Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/wwwroot/lib/functions.php on line 286

Warning: file_get_contents(https://ghapi.huchen.dev/repositories?since=daily): failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/wwwroot/lib/functions.php on line 286
PENTESTING-BIBLE - Readme

Recent Trend

rotate
Create recursive image rotation animations
Keiko-Corp
HTML challenge for Hacktoberfest 2020
framework

cortex
A horizontally scalable, highly available, multi-tenant, long term Prometheus.
trojan-go
Go实现的Trojan代理,支持多路复用/路由功能/CDN中转/Shadowsocks混淆插件,多平台,无依赖。A Trojan proxy written in Go. An unidentifiable mechanism that helps you bypass GFW. https://p4gefau1t.github.io/trojan-go/
DataStructures-Algorithms
The best library for implementation of all Data Structures and Algorithms - Trees + Graph Algorithms too!
mlbook
Repository for the free online book Machine Learning from Scratch (link below!)
EssayKiller_V2
基于开源GPT2.0的初代创作型人工智能 | 可扩展、可进化
hetty
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and
fission
Fast and Simple Serverless Functions for Kubernetes
Few-Shot-Patch-Based-Training
The official implementation of our SIGGRAPH 2020 paper Interactive Video Stylization Using Few-Shot Patch-Based Training
raspi3-tutorial
Bare metal Raspberry Pi 3 tutorials
DS-Algo-Point
This repository contains codes for various data structures and algorithms in C, C++, Java, Python.
chibicc
A small C compiler
awesome-for-beginners
A list of awesome beginners-friendly projects.
first-contributions
?✨ Help beginners to contribute to open source projects
ajour
A World of Warcraft addon manager written in Rust.
open-project-1
Unity Open Project #1: Action-adventure
CPP
Repository for C++/C codes and algos.Star the repo too.
PySyft
A library for answering questions using data you cannot see
zhaopp
一个Google Drive搜索引擎 https://zhao.pp.ua/
imaginaire
NVIDIA PyTorch GAN library with distributed and mixed precision support
datasets
? Fast, efficient, open-access datasets and evaluation metrics for Natural Language Processing and more in PyTorch, TensorFlow, NumPy and Pandas
proshop_mern
Shopping cart built with MERN & Redux
puma
A Ruby/Rack web server built for concurrency
kubebuilder
Kubebuilder - SDK for building Kubernetes APIs using CRDs
csharplang
The official repo for the design of the C# programming language
DevUtils-app
Developer Utilities for macOS
elsa
❄️ Elsa is a minimal, fast and secure runtime for Javascript and Typescript written in Go
Flutter-AI-Rubik-cube-Solver
Flutter-Python rubiks cube solver.
jukebox
Code for the paper "Jukebox: A Generative Model for Music"
azure-cli
Azure Command-Line Interface
terraform-aws-vpc
Terraform module which creates VPC resources on AWS
MEDUZA
A more or less universal SSL unpinning tool for iOS
vuetify
? Material Component Framework for Vue
scripts
京东薅羊毛工具(活动入口:京东app->我的->游戏与互动->查看更多)讨论组:https://t.me/JD_fruit_pet
kubeedge
Kubernetes Native Edge Computing Framework (project under CNCF)
hacktoberfest-swag-list
Multiple companies give out swag for Hacktoberfest, and this repo tries to list them all.
visx
? visx | visualization components
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
winget-cli
Windows Package Manager CLI (aka winget)
ts-sql
A SQL database implemented purely in TypeScript type annotations.
azure-sdk-for-js
This repository is for active development of the Azure SDK for JavaScript (NodeJS & Browser). For consumers of the SDK we recommend visiting our public developer docs at https://docs.microsoft.com/en-
cool-retro-term
A good looking terminal emulator which mimics the old cathode display...
rocketmq
Mirror of Apache RocketMQ
Hippy
A cross platform framework designed for Web developer. Introduction video - https://v.qq.com/x/page/i3038urj2mt.html
Tinyhttpd
Tinyhttpd 是J. David Blackstone在1999年写的一个不到 500 行的超轻量型 Http Server,用来学习非常不错,可以帮助我们真正理解服务器程序的本质。官网:http://tinyhttpd.sourceforge.net
ta-lib
Python wrapper for TA-Lib (http://ta-lib.org/).
GNNPapers
Must-read papers on graph neural networks (GNN)
Impostor
Impostor - An open source reimplementation of the Among Us Server
Real_Time_Image_Animation
The Project is real time application in opencv using first order model
Windows-10-Sophia-Script
Script to setup Windows 10 LTSC/1903/1909/2004/2009
annotated_research_papers
This repo contains annotated research papers that I found really good and useful
go-diagrams
Create beautiful system diagrams with Go
crochet
Explorations in reactive UI patterns
led
Modern, lightweight and efficient 2D level editor
duf
Disk Usage/Free Utility
Hazel
Hazel Engine
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
send
Simple, private file sharing from the makers of Firefox
windows
V2ray , Trojan, Trojan-go, NaiveProxy, shadowsocksR install tools for windows V2ray,Trojan,Trojan-go, NaiveProxy, shadowsocksR的一键安装工具windows下用(一键科学上网)
silero-models
Silero Models: pre-trained STT models and benchmarks made embarrassingly simple
vue-next
Repo for Vue 3.0 (currently in RC)
FreeCAD
This is the official source code of FreeCAD, a free and opensource multiplatform 3D parametric modeler. Issues are managed on our own bug tracker at https://www.freecadweb.org/tracker
kb
A minimalist knowledge base manager
Mask_RCNN
Mask R-CNN for object detection and instance segmentation on Keras and TensorFlow
mimikatz
A little tool to play with Windows security
vagas-junior-estagio
Empresas que constantemente oferecem vagas para junior e estagiários
material-shell
A modern desktop interface for Linux. Improve your user experience and get rid of the anarchy of traditional desktop workflows. Designed to simplify navigation and reduce the need to manipulate window
dayjs
⏰ Day.js 2KB immutable date library alternative to Moment.js with the same modern API
ML_course
EPFL Machine Learning Course, Fall 2019
create-react-app
Set up a modern web app by running one command.
Background-Matting
Background Matting: The World is Your Green Screen
Kingfisher
A lightweight, pure-Swift library for downloading and caching images from the web.
istio
Connect, secure, control, and observe services.
linux-command
Linux命令大全搜索工具,内容包含Linux命令手册、详解、学习、搜集。https://git.io/linux
generative_inpainting
DeepFill v1/v2 with Contextual Attention and Gated Convolution, CVPR 2018, and ICCV 2019 Oral
yearn-protocol
Yearn solidity smart contracts
pebble
RocksDB/LevelDB inspired key-value database in Go
jazzit
Laughs at your expense
moment
Parse, validate, manipulate, and display dates in javascript.
n8n
Free and open fair-code licensed node based Workflow Automation Tool. Easily automate tasks across different services.
Hero
Elegant transition library for iOS & tvOS
DAIN
Depth-Aware Video Frame Interpolation (CVPR 2019)
eat_tensorflow2_in_30_days
Tensorflow2.0 ?? is delicious, just eat it! ??
tmpmail
✉️ A temporary email right from your terminal
team-comtress-2
Team Fortress 2, but with a lot of fixes, QoL improvements and performance optimizations!
CVE-2020-1472
PoC for Zerologon - all research credits go to Tom Tervoort of Secura
DefinitelyTyped
The repository for high quality TypeScript type definitions.
rails
Ruby on Rails
stats-illustrations
R & stats illustrations by @allison_horst
pytorch-gans
My implementation of various GAN (generative adversarial networks) architectures like vanilla GAN, cGAN, DCGAN, etc.
data-science-interviews
Data science interview questions and answers
sds1

jupyter-text2code
A proof-of-concept jupyter extension which converts english queries into relevant python code
Notebooks
Learn Python for free using open-source notebooks in Hebrew.
jellyfin
The Free Software Media System
BIGTREETECH-SKR-mini-E3
BIGTREETECH SKR-mini-E3 motherboard is a ultra-quiet, low-power, high-quality 3D printing machine control board. It is launched by the 3D printing team of Shenzhen BIGTREE technology co., LTD. This bo
XiaomiADBFastbootTools
A simple tool for managing Xiaomi devices on desktop using ADB and Fastboot
fastmac
Get a MacOS or Linux shell, for free, in around 2 minutes
pipedream
Serverless integration and compute platform. Free for developers.
DeepVision
在我很多项目中用到的CV算法推理框架应用。
dive
A tool for exploring each layer in a docker image
libra
Libra’s mission is to enable a simple global payment system and financial infrastructure that empowers billions of people.
Kalman-and-Bayesian-Filters-in-Python
Kalman Filter book using Jupyter Notebook. Focuses on building intuition and experience, not formal proofs. Includes Kalman filters,extended Kalman filters, unscented Kalman filters, particle filters,
kinto

CVE-2020-1472
Test tool for CVE-2020-1472
leetcode_company_wise_questions
This is a repository containing the list of company wise questions available on leetcode premium
makani
Makani was a project to develop a commercial-scale airborne wind turbine, culminating in a flight test of the Makani M600 off the coast of Norway. All Makani software has now been open-sourced. This r
Fantasy-Premier-League
Creates a .csv file of all players in the English Player League with their respective team and total fantasy points
996.ICU
Repo for counting stars and contributing. Press F to pay respect to glorious developers.
graal
GraalVM: Run Programs Faster Anywhere ?
understand-nodejs
通过源码分析nodejs原理
tensorboard
TensorFlow's Visualization Toolkit
DeepSpeed
DeepSpeed is a deep learning optimization library that makes distributed training easy, efficient, and effective.
Relativty
An open source VR headset with SteamVR supports for $200
guide-rpc-framework
A custom RPC framework implemented by Netty+Kyro+Zookeeper.(一款基于 Netty+Kyro+Zookeeper 实现的自定义 RPC 框架-附详细实现过程和相关教程。)
UTM
Virtual machines for iOS
v2ray-heroku
用于在 Heroku 上部署 V2Ray Websocket,本项目不宜做为长期使用之对策。
learning
Becoming 1% better at data science everyday
wirehole

minecraft-react

mem-doc
This is a document to help with .NET memory analysis and diagnostics.
HarmonyOS
A curated list of awesome things related to HarmonyOS. 华为鸿蒙操作系统。
radar-covid-backend-dp3t-server
DP^3T Radar COVID fork
eiten
Statistical and Algorithmic Investing Strategies for Everyone
radar-covid-backend-verification-server
Radar COVID Verification Service
radar-covid-ios
Native iOS app using DP^3T iOS sdk to handle Exposure Notification framework from Apple
radar-covid-android
Native Android app using DP^3T Android sdk to handle Exposure Notifications API from Google
react-challenge-amazon-clone

solana
Web-Scale Blockchain for fast, secure, scalable, decentralized apps and marketplaces.
cockroach
CockroachDB - the open source, cloud-native distributed SQL database.
machine-learning-for-trading
Code and resources for Machine Learning for Algorithmic Trading, 2nd edition.
hwp.js
Open source hwp viewer and parser library powered by web technology
awesome-react
A collection of awesome things regarding React ecosystem
connectedhomeip
Project Connected Home over IP is a new Working Group within the Zigbee Alliance. This Working Group plans to develop and promote the adoption of a new connectivity standard to increase compatibility
Yolo-Fastest
⚡ Yolo universal target detection model combined with EfficientNet-lite, the calculation amount is only 230Mflops(0.23Bflops), and the model size is 1.3MB
laravel
A PHP framework for web artisans
onnxruntime
ONNX Runtime: cross-platform, high performance ML inferencing and training accelerator
cim
?cim(cross IM) 适用于开发者的分布式即时通讯系统
ESP32-WiFi-Hash-Monster
WiFi Hash Purple Monster, store EAPOL & PMKID packets in an SD CARD using a M5STACK / ESP32 device
react-portfolio

Algorithms
A collection of algorithms and data structures
frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
funNLP
中英文敏感词、语言检测、中外手机/电话归属地/运营商查询、名字推断性别、手机号抽取、身份证抽取、邮箱抽取、中日文人名库、中文缩写库、拆字词典、词汇情感值、停用词、反动词表、暴恐词表、繁简体转换、英文模拟中文发音、汪峰歌词生成器、职业名称词库、同义词库、反义词库、否定词库、汽车品牌词库、汽车零件词库、连续英文切割、各种中文词向量、公司名字大全、古诗词库、IT词库、财经词库、成语词库、地名词库、历史名
GRAT2
We developed GRAT2 Command & Control (C2) project for learning purpose.
DescomplicandoKubernetes

aes-finder
Utility to find AES keys in running processes
mml-book.github.io
Companion webpage to the book "Mathematics For Machine Learning"
ultimate-python
Ultimate Python study guide for newcomers and professionals alike. ? ? ?
sushiswap-frontend

pytorch-lightning
The lightweight PyTorch wrapper for high-performance AI research. Scale your models, not the boilerplate.
awesome-flutter
An awesome list that curates the best Flutter libraries, tools, tutorials, articles and more.
Interview_Question_for_Beginner
? ? Technical-Interview guidelines written for those who started studying programming. I wish you all the best. ?
free

talk
A group video call for the web. No signups. No downloads.
bitcoin
Bitcoin Core integration/staging tree
eleventy-high-performance-blog
A high performance blog template for the 11ty static site generator.
awesome-project-ideas
Curated list of Machine Learning, NLP, Vision, Recommender Systems Project Ideas
ghcide
A library for building Haskell IDE tooling
moon
? The minimal & fast library for functional user interfaces
jdk
JDK main-line development
Tasmota
Alternative firmware for ESP8266 with easy configuration using webUI, OTA updates, automation using timers or rules, expandability and entirely local control over MQTT, HTTP, Serial or KNX. Full docum
Server
PanDownload的个人维护版本
a32nx
The A32NX Project is a community driven open source project to create a free Airbus A320neo in Microsoft Flight Simulator that is as close to reality as possible. It aims to enhance the default A320ne
keras
Deep Learning for humans
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
data-engineer-roadmap
Roadmap to becoming a data engineer in 2020
hivemind
Decentralized deep learning framework in pytorch. Built to train models on thousands of volunteers across the world.
scipio
Scipio is a thread-per-core framework that aims to make the task of writing highly parallel asynchronous application in a thread-per-core architecture easier for rustaceans
hoppscotch
? A free, fast and beautiful API request builder used by 75k+ developers. https://hoppscotch.io
Wav2Lip
This repository contains the codes of "A Lip Sync Expert Is All You Need for Speech to Lip Generation In the Wild", published at ACM Multimedia 2020.
KingOfBugBountyTips

autoscraper
A Smart, Automatic, Fast and Lightweight Web Scraper for Python
100-nlp-papers
100 Must-Read NLP Papers
croc
Easily and securely send things from one computer to another ? ?
spark-nlp
State of the Art Natural Language Processing
display-switch
Turn a $30 USB switch into a full-featured multi-monitor KVM switch
surpriver
Find big moving stocks before they move using machine learning and anomaly detection
flink-learning
flink learning blog. http://www.flink-learning.com 含 Flink 入门、概念、原理、实战、性能调优、源码解析等内容。涉及 Flink Connector、Metrics、Library、DataStream API、Table API & SQL 等内容的学习案例,还有 Flink 落地应用的大型项目案例(PVUV、日志存储、百亿数据实时去重、监
deeplearning-models
A collection of various deep learning architectures, models, and tips
fes.js
Fes.js 是一个管理台应用解决方案,提供初始项目、开发调试、编译打包的命令行工具,内置布局、权限、数据字典、状态管理、Api等多个模块,文件目录结构即路由,用户只需要编写页面内容。基于Vue.js,内置管理台常用能力,让用户写的更少,更简单。经过多个项目中打磨,趋于稳定。
stitches
The modern styling library. Near-zero runtime, server-side rendering, multi-variant support, and best-in-class developer experience.
18S191
Course 18.S191 at MIT, fall 2020 - Introduction to computational thinking with Julia
grafana
The tool for beautiful monitoring and metric analytics & dashboards for Graphite, InfluxDB & Prometheus & More
fortify

jetstream

scikit-learn-tips
?⚡ Daily scikit-learn tips
12306
12306智能刷票,订票
desafio-6-2020

30-seconds-of-code
Short JavaScript code snippets for all your development needs
gdal
GDAL is an open source X/MIT licensed translator library for raster and vector geospatial data formats.
toBeTopJavaer
To Be Top Javaer - Java工程师成神之路
companies-sponsoring-visas
A list of companies that sponsor employees from other countries.
howtheytest
A collection of public resources about how software companies test their software
bicep

htop
htop - an interactive process viewer
portainer
Making Docker management easy.
gorm
The fantastic ORM library for Golang, aims to be developer friendly
SuperPower
Here you should find the best power supplies for your low-power projects
CompEcon2020
Computational Economics Course 2020 by Kenneth Judd
vimac
Vimium for macOS.
Windows10Debloater
Script to remove Windows 10 bloatware.
HowToHunt
Some Tutorials and Things to Do while Hunting That Vulnerability.
Hack-Tools
The all-in-one Red Team extension for Web Pentester ?
KingOfBugBountyTips

Showkase
? Showkase is an annotation-processor based Android library that helps you organize, discover, search and visualize Jetpack Compose UI elements
webrtc-for-the-curious
WebRTC for the Curious: Go beyond the APIs
matplotplusplus
Matplot++: A C++ Graphics Library for Data Visualization ??
Flutter-Course-Resources
Learn to Code While Building Apps - The Complete Flutter Development Bootcamp
flutter-development-roadmap
Flutter App Developer Roadmap - A complete roadmap to learn Flutter App Development. I tried to learn flutter using this roadmap. If you want to add something please contribute to the project. Happy L
objax

sushiswap
? SushiSwap smart contracts
Cloudreve
?支持多家云存储的云盘系统 (A project helps you build your own cloud in minutes)
learn-python
? Playground and cheatsheet for learning Python. Collection of Python scripts that are split by topics and contain code examples with explanations.
Python-programming-exercises
100+ Python challenging programming exercises
learn-python3
Jupyter notebooks for teaching/learning Python 3
vscode-debug-visualizer
An extension for VS Code that visualizes data during debugging.
rapier
2D and 3D physics engines focused on performances.
project-guidelines
A set of best practices for JavaScript projects
d3
Bring data to life with SVG, Canvas and HTML. ???
OpenBot
OpenBot leverages smartphones as brains for low-cost robots. We have designed a small electric vehicle that costs about $50 and serves as a robot body. Our software stack for Android smartphones suppo
speakeasy
Windows kernel and user mode emulation.
Learn-Vim
A book for learning the Vim editor
maratona-fullcycle-4

arwes
Futuristic Sci-Fi and Cyberpunk Graphical User Interface Framework for Web Apps
gitignore
A collection of useful .gitignore templates
black
The uncompromising Python code formatter
airflow
Apache Airflow - A platform to programmatically author, schedule, and monitor workflows
shift-ctrl-f
? Search the information available on a webpage using natural language instead of an exact string match.
traefik
The Cloud Native Edge Router
TecoGAN
This repo will contain source code and materials for the TecoGAN project, i.e. code for a TEmporally COherent GAN
present
A terminal-based presentation tool with colors and effects.
gitpod
Gitpod is an open-source Kubernetes application providing prebuilt, collaborative development environments in your browser - powered by VS Code.
compose-samples

react-native-navigation
A complete native navigation solution for React Native
kubernetes-examples
Minimal self-contained examples of standard Kubernetes features and patterns in YAML
vscode
Visual Studio Code
cpp-httplib
A C++ header-only HTTP/HTTPS server and client library
AWS-SAA-C02-Course
Personal notes for SAA-C02 test from: https://learn.cantrill.io
clean-architecture-swiftui
A demo project showcasing the production setup of the SwiftUI app with Clean Architecture
Gooey
Turn (almost) any Python command line program into a full GUI application with one line
baiduwp-php
PanDownload网页复刻版
latexify_py
Generates LaTeX math description from Python functions.
open-source-cs-python

RAFT

volt-bootstrap-5-dashboard
⚡️ Volt Bootstrap 5 Admin Dashboard Template with vanilla Javascript
itlwm
Intel Wi-Fi Drivers
packer
Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
open-source-cs
Video discussing this curriculum:
nsfw-filter
A Google Chrome / Firefox extension that blocks NSFW images from the web pages that you load using TensorFlow JS.
sudoku-solver
Smart solution to solve sudoku in VR
desafio-4-2020

msfs-a320neo

mit-15-003-data-science-tools
Study guides for MIT's 15.003 Data Science Tools
CascadeTabNet
This repository contains the code and implementation details of the CascadeTabNet paper "CascadeTabNet: An approach for end to end table detection and structure recognition from image-based documents"
certified-kubernetes-administrator-course
Certified Kubernetes Administrator - CKA Course
everyones-guide-for-starting-up-on-wechat-network
微信互联网平民创业
manim
Animation engine for explanatory math videos
CS-Notes
我的自学笔记,在学习shell和MLSys,整理C++、算法、操作系统,后续学习分布式系统,终身更新。
egua
? Linguagem de programação simples e moderna em português
talent-plan
open source training courses about distributed database and distributed systemes
godot
Godot Engine – Multi-platform 2D and 3D game engine
desafio-3-2020

optuna
A hyperparameter optimization framework
Ventoy
A new bootable USB solution.
Alt-F4
Alternative Factorio Friday Fan Facts, also known as Alt-F4
awesome-made-by-brazilians
?? A collection of amazing open source projects built by brazilian developers
zig
General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.
cxx
Safe interop between Rust and C++
lireddit

chakra-ui
⚡️ Simple, Modular & Accessible UI Components for your React Applications
VancedManager
Vanced Installer
react-native-video
A
NYPD-Misconduct-Complaint-Database
This database is a record of NYPD misconduct complaints made by the public to the Civilian Complaint Review Board (CCRB).
awesome-django
A curated list of awesome things related to Django
Front-End-Checklist
? The perfect Front-End Checklist for modern websites and meticulous developers
fet.sh
a fetch written in posix shell without any external commands (linux only)
baiduwp
PanDownload Web, built with CloudFlare Workers
machine-learning-interview
Minimum Viable Study Plan for Machine Learning Interviews from FAAG, Snapchat, LinkedIn.
RSSHub
? Everything is RSSible
metamask-extension
? ? The MetaMask browser extension enables browsing Ethereum blockchain enabled websites
amplify-flutter
Amplify Framework provides a declarative and easy-to-use interface across different categories of cloud operations.
ent
An entity framework for Go
pytorch
Tensors and Dynamic neural networks in Python with strong GPU acceleration
element3
(WIP)fork from ElemeFE/element ,A Vue.js 3.0 UI Toolkit for Web
posthog
? PostHog is developer-friendly, open-source product analytics.
awesome-hpp
A curated list of awesome header-only C++ libraries
fabric
Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. Its modular and versatile design satisfies a broad range of industry use
insight
Repository for Project Insight: NLP as a Service
omatsuri
Browser application with 9 open source frontend focused tools
InfoSpider
INFO-SPIDER 是一个集众多数据源于一身的爬虫工具箱?,旨在安全快捷的帮助用户拿回自己的数据,工具代码开源,流程透明。支持数据源包括GitHub、QQ邮箱、网易邮箱、阿里邮箱、新浪邮箱、Hotmail邮箱、Outlook邮箱、京东、淘宝、支付宝、中国移动、中国联通、中国电信、知乎、哔哩哔哩、网易云音乐、QQ好友、QQ群、生成朋友圈相册、浏览器浏览历史、12306、博客园、CSDN博客、开源
element-plus
A Vue.js 3.0 UI Toolkit for Web
autoscaler
Autoscaling components for Kubernetes
magento2
All Submissions you make to Magento Inc. ("Magento") through GitHub are subject to the following terms and conditions: (1) You grant Magento a perpetual, worldwide, non-exclusive, no charge, royalty f
ts-migrate
A tool to help migrate JavaScript code quickly and conveniently to TypeScript
ar-cutpaste
Cut and paste your surroundings using AR
chinese-programmer-wrong-pronunciation
中国程序员容易发音错误的单词
labs_campaigns

AdGuardHome
Network-wide ads & trackers blocking DNS server
COLA
Clean Object-oriented & Layered Architecture
Godzilla
哥斯拉
diagrams
? Diagram as Code for prototyping cloud system architectures
PaddleDetection
Object detection and instance segmentation toolkit based on PaddlePaddle.
handcalcs
Python library for converting Python calculations into rendered latex.
mern-course-bootcamp
Complete Free Coding Bootcamp 2020 MERN Stack
handwritten.js
Convert typed text to realistic handwriting!
archivy
Archivy is a self-hosted knowledge repository that allows you to safely preserve useful content that contributes to your knowledge bank.
mall-swarm
mall-swarm是一套微服务商城系统,采用了 Spring Cloud Hoxton & Alibaba、Spring Boot 2.3、Oauth2、MyBatis、Docker、Elasticsearch等核心技术,同时提供了基于Vue的管理后台方便快速搭建系统。mall-swarm在电商业务的基础集成了注册中心、配置中心、监控中心、网关等系统功能。文档齐全,附带全套Spring Clou
umami
Umami is a simple, fast, website analytics alternative to Google Analytics.
nl-covid19-notification-app-android
Android sources for the Dutch Covid19 Notification App
contenidos
Material del curso IIC2233 Programación Avanzada ?
locast2plex
A very simple script to connect locast to Plex's live tv/dvr feature.
h1st
H1st AI solves the critical “cold-start” problem of Industrial AI: encoding human expertise to augment the lack of data, while building a smooth transition toward a machine-learning future. This probl
minGPT
A minimal PyTorch re-implementation of the OpenAI GPT (Generative Pretrained Transformer) training
Catch2
A modern, C++-native, header-only, test framework for unit-tests, TDD and BDD - using C++11, C++14, C++17 and later (or C++03 on the Catch1.x branch)
libra
Ergonomic machine learning.
annie
? Fast, simple and clean video downloader
spotMicro
Spot Micro Quadripeg Project
LeetCode-Go
✅ Solutions to LeetCode by Go, 100% test coverage, runtime beats 100% / LeetCode 题解
bootcamp-gostack-desafios
Repositório contendo todos os desafios dos módulos do Bootcamp Gostack
NoVmp
A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
fullcalendar
Full-sized drag & drop event calendar
latexify_py
Generates LaTeX math description from Python functions.
vue-nodejs-youtube-clone
This is the frontend (VueJS) of the Youtube clone called VueTube.
youtube-clone-nodejs-api
VueTube is a YouTube clone built with nodejs, expressjs & mongodb. This is the RESTful API repository.
Behinder
“冰蝎”动态二进制加密网站管理客户端
low-level-design-primer

