------- /Active_Directory/Post_Exploitation-Trusts_hopping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Post_Exploitation-Trusts_hopping.md -------------------------------------------------------------------------------- /Active_Directory/Post_Exploitation-ntds_dit_dumping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Post_Exploitation-ntds_dit_dumping.md -------------------------------------------------------------------------------- /Active_Directory/Recon-AD_scanners.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Recon-AD_scanners.md -------------------------------------------------------------------------------- /Active_Directory/Recon-Domain_Recon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Active_Directory/Recon-Domain_Recon.md -------------------------------------------------------------------------------- /Android/Static_Analysis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Android/Static_Analysis.md -------------------------------------------------------------------------------- /BinExploit/Linux/ELF64_ROP_leaks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/BinExploit/Linux/ELF64_ROP_leaks.md -------------------------------------------------------------------------------- /BinExploit/Reverse.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/BinExploit/Reverse.md -------------------------------------------------------------------------------- /Cloud/Azure.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Cloud/Azure.md -------------------------------------------------------------------------------- /DFIR/Cloud/AWS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Cloud/AWS.md -------------------------------------------------------------------------------- /DFIR/Cloud/Azure.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Cloud/Azure.md -------------------------------------------------------------------------------- /DFIR/Cloud/README.md: -------------------------------------------------------------------------------- 1 | # DFIR - Linux 2 | -------------------------------------------------------------------------------- /DFIR/Common/Browsers_forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Browsers_forensics.md -------------------------------------------------------------------------------- /DFIR/Common/Docker_forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Docker_forensics.md -------------------------------------------------------------------------------- /DFIR/Common/Email_forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Email_forensics.md -------------------------------------------------------------------------------- /DFIR/Common/Image_acquisition_and_mounting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Image_acquisition_and_mounting.md -------------------------------------------------------------------------------- /DFIR/Common/Memory_forensics.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Memory_forensics.md -------------------------------------------------------------------------------- /DFIR/Common/Web_logs_analysis.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Common/Web_logs_analysis.md -------------------------------------------------------------------------------- /DFIR/Linux/README.md: -------------------------------------------------------------------------------- 1 | # DFIR - Linux 2 | -------------------------------------------------------------------------------- /DFIR/Linux/TTPs_Analysis/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /DFIR/Linux/TTPs_Analysis/Timestomping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Linux/TTPs_Analysis/Timestomping.md -------------------------------------------------------------------------------- /DFIR/Linux/_Artefacts_overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Linux/_Artefacts_overview.md -------------------------------------------------------------------------------- /DFIR/Tools/Dissect.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Tools/Dissect.md -------------------------------------------------------------------------------- /DFIR/Tools/KAPE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Tools/KAPE.md -------------------------------------------------------------------------------- /DFIR/Tools/README.md: -------------------------------------------------------------------------------- 1 | # DFIR - Collectors 2 | -------------------------------------------------------------------------------- /DFIR/Tools/Splunk.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Tools/Splunk.md -------------------------------------------------------------------------------- /DFIR/Tools/Velociraptor.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Tools/Velociraptor.md -------------------------------------------------------------------------------- /DFIR/Tools/plaso.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Tools/plaso.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Amcache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Amcache.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/EVTX.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/EVTX.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Jumplist.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Jumplist.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/LNKFile.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/LNKFile.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/MFT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/MFT.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/MISC.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/MISC.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Outlook_files.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Prefetch.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Prefetch.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/RecentFilecache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/RecentFilecache.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/RecycleBin.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/SRUM.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/SRUM.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Shellbags.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Shellbags.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Shimcache.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Shimcache.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/Timestamps.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/Timestamps.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/User_Access_Logging.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/User_Access_Logging.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/UsnJrnl.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/UsnJrnl.md -------------------------------------------------------------------------------- /DFIR/Windows/Artefacts/_Artefacts_overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/Artefacts/_Artefacts_overview.md -------------------------------------------------------------------------------- /DFIR/Windows/README.md: -------------------------------------------------------------------------------- 1 | # DFIR - Windows 2 | -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/Accounts_usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/Accounts_usage.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/ActiveDirectory_persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/ActiveDirectory_persistence.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/ActiveDirectory_replication_metadata.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/ActiveDirectory_replication_metadata.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/EVTX_integrity.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/EVTX_integrity.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/Lateral_movement.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/Lateral_movement.