├── .obsidian ├── hotkeys.json ├── themes │ ├── AnuPpuccin │ │ └── manifest.json │ └── Obsidian Nord │ │ └── manifest.json ├── app.json ├── appearance.json ├── graph.json ├── core-plugins-migration.json ├── core-plugins.json └── types.json ├── writeups ├── HTB-included.md ├── writeup-pics │ ├── asyncio-1.png │ ├── vaccine-HTB-1.png │ ├── Pasted image 20231121132658.png │ ├── Pasted image 20231121133242.png │ ├── Pasted image 20231121160423.png │ ├── Pasted image 20231121161123.png │ ├── Pasted image 20231121173335.png │ ├── Pasted image 20231121173805.png │ ├── Pasted image 20231121174543.png │ ├── Pasted image 20231124142229.png │ ├── Pasted image 20231124145724.png │ ├── Pasted image 20231214121607.png │ ├── Pasted image 20231214123032.png │ ├── Pasted image 20231214124449.png │ └── Pasted image 20231214152234.png ├── README.md └── markup.md ├── coding ├── languages │ ├── lua.md │ ├── ASPX.md │ ├── C.md │ ├── PHP.md │ ├── perl.md │ ├── CPP.md │ ├── VBS.md │ ├── C-sharp.md │ ├── node.md │ └── bash.md ├── APIs │ └── REST-API.md ├── markup │ ├── XML.md │ ├── HTML.md │ └── TOML.md ├── concepts │ ├── hashmaps.md │ ├── oauth-2.md │ ├── math-lectures.md │ ├── version-control.md │ ├── multiprocessing.md │ └── logic.md ├── compilation │ ├── compiler.md │ ├── compilation.md │ └── linker.md ├── data-structures │ ├── JSON.md │ └── trie.md ├── databases │ ├── MongoDB.md │ ├── redis.md │ └── RDBMS.md ├── coding-pics │ ├── DBMS-1.png │ ├── DBMS-2.png │ ├── coroutines-1.png │ └── coroutines-2.png ├── dotNET.md ├── README.md └── jenkins.md ├── computers ├── concepts │ ├── GPU.md │ ├── kernel.md │ ├── cryptography │ │ ├── AES.md │ │ ├── blowfish.md │ │ ├── README.md │ │ ├── rsa.md │ │ ├── dss.md │ │ ├── diffie-hellman.md │ │ ├── stream-cipher.md │ │ ├── steganography.md │ │ └── symmetric-encryption.md │ ├── x86.md │ ├── AI │ │ ├── ML.md │ │ └── LLMs.md │ ├── process.md │ └── operating-system.md ├── virtualization │ ├── aws │ │ └── ec2.md │ └── containers.md ├── memory │ ├── RAM.md │ ├── RAID.md │ └── stack-and-heap.md ├── linux │ ├── gcc.md │ ├── gdb.md │ ├── file-system │ │ ├── file-management.md │ │ └── file-permissions.md │ ├── unix-sockets.md │ ├── syscalls.md │ └── README.md ├── computers-pics │ ├── ACLs-1.png │ ├── docker-1.png │ ├── hashing-1.png │ ├── hashing-2.png │ ├── quantum-1.png │ ├── quantum-2.png │ ├── registry-1.png │ ├── filter-manager-1.png │ ├── active-directory-1.gif │ ├── active-directory-2 1.png │ ├── active-directory-2.png │ ├── domain-controller-2.png │ ├── domain-contrroller-1.png │ ├── stream-block-cipher-1.png │ ├── stream-block-cipher-2.png │ ├── stream-block-cipher-3.png │ ├── stream-block-cipher-4.png │ ├── asymmetric-encryption-2.png │ ├── asymmetric-encryption-3.png │ ├── Pasted image 20240705161436.png │ ├── assymetric-encryption-1.png.png │ └── ASR-33_Teletype_terminal_IMG_1658.jpg ├── containers-vms │ └── virtual-machines.md ├── windows │ ├── WinRM.md │ ├── active-directory │ │ ├── ADCS.md │ │ └── ACLs.md │ ├── DLL.md │ ├── LSASS.md │ ├── PE.md │ └── file-system │ │ └── filter-drivers.md └── README.md ├── cybersecurity ├── resources │ ├── CISA.md │ ├── CVEs.md │ ├── Cyber-Chef.md │ ├── DIFR-Report.md │ ├── FireEye-Threat-Research.md │ ├── Akamai.md │ ├── pwn-college │ │ └── talking-web │ │ │ └── the-internet.md │ ├── OPSWAT.md │ ├── EPSS.md │ ├── GIAC.md │ ├── WSTG │ │ ├── fingerprint-web-server.md │ │ ├── map-app-architecture.md │ │ └── test-network-config.md │ ├── corelan │ │ └── exploit-writing │ │ │ └── stack-based-overflows.md │ ├── OWASP.md │ └── vulnhub.md ├── TTPs │ ├── delivery │ │ ├── watering-hole.md │ │ ├── candy-drop.md │ │ ├── trojan.md │ │ ├── social-engineering.md │ │ ├── tools │ │ │ ├── phish-tool.md │ │ │ └── gophish.md │ │ └── URL-shorteners.md │ ├── exploitation │ │ ├── zero-day.md │ │ ├── MITM.md │ │ ├── injection │ │ │ ├── DNS-poisoning.md │ │ │ ├── SSTI.md │ │ │ └── HHI.md │ │ ├── DLL-hijacking.md │ │ ├── denial-of-service.md │ │ ├── service-binary-hijacking.md │ │ ├── DNS-amplification.md │ │ ├── bind-shell.md │ │ ├── binary-exploitation │ │ │ ├── spiking.md │ │ │ ├── fuzzing.md │ │ │ └── NOP-sled.md │ │ ├── rev-shell.md │ │ ├── tools │ │ │ ├── evil-winrm.md │ │ │ ├── exploit-db.md │ │ │ ├── ExploitDB.md │ │ │ ├── netcat.md │ │ │ ├── responder.md │ │ │ └── searchsploit.md │ │ ├── trojans.md │ │ └── web-shell.md │ ├── persistence │ │ ├── back-door.md │ │ └── connect-back.md │ ├── c2 │ │ ├── botnet.md │ │ ├── C2.md │ │ └── tools │ │ │ └── cobalt-strike.md │ ├── recon │ │ ├── tools │ │ │ ├── dir-and-subdomain │ │ │ │ ├── amass 1.md │ │ │ │ ├── sublist3r.md │ │ │ │ ├── shosubgo.md │ │ │ │ └── feroxbuster.md │ │ │ ├── scanning │ │ │ │ ├── wireshark.md │ │ │ │ └── masscan.md │ │ │ ├── tech-stack │ │ │ │ ├── eyewitness.md │ │ │ │ ├── gowitness.md │ │ │ │ └── whatruns.md │ │ │ ├── reverse-engineering │ │ │ │ ├── immunity-debugger.md │ │ │ │ ├── Virus-Total.md │ │ │ │ └── malware-sandboxes.md │ │ │ ├── credential-harvesting │ │ │ │ ├── crosslinked.md │ │ │ │ └── breach-parse.md │ │ │ ├── SPF-surveyor.md │ │ │ ├── services-and-protocols │ │ │ │ ├── snmpwalk.md │ │ │ │ └── onesixtyone.md │ │ │ ├── netexec.md │ │ │ ├── vuln-scanning │ │ │ │ └── nessus.md │ │ │ ├── wordlists │ │ │ │ ├── robots-disallowed.md │ │ │ │ └── statistcially-likely.md │ │ │ └── cloudfox.md │ │ ├── OSINT.md │ │ ├── bucket-enumeration.md │ │ ├── OS │ │ │ └── linux-recon.md │ │ ├── password-spraying.md │ │ └── directory-enumeration.md │ ├── cloud │ │ └── tools │ │ │ ├── azure-hound.md │ │ │ ├── monkey-365.md │ │ │ └── cloud-enum.md │ ├── actions-on-objective │ │ ├── worm.md │ │ ├── tools │ │ │ ├── dnscat.md │ │ │ ├── dnsmasq.md │ │ │ ├── psypy.md │ │ │ ├── findmeaccess.md │ │ │ ├── PowerView.md │ │ │ └── winPEAS.md │ │ ├── privesc │ │ │ └── README.md │ │ └── exfiltration-infiltration │ │ │ ├── DNS-tunneling.md │ │ │ └── DNS-spoofing.md │ └── cracking │ │ ├── brute-force.md │ │ ├── compbinator-attack.md │ │ ├── dictionary-attack.md │ │ ├── credential-stuffing.md │ │ ├── password-cracking.md │ │ ├── tools │ │ ├── kraken.md │ │ └── kerbrute.md │ │ └── rainbow-table.md ├── attacks │ ├── notpetya.md │ └── wannacry.md ├── defense │ ├── rate-limiting.md │ ├── SIEM.md │ ├── incident-response │ │ ├── digital-forensics.md │ │ ├── incident-response.md │ │ └── DFIR.md │ ├── threat-intelligence │ │ └── TTPs.md │ └── appsec │ │ └── input-validation.md ├── vulnerabilities │ ├── log4j.md │ ├── openfuck.md │ ├── referrer-leakage.md │ ├── SMB-null-share.md │ └── DejaBlue.md ├── wordlists │ ├── WordPress.md │ ├── linux.md │ └── README.md ├── malware │ └── storm-worm.md ├── cybersecurity-pics │ ├── CVSS-1.png │ ├── CVSS-2.png │ ├── DKIM-1.png │ ├── SPF-1.png │ ├── XSS-2.png │ ├── amass-1.png │ ├── amass-2.png │ ├── xss-1.png │ ├── emotet-1.png │ ├── maltego-1.png │ ├── pyramid-1.png │ ├── burp-suite-1.png │ ├── burp-suite-2.png │ ├── burp-suite-3.png │ ├── burp-suite-4.png │ ├── burp-suite-5.png │ ├── burp-suite-6.png │ ├── burp-suite-7.png │ ├── burp-suite-8.png │ ├── burp-suite-9.png │ ├── fast-flux-1.png │ ├── fast-flux-2.png │ ├── fast-flux-3.png │ ├── fast-flux-4.png │ ├── fast-flux-5.png │ ├── fast-flux-6.png │ ├── mimikatz-1.png │ ├── mimikatz-2.png │ ├── mimikatz-3.png │ ├── mimikatz-4.png │ ├── SPF-surveyor-1.png │ ├── UNION-attack-1.png │ ├── UNION-attack-2.png │ ├── UNION-attack-3.png │ ├── UNION-attack-4.png │ ├── UNION-attack-5.png │ ├── burp-suite-1 1.png │ ├── burp-suite-10.png │ ├── burp-suite-11.png │ ├── burp-suite-12.png │ ├── burp-suite-2 1.png │ ├── burp-suite-3 1.png │ ├── mitre-attack-1.png │ ├── token-abuse-1.png │ ├── token-abuse-2.png │ ├── LLMNR-poisoning-1.png │ ├── buffer-overflow-1.png │ ├── buffer-overflow-2.png │ ├── buffer-overflow-3.png │ ├── buffer-overflow-4.png │ ├── buffer-overflow-5.png │ ├── buffer-overflow-6.png │ ├── buffer-overflow-7.png │ ├── buffer-overflow-8.png │ ├── buffer-overflow-9.png │ ├── diffie-hellman-1.jpg │ ├── elasticsearch-1 1.png │ ├── elasticsearch-1.png │ ├── elasticsearch-3.png │ ├── elasticsearch-4.png │ ├── heap-spraying-1.png │ ├── buffer-overflow-10.png │ ├── buffer-overflow-11.png │ ├── buffer-overflow-12.png │ ├── buffer-overflow-13.png │ └── fast-flux-README-pic.png ├── pen-testing │ ├── penetration-testing.md │ └── PTES.md └── opsec │ └── OTP-token.md ├── .gitattributes ├── www ├── DOM.md ├── HTTP-request.md ├── CDNs.md ├── cookies.md ├── search-engines.md └── WebDAV.md ├── OSCP ├── web-apps │ ├── character-encoding.md │ ├── javascript.md │ ├── XSS.md │ └── SQLi │ │ ├── UNION-attack.md │ │ ├── automated-SQLi.md │ │ └── SQLi.md ├── linux-privesc │ ├── enumeration │ │ ├── manual-enumeration.md │ │ └── automated-enumeration.md │ ├── file-permissions │ │ ├── password-auth.md │ │ └── cron-jobs.md │ ├── system-components │ │ ├── abusing-sudo.md │ │ ├── kernel-vulns.md │ │ └── setuid-and-capabilities.md │ └── exposed-info │ │ ├── user-trails.md │ │ └── service-footprints.md ├── oscp-pics │ ├── MIC-1.png │ ├── SQLi-1.png │ ├── netsh-1.png │ ├── netsh-2.png │ ├── oscp-1.png │ ├── oscp-2.png │ ├── plink-1.png │ ├── socat-1.png │ ├── README-2.png │ ├── DLL-hijack-5.png │ ├── LDAP-ADSI-1.png │ ├── bloodhound-1.png │ ├── bloodhound-2.png │ ├── bloodhound-3.png │ ├── bloodhound-4.png │ ├── DLL-hijacking-4.png │ ├── DNS-tunneling-1.png │ ├── DNS-tunneling-2.png │ ├── DNS-tunneling-3.png │ ├── access-tokens-1.png │ ├── dll-hijacking-1.png │ ├── dll-hijacking-2.png │ ├── dll-hijacking-3.png │ ├── nmap-scanning-1.png │ ├── passing-NTLM-1.png │ ├── port-scanning-1.png │ ├── port-scanning-2.png │ ├── HTTP-tunneling-1.png │ ├── HTTP-tunneling-2.png │ ├── sensitive-files-1.png │ ├── sensitive-files-2.png │ ├── automating-evasion-1.png │ ├── automating-evasion-2.png │ ├── thread-injection-1.png │ ├── thread-injection-2.png │ ├── cracking-net-ntlmv2-1.png │ ├── cracking-net-ntlmv2-2.png │ ├── local-file-inclusion-1.png │ ├── local-file-inclusion-2.png │ ├── local-file-inclusion-3.png │ ├── local-file-inclusion-4.png │ ├── remote-port-forward-1.png │ ├── AD-manual-enumeration-1.png │ ├── abusing-library-files-1.png │ ├── abusing-library-files-2.png │ ├── abusing-library-files-3.png │ ├── abusing-library-files-4.png │ ├── abusing-library-files-5.png │ ├── dynamic-port-forwarding-1.png │ ├── microsoft-word-macros-1.png │ ├── microsoft-word-macros-3.png │ ├── microsoft-word-marcos-2.png │ ├── SSH-local-port-forwarding-1.png │ ├── SSH-local-port-forwarding-2.png │ ├── port-forwarding-scenario-1.png │ ├── remote-dynamic-port-forwarding-2.png │ └── remote-dynamid-port-forwarding-1.png ├── AD │ ├── automated-enumeration │ │ └── BloodHound.md │ └── intro-to-AD.md └── windows-privesc │ └── README.md ├── networking ├── DNS │ ├── zone-transfer.md │ ├── registration.md │ ├── NS-record.md │ ├── A-record.md │ └── TXT-record.md ├── OSI │ ├── 3-network │ │ ├── router.md │ │ ├── socket.md │ │ ├── network-layer.md │ │ └── MTU.md │ ├── 4-transport │ │ └── transport-layer.md │ ├── 5-session │ │ └── session-layer.md │ ├── 6-presentation │ │ └── presentation-layer.md │ ├── 2-datalink │ │ ├── LLC-layer.md │ │ ├── MAC-layer.md │ │ ├── bridge.md │ │ ├── switches.md │ │ └── multiplexing.md │ ├── 7-application │ │ └── application-layer.md │ └── 1-physical │ │ └── hubs.md ├── ARPANET.md ├── protocols │ ├── IGP.md │ ├── BGP.md │ ├── NetBIOS.md │ ├── SSL.md │ ├── NBT-NS.md │ ├── ICMP.md │ ├── LLMNR.md │ ├── kerberos.md │ ├── SRTP.md │ └── MDNS.md ├── networking-pics │ ├── DMZ-1.jpg │ ├── DNS-1.png │ ├── LAN-1.png │ ├── LAN-2.png │ ├── LAN-3.png │ ├── LAN-4.png │ ├── LAN-5.png │ ├── RDP-1.png │ ├── RDP-2.png │ ├── RDP-3.png │ ├── RPC-1.png │ ├── TCP-1.png │ ├── TCP-2.png │ ├── UDP-1.png │ ├── UDP-2.png │ ├── VPN-1.png │ ├── NTLM-1.png │ ├── NTLM-2.png │ ├── NTLM-3.png │ ├── SMTP-1.png │ ├── SNMP-1.png │ ├── SNMP-2.png │ ├── email-1.png │ ├── ports-1.jpg │ ├── ports-1.png │ ├── ports-2.jpg │ ├── ports-2.png │ ├── loopback-1.png │ ├── ports-2 1.png │ ├── topology-1.jpg │ ├── topology-2.jpg │ ├── topology-3.jpg │ ├── topology-4.jpg │ ├── topology-5.jpg │ ├── topology-6.jpg │ ├── MX-record-1.png │ ├── NS-record-1.png │ ├── IP-addresses-1.png │ ├── IP-addresses-2.png │ ├── dns-security-1.png │ ├── routing-table-1.png │ ├── IP-routing-steve-2.png │ ├── IP-routing-steve.png │ ├── Pasted image 20240710142956.png │ ├── Pasted image 20240710155214.png │ ├── Pasted image 20240710155734.png │ ├── Pasted image 20240710161235.png │ ├── Pasted image 20240710161422.png │ ├── Pasted image 20240710161818.png │ ├── Pasted image 20240710162740.png │ ├── Pasted image 20240712105439.png │ ├── Pasted image 20240712105702.png │ ├── Pasted image 20240712110047.png │ ├── Pasted image 20240712111309.png │ ├── Pasted image 20240712111628.png │ ├── Pasted image 20240712112627.png │ ├── Pasted image 20240712113032.png │ ├── Pasted image 20240712113746.png │ ├── Pasted image 20240712114023.png │ ├── Pasted image 20240712114103.png │ └── Pasted image 20240712150138.png ├── routing │ └── port-forwarding.md └── design-structure │ ├── VLANs.md │ └── WAN.md ├── CLI-tools ├── README.md ├── CLI-tools-pics │ ├── dig-1.png │ ├── dig-2.png │ ├── crontab-1.png │ └── nmblookup-1.png ├── linux │ ├── rsync.md │ ├── redis-cli.md │ ├── local │ │ ├── ifconfig.md │ │ └── iptables.md │ ├── remote │ │ ├── telnet-command.md │ │ ├── xfreerdp.md │ │ └── traceroute.md │ ├── crontab.md │ ├── users │ │ ├── w.md │ │ └── who.md │ └── tcpdump.md ├── windows │ ├── netstat.md │ ├── Test-NetConnection.md │ └── powercat.md ├── whois.md └── tips-and-tricks │ └── environment-variables.md ├── PNPT ├── PNPT-pics │ ├── dev-1.png │ ├── dev-2.png │ ├── dev-3.png │ ├── dev-4.png │ ├── dev-5.png │ ├── dev-6.png │ ├── dev-7.png │ ├── dev-8.png │ ├── dev-9.png │ ├── blue-1.png │ ├── blue-2.png │ ├── blue-3.png │ ├── dev-10.png │ ├── dev-11.png │ ├── dev-12.png │ ├── dev-13.png │ ├── dev-14.png │ ├── dev-15.png │ ├── academy-1.png │ ├── academy-2.png │ ├── academy-3.png │ ├── academy-4.png │ ├── academy-5.png │ ├── academy-6.png │ ├── fuzzing-1.png │ ├── fuzzing-2.png │ ├── nessus-1.png │ ├── nessus-2.png │ ├── nessus-3.png │ ├── nessus-4.png │ ├── smbrelay.png │ ├── spiking-1.png │ ├── IP-addresses-1.png │ ├── gaining-root-1.png │ ├── bash-scripting-1.png │ ├── enumerating-SMB-1.png │ ├── enumerating-SMB-2.png │ ├── gaining-root-1 1.png │ ├── active-directory-1.png │ ├── active-directory-10.png │ ├── active-directory-11.png │ ├── active-directory-2.png │ ├── active-directory-4.png │ ├── active-directory-5.png │ ├── active-directory-6.png │ ├── active-directory-7.png │ ├── active-directory-8 1.png │ ├── active-directory-8.png │ ├── active-directory-9.png │ ├── hunting-subdomains-1.png │ ├── researching-vulns-1.png │ ├── researching-vulns-2.png │ ├── researching-vulns-3.png │ ├── enumerating-HTTP-HTTPS-1.png │ └── enumerating-HTTP-HTTPS-2.png └── PEH │ ├── kali-linux │ ├── linux-filesystem.md │ └── sudo.md │ ├── notekeeping │ └── important-tools.md │ ├── python │ └── tuples.md │ ├── recon │ ├── social-media.md │ ├── google-fu.md │ └── burp-suite.md │ └── buffer-overflows │ └── buffer-overflow-basics.md ├── .gitmodules ├── obsidian-help.md └── .gitignore /.obsidian/hotkeys.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /writeups/HTB-included.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /coding/languages/lua.md: -------------------------------------------------------------------------------- 1 | 2 | Init. -------------------------------------------------------------------------------- /computers/concepts/GPU.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # GPU -------------------------------------------------------------------------------- /cybersecurity/resources/CISA.md: -------------------------------------------------------------------------------- 1 | www.cisa.gov -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto 2 | *.md text 3 | -------------------------------------------------------------------------------- /coding/APIs/REST-API.md: -------------------------------------------------------------------------------- 1 | 2 | # REST API 3 | Init. -------------------------------------------------------------------------------- /coding/languages/ASPX.md: -------------------------------------------------------------------------------- 1 | 2 | # ASPX 3 | Init. -------------------------------------------------------------------------------- /coding/markup/XML.md: -------------------------------------------------------------------------------- 1 | 2 | # XML 3 | INIT 4 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/watering-hole.md: -------------------------------------------------------------------------------- 1 | Init -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/zero-day.md: -------------------------------------------------------------------------------- 1 | Init -------------------------------------------------------------------------------- /cybersecurity/TTPs/persistence/back-door.md: -------------------------------------------------------------------------------- 1 | Init -------------------------------------------------------------------------------- /www/DOM.md: -------------------------------------------------------------------------------- 1 | 2 | # Document Object Model 3 | Init. -------------------------------------------------------------------------------- /coding/concepts/hashmaps.md: -------------------------------------------------------------------------------- 1 | 2 | # Hashmaps 3 | Init. -------------------------------------------------------------------------------- /computers/concepts/kernel.md: -------------------------------------------------------------------------------- 1 | 2 | # Kernel 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/resources/CVEs.md: -------------------------------------------------------------------------------- 1 | 2 | # CVEs 3 | Init. -------------------------------------------------------------------------------- /coding/compilation/compiler.md: -------------------------------------------------------------------------------- 1 | 2 | # Compiler 3 | Init. -------------------------------------------------------------------------------- /coding/data-structures/JSON.md: -------------------------------------------------------------------------------- 1 | 2 | # JSON Format 3 | Init -------------------------------------------------------------------------------- /computers/concepts/cryptography/AES.md: -------------------------------------------------------------------------------- 1 | 2 | # AES 3 | Init -------------------------------------------------------------------------------- /computers/concepts/x86.md: -------------------------------------------------------------------------------- 1 | 2 | # x86 Architecture 3 | Init. -------------------------------------------------------------------------------- /computers/virtualization/aws/ec2.md: -------------------------------------------------------------------------------- 1 | 2 | # AWS EC2 3 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/c2/botnet.md: -------------------------------------------------------------------------------- 1 | 2 | # Botnet 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/attacks/notpetya.md: -------------------------------------------------------------------------------- 1 | 2 | # Notpetya 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/attacks/wannacry.md: -------------------------------------------------------------------------------- 1 | 2 | # WannaCry 3 | Init. -------------------------------------------------------------------------------- /www/HTTP-request.md: -------------------------------------------------------------------------------- 1 | 2 | # HTTP Request 3 | 4 | Init. 5 | -------------------------------------------------------------------------------- /coding/languages/C.md: -------------------------------------------------------------------------------- 1 | 2 | # C Programming Language 3 | Init. -------------------------------------------------------------------------------- /coding/languages/PHP.md: -------------------------------------------------------------------------------- 1 | 2 | # PHP Coding Language 3 | Init. -------------------------------------------------------------------------------- /coding/markup/HTML.md: -------------------------------------------------------------------------------- 1 | 2 | # Hypertext Markup Language 3 | Init. -------------------------------------------------------------------------------- /computers/concepts/AI/ML.md: -------------------------------------------------------------------------------- 1 | 2 | # Machine Learning 3 | INIT -------------------------------------------------------------------------------- /computers/memory/RAM.md: -------------------------------------------------------------------------------- 1 | 2 | # Random Access Memory 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/c2/C2.md: -------------------------------------------------------------------------------- 1 | 2 | # Command & Control 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/dir-and-subdomain/amass 1.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /OSCP/web-apps/character-encoding.md: -------------------------------------------------------------------------------- 1 | 2 | # Character Encoding 3 | -------------------------------------------------------------------------------- /coding/compilation/compilation.md: -------------------------------------------------------------------------------- 1 | 2 | # Code Compilation 3 | Init. -------------------------------------------------------------------------------- /coding/languages/perl.md: -------------------------------------------------------------------------------- 1 | 2 | # Perl Programming language 3 | Init. -------------------------------------------------------------------------------- /computers/concepts/cryptography/blowfish.md: -------------------------------------------------------------------------------- 1 | 2 | # Blowfish 3 | Init -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/candy-drop.md: -------------------------------------------------------------------------------- 1 | 2 | # Candy Drop 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/defense/rate-limiting.md: -------------------------------------------------------------------------------- 1 | 2 | # Rate Limiting 3 | Init. -------------------------------------------------------------------------------- /networking/DNS/zone-transfer.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS Zone Transfer 3 | Init -------------------------------------------------------------------------------- /computers/concepts/AI/LLMs.md: -------------------------------------------------------------------------------- 1 | 2 | # Large Language Models 3 | Init. 4 | -------------------------------------------------------------------------------- /computers/concepts/process.md: -------------------------------------------------------------------------------- 1 | 2 | # Processes and Subprocesses 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/cloud/tools/azure-hound.md: -------------------------------------------------------------------------------- 1 | 2 | # Azure Hound 3 | init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/trojan.md: -------------------------------------------------------------------------------- 1 | 2 | # Trojan Attack Technique 3 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/MITM.md: -------------------------------------------------------------------------------- 1 | 2 | # Man in the Middle 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/vulnerabilities/log4j.md: -------------------------------------------------------------------------------- 1 | 2 | # Log4j Vulnerability 3 | Init -------------------------------------------------------------------------------- /www/CDNs.md: -------------------------------------------------------------------------------- 1 | 2 | # Content Delivery Networks (CDNs) 3 | Init. 4 | 5 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/worm.md: -------------------------------------------------------------------------------- 1 | 2 | # Worm/ Worming 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/brute-force.md: -------------------------------------------------------------------------------- 1 | 2 | # Brute Force Attack 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/scanning/wireshark.md: -------------------------------------------------------------------------------- 1 | 2 | # WireShark 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/wordlists/WordPress.md: -------------------------------------------------------------------------------- 1 | # Files 2 | ``` 3 | wp-config.php 4 | ``` -------------------------------------------------------------------------------- /networking/OSI/3-network/router.md: -------------------------------------------------------------------------------- 1 | 2 | # Router Networking Device 3 | Init. -------------------------------------------------------------------------------- /OSCP/linux-privesc/enumeration/manual-enumeration.md: -------------------------------------------------------------------------------- 1 | 2 | # Manual Linux Enumeration -------------------------------------------------------------------------------- /coding/languages/CPP.