E-commerce-Complete-Flutter-UI

handson-ml
A series of Jupyter notebooks that walk you through the fundamentals of Machine Learning and Deep Learning in python using Scikit-Learn and TensorFlow.
aws-machine-learning-university-accelerated-tab

aws-machine-learning-university-accelerated-cv

mogollar
A MongoDB UI built with Electron
BespokeSynth
Software modular synth
desafio-1-2020

desafio-1-2020

kosmonaut
A web browser engine for the space age ?
aws-machine-learning-university-accelerated-nlp

fastbook
Draft of the fastai book
Hierarchical-Localization
Visual localization made easy
TypeScript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc p
God-Of-BigData
大数据面试题,大数据成神之路开启...Flink/Spark/Hadoop/Hbase/Hive...
OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and readi
drogon
Drogon: A C++14/17 based HTTP web application framework running on Linux/macOS/Unix/Windows
papercups
Open-source live customer chat
jupyter-book
Build interactive, publication-quality documents from Jupyter Notebooks
awesome-java
Collection of awesome Java project on Github(Github 上非常棒的 Java 开源项目集合).
espflix
A free video streaming service that runs on a ESP32
servo
The Servo Browser Engine
halfmoon
Front-end framework with a built-in dark mode, designed for rapidly building beautiful dashboards and product pages.
eventnative
EventNative is an open-source data collection framework
go-github
Go library for accessing the GitHub API
yam-protocol
A stablizing reserve currency protocol
mmdetection3d
OpenMMLab's next-generation platform for general 3D object detection.
sherlock
? Hunt down social media accounts by username across social networks
computervision-recipes
Best Practices, code samples, and documentation for Computer Vision.
clean-code-javascript
? Clean Code concepts adapted for JavaScript
laravel-admin
Build a full-featured administrative interface in ten minutes
OpenJailbreak
GeoSn0w's OpenJailbreak Project, an open-source iOS 11 to iOS 13 Jailbreak project & vault.
azure-quickstart-templates
Azure Quickstart Templates
nodejs.dev
A new Node.js resource built using Gatsby.js with React.js, TypeScript, Emotion, and Remark.
KOOM
KOOM is an OOM killer on mobile platform by Kwai.
bevy
A refreshingly simple data-driven game engine built in Rust
eat_pytorch_in_20_days
Pytorch?? is delicious, just eat it! ??
datasets
? 2,000,000+ Unsplash images made available for research and machine learning
malwoverview
Malwoverview is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to dow
streisand
Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these serv
LeetCode
LeetCode刷题记录
IntelOwl
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
archive-program
The GitHub Archive Program & Arctic Code Vault
rancher
Complete container management platform
Noctilucent
Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
data-science
? Path to a free self-taught education in Data Science!
FigmaToCode
Generate responsive pages and apps on Tailwind, Flutter and SwiftUI.
twitter-clone

my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
InvoiceNet
Deep neural network to extract intelligent information from invoice documents.
macOS_Big_Sur_icons_replacements
Replacement icons for popular apps in the style of macOS Big Sur
AnimeGANv2
[Open Source]. The improved version of AnimeGAN.
bluezone-app
Bluezone - Bảo vệ mình, bảo vệ cộng đồng
awesome-sysadmin
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
facebook-scripts-dom-manipulation
An open-source project includes many scripts with no Access Token needed for Facebook users by directly manipulating the DOM.
MCinaBox
MCinaBox - A Minecraft Java Edition Launcher on Android
ai-economist
Foundation is a flexible, modular, and composable framework to model socio-economic behaviors and dynamics with both agents and governments. This framework can be used in conjunction with reinforcemen
TikTok-Shares-Botter
Adds TikTok Shares for you.
prefect
The easiest way to automate your data
tuya-convert
A collection of scripts to flash Tuya IoT devices to alternative firmwares
crush
Crush is an attempt to make a command line shell that is also a powerful modern programming language.
pyre-check
Performant type-checking for python.
polkadot
Polkadot Node Implementation
incyber

mesh
Cloud native service mesh for the rest of us.
V2rayU
V2rayU,基于v2ray核心的mac版客户端,用于科学上网,使用swift编写,支持vmess,shadowsocks,socks5等服务协议,支持订阅, 支持二维码,剪贴板导入,手动配置,二维码分享等
TLS-poison

heroicons
A set of free MIT-licensed high-quality SVG icons for UI development.
react-native
A framework for building native apps with React.
gui.cs
Console-based user interface toolkit for .NET applications.
Atlas
Atlas: End-to-End 3D Scene Reconstruction from Posed Images
aws-sdk-go
AWS SDK for the Go programming language.
charts
Curated applications for Kubernetes
pybind11
Seamless operability between C++11 and Python
mediapipe
MediaPipe is the simplest way for researchers and developers to build world-class ML solutions and applications for mobile, edge, cloud and the web.
proffy-discovery
A proposta do projeto é uma aplicação que possa ligar quem deseja aprender, com quer ensinar. É possível encontrar alunos para o que você leciona, ou encontrar o professor para aquela matéria que você
mixer
Add-on for real-time collaboration in Blender.
iOS-DeviceSupport
This repository holds the device support files for the iOS, and I will update it regularly.
simdjson
Parsing gigabytes of JSON per second
amplify-js
A declarative JavaScript library for application development using cloud services.
lottie-ios
An iOS library to natively render After Effects vector animations
Faze4-Robotic-arm
All files for 6 axis robot arm with cycloidal gearboxes .
xiaobaiyang

Javascript
A repository for All algorithms implemented in Javascript (for educational purposes only)
blog-post-workflow
Show your latest blog posts from any sources or StackOverflow activity on your GitHub profile/project readme automatically using the RSS feed
reverse-interview
Questions to ask the company during your interview
expo
An open-source platform for making universal native apps with React. Expo runs on Android, iOS, and the web.
955.WLB
955 不加班的公司名单 - 工作 955,work–life balance (工作与生活的平衡)
A-to-Z-Resources-for-Students
✅ Curated list of resources for college students
TDengine
An open-source big data platform designed and optimized for the Internet of Things (IoT).
django-jazzmin
Jazzy theme for Django
full-stack-fastapi-postgresql
Full stack, modern web application generator. Using FastAPI, PostgreSQL as database, Docker, automatic HTTPS and more.
Reflection_Summary
算法理论基础知识应知应会
Best-websites-a-programmer-should-visit
? Some useful websites for programmers.
bpytop
Linux/OSX/FreeBSD resource monitor
TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
instagrabber
InstaGrabber, the open-source Instagram client for Android. Originally by @AwaisKing.
pe_tree

Powershell-Scripts
Helpful list of powershell scripts I have found/created
drawio
Source to app.diagrams.net
analytics
Simple and privacy-friendly alternative to Google Analytics
pycaret
An open source, low-code machine learning library in Python
Ciphey
Automated decryption tool
Data-Science-Interview-Resources
A repository listing out the potential sources which will help you in preparing for a Data Science/Machine Learning interview. New resources added frequently.
ps4-ipv6-uaf

UNSAM_2020c2_Python
Curso de programación en Python - 2do cuatrimestre 2020 - UNSAM
gpu.js
GPU Accelerated JavaScript
how-to-secure-anything
How to systematically secure anything: a repository about security engineering
paperview
A high performance X11 animated wallpaper setter
core
? JAVClub - 让你的大姐姐不再走丢
home-cloud
The "cloud" at home
haoel.github.io

InstaPy
? Instagram Bot - Tool for automated Instagram interactions
bat
A cat(1) clone with wings.
DeOldify
A Deep Learning based project for colorizing and restoring old images (and video!)
educative.io_courses
this is downloadings of all educative.io free student subscription courses as pdf from GitHub student pack
rustlings
? Small exercises to get you used to reading and writing Rust code!
trackerslist
Updated list of public BitTorrent trackers
Statistical-Learning-Method_Code
手写实现李航《统计学习方法》书中全部算法
mobile
React Native client application for COVID Shield on iOS and Android
binary_search
A collection of improved binary search algorithms.
mirai

TapTap
Port of the double tap on back of device feature from Android 11 to any armv8 Android device
complete-javascript-course
Starter files, final projects and FAQ for my Complete JavaScript course
icons
Official open source SVG icon library for Bootstrap.
oneflow
OneFlow is a performance-centered and open-source deep learning framework.
ml-engineer-roadmap
WIP: Roadmap to becoming a machine learning engineer in 2020
hvmi
Hypervisor Memory Introspection Core Library
fhe-toolkit-linux
IBM Fully Homomorphic Encryption Toolkit For Linux
teenyicons
Tiny minimal 1px icons designed to fit in the smallest places.
project-citadel
An open source project management tool with Kanban boards
covid-alert-app
Exposure notification client application / Application client de notification d'exposition
ChromeAppHeroes
?谷粒-Chrome插件英雄榜, 为优秀的Chrome插件写一本中文说明书, 让Chrome插件英雄们造福人类~ ChromePluginHeroes, Write a Chinese manual for the excellent Chrome plugin, let the Chrome plugin heroes benefit the human~ 公众号「0加1」同步更新
SSPanel-Uim
SSPanel V3 魔改再次修改版
UnusualVolumeDetector
Gets the last 5 months of volume history for every ticker, and alerts you when a stock's volume exceeds 10 standard deviations from the mean within the last 3 days
formik
Build forms in React, without the tears ?
learn-cantrill-io-labs
Standard and Advanced Demos for learn.cantrill.io courses
TransCoder
Public release of the TransCoder research project https://arxiv.org/pdf/2006.03511.pdf
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
CtCI-6th-Edition
Cracking the Coding Interview 6th Ed. Solutions
windows95
?? Windows 95 in Electron. Runs on macOS, Linux, and Windows.
SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
interviews
Everything you need to know to get the job.
Android-Analysis
Getting Genymotion & Burpsuite setup for Android Mobile App Analysis
detext
DeText: A Deep Neural Text Understanding Framework for Ranking and Classification Tasks
awesome-java
A curated list of awesome frameworks, libraries and software for the Java programming language.
workflow

tye
Tye is a tool that makes developing, testing, and deploying microservices and distributed applications easier. Project Tye includes a local orchestrator to make developing microservices easier and the
java-design-patterns
Design patterns implemented in Java
java8-tutorial
Modern Java - A Guide to Java 8
generator-jhipster
JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures.
stayaway-app
Official repository for the STAYAWAY COVID mobile application
api-guidelines
Microsoft REST API Guidelines
win10script
This is the Ultimate Windows 10 Script from a creation from multiple debloat scripts and gists from github.
tutorials
Just Announced - "Learn Spring Security OAuth":
Otto
Otto makes machine learning an intuitive, natural language experience.? Facebook AI Challenge winner
first-order-model
This repository contains the source code for the paper First Order Motion Model for Image Animation
laravel-best-practices
Laravel best practices
hiring-without-whiteboards
⭐️ Companies that don't have a broken hiring process
PyTorch_YOLOv4
PyTorch implementation of YOLOv4
macintosh.js
A virtual Apple Macintosh with System 8, running in Electron. I'm sorry.
QuickCut
Your most handy video processing software
Super-mario-bros-PPO-pytorch
Proximal Policy Optimization (PPO) algorithm for Super Mario Bros
arrow
Apache Arrow is a cross-language development platform for in-memory data. It specifies a standardized language-independent columnar memory format for flat and hierarchical data, organized for efficien
swift
The Swift Programming Language
flutter
Flutter makes it easy and fast to build beautiful apps for mobile and beyond.
pikvm
Open and cheap DIY IP-KVM based on Raspberry Pi
ILSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
aluraflix
⚛️ Projeto feito durante a Imersão React da Alura
starship
☄?️ The minimal, blazing-fast, and infinitely customizable prompt for any shell!
leonsans
Leon Sans is a geometric sans-serif typeface made with code in 2019 by Jongmin Kim.
MCVmComputers
Order computer parts from a satellite orbiting around your minecraft world and build actual working computers with them!

PENTESTING-BIBLE

LINK
Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetra

PENTESTING-BIBLE

hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.

ALMOST 2000 LINKS.

ALMOST 2000 PDF FILES ABOUT DIFFERENT FIELDS OF HACKING .

note:most of the pdf files is different than the links which means there is now almost 4000 links & pdf files.

Support.

Donate via Paypal:

Paypal: Donate via Paypal

-1- 3 Ways Extract Password Hashes from NTDS.dit:

https://www.hackingarticles.in/3-ways-extract-password-hashes-from-ntds-dit

-2- 3 ways to Capture HTTP Password in Network PC:

https://www.hackingarticles.in/3-ways-to-capture-http-password-in-network-pc/

-3- 3 Ways to Crack Wifi using Pyrit,oclHashcat and Cowpatty:

www.hackingarticles.in/3-ways-crack-wifi-using-pyrit-oclhashcat-cowpatty/

-4-BugBounty @ Linkedln-How I was able to bypass Open Redirection Protection:

https://medium.com/p/2e143eb36941

-5-BugBounty — “Let me reset your password and login into your account “-How I was able to Compromise any User Account via Reset Password Functionality:

https://medium.com/p/a11bb5f863b3/share/twitter

-6-“Journey from LFI to RCE!!!”-How I was able to get the same in one of the India’s popular property buy/sell company:

https://medium.com/p/a69afe5a0899

-7-BugBounty — “I don’t need your current password to login into your account” - How could I completely takeover any user’s account in an online classi ed ads company:

https://medium.com/p/e51a945b083d

-8-BugBounty — “How I was able to shop for free!”- Payment Price Manipulation:

https://medium.com/p/b29355a8e68e

-9-Recon — my way:

https://medium.com/p/82b7e5f62e21

-10-Reconnaissance: a eulogy in three acts:

https://medium.com/p/7840824b9ef2

-11-Red-Teaming-Toolkit:

https://github.com/infosecn1nja/Red-Teaming-Toolkit

-12-Red Team Tips:

https://vincentyiu.co.uk/

-13-Shellcode: A reverse shell for Linux in C with support for TLS/SSL:

https://modexp.wordpress.com/2019/04/24/glibc-shellcode/

-14-Shellcode: Encrypting traffic:

https://modexp.wordpress.com/2018/08/17/shellcode-encrypting-traffic/

-15-Penetration Testing of an FTP Server:

https://medium.com/p/19afe538be4b

-16-Reverse Engineering of the Anubis Malware — Part 1:

https://medium.com/p/741e12f5a6bd

-17-Privilege Escalation on Linux with Live examples:

https://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/

-18-Pentesting Cheatsheets:

https://ired.team/offensive-security-experiments/offensive-security-cheetsheets

-19-Powershell Payload Delivery via DNS using Invoke-PowerCloud:

https://ired.team/offensive-security-experiments/payload-delivery-via-dns-using-invoke-powercloud

-20-SMART GOOGLE SEARCH QUERIES TO FIND VULNERABLE SITES – LIST OF 4500+ GOOGLE DORKS:

https://sguru.org/ghdb-download-list-4500-google-dorks-free/

-21-SQL Injection Cheat Sheet:

https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

-22-SQLmap’s os-shell + Backdooring website with Weevely:

https://medium.com/p/8cb6dcf17fa4

-23-SQLMap Tamper Scripts (SQL Injection and WAF bypass) Tips:

https://medium.com/p/c5a3f5764cb3

-24-Top 10 Essential NMAP Scripts for Web App Hacking:

https://medium.com/p/c7829ff5ab7

-25-BugBounty — How I was able to download the Source Code of India’s Largest Telecom Service Provider including dozens of more popular websites!:

https://medium.com/p/52cf5c5640a1

-26-Re ected XSS Bypass Filter:

https://medium.com/p/de41d35239a3

-27-XSS Payloads, getting past alert(1):

https://medium.com/p/217ab6c6ead7

-28-XS-Searching Google’s bug tracker to find out vulnerable source code Or how side-channel timing attacks aren’t that impractical:

https://medium.com/p/50d8135b7549

-29-Web Application Firewall (WAF) Evasion Techniques:

https://medium.com/@themiddleblue/web-application-firewall-waf-evasion-techniques

-30-OSINT Resources for 2019:

https://medium.com/p/b15d55187c3f

-31-The OSINT Toolkit:

https://medium.com/p/3b9233d1cdf9

-32-OSINT : Chasing Malware + C&C Servers:

https://medium.com/p/3c893dc1e8cb

-33-OSINT tool for visualizing relationships between domains, IPs and email addresses:

https://medium.com/p/94377aa1f20a

-34-From OSINT to Internal – Gaining Access from outside the perimeter:

https://www.n00py.io/.../from-osint-to-internal-gaining-access-from-the-outside-the-perimeter

-35-Week in OSINT #2018–35:

https://medium.com/p/b2ab1765157b

-36-Week in OSINT #2019–14:

https://medium.com/p/df83f5b334b4

-37-Instagram OSINT | What A Nice Picture:

https://medium.com/p/8f4c7edfbcc6

-38-awesome-osint:

https://github.com/jivoi/awesome-osint

-39-OSINT_Team_Links:

https://github.com/IVMachiavelli/OSINT_Team_Links

-40-Open-Source Intelligence (OSINT) Reconnaissance:

https://medium.com/p/75edd7f7dada

-41-Hacking Cryptocurrency Miners with OSINT Techniques:

https://medium.com/p/677bbb3e0157

-42-A penetration tester’s guide to sub- domain enumeration:

https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6?gi=f44ec9d8f4b5

-43-Packages that actively seeks vulnerable exploits in the wild. More of an umbrella group for similar packages:

https://blackarch.org/recon.html

-44-What tools I use for my recon during BugBounty:

https://medium.com/p/ec25f7f12e6d

-45-Command and Control – DNS:

https://pentestlab.blog/2017/09/06/command-and-control-dns/

-46-Command and Control – WebDAV:

https://pentestlab.blog/2017/09/12/command-and-control-webdav/

-47-Command and Control – Twitter:

https://pentestlab.blog/2017/09/26/command-and-control-twitter/

-48-Command and Control – Kernel:

https://pentestlab.blog/2017/10/02/command-and-control-kernel/

-49-Source code disclosure via exposed .git folder:

https://pentester.land/tutorials/.../source-code-disclosure-via-exposed-git-folder.html

-50-Pentesting Cheatsheet:

https://hausec.com/pentesting-cheatsheet/

-51-Windows Userland Persistence Fundamentals:

https://www.fuzzysecurity.com/tutorials/19.html

-52-A technique that a lot of SQL injection beginners don’t know | Atmanand Nagpure write-up:

https://medium.com/p/abdc7c269dd5

-53-awesome-bug-bounty:

https://github.com/djadmin/awesome-bug-bounty

-54-dostoevsky-pentest-notes:

https://github.com/dostoevskylabs/dostoevsky-pentest-notes

-55-awesome-pentest:

https://github.com/enaqx/awesome-pentest

-56-awesome-windows-exploitation:

https://github.com/enddo/awesome-windows-exploitation

-57-awesome-exploit-development:

https://github.com/FabioBaroni/awesome-exploit-development

-58-BurpSuit + SqlMap = One Love:

https://medium.com/p/64451eb7b1e8

-59-Crack WPA/WPA2 Wi-Fi Routers with Aircrack-ng and Hashcat:

https://medium.com/p/a5a5d3ffea46

-60-DLL Injection:

https://pentestlab.blog/2017/04/04/dll-injection

-61-DLL Hijacking:

https://pentestlab.blog/2017/03/27/dll-hijacking

-62-My Recon Process — DNS Enumeration:

https://medium.com/p/d0e288f81a8a

-63-Google Dorks for nding Emails, Admin users etc:

https://d4msec.wordpress.com/2015/09/03/google-dorks-for-finding-emails-admin-users-etc

-64-Google Dorks List 2018:

https://medium.com/p/fb70d0cbc94

-65-Hack your own NMAP with a BASH one-liner:

https://medium.com/p/758352f9aece

-66-UNIX / LINUX CHEAT SHEET:

cheatsheetworld.com/programming/unix-linux-cheat-sheet/

-67-Linux Capabilities Privilege Escalation via OpenSSL with SELinux Enabled and Enforced:

https://medium.com/p/74d2bec02099

-68- information gathering:

https://pentestlab.blog/category/information-gathering/

-69-post exploitation:

https://pentestlab.blog/category/post-exploitation/

-70-privilege escalation:

https://pentestlab.blog/category/privilege-escalation/

-71-red team:

https://pentestlab.blog/category/red-team/

-72-The Ultimate Penetration Testing Command Cheat Sheet for Linux:

https://www.hackingloops.com/command-cheat-sheet-for-linux/

-73-Web Application Penetration Testing Cheat Sheet:

https://jdow.io/blog/2018/03/18/web-application-penetration-testing-methodology/

-74-Windows Kernel Exploits:

https://pentestlab.blog/2017/04/24/windows-kernel-exploits

-75-Windows oneliners to download remote payload and execute arbitrary code:

https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/

-76-Windows-Post-Exploitation:

https://github.com/emilyanncr/Windows-Post-Exploitation

-77-Windows Post Exploitation Shells and File Transfer with Netcat for Windows:

https://medium.com/p/a2ddc3557403

-78-Windows Privilege Escalation Fundamentals:

https://www.fuzzysecurity.com/tutorials/16.html

-79-Windows Privilege Escalation Guide:

www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/

-80-Windows Active Directory Post Exploitation Cheatsheet:

https://medium.com/p/48c2bd70388

-81-Windows Exploitation Tricks: Abusing the User-Mode Debugger:

https://googleprojectzero.blogspot.com/2019/04/windows-exploitation-tricks-abusing.html

-82-VNC Penetration Testing (Port 5901):

http://www.hackingarticles.in/vnc-penetration-testing

-83- Big List Of Google Dorks Hacking:

https://xspiyr.wordpress.com/2012/09/05/big-list-of-google-dorks-hacking

-84-List of google dorks for sql injection:

https://deadlyhacker.wordpress.com/2013/05/09/list-of-google-dorks-for-sql-injection/

-85-Download Google Dorks List 2019:

https://medium.com/p/323c8067502c

-86-Comprehensive Guide to Sqlmap (Target Options):

http://www.hackingarticles.in/comprehensive-guide-to-sqlmap-target-options15249-2

-87-EMAIL RECONNAISSANCE AND PHISHING TEMPLATE GENERATION MADE SIMPLE:

www.cybersyndicates.com/.../email-reconnaissance-phishing-template-generation-made-simple

-88-Comprehensive Guide on Gobuster Tool:

https://www.hackingarticles.in/comprehensive-guide-on-gobuster-tool/

-89-My Top 5 Web Hacking Tools:

https://medium.com/p/e15b3c1f21e8

-90-[technical] Pen-testing resources:

https://medium.com/p/cd01de9036ad

-91-File System Access on Webserver using Sqlmap:

http://www.hackingarticles.in/file-system-access-on-webserver-using-sqlmap

-92-kali-linux-cheatsheet:

https://github.com/NoorQureshi/kali-linux-cheatsheet

-93-Pentesting Cheatsheet:

https://anhtai.me/pentesting-cheatsheet/

-94-Command Injection Exploitation through Sqlmap in DVWA (OS-cmd):

http://www.hackingarticles.in/command-injection-exploitation-through-sqlmap-in-dvwa

-95-XSS Payload List - Cross Site Scripting Vulnerability Payload List:

https://www.kitploit.com/2018/05/xss-payload-list-cross-site-scripting.html

-96-Analyzing CVE-2018-6376 – Joomla!, Second Order SQL Injection:

https://www.notsosecure.com/analyzing-cve-2018-6376/

-97-Exploiting Sql Injection with Nmap and Sqlmap:

http://www.hackingarticles.in/exploiting-sql-injection-nmap-sqlmap

-98-awesome-malware-analysis:

https://github.com/rshipp/awesome-malware-analysis

-99-Anatomy of UAC Attacks:

https://www.fuzzysecurity.com/tutorials/27.html

-100-awesome-cyber-skills:

https://github.com/joe-shenouda/awesome-cyber-skills

-101-5 ways to Banner Grabbing:

http://www.hackingarticles.in/5-ways-banner-grabbing

-102-6 Ways to Hack PostgresSQL Login:

http://www.hackingarticles.in/6-ways-to-hack-postgressql-login

-103-6 Ways to Hack SSH Login Password:

http://www.hackingarticles.in/6-ways-to-hack-ssh-login-password

-104-10 Free Ways to Find Someone’s Email Address:

https://medium.com/p/e6f37f5fe10a

-105-USING A SCF FILE TO GATHER HASHES:

https://1337red.wordpress.com/using-a-scf-file-to-gather-hashes

-106-Hack Remote Windows PC using DLL Files (SMB Delivery Exploit):

http://www.hackingarticles.in/hack-remote-windows-pc-using-dll-files-smb-delivery-exploit