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/Local_persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/Local_persistence.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/PowerShell_activity.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/PowerShell_activity.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/Program_execution.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/Program_execution.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/README.md: -------------------------------------------------------------------------------- 1 | # DFIR - Windows - TTPs analysis 2 | -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/System_uptime.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/System_uptime.md -------------------------------------------------------------------------------- /DFIR/Windows/TTPs_Analysis/Timestomping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/DFIR/Windows/TTPs_Analysis/Timestomping.md -------------------------------------------------------------------------------- /General/External_recon.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/External_recon.md -------------------------------------------------------------------------------- /General/File_Transfer.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/File_Transfer.md -------------------------------------------------------------------------------- /General/Passwords_cracking.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/Passwords_cracking.md -------------------------------------------------------------------------------- /General/Pivoting.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/Pivoting.md -------------------------------------------------------------------------------- /General/Ports_scan.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/Ports_scan.md -------------------------------------------------------------------------------- /General/Shells.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/General/Shells.md -------------------------------------------------------------------------------- /L7/1-Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/1-Methodology.md -------------------------------------------------------------------------------- /L7/1099_JavaRMI/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/1099_JavaRMI/Methodology.md -------------------------------------------------------------------------------- /L7/111-2049_NFS/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/111-2049_NFS/Methodology.md -------------------------------------------------------------------------------- /L7/11211_memcached/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/11211_memcached/Methodology.md -------------------------------------------------------------------------------- /L7/113_Ident/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/113_Ident/Methodology.md -------------------------------------------------------------------------------- /L7/135_MSRPC/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/135_MSRPC/Methodology.md -------------------------------------------------------------------------------- /L7/137-139_NetBIOS/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/137-139_NetBIOS/Methodology.md -------------------------------------------------------------------------------- /L7/1433_MSSQL/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/1433_MSSQL/Methodology.md -------------------------------------------------------------------------------- /L7/1521_ORACLE_DB/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/1521_ORACLE_DB/Methodology.md -------------------------------------------------------------------------------- /L7/161_SNMP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/161_SNMP/Methodology.md -------------------------------------------------------------------------------- /L7/21_FTP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/21_FTP/Methodology.md -------------------------------------------------------------------------------- /L7/22_SSH/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/22_SSH/Methodology.md -------------------------------------------------------------------------------- /L7/25_SMTP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/25_SMTP/Methodology.md -------------------------------------------------------------------------------- /L7/27017-27018_MongoDB/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/27017-27018_MongoDB/Methodology.md -------------------------------------------------------------------------------- /L7/3128_Proxy/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/3128_Proxy/Methodology.md -------------------------------------------------------------------------------- /L7/3306_MySQL/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/3306_MySQL/Methodology.md -------------------------------------------------------------------------------- /L7/3389_RDP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/3389_RDP/Methodology.md -------------------------------------------------------------------------------- /L7/389-3268_LDAP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/389-3268_LDAP/Methodology.md -------------------------------------------------------------------------------- /L7/445_SMB/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/445_SMB/Methodology.md -------------------------------------------------------------------------------- /L7/512-513_REXEC-RLOGIN/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/512-513_REXEC-RLOGIN/Methodology.md -------------------------------------------------------------------------------- /L7/53_DNS/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/53_DNS/Methodology.md -------------------------------------------------------------------------------- /L7/554_RTSP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/554_RTSP/Methodology.md -------------------------------------------------------------------------------- /L7/5985-5986_WSMan/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/5985-5986_WSMan/Methodology.md -------------------------------------------------------------------------------- /L7/8000_JDWP/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/8000_JDWP/Methodology.md -------------------------------------------------------------------------------- /L7/9100_Printers/Methodology.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/L7/9100_Printers/Methodology.md -------------------------------------------------------------------------------- /Linux/Local_privilege_escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Linux/Local_privilege_escalation.md -------------------------------------------------------------------------------- /Linux/Post_exploitation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Linux/Post_exploitation.md -------------------------------------------------------------------------------- /Miscellaneous/Coverage_guideded_fuzzing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Miscellaneous/Coverage_guideded_fuzzing.md -------------------------------------------------------------------------------- /Miscellaneous/Regex101.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Miscellaneous/Regex101.md -------------------------------------------------------------------------------- /Miscellaneous/WinDbg_kernel.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Miscellaneous/WinDbg_kernel.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/README.md -------------------------------------------------------------------------------- /Red_Team/Cobalt_Strike.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Red_Team/Cobalt_Strike.md -------------------------------------------------------------------------------- /Red_Team/EDR_bypass_with_EDRSandBlast.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Red_Team/EDR_bypass_with_EDRSandBlast.md -------------------------------------------------------------------------------- /Red_Team/OpSec_OperatingSystems.