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - C++ 4 | --- 5 | # C++ 6 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/compbinator-attack.md: -------------------------------------------------------------------------------- 1 | 2 | # Combinator Attack 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/dictionary-attack.md: -------------------------------------------------------------------------------- 1 | 2 | # Dictionary Attack 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/OSINT.md: -------------------------------------------------------------------------------- 1 | 2 | # Open Source Intel. Gathering 3 | Init. 4 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/tech-stack/eyewitness.md: -------------------------------------------------------------------------------- 1 | 2 | # EyeWitness 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/defense/SIEM.md: -------------------------------------------------------------------------------- 1 | 2 | # Security Information Event Management 3 | INIT -------------------------------------------------------------------------------- /networking/OSI/4-transport/transport-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # Transport Layer (4) 3 | Init. -------------------------------------------------------------------------------- /networking/OSI/5-session/session-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # OSI Session Layer (5) 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/social-engineering.md: -------------------------------------------------------------------------------- 1 | 2 | # Social Engineering 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/injection/DNS-poisoning.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS Poisoning 3 | Init -------------------------------------------------------------------------------- /networking/OSI/6-presentation/presentation-layer.md: -------------------------------------------------------------------------------- 1 | # OSI: Presentation Layer 2 | Init. -------------------------------------------------------------------------------- /OSCP/linux-privesc/enumeration/automated-enumeration.md: -------------------------------------------------------------------------------- 1 | 2 | # Automated Linux Enumeration -------------------------------------------------------------------------------- /cybersecurity/resources/Cyber-Chef.md: -------------------------------------------------------------------------------- 1 | 2 | >[!links] 3 | >https://cyberchef.org/ 4 | 5 | -------------------------------------------------------------------------------- /cybersecurity/resources/DIFR-Report.md: -------------------------------------------------------------------------------- 1 | 2 | >[!links] 3 | >https://thedfirreport.com/ 4 | -------------------------------------------------------------------------------- /networking/OSI/2-datalink/LLC-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # Logical Link Control sublayer (LLC) 3 | Init. -------------------------------------------------------------------------------- /networking/OSI/2-datalink/MAC-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # Media Access Control sublayer (MAC) 3 | Init. -------------------------------------------------------------------------------- /coding/languages/VBS.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Visual Basic 3 | 4 | > [!Related] 5 | > - [VBA](VBA.md) 6 | -------------------------------------------------------------------------------- /cybersecurity/defense/incident-response/digital-forensics.md: -------------------------------------------------------------------------------- 1 | 2 | # Digital Forensics 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/defense/incident-response/incident-response.md: -------------------------------------------------------------------------------- 1 | 2 | # Incident Response 3 | Init. -------------------------------------------------------------------------------- /cybersecurity/wordlists/linux.md: -------------------------------------------------------------------------------- 1 | # Files 2 | ``` 3 | /var/www/html/wordpress/wp-config.php 4 | ``` -------------------------------------------------------------------------------- /coding/databases/MongoDB.md: -------------------------------------------------------------------------------- 1 | 2 | # MongoDB 3 | INIT 4 | Type of NoSQL [DBMS](coding/databases/DBMS.md) -------------------------------------------------------------------------------- /cybersecurity/defense/threat-intelligence/TTPs.md: -------------------------------------------------------------------------------- 1 | 2 | # Tactics, Techniques, Procedures 3 | Init. 4 | -------------------------------------------------------------------------------- /cybersecurity/resources/FireEye-Threat-Research.md: -------------------------------------------------------------------------------- 1 | 2 | >[!links] 3 | >https://www.fireeye.com/ 4 | -------------------------------------------------------------------------------- /cybersecurity/vulnerabilities/openfuck.md: -------------------------------------------------------------------------------- 1 | 2 | # OpenFuck Vulnerability in mod_ssl > 2.8.7 3 | Init. -------------------------------------------------------------------------------- /CLI-tools/README.md: -------------------------------------------------------------------------------- 1 | # CLI Tools 2 | This is a list of CLI tools, either organized by OS or miscellaneously. -------------------------------------------------------------------------------- /OSCP/oscp-pics/MIC-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/MIC-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-3.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-4.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-5.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-6.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-7.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-8.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-9.png -------------------------------------------------------------------------------- /coding/languages/C-sharp.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - C# 4 | --- 5 | 6 | # C# Programming Language 7 | Init. -------------------------------------------------------------------------------- /OSCP/AD/automated-enumeration/BloodHound.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - bloodhound 4 | --- 5 | INIT 6 | # BloodHound -------------------------------------------------------------------------------- /OSCP/oscp-pics/SQLi-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/SQLi-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/netsh-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/netsh-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/netsh-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/netsh-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/oscp-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/oscp-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/oscp-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/oscp-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/plink-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/plink-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/socat-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/socat-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/blue-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/blue-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/blue-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/blue-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/blue-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/blue-3.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-10.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-11.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-12.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-13.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-13.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-14.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-14.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/dev-15.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/dev-15.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/README-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/README-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-3.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-4.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-5.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/academy-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/academy-6.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/fuzzing-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/fuzzing-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/fuzzing-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/fuzzing-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/nessus-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/nessus-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/nessus-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/nessus-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/nessus-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/nessus-3.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/nessus-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/nessus-4.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/smbrelay.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/smbrelay.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/spiking-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/spiking-1.png -------------------------------------------------------------------------------- /coding/coding-pics/DBMS-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/coding/coding-pics/DBMS-1.png -------------------------------------------------------------------------------- /coding/coding-pics/DBMS-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/coding/coding-pics/DBMS-2.png -------------------------------------------------------------------------------- /networking/ARPANET.md: -------------------------------------------------------------------------------- 1 | 2 | # ARPANET 3 | Created in the 1960s by the DOD, the first documented network b/w computers. -------------------------------------------------------------------------------- /OSCP/oscp-pics/DLL-hijack-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/DLL-hijack-5.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/LDAP-ADSI-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/LDAP-ADSI-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/bloodhound-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/bloodhound-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/bloodhound-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/bloodhound-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/bloodhound-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/bloodhound-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/bloodhound-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/bloodhound-4.png -------------------------------------------------------------------------------- /coding/concepts/oauth-2.md: -------------------------------------------------------------------------------- 1 | 2 | # OAuth 2 3 | https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2 -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/reverse-engineering/immunity-debugger.md: -------------------------------------------------------------------------------- 1 | 2 | # Immunity Debugger for Reverse Engineering -------------------------------------------------------------------------------- /networking/protocols/IGP.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: [IGP, internal-gateway-protocol] 3 | --- 4 | 5 | # Internal Gateway Protocol -------------------------------------------------------------------------------- /CLI-tools/CLI-tools-pics/dig-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/CLI-tools/CLI-tools-pics/dig-1.png -------------------------------------------------------------------------------- /CLI-tools/CLI-tools-pics/dig-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/CLI-tools/CLI-tools-pics/dig-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/DLL-hijacking-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/DLL-hijacking-4.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/DNS-tunneling-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/DNS-tunneling-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/DNS-tunneling-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/DNS-tunneling-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/DNS-tunneling-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/DNS-tunneling-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/access-tokens-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/access-tokens-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/dll-hijacking-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/dll-hijacking-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/dll-hijacking-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/dll-hijacking-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/dll-hijacking-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/dll-hijacking-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/nmap-scanning-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/nmap-scanning-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/passing-NTLM-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/passing-NTLM-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/port-scanning-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/port-scanning-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/port-scanning-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/port-scanning-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/IP-addresses-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/IP-addresses-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/gaining-root-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/gaining-root-1.png -------------------------------------------------------------------------------- /coding/languages/node.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: [node.js, node] 3 | --- 4 | >[!related] 5 | > [fs](coding/APIs/fs.md) 6 | 7 | 8 | -------------------------------------------------------------------------------- /computers/linux/gcc.md: -------------------------------------------------------------------------------- 1 | 2 | # GNU Compiler Collection 3 | Init. 4 | 5 | > [!Resources] 6 | > - [GCC GNU](https://gcc.gnu.org/) -------------------------------------------------------------------------------- /cybersecurity/malware/storm-worm.md: -------------------------------------------------------------------------------- 1 | 2 | # Storm Worm Malware 3 | 4 | >[!links] 5 | >https://en.wikipedia.org/wiki/Storm_Worm -------------------------------------------------------------------------------- /OSCP/oscp-pics/HTTP-tunneling-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/HTTP-tunneling-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/HTTP-tunneling-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/HTTP-tunneling-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/sensitive-files-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/sensitive-files-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/sensitive-files-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/sensitive-files-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/bash-scripting-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/bash-scripting-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/enumerating-SMB-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/enumerating-SMB-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/enumerating-SMB-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/enumerating-SMB-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/gaining-root-1 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/gaining-root-1 1.png -------------------------------------------------------------------------------- /coding/coding-pics/coroutines-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/coding/coding-pics/coroutines-1.png -------------------------------------------------------------------------------- /coding/coding-pics/coroutines-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/coding/coding-pics/coroutines-2.png -------------------------------------------------------------------------------- /computers/computers-pics/ACLs-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/ACLs-1.png -------------------------------------------------------------------------------- /networking/networking-pics/DMZ-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/DMZ-1.jpg -------------------------------------------------------------------------------- /networking/networking-pics/DNS-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/DNS-1.png -------------------------------------------------------------------------------- /networking/networking-pics/LAN-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/LAN-1.png -------------------------------------------------------------------------------- /networking/networking-pics/LAN-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/LAN-2.png -------------------------------------------------------------------------------- /networking/networking-pics/LAN-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/LAN-3.png -------------------------------------------------------------------------------- /networking/networking-pics/LAN-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/LAN-4.png -------------------------------------------------------------------------------- /networking/networking-pics/LAN-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/LAN-5.png -------------------------------------------------------------------------------- /networking/networking-pics/RDP-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/RDP-1.png -------------------------------------------------------------------------------- /networking/networking-pics/RDP-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/RDP-2.png -------------------------------------------------------------------------------- /networking/networking-pics/RDP-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/RDP-3.png -------------------------------------------------------------------------------- /networking/networking-pics/RPC-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/RPC-1.png -------------------------------------------------------------------------------- /networking/networking-pics/TCP-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/TCP-1.png -------------------------------------------------------------------------------- /networking/networking-pics/TCP-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/TCP-2.png -------------------------------------------------------------------------------- /networking/networking-pics/UDP-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/UDP-1.png -------------------------------------------------------------------------------- /networking/networking-pics/UDP-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/UDP-2.png -------------------------------------------------------------------------------- /networking/networking-pics/VPN-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/VPN-1.png -------------------------------------------------------------------------------- /writeups/writeup-pics/asyncio-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/asyncio-1.png -------------------------------------------------------------------------------- /CLI-tools/CLI-tools-pics/crontab-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/CLI-tools/CLI-tools-pics/crontab-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/automating-evasion-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/automating-evasion-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/automating-evasion-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/automating-evasion-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/thread-injection-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/thread-injection-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/thread-injection-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/thread-injection-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-10.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-11.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-4.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-5.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-6.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-7.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-8 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-8 1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-8.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/active-directory-9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/active-directory-9.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/hunting-subdomains-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/hunting-subdomains-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/researching-vulns-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/researching-vulns-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/researching-vulns-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/researching-vulns-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/researching-vulns-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/researching-vulns-3.png -------------------------------------------------------------------------------- /coding/compilation/linker.md: -------------------------------------------------------------------------------- 1 | 2 | # Linker 3 | INIT 4 | A linker is a program which links modules of a program to a single object file. -------------------------------------------------------------------------------- /computers/computers-pics/docker-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/docker-1.png -------------------------------------------------------------------------------- /computers/computers-pics/hashing-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/hashing-1.png -------------------------------------------------------------------------------- /computers/computers-pics/hashing-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/hashing-2.png -------------------------------------------------------------------------------- /computers/computers-pics/quantum-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/quantum-1.png -------------------------------------------------------------------------------- /computers/computers-pics/quantum-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/quantum-2.png -------------------------------------------------------------------------------- /computers/computers-pics/registry-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/registry-1.png -------------------------------------------------------------------------------- /cybersecurity/resources/Akamai.md: -------------------------------------------------------------------------------- 1 | 2 | # Akamai 3 | Init. 4 | 5 | > [!Resources] 6 | > - [Akamai](https://www.akamai.com/blog) 7 | 8 | -------------------------------------------------------------------------------- /cybersecurity/resources/pwn-college/talking-web/the-internet.md: -------------------------------------------------------------------------------- 1 | # [Talking Web: The Internet](https://dojo.pwn.college/cse365-s2023/) 2 | -------------------------------------------------------------------------------- /networking/OSI/7-application/application-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # [OSI](/networking/OSI/OSI-reference-model.md) Layer 7: Application Layer 3 | Init. -------------------------------------------------------------------------------- /networking/networking-pics/NTLM-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/NTLM-1.png -------------------------------------------------------------------------------- /networking/networking-pics/NTLM-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/NTLM-2.png -------------------------------------------------------------------------------- /networking/networking-pics/NTLM-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/NTLM-3.png -------------------------------------------------------------------------------- /networking/networking-pics/SMTP-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/SMTP-1.png -------------------------------------------------------------------------------- /networking/networking-pics/SNMP-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/SNMP-1.png -------------------------------------------------------------------------------- /networking/networking-pics/SNMP-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/SNMP-2.png -------------------------------------------------------------------------------- /networking/networking-pics/email-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/email-1.png -------------------------------------------------------------------------------- /networking/networking-pics/ports-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/ports-1.jpg -------------------------------------------------------------------------------- /networking/networking-pics/ports-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/ports-1.png -------------------------------------------------------------------------------- /networking/networking-pics/ports-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/ports-2.jpg -------------------------------------------------------------------------------- /networking/networking-pics/ports-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/ports-2.png -------------------------------------------------------------------------------- /writeups/writeup-pics/vaccine-HTB-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/vaccine-HTB-1.png -------------------------------------------------------------------------------- /CLI-tools/CLI-tools-pics/nmblookup-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/CLI-tools/CLI-tools-pics/nmblookup-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/cracking-net-ntlmv2-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/cracking-net-ntlmv2-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/cracking-net-ntlmv2-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/cracking-net-ntlmv2-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/local-file-inclusion-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/local-file-inclusion-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/local-file-inclusion-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/local-file-inclusion-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/local-file-inclusion-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/local-file-inclusion-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/local-file-inclusion-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/local-file-inclusion-4.