107-Hack Remote Windows PC using Office OLE Multiple DLL Hijack Vulnerabilities:

http://www.hackingarticles.in/hack-remote-windows-pc-using-office-ole-multiple-dll-hijack-vulnerabilities

-108-BUG BOUNTY HUNTING (METHODOLOGY , TOOLKIT , TIPS & TRICKS , Blogs):

https://medium.com/p/ef6542301c65

-109-How To Perform External Black-box Penetration Testing in Organization with “ZERO” Information:

https://gbhackers.com/external-black-box-penetration-testing

-110-A Complete Penetration Testing & Hacking Tools List for Hackers & Security Professionals:

https://gbhackers.com/hacking-tools-list

-111-Most Important Considerations with Malware Analysis Cheats And Tools list:

https://gbhackers.com/malware-analysis-cheat-sheet-and-tools-list

-112-Awesome-Hacking:

https://github.com/Hack-with-Github/Awesome-Hacking

-113-awesome-threat-intelligence:

https://github.com/hslatman/awesome-threat-intelligence

-114-awesome-yara:

https://github.com/InQuest/awesome-yara

-115-Red-Team-Infrastructure-Wiki:

https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki

-116-awesome-pentest:

https://github.com/enaqx/awesome-pentest

-117-awesome-cyber-skills:

https://github.com/joe-shenouda/awesome-cyber-skills

-118-pentest-wiki:

https://github.com/nixawk/pentest-wiki

-119-awesome-web-security:

https://github.com/qazbnm456/awesome-web-security

-120-Infosec_Reference:

https://github.com/rmusser01/Infosec_Reference

-121-awesome-iocs:

https://github.com/sroberts/awesome-iocs

-122-blackhat-arsenal-tools:

https://github.com/toolswatch/blackhat-arsenal-tools

-123-awesome-social-engineering:

https://github.com/v2-dev/awesome-social-engineering

-124-Penetration Testing Framework 0.59:

www.vulnerabilityassessment.co.uk/Penetration%20Test.html

-125-Penetration Testing Tools Cheat Sheet :

https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

-126-SN1PER – A Detailed Explanation of Most Advanced Automated Information Gathering & Penetration Testing Tool:

https://gbhackers.com/sn1per-a-detailed-explanation-of-most-advanced-automated-information-gathering-penetration-testing-tool

-127-Spear Phishing 101:

https://blog.inspired-sec.com/archive/2017/05/07/Phishing.html

-128-100 ways to discover (part 1):

https://sylarsec.com/2019/01/11/100-ways-to-discover-part-1/

-129-Comprehensive Guide to SSH Tunnelling:

http://www.hackingarticles.in/comprehensive-guide-to-ssh-tunnelling/

-130-Capture VNC Session of Remote PC using SetToolkit:

http://www.hackingarticles.in/capture-vnc-session-remote-pc-using-settoolkit/

-131-Hack Remote PC using PSEXEC Injection in SET Toolkit:

http://www.hackingarticles.in/hack-remote-pc-using-psexec-injection-set-toolkit/

-132-Denial of Service Attack on Network PC using SET Toolkit:

http://www.hackingarticles.in/denial-of-service-attack-on-network-pc-using-set-toolkit/

-133-Hack Gmail and Facebook of Remote PC using DNS Spoofing and SET Toolkit:

http://www.hackingarticles.in/hack-gmail-and-facebook-of-remote-pc-using-dns-spoofing-and-set-toolkit/

-134-Hack Any Android Phone with DroidJack (Beginner’s Guide):

http://www.hackingarticles.in/hack-android-phone-droidjack-beginners-guide/

-135-HTTP RAT Tutorial for Beginners:

http://www.hackingarticles.in/http-rat-tutorial-beginners/

-136-5 ways to Create Permanent Backdoor in Remote PC:

http://www.hackingarticles.in/5-ways-create-permanent-backdoor-remote-pc/

-137-How to Enable and Monitor Firewall Log in Windows PC:

http://www.hackingarticles.in/enable-monitor-firewall-log-windows-pc/

-138-EMPIRE TIPS AND TRICKS:

https://enigma0x3.net/2015/08/26/empire-tips-and-tricks/

-139-CSRF account takeover Explained Automated/Manual:

https://medium.com/p/447e4b96485b

-140-CSRF Exploitation using XSS:

http://www.hackingarticles.in/csrf-exploitation-using-xss

-141-Dumping Domain Password Hashes:

https://pentestlab.blog/2018/07/04/dumping-domain-password-hashes/

-142-Empire Post Exploitation – Unprivileged Agent to DA Walkthrough:

https://bneg.io/2017/05/24/empire-post-exploitation/

-143-Dropbox for the Empire:

https://bneg.io/2017/05/13/dropbox-for-the-empire/

-144-Empire without PowerShell.exe:

https://bneg.io/2017/07/26/empire-without-powershell-exe/

-145-REVIVING DDE: USING ONENOTE AND EXCEL FOR CODE EXECUTION:

https://enigma0x3.net/2018/01/29/reviving-dde-using-onenote-and-excel-for-code-execution/

-146-PHISHING WITH EMPIRE:

https://enigma0x3.net/2016/03/15/phishing-with-empire/

-146-BYPASSING UAC ON WINDOWS 10 USING DISK CLEANUP:

https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/

-147-“FILELESS” UAC BYPASS USING EVENTVWR.EXE AND REGISTRY HIJACKING:

https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/

-148-“FILELESS” UAC BYPASS USING SDCLT.EXE:

https://enigma0x3.net/2017/03/17/fileless-uac-bypass-using-sdclt-exe/

-149-PHISHING AGAINST PROTECTED VIEW:

https://enigma0x3.net/2017/07/13/phishing-against-protected-view/

-150-LATERAL MOVEMENT USING EXCEL.APPLICATION AND DCOM:

https://enigma0x3.net/2017/09/11/lateral-movement-using-excel-application-and-dcom/

-151-enum4linux Cheat Sheet:

https://highon.coffee/blog/enum4linux-cheat-sheet/

-152-enumeration:

https://technologyredefine.blogspot.com/2017/11/enumeration.html

-153-Command and Control – WebSocket:

https://pentestlab.blog/2017/12/06/command-and-control-websocket

-154-Command and Control – WMI:

https://pentestlab.blog/2017/11/20/command-and-control-wmi

-155-Dangerous Virus For Windows Crashes Everything Hack window Using Virus:

http://thelearninghacking.com/create-virus-hack-windows/

-156-Comprehensive Guide to Nmap Port Status:

http://www.hackingarticles.in/comprehensive-guide-nmap-port-status

-157-Commix – Automated All-in-One OS Command Injection and Exploitation Tool:

https://gbhackers.com/commix-automated-all-in-one-os-command-injection-and-exploitation-tool

-158-Compromising Jenkins and extracting credentials:

https://www.n00py.io/2017/01/compromising-jenkins-and-extracting-credentials/

-159-footprinting:

https://technologyredefine.blogspot.com/2017/09/footprinting_17.html

-160-awesome-industrial-control-system-security:

https://github.com/hslatman/awesome-industrial-control-system-security

-161-xss-payload-list:

https://github.com/ismailtasdelen/xss-payload-list

-162-awesome-vehicle-security:

https://github.com/jaredthecoder/awesome-vehicle-security

-163-awesome-osint:

https://github.com/jivoi/awesome-osint

-164-awesome-python:

https://github.com/vinta/awesome-python

-165-Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit):

https://www.exploit-db.com/download/44830.rb

-166-nbtscan Cheat Sheet:

https://highon.coffee/blog/nbtscan-cheat-sheet/

-167-neat-tricks-to-bypass-csrfprotection:

www.slideshare.net/0ang3el/neat-tricks-to-bypass-csrfprotection

-168-ACCESSING CLIPBOAR D FROM THE LOC K SC REEN IN WI NDOWS 10 #2:

https://oddvar.moe/2017/01/27/access-clipboard-from-lock-screen-in-windows-10-2/

-169-NMAP CHEAT-SHEET (Nmap Scanning Types, Scanning Commands , NSE Scripts):

https://medium.com/p/868a7bd7f692

-170-Nmap Cheat Sheet:

https://highon.coffee/blog/nmap-cheat-sheet/

-171-Powershell Without Powershell – How To Bypass Application Whitelisting, Environment Restrictions & AV:

https://www.blackhillsinfosec.com/powershell-without-powershell-how-to-bypass-application-whitelisting-environment-restrictions-av/

-172-Phishing with PowerPoint:

https://www.blackhillsinfosec.com/phishing-with-powerpoint/

-173-hide-payload-ms-office-document-properties:

https://www.blackhillsinfosec.com/hide-payload-ms-office-document-properties/

-174-How to Evade Application Whitelisting Using REGSVR32:

https://www.blackhillsinfosec.com/evade-application-whitelisting-using-regsvr32/

-175-How to Build a C2 Infrastructure with Digital Ocean – Part 1:

https://www.blackhillsinfosec.com/build-c2-infrastructure-digital-ocean-part-1/

-176-WordPress Penetration Testing using Symposium Plugin SQL Injection:

http://www.hackingarticles.in/wordpress-penetration-testing-using-symposium-plugin-sql-injection

-177-Manual SQL Injection Exploitation Step by Step:

http://www.hackingarticles.in/manual-sql-injection-exploitation-step-step

-178-MSSQL Penetration Testing with Metasploit:

http://www.hackingarticles.in/mssql-penetration-testing-metasploit

-179-Multiple Ways to Get root through Writable File:

http://www.hackingarticles.in/multiple-ways-to-get-root-through-writable-file

-180-MySQL Penetration Testing with Nmap:

http://www.hackingarticles.in/mysql-penetration-testing-nmap

-181-NetBIOS and SMB Penetration Testing on Windows:

http://www.hackingarticles.in/netbios-and-smb-penetration-testing-on-windows

-182-Network Packet Forensic using Wireshark:

http://www.hackingarticles.in/network-packet-forensic-using-wireshark

-183-Escape and Evasion Egressing Restricted Networks:

https://www.optiv.com/blog/escape-and-evasion-egressing-restricted-networks/

-183-Awesome-Hacking-Resources:

https://github.com/vitalysim/Awesome-Hacking-Resources

-184-Hidden directories and les as a source of sensitive information about web application:

https://medium.com/p/84e5c534e5ad

-185-Hiding Registry keys with PSRe ect:

https://posts.specterops.io/hiding-registry-keys-with-psreflect-b18ec5ac8353

-186-awesome-cve-poc:

https://github.com/qazbnm456/awesome-cve-poc

-187-Linux Capabilities Privilege Escalation via OpenSSL with SELinux Enabled and Enforced:

https://medium.com/p/74d2bec02099

-188-Post Exploitation in Windows using dir Command:

http://www.hackingarticles.in/post-exploitation-windows-using-dir-command

189-Web Application Firewall (WAF) Evasion Techniques #2:

https://medium.com/secjuice/web-application-firewall-waf-evasion-techniques-2-125995f3e7b0

-190-Forensics Investigation of Remote PC (Part 1):

http://www.hackingarticles.in/forensics-investigation-of-remote-pc-part-1

-191-CloudFront Hijacking:

https://www.mindpointgroup.com/blog/pen-test/cloudfront-hijacking/

-192-PowerPoint and Custom Actions:

https://cofense.com/powerpoint-and-custom-actions/

-193-Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012 using Potato:

http://www.hackingarticles.in/privilege-escalation-on-windows-7810-server-2008-server-2012-using-potato

-194-How to intercept TOR hidden service requests with Burp:

https://medium.com/p/6214035963a0

-195-How to Make a Captive Portal of Death:

https://medium.com/p/48e82a1d81a/share/twitter

-196-How to find any CEO’s email address in minutes:

https://medium.com/p/70dcb96e02b0

197-Microsoft Windows 10 - Child Process Restriction Mitigation Bypass:

https://www.exploit-db.com/download/44888.txt

-198-Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation:

https://www.exploit-db.com/download/44630.txt

-199-Microsoft Word upload to Stored XSS:

https://www.n00py.io/2018/03/microsoft-word-upload-to-stored-xss/

-200-MobileApp-Pentest-Cheatsheet:

https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet

-201-awesome:

https://github.com/sindresorhus/awesome

-201-writing arm shellcode:

https://azeria-labs.com/writing-arm-shellcode/

-202-debugging with gdb introduction:

https://azeria-labs.com/debugging-with-gdb-introduction/

-203-emulate raspberrypi with qemu:

https://azeria-labs.com/emulate-raspberry-pi-with-qemu/

-204-Bash One-Liner to Check Your Password(s) via pwnedpasswords.com’s API Using the k-Anonymity Method:

https://medium.com/p/a5807a9a8056

-205-A Red Teamer's guide to pivoting:

https://artkond.com/2017/03/23/pivoting-guide/

-206-Using WebDAV features as a covert channel:

https://arno0x0x.wordpress.com/2017/09/07/using-webdav-features-as-a-covert-channel/

-207-A View of Persistence:

https://rastamouse.me/2018/03/a-view-of-persistence/

-208- pupy websocket transport:

https://bitrot.sh/post/28-11-2017-pupy-websocket-transport/

-209-Subdomains Enumeration Cheat Sheet:

https://pentester.land/cheatsheets/2018/11/.../subdomains-enumeration-cheatsheet.html

-210-DNS Reconnaissance – DNSRecon:

https://pentestlab.blog/2012/11/13/dns-reconnaissance-dnsrecon/

-211-Cheatsheets:

https://bitrot.sh/cheatsheet

-212-Understanding Guide to Nmap Firewall Scan (Part 2):

http://www.hackingarticles.in/understanding-guide-nmap-firewall-scan-part-2

-213-Exploit Office 2016 using CVE-2018-0802:

https://technologyredefine.blogspot.com/2018/01/exploit-office-2016-using-cve-2018-0802.html

-214-windows-exploit-suggester:

https://technologyredefine.blogspot.com/2018/01/windows-exploit-suggester.html

-215-INSTALLING PRESISTENCE BACKDOOR IN WINDOWS:

https://technologyredefine.blogspot.com/2018/01/installing-presistence-backdoor-in.html

-216-IDS, IPS AND FIREWALL EVASION USING NMAP:

https://technologyredefine.blogspot.com/2017/09/ids-ips-and-firewall-evasion-using-nmap.html

-217-Wireless Penetration Testing Checklist – A Detailed Cheat Sheet:

https://gbhackers.com/wireless-penetration-testing-checklist-a-detailed-cheat-sheet

218-Most Important Web Application Security Tools & Resources for Hackers and Security Professionals:

https://gbhackers.com/web-application-security-tools-resources

-219-Web Application Penetration Testing Checklist – A Detailed Cheat Sheet:

https://gbhackers.com/web-application-penetration-testing-checklist-a-detailed-cheat-sheet

-220-Top 500 Most Important XSS Script Cheat Sheet for Web Application Penetration Testing:

https://gbhackers.com/top-500-important-xss-cheat-sheet

-221-USBStealer – Password Hacking Tool For Windows Machine Applications:

https://gbhackers.com/pasword-hacking

-222-Most Important Mobile Application Penetration Testing Cheat sheet with Tools & Resources for Security Professionals:

https://gbhackers.com/mobile-application-penetration-testing

-223-Metasploit Can Be Directly Used For Hardware Penetration Testing Now:

https://gbhackers.com/metasploit-can-be-directly-used-for-hardware-vulnerability-testing-now

-224-How to Perform Manual SQL Injection While Pentesting With Single quote Error Based Parenthesis Method:

https://gbhackers.com/manual-sql-injection-2

-225-Email Spoo ng – Exploiting Open Relay configured Public Mailservers:

https://gbhackers.com/email-spoofing-exploiting-open-relay

-226-Email Header Analysis – Received Email is Genuine or Spoofed:

https://gbhackers.com/email-header-analysis

-227-Most Important Cyber Threat Intelligence Tools List For Hackers and Security Professionals:

https://gbhackers.com/cyber-threat-intelligence-tools

-228-Creating and Analyzing a Malicious PDF File with PDF-Parser Tool:

https://gbhackers.com/creating-and-analyzing-a-malicious-pdf-file-with-pdf-parser-tool

-229-Commix – Automated All-in-One OS Command Injection and Exploitation Tool:

https://gbhackers.com/commix-automated-all-in-one-os-command-injection-and-exploitation-tool

-230-Advanced ATM Penetration Testing Methods:

https://gbhackers.com/advanced-atm-penetration-testing-methods

-231-A8-Cross-Site Request Forgery (CSRF):

https://gbhackers.com/a8-cross-site-request-forgery-csrf

-232-Fully undetectable backdooring PE File:

https://haiderm.com/fully-undetectable-backdooring-pe-file/

-233-backdooring exe files:

https://haiderm.com/tag/backdooring-exe-files/

-234-From PHP (s)HELL to Powershell Heaven:

https://medium.com/p/da40ce840da8

-235-Forensic Investigation of Nmap Scan using Wireshark:

http://www.hackingarticles.in/forensic-investigation-of-nmap-scan-using-wireshark

-236-Unleashing an Ultimate XSS Polyglot:

https://github.com/0xsobky/HackVault/wiki

-237-wifi-arsenal:

https://github.com/0x90/wifi-arsenal

-238-XXE_payloads:

https://gist.github.com/staaldraad/01415b990939494879b4

-239-xss_payloads_2016:

https://github.com/7ioSecurity/XSS-Payloads/raw/master/xss_payloads_2016

-240-A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.:

https://github.com/alebcay/awesome-shell

-241-The goal of this repository is to document the most common techniques to bypass AppLocker.:

https://github.com/api0cradle/UltimateAppLockerByPassList

-242-A curated list of CTF frameworks, libraries, resources and softwares:

https://github.com/apsdehal/awesome-ctf

-243-A collection of android security related resources:

https://github.com/ashishb/android-security-awesome

-244-OSX and iOS related security tools:

https://github.com/ashishb/osx-and-ios-security-awesome

-245-regexp-security-cheatsheet:

https://github.com/attackercan/regexp-security-cheatsheet

-246-PowerView-2.0 tips and tricks:

https://gist.github.com/HarmJ0y/3328d954607d71362e3c

-247-A curated list of awesome awesomeness:

https://github.com/bayandin/awesome-awesomeness

-248-Android App Security Checklist:

https://github.com/b-mueller/android_app_security_checklist

-249-Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat:

https://github.com/brannondorsey/wifi-cracking

-250-My-Gray-Hacker-Resources:

https://github.com/bt3gl/My-Gray-Hacker-Resources

-251-A collection of tools developed by other researchers in the Computer Science area to process network traces:

https://github.com/caesar0301/awesome-pcaptools

-252-A curated list of awesome Hacking tutorials, tools and resources:

https://github.com/carpedm20/awesome-hacking

-253-RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.:

https://github.com/cn0xroot/RFSec-ToolKit

-254-Collection of the cheat sheets useful for pentesting:

https://github.com/coreb1t/awesome-pentest-cheat-sheets

-255-Collection of the cheat sheets useful for pentesting:

https://github.com/coreb1t/awesome-pentest-cheat-sheets

-256-Collection of the cheat sheets useful for pentesting:

https://github.com/coreb1t/awesome-pentest-cheat-sheets

-257-A curated list of awesome forensic analysis tools and resources:

https://github.com/cugu/awesome-forensics

-258-Open-Redirect-Payloads:

https://github.com/cujanovic/Open-Redirect-Payloads

-259-A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.:

https://github.com/Cyb3rWard0g/ThreatHunter-Playbook

-260-Windows memory hacking library:

https://github.com/DarthTon/Blackbone

-261-A collective list of public JSON APIs for use in security.:

https://github.com/deralexxx/security-apis

-262-An authoritative list of awesome devsecops tools with the help from community experiments and contributions.:

https://github.com/devsecops/awesome-devsecops

-263-List of Awesome Hacking places, organised by Country and City, listing if it features power and wifi:

https://github.com/diasdavid/awesome-hacking-spots

-264-A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups:

https://github.com/djadmin/awesome-bug-bounty

-265-Notes for taking the OSCP in 2097:

https://github.com/dostoevskylabs/dostoevsky-pentest-notes

-266-A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom:

https://github.com/enddo/awesome-windows-exploitation

-267-A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development:

https://github.com/FabioBaroni/awesome-exploit-development

-268-A curated list of awesome reversing resources:

https://github.com/fdivrp/awesome-reversing

-269-Git All the Payloads! A collection of web attack payloads:

https://github.com/foospidy/payloads

-270-GitHub Project Resource List:

https://github.com/FuzzySecurity/Resource-List

-271-Use your macOS terminal shell to do awesome things.:

https://github.com/herrbischoff/awesome-macos-command-line

-272-Defeating Windows User Account Control:

https://github.com/hfiref0x/UACME

-273-Free Security and Hacking eBooks:

https://github.com/Hack-with-Github/Free-Security-eBooks

-274-Universal Radio Hacker: investigate wireless protocols like a boss:

https://github.com/jopohl/urh

-275-A curated list of movies every hacker & cyberpunk must watch:

https://github.com/k4m4/movies-for-hackers

-276-Various public documents, whitepapers and articles about APT campaigns:

https://github.com/kbandla/APTnotes

-277-A database of common, interesting or useful commands, in one handy referable form:

https://github.com/leostat/rtfm

-278-A curated list of tools for incident response:

https://github.com/meirwah/awesome-incident-response

-279-A curated list of awesome guides, tools, and other resources related to the security and compromise of locks, safes, and keys:

https://github.com/meitar/awesome-lockpicking

-280-A curated list of static analysis tools, linters and code quality checkers for various programming languages:

https://github.com/mre/awesome-static-analysis

-281-A Collection of Hacks in IoT Space so that we can address them (hopefully):

https://github.com/nebgnahz/awesome-iot-hacks

-281-A Course on Intermediate Level Linux Exploitation:

https://github.com/nnamon/linux-exploitation-course

-282-Kali Linux Cheat Sheet for Penetration Testers:

https://github.com/NoorQureshi/kali-linux-cheatsheet

-283-A curated list of awesome infosec courses and training resources.:

https://github.com/onlurking/awesome-infosec

-284-A curated list of resources for learning about application security:

https://github.com/paragonie/awesome-appsec

-285-an awesome list of honeypot resources:

https://github.com/paralax/awesome-honeypots

286-GitHub Enterprise SQL Injection:

https://www.blogger.com/share-post.g?blogID=2987759532072489303&postID=6980097238231152493

-287-A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis:

https://github.com/secfigo/Awesome-Fuzzing

-288-PHP htaccess injection cheat sheet:

https://github.com/sektioneins/pcc/wiki

-289-A curated list of the awesome resources about the Vulnerability Research:

https://github.com/sergey-pronin/Awesome-Vulnerability-Research

-290-A list of useful payloads and bypass for Web Application Security and Pentest/CTF:

https://github.com/swisskyrepo/PayloadsAllTheThings

-291-A collection of Red Team focused tools, scripts, and notes:

https://github.com/threatexpress/red-team-scripts

-292-Awesome XSS stuff:

https://github.com/UltimateHackers/AwesomeXSS

-293-A collection of hacking / penetration testing resources to make you better!:

https://github.com/vitalysim/Awesome-Hacking-Resources

-294-Docker Cheat Sheet:

https://github.com/wsargent/docker-cheat-sheet

-295-Decrypted content of eqgrp-auction-file.tar.xz:

https://github.com/x0rz/EQGRP

-296-A bunch of links related to Linux kernel exploitation:

https://github.com/xairy/linux-kernel-exploitation

-297-Penetration Testing 102 - Windows Privilege Escalation Cheatsheet:

www.exumbraops.com/penetration-testing-102-windows-privilege-escalation-cheatsheet

-298-Pentesting Cheatsheet:

https://anhtai.me/pentesting-cheatsheet/

-299-Windows Privilege Escalation Methods for Pentesters:

https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/

-300-Penetration Testing Cheat Sheet For Windows Machine – Intrusion Detection:

-301-Reading Your Way Around UAC (Part 1):

https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html

-302--Reading Your Way Around UAC (Part 2):

https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html

-303-Executing Metasploit & Empire Payloads from MS Office Document Properties (part 2 of 2):

https://stealingthe.network/executing-metasploit-empire-payloads-from-ms-office-document-properties-part-2-of-2/

-304-SSRF - Server Side Request Forgery (Types and ways to exploit it) Part-1:

https://medium.com/p/29d034c27978

-304-Automating Cobalt Strike,Aggressor Collection Scripts:

https://github.com/bluscreenofjeff/AggressorScripts

https://github.com/harleyQu1nn/AggressorScripts

-305-Vi Cheat Sheet:

https://highon.coffee/blog/vi-cheat-sheet/

-306-Network Recon Cheat Sheet:

https://www.cheatography.com/coffeefueled/cheat-sheets/network-recon/

-307-LFI Cheat Sheet:

https://highon.coffee/blog/lfi-cheat-sheet/

-308-Systemd Cheat Sheet:

https://highon.coffee/blog/systemd-cheat-sheet/

-309-Aircrack-ng Cheatsheet:

https://securityonline.info/aircrack-ng-cheatsheet/

-310-Kali Linux Cheat Sheet for Penetration Testers:

https://www.blackmoreops.com/?p=7212

-311-Wifi Pentesting Command Cheatsheet:

https://randomkeystrokes.com/2016/07/01/wifi-pentesting-cheatsheet/

-312-Android Testing Environment Cheatsheet (Part 1):

https://randomkeystrokes.com/2016/10/17/android-testing-environment-cheatsheet/

-313-cheatsheet:

https://randomkeystrokes.com/category/cheatsheet/

-314-Reverse Shell Cheat Sheet:

https://highon.coffee/blog/reverse-shell-cheat-sheet/

-315-Linux Commands Cheat Sheet:

https://highon.coffee/blog/linux-commands-cheat-sheet/

-316-Linux Privilege Escalation using Sudo Rights:

http://www.hackingarticles.in/linux-privilege-escalation-using-exploiting-sudo-rights