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Red_Team/OpSec_OperatingSystems.md -------------------------------------------------------------------------------- /Red_Team/Phishing_OfficeDocuments.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Red_Team/Phishing_OfficeDocuments.md -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/SUMMARY.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/ColdFusion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/ColdFusion.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/DotNetNuke.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/DotNetNuke.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/Jenkins.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/Jenkins.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/Jira.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/Jira.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/Ovidentia.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/Ovidentia.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/README.md: -------------------------------------------------------------------------------- 1 | # Web applications - CMS and softwares 2 | -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/WebDAV.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/WebDAV.md -------------------------------------------------------------------------------- /WebApps/CMS_and_softwares/WordPress.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/CMS_and_softwares/WordPress.md -------------------------------------------------------------------------------- /WebApps/Exploitation-Authentication.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-Authentication.md -------------------------------------------------------------------------------- /WebApps/Exploitation-File_upload.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-File_upload.md -------------------------------------------------------------------------------- /WebApps/Exploitation-GraphQL.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-GraphQL.md -------------------------------------------------------------------------------- /WebApps/Exploitation-LDAP_injections.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-LDAP_injections.md -------------------------------------------------------------------------------- /WebApps/Exploitation-Local_and_remote_file_inclusions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-Local_and_remote_file_inclusions.md -------------------------------------------------------------------------------- /WebApps/Exploitation-NoSQL_injections/NoSQLMap.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-NoSQL_injections/NoSQLMap.md -------------------------------------------------------------------------------- /WebApps/Exploitation-NoSQL_injections/README.md: -------------------------------------------------------------------------------- 1 | # Web Applications - NoSQL Injection 2 | -------------------------------------------------------------------------------- /WebApps/Exploitation-NoSQL_injections/mongoDB.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-NoSQL_injections/mongoDB.md -------------------------------------------------------------------------------- /WebApps/Exploitation-Overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-Overview.md -------------------------------------------------------------------------------- /WebApps/Exploitation-SQL_injections/MSSQL.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-SQL_injections/MSSQL.md -------------------------------------------------------------------------------- /WebApps/Exploitation-SQL_injections/MySQL.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-SQL_injections/MySQL.md -------------------------------------------------------------------------------- /WebApps/Exploitation-SQL_injections/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-SQL_injections/README.md -------------------------------------------------------------------------------- /WebApps/Exploitation-SQL_injections/SQLMAP.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-SQL_injections/SQLMAP.md -------------------------------------------------------------------------------- /WebApps/Exploitation-SQL_injections/SQLite.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Exploitation-SQL_injections/SQLite.md -------------------------------------------------------------------------------- /WebApps/Recon-Application_mapping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Recon-Application_mapping.md -------------------------------------------------------------------------------- /WebApps/Recon-Attack_surface.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Recon-Attack_surface.md -------------------------------------------------------------------------------- /WebApps/Recon-Hostnames_discovery.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Recon-Hostnames_discovery.md -------------------------------------------------------------------------------- /WebApps/Recon-Server_exposure.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/WebApps/Recon-Server_exposure.md -------------------------------------------------------------------------------- /Windows/Bypass_AppLocker.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Bypass_AppLocker.md -------------------------------------------------------------------------------- /Windows/Bypass_PS_ConstrainedLanguageMode.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Bypass_PS_ConstrainedLanguageMode.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/CrackMapExec.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/CrackMapExec.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/Local_credentials_reuse.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/Local_credentials_reuse.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/Over_DCOM.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/Over_DCOM.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/Over_SMB.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/Over_SMB.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/Over_WMI.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/Over_WMI.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/Over_WinRM.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/Over_WinRM.md -------------------------------------------------------------------------------- /Windows/Lateral_movements/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Lateral_movements/README.md -------------------------------------------------------------------------------- /Windows/Local_privilege_escalation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Local_privilege_escalation.md -------------------------------------------------------------------------------- /Windows/Post_exploitation/Credentials_dumping.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Post_exploitation/Credentials_dumping.md -------------------------------------------------------------------------------- /Windows/Post_exploitation/Defense_evasion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Post_exploitation/Defense_evasion.md -------------------------------------------------------------------------------- /Windows/Post_exploitation/Local_persistence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Post_exploitation/Local_persistence.md -------------------------------------------------------------------------------- /Windows/Post_exploitation/README.md: -------------------------------------------------------------------------------- 1 | # Windows - Post exploitation 2 | -------------------------------------------------------------------------------- /Windows/Shellcode_and_PE_loader.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Qazeer/InfoSec-Notes/HEAD/Windows/Shellcode_and_PE_loader.md --------------------------------------------------------------------------------