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/remote-port-forward-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/remote-port-forward-1.png -------------------------------------------------------------------------------- /computers/containers-vms/virtual-machines.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - VM 4 | - virtual machine 5 | --- 6 | INIT 7 | # Virtual Machines 8 | -------------------------------------------------------------------------------- /networking/networking-pics/loopback-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/loopback-1.png -------------------------------------------------------------------------------- /networking/networking-pics/ports-2 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/ports-2 1.png -------------------------------------------------------------------------------- /networking/networking-pics/topology-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-1.jpg -------------------------------------------------------------------------------- /networking/networking-pics/topology-2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-2.jpg -------------------------------------------------------------------------------- /networking/networking-pics/topology-3.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-3.jpg -------------------------------------------------------------------------------- /networking/networking-pics/topology-4.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-4.jpg -------------------------------------------------------------------------------- /networking/networking-pics/topology-5.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-5.jpg -------------------------------------------------------------------------------- /networking/networking-pics/topology-6.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/topology-6.jpg -------------------------------------------------------------------------------- /OSCP/oscp-pics/AD-manual-enumeration-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/AD-manual-enumeration-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/abusing-library-files-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/abusing-library-files-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/abusing-library-files-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/abusing-library-files-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/abusing-library-files-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/abusing-library-files-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/abusing-library-files-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/abusing-library-files-4.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/abusing-library-files-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/abusing-library-files-5.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/dynamic-port-forwarding-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/dynamic-port-forwarding-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/microsoft-word-macros-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/microsoft-word-macros-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/microsoft-word-macros-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/microsoft-word-macros-3.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/microsoft-word-marcos-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/microsoft-word-marcos-2.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/enumerating-HTTP-HTTPS-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/enumerating-HTTP-HTTPS-1.png -------------------------------------------------------------------------------- /PNPT/PNPT-pics/enumerating-HTTP-HTTPS-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/PNPT/PNPT-pics/enumerating-HTTP-HTTPS-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/CVSS-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/CVSS-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/CVSS-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/CVSS-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/DKIM-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/DKIM-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/SPF-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/SPF-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/XSS-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/XSS-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/amass-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/amass-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/amass-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/amass-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/xss-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/xss-1.png -------------------------------------------------------------------------------- /networking/networking-pics/MX-record-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/MX-record-1.png -------------------------------------------------------------------------------- /networking/networking-pics/NS-record-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/NS-record-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/SSH-local-port-forwarding-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/SSH-local-port-forwarding-1.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/SSH-local-port-forwarding-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/SSH-local-port-forwarding-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/port-forwarding-scenario-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/port-forwarding-scenario-1.png -------------------------------------------------------------------------------- /coding/data-structures/trie.md: -------------------------------------------------------------------------------- 1 | # Trie Data Structure 2 | INIT 3 | 4 | > [!Resources] 5 | > - [Wikipedia: Tries](https://en.wikipedia.org/wiki/Trie) 6 | -------------------------------------------------------------------------------- /computers/computers-pics/filter-manager-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/filter-manager-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/emotet-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/emotet-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/maltego-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/maltego-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/pyramid-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/pyramid-1.png -------------------------------------------------------------------------------- /cybersecurity/resources/OPSWAT.md: -------------------------------------------------------------------------------- 1 | 2 | # OPSWAT 3 | Init. 4 | > [!Resources] 5 | > [MetaDefender: OPSWAT](https://metadefender.opswat.com) 6 | 7 | 8 | -------------------------------------------------------------------------------- /networking/networking-pics/IP-addresses-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/IP-addresses-1.png -------------------------------------------------------------------------------- /networking/networking-pics/IP-addresses-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/IP-addresses-2.png -------------------------------------------------------------------------------- /networking/networking-pics/dns-security-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/dns-security-1.png -------------------------------------------------------------------------------- /networking/networking-pics/routing-table-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/routing-table-1.png -------------------------------------------------------------------------------- /computers/computers-pics/active-directory-1.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/active-directory-1.gif -------------------------------------------------------------------------------- /computers/computers-pics/active-directory-2 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/active-directory-2 1.png -------------------------------------------------------------------------------- /computers/computers-pics/active-directory-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/active-directory-2.png -------------------------------------------------------------------------------- /computers/computers-pics/domain-controller-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/domain-controller-2.png -------------------------------------------------------------------------------- /computers/computers-pics/domain-contrroller-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/domain-contrroller-1.png -------------------------------------------------------------------------------- /computers/linux/gdb.md: -------------------------------------------------------------------------------- 1 | 2 | # GNU Project Debugger (gdb) 3 | Init. 4 | 5 | > [!Resources] 6 | > - [Sourceware: gdb](https://sourceware.org/gdb/) 7 | 8 | -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-4.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-5.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-6.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-7.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-8.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-9.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-4.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-5.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-6.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/mimikatz-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/mimikatz-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/mimikatz-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/mimikatz-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/mimikatz-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/mimikatz-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/mimikatz-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/mimikatz-4.png -------------------------------------------------------------------------------- /networking/networking-pics/IP-routing-steve-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/IP-routing-steve-2.png -------------------------------------------------------------------------------- /networking/networking-pics/IP-routing-steve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/IP-routing-steve.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/remote-dynamic-port-forwarding-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/remote-dynamic-port-forwarding-2.png -------------------------------------------------------------------------------- /OSCP/oscp-pics/remote-dynamid-port-forwarding-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/OSCP/oscp-pics/remote-dynamid-port-forwarding-1.png -------------------------------------------------------------------------------- /computers/computers-pics/stream-block-cipher-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/stream-block-cipher-1.png -------------------------------------------------------------------------------- /computers/computers-pics/stream-block-cipher-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/stream-block-cipher-2.png -------------------------------------------------------------------------------- /computers/computers-pics/stream-block-cipher-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/stream-block-cipher-3.png -------------------------------------------------------------------------------- /computers/computers-pics/stream-block-cipher-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/stream-block-cipher-4.png -------------------------------------------------------------------------------- /cybersecurity/TTPs/cloud/tools/monkey-365.md: -------------------------------------------------------------------------------- 1 | 2 | # Monkey 365 (Azure) 3 | Init 4 | 5 | > [!Resources] 6 | > - [GitHub](https://github.com/silverhack/monkey365) -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/credential-stuffing.md: -------------------------------------------------------------------------------- 1 | 2 | # Credential Stuffing 3 | ![credential-stuffing](../../../PNPT/PEH/exploit-basics/credential-stuffing.md) -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/SPF-surveyor-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/SPF-surveyor-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/UNION-attack-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/UNION-attack-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/UNION-attack-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/UNION-attack-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/UNION-attack-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/UNION-attack-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/UNION-attack-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/UNION-attack-4.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/UNION-attack-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/UNION-attack-5.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-1 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-1 1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-10.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-11.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-12.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-2 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-2 1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/burp-suite-3 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/burp-suite-3 1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/mitre-attack-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/mitre-attack-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/token-abuse-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/token-abuse-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/token-abuse-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/token-abuse-2.png -------------------------------------------------------------------------------- /CLI-tools/linux/rsync.md: -------------------------------------------------------------------------------- 1 | 2 | # rsync CLI tool 3 | Init. 4 | 5 | `rsync -azv` 6 | 7 | > [!Resources] 8 | > - [Wikipedia: rsync](https://en.wikipedia.org/wiki/Rsync) -------------------------------------------------------------------------------- /computers/computers-pics/asymmetric-encryption-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/asymmetric-encryption-2.png -------------------------------------------------------------------------------- /computers/computers-pics/asymmetric-encryption-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/asymmetric-encryption-3.png -------------------------------------------------------------------------------- /computers/linux/file-system/file-management.md: -------------------------------------------------------------------------------- 1 | # Linux File Management 2 | ![See my PNPT notes on Linux file management](../../../PNPT/PEH/kali-linux/file-management.md) -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/LLMNR-poisoning-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/LLMNR-poisoning-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-2.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-4.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-5.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-6.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-7.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-8.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-9.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/diffie-hellman-1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/diffie-hellman-1.jpg -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/elasticsearch-1 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/elasticsearch-1 1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/elasticsearch-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/elasticsearch-1.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/elasticsearch-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/elasticsearch-3.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/elasticsearch-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/elasticsearch-4.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/heap-spraying-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/heap-spraying-1.png -------------------------------------------------------------------------------- /networking/OSI/3-network/socket.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Network Sockets 3 | 4 | > [!Resources] 5 | > - [Wikipedia: Network Socket](https://en.wikipedia.org/wiki/Network_socket) -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121132658.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121132658.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121133242.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121133242.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121160423.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121160423.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121161123.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121161123.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121173335.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121173335.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121173805.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121173805.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231121174543.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231121174543.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231124142229.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231124142229.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231124145724.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231124145724.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231214121607.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231214121607.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231214123032.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231214123032.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231214124449.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231214124449.png -------------------------------------------------------------------------------- /writeups/writeup-pics/Pasted image 20231214152234.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/writeups/writeup-pics/Pasted image 20231214152234.png -------------------------------------------------------------------------------- /OSCP/linux-privesc/file-permissions/password-auth.md: -------------------------------------------------------------------------------- 1 | 2 | # Abusing Password Authentication 3 | ## `/etc/shadow` 4 | ### `/etc/passwd` 5 | ### Setting an Arbitrary Password -------------------------------------------------------------------------------- /OSCP/linux-privesc/system-components/abusing-sudo.md: -------------------------------------------------------------------------------- 1 | 2 | # Abusing `sudo` 3 | ## `sudo` Overview 4 | ### `/etc/sudoers` 5 | ## Abusing w/ GTFOBins 6 | ### `audit` Daemon -------------------------------------------------------------------------------- /computers/computers-pics/Pasted image 20240705161436.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/Pasted image 20240705161436.png -------------------------------------------------------------------------------- /computers/computers-pics/assymetric-encryption-1.png.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/assymetric-encryption-1.png.png -------------------------------------------------------------------------------- /computers/concepts/cryptography/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: [] 3 | --- 4 | # Encryption Overview 5 | ![My Encryption notes from OSCP](../../../OSCP/password-attacks/README.md) -------------------------------------------------------------------------------- /computers/linux/file-system/file-permissions.md: -------------------------------------------------------------------------------- 1 | # Linux File Permissions 2 | ![See my PNPT notes on linux file permissions](../../../PNPT/PEH/kali-linux/file-permissions.md) -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-10.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-11.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-12.png -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/buffer-overflow-13.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/buffer-overflow-13.png -------------------------------------------------------------------------------- /networking/DNS/registration.md: -------------------------------------------------------------------------------- 1 | 2 | # Domain Name Registration 3 | Init. 4 | 5 | > [!Resources] 6 | > - [ICANN](https://www.icann.org/resources/pages/faqs-f0-2012-02-25-en) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/DLL-hijacking.md: -------------------------------------------------------------------------------- 1 | 2 | # DLL Hijacking 3 | ![See my OSCP notes on DLL hijacking](../../../OSCP/windows-privesc/windows-services/DLL-hijacking.md) -------------------------------------------------------------------------------- /cybersecurity/cybersecurity-pics/fast-flux-README-pic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/cybersecurity/cybersecurity-pics/fast-flux-README-pic.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710142956.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710142956.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710155214.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710155214.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710155734.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710155734.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710161235.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710161235.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710161422.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710161422.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710161818.