-317-Linux Privilege Escalation using Misconfigured NFS:

http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/

-318-Linux Privilege Escalation by Exploiting Cronjobs:

http://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/

-319-Web Penetration Testing:

http://www.hackingarticles.in/web-penetration-testing/

-320-Webshell to Meterpreter:

http://www.hackingarticles.in/webshell-to-meterpreter

-321-WordPress Penetration Testing using WPScan & Metasploit:

http://www.hackingarticles.in/wordpress-penetration-testing-using-wpscan-metasploit

-322-XSS Exploitation in DVWA (Bypass All Security):

http://www.hackingarticles.in/xss-exploitation-dvwa-bypass-security

-323-Linux Privilege Escalation Using PATH Variable:

http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/

-324-VNC tunneling over SSH:

http://www.hackingarticles.in/vnc-tunneling-ssh

-325-VNC Pivoting through Meterpreter:

http://www.hackingarticles.in/vnc-pivoting-meterpreter

-326-Week of Evading Microsoft ATA - Announcement and Day 1:

https://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day1.html

-327-Abusing DNSAdmins privilege for escalation in Active Directory:

https://www.labofapenetrationtester.com/2017/05/abusing-dnsadmins-privilege-for-escalation-in-active-directory.html

-328-Using SQL Server for attacking a Forest Trust:

https://www.labofapenetrationtester.com/2017/03/using-sql-server-for-attacking-forest-trust.html

-329-Empire :

http://www.harmj0y.net/blog/category/empire/

-330-8 Deadly Commands You Should Never Run on Linux:

https://www.howtogeek.com/125157/8-deadly-commands-you-should-never-run-on-linux/

-331-External C2 framework for Cobalt Strike:

https://www.insomniacsecurity.com/2018/01/11/externalc2.html

-332-How to use Public IP on Kali Linux:

http://www.hackingarticles.in/use-public-ip-kali-linux

-333-Bypass Admin access through guest Account in windows 10:

http://www.hackingarticles.in/bypass-admin-access-guest-account-windows-10

-334-Bypass Firewall Restrictions with Metasploit (reverse_tcp_allports):

http://www.hackingarticles.in/bypass-firewall-restrictions-metasploit-reverse_tcp_allports

-335-Bypass SSH Restriction by Port Relay:

http://www.hackingarticles.in/bypass-ssh-restriction-by-port-relay

-336-Bypass UAC Protection of Remote Windows 10 PC (Via FodHelper Registry Key):

http://www.hackingarticles.in/bypass-uac-protection-remote-windows-10-pc-via-fodhelper-registry-key

-337-Bypass UAC in Windows 10 using bypass_comhijack Exploit:

http://www.hackingarticles.in/bypass-uac-windows-10-using-bypass_comhijack-exploit

-338-Bind Payload using SFX archive with Trojanizer:

http://www.hackingarticles.in/bind-payload-using-sfx-archive-trojanizer

-339-Capture NTLM Hashes using PDF (Bad-Pdf):

http://www.hackingarticles.in/capture-ntlm-hashes-using-pdf-bad-pdf

-340-Best of Post Exploitation Exploits & Tricks:

http://www.hackingarticles.in/best-of-post-exploitation-exploits-tricks/

-341-Detect SQL Injection Attack using Snort IDS:

http://www.hackingarticles.in/detect-sql-injection-attack-using-snort-ids/

-342-Beginner Guide to Website Footprinting:

http://www.hackingarticles.in/beginner-guide-website-footprinting/

-343-How to Enable and Monitor Firewall Log in Windows PC:

http://www.hackingarticles.in/enable-monitor-firewall-log-windows-pc/

-344-Wifi Post Exploitation on Remote PC:

http://www.hackingarticles.in/wifi-post-exploitation-remote-pc/

-335-Check Meltdown Vulnerability in CPU:

http://www.hackingarticles.in/check-meltdown-vulnerability-cpu

-336-XXE:

https://phonexicum.github.io/infosec/xxe.html

-337-[XSS] Re ected XSS Bypass Filter:

https://medium.com/p/de41d35239a3

-338-Engagement Tools Tutorial in Burp suite:

http://www.hackingarticles.in/engagement-tools-tutorial-burp-suite

-339-Wiping Out CSRF:

https://medium.com/@jrozner/wiping-out-csrf-ded97ae7e83f

-340-First entry: Welcome and fileless UAC bypass:

https://winscripting.blog/2017/05/12/first-entry-welcome-and-uac-bypass/

-341-Writing a Custom Shellcode Encoder:

https://medium.com/p/31816e767611

-342-Security Harden CentOS 7 :

https://highon.coffee/blog/security-harden-centos-7/

-343-THE BIG BAD WOLF - XSS AND MAINTAINING ACCESS:

https://www.paulosyibelo.com/2018/06/the-big-bad-wolf-xss-and-maintaining.html

-344-MySQL:

https://websec.ca/kb/CHANGELOG.txt

-345-Deobfuscation of VM based software protection:

http://shell-storm.org/talks/SSTIC2017_Deobfuscation_of_VM_based_software_protection.pdf

-346-Online Assembler and Disassembler:

http://shell-storm.org/online/Online-Assembler-and-Disassembler/

-347-Shellcodes database for study cases:

http://shell-storm.org/shellcode/

-348-Dynamic Binary Analysis and Obfuscated Codes:

http://shell-storm.org/talks/sthack2016-rthomas-jsalwan.pdf

-349-How Triton may help to analyse obfuscated binaries:

http://triton.quarkslab.com/files/misc82-triton.pdf

-350-Triton: A Concolic Execution Framework:

http://shell-storm.org/talks/SSTIC2015_English_slide_detailed_version_Triton_Concolic_Execution_FrameWork_FSaudel_JSalwan.pdf

-351-Automatic deobfuscation of the Tigress binary protection using symbolic execution and LLVM:

https://github.com/JonathanSalwan/Tigress_protection

-352-What kind of semantics information Triton can provide?:

http://triton.quarkslab.com/blog/What-kind-of-semantics-information-Triton-can-provide/

-353-Code coverage using a dynamic symbolic execution:

http://triton.quarkslab.com/blog/Code-coverage-using-dynamic-symbolic-execution/

-354-Triton (concolic execution framework) under the hood:

http://triton.quarkslab.com/blog/first-approach-with-the-framework/

-355-- Stack and heap overflow detection at runtime via behavior analysis and Pin:

http://shell-storm.org/blog/Stack-and-heap-overflow-detection-at-runtime-via-behavior-analysis-and-PIN/

-356-Binary analysis: Concolic execution with Pin and z3:

http://shell-storm.org/blog/Binary-analysis-Concolic-execution-with-Pin-and-z3/

-357-In-Memory fuzzing with Pin:

http://shell-storm.org/blog/In-Memory-fuzzing-with-Pin/

-358-Hackover 2015 r150 (outdated solving for Triton use cases):

https://github.com/JonathanSalwan/Triton/blob/master/src/examples/python/ctf-writeups/hackover-ctf-2015-r150/solve.py

-359-Skip sh – Web Application Security Scanner for XSS, SQL Injection, Shell injection:

https://gbhackers.com/skipfish-web-application-security-scanner

-360-Sublist3r – Tool for Penetration testers to Enumerate Sub-domains:

https://gbhackers.com/sublist3r-penetration-testers

-361-bypassing application whitelisting with bginfo:

https://oddvar.moe/2017/05/18/bypassing-application-whitelisting-with-bginfo/

-362-accessing-clipboard-from-the-lock-screen-in-windows-10:

https://oddvar.moe/2017/01/24/accessing-clipboard-from-the-lock-screen-in-windows-10/

-363-bypassing-device-guard-umci-using-chm-cve-2017-8625:

https://oddvar.moe/2017/08/13/bypassing-device-guard-umci-using-chm-cve-2017-8625/

-364-defense-in-depth-writeup:

https://oddvar.moe/2017/09/13/defense-in-depth-writeup/

-365-applocker-case-study-how-insecure-is-it-really-part-1:

https://oddvar.moe/2017/12/13/applocker-case-study-how-insecure-is-it-really-part-1/

-366-empires-cross-platform-office-macro:

https://www.blackhillsinfosec.com/empires-cross-platform-office-macro/

-367-recon tools:

https://blackarch.org/recon.html

-368-Black Hat 2018 tools list:

https://medium.com/p/991fa38901da

-369-Application Introspection & Hooking With Frida:

https://www.fuzzysecurity.com/tutorials/29.html

-370-And I did OSCP!:

https://medium.com/p/589babbfea19

-371-CoffeeMiner: Hacking WiFi to inject cryptocurrency miner to HTML requests:

https://arnaucube.com/blog/coffeeminer-hacking-wifi-cryptocurrency-miner.html

-372-Most Important Endpoint Security & Threat Intelligence Tools List for Hackers and Security Professionals:

https://gbhackers.com/threat-intelligence-tools

-373-Penetration Testing Cheat Sheet For Windows Machine – Intrusion Detection:

https://techincidents.com/penetration-testing-cheat-sheet/

-374-privilege escalation:

https://toshellandback.com/category/privilege-escalation/

-375-The Complete List of Windows Post-Exploitation Commands (No Powershell):

https://medium.com/p/999b5433b61e

-376-The Art of Subdomain Enumeration:

https://blog.sweepatic.com/tag/subdomain-enumeration/

-377-The Principles of a Subdomain Takeover:

https://blog.sweepatic.com/subdomain-takeover-principles/

-378-The journey of Web Cache + Firewall Bypass to SSRF to AWS credentials compromise!:

https://medium.com/p/b250fb40af82

-379-The Solution for Web for Pentester-I:

https://medium.com/p/4c21b3ae9673

-380-The Ultimate Penetration Testing Command Cheat Sheet for Linux:

https://www.hackingloops.com/command-cheat-sheet-for-linux/

-381-: Ethical Hacking, Hack Tools, Hacking Tricks, Information Gathering, Penetration Testing, Recommended:

https://www.hackingloops.com/hacking-tricks/

-383-Introduction to Exploitation, Part 1: Introducing Concepts and Terminology:

https://www.hackingloops.com/exploitation-terminology/

-384-How Hackers Kick Victims Off of Wireless Networks:

https://www.hackingloops.com/kick-victims-off-of-wireless-networks/

-385-Maintaining Access Part 1: Introduction and Metasploit Example:

https://www.hackingloops.com/maintaining-access-metasploit/

-386-How to Steal Windows Credentials with Mimikatz and Metasploit:

https://www.hackingloops.com/mimikatz/

-387-Evading Anti-virus Part 2: Obfuscating Payloads with Msfvenom:

https://www.hackingloops.com/msfvenom/

-388-Evading Anti-virus Part 1: Infecting EXEs with Shellter:

https://www.hackingloops.com/evading-anti-virus-shellter/

-389-Mobile Hacking Part 4: Fetching Payloads via USB Rubber Ducky:

https://www.hackingloops.com/payloads-via-usb-rubber-ducky/

-390-Ethical Hacking Practice Test 6 – Footprinting Fundamentals Level1:

https://www.hackingloops.com/ethical-hacking-practice-test-6-footprinting-fundamentals-level1/

-391-Skip Cracking Responder Hashes and Relay Them:

https://threat.tevora.com/quick-tip-skip-cracking-responder-hashes-and-replay-them/

-392-Cracking NTLMv1 Handshakes with Crack.sh:

http://threat.tevora.com/quick-tip-crack-ntlmv1-handshakes-with-crack-sh/

-393-Top 3 Anti-Forensic OpSec Tips for Linux & A New Dead Man’s Switch:

https://medium.com/p/d5e92843e64a

-394-VNC Penetration Testing (Port 5901):

http://www.hackingarticles.in/vnc-penetration-testing

-395-Windows Privilege Escalation:

http://www.bhafsec.com/wiki/index.php/Windows_Privilege_Escalation

-396-Removing Sender’s IP Address From Email’s Received: From Header:

https://www.devside.net/wamp-server/removing-senders-ip-address-from-emails-received-from-header

-397-Dump Cleartext Password in Linux PC using MimiPenguin:

http://www.hackingarticles.in/dump-cleartext-password-linux-pc-using-mimipenguin

-398-Embedded Backdoor with Image using FakeImageExploiter:

http://www.hackingarticles.in/embedded-backdoor-image-using-fakeimageexploiter

-399-Exploit Command Injection Vulnearbility with Commix and Netcat:

http://www.hackingarticles.in/exploit-command-injection-vulnearbility-commix-netcat

-400-Exploiting Form Based Sql Injection using Sqlmap:

http://www.hackingarticles.in/exploiting-form-based-sql-injection-using-sqlmap

-401-Beginner Guide to impacket Tool kit:

http://www.hackingarticles.in/beginner-guide-to-impacket-tool-kit

-402-Best of Post Exploitation Exploits & Tricks:

http://www.hackingarticles.in/best-of-post-exploitation-exploits-tricks

-403-Command Injection to Meterpreter using Commix:

http://www.hackingarticles.in/command-injection-meterpreter-using-commix

-404-Comprehensive Guide to Crunch Tool:

http://www.hackingarticles.in/comprehensive-guide-to-crunch-tool

-405-Compressive Guide to File Transfer (Post Exploitation):

http://www.hackingarticles.in/compressive-guide-to-file-transfer-post-exploitation

-406-Crack Wifi Password using Aircrack-Ng (Beginner’s Guide):

http://www.hackingarticles.in/crack-wifi-password-using-aircrack-ng

-407-How to Detect Meterpreter in Your PC:

http://www.hackingarticles.in/detect-meterpreter-pc

-408-Easy way to Hack Database using Wizard switch in Sqlmap:

http://www.hackingarticles.in/easy-way-hack-database-using-wizard-switch-sqlmap

-409-Exploiting the Webserver using Sqlmap and Metasploit (OS-Pwn):

http://www.hackingarticles.in/exploiting-webserver-using-sqlmap-metasploit-os-pwn

-410-Create SSL Certified Meterpreter Payload using MPM:

http://www.hackingarticles.in/exploit-remote-pc-ssl-certified-meterpreter-payload-using-mpm

-411-Port forwarding: A practical hands-on guide:

https://www.abatchy.com/2017/01/port-forwarding-practical-hands-on-guide

-412-Exploit Dev 101: Jumping to Shellcode:

https://www.abatchy.com/2017/05/jumping-to-shellcode.html

-413-Introduction to Manual Backdooring:

https://www.abatchy.com/2017/05/introduction-to-manual-backdooring_24.html

-414-Kernel Exploitation:

https://www.abatchy.com/2018/01/kernel-exploitation-1

-415-Exploit Dev 101: Bypassing ASLR on Windows:

https://www.abatchy.com/2017/06/exploit-dev-101-bypassing-aslr-on.html

-416-Shellcode reduction tips (x86):

https://www.abatchy.com/2017/04/shellcode-reduction-tips-x86

-417-OSCE Study Plan:

https://www.abatchy.com/2017/03/osce-study-plan

-418-[DefCamp CTF Qualification 2017] Don't net, kids! (Revexp 400):

https://www.abatchy.com/2017/10/defcamp-dotnot

-419-DRUPAL 7.X SERVICES MODULE UNSERIALIZE() TO RCE:

https://www.ambionics.io/

-420-SQL VULNERABLE WEBSITES LIST 2017 [APPROX 2500 FRESH SQL VULNERABLE SITES]:

https://www.cityofhackerz.com/sql-vulnerable-websites-list-2017

-421-Windows IR Live Forensics Cheat Sheet:

https://www.cheatography.com/tag/forensics/

-422-windows-kernel-logic-bug-class-access:

https://googleprojectzero.blogspot.com/2019/03/windows-kernel-logic-bug-class-access.html

-423-injecting-code-into-windows-protected:

https://googleprojectzero.blogspot.com/2018/11/injecting-code-into-windows-protected.html

-424-USING THE DDE ATTACK WITH POWERSHELL EMPIRE:

https://1337red.wordpress.com/using-the-dde-attack-with-powershell-empire

-425-Automated Derivative Administrator Search:

https://wald0.com/?p=14

-426-A Red Teamer’s Guide to GPOs and OUs:

https://wald0.com/?p=179

-427-Pen Testing and Active Directory, Part VI: The Final Case:

https://blog.varonis.com/pen-testing-active-directory-part-vi-final-case/

-428-Offensive Tools and Techniques:

https://www.sec.uno/2017/03/01/offensive-tools-and-techniques/

-429-Three penetration testing tips to out-hack hackers:

http://infosechotspot.com/three-penetration-testing-tips-to-out-hack-hackers-betanews/

-430-Introducing BloodHound:

https://wald0.com/?p=68

-431-Red + Blue = Purple:

http://www.blackhillsinfosec.com/?p=5368

-432-Active Directory Access Control List – Attacks and Defense – Enterprise Mobility and Security Blog:

https://blogs.technet.microsoft.com/enterprisemobility/2017/09/18/active-directory-access-control-list-attacks-and-defense/

-433-PrivEsc: Unquoted Service Path:

https://www.gracefulsecurity.com/privesc-unquoted-service-path/

-434-PrivEsc: Insecure Service Permissions:

https://www.gracefulsecurity.com/privesc-insecure-service-permissions/

-435-PrivEsc: DLL Hijacking:

https://www.gracefulsecurity.com/privesc-dll-hijacking/

-436-Android Reverse Engineering 101 – Part 1:

http://www.fasteque.com/android-reverse-engineering-101-part-1/

-437-Luckystrike: An Evil Office Document Generator:

https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator

-438-the-number-one-pentesting-tool-youre-not-using:

https://www.shellntel.com/blog/2016/8/3/the-number-one-pentesting-tool-youre-not-using

-439-uac-bypass:

http://www.securitynewspaper.com/tag/uac-bypass/

-440-XSSer – Automated Framework Tool to Detect and Exploit XSS vulnerabilities:

https://gbhackers.com/xsser-automated-framework-detectexploit-report-xss-vulnerabilities

-441-Penetration Testing on X11 Server:

http://www.hackingarticles.in/penetration-testing-on-x11-server

-442-Always Install Elevated:

https://pentestlab.blog/2017/02/28/always-install-elevated

-443-Scanning for Active Directory Privileges & Privileged Accounts:

https://adsecurity.org/?p=3658

-444-Windows Server 2016 Active Directory Features:

https://adsecurity.org/?p=3646

-445-powershell:

https://adsecurity.org/?tag=powershell

-446-PowerShell Security: PowerShell Attack Tools, Mitigation, & Detection:

https://adsecurity.org/?p=2921

-447-DerbyCon 6 (2016) Talk – Attacking EvilCorp: Anatomy of a Corporate Hack:

https://adsecurity.org/?p=3214

-448-Real-World Example of How Active Directory Can Be Compromised (RSA Conference Presentation):

https://adsecurity.org/?p=2085

-449-Advanced ATM Penetration Testing Methods:

https://gbhackers.com/advanced-atm-penetration-testing-methods

-450-Background: Microsoft Ofice Exploitation:

https://rhinosecuritylabs.com/research/abusing-microsoft-word-features-phishing-subdoc/

-451-Automated XSS Finder:

https://medium.com/p/4236ed1c6457

-452-Application whitelist bypass using XLL and embedded shellcode:

https://rileykidd.com/.../application-whitelist-bypass-using-XLL-and-embedded-shellc

-453-AppLocker Bypass – Regsvr32:

https://pentestlab.blog/2017/05/11/applocker-bypass-regsvr32

-454-Nmap Scans using Hex Value of Flags:

http://www.hackingarticles.in/nmap-scans-using-hex-value-flags

-455-Nmap Scan with Timing Parameters:

http://www.hackingarticles.in/nmap-scan-with-timing-parameters

-456-OpenSSH User Enumeration Time- Based Attack with Osueta:

http://www.hackingarticles.in/openssh-user-enumeration-time-based-attack-osueta

-457-Penetration Testing:

http://www.hackingarticles.in/web-penetration-testing/

-458-Penetration Testing on Remote Desktop (Port 3389):

http://www.hackingarticles.in/penetration-testing-remote-desktop-port-3389

-459-Penetration Testing on Telnet (Port 23):

http://www.hackingarticles.in/penetration-testing-telnet-port-23

-460-Penetration Testing in Windows/Active Directory with Crackmapexec:

http://www.hackingarticles.in/penetration-testing-windowsactive-directory-crackmapexec

-461-Penetration Testing in WordPress Website using WordPress Exploit Framework:

http://www.hackingarticles.in/penetration-testing-wordpress-website-using-wordpress-exploit-framework

-462-Port Scanning using Metasploit with IPTables:

http://www.hackingarticles.in/port-scanning-using-metasploit-iptables

-463-Post Exploitation Using WMIC (System Command):

http://www.hackingarticles.in/post-exploitation-using-wmic-system-command

-464-Privilege Escalation in Linux using etc/passwd file:

http://www.hackingarticles.in/privilege-escalation-in-linux-using-etc-passwd-file

-465-RDP Pivoting with Metasploit:

http://www.hackingarticles.in/rdp-pivoting-metasploit

-466-A New Way to Hack Remote PC using Xerosploit and Metasploit:

http://www.hackingarticles.in/new-way-hack-remote-pc-using-xerosploit-metasploit

-467-Shell to Meterpreter using Session Command:

http://www.hackingarticles.in/shell-meterpreter-using-session-command

-468-SMTP Pentest Lab Setup in Ubuntu (Port 25):

http://www.hackingarticles.in/smtp-pentest-lab-setup-ubuntu

-469-SNMP Lab Setup and Penetration Testing:

http://www.hackingarticles.in/snmp-lab-setup-and-penetration-testing

-470-SQL Injection Exploitation in Multiple Targets using Sqlmap:

http://www.hackingarticles.in/sql-injection-exploitation-multiple-targets-using-sqlmap

-471-Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin):

http://www.hackingarticles.in/sql-injection-exploitation-sqlmap-burp-suite-burp-co2-plugin

-472-SSH Penetration Testing (Port 22):

http://www.hackingarticles.in/ssh-penetration-testing-port-22

-473-Manual Post Exploitation on Windows PC (System Command):

http://www.hackingarticles.in/manual-post-exploitation-windows-pc-system-command

-474-SSH Pivoting using Meterpreter:

http://www.hackingarticles.in/ssh-pivoting-using-meterpreter

-475-Stealing Windows Credentials of Remote PC with MS Office Document:

http://www.hackingarticles.in/stealing-windows-credentials-remote-pc-ms-office-document

-476-Telnet Pivoting through Meterpreter:

http://www.hackingarticles.in/telnet-pivoting-meterpreter

-477-Hack Password using Rogue Wi-Fi Access Point Attack (WiFi-Pumpkin):

http://www.hackingarticles.in/hack-password-using-rogue-wi-fi-access-point-attack-wifi-pumpkin

-478-Hack Remote PC using Fake Updates Scam with Ettercap and Metasploit:

http://www.hackingarticles.in/hack-remote-pc-using-fake-updates-scam-with-ettercap-and-metasploit

-479-Hack Remote Windows 10 Password in Plain Text using Wdigest Credential Caching Exploit:

http://www.hackingarticles.in/hack-remote-windows-10-password-plain-text-using-wdigest-credential-caching-exploit

-480-Hack Remote Windows 10 PC using TheFatRat:

http://www.hackingarticles.in/hack-remote-windows-10-pc-using-thefatrat

-481-2 Ways to Hack Windows 10 Password Easy Way:

http://www.hackingarticles.in/hack-windows-10-password-easy-way

-482-How to Change ALL Files Extension in Remote PC (Confuse File Extensions Attack):

http://www.hackingarticles.in/how-to-change-all-files-extension-in-remote-pc-confuse-file-extensions-attack

-483-How to Delete ALL Files in Remote Windows PC:

http://www.hackingarticles.in/how-to-delete-all-files-in-remote-windows-pc-2

-484-How to Encrypt Drive of Remote Victim PC:

http://www.hackingarticles.in/how-to-encrypt-drive-of-remote-victim-pc

-485-Post Exploitation in Linux With Metasploit:

https://pentestlab.blog/2013/01/04/post-exploitation-in-linux-with-metasploit

-486-Red Team:

https://posts.specterops.io/tagged/red-team?source=post

-487-Code Signing Certi cate Cloning Attacks and Defenses:

https://posts.specterops.io/tagged/code-signing?source=post

-488-Phishing:

https://posts.specterops.io/tagged/phishing?source=post

-489-PowerPick – A ClickOnce Adjunct:

http://www.sixdub.net/?p=555

-490-sql-injection-xss-playground:

https://ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground

-491-Privilege Escalation & Post-Exploitation:

https://github.com/rmusser01/Infosec_Reference/raw/master/Draft/Privilege%20Escalation%20%26%20Post-Exploitation.md

-492-https-payload-and-c2-redirectors:

https://posts.specterops.io/https-payload-and-c2-redirectors-ff8eb6f87742?source=placement_card_footer_grid---------2-41

-493-a-push-toward-transparency:

https://posts.specterops.io/a-push-toward-transparency-c385a0dd1e34?source=placement_card_footer_grid---------0-41

-494-bloodhound:

https://posts.specterops.io/tagged/bloodhound?source=post

-495-active directory:

https://posts.specterops.io/tagged/active-directory?source=post

-496-Load & Execute Bundles with migrationTool:

https://posts.specterops.io/load-execute-bundles-with-migrationtool-f952e276e1a6?source=placement_card_footer_grid---------1-41

