Welcome to the wiki where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF.
Sticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTFs.
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities.
A curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
The Kubenomicon was born of a desire to understand more about Kubernetes from an offensive perspective. I found many great resources to aid in my journey, but I quickly realized.
A network attack aims to access a network without permission, either to steal or alter data. This differs from endpoint, malware, and software vulnerability attacks. Learn about passive vs. active network attacks and more.
The page where you will find each hacking trick/technique/whatever related to CI/CD & Cloud I have learnt in CTFs, real life environments, researching, and reading researches and news.
I have gathered these notes from lots of sources on the internet, such as OSCP guides, enumeration guides and books. If you see any content that you wrote and I haven't credited you, please let me know and I will add it.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Leading source of security tools, hacking tools, cybersecurity and network security. Learn about new tools and updates in one place.
0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database. This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage.
A huge chunk of my personal notes since I started playing CTFs and working as a red teamer. These are living documents and I updated or add to them relatively often.
Global Security Resource. In these times where a new major data breach occurs on a daily basis, it is important for the personal Internet user, corporations, and governments to stay aware of vulnerabilities that may affect their systems. Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale. As new information surfaces, Packet Storm releases everything immediately through it's RSS feeds, Twitter, and Facebook. The site is referenced in over a hundred books and has a history of being spotlighted in the news.
exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.