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710161818.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240710162740.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240710162740.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712105439.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712105439.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712105702.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712105702.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712110047.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712110047.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712111309.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712111309.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712111628.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712111628.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712112627.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712112627.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712113032.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712113032.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712113746.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712113746.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712114023.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712114023.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712114103.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712114103.png -------------------------------------------------------------------------------- /networking/networking-pics/Pasted image 20240712150138.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/networking/networking-pics/Pasted image 20240712150138.png -------------------------------------------------------------------------------- /coding/concepts/math-lectures.md: -------------------------------------------------------------------------------- 1 | 2 | The flow of theses lectures: 3 | 1. [logic](coding/concepts/logic.md) 4 | 5 | >[!links] 6 | >https://www.youtube.com/watch?v=V49i_LM8B0E 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/denial-of-service.md: -------------------------------------------------------------------------------- 1 | 2 | # Denial of Service 3 | Init. 4 | 5 | > [!See also] 6 | > - [DNS security](networking/DNS/DNS-security.md) 7 | 8 | 9 | -------------------------------------------------------------------------------- /computers/computers-pics/ASR-33_Teletype_terminal_IMG_1658.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TrshPuppy/obsidian-notes/HEAD/computers/computers-pics/ASR-33_Teletype_terminal_IMG_1658.jpg -------------------------------------------------------------------------------- /computers/linux/unix-sockets.md: -------------------------------------------------------------------------------- 1 | 2 | # UNIX Sockets 3 | Init. 4 | 5 | > [!Resources] 6 | > - [Wikipedia: Unix Domain Socket](https://en.wikipedia.org/wiki/Unix_domain_socket) 7 | 8 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/tools/phish-tool.md: -------------------------------------------------------------------------------- 1 | 2 | # PhishTool 3 | Init. (Reverse engineers phishing emails). 4 | 5 | > [!Resources] 6 | > - [PhishTool](https://www.phishtool.com/) 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/dnscat.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # `dnscat` 3 | 4 | ![See my OSCP notes on DNS tunneling with `dnscat`](../../../../OSCP/tunneling/dnscat.md#Using%20`dnscat`) -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/password-cracking.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Password Brute Forcing 3 | ![My notes from OSCP on password cracking](../../../OSCP/password-attacks/password-cracking.md) 4 | 5 | -------------------------------------------------------------------------------- /cybersecurity/resources/EPSS.md: -------------------------------------------------------------------------------- 1 | 2 | # Exploit Prediction Scoring System 3 | Init. 4 | 5 | > [!Resources] 6 | > - [CVE Details: EPSS FAQ](https://www.cvedetails.com/epss/faq.html) 7 | 8 | -------------------------------------------------------------------------------- /OSCP/linux-privesc/exposed-info/user-trails.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Inspecting User Trails 4 | ## Dotfiles 5 | ## Environment Variables 6 | ## Brute Forcing 7 | ### Crunch command line tool 8 | ### Hydra 9 | -------------------------------------------------------------------------------- /computers/concepts/cryptography/rsa.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # RSA 3 | 4 | 5 | > [!Resources] 6 | > - [exabeam: How RSA & Diffie-Hellman differ](https://www.exabeam.com/information-security/rsa-algorithm/) 7 | 8 | -------------------------------------------------------------------------------- /cybersecurity/resources/GIAC.md: -------------------------------------------------------------------------------- 1 | 2 | # Global Info. Assurance Certification: Research Papers 3 | > [!Link] 4 | > [GIAC Research Papers](https://www.giac.org/research-papers/?msc=main-nav) 5 | 6 | Init. -------------------------------------------------------------------------------- /OSCP/linux-privesc/exposed-info/service-footprints.md: -------------------------------------------------------------------------------- 1 | 2 | # Inspecting Service Footprints 3 | ## Daemons & Running Processes 4 | ### Daemons 5 | ### `ps` Command 6 | ## Network Traffic 7 | ### `tcpdump` 8 | -------------------------------------------------------------------------------- /coding/dotNET.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - .NET 4 | --- 5 | 6 | # .NET 7 | INIT 8 | 9 | > [!Resources] 10 | > - [Microsoft: Intro to .NET](https://learn.microsoft.com/en-us/dotnet/core/introduction) -------------------------------------------------------------------------------- /cybersecurity/pen-testing/penetration-testing.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - pen testing 4 | - penetration testing 5 | - pentesting 6 | - pentest 7 | --- 8 | INIT 9 | # Penetration Testing 10 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/dir-and-subdomain/sublist3r.md: -------------------------------------------------------------------------------- 1 | 2 | # Sublist3r 3 | Sub directory enumeration/ brute-forcing. 4 | Init. 5 | 6 | > [!Resources] 7 | > - [GitHub](https://github.com/aboul3la/Sublist3r) -------------------------------------------------------------------------------- /networking/protocols/BGP.md: -------------------------------------------------------------------------------- 1 | 2 | # Border Gateway Protocol 3 | Init. 4 | 5 | > [!Resources] 6 | > - [BlackHat: BGP Vuln Testing](https://www.blackhat.com/presentations/bh-usa-03/bh-us-03-convery-franz-v2.pdf) 7 | -------------------------------------------------------------------------------- /www/cookies.md: -------------------------------------------------------------------------------- 1 | 2 | # Cookies 3 | INIT 4 | ![Cookies](../cybersecurity/TTPs/exploitation/injection/XSS.md#Cookies) 5 | [My notes on XSS mentions Cookies](../cybersecurity/TTPs/exploitation/injection/XSS.md#Cookies) -------------------------------------------------------------------------------- /.obsidian/themes/AnuPpuccin/manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "AnuPpuccin", 3 | "version": "1.5.0", 4 | "minAppVersion": "1.6.0", 5 | "author": "Anubis", 6 | "authorUrl": "https://github.com/AnubisNekhet" 7 | } 8 | -------------------------------------------------------------------------------- /.obsidian/themes/Obsidian Nord/manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Obsidian Nord", 3 | "version": "0.1.7", 4 | "minAppVersion": "0.16.0", 5 | "author": "insanum", 6 | "authorUrl": "https://insanum.com" 7 | } 8 | -------------------------------------------------------------------------------- /OSCP/web-apps/javascript.md: -------------------------------------------------------------------------------- 1 | 2 | # JavaScript Refresher 3 | ![](../../coding/languages/javascript.md) 4 | [My notes on JavaScript](../../coding/languages/javascript.md) which I'll be updating with the PEN 200 stuff. 5 | -------------------------------------------------------------------------------- /computers/concepts/cryptography/dss.md: -------------------------------------------------------------------------------- 1 | 2 | # Digital Signature Algorithm 3 | Init 4 | 5 | > [!Resources] 6 | > - [Stack Exchange](https://crypto.stackexchange.com/questions/50239/dss-security-in-comparison-to-ecdsa-or-rsa) -------------------------------------------------------------------------------- /computers/windows/WinRM.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Windows Remote Management 3 | 4 | 5 | > [!Resources] 6 | > - [Microsoft: WinRM](https://learn.microsoft.com/en-us/windows/win32/winrm/portal) 7 | 8 | > [!Related] 9 | > - `port 5985` -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/injection/SSTI.md: -------------------------------------------------------------------------------- 1 | # Server-side Template Injection 2 | Init. 3 | https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection 4 | 5 | https://www.grymoire.com/Unix/Sed.html -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/service-binary-hijacking.md: -------------------------------------------------------------------------------- 1 | 2 | # Service Binary Hijacking 3 | ![See my OSCP notes on Service Binary Hijacking](../../../OSCP/windows-privesc/windows-services/hijacking-service-binaries.md) -------------------------------------------------------------------------------- /cybersecurity/pen-testing/PTES.md: -------------------------------------------------------------------------------- 1 | 2 | # PTES 3 | Init. 4 | 5 | > [!Resources] 6 | > - [PTES](https://pentest-standard.readthedocs.io/en/latest/technical_guidelines.html#technical-guidelines) (might be out-dated) 7 | 8 | -------------------------------------------------------------------------------- /cybersecurity/opsec/OTP-token.md: -------------------------------------------------------------------------------- 1 | 2 | # Hardware OTP Tokens 3 | Init. 4 | 5 | > [!Resources] 6 | > - [OWASP: MFA](https://cheatsheetseries.owasp.org/cheatsheets/Multifactor_Authentication_Cheat_Sheet.html#hardware-otp-tokens) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/DNS-amplification.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS Amplification 3 | Init. 4 | 5 | > [!Resources] 6 | > - [Cloudflare: DNS Amplification Attack](https://www.cloudflare.com/learning/ddos/dns-amplification-ddos-attack/) -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/dnsmasq.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - "`dnsmasq`" 4 | --- 5 | INIT 6 | # `dnsmasq` 7 | ![See my OSCP notes on DNS Tunneling with `dnsmasq`](../../../../OSCP/tunneling/DNS-tunneling.md#`dnsmasq`) -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/privesc/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - privesc 4 | --- 5 | INIT 6 | # Privilege Escalation 7 | 8 | 9 | > [!Related] 10 | > - [Windows privesc](../../../../OSCP/windows-privesc/README.md) -------------------------------------------------------------------------------- /www/search-engines.md: -------------------------------------------------------------------------------- 1 | 2 | # Search Engines 3 | 4 | > [!Resources] 5 | > - [Google: How Search Engines Work](https://developers.google.com/search/docs/fundamentals/how-search-works?hl=en&visit_id=638260579591177855-1863182502&rd=1) 6 | 7 | -------------------------------------------------------------------------------- /computers/windows/active-directory/ADCS.md: -------------------------------------------------------------------------------- 1 | 2 | # Active Directory Certificate Services 3 | Init. 4 | ADCS is used to *verify identities* in a [domain controller](domain-controller.md) using [LDAP](../../../networking/protocols/LDAP.md) and LDAPS. -------------------------------------------------------------------------------- /cybersecurity/defense/appsec/input-validation.md: -------------------------------------------------------------------------------- 1 | 2 | # Input Sanitization & Validation 3 | Init. 4 | 5 | > [!Resources] 6 | > - [OWASP: Input Validation Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html) -------------------------------------------------------------------------------- /cybersecurity/vulnerabilities/referrer-leakage.md: -------------------------------------------------------------------------------- 1 | 2 | # Cross-domain Referrer Leakage 3 | Init. 4 | 5 | > [!Resources] 6 | > - [Port Swigger: Cross-domain Referrer Leakage](https://portswigger.net/kb/issues/00500400_cross-domain-referer-leakage) -------------------------------------------------------------------------------- /networking/routing/port-forwarding.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - port forwarding 4 | --- 5 | 6 | INIT 7 | # Port Forwarding 8 | 9 | 10 | > [!Resources] 11 | > - [Wikipedia: Port forwarding](https://en.wikipedia.org/wiki/Port_forwarding) -------------------------------------------------------------------------------- /CLI-tools/linux/redis-cli.md: -------------------------------------------------------------------------------- 1 | 2 | ## Usage: 3 | ``` 4 | redis-cli -h [IP ADDRESS] 5 | ``` 6 | 7 | ## Once in #redis-server 8 | - ``info`` 9 | - ``keys`` 10 | - ``get [key/s] 11 | 12 | > [!related] 13 | > [redis](coding/databases/redis.md) 14 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/reverse-engineering/Virus-Total.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - Virus Total 4 | --- 5 | # Virus Total 6 | Init. 7 | 8 | 9 | > [!Resources] 10 | > - [Virus Total Website](https://www.virustotal.com/gui/home/upload) 11 | -------------------------------------------------------------------------------- /coding/languages/bash.md: -------------------------------------------------------------------------------- 1 | 2 | # Bash: Bourne-Again SHell 3 | Init. 4 | 5 | ## Useful flags: 6 | ### `-i`: Interactive 7 | The command/ script `bash -i` will cause the invoked shell to be *interactive*. 8 | 9 | > [!Resources] 10 | > - `man bash` 11 | -------------------------------------------------------------------------------- /writeups/README.md: -------------------------------------------------------------------------------- 1 | # Writeups 2 | ### These are a collection of writeups on various cybersecurity topics! 3 | All of the markdown notes here are part of my [live portfolio site](https://trshpuppy.github.io/portfolio/writeups). They are much prettier there :) 4 | -------------------------------------------------------------------------------- /computers/memory/RAID.md: -------------------------------------------------------------------------------- 1 | 2 | # Redundant Array of Independent Disks 3 | ## RAID 5: Striping with Parity 4 | ### Parity 5 | Parity bit is XOR (?) 6 | 7 | For example: if these two bits are 0 and 0, then parity is 0. If these two bits are 1 and 0, then parity is 1. -------------------------------------------------------------------------------- /cybersecurity/resources/WSTG/fingerprint-web-server.md: -------------------------------------------------------------------------------- 1 | 2 | # WSTG-INFO-02 3 | 4 | 5 | > [!Resources] 6 | > - [WSTG-INFO-02](https://github.com/OWASP/wstg/blob/master/document/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md) -------------------------------------------------------------------------------- /OSCP/web-apps/XSS.md: -------------------------------------------------------------------------------- 1 | 2 | # Cross-Site Scripting 3 | ![](../../cybersecurity/TTPs/exploitation/injection/XSS.md#Cross-Site%20Scripting%20(XSS)) 4 | 5 | [My notes on XSS](../../cybersecurity/TTPs/exploitation/injection/XSS.md) (which I'm just adding to for the PEN 200 course stuff) -------------------------------------------------------------------------------- /OSCP/web-apps/SQLi/UNION-attack.md: -------------------------------------------------------------------------------- 1 | # UNION Attack SQLi 2 | ![My notes on UNION Attacks](../../../cybersecurity/TTPs/exploitation/injection/UNION-attack.md) 3 | 4 | 5 | 6 | > [!Resources] 7 | > - My [own notes](https://github.com/trshpuppy/obsidian-notes) linked throughout the text. -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "PNPT-study-guide"] 2 | path = nested-repos/PNPT-study-guide 3 | url = git@github.com:TrshPuppy/PNPT-study-guide.git 4 | [submodule "malware-analysis-notes"] 5 | path = nested-repos/malware-analysis-notes 6 | url = git@github.com:TrshPuppy/malware-analysis-notes.git 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/psypy.md: -------------------------------------------------------------------------------- 1 | 2 | # psypy 3 | Psypy is a command line tool which helps you monitor [linux-processes](computers/linux/linux-processes.md) as they are happening. 4 | 5 | > [!Resouces] 6 | > - [psypy GitHub repo](https://github.com/DominicBreuker/pspy) 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/credential-harvesting/crosslinked.md: -------------------------------------------------------------------------------- 1 | 2 | # CrossLinked 3 | Init. 4 | ## Examples which work 5 | ```bash 6 | python3 crosslinked.py -f '{first}.{last}@domain.com' company_name 7 | ``` 8 | 9 | > [!Resources] 10 | > - [GitHub](https://github.com/m8sec/CrossLinked) -------------------------------------------------------------------------------- /CLI-tools/windows/netstat.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Netstat 3 | ![My notes on `netstat` from studying for the OSCP](../../OSCP/windows-privesc/enumeration/enumeration.md#`netstat`) 4 | 5 | > [!Resources] 6 | > - [Microsoft: Netstat](https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/netstat) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/injection/HHI.md: -------------------------------------------------------------------------------- 1 | 2 | # Host Header Injection 3 | Init. 4 | 5 | > [!Resources] 6 | > - [WSTG: Testing for HHI](https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection) 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/SPF-surveyor.md: -------------------------------------------------------------------------------- 1 | 2 | # SPF Surveyor 3 | Provides a graphical presentation of SPF-record(s) 4 | >https://dmarcian.com/spf-survey/ 5 | 6 | Example record: Twitter.com 7 | ![](/cybersecurity/cybersecurity-pics/SPF-surveyor-1.png) 8 | -[dmarcian](https://dmarcian.com/spf-survey/) 9 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/services-and-protocols/snmpwalk.md: -------------------------------------------------------------------------------- 1 | 2 | # snmpwalk 3 | Init. 4 | 5 | ![snmpwalk](../../../../../OSCP/enum-and-info-gathering/active/SNMP-enum.md#snmpwalk) 6 | 7 | [See notes on SNMP Enumeration: snmpwalk](../../../../../OSCP/enum-and-info-gathering/active/SNMP-enum.md#snmpwalk) -------------------------------------------------------------------------------- /CLI-tools/windows/Test-NetConnection.md: -------------------------------------------------------------------------------- 1 | 2 | # `Test-NetConnection` 3 | Init. 4 | ![`Test-NetConnection`](../../OSCP/enum-and-info-gathering/active/windows-port-scanning.md#`Test-NetConnection`) 5 | See [`Test-NetConnection`](../../OSCP/enum-and-info-gathering/active/windows-port-scanning.md#`Test-NetConnection`) 6 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/findmeaccess.md: -------------------------------------------------------------------------------- 1 | 2 | # Findmeaccess.py 3 | Init. 4 | ## Examples which worked 5 | ```bash 6 | python3 findmeaccess.py -p 'Fall2024!' -u "user.email@target.com" 7 | ``` 8 | 9 | > [!Resources] 10 | > - [GitHub](https://github.com/absolomb/FindMeAccess/tree/main) -------------------------------------------------------------------------------- /.obsidian/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "alwaysUpdateLinks": true, 3 | "spellcheck": true, 4 | "useMarkdownLinks": true, 5 | "newLinkFormat": "relative", 6 | "vimMode": true, 7 | "propertiesInDocument": "hidden", 8 | "newFileLocation": "current", 9 | "readableLineLength": false, 10 | "strictLineBreaks": false 11 | } -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/scanning/masscan.md: -------------------------------------------------------------------------------- 1 | 2 | # Masscan 3 | Init. 4 | ## Use 5 | ### Example Command 6 | ```bash 7 | masscan --open-only --ping -p 22, 53, 80,88,389,443,3389,445 --rate -oG mass_24.txt -iL 13s.txt 8 | ``` 9 | 10 | > [!Resources] 11 | > - [GitHub](https://github.com/robertdavidgraham/masscan) -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/services-and-protocols/onesixtyone.md: -------------------------------------------------------------------------------- 1 | 2 | # onesixtyone 3 | Init 4 | 5 | ![onesixtyone](../../../../../OSCP/enum-and-info-gathering/active/SNMP-enum.md#onesixtyone) 6 | 7 | [See notes on SNMP Enumeration: onesixtyone](../../../../../OSCP/enum-and-info-gathering/active/SNMP-enum.md#onesixtyone) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/bind-shell.md: -------------------------------------------------------------------------------- 1 | 2 | # Bind Shells 3 | Init. 4 | 5 | Placeholder: 6 | ![](PNPT/PEH/exploit-basics/shells.md) 7 | ![[shell]] 8 | 9 | [Notes on Rev & Bind Shells](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/exploit-basics/shells.md) 10 | ![](PNPT/PEH/exploit-basics/shells.md) -------------------------------------------------------------------------------- /CLI-tools/linux/local/ifconfig.md: -------------------------------------------------------------------------------- 1 | 2 | configure a network interface 3 | # usage 4 | ``` 5 | ifconfig -[option] 6 | ``` 7 | 8 | ## Useful options: 9 | - `` ifconfig -a`` 10 | - display all interfaces which are currently available (even ones which are down) 11 | - ``-v`` 12 | - be more verbose (includes error conditions) 13 | -------------------------------------------------------------------------------- /cybersecurity/vulnerabilities/SMB-null-share.md: -------------------------------------------------------------------------------- 1 | 2 | # SMB Null Share 3 | Init. 4 | 5 | > [!Related] 6 | > - [SMB](../../networking/protocols/SMB.md) 7 | > - OSCP notes: [SMB enumeration](../../OSCP/enum-and-info-gathering/active/SMB-enum.md) 8 | > - PNPT notes: [enumerating SMB](../../PNPT/PEH/scanning-enumeration/enumerating-SMB.md) -------------------------------------------------------------------------------- /obsidian-help.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | --- 4 | 5 | # Help With Obsidian Use/formatting: 6 | 7 | [Index:](https://help.obsidian.md/Obsidian/Index) 8 | [Formatting:](https://help.obsidian.md/How+to/Format+your+notes) 9 | [Help Docs:](https://help.obsidian.md/Obsidian/Index) 10 | 11 | ![](/coding/bugs/race-condition.md#File%20Based) -------------------------------------------------------------------------------- /PNPT/PEH/kali-linux/linux-filesystem.md: -------------------------------------------------------------------------------- 1 | # Linux Filesystem Hierarchy 2 | ![See my notes on Linux filesystem-hierarchy](../../../computers/linux/file-system/filesystem-hierarchy.md) 3 | 4 | >[!My previous notes:] 5 | > - [Linux Filesystem](https://github.com/TrshPuppy/obsidian-notes/blob/main/computers/linux/filesystem-hierarchy.md) 6 | -------------------------------------------------------------------------------- /computers/memory/stack-and-heap.md: -------------------------------------------------------------------------------- 1 | 2 | # Stack and Heap Memory 3 | Init. 4 | > [!Note] 5 | > See my notes for the PNPT: 6 | > - Local to vault: [Memory](/PNPT/PEH/buffer-overflows/memory.md) 7 | > - [GitHub](https://github.com/TrshPuppy/PNPT-study-guide/blob/e5ebb3c7e9ec91830e70cb24d8bfe43928521108/PEH/buffer-overflows/memory.md) 8 | 9 | -------------------------------------------------------------------------------- /.obsidian/appearance.json: -------------------------------------------------------------------------------- 1 | { 2 | "accentColor": "#9367d5", 3 | "cssTheme": "AnuPpuccin", 4 | "interfaceFontFamily": "Ubuntu Mono", 5 | "textFontFamily": "Noto Mono", 6 | "monospaceFontFamily": "Source Code Pro", 7 | "theme": "obsidian", 8 | "nativeMenus": true, 9 | "baseFontSize": 15, 10 | "translucency": false 11 | } -------------------------------------------------------------------------------- /OSCP/web-apps/SQLi/automated-SQLi.md: -------------------------------------------------------------------------------- 1 | 2 | # Automated SQLi 3 | Instead of doing manual exploitation to achieve code execution, we can use some automated tools. 