-497-Outlook Forms and Shells:

https://sensepost.com/blog/2017/outlook-forms-and-shells/

-498-Tools:

https://sensepost.com/blog/tools/

-499-2018 pentesting resources:

https://sensepost.com/blog/2018/

-500-network pentest:

https://securityonline.info/category/penetration-testing/network-pentest/

-501-[technical] Pen-testing resources:

https://medium.com/p/cd01de9036ad

-502-Stored XSS on Facebook:

https://opnsec.com/2018/03/stored-xss-on-facebook/

-503-vulnerabilities:

https://www.brokenbrowser.com/category/vulnerabilities/

-504-Extending BloodHound: Track and Visualize Your Compromise:

https://porterhau5.com/.../extending-bloodhound-track-and-visualize-your-compromise

-505-so-you-want-to-be-a-web-security-researcher:

https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher

-506-BugBounty — AWS S3 added to my “Bucket” list!:

https://medium.com/p/f68dd7d0d1ce

-507-BugBounty — API keys leakage, Source code disclosure in India’s largest e-commerce health care company:

https://medium.com/p/c75967392c7e

-508-BugBounty — Exploiting CRLF Injection can lands into a nice bounty:

https://medium.com/p/159525a9cb62

-509-BugBounty — How I was able to bypass rewall to get RCE and then went from server shell to get root user account:

https://medium.com/p/783f71131b94

-510-BugBounty — “I don’t need your current password to login into youraccount” - How could I completely takeover any user’s account in an online classi ed ads company:

https://medium.com/p/e51a945b083d

-511-Ping Power — ICMP Tunnel:

https://medium.com/bugbountywriteup/ping-power-icmp-tunnel-31e2abb2aaea?source=placement_card_footer_grid---------1-41

-512-hacking:

https://www.nextleveltricks.com/hacking/

-513-Top 8 Best YouTube Channels To Learn Ethical Hacking Online !:

https://www.nextleveltricks.com/youtube-channels-to-learn-hacking/

-514-Google Dorks List 2018 | Fresh Google Dorks 2018 for SQLi:

https://www.nextleveltricks.com/latest-google-dorks-list/

-515-Art of Shellcoding: Basic AES Shellcode Crypter:

http://www.nipunjaswal.com/2018/02/shellcode-crypter.html

-516-Big List Of Google Dorks Hacking:

https://xspiyr.wordpress.com/2012/09/05/big-list-of-google-dorks-hacking/

-517-nmap-cheatsheet:

https://bitrot.sh/cheatsheet/09-12-2017-nmap-cheatsheet/

-518-Aws Recon:

https://enciphers.com/tag/aws-recon/

-519-Recon:

https://enciphers.com/tag/recon/

-520-Subdomain Enumeration:

https://enciphers.com/tag/subdomain-enumeration/

-521-Shodan:

https://enciphers.com/tag/shodan/

-522-Dump LAPS passwords with ldapsearch:

https://malicious.link/post/2017/dump-laps-passwords-with-ldapsearch/

-523-peepdf - PDF Analysis Tool:

http://eternal-todo.com/tools/peepdf-pdf-analysis-tool

-524-Evilginx 2 - Next Generation of Phishing 2FA Tokens:

breakdev.org/evilginx-2-next-generation-of-phishing-2fa-tokens/

-526-Evil XML with two encodings:

https://mohemiv.com/all/evil-xml/

-527-create-word-macros-with-powershell:

https://4sysops.com/archives/create-word-macros-with-powershell/

-528-Excess XSS A comprehensive tutorial on cross-site scripting:

https://excess-xss.com/

-529-Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts:

https://bohops.com/2018/01/07/executing-commands-and-bypassing-applocker-with-powershell-diagnostic-scripts/

-530-Abusing DCOM For Yet Another Lateral Movement Technique:

https://bohops.com/2018/04/28/abusing-dcom-for-yet-another-lateral-movement-technique/

-531-Trust Direction: An Enabler for Active Directory Enumeration and Trust Exploitation:

https://bohops.com/2017/12/02/trust-direction-an-enabler-for-active-directory-enumeration-and-trust-exploitation/

-532-Abusing DCOM For Yet Another Lateral Movement Technique:

https://bohops.com/2018/04/28/abusing-dcom-for-yet-another-lateral-movement-technique/

-533-“Practical recon techniques for bug hunters & pen testers”:

https://blog.appsecco.com/practical-recon-techniques-for-bug-hunters-pen-testers-at-levelup-0x02-b72c15641972?source=placement_card_footer_grid---------2-41

-534-Exploiting Node.js deserialization bug for Remote Code Execution:

https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/

-535-Exploiting System Shield AntiVirus Arbitrary Write Vulnerability using SeTakeOwnershipPrivilege:

http://www.greyhathacker.net/?p=1006

-536-Running Macros via ActiveX Controls:

http://www.greyhathacker.net/?p=948

-537-all=BUG+MALWARE+EXPLOITS

http://www.greyhathacker.net/?cat=18

-538-“FILELESS” UAC BYPASS USING EVENTVWR.EXE AND:

https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking

-539-BYPASSING UAC ON WINDOWS 10 USING DISK CLEANUP:

https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/

-540-A Look at CVE-2017-8715: Bypassing CVE-2017-0218 using PowerShell Module Manifests:

https://enigma0x3.net/2017/11/06/a-look-at-cve-2017-8715-bypassing-cve-2017-0218-using-powershell-module-manifests/

-541-“FILELESS” UAC BYPASS USING SDCLT.EXE:

https://enigma0x3.net/2017/03/17/fileless-uac-bypass-using-sdclt-exe

-542-File Upload XSS:

https://medium.com/p/83ea55bb9a55

-543-Firebase Databases:

https://medium.com/p/f651a7d49045

-544-Safe Red Team Infrastructure:

https://medium.com/@malcomvetter/safe-red-team-infrastructure-c5d6a0f13fac

-545-RED-TEAM:

https://cybersyndicates.com/tags/red-team/

-546-Egressing Bluecoat with Cobaltstike & Let's Encrypt:

https://www.youtube.com/watch?v=cgwfjCmKQwM

-547-Veil-Evasion:

https://cybersyndicates.com/tags/veil-evasion/

-548-Dangerous Virus For Windows Crashes Everything Hack window Using Virus:

http://thelearninghacking.com/create-virus-hack-windows/

-549-Download Google Dorks List 2019:

https://medium.com/p/323c8067502c

-550-Don’t leak sensitive data via security scanning tools:

https://medium.com/p/7d1f715f0486

-551-CRLF Injection Into PHP’s cURL Options:

https://medium.com/@tomnomnom/crlf-injection-into-phps-curl-options-e2e0d7cfe545?source=placement_card_footer_grid---------0-60

-552-Open Redirects & Security Done Right!:

https://medium.com/@AkshaySharmaUS/open-redirects-security-done-right-e524a3185496?source=placement_card_footer_grid---------2-60

-553-DOM XSS – auth.uber.com:

https://stamone-bug-bounty.blogspot.com/2017/10/dom-xss-auth_14.html

-554-PowerPoint and Custom Actions:

https://cofense.com/powerpoint-and-custom-actions/

-555-exploiting-adobe-coldfusion:

https://codewhitesec.blogspot.com/2018/03/exploiting-adobe-coldfusion.html

-556-Command and Control – HTTPS:

https://pentestlab.blog/2017/10/04/command-and-control-https

-557-Command and Control – Images:

https://pentestlab.blog/2018/01/02/command-and-control-images

-558-Command and Control – JavaScript:

https://pentestlab.blog/2018/01/08/command-and-control-javascript

-559-XSS-Payloads:

https://github.com/Pgaijin66/XSS-Payloads

-560-Command and Control – Web Interface:

https://pentestlab.blog/2018/01/03/command-and-control-web-interface

-561-Command and Control – Website:

https://pentestlab.blog/2017/11/14/command-and-control-website

-562-Command and Control – WebSocket:

https://pentestlab.blog/2017/12/06/command-and-control-websocket

-563-atomic-red-team:

https://github.com/redcanaryco/atomic-red-team

-564-PowerView-3.0-tricks.ps1:

https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

-565-awesome-sec-talks:

https://github.com/PaulSec/awesome-sec-talks

-566-Awesome-Red-Teaming:

https://github.com/yeyintminthuhtut/Awesome-Red-Teaming

-567-awesome-php:

https://github.com/ziadoz/awesome-php

-568-latest-hacks:

https://hackercool.com/latest-hacks/

-569-GraphQL NoSQL Injection Through JSON Types:

http://www.east5th.co/blog/2017/06/12/graphql-nosql-injection-through-json-types/

-570-Writing .NET Executables for Pentesters:

https://www.peew.pw/blog/2017/12/4/writing-net-executables-for-penteters-part-2

-571-A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

https://github.com/secfigo/Awesome-Fuzzing

-572-How to Shutdown, Restart, Logoff, and Hibernate Remote Windows PC:

http://www.hackingarticles.in/how-to-shutdown-restart-logoff-and-hibernate-remote-windows-pc

-572-Injecting Metasploit Payloads into Android Applications – Manually:

https://pentestlab.blog/2017/06/26/injecting-metasploit-payloads-into-android-applications-manually

-573-Google Dorks For Carding [Huge List] - Part 1:

https://hacker-arena.blogspot.com/2014/03/google-dorks-for-carding-huge-list-part.html

-574-Google dorks for growth hackers:

https://medium.com/p/7f83c8107057

-575-Google Dorks For Carding (HUGE LIST):

https://leetpedia.blogspot.com/2013/01/google-dorks-for-carding-huge-list.html

-576-BIGGEST SQL Injection Dorks List ~ 20K+ Dorks:

https://leetpedia.blogspot.com/2013/05/biggest-sql-injection-dorks-list-20k.html

-577-Pastebin Accounts Hacking (Facebook/Paypal/LR/Gmail/Yahoo, etc):

https://leetpedia.blogspot.com/2013/01/pastebin-accounts-hacking.html

-578-How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!:

http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html

-579-Hijacking VNC (Enum, Brute, Access and Crack):

https://medium.com/p/d3d18a4601cc

-580-Linux Post Exploitation Command List:

https://github.com/mubix/post-exploitation/wiki

-581-List of google dorks for sql injection:

https://deadlyhacker.wordpress.com/2013/05/09/list-of-google-dorks-for-sql-injection/

-582-Microsoft Office – NTLM Hashes via Frameset:

https://pentestlab.blog/2017/12/18/microsoft-office-ntlm-hashes-via-frameset

-583-Microsoft Windows 10 - Child Process Restriction Mitigation Bypass:

https://www.exploit-db.com/download/44888.txt

-584-Microsoft Windows CVE-2018-8210 Remote Code Execution Vulnerability:

https://www.securityfocus.com/bid/104407

-585-Microsoft Windows Kernel CVE-2018-0982 Local Privilege Escalation Vulnerability:

https://www.securityfocus.com/bid/104382

-586-miSafes Mi-Cam Device Hijacking:

https://packetstormsecurity.com/files/146504/SA-20180221-0.txt

-587-Low-Level Windows API Access From PowerShell:

https://www.fuzzysecurity.com/tutorials/24.html

-588-Linux Kernel 'mm/hugetlb.c' Local Denial of Service Vulnerability:

https://www.securityfocus.com/bid/103316

-589-Lateral Movement – RDP:

https://pentestlab.blog/2018/04/24/lateral-movement-rdp/

-590-Snagging creds from locked machines:

https://malicious.link/post/2016/snagging-creds-from-locked-machines/

-591-Making a Blind SQL Injection a Little Less Blind:

https://medium.com/p/428dcb614ba8

-592-VulnHub — Kioptrix: Level 5:

https://medium.com/@bondo.mike/vulnhub-kioptrix-level-5-88ab65146d48?source=placement_card_footer_grid---------1-60

-593-Unauthenticated Account Takeover Through HTTP Leak:

https://medium.com/p/33386bb0ba0b

-594-Hakluke’s Ultimate OSCP Guide: Part 1 — Is OSCP for you?:

https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440?source=placement_card_footer_grid---------2-43

-595-Finding Target-relevant Domain Fronts:

https://medium.com/@vysec.private/finding-target-relevant-domain-fronts-7f4ad216c223?source=placement_card_footer_grid---------0-44

-596-Safe Red Team Infrastructure:

https://medium.com/@malcomvetter/safe-red-team-infrastructure-c5d6a0f13fac?source=placement_card_footer_grid---------1-60

-597-Cobalt Strike Visualizations:

https://medium.com/@001SPARTaN/cobalt-strike-visualizations-e6a6e841e16b?source=placement_card_footer_grid---------2-60

-598-OWASP Top 10 2017 — Web Application Security Risks:

https://medium.com/p/31f356491712

-599-XSS-Auditor — the protector of unprotected:

https://medium.com/bugbountywriteup/xss-auditor-the-protector-of-unprotected-f900a5e15b7b?source=placement_card_footer_grid---------0-60

-600-Netcat vs Cryptcat – Remote Shell to Control Kali Linux from Windows machine:

https://gbhackers.com/netcat-vs-cryptcat

-601-Jenkins Servers Infected With Miner.:

https://medium.com/p/e370a900ab2e

-602-cheat-sheet:

http://pentestmonkey.net/category/cheat-sheet

-603-Command and Control – Website Keyword:

https://pentestlab.blog/2017/09/14/command-and-control-website-keyword/

-604-Command and Control – Twitter:

https://pentestlab.blog/2017/09/26/command-and-control-twitter/

-605-Command and Control – Windows COM:

https://pentestlab.blog/2017/09/01/command-and-control-windows-com/

-606-Microsoft Office – NTLM Hashes via Frameset:

https://pentestlab.blog/2017/12/18/microsoft-office-ntlm-hashes-via-frameset/

-607-PHISHING AGAINST PROTECTED VIEW:

https://enigma0x3.net/2017/07/13/phishing-against-protected-view/

-608-PHISHING WITH EMPIRE:

https://enigma0x3.net/2016/03/15/phishing-with-empire/

-609-Reverse Engineering Android Applications:

https://pentestlab.blog/2017/02/06/reverse-engineering-android-applications/

-610-HTML Injection:

https://pentestlab.blog/2013/06/26/html-injection/

-611-Meterpreter stage AV/IDS evasion with powershell:

https://arno0x0x.wordpress.com/2016/04/13/meterpreter-av-ids-evasion-powershell/

-612-Windows Atomic Tests by ATT&CK Tactic & Technique:

https://github.com/redcanaryco/atomic-red-team/raw/master/atomics/windows-index.md

-613-Windows Active Directory Post Exploitation Cheatsheet:

https://medium.com/p/48c2bd70388

-614-Windows 10 UAC Loophole Can Be Used to Infect Systems with Malware:

http://news.softpedia.com/news/windows-10-uac-loophole-can-be-used-to-infect-systems-with-malware-513996.shtml

-615-How to Bypass Anti-Virus to Run Mimikatz:

https://www.blackhillsinfosec.com/bypass-anti-virus-run-mimikatz/

-616-Userland API Monitoring and Code Injection Detection:

https://0x00sec.org/t/userland-api-monitoring-and-code-injection-detection/5565

-617-USE TOR. USE EMPIRE.:

http://secureallthethings.blogspot.com/2016/11/use-tor-use-empire.html

-617-ADVANCED CROSS SITE SCRIPTING (XSS) CHEAT SHEET:

https://www.muhaddis.info/advanced-cross-site-scripting-xss-cheat-sheet/

-618-Empire without PowerShell.exe:

https://bneg.io/2017/07/26/empire-without-powershell-exe/

-619-RED TEAM:

https://bneg.io/category/red-team/

-620-PDF Tools:

https://blog.didierstevens.com/programs/pdf-tools/

-621-DNS Data ex ltration — What is this and How to use?

https://blog.fosec.vn/dns-data-exfiltration-what-is-this-and-how-to-use-2f6c69998822

-621-Google Dorks:

https://medium.com/p/7cfd432e0cf3

-622-Hacking with JSP Shells:

https://blog.netspi.com/hacking-with-jsp-shells/

-623-Malware Analysis:

https://github.com/RPISEC/Malware/raw/master/README.md

-624-A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.:

https://github.com/SandySekharan/CTF-tool

-625-Group Policy Preferences:

https://pentestlab.blog/2017/03/20/group-policy-preferences

-627-CHECKING FOR MALICIOUSNESS IN AC OFORM OBJECTS ON PDF FILES:

https://furoner.wordpress.com/2017/11/15/checking-for-maliciousness-in-acroform-objects-on-pdf-files

-628-deobfuscation:

https://furoner.wordpress.com/tag/deobfuscation/

-629-POWERSHELL EMPIRE STAGERS 1: PHISHING WITH AN OFFICE MACRO AND EVADING AVS:

https://fzuckerman.wordpress.com/2016/10/06/powershell-empire-stagers-1-phishing-with-an-office-macro-and-evading-avs/

-630-A COMPREHENSIVE TUTORIAL ON CROSS-SITE SCRIPTING:

https://fzuckerman.wordpress.com/2016/10/06/a-comprehensive-tutorial-on-cross-site-scripting/

-631-GCAT – BACKDOOR EM PYTHON:

https://fzuckerman.wordpress.com/2016/10/06/gcat-backdoor-em-python/

-632-Latest Carding Dorks List for Sql njection 2019:

https://latestechnews.com/carding-dorks/

-633-google docs for credit card:

https://latestechnews.com/tag/google-docs-for-credit-card/

-634-How To Scan Multiple Organizations With Shodan and Golang (OSINT):

https://medium.com/p/d994ba6a9587

-635-How to Evade Application Whitelisting Using REGSVR32:

https://www.blackhillsinfosec.com/evade-application-whitelisting-using-regsvr32/

-636-phishing:

https://www.blackhillsinfosec.com/tag/phishing/

-637-Merlin in action: Intro to Merlin:

https://asciinema.org/a/ryljo8qNjHz1JFcFDK7wP6e9I

-638-IP Cams from around the world:

https://medium.com/p/a6f269f56805

-639-Advanced Cross Site Scripting(XSS) Cheat Sheet by Jaydeep Dabhi:

https://jaydeepdabhi.wordpress.com/2016/01/12/advanced-cross-site-scriptingxss-cheat-sheet-by-jaydeep-dabhi/

-640-Just how easy it is to do a domain or subdomain take over!?:

https://medium.com/p/265d635b43d8

-641-How to Create hidden user in Remote PC:

http://www.hackingarticles.in/create-hidden-remote-metaspolit

-642-Process Doppelgänging – a new way to impersonate a process:

https://hshrzd.wordpress.com/2017/12/18/process-doppelganging-a-new-way-to-impersonate-a-process/

-643-How to turn a DLL into astandalone EXE:

https://hshrzd.wordpress.com/2016/07/21/how-to-turn-a-dll-into-a-standalone-exe/

-644-Hijacking extensions handlers as a malware persistence method:

https://hshrzd.wordpress.com/2017/05/25/hijacking-extensions-handlers-as-a-malware-persistence-method/

-645-I'll Get Your Credentials ... Later!:

https://www.fuzzysecurity.com/tutorials/18.html

-646-Game Over: CanYouPwnMe > Kevgir-1:

https://www.fuzzysecurity.com/tutorials/26.html

-647-IKARUS anti.virus and its 9 exploitable kernel vulnerabilities:

http://www.greyhathacker.net/?p=995

-648-Getting started in Bug Bounty:

https://medium.com/p/7052da28445a

-649-Union SQLi Challenges (Zixem Write-up):

https://medium.com/ctf-writeups/union-sqli-challenges-zixem-write-up-4e74ad4e88b4?source=placement_card_footer_grid---------2-60

-650-scanless – A Tool for Perform Anonymous Port Scan on Target Websites:

https://gbhackers.com/scanless-port-scans-websites-behalf

-651-WEBAPP PENTEST:

https://securityonline.info/category/penetration-testing/webapp-pentest/

-652-Cross-Site Scripting (XSS) Payloads:

https://securityonline.info/tag/cross-site-scripting-xss-payloads/

-653-sg1: swiss army knife for data encryption, exfiltration & covert communication:

https://securityonline.info/tag/sg1/

-654-NETWORK PENTEST:

https://securityonline.info/category/penetration-testing/network-pentest/

-655-SQL injection in an UPDATE query - a bug bounty story!:

https://zombiehelp54.blogspot.com/2017/02/sql-injection-in-update-query-bug.html

-656-Cross-site Scripting:

https://www.netsparker.com/blog/web-security/cross-site-scripting-xss/

-657-Local File Inclusion:

https://www.netsparker.com/blog/web-security/local-file-inclusion-vulnerability/

-658-Command Injection:

https://www.netsparker.com/blog/web-security/command-injection-vulnerability/

-659-a categorized list of Windows CMD commands:

https://ss64.com/nt/commands.html

-660-Understanding Guide for Nmap Timing Scan (Firewall Bypass):

http://www.hackingarticles.in/understanding-guide-nmap-timing-scan-firewall-bypass

-661-RFID Hacking with The Proxmark 3:

https://blog.kchung.co/tag/rfid/

-662-A practical guide to RFID badge copying:

https://blog.nviso.be/2017/01/11/a-practical-guide-to-rfid-badge-copying

-663-Denial of Service using Cookie Bombing:

https://medium.com/p/55c2d0ef808c

-664-Vultr Domain Hijacking:

https://vincentyiu.co.uk/red-team/cloud-security/vultr-domain-hijacking

-665-Command and Control:

https://vincentyiu.co.uk/red-team/domain-fronting

-666-Cisco Auditing Tool & Cisco Global Exploiter to Exploit 14 Vulnerabilities in Cisco Switches and Routers:

https://gbhackers.com/cisco-global-exploiter-cge

-667-CHECKING FOR MALICIOUSNESS IN ACROFORM OBJECTS ON PDF FILES:

https://furoner.wordpress.com/2017/11/15/checking-for-maliciousness-in-acroform-objects-on-pdf-files

-668-Situational Awareness:

https://pentestlab.blog/2018/05/28/situational-awareness/

-669-Unquoted Service Path:

https://pentestlab.blog/2017/03/09/unquoted-service-path

-670-NFS:

https://pentestacademy.wordpress.com/2017/09/20/nfs/

-671-List of Tools for Pentest Rookies:

https://pentestacademy.wordpress.com/2016/09/20/list-of-tools-for-pentest-rookies/

-672-Common Windows Commands for Pentesters:

https://pentestacademy.wordpress.com/2016/06/21/common-windows-commands-for-pentesters/

-673-Open-Source Intelligence (OSINT) Reconnaissance:

https://medium.com/p/75edd7f7dada

-674-OSINT x UCCU Workshop on Open Source Intelligence:

https://www.slideshare.net/miaoski/osint-x-uccu-workshop-on-open-source-intelligence

-675-Advanced Attack Techniques:

https://www.cyberark.com/threat-research-category/advanced-attack-techniques/

-676-Credential Theft:

https://www.cyberark.com/threat-research-category/credential-theft/

-678-The Cloud Shadow Admin Threat: 10 Permissions to Protect:

https://www.cyberark.com/threat-research-blog/cloud-shadow-admin-threat-10-permissions-protect/

-679-Online Credit Card Theft: Today’s Browsers Store Sensitive Information Deficiently, Putting User Data at Risk:

https://www.cyberark.com/threat-research-blog/online-credit-card-theft-todays-browsers-store-sensitive-information-deficiently-putting-user-data-risk/

-680-Weakness Within: Kerberos Delegation:

https://www.cyberark.com/threat-research-blog/weakness-within-kerberos-delegation/

-681-Simple Domain Fronting PoC with GAE C2 server:

https://www.securityartwork.es/2017/01/31/simple-domain-fronting-poc-with-gae-c2-server/

-682-Find Critical Information about a Host using DMitry:

https://www.thehackr.com/find-critical-information-host-using-dmitry/

-683-How To Do OS Fingerprinting In Kali Using Xprobe2:

http://disq.us/?url=http%3A%2F%2Fwww.thehackr.com%2Fos-fingerprinting-kali%2F&key=scqgRVMQacpzzrnGSOPySA

-684-Crack SSH, FTP, Telnet Logins Using Hydra:

https://www.thehackr.com/crack-ssh-ftp-telnet-logins-using-hydra/

-685-Reveal Saved Passwords in Browser using JavaScript Injection:

https://www.thehackr.com/reveal-saved-passwords-browser-using-javascript-injection/

-686-Nmap Cheat Sheet:

https://s3-us-west-2.amazonaws.com/stationx-public-download/nmap_cheet_sheet_0.6.pdf

-687-Manual Post Exploitation on Windows PC (Network Command):

http://www.hackingarticles.in/manual-post-exploitation-windows-pc-network-command

-688-Hack Gmail or Facebook Password of Remote PC using NetRipper Exploitation Tool:

http://www.hackingarticles.in/hack-gmail-or-facebook-password-of-remote-pc-using-netripper-exploitation-tool

-689-Hack Locked Workstation Password in Clear Text:

http://www.hackingarticles.in/hack-locked-workstation-password-clear-text

-690-How to Find ALL Excel, Office, PDF, and Images in Remote PC:

http://www.hackingarticles.in/how-to-find-all-excel-office-pdf-images-files-in-remote-pc

-691-red-teaming:

https://www.redteamsecure.com/category/red-teaming/

-692-Create a Fake AP and Sniff Data mitmAP:

http://www.uaeinfosec.com/create-fake-ap-sniff-data-mitmap/

-693-Bruteforcing From Nmap Output BruteSpray:

http://www.uaeinfosec.com/bruteforcing-nmap-output-brutespray/

-694-Reverse Engineering Framework radare2:

http://www.uaeinfosec.com/reverse-engineering-framework-radare2/

-695-Automated ettercap TCP/IP Hijacking Tool Morpheus:

http://www.uaeinfosec.com/automated-ettercap-tcpip-hijacking-tool-morpheus/

-696-List Of Vulnerable SQL Injection Sites:

https://www.blogger.com/share-post.g?blogID=1175829128367570667&postID=4652029420701251199