4 | ## sqlmap 5 | [`sqlmap`](https://sqlmap.org/) is a tool which does automatic SQLi for us. 6 | ![My notes for sqlmap here](../../../cybersecurity/TTPs/exploitation/tools/sqlmap.md) 7 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/PowerView.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # PowerView 3 | ![See my OSCP notes on PowerView](../../../../OSCP/AD/manual-enumeration/PowerView.md) 4 | 5 | 6 | > [!Resources] 7 | > - [_PowerView_](https://powersploit.readthedocs.io/en/latest/Recon/) 8 | > - [Usage Docs](https://powersploit.readthedocs.io/en/latest/Recon/) -------------------------------------------------------------------------------- /cybersecurity/resources/corelan/exploit-writing/stack-based-overflows.md: -------------------------------------------------------------------------------- 1 | 2 | # [Exploit Writing 1: Stack Based Overflows](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) 3 | *Context:* Recreating an "Easy RM to MP3 conversion utility" exploit from scratch. 4 | 5 | ## Verify the Bug: 6 | 7 | -------------------------------------------------------------------------------- /CLI-tools/linux/local/iptables.md: -------------------------------------------------------------------------------- 1 | 2 | # `iptables` 3 | Init. 4 | 5 | This is a linux command which creates packet filters for incoming and outgoing traffic. See my notes [here](../../../OSCP/enum-and-info-gathering/active/nmap-scanning.md#`iptables`). 6 | ![`iptables`](../../../OSCP/enum-and-info-gathering/active/nmap-scanning.md#`iptables`) 7 | -------------------------------------------------------------------------------- /CLI-tools/whois.md: -------------------------------------------------------------------------------- 1 | 2 | # WHOIS Command 3 | Query for who a [domain](/networking/DNS/DNS.md) name is registered to according to *Domain Registrars*. 4 | ## Usage: 5 | ``` 6 | whois 7 | ``` 8 | 9 | > [!Resources] 10 | > - `man whois` 11 | 12 | > [!Related] 13 | > - [WHOIS protocol](../networking/protocols/WHOIS.md) 14 | 15 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/binary-exploitation/spiking.md: -------------------------------------------------------------------------------- 1 | 2 | # Spiking 3 | Init. 4 | > [!Note] 5 | > See my notes for the PNPT: 6 | > - Local to vault: [Spiking](/PNPT/PEH/buffer-overflows/spiking.md) 7 | > - [GitHub](https://github.com/TrshPuppy/PNPT-study-guide/blob/e5ebb3c7e9ec91830e70cb24d8bfe43928521108/PEH/buffer-overflows/spiking.md) 8 | 9 | -------------------------------------------------------------------------------- /cybersecurity/wordlists/README.md: -------------------------------------------------------------------------------- 1 | # Wordlists 2 | This is a collection of wordlists for nefarious use. They're not in-depth or maybe even useful to most of you, but I decided to start a list I could reference during the hax0ring. 3 | 4 | These will mostly be related to common files/directories/paths for various servers/frameworks/OSes/applications etc. -------------------------------------------------------------------------------- /cybersecurity/resources/OWASP.md: -------------------------------------------------------------------------------- 1 | 2 | # Open Worldwide Application Security Project 3 | Init. 4 | Open source foundation which published information r/t application vulnerabilities, software, etc. 5 | ## OWASP Top 10: 6 | A report published by #OWASP on the current top 10 most critical vulnerabilities. 7 | 8 | > [!Resources] 9 | > - [OWASP](https://owasp.org/) -------------------------------------------------------------------------------- /OSCP/linux-privesc/system-components/kernel-vulns.md: -------------------------------------------------------------------------------- 1 | 2 | # Exploiting Kernel Vulnerabilities 3 | ## Enumeration 4 | ### `/etc/issue` 5 | ### `uname -r` 6 | ### `arch` 7 | ## Choosing & Compiling an Exploit 8 | ### `searchsploit` 9 | ### Compiling w/ `gcc` 10 | ## Transferring Exploit to Target 11 | ### `scp` 12 | ### Compiling 13 | ## Exploitation 14 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/rev-shell.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - revshell 4 | - reverse shell 5 | - revshells 6 | --- 7 | 8 | # Reverse Shells 9 | Init. 10 | 11 | Placeholder: 12 | ![](/PNPT/PEH/exploit-basics/shells.md) 13 | 14 | [Notes on Rev & Bind Shells](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/exploit-basics/shells.md) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/binary-exploitation/fuzzing.md: -------------------------------------------------------------------------------- 1 | 2 | # Fuzzing 3 | Init. 4 | 5 | > [!Note] 6 | > See my notes for the PNPT: 7 | > - Local to vault: [Fuzzing](/PNPT/PEH/buffer-overflows/fuzzing.md) 8 | > - [GitHub](https://github.com/TrshPuppy/PNPT-study-guide/blob/e5ebb3c7e9ec91830e70cb24d8bfe43928521108/PEH/buffer-overflows/fuzzing.md) 9 | 10 | -------------------------------------------------------------------------------- /OSCP/linux-privesc/system-components/setuid-and-capabilities.md: -------------------------------------------------------------------------------- 1 | 2 | # Abusing Setuid Binaries & Capabilities 3 | ## Setuid Overview 4 | ### Real vs Effective UID/GID 5 | ### Exploitation Scenario 6 | #### SUID 7 | #### `find -exec` 8 | ## Linux Capabilities 9 | ### Capabilities Overview 10 | ### `getcap -r` 11 | ### Exploitation Scenario 12 | #### GTFOBins 13 | 14 | -------------------------------------------------------------------------------- /coding/concepts/version-control.md: -------------------------------------------------------------------------------- 1 | 2 | # Version Control 3 | Init 4 | ## Local Version Control 5 | ## Distributed Version Control 6 | 7 | > [!Resources] 8 | > - [The Odin Project: Intro to Git](https://git-scm.com/book/en/v2/Getting-Started-About-Version-Control) 9 | > - [git: About Version Control](https://git-scm.com/book/en/v2/Getting-Started-About-Version-Control) 10 | 11 | -------------------------------------------------------------------------------- /coding/concepts/multiprocessing.md: -------------------------------------------------------------------------------- 1 | 2 | # Multiprocessing 3 | Multiprocessing has multiple definitions which change based on the context, primarily, it's used in reference to [CPUs](../../computers/concepts/CPU.md) and how they work. 4 | ## CPU Context 5 | Multiprocessing is the use of multiple CPUs in a single computer. It can also reference the presence of *multiple cores* on a single processor -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/exfiltration-infiltration/DNS-tunneling.md: -------------------------------------------------------------------------------- 1 | 2 | INIT 3 | # DNS Tunneling 4 | ![See my OSCP notes on DNS tunneling](../../../../OSCP/tunneling/DNS-tunneling.md) 5 | 6 | > [!Related] 7 | > - [DNS](../../../../networking/DNS/DNS.md) 8 | > - Tools: [`dnscat`](../../../../OSCP/tunneling/dnscat.md), [`dnsmasq`](../../../../OSCP/tunneling/DNS-tunneling.md) 9 | 10 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/tech-stack/gowitness.md: -------------------------------------------------------------------------------- 1 | 2 | # GoWitness 3 | Init. 4 | ## Examples which worked 5 | ```bash 6 | gowitness file -f inscope-subdomains.txt 7 | ``` 8 | ### Serving report 9 | ```bash 10 | gowitness report export -f gowitness.html 11 | ``` 12 | ### With Nmap file 13 | ```bash 14 | gowitness nmap -f ../../nmap/fullscope-fulltcp.xml --threads 10 | tee gowitness_tee 15 | ``` -------------------------------------------------------------------------------- /cybersecurity/resources/vulnhub.md: -------------------------------------------------------------------------------- 1 | 2 | # [VulnHub](https://www.vulnhub.com) 3 | VulnHub is a site where vulnerable VMs are uploaded for the purpose of learning cybersecurity. They can be downloaded and used to learn about the machine/ software etc. which makes it vulnerable. 4 | 5 | VulnHub also provide walkthroughs for the uploaded machines. 6 | 7 | > [!Resources] 8 | > - [VulnHub](https://www.vulnhub.com) 9 | 10 | -------------------------------------------------------------------------------- /OSCP/web-apps/SQLi/SQLi.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # SQL Injection 4 | [SQL](../../../coding/languages/SQL.md) injection is a type of attack which leverages poor security practices when implementing SQL in an application. If user input is not properly sanitized, then an attacker can use SQLi to manipulate backend databases by making queries to them using SQL. 5 | ![My notes on SQLi](../../../cybersecurity/TTPs/exploitation/injection/SQLi.md) 6 | 7 | -------------------------------------------------------------------------------- /PNPT/PEH/notekeeping/important-tools.md: -------------------------------------------------------------------------------- 1 | 2 | # Important Notekeeping Tools 3 | 4 | ## Windows & Mac 5 | 6 | ### [Greenshot](https://getgreenshot.org/help/#screenshot) 7 | #### Use 8 | Press the `PntSc` (print screen) button. Use the tool to capture a boxed in portion of the screen, then choose `Open in image editor` from the dropdown. 9 | ## Linux 10 | 11 | ### [FlameShot](https://github.com/flameshot-org/flameshot) 12 | 13 | -------------------------------------------------------------------------------- /computers/windows/DLL.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - DLLs 4 | - Dynamic Link Libraries 5 | - Dynamic Link Library 6 | --- 7 | INIT 8 | # Dynamic Link Libraries 9 | ![See my OSCP notes on DLL Hijacking](../../OSCP/windows-privesc/windows-services/DLL-hijacking.md#Overview) 10 | 11 | 12 | > [!Resources] 13 | > - [_Dynamic Link Libraries_](https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/dynamic-link-library) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/binary-exploitation/NOP-sled.md: -------------------------------------------------------------------------------- 1 | 2 | # NOP Sleds 3 | 4 | > [!Note] 5 | > - See my writeup on NOP Sleds: 6 | > - Local to the vault: [B&E-III-NOP-Sleds](/writeups/B&E-III-NOP-Sleds.md) 7 | > - TrshPuppy [Portfolio site](https://trshpuppy.github.io/portfolio/writeups/nop-sleds) 8 | > - [GitHub](https://github.com/TrshPuppy/obsidian-notes/blob/main/writeups/B%26E-III-NOP-Sleds.md) 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /networking/OSI/1-physical/hubs.md: -------------------------------------------------------------------------------- 1 | # Networking Hubs 2 | Hubs are layer one devices which receive data from one device and broadcast it to all other devices which are connected to it. 3 | ## Use 4 | The purpose of a hub is to provide a central point for connecting devices on a network. Hubs are considered 'dumb' meaning they have no ability to filter or forward data based on addressing like [MAC](../2-datalink/MAC-addresses.md) and [IP](../3-network/IP-addresses.md). 5 | -------------------------------------------------------------------------------- /computers/virtualization/containers.md: -------------------------------------------------------------------------------- 1 | 2 | # Containers 3 | Containers are "sand-boxed" processes on a machine which are isolated from other processes. 4 | ## Requirements: 5 | - Non-negotiable: have to run on a single machine 6 | - Need to be isolated 7 | - The included processes fulfill a common feature 8 | 9 | > [!Resources] 10 | > - [Medium: Demystifying Containers](https://medium.com/@saschagrunert/demystifying-containers-part-i-kernel-space-2c53d6979504) 11 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/cloud/tools/cloud-enum.md: -------------------------------------------------------------------------------- 1 | 2 | # Cloud Enum 3 | Init. 4 | ## Examples which worked 5 | ```bash 6 | python3 cloud_enum.py -k target.com -k target 7 | ``` 8 | Using `-k` to give two different keywords. Can also give a *keyword file* with the `-kf` option. 9 | ### Quick Scan 10 | ```bash 11 | ./cloud_enum.py -kf keys -qs 12 | ``` 13 | Turns off mutations. 14 | 15 | 16 | > [!Resources] 17 | > - [GitHub](https://github.com/initstring/cloud_enum/tree/master) -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/bucket-enumeration.md: -------------------------------------------------------------------------------- 1 | 2 | # Bucket Enumeration & Exploitation 3 | 4 | > [!Related] 5 | > see [Hack the Box Tier One Starting Point Box "Three"](https://app.hackthebox.com/starting-point) 6 | 7 | https://atos.net/en/lp/securitydive/poorly-configured-s3-buckets-a-hackers-delight 8 | 9 | https://www.hemanthjoseph.com/hacking-amazon-s3-buckets/ 10 | 11 | https://highon.coffee/blog/reverse-shell-cheat-sheet/ 12 | 13 | https://app.hackthebox.com/starting-point -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/tech-stack/whatruns.md: -------------------------------------------------------------------------------- 1 | 2 | # WhatRuns Web Tech Recon Tool 3 | Init. 4 | [Whatruns](https://www.whatruns.com/) is a browser extension which tells you what technologies are being used to create a website. Useful for [website recon](/PNPT/PEH/recon/website-tech-recon.md). 5 | 6 | > [!Resources] 7 | > - [Whatruns](https://www.whatruns.com/) 8 | > - My [own notes](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/recon/website-tech-recon.md) on 'website recon'. 9 | -------------------------------------------------------------------------------- /CLI-tools/tips-and-tricks/environment-variables.md: -------------------------------------------------------------------------------- 1 | 2 | # x68 on $SHELL 3 | my first targets on a machine: `~/.${SHELL}rc`, `~/.${SHELL}_profile`, `~/.${SHELL}_logout`, `~/.${SHELL}_history`, `~/.ssh` and `~/.aws` and a such. I really love IDE scratch files as well. 4 | 5 | `~/.bashrc` for example, if `$SHELL` is bash, `~/.bashrc` is gonna tell you about the user environment. Code monkeys often will hard code secrets in there 6 | 7 | `~/.aws` and `~/.ssh` are good for secrets to connect to other systems -------------------------------------------------------------------------------- /PNPT/PEH/python/tuples.md: -------------------------------------------------------------------------------- 1 | 2 | # Python Tuples 3 | Tuples are structures in python which are similar to lists but *are immutable.* They also differ in that they use `()` instead of `[]`. 4 | ```python 5 | fruits = ("apples", "oranges", "kiwis") 6 | ``` 7 | ## Accessing a Tuple: 8 | To access an element in a tuple, you use bracket notation, just like lists: 9 | ```python 10 | print(f"It's like comparing ${fruits[0]} to ${fruits[1]}!") 11 | # output: 12 | It's like comparing apples to oranges! 13 | ``` -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/tools/kraken.md: -------------------------------------------------------------------------------- 1 | 2 | # Kraken 3 | Init. 4 | > "Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator based cracking across multiple machines both as a web app in a web browser and as a standalone electron based client. Kraken aims to be easy to use, fault tolerant and scalable." 5 | ## Use 6 | 7 | 8 | 9 | 10 | > [!Resources] 11 | > - [Kraken GitHub](https://github.com/arcaneiceman/kraken) -------------------------------------------------------------------------------- /www/WebDAV.md: -------------------------------------------------------------------------------- 1 | 2 | # WebDAV 3 | INIT 4 | WebDAV is a set of extensions for [HTTP](HTTP.md) which allows collaborators to write/ create/ modify contents *directly* on a web server. WebDAV provides [concurrency](../coding/concepts/coroutines.md#Concurrency) control and namespace operations so web content can be writeable (and not just readable). It also provides protections against *overwriting* files on the server. 5 | 6 | 7 | > [!Resources] 8 | > - [Wikipedia: WebDAV](https://en.wikipedia.org/wiki/WebDAV) -------------------------------------------------------------------------------- /computers/concepts/operating-system.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - OS 4 | - operating system 5 | --- 6 | INIT 7 | # Operating System 8 | ## Components 9 | ### Kernel 10 | The kernel of an OS communicates w/ the hardware ([CPU](CPU.md), [memory](computers/memory/memory.md)) 11 | ### Applications 12 | The other part of the operating system is the applications, which are based on and help run the kernel. *For example* [linux](/computers/linux.md) distros use the same kernel *but implement different applications* -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/netexec.md: -------------------------------------------------------------------------------- 1 | 2 | # NetExec (`nxc`) 3 | A network service exploitation tool which automates assessing security of large networks. 4 | 5 | ## Shit that worked 6 | ### Spidering [SMB](../../../../networking/protocols/SMB.md) shares 7 | Spider shares and download content. 8 | ```bash 9 | nxc smb $ip -u '' -p '' -M spider_plus -o DOWNLOAD_FLAG=True 10 | ``` 11 | 12 | > [!Resources] 13 | > - [NetExec Wiki](https://www.netexec.wiki/) 14 | > - [GitHub](https://github.com/Pennyw0rth/NetExec) -------------------------------------------------------------------------------- /networking/protocols/NetBIOS.md: -------------------------------------------------------------------------------- 1 | 2 | # NetBIOS: Network Basic Input/ Output System 3 | Init. 4 | 5 | 6 | 7 | 8 | 9 | 10 | > [!Resources] 11 | > - [Lifewire: NetBIOS](https://www.lifewire.com/netbios-software-protocol-818229) 12 | 13 | > [!Related] 14 | > - Commands: [nmblookup](../../CLI-tools/linux/remote/nmblookup.md), [nbtscan](../../CLI-tools/linux/nbtscan.md) 15 | > - Protocols: [SMB](/networking/protocols/SMB.md) 16 | > - Tools: [enum4linux](../../cybersecurity/TTPs/recon/tools/services-and-protocols/enum4linux.md) 17 | -------------------------------------------------------------------------------- /coding/databases/redis.md: -------------------------------------------------------------------------------- 1 | 2 | # Remote Dictionary Server 3 | An #in-memory-database 4 | - the data is stored in the physical memory of the computer 5 | - as opposed to disk-storage 6 | - a tool which provides a #data-structure to store data in 7 | - Is a #store and a #cache at the same time 8 | - data is read/modified from the main computer memory 9 | - stored on disk in a form that is unsuitable for random data access 10 | 11 | >[!related] 12 | >[redis-cli](redis-cli.md) 13 | 14 | >[!links] 15 | >https://en.wikipedia.org/wiki/Redis 16 | -------------------------------------------------------------------------------- /computers/windows/active-directory/ACLs.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - ACE 4 | - ACL 5 | - ACEs 6 | - access control lists 7 | - access control list 8 | --- 9 | 10 | INIT 11 | # ACLs & ACEs 12 | Each resource in a [Windows](../README.md) machine has an ACL (Access Control List) associated to it. Each ACL is a list of *none or more* access control entries (ACEs). 13 | ## Access Control Entry 14 | Each ACE defines the relationship *between a principal* (user, group, etc.) and a *particular access right*. 15 | ![](../../computers-pics/ACLs-1.png) -------------------------------------------------------------------------------- /networking/protocols/SSL.md: -------------------------------------------------------------------------------- 1 | 2 | # SSL: Secure Socket Layer 3 | Init. 4 | SSL is a protocol used w/ [HTTPS](https://github.com/TrshPuppy/obsidian-notes/tree/main/networking/protocols/HTTPS.md) to encrypt and ensure the authenticity and privacy of data sent over the web. *SSL is the predecessor of [TLS](/networking/protocols/TLS.md)* but is still widely used. 5 | 6 | Website which use SSL have `https` in their URL rather than [`http`](www/HTTP.md). 7 | 8 | > [!Resources] 9 | > - [CloudFlare: What is SSL](https://www.cloudflare.com/learning/ssl/what-is-ssl/) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/evil-winrm.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Evil-WinRM 3 | [_evil-winrm_](https://github.com/Hackplayers/evil-winrm) is a tool which will establish a stable [WinRM](../../../../computers/windows/WinRM.md) shell for you (usually used for the purpose of [penetration-testing](../../../pen-testing/penetration-testing.md)). 4 | 5 | ![My notes from OSCP on Evil-WinRM](../../../../OSCP/windows-privesc/enumeration/powershell-logging.md#Evil-WinRM) 6 | 7 | 8 | > [!Resources] 9 | > - [_evil-winrm_](https://github.com/Hackplayers/evil-winrm) GitHub -------------------------------------------------------------------------------- /networking/protocols/NBT-NS.md: -------------------------------------------------------------------------------- 1 | 2 | # NetBIOS Name Service 3 | A Windows protocol used to translate #NetBIOS names to [IP Addresses](networking/OSI/IP-addresses.md) on a local network. Is the predecessor to [LLMNR](/networking/protocols/LLMNR.md). 4 | 5 | ## Mechanism: 6 | Each machine on the network is assigned a #NetBIOS-name by the NBT-NS service. 7 | 8 | Uses [UDP](networking/protocols/UDP.md) #port-137. 9 | 10 | >[!Links] 11 | >[Hacking Articles: Detailed Guide to Responder](https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/) 12 | 13 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/rainbow-table.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - rainbow table 4 | --- 5 | # Rainbow table 6 | A rainbow-table is a [database](../../../coding/databases/DBMS.md) of pre-computed plain-text passwords and their corresponding [hash](../../../computers/concepts/cryptography/hashing.md) values. Used to find out what hash is produced from which plain-text password 7 | 8 | ***multiple texts can produce the same hash*** 9 | 10 | > [!Resources] 11 | > - [Geeks For Geeks: Rainbow Table Attack](https://www.geeksforgeeks.org/understanding-rainbow-table-attack/) 12 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/dir-and-subdomain/shosubgo.md: -------------------------------------------------------------------------------- 1 | 2 | # Shosubgo 3 | Init. 4 | ## Use 5 | ### Quick Start 6 | ```bash 7 | go install github.com/incogbyte/shosubgo@latest 8 | ``` 9 | ## Examples which worked 10 | ```bash 11 | shosubgo -d target.com -s '' > shosubout 12 | 13 | cat shosub-out | awk '/Domain: /{print}' | awk '{print $2}' 14 | ``` 15 | ### Using a file of apex domains 16 | ```bash 17 | shosubgo -f apex.txt -s '' > shosubout-apex 18 | ``` 19 | 20 | > [!Resources] 21 | > - [GitHub](https://github.com/incogbyte/shosubgo) -------------------------------------------------------------------------------- /OSCP/AD/intro-to-AD.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | --- 4 | # Intro to Active Directory 5 | [Active Directory](../../../computers/windows/active-directory/active-directory.md) is a [Windows](../../../computers/windows/README.md) service which system administrators use to manage multiple machines, users, applications, updates and data access across a large network environment. 6 | 7 | ![Active Directory](../../../computers/windows/active-directory/active-directory.md) 8 | 9 | 10 | > [!Resources] 11 | > - My [own notes](https://github.com/trshpuppy/obsidian-notes) linked throughout the text. -------------------------------------------------------------------------------- /computers/concepts/cryptography/diffie-hellman.md: -------------------------------------------------------------------------------- 1 | 2 | # Diffie-Hellman Key Exchange 3 | Diffie-Hellman key exchange is *one of the first asymmetric/public-key protocols*. 4 | ![](cybersecurity/cybersecurity-pics/diffie-hellman-1.jpg) 5 | > [!Resources] 6 | > - [Comparitech](https://www.comparitech.com/blog/information-security/diffie-hellman-key-exchange/) 7 | > - [Wikipedia: Diffie-Hellman](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange) 8 | > - [pc-freak](https://pc-freak.net/blog/improve-ssl-security-generate-add-diffie-hellman-key-ssl-certificate-stronger-line-encryption/) 9 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/exploit-db.md: -------------------------------------------------------------------------------- 1 | 2 | # Exploit Database: 3 | A database of malware which can be downloaded. ***Should be downloaded in to a containerized environment in case of accidental execution***. 4 | ## [`searchsploit` Command](searchsploit.md) 5 | [search-sploit]() is a command line search tool which allows you to take a copy of exploit-db with you wherever you go. To use it, a local clone of the Exploit DB GitHub repo has to be present on your system. 6 | 7 | > [!Resources] 8 | > - [Exploit DB GitLab Repo](https://gitlab.com/exploit-database/exploitdb) 9 | 10 | -------------------------------------------------------------------------------- /networking/design-structure/VLANs.md: -------------------------------------------------------------------------------- 1 | 2 | # Virtual [LANs](LAN.md) 3 | Init. 4 | A segmentation technique which logically divide physical networks into *distinct segments*. VLANs are more secure because they isolate traffic and confine them into *Broadcast domains*. This minimizes the scope of potential threats by limiting unauthorized access to data and devices on the VLAN. 5 | 6 | VLANs also provide more granular control over networks and devices. Each VLAN can have *specific security policies and access control* as well as traffic isolation. 7 | 8 | > [!Resources] 9 | > - Internship learning material -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/tools/gophish.md: -------------------------------------------------------------------------------- 1 | 2 | # GoPhish 3 | Init. 4 | [GoPhish](https://docs.getgophish.com/user-guide)i s a tool which helps to facilitate email [phishing](../phishing.md) campaigns. 5 | ## Use 6 | ### `{{.Tracker}}` 7 | In the email body, place a `{{.Tracker}}` tag at the end. This allows GoPhish to track interaction with the email from the user. The `{{.Tracker}}` tag is really just an alias for `img src={{.TrackerUrl}}` with `{{.TrackingUrl}}` which is the URL to GoPhish's tracking handler. 8 | 9 | > [!Resources] 10 | > - [GoPhish Docs](https://docs.getgophish.com/user-guide) -------------------------------------------------------------------------------- /CLI-tools/linux/remote/telnet-command.md: -------------------------------------------------------------------------------- 1 | 2 | # Usage: 3 | ``` 4 | telnet [OPTIONS...] [HOST [PORT]] 5 | ``` 6 | 7 | ## useful options: 8 | - logging in as #root: 9 | - syntax: ``telnet --user=root [IP ADDRESS]`` 10 | - root user MAY have no password 11 | - Once connected to [telnet](/networking/protocols/telnet.md) server w/ #telnet-shell 12 | - ``?`` gives info about machine 13 | - ``help`` gives list of commands 14 | - ``ls`` lists present files/directories 15 | - ``cat [filename]`` prints content of file to terminal 16 | 17 | > [!related] 18 | > [telnet](/networking/protocols/telnet.md) 19 | -------------------------------------------------------------------------------- /networking/OSI/2-datalink/bridge.md: -------------------------------------------------------------------------------- 1 | 2 | # Bridge Networking Device 3 | A device which operates on the [data-link-layer](data-link-layer.md) of the [OSI-reference-model](../OSI-reference-model.md). It's primary function is to connect and filter traffic b/w different *segments* of a network. 4 | ## Use 5 | Bridges are used to divide large networks into smaller, more manageable sections. Bridging segments also reduces *collision domains* because each segment is *independent*. Like [switches](switches.md), bridges also keep a *MAC address table* to help with remembering devices so it can easily forward frames to them. -------------------------------------------------------------------------------- /coding/README.md: -------------------------------------------------------------------------------- 1 | # Coding 2 | This directory contains notes on coding including general concepts, specific languages, frameworks and databases, as wells as associated tools. 3 | ## Some Interesting Nuggets: 4 | - My notes on [coroutines](concepts/coroutines.md) 5 | - Do [pointers](concepts/pointers.md) confuse you? Maybe I can help... 6 | - Does [threading](concepts/threading.md) confuse you? It's my favorite coding subject! 7 | - I even have notes on [assembly](languages/assembly.md) & [gdb](gdb.md)! 8 | - But if you're more high-level, here is python [asyncio](languages/python/asyncio.md) & [terraform](terraform.md) -------------------------------------------------------------------------------- /coding/jenkins.md: -------------------------------------------------------------------------------- 1 | 2 | # Jenkins Automation Server 3 | Jenkins Server is an open-source server used to automate things related to building, testing, and delivering software. Can be installed on linux and windows machines. 4 | 5 | Init. 6 | 7 | > [!Related] 8 | > - CVE-2024-23897 9 | > - [GitHub](https://github.com/godylockz/CVE-2024-23897) 10 | > - [SonarSource: Excessive Expansion Uncovering Critical Security...]( 11 | https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/) 12 | 13 | > [!Resources] 14 | > - [Jenkins Documentation](https://www.jenkins.io/doc/) 15 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/ExploitDB.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: [] 3 | --- 4 | 5 | # Exploit Database: 6 | A database of malware which can be downloaded. ***Should be downloaded in to a containerized environment in case of accidental execution***. 7 | ## [`searchsploit` Command](searchsploit.md) 8 | [search-sploit]() is a command line search tool which allows you to take a copy of exploit-db with you wherever you go. To use it, a local clone of the Exploit DB GitHub repo has to be present on your system. 9 | 10 | > [!Resources] 11 | > - [Exploit DB GitLab Repo](https://gitlab.com/exploit-database/exploitdb) 12 | 13 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/vuln-scanning/nessus.md: -------------------------------------------------------------------------------- 1 | 2 | # Nessus Vulnerability Scanner 3 | Init. 4 | 5 | ![Notes on Nessus CLI tool](/PNPT/PEH/scanning-enumeration/nessus-vuln-scanning.md) 6 | [If You're on GitHub Click Me (for Nessus notes)](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/scanning-enumeration/nessus-vuln-scanning.md) 7 | 8 | > [!Resources] 9 | > - [Nessus Download](https://www.tenable.com/downloads/nessus?loginAttempted=true) 10 | > - My [notes on Nessus](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/scanning-enumeration/nessus-vuln-scanning.md) while studying for PNPT. 11 | 12 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/wordlists/robots-disallowed.md: -------------------------------------------------------------------------------- 1 | 2 | # Robots Disallowed Wordlist 3 | [Robots Disallowed](https://github.com/danielmiessler/RobotsDisallowed) is a project maintained on GitHub as a replacement for the [RAFT tool](https://code.google.com/archive/p/raft/) (which is not maintained). Both projects create(d) wordlists using the `robot.txt` files of indexed websites. This file tells spidering indexers what pages a site does *not* want to be indexed. 4 | 5 | > [!Resources] 6 | > - [Robots Disallowed GitHub](https://github.com/danielmiessler/RobotsDisallowed) 7 | > - [RAFT tool](https://code.google.com/archive/p/raft/) -------------------------------------------------------------------------------- /.obsidian/graph.json: -------------------------------------------------------------------------------- 1 | { 2 | "collapse-filter": false, 3 | "search": "", 4 | "showTags": true, 5 | "showAttachments": true, 6 | "hideUnresolved": true, 7 | "showOrphans": true, 8 | "collapse-color-groups": false, 9 | "colorGroups": [], 10 | "collapse-display": false, 11 | "showArrow": false, 12 | "textFadeMultiplier": -3, 13 | "nodeSizeMultiplier": 1.42708333333333, 14 | "lineSizeMultiplier": 1, 15 | "collapse-forces": false, 16 | "centerStrength": 0.453125, 17 | "repelStrength": 10.3125, 18 | "linkStrength": 1, 19 | "linkDistance": 263, 20 | "scale": 0.12008144652330544, 21 | "close": true 22 | } -------------------------------------------------------------------------------- /PNPT/PEH/recon/social-media.md: -------------------------------------------------------------------------------- 1 | 2 | # Using Social Media for OSINT 3 | A lot of open-source/public information can be gathered from browsing social media platforms. For example, visiting the LinkedIn of a target organization can turn up: 4 | - current staff and their credentials (emails, names/ last names) 5 | - images which feature badge photos, technology used, etc. 6 | 7 | *People are the weakest point in an organization's security*. Even just having employee names, you can enumerate email addresses. Those addresses can be used to search [breached credentials](/PNPT/PEH/recon/breached-credentials.md), which can then be used to exploit the target. -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/trojans.md: -------------------------------------------------------------------------------- 1 | 2 | # Trojans 3 | Init. 4 | Named after the Trojan Horse from Greek history and the taking or Troy. As a malware, a trojan is software which is *disguised as harmless software* but is actually malicious. Usually, trojan malware tricks a user into executing it by, not only appearing to look harmless, but even *performing a desired function* for the user (while also doing something malicious). 5 | ## Remote Access Trojan 6 | This is a more modern type of trojan which *allows an attacker to take remote control* of the machine it's on. 7 | 8 | > [!Resources] 9 | > - [Sec+ Udemy Course](https://www.udemy.com/course/securityplus) -------------------------------------------------------------------------------- /PNPT/PEH/kali-linux/sudo.md: -------------------------------------------------------------------------------- 1 | 2 | # Linux `sudo` command 3 | `sudo` stands for "super user do" and allows you to run a command as the *root user.* The privilege elevation only exists while running the command. Some distros like Ubuntu will persist the super-user permission for 15 minutes. 4 | 5 | Users which are in the "sudoers" group have super-user privileges. 6 | ## Root user: 7 | An example of a default user in Linux distros which is in the "sudoers" group is the root user. To login as the root user use `sudo su -` and the context of your shell will change to you being the root user. Exiting or killing the current shell will end the root user privileges for that shell. -------------------------------------------------------------------------------- /computers/windows/LSASS.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Local Security Authority Subsystem Service 3 | A process (`lsass.exe`) on [Windows](README.md) computers which *enforces security policies*. It verifies users who are logging into the computer/ server, handles *password changes*, and creates *access tokens*. It also writes to the Windows Security Log. 4 | 5 | `lsass.exe` is located at `%WINDIR%\System32`. If you were to force terminate `lsass.exe`, you could cause the system to *lose access to any accounts*, including system based ones, which would cause the machine to restart. 6 | 7 | > [!Resources] 8 | > - [Wikipedia: LSASS](https://en.wikipedia.org/wiki/Local_Security_Authority_Subsystem_Service) -------------------------------------------------------------------------------- /OSCP/linux-privesc/file-permissions/cron-jobs.md: -------------------------------------------------------------------------------- 1 | 2 | # Abusing Cron Jobs 3 | ## Scenario 4 | ### Checking for Running Cron Jobs 5 | ```bash 6 | joe@debian-privesc:~$ grep "CRON" /var/log/syslog 7 | ... 8 | Aug 25 04:56:07 debian-privesc cron[463]: (CRON) INFO (pidfile fd = 3) 9 | Aug 25 04:56:07 debian-privesc cron[463]: (CRON) INFO (Running @reboot jobs) 10 | Aug 25 04:57:01 debian-privesc CRON[918]: (root) CMD (/bin/bash /home/joe/.scripts/user_backups.sh) 11 | Aug 25 04:58:01 debian-privesc CRON[1043]: (root) CMD (/bin/bash /home/joe/.scripts/user_backups.sh) 12 | Aug 25 04:59:01 debian-privesc CRON[1223]: (root) CMD (/bin/bash /home/joe/.scripts/user_backups.sh) 13 | ``` 14 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/delivery/URL-shorteners.md: -------------------------------------------------------------------------------- 1 | 2 | # URL Shorteners: 3 | A tool which creates a unique, short URL which redirects to the website specified during the initial setup of the #URL-shortener link. 4 | - using a URL shortening service (such as #tinyurl) to hide a malicious url 5 | - ex: 6 | - real URL: `https://www.sans.org/security-awareness-training/blog/secure-options-url-shortening` 7 | - short URL (using tinyurl): `http://tinyurl.com/4umda63` 8 | 9 | ## Preview feature: 10 | Some URL shortening services have a preview feature: 11 | - ex: `http://preview.tinyurl.com/4umda63` 12 | - ex (with #bitly): `http://bit.ly/example+` (add a `+` to the end) 13 | - fdkfsjhfjkd -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/dir-and-subdomain/feroxbuster.md: -------------------------------------------------------------------------------- 1 | 2 | # Feroxbuster CLI Tool for "Forced Browsing" 3 | Init. 4 | Feroxbuster is a CLI tool for enumerating directories on a target. 5 | ## Usage 6 | ### Quick Start 7 | ```bash 8 | sudo apt update && sudo apt install -y feroxbuster 9 | ``` 10 | ### `-u` Url 11 | This is the target url 12 | ```bash 13 | feroxbuster -u x.x.x.x 14 | ``` 15 | ### `-o` Output 16 | Use this flag to define an output file. `.state` is the default extension set by ferox but can be prevented w/ the `--no-state` flag. 17 | 18 | > [!Resources] 19 | > - `feroxbuster --help` 20 | > - [GitHub](https://github.com/epi052/feroxbuster) 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /coding/databases/RDBMS.md: -------------------------------------------------------------------------------- 1 | 2 | # Relational Databases 3 | RDBMS are the most common type of databases. They use a schema /template to dictate the structure and how the data is stored in the DB. Data is associated with keys which provide access to a specific row or column. 4 | 5 | Tables or "entities" are all related to each other so a change in one will effect others but only in a predictable way. 6 | ![](/coding/coding-pics/DBMS-2.png) 7 | In the image above, the `id` related to users in the `users` table is the same as `user_id` used to relate to user posts in the `posts` table. This type of relationship is more efficient because, for example, not all data related to each user has to be stored with their posts. -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/tools/winPEAS.md: -------------------------------------------------------------------------------- 1 | INIT 2 | # Windows Privilege Escalation Awesome Scripts 3 | [_winPEAS_](https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS) is a command line tool used for enumerating [Windows](../../../../computers/windows/README.md) machines, especially as it relates to privilege-escalation. 4 | ![My notes from OSCP on WinPEAS](../../../../OSCP/windows-privesc/enumeration/automated-enum.md#WinPEAS) 5 | 6 | > [!Resources] 7 | > - [_winPEAS_](https://github.com/carlospolop/PEASS-ng/tree/master/winPEAS) GitHub 8 | 9 | > [!Related] 10 | > - [My notes from OSCP on automated privesc enumeration](../../../../OSCP/windows-privesc/enumeration/automated-enum.md) -------------------------------------------------------------------------------- /networking/protocols/ICMP.md: -------------------------------------------------------------------------------- 1 | # Internet Control Message Protocol 2 | A protocol used between routers and other network ([layer 3](/networking/OSI/network-layer.md)) devices to communicate operational state and/ or error messages. This protocol is *not used to exchange data between devices* like other IP protocols. Instead, it is meant to communicate the availability of a requested host or service. 3 | 4 | ## [Ping Command](ping.md): 5 | The `ping` command can be used on both Linux and Windows systems to see whether a connection to a resource via the network is possible. 6 | 7 | > [!Resources:] 8 | > [Wikipedia: Internet Control Message Protocol](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol) -------------------------------------------------------------------------------- /networking/design-structure/WAN.md: -------------------------------------------------------------------------------- 1 | 2 | # Wide Area Network (WAN) 3 | Init. 4 | A WAN is a collection of [LAN](LAN.md)s which can communicate w/ each other. For example, the internet itself is *the largest WAN*. 5 | ## Components 6 | ### WAN Routers 7 | A WAN router is an "edge" or "border" router which routes data b/ WAN locations. It also gives a WAN *access to a carrier network*. 8 | ### SD WAN 9 | Software-defined WAN uses *virtualization* to make deploying WAN environments easier. It uses VMs, application-level policies, overlay networks, and onsite SD-WAN devices. 10 | 11 | > [!Resources] 12 | > - [Cisco: WAN](https://www.cisco.com/c/en/us/products/switches/what-is-a-wan-wide-area-network.html#~types) -------------------------------------------------------------------------------- /networking/OSI/2-datalink/switches.md: -------------------------------------------------------------------------------- 1 | 2 | # Network Switches 3 | Networking devices which operate in the [data-link-layer](data-link-layer.md) of the [OSI-reference-model](../OSI-reference-model.md). Switches are able to receive, read, and forward data *frames* to their destination [MAC-addresses](../../../PNPT/PEH/networking/MAC-addresses.md). 4 | ## Use 5 | To provide efficient data transmission within a [LAN](../../design-structure/LAN.md). Switches are slightly more advanced than [hubs](../1-physical/hubs.md) because they *maintain a MAC address table* which allows it to learn and store MAC addresses of connected devices. 6 | 7 | Switches use these MAC tables to forward incoming data to its intended recipient device. 8 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/OS/linux-recon.md: -------------------------------------------------------------------------------- 1 | 2 | # A list of recon sources on Linux Targets 3 | ## Network 4 | ### `/etc/network/interfaces` 5 | File which can include cleartext passwords for logging into network interfaces including WiFi: 6 | ```bash 7 | auto wlan0 8 | iface wlan0 inet static 9 | address 192.168.1.150 10 | netmask 255.255.255.0 11 | gateway 192.168.1.1 12 | wpa-essid mywifiname 13 | wpa-psk mypass 14 | ``` 15 | > [!Resource] 16 | > - [LinuxConfig: etcnetworkinterface](https://linuxconfig.org/etcnetworkinterfacesto-connect-ubuntu-to-a-wireless-network) 17 | 18 | ### `/etc/netplan` 19 | Similar to `/etc/network/interfaces`. Contains network [YAML](../../../../coding/markup/YAML.md) config files sometimes w/ cleartext passwords. 20 | -------------------------------------------------------------------------------- /coding/markup/TOML.md: -------------------------------------------------------------------------------- 1 | 2 | # TOML 3 | Init. 4 | "Tom's Obvious Minimal Language" is a markup language based on key value pairs and [hashmaps](../concepts/hashmaps.md). TOML is relatively flat but can make use of "dotted keys" to take on a more [JSON](../data-structures/JSON.md)- like structure. For example: 5 | ```toml 6 | name = "Orange" 7 | physical.color = "orange" 8 | physical.shape = "round" 9 | site."google.com" = true 10 | ``` 11 | This TOML file is equivalent to this JSON file: 12 | ```json 13 | { 14 | "name": "Orange", 15 | "physical": { 16 | "color": "orange", 17 | "shape": "round" 18 | }, 19 | "site": { 20 | "google.com": true 21 | } 22 | } 23 | ``` 24 | 25 | > [!Resources] 26 | > - [Website](https://toml.io/en/v1.0.0) -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/credential-harvesting/breach-parse.md: -------------------------------------------------------------------------------- 1 | 2 | # Breach-Parse 3 | A [tool](https://github.com/hmaverickadams/breach-parse) written by Heath Adams which can search through large collections of breached data. 4 | ### Usage: 5 | ```bash 6 | ./breach-parse.sh @tesla.com tesla.txt 7 | ``` 8 | In this example, breach-parse will scan through `tesla.txt` and find all the usernames/ emails which include "tesla.com". Then it will return all the passwords associated with those accounts. 9 | 10 | The results are returned in 3 files: 11 | - `tesla-master.txt` 12 | - `tesla-passwords.txt` 13 | - `tesla-users.txt` 14 | 15 | > [!Resources] 16 | > - [Heath Adams: Breach-Parse repo](https://github.com/hmaverickadams/breach-parse) 17 | 18 | -------------------------------------------------------------------------------- /CLI-tools/linux/crontab.md: -------------------------------------------------------------------------------- 1 | 2 | # crontab 3 | Linux command for interacting w/ [cron](computers/linux/linux-processes.md) to setup scheduled and automated processes. 4 | ## Syntax 5 | ```bash 6 | crontab [options] 7 | 8 | * * * * * 9 | OR 10 | * * * * * 11 | ``` 12 | ![](CLI-tools/CLI-tools-pics/crontab-1.png) 13 | ### Setup Crontab for a user: 14 | Crontab is *user specific*. You can check if a user already has a crontab by using the `-l` switch. To create a crontab for a user, use `crontab -e`. This will open a text editor of your choice. 15 | 16 | In the text editor, paste a cron job. Now this cron job will run for the user. 17 | 18 | > [!Resources] 19 | > - [Linux Handbook](https://linuxhandbook.com/crontab/) 20 | 21 | -------------------------------------------------------------------------------- /computers/linux/syscalls.md: -------------------------------------------------------------------------------- 1 | 2 | # Syscalls 3 | init. 4 | 5 | Syscalls are implemented in Unix operating systems as a means to allow programs to request services from the [kernel](../concepts/kernel.md). 6 | 7 | There are 300+ system calls categorized by their function. In general, functionality includes: process mgmt, file operations, device I/O, networking, and memory allocation, etc.. 8 | ## Example Syscalls 9 | ### [ioctl](ioctl.md) 10 | The `ioctl` syscall has to do with manipulating [device files](file-system/device-file.md). 11 | 12 | > [!Resources] 13 | > - [The Linux Code: Golang Syscall Examples](https://thelinuxcode.com/golang-syscall-examples/) 14 | > - [Filippo Valsorda: Searchable Linux Syscall Table](https://filippo.io/linux-syscall-table/) -------------------------------------------------------------------------------- /PNPT/PEH/buffer-overflows/buffer-overflow-basics.md: -------------------------------------------------------------------------------- 1 | 2 | # The Basics of Buffer Overflows 3 | Knowing what we know about [memory](/PEH/buffer-overflows/memory.md), now we can try to understand [buffer-overflow](/cybersecurity/TTPs/exploitation/binary-exploitation/buffer-overflow.md). In general, buffer overflows *target stack frames allocated to data structures being used by a program.* The goal is to overwrite and *overflow* the stack frame in order to access memory not intended to be accessed by that frame. 4 | 5 | ![See Buffer Overflow](/cybersecurity/TTPs/exploitation/binary-exploitation/buffer-overflow.md) 6 | 7 | > [!My previous notes (linked in text)] 8 | > - You'll find them all [here](https://github.com/TrshPuppy/obsidian-notes) 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /coding/concepts/logic.md: -------------------------------------------------------------------------------- 1 | 2 | # Logic 3 | #propositional-logic: a #proposition p is a variable that can take values "true" or "false" and no other 4 | - #proposition : 5 | - Can build new #proposition s from old one using #logical-operators 6 | 7 | ## #logical-operators 8 | #unary-operators (there are 4) 9 | - starts with one #proposition #p 10 | - #p : can be either true of false 11 | - #not-p : takes the opposite value of #p 12 | - if #p is true, #not-p is false and vice-versa 13 | - #id-p 14 | - #t-p 15 | - true independent of what #p is 16 | - #upside-down-p: 17 | - false independent of what #p is 18 | #binary-operators 19 | - starts with two #proposition s #p and #q 20 | 21 | >[!links] 22 | >https://www.youtube.com/watch?v=V49i_LM8B0E 23 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/reverse-engineering/malware-sandboxes.md: -------------------------------------------------------------------------------- 1 | 2 | # Malware Sandboxes: 3 | Services where files/ #malware can be uploaded in order to understand what it does. 4 | 5 | ## Sites: 6 | ### [Any.Run:](https://app.any.run/) 7 | "Analyze a network, file, module, and registry activity. Interact with the OS directly from a browser and see feedback from your actions immediately." 8 | 9 | ### [Hybrid Analysis:](https://www.hybrid-analysis.com/) 10 | "A free malware analysis service for the community that detects and analyzes unknown threats using a unique technology" 11 | 12 | ### [Joe Sandbox:](https://www.joesecurity.org/) 13 | "Empowers analysts with... products...among them Live Interaction, URL Analysis & AI based Phishing Detection..." -------------------------------------------------------------------------------- /cybersecurity/vulnerabilities/DejaBlue.md: -------------------------------------------------------------------------------- 1 | 2 | # DejaBlue Vulnerability 3 | #### #CVE-2019-1181 & #CVE-2019-1182 4 | Vulnerability in Windows 7 - Windows 10 using [[RDP]] 5 | 6 | ## Required Contexts: 7 | 1. If #NLA Network Level Authentication is enabled: 8 | - attacker would need to authenticate RDP using a valid account. 