-697-Command and Control – Gmail:

https://pentestlab.blog/2017/08/03/command-and-control-gmail/

-698-Command and Control – DropBox:

https://pentestlab.blog/2017/08/29/command-and-control-dropbox/

-699-Skeleton Key:

https://pentestlab.blog/2018/04/10/skeleton-key/

-700-Secondary Logon Handle:

https://pentestlab.blog/2017/04/07/secondary-logon-handle

-701-Hot Potato:

https://pentestlab.blog/2017/04/13/hot-potato

-702-Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2):

https://bohops.com/2018/03/10/leveraging-inf-sct-fetch-execute-techniques-for-bypass-evasion-persistence-part-2/

-703-Linux-Kernel-exploits:

http://tacxingxing.com/category/exploit/kernel-exploit/

-704-Linux-Kernel-Exploit Stack Smashing:

http://tacxingxing.com/2018/02/26/linuxkernelexploit-stack-smashing/

-705-Linux Kernel Exploit Environment:

http://tacxingxing.com/2018/02/15/linuxkernelexploit-huan-jing-da-jian/

-706-Linux-Kernel-Exploit NULL dereference:

http://tacxingxing.com/2018/02/22/linuxkernelexploit-null-dereference/

-707-Apache mod_python for red teams:

https://labs.nettitude.com/blog/apache-mod_python-for-red-teams/

-708-Bounty Write-up (HTB):

https://medium.com/p/9b01c934dfd2/

709-CTF Writeups:

https://medium.com/ctf-writeups

-710-Detecting Malicious Microsoft Office Macro Documents:

http://www.greyhathacker.net/?p=872

-711-SQL injection in Drupal:

https://hackerone.com/reports/31756

-712-XSS and open redirect on Twitter:

https://hackerone.com/reports/260744

-713-Shopify login open redirect:

https://hackerone.com/reports/55546

-714-HackerOne interstitial redirect:

https://hackerone.com/reports/111968

-715-Ubiquiti sub-domain takeovers:

https://hackerone.com/reports/181665

-716-Scan.me pointing to Zendesk:

https://hackerone.com/reports/114134

-717-Starbucks' sub-domain takeover:

https://hackerone.com/reports/325336

-718-Vine's sub-domain takeover:

https://hackerone.com/reports/32825

-719-Uber's sub-domain takeover:

https://hackerone.com/reports/175070

-720-Read access to Google:

https://blog.detectify.com/2014/04/11/how-we-got-read-access-on-googles-production-servers/

-721-A Facebook XXE with Word:

https://www.bram.us/2014/12/29/how-i-hacked-facebook-with-a-word-document/

-722-The Wikiloc XXE:

https://www.davidsopas.com/wikiloc-xxe-vulnerability/

-723-Uber Jinja2 TTSI:

https://hackerone.com/reports/125980

-724-Uber Angular template injection:

https://hackerone.com/reports/125027

-725-Yahoo Mail stored XSS:

https://klikki.fi/adv/yahoo2.html

-726-Google image search XSS:

https://mahmoudsec.blogspot.com/2015/09/how-i-found-xss-vulnerability-in-google.html

-727-Shopify Giftcard Cart XSS :

https://hackerone.com/reports/95089

-728-Shopify wholesale XSS :

https://hackerone.com/reports/106293

-729-Bypassing the Shopify admin authentication:

https://hackerone.com/reports/270981

-730-Starbucks race conditions:

https://sakurity.com/blog/2015/05/21/starbucks.html

-731-Binary.com vulnerability – stealing a user's money:

https://hackerone.com/reports/98247

-732-HackerOne signal manipulation:

https://hackerone.com/reports/106305

-733-Shopify S buckets open:

https://hackerone.com/reports/98819

-734-HackerOne S buckets open:

https://hackerone.com/reports/209223

-735-Bypassing the GitLab 2F authentication:

https://gitlab.com/gitlab-org/gitlab-ce/issues/14900

-736-Yahoo PHP info disclosure:

https://blog.it-securityguard.com/bugbounty-yahoo-phpinfo-php-disclosure-2/

-737-Shopify for exporting installed users:

https://hackerone.com/reports/96470

-738-Shopify Twitter disconnect:

https://hackerone.com/reports/111216

-739-Badoo full account takeover:

https://hackerone.com/reports/127703

-740-Disabling PS Logging:

https://github.com/leechristensen/Random/blob/master/CSharp/DisablePSLogging.cs

-741-macro-less-code-exec-in-msword:

https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/

-742-5 ways to Exploiting PUT Vulnerability:

http://www.hackingarticles.in/5-ways-to-exploiting-put-vulnerabilit

-743-5 Ways to Exploit Verb Tempering Vulnerability:

http://www.hackingarticles.in/5-ways-to-exploit-verb-tempering-vulnerability

-744-5 Ways to Hack MySQL Login Password:

http://www.hackingarticles.in/5-ways-to-hack-mysql-login-password

-745-5 Ways to Hack SMB Login Password:

http://www.hackingarticles.in/5-ways-to-hack-smb-login-password

-746-6 Ways to Hack FTP Login Password:

http://www.hackingarticles.in/6-ways-to-hack-ftp-login-password

-746-6 Ways to Hack SNMP Password:

http://www.hackingarticles.in/6-ways-to-hack-snmp-password

-747-6 Ways to Hack VNC Login Password:

http://www.hackingarticles.in/6-ways-to-hack-vnc-login-password

-748-Access Sticky keys Backdoor on Remote PC with Sticky Keys Hunter:

http://www.hackingarticles.in/access-sticky-keys-backdoor-remote-pc-sticky-keys-hunter

-749-Beginner Guide to IPtables:

http://www.hackingarticles.in/beginner-guide-iptables

-750-Beginner Guide to impacket Tool kit:

http://www.hackingarticles.in/beginner-guide-to-impacket-tool-kit

-751-Exploit Remote Windows 10 PC using Discover Tool:

http://www.hackingarticles.in/exploit-remote-windows-10-pc-using-discover-tool

-752-Forensics Investigation of Remote PC (Part 2):

http://www.hackingarticles.in/forensics-investigation-of-remote-pc-part-2

-753-5 ways to File upload vulnerability Exploitation:

http://www.hackingarticles.in/5-ways-file-upload-vulnerability-exploitation

-754-FTP Penetration Testing in Ubuntu (Port 21):

http://www.hackingarticles.in/ftp-penetration-testing-in-ubuntu-port-21

-755-FTP Penetration Testing on Windows (Port 21):

http://www.hackingarticles.in/ftp-penetration-testing-windows

-756-FTP Pivoting through RDP:

http://www.hackingarticles.in/ftp-pivoting-rdp

-757-Fun with Metasploit Payloads:

http://www.hackingarticles.in/fun-metasploit-payloads

-758-Gather Cookies and History of Mozilla Firefox in Remote Windows, Linux or MAC PC:

http://www.hackingarticles.in/gather-cookies-and-history-of-mozilla-firefox-in-remote-windows-linux-or-mac-pc

-759-Generating Reverse Shell using Msfvenom (One Liner Payload):

http://www.hackingarticles.in/generating-reverse-shell-using-msfvenom-one-liner-payload

-760-Generating Scan Reports Using Nmap (Output Scan):

http://www.hackingarticles.in/generating-scan-reports-using-nmap-output-scan

-761-Get Meterpreter Session of Locked PC Remotely (Remote Desktop Enabled):

http://www.hackingarticles.in/get-meterpreter-session-locked-pc-remotely-remote-desktop-enabled

-762-Hack ALL Security Features in Remote Windows 7 PC:

http://www.hackingarticles.in/hack-all-security-features-in-remote-windows-7-pc

-763-5 ways to Exploit LFi Vulnerability:

http://www.hackingarticles.in/5-ways-exploit-lfi-vulnerability

-764-5 Ways to Directory Bruteforcing on Web Server:

http://www.hackingarticles.in/5-ways-directory-bruteforcing-web-server

-765-Hack Call Logs, SMS, Camera of Remote Android Phone using Metasploit:

http://www.hackingarticles.in/hack-call-logs-sms-camera-remote-android-phone-using-metasploit

-766-Hack Gmail and Facebook Password in Network using Bettercap:

http://www.hackingarticles.in/hack-gmail-facebook-password-network-using-bettercap

-767-ICMP Penetration Testing:

http://www.hackingarticles.in/icmp-penetration-testing

-768-Understanding Guide to Mimikatz:

http://www.hackingarticles.in/understanding-guide-mimikatz

-769-5 Ways to Create Dictionary for Bruteforcing:

http://www.hackingarticles.in/5-ways-create-dictionary-bruteforcing

-770-Linux Privilege Escalation using LD_Preload:

http://www.hackingarticles.in/linux-privilege-escalation-using-ld_preload/

-771-2 Ways to Hack Remote Desktop Password using kali Linux:

http://www.hackingarticles.in/2-ways-to-hack-remote-desktop-password-using-kali-linux

-772-2 ways to use Msfvenom Payload with Netcat:

http://www.hackingarticles.in/2-ways-use-msfvenom-payload-netcat

-773-4 ways to Connect Remote PC using SMB Port:

http://www.hackingarticles.in/4-ways-connect-remote-pc-using-smb-port

-774-4 Ways to DNS Enumeration:

http://www.hackingarticles.in/4-ways-dns-enumeration

-775-4 Ways to get Linux Privilege Escalation:

http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation

-776-101+ OSINT Resources for Investigators [2019]:

https://i-sight.com/resources/101-osint-resources-for-investigators/

-777-Week in OSINT #2019–02:

https://medium.com/week-in-osint/week-in-osint-2019-02-d4009c27e85f

-778-OSINT Cheat Sheet:

https://hack2interesting.com/osint-cheat-sheet/

-779-OSINT Cheat Sheet:

https://infoskirmish.com/osint-cheat-sheet/

-780-OSINT Links for Investigators:

https://i-sight.com/resources/osint-links-for-investigators/

-781- Metasploit Cheat Sheet :

https://www.kitploit.com/2019/02/metasploit-cheat-sheet.html

-782- Exploit Development Cheat Sheet:

https://github.com/coreb1t/awesome-pentest-cheat-sheets/commit/5b83fa9cfb05f4774eb5e1be2cde8dbb04d011f4

-783-Building Profiles for a Social Engineering Attack:

https://pentestlab.blog/2012/04/19/building-profiles-for-a-social-engineering-attack/

-784-Practical guide to NTLM Relaying in 2017 (A.K.A getting a foothold in under 5 minutes):

https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html

-785-Getting the goods with CrackMapExec: Part 2:

https://byt3bl33d3r.github.io/tag/crackmapexec.html

-786-Bug Hunting Methodology (part-1):

https://medium.com/p/91295b2d2066

-787-Exploring Cobalt Strike's ExternalC2 framework:

https://blog.xpnsec.com/exploring-cobalt-strikes-externalc2-framework/

-788-Airbnb – When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities:

https://buer.haus/2017/03/08/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-vulnerabilities/

-789-Adversarial Tactics, Techniques & Common Knowledge:

https://attack.mitre.org/wiki/Main_Page

-790-Bug Bounty — Tips / Tricks / JS (JavaScript Files):

https://medium.com/p/bdde412ea49d

-791-Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition):

https://medium.com/p/f88a9f383fcc

-792-DiskShadow: The Return of VSS Evasion, Persistence, and Active Directory Database Extraction:

https://bohops.com/2018/03/26/diskshadow-the-return-of-vss-evasion-persistence-and-active-directory-database-extraction/

-793-Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts:

https://bohops.com/2018/01/07/executing-commands-and-bypassing-applocker-with-powershell-diagnostic-scripts/

-794-ClickOnce (Twice or Thrice): A Technique for Social Engineering and (Un)trusted Command Execution:

https://bohops.com/2017/12/02/clickonce-twice-or-thrice-a-technique-for-social-engineering-and-untrusted-command-execution/

-795-Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2):

https://bohops.com/2018/03/10/leveraging-inf-sct-fetch-execute-techniques-for-bypass-evasion-persistence-part-2/

-796-DiskShadow: The Return of VSS Evasion, Persistence, and Active Directory Database Extraction:

https://bohops.com/2018/03/26/diskshadow-the-return-of-vss-evasion-persistence-and-active-directory-database-extraction/

-797-Trust Direction: An Enabler for Active Directory Enumeration and Trust Exploitation:

https://bohops.com/2017/12/02/trust-direction-an-enabler-for-active-directory-enumeration-and-trust-exploitation/

-798-DiskShadow: The Return of VSS Evasion, Persistence, and Active Directory Database Extraction:

https://bohops.com/2018/03/26/diskshadow-the-return-of-vss-evasion-persistence-and-active-directory-database-extraction/

-799-Abusing Exported Functions and Exposed DCOM Interfaces for Pass-Thru Command Execution and Lateral Movement:

https://bohops.com/2018/03/17/abusing-exported-functions-and-exposed-dcom-interfaces-for-pass-thru-command-execution-and-lateral-movement/

-800-Capcom Rootkit Proof-Of-Concept:

https://www.fuzzysecurity.com/tutorials/28.html

-801-Linux Privilege Escalation using Misconfigured NFS:

http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/

-802-Beginners Guide for John the Ripper (Part 1):

http://www.hackingarticles.in/beginner-guide-john-the-ripper-part-1/

-803-Working of Traceroute using Wireshark:

http://www.hackingarticles.in/working-of-traceroute-using-wireshark/

-804-Multiple Ways to Get root through Writable File:

http://www.hackingarticles.in/multiple-ways-to-get-root-through-writable-file/

-805-4 ways to SMTP Enumeration:

http://www.hackingarticles.in/4-ways-smtp-enumeration

-806-4 ways to Hack MS SQL Login Password:

http://www.hackingarticles.in/4-ways-to-hack-ms-sql-login-password

-807-4 Ways to Hack Telnet Passsword:

http://www.hackingarticles.in/4-ways-to-hack-telnet-passsword

-808-5 ways to Brute Force Attack on WordPress Website:

http://www.hackingarticles.in/5-ways-brute-force-attack-wordpress-website

-809-5 Ways to Crawl a Website:

http://www.hackingarticles.in/5-ways-crawl-website

-810-Local Linux Enumeration & Privilege Escalation Cheatsheet:

https://www.rebootuser.com/?p=1623

-811-The Drebin Dataset:

https://www.sec.cs.tu-bs.de/~danarp/drebin/download.html

-812-ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes, and everything else:

https://www.slideshare.net/x00mario/es6-en

-813-IT and Information Security Cheat Sheets:

https://zeltser.com/cheat-sheets/

-814-Cheat Sheets - DFIR Training:

https://www.dfir.training/cheat-sheets

-815-WinDbg Malware Analysis Cheat Sheet:

https://oalabs.openanalysis.net/2019/02/18/windbg-for-malware-analysis/

-819-Cheat Sheet for Analyzing Malicious Software:

https://www.prodefence.org/cheat-sheet-for-analyzing-malicious-software/

-820-Analyzing Malicious Documents Cheat Sheet - Prodefence:

https://www.prodefence.org/analyzing-malicious-documents-cheat-sheet-2/

-821-Cheat Sheets - SANS Digital Forensics:

https://digital-forensics.sans.org/community/cheat-sheets

-822-Linux Command Line Forensics and Intrusion Detection Cheat Sheet:

https://www.sandflysecurity.com/blog/compromised-linux-cheat-sheet/

-823-Windows Registry Auditing Cheat Sheet:

https://www.slideshare.net/Hackerhurricane/windows-registry-auditing-cheat-sheet-ver-jan-2016-malwarearchaeology

-824-Cheat Sheet of Useful Commands Every Kali Linux User Needs To Know:

https://kennyvn.com/cheatsheet-useful-bash-commands-linux/

-825-kali-linux-cheatsheet:

https://github.com/NoorQureshi/kali-linux-cheatsheet

-826-8 Best Kali Linux Terminal Commands used by Hackers (2019 Edition):

https://securedyou.com/best-kali-linux-commands-terminal-hacking/

-827-Kali Linux Commands Cheat Sheet:

https://www.pinterest.com/pin/393431717429496576/

-827-Kali Linux Commands Cheat Sheet A To Z:

https://officialhacker.com/linux-commands-cheat-sheet/

-828-Linux commands CHEATSHEET for HACKERS:

https://www.reddit.com/r/Kalilinux/.../linux_commands_cheatsheet_for_hackers/

-829-100 Linux Commands – A Brief Outline With Cheatsheet:

https://fosslovers.com/100-linux-commands-cheatsheet/

-830-Kali Linux – Penetration Testing Cheat Sheet:

https://uwnthesis.wordpress.com/2016/06/.../kali-linux-penetration-testing-cheat-sheet/

-831-Basic Linux Terminal Shortcuts Cheat Sheet :

https://computingforgeeks.com/basic-linux-terminal-shortcuts-cheat-sheet/

-832-List Of 220+ Kali Linux and Linux Commands Line {Free PDF} :

https://itechhacks.com/kali-linux-and-linux-commands/

-833-Transferring files from Kali to Windows (post exploitation):

https://blog.ropnop.com/transferring-files-from-kali-to-windows/

-834-The Ultimate Penetration Testing Command Cheat Sheet for Kali Linux:

https://www.hostingland.com/.../the-ultimate-penetration-testing-command-cheat-sheet

-835-What is penetration testing? 10 hacking tools the pros use:

https://www.csoonline.com/article/.../17-penetration-testing-tools-the-pros-use.html

-836-Best Hacking Tools List for Hackers & Security Professionals in 2019:

https://gbhackers.com/hacking-tools-list/

-837-ExploitedBunker PenTest Cheatsheet:

https://exploitedbunker.com/articles/pentest-cheatsheet/

-838-How to use Zarp for penetration testing:

https://www.techrepublic.com/article/how-to-use-zarp-for-penetration-testing/

-839-Wireless Penetration Testing Cheat Sheet;

https://uceka.com/2014/05/12/wireless-penetration-testing-cheat-sheet/

-840-Pentest Cheat Sheets:

https://www.cheatography.com/tag/pentest/

-841-40 Best Penetration Testing (Pen Testing) Tools in 2019:

https://www.guru99.com/top-5-penetration-testing-tools.html

-842-Metasploit Cheat Sheet:

https://www.hacking.land/2019/02/metasploit-cheat-sheet.html

-843-OSCP useful resources and tools;

https://acknak.fr/en/articles/oscp-tools/

-844-Pentest + Exploit dev Cheatsheet:

https://ehackings.com/all-posts/pentest-exploit-dev-cheatsheet/

-845-What is Penetration Testing? A Quick Guide for 2019:

https://www.cloudwards.net/penetration-testing/

-846-Recon resource:

https://pentester.land/cheatsheets/2019/04/15/recon-resources.html

-847-Network Recon Cheat Sheet:

https://www.cheatography.com/coffeefueled/cheat-sheets/network-recon/

-848-Recon Cheat Sheets:

https://www.cheatography.com/tag/recon/

-849-Penetration Testing Active Directory, Part II:

https://hausec.com/2019/03/12/penetration-testing-active-directory-part-ii/

-850-Reverse-engineering Cheat Sheets:

https://www.cheatography.com/tag/reverse-engineering/

-851-Reverse Engineering Cheat Sheet:

https://www.scribd.com/doc/38163906/Reverse-Engineering-Cheat-Sheet

-852-ATOMBOMBING: BRAND NEW CODE INJECTION FOR WINDOWS:

https://blog.ensilo.com/atombombing-brand-new-code-injection-for-windows

-853-PROPagate:

http://www.hexacorn.com/blog/2017/10/26/propagate-a-new-code-injection-trick/

-854-Process Doppelgänging, by Tal Liberman and Eugene Kogan::

https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf

-855-Gargoyle:

https://jlospinoso.github.io/security/assembly/c/cpp/developing/software/2017/03/04/gargoyle-memory-analysis-evasion.html

-856-GHOSTHOOK:

https://www.cyberark.com/threat-research-blog/ghosthook-bypassing-patchguard-processor-trace-based-hooking/

-857-Learn C:

https://www.programiz.com/c-programming

-858-x86 Assembly Programming Tutorial:

https://www.tutorialspoint.com/assembly_programming/

-859-Dr. Paul Carter's PC Assembly Language:

http://pacman128.github.io/pcasm/

-860-Introductory Intel x86 - Architecture, Assembly, Applications, and Alliteration:

http://opensecuritytraining.info/IntroX86.html

-861-x86 Disassembly:

https://en.wikibooks.org/wiki/X86_Disassembly

-862-use-of-dns-tunneling-for-cc-communications-malware:

https://securelist.com/use-of-dns-tunneling-for-cc-communications/78203/

-863-Using IDAPython to Make Your Life Easier (Series)::

https://researchcenter.paloaltonetworks.com/2015/12/using-idapython-to-make-your-life-easier-part-1/

-864-NET binary analysis:

https://cysinfo.com/cyber-attack-targeting-cbi-and-possibly-indian-army-officials/

-865-detailed analysis of the BlackEnergy3 big dropper:

https://cysinfo.com/blackout-memory-analysis-of-blackenergy-big-dropper/

-866-detailed analysis of Uroburos rootkit:

https://www.gdatasoftware.com/blog/2014/06/23953-analysis-of-uroburos-using-windbg

-867-TCP/IP and tcpdump Pocket Reference Guide:

https://www.sans.org/security-resources/tcpip.pdf

-868-TCPDUMP Cheatsheet:

http://packetlife.net/media/library/12/tcpdump.pdf

-869-Scapy Cheatsheet:

http://packetlife.net/media/library/36/scapy.pdf

-870-WIRESHARK DISPLAY FILTERS:

http://packetlife.net/media/library/13/Wireshark_Display_Filters.pdf

-871-Windows command line sheet:

https://www.sans.org/security-resources/sec560/windows_command_line_sheet_v1.pdf

-872-Metasploit cheat sheet:

https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

-873-IPv6 Cheatsheet:

http://packetlife.net/media/library/8/IPv6.pdf

-874-IPv4 Subnetting:

http://packetlife.net/media/library/15/IPv4_Subnetting.pdf

-875-IOS IPV4 ACCESS LISTS:

http://packetlife.net/media/library/14/IOS_IPv4_Access_Lists.pdf

-876-Common Ports List:

http://packetlife.net/media/library/23/common_ports.pdf

-877-WLAN:

http://packetlife.net/media/library/4/IEEE_802.11_WLAN.pdf

-878-VLANs Cheatsheet:

http://packetlife.net/media/library/20/VLANs.pdf

-879-VoIP Basics CheatSheet:

http://packetlife.net/media/library/34/VOIP_Basics.pdf

-880-Google hacking and defense cheat sheet:

https://www.sans.org/security-resources/GoogleCheatSheet.pdf

-881-Nmap CheatSheet:

https://pen-testing.sans.org/blog/2013/10/08/nmap-cheat-sheet-1-0

-882-Netcat cheat sheet:

https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf

-883-PowerShell cheat sheet:

https://blogs.sans.org/pen-testing/files/2016/05/PowerShellCheatSheet_v41.pdf

-884-Scapy cheat sheet POCKET REFERENCE:

https://blogs.sans.org/pen-testing/files/2016/04/ScapyCheatSheet_v0.2.pdf

-885-SQL injection cheat sheet.:

https://information.rapid7.com/sql-injection-cheat-sheet-download.html

-886-Injection cheat sheet:

https://information.rapid7.com/injection-non-sql-cheat-sheet-download.html

-887-Symmetric Encryption Algorithms cheat sheet:

https://www.cheatography.com/rubberdragonfarts/cheat-sheets/symmetric-encryption-algorithms/

-888-Intrusion Discovery Cheat Sheet v2.0 for Linux:

https://pen-testing.sans.org/retrieve/linux-cheat-sheet.pdf

-889-Intrusion Discovery Cheat Sheet v2.0 for Window:

https://pen-testing.sans.org/retrieve/windows-cheat-sheet.pdf

-890-Memory Forensics Cheat Sheet v1.2:

https://digital-forensics.sans.org/media/memory-forensics-cheat-sheet.pdf

-891-CRITICAL LOG REVIEW CHECKLIST FOR SECURITY INCIDENTS G E N E R AL APPROACH:

https://www.sans.org/brochure/course/log-management-in-depth/6

-892-Evidence collection cheat sheet:

https://digital-forensics.sans.org/media/evidence_collection_cheat_sheet.pdf

-893-Hex file and regex cheat sheet v1.0:

https://digital-forensics.sans.org/media/hex_file_and_regex_cheat_sheet.pdf

-894-Rekall Memory Forensic Framework Cheat Sheet v1.2.:

https://digital-forensics.sans.org/media/rekall-memory-forensics-cheatsheet.pdf

-895-SIFT WORKSTATION Cheat Sheet v3.0.:

https://digital-forensics.sans.org/media/sift_cheat_sheet.pdf

-896-Volatility Memory Forensic Framework Cheat Sheet:

https://digital-forensics.sans.org/media/volatility-memory-forensics-cheat-sheet.pdf

-897-Hands - on Network Forensics.:

https://www.first.org/resources/papers/conf2015/first_2015_-_hjelmvik-_erik_-_hands-on_network_forensics_20150604.pdf

-898-VoIP Security Vulnerabilities.:

https://www.sans.org/reading-room/whitepapers/voip/voip-security-vulnerabilities-2036

-899-Incident Response: How to Fight Back:

https://www.sans.org/reading-room/whitepapers/analyst/incident-response-fight-35342

-900-BI-7_VoIP_Analysis_Fundamentals:

https://sharkfest.wireshark.org/sharkfest.12/presentations/BI-7_VoIP_Analysis_Fundamentals.pdf

-901-Bug Hunting Guide:

cybertheta.blogspot.com/2018/08/bug-hunting-guide.html

-902-Guide 001 |Getting Started in Bug Bounty Hunting:

https://whoami.securitybreached.org/2019/.../guide-getting-started-in-bug-bounty-hun...