9 | 2. If the target is Windows 7 SP1 or Windows Server 2008 R2 SP1: 10 | - it will need to have #RDP 8.0 or 8.1 installed 11 | 12 | ## Analysis: 13 | See links 14 | 15 | >[!links] 16 | >https://www.rapid7.com/blog/post/2019/11/07/the-anatomy-of-rdp-exploits-lessons-learned-from-bluekeep-and-dejablue/ 17 | > 18 | >https://www.coresecurity.com/core-labs/articles/dejablue-vulnerabilities-windows-7-windows-10-cve-2019-1181-and-cve-2019-1182 19 | 20 | -------------------------------------------------------------------------------- /CLI-tools/linux/users/w.md: -------------------------------------------------------------------------------- 1 | 2 | # `w` Command 3 | Provides info on who is logged in including idle times, CPU time used by the processes attached to the [tty](../../../computers/linux/terminal-tty-shell.md) and the CPU time of the current process (under the `final` field). 4 | ```bash 5 | $ w 6 | 13:45:48 up 29 days, 19:24, 2 users, load average: 0.53, 0.52, 0.54 7 | USER TTY LOGIN@ IDLE JCPU PCPU WHAT 8 | seth tty2 Sun18 43:22m 0.01s 0.01s /usr/libexec/gnome-session-binary 9 | curly pts/2 13:02 35:12 0.03s 0.03s -bash 10 | ``` 11 | You can also *see the user's [IP address](../networking/IP-addresses.md)* by using the `-i` or `--ip-addr` flags. 12 | 13 | > [!Resources] 14 | > - [RedHat](https://www.redhat.com/sysadmin/monitor-users-linux) -------------------------------------------------------------------------------- /computers/windows/PE.md: -------------------------------------------------------------------------------- 1 | INIT. 2 | # Portable Executable 3 | Portable Executable (PE) is a file format in [Windows](README.md) and UEFI environments for executable files (`.exe`, `.dll`, `.mui`, `.sys` etc.). It is a structured container of data which gives the [OS](../concepts/operating-system.md) everything it needs to manage the executable code within it (including references to libraries, tables for importing and exporting APIs, resource data, and information on [threads](../../coding/concepts/threading.md)). 4 | ## Import Table 5 | The import address table (IAT) is a lookup table which is used when the application calls a function from a *different module or library*. 6 | 7 | > [!Resources] 8 | > - [Wikipedia: Portable Executable](https://en.wikipedia.org/wiki/Portable_Executable) -------------------------------------------------------------------------------- /computers/README.md: -------------------------------------------------------------------------------- 1 | # Computers 2 | This directory contains notes about computers including computing concepts, how different components work, as well as notes on specific operating systems like Windows and Linux. 3 | ## Some Interesting Nuggets: 4 | - Check out the [cryptography](concepts/cryptography/cryptography.md) dir where I keep notes on cryptographic concepts, encryption algorithms, etc.. 5 | - [Quantum Computing](../hidden/Sec+/21%%202%20Architecture%20&%20Design/2.8%20Cryptography/quantum%20computing.md) (it's dope) 6 | - Some info on the Linux [filesystem hierarchy](linux/file-system/filesystem-hierarchy.md) & [processes](linux/linux-processes.md) 7 | - Lots on computer [memory](memory/memory.md) 8 | - Windows [active-directory](windows/active-directory/active-directory.md) (eww!) -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/password-spraying.md: -------------------------------------------------------------------------------- 1 | 2 | # Password Spraying 3 | Init. 4 | Password spraying is a kind of password attack which attackers use to try to brute force hundreds of logins without triggering detection. Instead of brute-forcing the password of a single account, password spraying uses one *common password* (like "Summer2025!) to try and login for multiple accounts. The idea is that out of hundreds or thousands of attempts, a handful will be successful since some of the victims are likely to be using that common password. 5 | 6 | > [!References] 7 | > - My brain for now until I flesh this out 8 | 9 | > [!Related] 10 | > - [credmaster](../recon/tools/credential-harvesting/credmaster.md) 11 | > - [trevorspray](../recon/tools/credential-harvesting/trevorspray.md) 12 | -------------------------------------------------------------------------------- /networking/protocols/LLMNR.md: -------------------------------------------------------------------------------- 1 | 2 | # Link-Local Multicasting Name Resolution 3 | A [DNS](DNS.md) protocol which allows hosts to resolve hostnames on the same local link (allows name resolution w/o a DNS server). 4 | ## Mechanism: 5 | LLMNR is able to resolve a host name to an [IP address](networking/OSI/IP-addresses.md) by sending a *multicast-packet* across the network to all listening interfaces. The packet asks each interface if they are the authoritative hostname. 6 | - uses [UDP](/networking/protocols/UDP.md) `port 5355` 7 | 8 | > [!Resources] 9 | > - [Hacking Articles: Detailed Guide to Responder](https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/) 10 | 11 | > [!Related] 12 | > TTPs: [LLMNR Poisoning](cybersecurity/TTPs/exploitation/LLMNR-poisoning.md) -------------------------------------------------------------------------------- /networking/protocols/kerberos.md: -------------------------------------------------------------------------------- 1 | 2 | # Kerberos Protocol 3 | Kerberos is an *authentication protocol* used in Windows computer-network environments. It uses a *ticket system* to allow parties to prove their identities to one another 'securely.' 4 | 5 | It's based around a *client-server model* and requires both the server and client to verify each other's identities. It also uses *symmetric key [cryptography](computers/concepts/cryptography/cryptography.md)* as well as *public key cryptography* (optional) and requires a 3rd party for authentication. 6 | 7 | > [!Related] 8 | > - `port 88` 9 | > - [active-directory](computers/windows/active-directory/active-directory.md) 10 | > 11 | 12 | > [!Resources] 13 | > - [Wikipedia: Kerberos](https://en.wikipedia.org/wiki/Kerberos_protocol) 14 | -------------------------------------------------------------------------------- /PNPT/PEH/recon/google-fu.md: -------------------------------------------------------------------------------- 1 | 2 | # Google Fu 3 | How to optimize google searching in the context of Recon and Information gathering. 4 | ## Google Search Operators 5 | [Ahrefs: Google Search Operators, The Complete List](https://ahrefs.com/blog/google-advanced-search-operators/) 6 | Advanced search operators in google can be used to optimize and filter search results. 7 | ## Enumerating subdomains 8 | To enumerate subdomains using Google dorks you can simply add `+-www` to your search: `site:google.com`. 9 | ```bash 10 | # Search in google search bar: 11 | site:google.com -www 12 | 13 | # Actual URL: 14 | https://www.google.com/search?q=site:facebook.com+-www 15 | ``` 16 | 17 | > [!Resources] 18 | > - [Ahrefs: Google Search Operators, The Complete List](https://ahrefs.com/blog/google-advanced-search-operators/) -------------------------------------------------------------------------------- /networking/protocols/SRTP.md: -------------------------------------------------------------------------------- 1 | 2 | # SRTP Secure Real Time Transport Protocol 3 | Init 4 | Used in VOIP and is the secure version of *RTP* (Realtime Transport Protocol). It ensures *secure, realtime transport of video and audio over an [IP](../OSI/4-transport/transport-layer.md) network.* 5 | ## Adds to RTP 6 | SRTP uses encryption to keep conversations private, whereas RTP does not. 7 | ### AES Encryption 8 | Used to encrypt voice data in a conversation or video 9 | ### HMAC-SHA1 10 | Uses this [hash-based](../../computers/concepts/cryptography/hashing.md) encryption method to provide *authentication, integrity, and replay protection.* The hashing algorithm is *SHA1*. 11 | 12 | > [!Resources] 13 | > - [Professor Messer](https://www.youtube.com/watch?v=yuXK_Jyosus&list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8&index=101) -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Repo specific: 2 | vid.md 3 | cybersecurity/security-roadmap.md 4 | networking/open-source/odin-project-API-keys.md 5 | /cybersecurity/roadmap 6 | /cybersecurity/THM/THM.md 7 | /cybersecurity/HTB/HTB.md 8 | /hidden 9 | /networking/networking.md 10 | /roadmap 11 | move-pics.sh 12 | .move-pics.sh.swp 13 | Excalidraw 14 | cybersecurity/TTPs/recon/OS/linux-recon.md 15 | PNPT/PNPT-hidden 16 | nested-repos 17 | PNPT-old 18 | OSCP/OSCP-hidden 19 | OSCP/challenge-labs 20 | *hide-* 21 | 22 | # Submod specifics: 23 | /nested-repos/PNPT-study-guide/PNPT-hidden 24 | /nested-repose/malware-analysis-notes/PMAT-hidden 25 | /OSCP/hidden 26 | 27 | 28 | 29 | # Obsidian specific: 30 | .obsidian/cache 31 | .trash/ 32 | .DS_Store 33 | .obsidian/workspace.json 34 | .obsidian/community-plugins.json 35 | .obsidian/plugins/ 36 | -------------------------------------------------------------------------------- /.obsidian/core-plugins-migration.json: -------------------------------------------------------------------------------- 1 | { 2 | "file-explorer": true, 3 | "global-search": true, 4 | "switcher": true, 5 | "graph": true, 6 | "backlink": true, 7 | "canvas": true, 8 | "outgoing-link": true, 9 | "tag-pane": true, 10 | "page-preview": true, 11 | "daily-notes": true, 12 | "templates": true, 13 | "note-composer": true, 14 | "command-palette": true, 15 | "slash-command": false, 16 | "editor-status": true, 17 | "starred": false, 18 | "markdown-importer": false, 19 | "zk-prefixer": false, 20 | "random-note": false, 21 | "outline": true, 22 | "word-count": true, 23 | "slides": false, 24 | "audio-recorder": false, 25 | "workspaces": false, 26 | "file-recovery": true, 27 | "publish": false, 28 | "sync": false, 29 | "bookmarks": true, 30 | "properties": true 31 | } -------------------------------------------------------------------------------- /writeups/markup.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # PLAN 4 | 5 | php server 6 | use to serve files out of the Admin dir 7 | testing: 8 | serve us a privilege resource from 9 | User/Administrator 10 | 11 | 12 | job.bat ** more sure that it escalates 13 | testing: 14 | fill it with commands which 15 | get us protected files/ resources 16 | ie. "get the .ssh/ id_rsa 17 | from Administrator" 18 | directory traversal 19 | 20 | code execution 21 | 22 | blockers: 23 | ---> sometimes the file we create with job.bat 24 | is empty 25 | (my bat code is wrong) 26 | sometimes job.bat ggets replaces w/ its 27 | OG content (my bat code gets YEETED) 28 | 29 | mysql/ 30 | 31 | 32 | phpMyAdmin 33 | privileged shell? 34 | privileged php code to execute on the system 35 | (get system variables/info) 36 | sb;waLSk}kQ; -------------------------------------------------------------------------------- /cybersecurity/TTPs/cracking/tools/kerbrute.md: -------------------------------------------------------------------------------- 1 | 2 | # `kerbrute` Command 3 | ## Use 4 | ### Syntax Example: 5 | #### Userenum mode 6 | Userenum mode does not attempt a login (so it won't lock actual users out). 7 | ``` 8 | kerbrute userenum -d egotistical-bank --dc egotistical-bank.local -o users.txt 9 | ``` 10 | `-o` is a list of possible usernames 11 | ```bash 12 | kerbrute userenum jsmith.txt -d domain.org -t 1 -v -o output.txt 13 | ``` 14 | `-t` is the time interval between requests (?) 15 | #### Bruteforce mode 16 | ```bash 17 | kerbrute bruteforce -d egotistical-bank --dc egotistical-bank.local users.txt 18 | ``` 19 | `users.txt` is a list of usernames matched with passwords like: `fsmith:password` 20 | 21 | 22 | > [!Resources] 23 | > - [GitHub](https://github.com/insidetrust/statistically-likely-usernames/tree/master) 24 | -------------------------------------------------------------------------------- /computers/windows/file-system/filter-drivers.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - minifilters 4 | --- 5 | 6 | # File System Filter Drivers 7 | INIT 8 | File system filter drivers ("minifilters") *intercept requests* made to file systems or other file system filter drivers. They're often used to supplement or extend the functionality of [antivirus engines](../../../OSCP/antivirus-evasion/README.md), backup agents, and [encryption](../../concepts/cryptography/README.md) products. 9 | ## Filter Manager 10 | The [filter manager](filter-manager.md) (`FltMgr.sys`) is used to *develop filters*. It provides a framework for file I/O operations so developers don't have to worry about those complexities. 11 | 12 | > [!Resources] 13 | > - [Microsoft: Filter Drivers](https://learn.microsoft.com/en-us/windows-hardware/drivers/ifs/#file-system-filter-drivers) -------------------------------------------------------------------------------- /.obsidian/core-plugins.json: -------------------------------------------------------------------------------- 1 | { 2 | "file-explorer": true, 3 | "global-search": true, 4 | "switcher": true, 5 | "graph": true, 6 | "backlink": true, 7 | "canvas": true, 8 | "outgoing-link": true, 9 | "tag-pane": true, 10 | "page-preview": true, 11 | "daily-notes": true, 12 | "templates": true, 13 | "note-composer": true, 14 | "command-palette": true, 15 | "slash-command": false, 16 | "editor-status": true, 17 | "starred": false, 18 | "markdown-importer": false, 19 | "zk-prefixer": false, 20 | "random-note": false, 21 | "outline": true, 22 | "word-count": true, 23 | "slides": false, 24 | "audio-recorder": false, 25 | "workspaces": false, 26 | "file-recovery": true, 27 | "publish": false, 28 | "sync": false, 29 | "bookmarks": true, 30 | "properties": true, 31 | "webviewer": false 32 | } -------------------------------------------------------------------------------- /CLI-tools/windows/powercat.md: -------------------------------------------------------------------------------- 1 | 2 | # PowerCat 3 | INIT 4 | [PowerCat](https://github.com/besimorhino/powercat) is a command line tool similar to [netcat](../../cybersecurity/TTPs/exploitation/tools/netcat.md) but written for Windows and [powershell](../../coding/languages/powershell.md). Like netcat, it can be used for file transfer, as well as executing commands on the remote computer you use it to connect to. 5 | ## Installation 6 | PowerCat is a powershell function. So, you can either copy it from GitHub into a `.ps1` file and then run it with `. ./powercat.ps1`, or you can load the function using a URL: 7 | ```ps1 8 | IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1') 9 | ``` 10 | 11 | 12 | > [!Resources] 13 | > - [PowerCat GitHub](https://github.com/besimorhino/powercat) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/netcat.md: -------------------------------------------------------------------------------- 1 | # Netcat Command Line Utility: 2 | Placeholder: 3 | ![PNPT notes on shells](/PNPT/PEH/exploit-basics/shells.md) 4 | ![CONNECT Scan w/ netcat](../../../../OSCP/enum-and-info-gathering/active/port-scanning.md#CONNECT%20Scan%20w/%20netcat) 5 | ![UDP scanning w/ netcat](../../../../OSCP/enum-and-info-gathering/active/port-scanning.md#UDP%20scanning%20w/%20netcat) 6 | 7 | 8 | [Notes on Rev & Bind Shells](https://github.com/TrshPuppy/PNPT-study-guide/blob/main/PEH/exploit-basics/shells.md) 9 | [Notes on CONNECT port scanning w/ netcat](../../../../OSCP/enum-and-info-gathering/active/port-scanning.md#CONNECT%20Scan%20w/%20[netcat](../../cybersecurity/TTPs/exploitation/tools/netcat.md)) 10 | [Notes on UDP port scanning w/ netcat](../../../../OSCP/enum-and-info-gathering/active/port-scanning.md#UDP%20scanning%20w/%20netcat) -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/wordlists/statistcially-likely.md: -------------------------------------------------------------------------------- 1 | 2 | # Statistically Likely wordlists 3 | A repo of text files which are large lists of statistically likely usernames. Each list includes usernames with different *combos of first and last name*. For example, the `jsmith.txt` file includes usernames with a first initial, last name format like `bdover`, whereas the `johnsmith.txt` file has usernames with a first name, last name format like `bendover`. 4 | ## Easy snag w/ [`curL`](../../../../../CLI-tools/linux/remote/curL.md) 5 | ```bash 6 | curl -O https://raw.githubusercontent.com/insidetrust/statistically-likely-usernames/master/jsmith.txt 7 | 8 | # This URL is from clicking 'Raw' on the GitHub page for jsmith.txt 9 | ``` 10 | 11 | 12 | > [!Resources] 13 | > - [GitHub](https://github.com/insidetrust/statistically-likely-usernames/tree/master) 14 | 15 | -------------------------------------------------------------------------------- /networking/OSI/3-network/network-layer.md: -------------------------------------------------------------------------------- 1 | 2 | # Network Layer (L3) 3 | Provides services to allow end devices to exchange data. 4 | ## Major Functions: 5 | 1. Addressing end-devices 6 | 2. #Encapsulation 7 | 3. Routing 8 | 4. De-encapsulation 9 | ## Packets: 10 | How data is referred to and encapsulated in the #network-layer: 11 | #### Packet structure: 12 | - structure differs r/t the type of packet being sent. 13 | - ex: A packet using #IP protocol will have headers that contain additional information to the data being sent across the network 14 | - ex of different #headers: 15 | - Time to live: expiration of the packet 16 | - Checksum: integrity checking for protocols like #TCP/IP 17 | - if any data is changed in this header the packet will be considered corrupted 18 | - Source Address: IP address of the source machine 19 | - Destination Address: IP of the dest machine -------------------------------------------------------------------------------- /PNPT/PEH/recon/burp-suite.md: -------------------------------------------------------------------------------- 1 | # Info Gathering w/ Burp Suite 2 | [Burp Suite](../../../cybersecurity/TTPs/delivery/tools/burp-suite.md) is a *web proxy* which means it can intercept web traffic. 3 | ## Firefox Setup 4 | For firefox do the following to setup Burp: 5 | ### Open Firefox 6 | Go to menu --> settings --> general --> Network Settings (at bottom of page) 7 | ### In Network Settings 8 | Set "Manual proxy configuration" with: 9 | - HTTP Proxy: `127.0.0.1` 10 | - check 'Also use this proxy for HTTPS' 11 | ### Visit `https://burp` 12 | In a new tab visit `https://burp`. Accept both check boxes, then hit the `CA Certificate` button. 13 | 14 | This will download a certificate to your `~/Downloads` folder. 15 | ### Back in Firefox 16 | Go to Privacy & Security. Scroll down to 'Certificates' and click 'view certificates'. Then click `Import` and import the cert you just downloaded from Burp -------------------------------------------------------------------------------- /cybersecurity/TTPs/actions-on-objective/exfiltration-infiltration/DNS-spoofing.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS Spoofing/ Cacheing 3 | DNS Spoofing is a technique where the attacker introduces *forged DNS* data into a [DNS](networking/DNS/DNS.md) resolver's cache. The aim is usually to force the resolver to *return an incorrect IP address* for a host-name lookup. This allows an attacker to *divert the traffic* for that hostname to their own malicious machine. 4 | ## Vs. DNS Hijacking 5 | DNS hijacking is very similar to DNS spoofing because the end result is the same: the attacker has managed to *redirect queries* to a different, malicious domain. The difference b/w DNS Spoofing and DNS Hijacking is that the attacker *uses DNS records of the nameserver* rather than the Resolver's cache to poison the information. 6 | 7 | > [!Resources] 8 | > - [Cloudflare: DNS Security](https://www.cloudflare.com/learning/dns/dns-security/) -------------------------------------------------------------------------------- /networking/DNS/NS-record.md: -------------------------------------------------------------------------------- 1 | 2 | # DNS NS Record 3 | The `NS` DNS record indicates which [DNS server](DNS.md) is the *authoritative nameserver* for that domain. The Authoritative Nameserver is the one which *contains the actural DNS record* for the domain (which maps the domain *to an [IP address](../../PNPT/PEH/networking/IP-addresses.md)*). 4 | 5 | This tells you *where to go* to find the domain's IP address. Domains *can have multiple NS records* which indicate *primary and secondary* nameservers for the domain. If the `NS` record isn't configured correctly, then users won't be able to load the domain's webpage (for example) 6 | ## NS Record Format: 7 | ![](../networking-pics/NS-record-1.png) 8 | **NOTE**: NS records *cannot point to [CNAME](CNAME.md) records*. 9 | 10 | > [!Resources] 11 | > - [CloudFlare: DNS NS record](https://www.cloudflare.com/learning/dns/dns-records/dns-ns-record/) 12 | 13 | -------------------------------------------------------------------------------- /networking/protocols/MDNS.md: -------------------------------------------------------------------------------- 1 | 2 | # Multicast DNS 3 | A protocol which helps with name resolution w/i a network. 4 | ## Mechanism 5 | Instead of querying a name server, it multicasts queries to *all clients on the network.* 6 | ### Multicasting: 7 | In multicasting an individual message is aimed at a group of recipients. When a successful connection is made, all participants in the group are informed of the connection and the resolved [IP address](networking/OSI/IP-addresses.md) so a corresponding entry can be made in their *mDNS cache*. 8 | 9 | > [!Resources] 10 | > - [Hacking Articles: Detailed Guide to Responder](https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/) 11 | 12 | > [!Related] 13 | > - Tools: [Responder](../../cybersecurity/TTPs/exploitation/tools/responder.md) 14 | > - TTPs: [DNS poisoning](cybersecurity/TTPs/exploitation/injection/DNS-poisoning.md) 15 | 16 | -------------------------------------------------------------------------------- /cybersecurity/resources/WSTG/map-app-architecture.md: -------------------------------------------------------------------------------- 1 | 2 | # WSTG-INFO-10:Map Application Architecture 3 | The objective of this step in the WSTG framework is to *understand the architecture* of the applications and services in use. Understanding the infrastructure allows you to effectively test the application. 4 | 5 | ## Application Components 6 | ### Web Server 7 | Applications may run on one, or multiple servers. The server being used can be identified via [WSTG-INFO-02](cybersecurity/resources/WSTG/fingerprint-web-server.md) (Web Server Fingerprinting) 8 | 9 | 10 | > [!Resources] 11 | > - [WSTG-INFO-10](https://github.com/OWASP/wstg/blob/master/document/4-Web_Application_Security_Testing/01-Information_Gathering/10-Map_Application_Architecture.md) 12 | > - [WSTG-INFO-02](https://github.com/OWASP/wstg/blob/master/document/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/web-shell.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - web shell 4 | - webshell 5 | --- 6 | # Web Shells 7 | Web shells are malicious scripts written in web-languages like [PHP](/coding/languages/PHP.md) and [JavaScript](/coding/languages/JS.md) which allows the attacker to *maintain access/ [persistence](/cybersecurity/TTPs/persistence) on a target device. 8 | 9 | Web shells normally have a *simplistic file format* w/ extensions that are *difficult to detect* (`.php`, `.asp`, `.jsp`, etc.). This results in them being automatically *classified as benign* by the target. 10 | 11 | > [!Resources] 12 | > - [TryHackMe: Cyber Kill Chain](https://tryhackme.com/room/cyberkillchainzmt) 13 | > - [Lockheed Martin: Cyber Kill Chain](https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html) 14 | > - [Technical Aspects of Cyber Kill Chain](https://arxiv.org/pdf/1606.03184.pdf) Yadav, Mallari (2016) 15 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/directory-enumeration.md: -------------------------------------------------------------------------------- 1 | 2 | # Directory Busting/ Enumeration 3 | Directory busting is a TTP in which the endpoints of a website are enumerated by trying a bunch of different words (usually from a wordlist), appending them to a URL, and attempting to visit them and see what status code/ information they might return. 4 | 5 | There are multiple tools which can be used to accomplish this. Some of which do a *recursive search* ([feroxbuster](tools/dir-and-subdomain/feroxbuster.md), [dirb](tools/dir-and-subdomain/dirb.md)) while others do non-recursive searching ([ffuf](tools/dir-and-subdomain/ffuf.md), [gobuster](tools/dir-and-subdomain/gobuster.md)). 6 | 7 | > [!Related tools] 8 | > - [gobuster](tools/dir-and-subdomain/gobuster.md) 9 | > - [feroxbuster](tools/dir-and-subdomain/feroxbuster.md) 10 | > - [ffuf](tools/dir-and-subdomain/ffuf.md) 11 | > - [gobuster](tools/dir-and-subdomain/gobuster.md) 12 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/persistence/connect-back.md: -------------------------------------------------------------------------------- 1 | 2 | # Connect-Back Persistence Technique 3 | This technique is used by attackers to *get around [firewalls](/cybersecurity/defense/firewalls.md)* and establish persistence on a target. It also allows them to connect a target *back to their C2* via outgoing connections since these are *rarely blocked by firewalls*. 4 | ## Approaches 5 | ### Phishing 6 | There are multiple ways an attacker can achieve a connect-back. Some approaches use [phishing emails](/cybersecurity/TTPs/delivery/phishing.md) to trick a target into allowing them through a firewall. 7 | ### [IP Address](/networking/OSI/IP-addresses.md) Attack 8 | They can also "attack public IP addresses found on a server to update their C2 system"(?)(abusix.com) 9 | ## Mitigation 10 | 11 | > [!Resources] 12 | > - [Abusix: How Hackers Access Networks...](https://abusix.com/resources/abuse-desks/how-hackers-access-networks-using-backdoors/) -------------------------------------------------------------------------------- /computers/concepts/cryptography/stream-cipher.md: -------------------------------------------------------------------------------- 1 | 2 | # Stream Cipher 3 | Done one *byte* at a time. The first byte of data is taken and encrypted and stored, then the second byte is encrypted, then stored, and so on. This is *high speed* and low in *hardware complexity*. 4 | ### Challenges 5 | With stream ciphers, you *don't know what data is coming later in the stream*, so it can be difficult to add randomization/ *entropy*. If multiple bytes *are identical* then there will be multiple identical bytes *in the encrypted output* as well. This is not cryptographically secure. 6 | #### Initialization Vector (IV) 7 | Added to the data stream to *introduce randomization*. 8 | ### Use 9 | Stream Ciphers are often used w/ [symmetric encryption](symmetric-encryption.md) because it is low resource/ overhead. 10 | 11 | > [!Resources] 12 | > - [Professor Messer](https://www.youtube.com/watch?v=bEOrdqLB1Io&list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8&index=98) -------------------------------------------------------------------------------- /CLI-tools/linux/tcpdump.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - "`tcpdump`" 4 | --- 5 | 6 | # tcpdump Command 7 | Init. 8 | ## Useful Options 9 | ### List Network interfaces `-D` 10 | ```bash 11 | # tcpdump -D 12 | 1.eth0 [Up, Running, Connected] 13 | 2.tailscale0 [Up, Running, Connected] 14 | 3.any (Pseudo-device that captures on all interfaces) [Up, Running] 15 | 4.lo [Up, Running, Loopback] 16 | 5.docker0 [Up, Disconnected] 17 | 6.bluetooth-monitor (Bluetooth Linux Monitor) [Wireless] 18 | 7.nflog (Linux netfilter log (NFLOG) interface) [none] 19 | 8.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none] 20 | 9.dbus-system (D-Bus system bus) [none] 21 | 10.dbus-session (D-Bus session bus) [none] 22 | ``` 23 | ### Listen for traffic to and from specific `host` 24 | ```bash 25 | tcpdump -i eth0 host 192.168.5.5 26 | ``` 27 | #### Specific port 28 | ```bash 29 | tcpdump -i eth0 host 100.100.100.100 and port udp 53 30 | ``` 31 | ### Packet content `-A` 32 | -------------------------------------------------------------------------------- /CLI-tools/linux/remote/xfreerdp.md: -------------------------------------------------------------------------------- 1 | 2 | # xfreerdp 3 | Init 4 | An X11 [RDP](/networking/protocols/RDP.md) client chish (wtf was I trying to write here?) is part of the FreeRDP project. RDP servers are built into many versions of Windows. 5 | ## Usage 6 | ``` 7 | xfreerdp [file] [options] [/v:server[:port]] 8 | ``` 9 | ### Useful options 10 | #### `/u:` 11 | Set the username to login with: 12 | ```bash 13 | xfreerdp /u: /v: 14 | ``` 15 | If you don't set a username it will default to your own username (ex: "hackpuppy"); 16 | #### `/v:` 17 | Set the IP/ host to login to 18 | #### `/p:` 19 | Set the password 20 | ```bash 21 | xfreerdp /u: /p: /v: 22 | ``` 23 | ## Security 24 | ### Vulnerabilities 25 | #### Administrator username 26 | The *administrator* username may not be protected on a host. RDP sometimes can be accessed w/ the admin username and NO PASSWORD. 27 | 28 | > [!Resources] 29 | > - `man xfreerdp` -------------------------------------------------------------------------------- /networking/DNS/A-record.md: -------------------------------------------------------------------------------- 1 | 2 | # Domain A Records 3 | An A record is what *maps the IP address of the computer hosting a domain to the domain name*. The 'A' stands for 'Address'. The *Name Server* contains the A record which points to the associated [IP address](/networking/OSI/3-network/IP-addresses.md). When a request is made for that IP address (for example, by a client web browser), the request is *directed to the IP address in the A record*. 4 | 5 | A records are specified by [`RFC 1035`](https://www.rfc-editor.org/rfc/rfc1035). 6 | ## Redundancy 7 | Domains can have *multiple A records* to create redundancy. Additionally, *multiple domains can point to one address*. Each domain would have its own A record pointing to that IP address. 8 | 9 | **NOTE:** A record = IPv4, AAAA = IPv6 10 | > [!Resources] 11 | > - [RFC 1035](https://www.rfc-editor.org/rfc/rfc1035) 12 | > - [DNSimple: A Record](https://support.dnsimple.com/articles/a-record/) 13 | 14 | -------------------------------------------------------------------------------- /computers/linux/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - Linux 4 | - linux 5 | --- 6 | 7 | # Linux 8 | All of my notes pertaining to the Linux operating system. 9 | ## Table of Contents 10 | (may not be fully up to date, this is tedious) 11 | - [cli-cheat-sheet](cli-cheat-sheet.md) 12 | - [device-file](file-system/device-file.md) 13 | - [filesystem-hierarchy](file-system/filesystem-hierarchy.md) 14 | - [gcc](gcc.md) 15 | - [gdb](gdb.md) 16 | - [ioctl](ioctl.md) 17 | - [linux-processes](linux-processes.md) 18 | - [NFS](NFS.md) 19 | - [package-managment](package-managment.md) 20 | - [syscalls](syscalls.md) 21 | - [terminal-tty-shell](terminal-tty-shell.md) 22 | - [unix-sockets](unix-sockets.md) 23 | ## Other places mentioned 24 | (not in this directory) 25 | - [linux-recon](../../cybersecurity/TTPs/recon/OS/linux-recon.md) 26 | - [linux-services](../../PNPT/PEH/kali-linux/linux-services.md) 27 | - [linux-filesystem](../../PNPT/PEH/kali-linux/linux-filesystem.md) 28 | -------------------------------------------------------------------------------- /computers/concepts/cryptography/steganography.md: -------------------------------------------------------------------------------- 1 | 2 | # Steganography 3 | Obfuscating information by *hiding it in an image*. Comes from the Greek word for 'concealed writing'. Not *truly* secure b/c the message is there, just not easily visible. 4 | ## Terms 5 | ### Covertext 6 | The container document or file which the secret information is hidden inside. 7 | ## Techniques 8 | ### Network based 9 | Embedding messages in [TCP](../../../networking/protocols/TCP.md) packets. 10 | ### Images 11 | ### Watermarks 12 | For example, printer paper sometimes has barely visible yellow dots printed into it. Usually used to hold information about the printer the document was printed from. 13 | ### Audio & Video 14 | Similar technique to image steganography; information is interlaced within the audio/ video file by digitally modifying it. 15 | 16 | > [!Resources] 17 | > - [Professor Messer](https://www.youtube.com/watch?v=I9WwX3EHdyY&list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8&index=95) -------------------------------------------------------------------------------- /cybersecurity/resources/WSTG/test-network-config.md: -------------------------------------------------------------------------------- 1 | 2 | # WSTG-CONF-01: Test Network Infra. Configuration 3 | Web server infrastructure can be very complex, so it's important to test the security of its configuration. Testing the configuration management infrastructure should include these steps: 4 | - Determine the elements making up the infrastructure 5 | - Review all the elements for known vulnerabilities 6 | - Review administrative tools 7 | - Review the authentication system 8 | - Maintain a list of the defined ports required for the application 9 | 10 | [Mapping the network and application architecture](cybersecurity/resources/WSTG/map-app-architecture.md) should be done first in order to carry out the former list. 11 | 12 | 13 | 14 | 15 | 16 | 17 | > [!Resources] 18 | > - [WSTG GitHub](https://github.com/OWASP/wstg/blob/master/document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/01-Test_Network_Infrastructure_Configuration.md) -------------------------------------------------------------------------------- /networking/DNS/TXT-record.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - "`TXT` record" 4 | - "`TXT` records" 5 | --- 6 | INIT 7 | # DNS TXT Record 8 | TXT records are a type of [DNS](DNS.md) record. They're usually used by domain admins to enter arbitrary text into the DNS system and are stored in the form of *strings with quotation marks*. TXT records were originally intended to store human readable data and notes. However, TXT records can store any type of data as long as it's in a "text string" format (per the [original RFC](https://tools.ietf.org/html/rfc1035)) and is shorter than *256 bytes*. 9 | ## Use 10 | TXT records on a domain are usually used for [email](../email.md) spam prevention and *domain verification*. 11 | 12 | 13 | > [!Resources] 14 | > - [Cloudflare: TXT Records](https://www.cloudflare.com/learning/dns/dns-records/dns-txt-record/) 15 | > - [original RFC](https://tools.ietf.org/html/rfc1035) 16 | 17 | > [!Related] 18 | > - [DNS tunneling](../../OSCP/tunneling/DNS-tunneling.md)l -------------------------------------------------------------------------------- /cybersecurity/TTPs/recon/tools/cloudfox.md: -------------------------------------------------------------------------------- 1 | # Cloudfox 2 | Init. 3 | 4 | Cloudfox is a tool used for *enumerating the attack surface of a cloud-based target* (during [pentesting](/cybersecurity/pen-testing/penetration-testing.md)). Cloudfox is a command line tool which can be deployed to enumerate the following assets on a cloud target: 5 | - AWS account regions 6 | - secrets in EC2 userdata and environment variables 7 | - workloads which have administrative permissions attached to them 8 | - the actions and permissions attached to a principle 9 | - role trusts which are overly permissive or allow cross account assumption 10 | - endpoints/ hostnames/ IPs which can be attacked from an *internal* AND/ OR *external* starting point 11 | - filesystmes which can potentially be mounted from a compromised resource in a VPC 12 | ## Use 13 | 14 | > [!Resources] 15 | > - [Cloudfox GitHub](https://github.com/BishopFox/cloudfox) 16 | > - [Cloudfox documentation](https://bishopfox.com/blog/introducing-cloudfox) 17 | -------------------------------------------------------------------------------- /networking/OSI/2-datalink/multiplexing.md: -------------------------------------------------------------------------------- 1 | 2 | # Multiplexing 3 | A method to combine multiple analog and digital signals into one signal to be transmitted through a shared medium. 4 | - Aim: to share a scarce resource (physical transmission medium) 5 | - Example: multiple phone calls being carried using one wire 6 | 7 | Once multiplexed, the signal is carried across a communication channel like a cable. 8 | - #multiplexing divides the capacity of the communication channel (cable) into several logical channels (one for each message/signal) 9 | - done by a #multiplexer 10 | 11 | ## #demultiplexing: 12 | A process to extract the original channels on the receiving end 13 | - done by a #demultiplexer 14 | 15 | ## #inverse-multiplexing: 16 | The opposite of #multiplexing 17 | - break one stream of data into several streams and transfer them simultaneously over several channels, then recreating the original data stream. 18 | 19 | >[!links] 20 | > [Wikipedia](https://en.wikipedia.org/wiki/Multiplexing) 21 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/c2/tools/cobalt-strike.md: -------------------------------------------------------------------------------- 1 | 2 | # Cobalt Strike 3 | Init. 4 | > "Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named 'Beacon' on the victim machine. Beacon includes a wealth of functionality to the attacker, including, but not limited to command execution, key logging, file transfer, SOCKS proxying, privilege escalation, mimikatz, port scanning and lateral movement. Beacon is in-memory/file-less, in that it consists of stageless or multi-stage shellcode that once loaded by exploiting a vulnerability or executing a shellcode loader, will reflectively load itself into the memory of a process without touching the disk. It supports C2 and staging over HTTP, HTTPS, DNS, SMB named pipes as well as forward and reverse TCP; Beacons can be daisy-chained. Cobalt Strike comes with a toolkit for developing shellcode loaders, called Artifact Kit." 5 | 6 | > [!Resources] 7 | > - [Malpedia: Cobalt Strike](https://malpedia.caad.fkie.fraunhofer.de/details/win.cobalt_strike) -------------------------------------------------------------------------------- /.obsidian/types.json: -------------------------------------------------------------------------------- 1 | { 2 | "types": { 3 | "aliases": "aliases", 4 | "cssclasses": "multitext", 5 | "tags": "tags", 6 | "excalidraw-plugin": "text", 7 | "excalidraw-export-transparent": "checkbox", 8 | "excalidraw-mask": "checkbox", 9 | "excalidraw-export-dark": "checkbox", 10 | "excalidraw-export-padding": "number", 11 | "excalidraw-export-pngscale": "number", 12 | "excalidraw-export-embed-scene": "checkbox", 13 | "excalidraw-link-prefix": "text", 14 | "excalidraw-url-prefix": "text", 15 | "excalidraw-link-brackets": "checkbox", 16 | "excalidraw-onload-script": "text", 17 | "excalidraw-linkbutton-opacity": "number", 18 | "excalidraw-default-mode": "text", 19 | "excalidraw-font": "text", 20 | "excalidraw-font-color": "text", 21 | "excalidraw-border-color": "text", 22 | "excalidraw-css": "text", 23 | "excalidraw-autoexport": "text", 24 | "excalidraw-embeddable-theme": "text", 25 | "excalidraw-open-md": "checkbox" 26 | } 27 | } -------------------------------------------------------------------------------- /CLI-tools/linux/users/who.md: -------------------------------------------------------------------------------- 1 | 2 | # Who command 3 | > The `who` command is provided by the GNU coreutils package, and its primary job is to parse the `/var/log/utmp` file and report its findings. 4 | > 5 | > The `utmp` file logs the current users on the system. It doesn’t necessarily show every process, because not all programs initiate `utmp` logging. In fact, your system may not even have a `utmp` file by default. In that case, `who` falls back upon `/var/log/wtmp`, which records all logins and logouts. 6 | > 7 | > The `wtmp` file format is exactly the same as `utmp`, except that a null user name indicates a logout and the `~` character indicates a system shutdown or reboot. The `wtmp` file is maintained by `login(1)`, `init(1)`, and some versions of `getty(8)`, however, none of these applications _creates_ the file, so if you remove `wtmp`, then record-keeping is deactivated. That alone is good to know: if `wtmp` is missing, you should find out why! 8 | 9 | 10 | > [!Resources] 11 | > - [RedHat](https://www.redhat.com/sysadmin/monitor-users-linux) -------------------------------------------------------------------------------- /networking/OSI/3-network/MTU.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: [MTU, maximum-transmission-unit] 3 | --- 4 | # Maximum Transmission Unit 5 | The largest size #frame or #packet (in bytes) which can be transmitted across a data-link 6 | - Most often used in reference to packet size across an Ethernet connection using #IP (internet protocol) 7 | 8 | ### #packet-fragmentation: 9 | ea device in a network has an MTU size it can receive and transmit. 10 | - The MTU of the next receiving device is determined before the packet is sent 11 | - if the packet is too large, the receiving device cannot accept it so the packet is divided into fragments and sent 12 | - this is called #packet-fragmentation 13 | - fragmentation is bad for performance and adds delay and extra data 14 | - #IPV4 allows for #packet-fragmentation unless the #do-not-fragment-flag is set 15 | - #IPV6 does *NOT* allow fragmentation 16 | - if a packet size exceeds its #MTU it will be dropped 17 | 18 | 19 | >[!links] 20 | >https://www.techtarget.com/searchnetworking/definition/maximum-transmission-unit 21 | -------------------------------------------------------------------------------- /CLI-tools/linux/remote/traceroute.md: -------------------------------------------------------------------------------- 1 | 2 | # Traceroute Command 3 | Used to map the path your request takes to its target machine. On Linux, this command operates over [UDP](/networking/protocols/UDP.md) but can be altered to use something else w/ switches. 4 | 5 | ## Usage: 6 | ``` 7 | traceroute [OPTIONS] 8 | ``` 9 | 10 | ### Useful options: 11 | #### `traceroute -i`: 12 | Specify an interface which traceroute should use to send packets. *Default:* will use the computer's [routing table](/networking/routing/routing-table.md). 13 | 14 | #### `traceroute -T` & `traceroute -I`: 15 | The `-T` flag will let you probe using [TCP](/networking/protocols/TCP.md) SYN packets. 16 | 17 | The `-I` flag will let you use an [ICMP](/networking/protocols/ICMP.md) ([ping](ping.md)) `ECHO_REQUEST` to probe the route. 18 | 19 | ### On Windows: 20 | The equivalent command is `tracert` and it also uses ICMP protocol, similar to `ping`. 21 | 22 | > [!Resources:] 23 | > - [Try Hack Me: Intro to Networking](https://tryhackme.com/room/introtonetworking) 24 | 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/responder.md: -------------------------------------------------------------------------------- 1 | 2 | # Responder CLI Utility: 3 | A CLI utility which can perform [DNS poisoning](/cybersecurity/TTPs/exploitation/injection/DNS-poisoning.md) of multiple protocols. 4 | ## Usage 5 | ![Refer to this (my PNPT notes on Responder)](/PNPT/PEH/active-directory/initial-vectors/responder.md) 6 | ### Configuration 7 | Go to `/usr/share/responder/Responder.conf` 8 | 9 | > [!Resources] 10 | > - [Hacking Articles: Detailed Guide on Responder](https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/) 11 | 12 | > [!Related] 13 | > - PNPT notes: [responder PNPT notes](PNPT/PEH/active-directory/initial-vectors/responder.md), [SMB relay](PNPT/PEH/active-directory/initial-vectors/SMB-relay.md) 14 | > - Protocols: [LLMNR](/networking/protocols/LLMNR.md), [NBT-NS](/networking/protocols/NBT-NS.md), [MDNS](/networking/protocols/MDNS.md) 15 | > - Attacks: [LLMNR-poisoning](PNPT/PEH/active-directory/initial-vectors/LLMNR-poisoning.md) 16 | > - OSCP notes: [cracking-Net-NTLMv2](../../../../OSCP/password-attacks/cracking-Net-NTLMv2.md) -------------------------------------------------------------------------------- /cybersecurity/TTPs/exploitation/tools/searchsploit.md: -------------------------------------------------------------------------------- 1 | 2 | # `searchsploit` CLI Tool: 3 | A command line tool which comes with the [Exploit Database](/cybersecurity/tools/exploit-db.md) repository from Git Lab. Allows you to search your local repo for exploits so they can be used without internet access. 4 | ## Usage 5 | ```bash 6 | searchsploit 7 | Usage: searchsploit [options] term1 [term2] ... [termN] 8 | 9 | ========== 10 | Examples 11 | ========== 12 | searchsploit afd windows local 13 | searchsploit -t oracle windows 14 | searchsploit -p 39446 15 | searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/" 16 | searchsploit -s Apache Struts 2.0.0 17 | searchsploit linux reverse password 18 | searchsploit -j 55555 | jq 19 | searchsploit --cve 2021-44228 20 | 21 | For more examples, see the manual: https://www.exploit-db.com/searchsploit 22 | ``` 23 | 24 | > [!Resources] 25 | > - `man searchsploit` 26 | > - [SearchSploit Manual](https://www.exploit-db.com/searchsploit) 27 | > - [Exploit DB GitLab Repo](https://gitlab.com/exploit-database/exploitdb) 28 | -------------------------------------------------------------------------------- /OSCP/windows-privesc/README.md: -------------------------------------------------------------------------------- 1 | --- 2 | aliases: 3 | - Windows privesc 4 | --- 5 | # Windows PrivEsc Techniques 6 | This file really is just here to make it easier to link Windows Privesc throughout the rest of the notes in this repo/vault. But since you're here, here is a table of contents I guess 7 | ## TOC 8 | - Overview of Windows Security Mechanisms 9 | - [access-tokens](security-mechanisms/access-tokens.md) 10 | - [MIC](security-mechanisms/MIC.md) 11 | - [SID](security-mechanisms/SID.md)s 12 | - [UAC](security-mechanisms/UAC.md) 13 | - [Enumerating for Privesc Opportunities](enumeration/enumeration.md) 14 | - [automated techniques](enumeration/automated-enum.md) 15 | - [powershell-logging](enumeration/powershell-logging.md) 16 | - Finding [sensitive-files](enumeration/sensitive-files.md) 17 | - Exploiting Windows Services for Privesc 18 | - [Windows Services](windows-services/README.md) Overview 19 | - [Service Binary Hijacking](windows-services/hijacking-service-binaries.md) 20 | - [PowerUp.ps1](windows-services/powerUp-ps1.md) 21 | - [DLL Hijacking](windows-services/DLL-hijacking.md) -------------------------------------------------------------------------------- /cybersecurity/defense/incident-response/DFIR.md: -------------------------------------------------------------------------------- 1 | 2 | # Digital Forensics & Incident Response 3 | An acronym which generally encompasses everything to do with [digital forensics](digital-forensics.md) and [incident response](incident-response.md). 4 | ## Pillars 5 | How does a company plan for, prepare for, respond to, mitigate, and recover from an attack on their information technology infrastructure/ assets? 6 | ### DFIR 7 | Actual reactive/ response to an on-going threat as well as forensics during and after the fact. 8 | ### Incident Response Prep 9 | This includes prepatory things like creating an *incident response plan*, assessing *actual risk* to known threats, simulation of an incident. 10 | #### 'Table top' exercise 11 | A mock/ simulation exercise with a company to help establish preparation for real-world possible threats. Used to practice incident response, troubleshoot holes in the current process, etc.. 12 | ### Threat Intelligence 13 | Proactive measures and *threat hunting*, as well as threat modeling, and keeping track of known hacking groups, APTs, new attack TTPs, IOCs, etc. 14 | -------------------------------------------------------------------------------- /computers/concepts/cryptography/symmetric-encryption.md: -------------------------------------------------------------------------------- 1 | 2 | # Symmetric Encryption 3 | With this type of encryption there is *a single key* used to encrypt and decrypt data. Therefor, the algorithm is also called *secret key* or *shared secret* algorithm b/c there is a single key which is needed to decrypt/ encrypt. 4 | ## Disadvantages & Advantages 5 | ### Doesn't scale 6 | Because there is only one key, it can be difficult to use symmetric encryption since the key has to be shared and/ or transported in some way to whoever is decrypting the data. If multiple people are trying to decrypt the same piece of data, how can you safely distribute the key to each of them? 7 | ### Very Fast 8 | W/ symmetric encryption, there is less overhead (than with asymmetric) and less resource drain. 9 | ## Examples of Symmetric Encryption Algorithms: 10 | - [AES](AES.md) 11 | - RC4 12 | - 3DES 13 | 14 | 15 | > [!Resources] 16 | > - [Professor Messer](https://www.youtube.com/watch?v=6uRI4o5EUkI&list=PLG49S3nxzAnkL2ulFS3132mOVKuzzBxA8&index=92) 17 | 18 | > [!Related] 19 | > - [OSCP notes on Encryption](../../../OSCP/password-attacks/README.md) --------------------------------------------------------------------------------