-903-SQL injection cheat sheet :

https://portswigger.net › Web Security Academy › SQL injection › Cheat sheet

-904-RSnake's XSS Cheat Sheet:

https://www.in-secure.org/2018/08/22/rsnakes-xss-cheat-sheet/

-905-Bug Bounty Tips (2):

https://ctrsec.io/index.php/2019/03/20/bug-bounty-tips-2/

-906-A Review of my Bug Hunting Journey:

https://kongwenbin.com/a-review-of-my-bug-hunting-journey/

-907-Meet the First Hacker Millionaire on HackerOne:

https://itblogr.com/meet-the-first-hacker-millionaire-on-hackerone/

-908-XSS Cheat Sheet:

https://www.reddit.com/r/programming/comments/4sn54s/xss_cheat_sheet/

-909-Bug Bounty Hunter Methodology:

https://www.slideshare.net/bugcrowd/bug-bounty-hunter-methodology-nullcon-2016

-910-#10 Rules of Bug Bounty:

https://hackernoon.com/10-rules-of-bug-bounty-65082473ab8c

-911-Bugbounty Checklist:

https://www.excis3.be/bugbounty-checklist/21/

-912-FireBounty | The Ultimate Bug Bounty List!:

https://firebounty.com/

-913-Brutelogic xss cheat sheet 2019:

https://brutelogic.com.br/blog/ebook/xss-cheat-sheet/

-914-XSS Cheat Sheet by Rodolfo Assis:

https://leanpub.com/xss

-915-Cross-Site-Scripting (XSS) – Cheat Sheet:

https://ironhackers.es/en/cheatsheet/cross-site-scripting-xss-cheat-sheet/

-916-XSS Cheat Sheet V. 2018 :

https://hackerconnected.wordpress.com/2018/03/15/xss-cheat-sheet-v-2018/

-917-Cross-site Scripting Payloads Cheat Sheet :

https://exploit.linuxsec.org/xss-payloads-list

-918-Xss Cheat Sheet :

https://www.in-secure.org/tag/xss-cheat-sheet/

-919-Open Redirect Cheat Sheet :

https://pentester.land/cheatsheets/2018/11/02/open-redirect-cheatsheet.html

-920-XSS, SQL Injection and Fuzzing Bar Code Cheat Sheet:

https://www.irongeek.com/xss-sql-injection-fuzzing-barcode-generator.php

-921-XSS Cheat Sheet:

https://tools.paco.bg/13/

-922-XSS for ASP.net developers:

https://www.gosecure.net/blog/2016/03/22/xss-for-asp-net-developers

-923-Cross-Site Request Forgery Cheat Sheet:

https://trustfoundry.net/cross-site-request-forgery-cheat-sheet/

-924-CSRF Attacks: Anatomy, Prevention, and XSRF Tokens:

https://www.acunetix.com/websitesecurity/csrf-attacks/

-925-Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet :

https://mamchenkov.net/.../05/.../cross-site-request-forgery-csrf-prevention-cheat-shee...

-926-Guide to CSRF (Cross-Site Request Forgery):

https://www.veracode.com/security/csrf

-927-Cross-site Request Forgery - Exploitation & Prevention:

https://www.netsparker.com/blog/web-security/csrf-cross-site-request-forgery/

-928-SQL Injection Cheat Sheet :

https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

-929-MySQL SQL Injection Practical Cheat Sheet:

https://www.perspectiverisk.com/mysql-sql-injection-practical-cheat-sheet/

-930-SQL Injection (SQLi) - Cheat Sheet, Attack Examples & Protection:

https://www.checkmarx.com/knowledge/knowledgebase/SQLi

-931-SQL injection attacks: A cheat sheet for business pros:

https://www.techrepublic.com/.../sql-injection-attacks-a-cheat-sheet-for-business-pros/

-932-The SQL Injection Cheat Sheet:

https://biztechmagazine.com/article/.../guide-combatting-sql-injection-attacks-perfcon

-933-SQL Injection Cheat Sheet:

https://resources.infosecinstitute.com/sql-injection-cheat-sheet/

-934-Comprehensive SQL Injection Cheat Sheet:

https://www.darknet.org.uk/2007/05/comprehensive-sql-injection-cheat-sheet/

-935-MySQL SQL Injection Cheat Sheet:

pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet

-936-SQL Injection Cheat Sheet: MySQL:

https://www.gracefulsecurity.com/sql-injection-cheat-sheet-mysql/

-937- MySQL Injection Cheat Sheet:

https://www.asafety.fr/mysql-injection-cheat-sheet/

-938-SQL Injection Cheat Sheet:

https://www.reddit.com/r/netsec/comments/7l449h/sql_injection_cheat_sheet/

-939-Google dorks cheat sheet 2019:

https://sanfrantokyo.com/pph5/yxo7.php?xxx=5&lf338=google...cheat-sheet-2019

-940-Command Injection Cheatsheet :

https://hackersonlineclub.com/command-injection-cheatsheet/

-941-OS Command Injection Vulnerability:

https://www.immuniweb.com/vulnerability/os-command-injection.html

-942-OS Command Injection:

https://www.checkmarx.com/knowledge/knowledgebase/OS-Command_Injection

-943-Command Injection: The Good, the Bad and the Blind:

https://www.gracefulsecurity.com/command-injection-the-good-the-bad-and-the-blind/

-944-OS command injection:

https://portswigger.net › Web Security Academy › OS command injection

-945-How to Test for Command Injection:

https://blog.securityinnovation.com/blog/.../how-to-test-for-command-injection.html

-946-Data Exfiltration via Blind OS Command Injection:

https://www.contextis.com/en/blog/data-exfiltration-via-blind-os-command-injection

-947-XXE Cheatsheet:

https://www.gracefulsecurity.com/xxe-cheatsheet/

-948-bugbounty-cheatsheet/xxe.:

https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xxe.md

-949-XXE - Information Security:

https://phonexicum.github.io/infosec/xxe.html

-950-XXE Cheat Sheet:

https://www.hahwul.com/p/xxe-cheat-sheet.html

-951-Advice From A Researcher: Hunting XXE For Fun and Profit:

https://www.bugcrowd.com/blog/advice-from-a-bug-hunter-xxe/

-952-Out of Band Exploitation (OOB) CheatSheet :

https://www.notsosecure.com/oob-exploitation-cheatsheet/

-953-Web app penentration testing checklist and cheatsheet:

www.malwrforensics.com/.../web-app-penentration-testing-checklist-and-cheatsheet-with-example

-954-Useful Resources:

https://lsdsecurity.com/useful-resources/

-955-Exploiting XXE Vulnerabilities in IIS/.NET:

https://pen-testing.sans.org/.../entity-inception-exploiting-iis-net-with-xxe-vulnerabiliti...

-956-Top 65 OWASP Cheat Sheet Collections - ALL IN ONE:

https://www.yeahhub.com/top-65-owasp-cheat-sheet-collections-all-in-one/

-957-Hacking Resources:

https://www.torontowebsitedeveloper.com/hacking-resources

-958-Out of Band XML External Entity Injection:

https://www.netsparker.com/web...scanner/.../out-of-band-xml-external-entity-injectio...

-959-XXE - ZeroSec - Adventures In Information Security:

https://blog.zsec.uk/out-of-band-xxe-2/

-960-Blog - Automated Data Exfiltration with XXE:

https://blog.gdssecurity.com/labs/2015/4/.../automated-data-exfiltration-with-xxe.html

-961-My Experience during Infosec Interviews:

https://medium.com/.../my-experience-during-infosec-interviews-ed1f74ce41b8

-962-Top 10 Security Risks on the Web (OWASP):

https://sensedia.com/.../top-10-security-risks-on-the-web-owasp-and-how-to-mitigate-t...

-963-Antivirus Evasion Tools [Updated 2019] :

https://resources.infosecinstitute.com/antivirus-evasion-tools/

-964-Adventures in Anti-Virus Evasion:

https://www.gracefulsecurity.com/anti-virus-evasion/

-965-Antivirus Bypass Phantom Evasion - 2019 :

https://www.reddit.com/r/Kalilinux/.../antivirus_bypass_phantom_evasion_2019/

-966-Antivirus Evasion with Python:

https://medium.com/bugbountywriteup/antivirus-evasion-with-python-49185295caf1

-967-Windows oneliners to get shell:

https://ironhackers.es/en/cheatsheet/comandos-en-windows-para-obtener-shell/

-968-Does Veil Evasion Still Work Against Modern AntiVirus?:

https://www.hackingloops.com/veil-evasion-virustotal/

-969-Google dorks cheat sheet 2019 :

https://sanfrantokyo.com/pph5/yxo7.php?xxx=5&lf338=google...cheat-sheet-2019

-970-Malware Evasion Techniques :

https://www.slideshare.net/ThomasRoccia/malware-evasion-techniques

-971-How to become a cybersecurity pro: A cheat sheet:

https://www.techrepublic.com/article/cheat-sheet-how-to-become-a-cybersecurity-pro/

-972-Bypassing Antivirus With Ten Lines of Code:

https://hackingandsecurity.blogspot.com/.../bypassing-antivirus-with-ten-lines-of.html

-973-Bypassing antivirus detection on a PDF exploit:

https://www.digital.security/en/blog/bypassing-antivirus-detection-pdf-exploit

-974-Generating Payloads & Anti-Virus Bypass Methods:

https://uceka.com/2014/02/19/generating-payloads-anti-virus-bypass-methods/

-975-Apkwash Android Antivirus Evasion For Msfvemon:

https://hackingarise.com/apkwash-android-antivirus-evasion-for-msfvemon/

-976-Penetration Testing with Windows Computer & Bypassing an Antivirus:

https://www.prodefence.org/penetration-testing-with-windows-computer-bypassing-antivirus

-978-Penetration Testing: The Quest For Fully UnDetectable Malware:

https://www.foregenix.com/.../penetration-testing-the-quest-for-fully-undetectable-malware

-979-AVET: An AntiVirus Bypassing tool working with Metasploit Framework :

https://githacktools.blogspot.com

-980-Creating an undetectable payload using Veil-Evasion Toolkit:

https://www.yeahhub.com/creating-undetectable-payload-using-veil-evasion-toolkit/

-981-Evading Antivirus :

https://sathisharthars.com/tag/evading-antivirus/

-982-AVPASS – All things in moderation:

https://hydrasky.com/mobile-security/avpass/

-983-Complete Penetration Testing & Hacking Tools List:

https://cybarrior.com/blog/2019/03/31/hacking-tools-list/

-984-Modern red teaming: 21 resources for your security team:

https://techbeacon.com/security/modern-red-teaming-21-resources-your-security-team

-985-BloodHound and CypherDog Cheatsheet :

https://hausec.com/2019/04/15/bloodhound-and-cypherdog-cheatsheet/

-986-Redteam Archives:

https://ethicalhackingguru.com/category/redteam/

-987-NMAP Commands Cheat Sheet:

https://www.networkstraining.com/nmap-commands-cheat-sheet/

-988-Nmap Cheat Sheet:

https://dhound.io/blog/nmap-cheatsheet

-989-Nmap Cheat Sheet: From Discovery to Exploits:

https://resources.infosecinstitute.com/nmap-cheat-sheet/

-990-Nmap Cheat Sheet and Pro Tips:

https://hackertarget.com/nmap-cheatsheet-a-quick-reference-guide/

-991-Nmap Tutorial: from the Basics to Advanced Tips:

https://hackertarget.com/nmap-tutorial/

-992-How to run a complete network scan with OpenVAS;

https://www.techrepublic.com/.../how-to-run-a-complete-network-scan-with-openvas/

-993-Nmap: my own cheatsheet:

https://www.andreafortuna.org/2018/03/12/nmap-my-own-cheatsheet/

-994-Top 32 Nmap Command Examples For Linux Sys/Network Admins:

https://www.cyberciti.biz/security/nmap-command-examples-tutorials/

-995-35+ Best Free NMap Tutorials and Courses to Become Pro Hacker:

https://www.fromdev.com/2019/01/best-free-nmap-tutorials-courses.html

-996-Scanning Tools:

https://widesecurity.net/kali-linux/kali-linux-tools-scanning/

-997-Nmap - Cheatsheet:

https://www.ivoidwarranties.tech/posts/pentesting-tuts/nmap/cheatsheet/

-998-Linux for Network Engineers:

https://netbeez.net/blog/linux-how-to-use-nmap/

-999-Nmap Cheat Sheet:

https://www.hackingloops.com/nmap-cheat-sheet-port-scanning-basics-ethical-hackers/

-1000-Tactical Nmap for Beginner Network Reconnaissance:

https://null-byte.wonderhowto.com/.../tactical-nmap-for-beginner-network-reconnaiss...

-1001-A Guide For Google Hacking Database:

https://www.hackgentips.com/google-hacking-database/

-1002-2019 Data Breaches - The Worst Breaches, So Far:

https://www.identityforce.com/blog/2019-data-breaches

-1003-15 Vulnerable Sites To (Legally) Practice Your Hacking Skills:

https://www.checkmarx.com/.../15-vulnerable-sites-to-legally-practice-your-hacking-skills

-1004-Google Hacking Master List :

https://it.toolbox.com/blogs/rmorril/google-hacking-master-list-111408

-1005-Smart searching with googleDorking | Exposing the Invisible:

https://exposingtheinvisible.org/guides/google-dorking/

-1006-Google Dorks 2019:

https://korben.info/google-dorks-2019-liste.html

-1007-Google Dorks List and how to use it for Good;

https://edgy.app/google-dorks-list

-1008-How to Use Google to Hack(Googledorks):

https://null-byte.wonderhowto.com/how-to/use-google-hack-googledorks-0163566/

-1009-Using google as hacking tool:

https://cybertechies007.blogspot.com/.../using-google-as-hacking-tool-googledorks.ht...

-1010-#googledorks hashtag on Twitter:

https://twitter.com/hashtag/googledorks

-1011-Top Five Open Source Intelligence (OSINT) Tools:

https://resources.infosecinstitute.com/top-five-open-source-intelligence-osint-tools/

-1012-What is open-source intelligence (OSINT)?:

https://www.microfocus.com/en-us/what-is/open-source-intelligence-osint

-1013-A Guide to Open Source Intelligence Gathering (OSINT):

https://medium.com/bugbountywriteup/a-guide-to-open-source-intelligence-gathering-osint-ca831e13f29c

-1014-OSINT: How to find information on anyone:

https://medium.com/@Peter_UXer/osint-how-to-find-information-on-anyone-5029a3c7fd56

-1015-What is OSINT? How can I make use of it?:

https://securitytrails.com/blog/what-is-osint-how-can-i-make-use-of-it

-1016-OSINT Tools for the Dark Web:

https://jakecreps.com/2019/05/16/osint-tools-for-the-dark-web/

-1017-A Guide to Open Source Intelligence (OSINT):

https://www.cjr.org/tow_center_reports/guide-to-osint-and-hostile-communities.php

-1018-An Introduction To Open Source Intelligence (OSINT):

https://www.secjuice.com/introduction-to-open-source-intelligence-osint/

-1019-SSL & TLS HTTPS Testing [Definitive Guide] - Aptive:

https://www.aptive.co.uk/blog/tls-ssl-security-testing/

-1020-Exploit Title: [Files Containing E-mail and Associated Password Lists]:

https://www.exploit-db.com/ghdb/4262/?source=ghdbid

-1021-cheat_sheets:

http://zachgrace.com/cheat_sheets/

-1022-Intel SYSRET:

https://pentestlab.blog/2017/06/14/intel-sysret

-1023-Windows Preventive Maintenance Best Practices:

http://www.professormesser.com/free-a-plus-training/220-902/windows-preventive-maintenance-best-practices/

-1024-An Overview of Storage Devices:

http://www.professormesser.com/?p=19367

-1025-An Overview of RAID:

http://www.professormesser.com/?p=19373

-1026-How to Troubleshoot:

http://www.professormesser.com/free-a-plus-training/220-902/how-to-troubleshoot/

-1027-Mobile Device Security Troubleshooting:

http://www.professormesser.com/free-a-plus-training/220-902/mobile-device-security-troubleshooting/

-1028-Using Wireshark: Identifying Hosts and Users:

https://unit42.paloaltonetworks.com/using-wireshark-identifying-hosts-and-users/

-1029-Using Wireshark - Display Filter Expressions:

https://unit42.paloaltonetworks.com/using-wireshark-display-filter-expressions/

-1030-Decrypting SSL/TLS traffic with Wireshark:

https://resources.infosecinstitute.com/decrypting-ssl-tls-traffic-with-wireshark/

-1031-A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.:

https://onceupon.github.io/Bash-Oneliner/

-1032- Bash One-Liners Explained, Part I: Working with files :

https://catonmat.net/bash-one-liners-explained-part-one

-1033-Bash One-Liners Explained, Part IV: Working with history:

https://catonmat.net/bash-one-liners-explained-part-four

-1034-Useful bash one-liners :

https://github.com/stephenturner/oneliners

-1035-Some Random One-liner Linux Commands [Part 1]:

https://www.ostechnix.com/random-one-liner-linux-commands-part-1/

-1036-The best terminal one-liners from and for smart admins + devs.:

https://www.ssdnodes.com/tools/one-line-wise/

-1037-Shell one-liner:

https://rosettacode.org/wiki/Shell_one-liner#Racket

-1038-SSH Cheat Sheet:

http://pentestmonkey.net/tag/ssh

-1039-7000 Google Dork List:

https://pastebin.com/raw/Tdvi8vgK

-1040-GOOGLE HACKİNG DATABASE – GHDB:

https://pastebin.com/raw/1ndqG7aq

-1041-STEALING PASSWORD WITH GOOGLE HACK:

https://pastebin.com/raw/x6BNZ7NN

-1042-Hack Remote PC with PHP File using PhpSploit Stealth Post-Exploitation Framework:

http://www.hackingarticles.in/hack-remote-pc-with-php-file-using-phpsploit-stealth-post-exploitation-framework

-1043-Open Source database of android malware:

www.code.google.com/archive/p/androguard/wikis/DatabaseAndroidMalwares.wiki

-1044-big-list-of-naughty-strings:

https://github.com/minimaxir/big-list-of-naughty-strings/blob/master/blns.txt

-1045-publicly available cap files:

http://www.netresec.com/?page=PcapFiles

-1046-“Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection”:

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.119.399&rep=rep1&type=pdf

-1047-Building a malware analysis toolkit:

https://zeltser.com/build-malware-analysis-toolkit/

-1048-Netcat Reverse Shell Cheat Sheet:

http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

-1049-Packers and crypters:

http://securityblog.gr/2950/detect-packers-cryptors-and-compilers/

-1050-Evading antivirus:

http://www.blackhillsinfosec.com/?p=5094

-1051-cheat sheets and information,The Art of Hacking:

https://github.com/The-Art-of-Hacking

-1052-Error-based SQL injection:

https://www.exploit-db.com/docs/37953.pdf

-1053-XSS cheat sheet:

https://www.veracode.com/security/xss

-1054-Active Directory Enumeration with PowerShell:

https://www.exploit-db.com/docs/46990

-1055-Buffer Overflows, C Programming, NSA GHIDRA and More:

https://www.exploit-db.com/docs/47032

-1056-Analysis of CVE-2019-0708 (BlueKeep):

https://www.exploit-db.com/docs/46947

-1057-Windows Privilege Escalations:

https://www.exploit-db.com/docs/46131

-1058-The Ultimate Guide For Subdomain Takeover with Practical:

https://www.exploit-db.com/docs/46415

-1059-File transfer skills in the red team post penetration test:

https://www.exploit-db.com/docs/46515

-1060-How To Exploit PHP Remotely To Bypass Filters & WAF Rules:

https://www.exploit-db.com/docs/46049

-1061-Flying under the radar:

https://www.exploit-db.com/docs/45898

-1062-what is google hacking? and why it is useful ?and how you can learn how to use it:

https://twitter.com/cry__pto/status/1142497470825545729?s=20

-1063-useful blogs for penetration testers:

https://twitter.com/cry__pto/status/1142497470825545729?s=20

-1064-useful #BugBounty resources & links & tutorials & explanations & writeups ::

https://twitter.com/cry__pto/status/1143965322233483265?s=20

-1065-Union- based SQL injection:

http://securityidiots.com/Web-Pentest/SQL-Injection/Basic-Union-Based-SQL-Injection.html

-1066-Broken access control:

https://www.happybearsoftware.com/quick-check-for-access-control-vulnerabilities-in-rails

-1067-Understanding firewall types and configurations:

http://searchsecurity.techtarget.com/feature/The-five-different-types-of-firewalls

-1068-5 Kali Linux tricks that you may not know:

https://pentester.land/tips-n-tricks/2018/11/09/5-kali-linux-tricks-that-you-may-not-know.html

-1069-5 tips to make the most of Twitter as a pentester or bug bounty hunter:

https://pentester.land/tips-n-tricks/2018/10/23/5-tips-to-make-the-most-of-twitter-as-a-pentester-or-bug-bounty-hunter.html

-1060-A Guide To Subdomain Takeovers:

https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

-1061-Advanced Recon Automation (Subdomains) case 1:

https://medium.com/p/9ffc4baebf70

-1062-Security testing for REST API with w3af:

https://medium.com/quick-code/security-testing-for-rest-api-with-w3af-2c43b452e457?source=post_recirc---------0------------------

-1062-The Lazy Hacker:

https://securit.ie/blog/?p=86

-1063-Practical recon techniques for bug hunters & pen testers:

https://github.com/appsecco/practical-recon-levelup0x02/raw/200c43b58e9bf528a33c9dfa826fda89b229606c/practical_recon.md

-1064-A More Advanced Recon Automation #1 (Subdomains):

https://poc-server.com/blog/2019/01/18/advanced-recon-subdomains/

-1065-Expanding your scope (Recon automation #2):

https://poc-server.com/blog/2019/01/31/expanding-your-scope-recon-automation/

-1066-RCE by uploading a web.config:

https://poc-server.com/blog/2018/05/22/rce-by-uploading-a-web-config/

-1067-Finding and exploiting Blind XSS:

https://enciphers.com/finding-and-exploiting-blind-xss/

-1068-Google dorks list 2018:

http://conzu.de/en/google-dork-liste-2018-conzu

-1096-Out of Band Exploitation (OOB) CheatSheet:

https://www.notsosecure.com/oob-exploitation-cheatsheet/

-1070-Metasploit Cheat Sheet:

https://nitesculucian.github.io/2018/12/01/metasploit-cheat-sheet/

-1071-Linux Post Exploitation Cheat Sheet :

red-orbita.com/?p=8455

-1072-OSCP/Pen Testing Resources :

https://medium.com/@sdgeek/oscp-pen-testing-resources-271e9e570d45

-1073-Out Of Band Exploitation (OOB) CheatSheet :

https://packetstormsecurity.com/files/149290/Out-Of-Band-Exploitation-OOB-CheatSheet.html

-1074-HTML5 Security Cheatsheet:

https://html5sec.org/

-1075-Kali Linux Cheat Sheet for Penetration Testers:

https://www.blackmoreops.com/2016/12/20/kali-linux-cheat-sheet-for-penetration-testers/

-1076-Responder - CheatSheet:

https://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/cheatsheet/

-1076-Windows Post-Exploitation Command List:

pentest.tonyng.net/windows-post-exploitation-command-list/

-1077-Transfer files (Post explotation) - CheatSheet

https://ironhackers.es/en/cheatsheet/transferir-archivos-post-explotacion-cheatsheet/

-1078-SQL Injection Cheat Sheet: MSSQL — GracefulSecurity:

https://www.gracefulsecurity.com/sql-injection-cheat-sheet-mssql/

-1079-OSCP useful resources and tools:

https://acknak.fr/en/articles/oscp-tools/

-1080-Penetration Testing 102 - Windows Privilege Escalation - Cheatsheet:

www.exumbraops.com/penetration-testing-102-windows-privilege-escalation-cheatsheet

-1081-Transferring files from Kali to Windows (post exploitation) :

https://blog.ropnop.com/transferring-files-from-kali-to-windows/

-1082-Hack Like a Pro: The Ultimate Command Cheat Sheet for Metasploit:

https://null-byte.wonderhowto.com/.../hack-like-pro-ultimate-command-cheat-sheet-f...

-1083-OSCP Goldmine (not clickbait):

0xc0ffee.io/blog/OSCP-Goldmine

-1084-Privilege escalation: Linux :

https://vulp3cula.gitbook.io/hackers-grimoire/post-exploitation/privesc-linux

-1085-Exploitation Tools Archives :

https://pentesttools.net/category/exploitationtools/

-1086-From Local File Inclusion to Remote Code Execution - Part 1:

https://outpost24.com/blog/from-local-file-inclusion-to-remote-code-execution-part-1

-1087-Basic Linux Privilege Escalation:

https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

-1088-Title: Ultimate Directory Traversal & Path Traversal Cheat Sheet:

www.vulnerability-lab.com/resources/documents/587.txt

-1089-Binary Exploitation:

https://pwndevils.com/hacking/howtwohack.html

1090-A guide to Linux Privilege Escalation:

https://payatu.com/guide-linux-privilege-escalation/

-1091-Penetration Testing Tools Cheat Sheet :

https://news.ycombinator.com/item?id=11977304

-1092-List of Metasploit Commands - Cheatsheet:

https://thehacktoday.com/metasploit-commands/

-1093-A journey into Radare 2 – Part 2: Exploitation:

https://www.megabeets.net/a-journey-into-radare-2-part-2/

-1094-Remote Code Evaluation (Execution) Vulnerability:

https://www.netsparker.com/blog/web-security/remote-code-evaluation-execution/

-1095-Exploiting Python Code Injection in Web Applications:

https://www.securitynewspaper.com/.../exploiting-python-code-injection-web-applicat...

-1096-Shells · Total OSCP Guide:

https://sushant747.gitbooks.io/total-oscp-guide/reverse-shell.html

-1097-MongoDB Injection cheat sheet Archives:

https://blog.securelayer7.net/tag/mongodb-injection-cheat-sheet/

-1098-Basic Shellshock Exploitation:

https://blog.knapsy.com/blog/2014/10/07/basic-shellshock-exploitation/

-1099-Wireshark Tutorial and Tactical Cheat Sheet :

https://hackertarget.com/wireshark-tutorial-and-cheat-sheet/

-1100-Windows Command Line cheatsheet (part 2):

https://www.andreafortuna.org/2017/.../windows-command-line-cheatsheet-part-2-wm...

-1101-Detecting WMI exploitation:

www.irongeek.com/i.php?page=videos/derbycon8/track-3-03...exploitation...

1102-Metasploit Cheat Sheet - Hacking Land :

https://www.hacking.land/2019/02/metasploit-cheat-sheet.html

-1103-5 Practical Scenarios for XSS Attacks:

https://pentest-tools.com/blog/xss-attacks-practical-scenarios/

-1104-Ultimate gdb cheat sheet:

http://nadavclaudecohen.com/2017/10/10/ultimate-gdb-cheat-sheet/

-1105-Reverse Engineering Cheat Sheet:

https://www.scribd.com/doc/38163906/Reverse-Engineering-Cheat-Sheet

-1106-Reverse Engineering Cheat Sheet:

https://www.scribd.com/document/94575179/Reverse-Engineering-Cheat-Sheet

-1107-Reverse Engineering For Malware Analysis:

https://eforensicsmag.com/reverse_engi_cheatsheet/

-1108-Reverse-engineering Cheat Sheets :

https://www.cheatography.com/tag/reverse-engineering/

-1109-Shortcuts for Understanding Malicious Scripts:

https://www.linkedin.com/pulse/shortcuts-understanding-malicious-scripts-viviana-ross

-1110-WinDbg Malware Analysis Cheat Sheet :

https://oalabs.openanalysis.net/2019/02/18/windbg-for-malware-analysis/

-1111-Cheat Sheet for Malware Analysis:

https://www.andreafortuna.org/2016/08/16/cheat-sheet-for-malware-analysis/

-1112-Tips for Reverse-Engineering Malicious Code :

https://www.digitalmunition.me/tips-reverse-engineering-malicious-code-new-cheat-sheet

-1113-Cheatsheet for radare2 :

https://leungs.xyz/reversing/2018/04/16/radare2-cheatsheet.html

-1114-Reverse Engineering Cheat Sheets:

https://www.pinterest.com/pin/576390452300827323/

-1115-Reverse Engineering Resources-Beginners to intermediate Guide/Links:

https://medium.com/@vignesh4303/reverse-engineering-resources-beginners-to-intermediate-guide-links-f64c207505ed

-1116-Malware Resources :

https://www.professor.bike/malware-resources

-1117-Zero-day exploits: A cheat sheet for professionals:

https://www.techrepublic.com/article/zero-day-exploits-the-smart-persons-guide/

-1118-Getting cozy with exploit development:

https://0x00sec.org/t/getting-cozy-with-exploit-development/5311

-1119-appsec - Web Security Cheatsheet :

https://security.stackexchange.com/questions/2985/web-security-cheatsheet-todo-list

-1120-PEDA - Python Exploit Development Assistance For GDB:

https://www.pinterest.ru/pin/789044797190775841/

-1121-Exploit Development Introduction (part 1) :

https://www.cybrary.it/video/exploit-development-introduction-part-1/

-1122-Windows Exploit Development: A simple buffer overflow example:

https://medium.com/bugbountywriteup/windows-expliot-dev-101-e5311ac284a

-1123-Exploit Development-Everything You Need to Know:

https://null-byte.wonderhowto.com/how-to/exploit-development-everything-you-need-know-0167801/

-1124-Exploit Development :

https://0x00sec.org/c/exploit-development

-1125-Exploit Development - Infosec Resources:

https://resources.infosecinstitute.com/category/exploit-development/

-1126-Exploit Development :

https://www.reddit.com/r/ExploitDev/

-1127-A Study in Exploit Development - Part 1: Setup and Proof of Concept :

https://www.anitian.com/a-study-in-exploit-development-part-1-setup-and-proof-of-concept

-1128-Exploit Development for Beginners:

https://www.youtube.com/watch?v=tVDuuz60KKc

-1129-Introduction to Exploit Development:

https://www.fuzzysecurity.com/tutorials/expDev/1.html

-1130-Exploit Development And Reverse Engineering:

https://www.immunitysec.com/services/exploit-dev-reverse-engineering.html

-1131-wireless forensics:

https://www.sans.org/reading-room/whitepapers/wireless/80211-network-forensic-analysis-33023

-1132-fake AP Detection:

https://www.sans.org/reading-room/whitepapers/detection/detecting-preventing-rogue-devices-network-1866

-1133-In-Depth analysis of SamSam Ransomware:

https://www.crowdstrike.com/blog/an-in-depth-analysis-of-samsam-ransomware-and-boss-spider/

-1134-WannaCry ransomware:

https://www.endgame.com/blog/technical-blog/wcrywanacry-ransomware-technical-analysis

-1135-malware analysis:

https://www.sans.org/reading-room/whitepapers/malicious/paper/2103

-1136-Metasploit's detailed communication and protocol writeup:

https://www.exploit-db.com/docs/english/27935-metasploit---the-exploit-learning-tree.pdf

-1137-Metasploit's SSL-generation module::

https://github.com/rapid7/metasploit-framework/blob/76954957c740525cff2db5a60bcf936b4ee06c42/lib/rex/post/meterpreter/client.rb

-1139-Empire IOCs::

https://www.sans.org/reading-room/whitepapers/detection/disrupting-empire-identifying-powershell-empire-command-control-activity-38315

-1140-excellent free training on glow analysis:

http://opensecuritytraining.info/Flow.html

-1141-NetFlow using Silk:

https://tools.netsa.cert.org/silk/analysis-handbook.pdf

-1142-Deep Packet Inspection:

https://is.muni.cz/th/ql57c/dp-svoboda.pdf

-1143-Detecting Behavioral Personas with OSINT and Datasploit:

https://www.exploit-db.com/docs/45543

-1144-WordPress Penetration Testing using WPScan and MetaSploit:

https://www.exploit-db.com/docs/45556

-1145-Bulk SQL Injection using Burp-to-SQLMap:

https://www.exploit-db.com/docs/45428

-1146-XML External Entity Injection - Explanation and Exploitation:

https://www.exploit-db.com/docs/45374

-1147- Web Application Firewall (WAF) Evasion Techniques #3 (CloudFlare and ModSecurity OWASP CRS3):

https://www.exploit-db.com/docs/45368

-1148-File Upload Restrictions Bypass:

https://www.exploit-db.com/docs/45074

-1149-VLAN Hopping Attack:

https://www.exploit-db.com/docs/45050

-1150-Jigsaw Ransomware Analysis using Volatility:

https://medium.com/@0xINT3/jigsaw-ransomware-analysis-using-volatility-2047fc3d9be9

-1151-Ransomware early detection by the analysis of file sharing traffic:

https://www.sciencedirect.com/science/article/pii/S108480451830300X

-1152-Do You Think You Can Analyse Ransomware?:

https://medium.com/asecuritysite-when-bob-met-alice/do-you-think-you-can-analyse-ransomware-bbc813b95529

-1153-Analysis of LockerGoga Ransomware :

https://labsblog.f-secure.com/2019/03/27/analysis-of-lockergoga-ransomware/

-1154-Detection and Forensic Analysis of Ransomware Attacks :

https://www.netfort.com/assets/NetFort-Ransomware-White-Paper.pdf

-1155-Bad Rabbit Ransomware Technical Analysis:

https://logrhythm.com/blog/bad-rabbit-ransomware-technical-analysis/

-1156-NotPetya Ransomware analysis :

https://safe-cyberdefense.com/notpetya-ransomware-analysis/

-1157-Identifying WannaCry on Your Server Using Logs:

https://www.loggly.com/blog/identifying-wannacry-server-using-logs/

-1158-The past, present, and future of ransomware:

https://www.itproportal.com/features/the-past-present-and-future-of-ransomware/

-1159-The dynamic analysis of WannaCry ransomware :

https://ieeexplore.ieee.org/iel7/8318543/8323471/08323682.pdf

-1160-Malware Analysis: Ransomware - SlideShare:

https://www.slideshare.net/davidepiccardi/malware-analysis-ransomware

-1161-Article: Anatomy of ransomware malware: detection, analysis :

https://www.inderscience.com/info/inarticle.php?artid=84399

-1162-Tracking desktop ransomware payments :

https://www.blackhat.com/docs/us-17/wednesday/us-17-Invernizzi-Tracking-Ransomware-End-To-End.pdf

-1163-What is Ransomware? Defined, Explained, and Explored:

https://www.forcepoint.com/cyber-edu/ransomware

-1164-Detect and Recover from Ransomware Attacks:

https://www.indexengines.com/ransomware

-1165-Wingbird rootkit analysis:

https://artemonsecurity.blogspot.com/2017/01/wingbird-rootkit-analysis.html

-1166-Windows Kernel Rootkits: Techniques and Analysis:

https://www.offensivecon.org/trainings/2019/windows-kernel-rootkits-techniques-and-analysis.html

-1167-Rootkit: What is a Rootkit and How to Detect It :

https://www.veracode.com/security/rootkit

-1168-Dissecting Turla Rootkit Malware Using Dynamic Analysis:

https://www.lastline.com/.../dissecting-turla-rootkit-malware-using-dynamic-analysis/

-1169-Rootkits and Rootkit Detection (Windows Forensic Analysis) Part 2:

https://what-when-how.com/windows-forensic-analysis/rootkits-and-rootkit-detection-windows-forensic-analysis-part-2/

-1170-ZeroAccess – an advanced kernel mode rootkit :

https://www.botnetlegalnotice.com/ZeroAccess/files/Ex_12_Decl_Anselmi.pdf

-1171-Rootkit Analysis Identification Elimination:

https://acronyms.thefreedictionary.com/Rootkit+Analysis+Identification+Elimination

-1172-TDL3: The Rootkit of All Evil?:

static1.esetstatic.com/us/resources/white-papers/TDL3-Analysis.pdf

-1173-Avatar Rootkit: Dropper Analysis:

https://resources.infosecinstitute.com/avatar-rootkit-dropper-analysis-part-1/

-1174-Sality rootkit analysis:

https://www.prodefence.org/sality-rootkit-analysis/

-1175-RootKit Hook Analyzer:

https://www.resplendence.com/hookanalyzer/

-1176-Behavioral Analysis of Rootkit Malware:

https://isc.sans.edu/forums/diary/Behavioral+Analysis+of+Rootkit+Malware/1487/

-1177-Malware Memory Analysis of the IVYL Linux Rootkit:

https://apps.dtic.mil/docs/citations/AD1004349

-1178-Analysis of the KNARK rootkit :

https://linuxsecurity.com/news/intrusion-detection/analysis-of-the-knark-rootkit

-1179-32 Bit Windows Kernel Mode Rootkit Lab Setup with INetSim :

https://medium.com/@eaugusto/32-bit-windows-kernel-mode-rootkit-lab-setup-with-inetsim-e49c22e9fcd1

-1180-Ten Process Injection Techniques: A Technical Survey of Common and Trending Process Injection Techniques:

https://www.endgame.com/blog/technical-blog/ten-process-injection-techniques-technical-survey-common-and-trending-process

-1181-Code & Process Injection - Red Teaming Experiments:

https://ired.team/offensive-security/code-injection-process-injection

-1182-What Malware Authors Don't want you to know:

https://www.blackhat.com/.../asia-17-KA-What-Malware-Authors-Don't-Want-You-To-Know

-1183-.NET Process Injection:

https://medium.com/@malcomvetter/net-process-injection-1a1af00359bc

-1184-Memory Injection like a Boss :

https://www.countercept.com/blog/memory-injection-like-a-boss/

-1185-Process injection - Malware style:

https://www.slideshare.net/demeester1/process-injection

-1186-Userland API Monitoring and Code Injection Detection:

https://0x00sec.org/t/userland-api-monitoring-and-code-injection-detection/5565

-1187-Unpacking Redaman Malware & Basics of Self-Injection Packers:

https://liveoverflow.com/unpacking-buhtrap-malware-basics-of-self-injection-packers-ft-oalabs-2/

-1188-Code injection on macOS:

https://knight.sc/malware/2019/03/15/code-injection-on-macos.html

-1189-(Shell)Code Injection In Linux Userland :

https://blog.sektor7.net/#!res/2018/pure-in-memory-linux.md

-1190-Code injection on Windows using Python:

https://www.andreafortuna.org/2018/08/06/code-injection-on-windows-using-python-a-simple-example/

-1191-What is Reflective DLL Injection and how can be detected?:

https://www.andreafortuna.org/cybersecurity/what-is-reflective-dll-injection-and-how-can-be-detected/

-1192-Windows Process Injection:

https://modexp.wordpress.com/2018/08/23/process-injection-propagate/

-1193-A+ cheat sheet:

https://www.slideshare.net/abnmi/a-cheat-sheet

-1194-A Bettercap Tutorial — From Installation to Mischief:

https://danielmiessler.com/study/bettercap/

-1195-Debugging Malware with WinDbg:

https://www.ixiacom.com/company/blog/debugging-malware-windbg

-1195-Malware analysis, my own list of tools and resources:

https://www.andreafortuna.org/2016/08/05/malware-analysis-my-own-list-of-tools-and-resources/

-1196-Getting Started with Reverse Engineering:

https://lospi.net/developing/software/.../assembly/2015/03/.../reversing-with-ida.html

-1197-Debugging malicious windows scriptlets with Google chrome:

https://medium.com/@0xamit/debugging-malicious-windows-scriptlets-with-google-chrome-c31ba409975c

-1198-Intro to Radare2 for Malware Analysis:

https://malwology.com/2018/11/30/intro-to-radare2-for-malware-analysis/

-1199-Intro to Malware Analysis and Reverse Engineering:

https://www.cybrary.it/course/malware-analysis/

-1200-Common Malware Persistence Mechanisms:

https://resources.infosecinstitute.com/common-malware-persistence-mechanisms/

-1201-Finding Registry Malware Persistence with RECmd:

https://digital-forensics.sans.org/blog/2019/05/07/malware-persistence-recmd

-1202-Windows Malware Persistence Mechanisms :

https://www.swordshield.com/blog/windows-malware-persistence-mechanisms/

-1203- persistence techniques:

https://www.andreafortuna.org/2017/07/06/malware-persistence-techniques/

-1204- Persistence Mechanism - an overview | ScienceDirect Topics:

https://www.sciencedirect.com/topics/computer-science/persistence-mechanism

-1205-Malware analysis for Linux:

https://www.sothis.tech/en/malware-analysis-for-linux-wirenet/

-1206-Linux Malware Persistence with Cron:

https://www.sandflysecurity.com/blog/linux-malware-persistence-with-cron/

-1207-What is advanced persistent threat (APT)? :

https://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT

-1208-Malware Analysis, Part 1: Understanding Code Obfuscation :

https://www.vadesecure.com/en/malware-analysis-understanding-code-obfuscation-techniques/

-1209-Top 6 Advanced Obfuscation Techniques:

https://sensorstechforum.com/advanced-obfuscation-techniques-malware/

-1210-Malware Obfuscation Techniques:

https://dl.acm.org/citation.cfm?id=1908903

-1211-How Hackers Hide Their Malware: Advanced Obfuscation:

https://www.darkreading.com/attacks-breaches/how-hackers-hide-their-malware-advanced-obfuscation/a/d-id/1329723

-1212-Malware obfuscation techniques: four simple examples:

https://www.andreafortuna.org/2016/10/13/malware-obfuscation-techniques-four-simple-examples/

-1213-Malware Monday: Obfuscation:

https://medium.com/@bromiley/malware-monday-obfuscation-f65239146db0

-1213-Challenge of Malware Analysis: Malware obfuscation Techniques:

https://www.ijiss.org/ijiss/index.php/ijiss/article/view/327

-1214-Static Malware Analysis - Infosec Resources:

https://resources.infosecinstitute.com/malware-analysis-basics-static-analysis/

-1215-Malware Basic Static Analysis:

https://medium.com/@jain.sm/malware-basic-static-analysis-cf19b4600725

-1216-Difference Between Static Malware Analysis and Dynamic Malware Analysis:

http://www.differencebetween.net/technology/difference-between-static-malware-analysis-and-dynamic-malware-analysis/

-1217-What is Malware Analysis | Different Tools for Malware Analysis:

https://blog.comodo.com/different-techniques-for-malware-analysis/

-1218-Detecting Malware Pre-execution with Static Analysis and Machine Learning:

https://www.sentinelone.com/blog/detecting-malware-pre-execution-static-analysis-machine-learning/

-1219-Limits of Static Analysis for Malware Detection:

https://ieeexplore.ieee.org/document/4413008

-1220-Kernel mode versus user mode:

https://blog.codinghorror.com/understanding-user-and-kernel-mode/

-1221-Understanding the ELF:

https://medium.com/@MrJamesFisher/understanding-the-elf-4bd60daac571

-1222-Windows Privilege Abuse: Auditing, Detection, and Defense:

https://medium.com/palantir/windows-privilege-abuse-auditing-detection-and-defense-3078a403d74e

-1223-First steps to volatile memory analysis:

https://medium.com/@zemelusa/first-steps-to-volatile-memory-analysis-dcbd4d2d56a1

-1224-Maliciously Mobile: A Brief History of Mobile Malware:

https://medium.com/threat-intel/mobile-malware-infosec-history-70f3fcaa61c8

-1225-Modern Binary Exploitation Writeups 0x01:

https://medium.com/bugbountywriteup/binary-exploitation-5fe810db3ed4

-1226-Exploit Development 01 — Terminology:

https://medium.com/@MKahsari/exploit-development-01-terminology-db8c19db80d5

-1227-Zero-day exploits: A cheat sheet for professionals:

https://www.techrepublic.com/article/zero-day-exploits-the-smart-persons-guide/

-1228-Best google hacking list on the net:

https://pastebin.com/x5LVJu9T

-1229-Google Hacking:

https://pastebin.com/6nsVK5Xi

-1230-OSCP links:

https://pastebin.com/AiYV80uQ

-1231-Pentesting 1 Information gathering:

https://pastebin.com/qLitw9eT

-1232-OSCP-Survival-Guide:

https://pastebin.com/kdc6th08

-1233-Googledork:

https://pastebin.com/qKwU37BK

-1234-Exploit DB:

https://pastebin.com/De4DNNKK

-1235-Dorks:

https://pastebin.com/cfVcqknA

-1236-GOOGLE HACKİNG DATABASE:

https://pastebin.com/1ndqG7aq

-1237-Carding Dorks 2019:

https://pastebin.com/Hqsxu6Nn

-1238-17k Carding Dorks 2019:

https://pastebin.com/fgdZxy74

-1239-CARDING DORKS 2019:

https://pastebin.com/Y7KvzZqg

-1240-sqli dork 2019:

https://pastebin.com/8gdeLYvU

-1241-Private Carding Dorks 2018:

https://pastebin.com/F0KxkMMD

-1242-20K dorks list fresh full carding 2018:

https://pastebin.com/LgCh0NRJ

-1243-8k Carding Dorks :):

https://pastebin.com/2bjBPiEm

-1244-8500 SQL DORKS:

https://pastebin.com/yeREBFzp

-1245-REAL CARDING DORKS:

https://pastebin.com/0kMhA0Gb

-1246-15k btc dorks:

https://pastebin.com/zbbBXSfG

-1247-Sqli dorks 2016-2017:

https://pastebin.com/7TQiMj3A

-1248-Here is kind of a tutorial on how to write google dorks.:

https://pastebin.com/hZCXrAFK

-1249-10k Private Fortnite Dorks:

https://pastebin.com/SF9UmG1Y

-1250-find login panel dorks:

https://pastebin.com/9FGUPqZc

-1251-Shell dorks:

https://pastebin.com/iZBFQ5yp

-1252-HQ PAID GAMING DORKS:

https://pastebin.com/vNYnyW09

-1253-10K HQ Shopping DORKS:

https://pastebin.com/HTP6rAt4

-1254-Exploit Dorks for Joomla,FCK and others 2015 Old but gold:

https://pastebin.com/ttxAJbdW

-1255-Gain access to unsecured IP cameras with these Google dorks:

https://pastebin.com/93aPbwwE

-1256-new fresh dorks:

https://pastebin.com/ZjdxBbNB

-1257-SQL DORKS FOR CC:

https://pastebin.com/ZQTHwk2S

-1258-Wordpress uploadify Dorks Priv8:

https://pastebin.com/XAGmHVUr

-1259-650 DORKS CC:

https://pastebin.com/xZHARTyz

-1260-3k Dorks Shopping:

https://pastebin.com/e1XiNa8M

-1261-DORKS 2018 :

https://pastebin.com/YAZkPJ0j

-1262-HQ FORTNITE DORKS LIST:

https://pastebin.com/rzhiNad8

-1263-HQ PAID DORKS MIXED GAMING LOL STEAM ..MUSIC SHOPING:

https://pastebin.com/VwVpAvj2

-1264-Camera dorks:

https://pastebin.com/fsARft2j

-1265-Admin Login Dorks:

https://pastebin.com/HWWNZCph

-1266-sql gov dorks:

https://pastebin.com/C8wqyNW8

-1267-10k hq gaming dorks:

https://pastebin.com/cDLN8edi

-1268-HQ SQLI Google Dorks For Shops/Amazon! Enjoy! :

https://pastebin.com/y59kK2h0

-1269-Dorks:

https://pastebin.com/PKvZYMAa

-1270-10k btc dorks:

https://pastebin.com/vRnxvbCu

-1271-7,000 Dorks for hacking into various sites:

https://pastebin.com/n8JVQv3X

-1272-List of information gathering search engines/tools etc:

https://pastebin.com/GTX9X5tF

-1273-FBOSINT:

https://pastebin.com/5KqnFS0B

-1274-Ultimate Penetration Testing:

https://pastebin.com/4EEeEnXe

-1275-massive list of information gathering search engines/tools :

https://pastebin.com/GZ9TVxzh

-1276-CEH Class:

https://pastebin.com/JZdCHrN4

-1277-CEH/CHFI Bundle Study Group Sessions:

https://pastebin.com/XTwksPK7

-1278-OSINT - Financial:

https://pastebin.com/LtxkUi0Y

-1279-Most Important Security Tools and Resources:

https://pastebin.com/cGE8rG04

-1280-OSINT resources from inteltechniques.com:

https://pastebin.com/Zbdz7wit

-1281-Red Team Tips:

https://pastebin.com/AZDBAr1m

-1282-OSCP Notes by Ash:

https://pastebin.com/wFWx3a7U

-1283-OSCP Prep:

https://pastebin.com/98JG5f2v

-1284-OSCP Review/Cheat Sheet:

https://pastebin.com/JMMM7t4f

-1285-OSCP Prep class:

https://pastebin.com/s59GPJrr

-1286-Complete Anti-Forensics Guide:

https://pastebin.com/6V6wZK0i

-1287-The Linux Command Line Cheat Sheet:

https://pastebin.com/PUtWDKX5

-1288-Command-Line Log Analysis:

https://pastebin.com/WEDwpcz9

-1289-An A-Z Index of the Apple macOS command line (OS X):

https://pastebin.com/RmPLQA5f

-1290-San Diego Exploit Development 2018:

https://pastebin.com/VfwhT8Yd

-1291-Windows Exploit Development Megaprimer:

https://pastebin.com/DvdEW4Az

-1292-Some Free Reverse engineering resources:

https://pastebin.com/si2ThQPP

-1293-Sans:

https://pastebin.com/MKiSnjLm

-1294-Metasploit Next Level:

https://pastebin.com/0jC1BUiv

-1295-Just playing around....:

https://pastebin.com/gHXPzf6B

-1296-Red Team Course:

https://pastebin.com/YUYSXNpG

-1297-New Exploit Development 2018:

https://pastebin.com/xaRxgYqQ

-1298-Good reviews of CTP/OSCE (in no particular order)::

https://pastebin.com/RSPbatip

-1299-Vulnerability Research Engineering Bookmarks Collection v1.0:

https://pastebin.com/8mUhjGSU

-1300-Professional-hacker's Pastebin :

https://pastebin.com/u/Professional-hacker

-1301-Google Cheat Sheet:

http://www.googleguide.com/print/adv_op_ref.pdf

-1302-Shodan for penetration testers:

https://www.defcon.org/images/defcon-18/dc-18-presentations/Schearer/DEFCON-18-Schearer-SHODAN.pdf

-1303-Linux networking tools:

https://gist.github.com/miglen/70765e663c48ae0544da08c07006791f

-1304-DNS spoofing with NetHunter:

https://cyberarms.wordpress.com/category/nethunter-tutorial/

-1305-Tips on writing a penetration testing report:

https://www.sans.org/reading-room/whitepapers/bestprac/writing-penetration-testing-report-33343

-1306-Technical penetration report sample:

https://tbgsecurity.com/wordpress/wp-content/uploads/2016/11/Sample-Penetration-Test-Report.pdf

-1307-Nessus sample reports:

https://www.tenable.com/products/nessus/sample-reports

-1308-Sample penetration testing report:

https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf

-1309-jonh-the-ripper-cheat-sheet:

https://countuponsecurity.com/2015/06/14/jonh-the-ripper-cheat-sheet/

-1310-ultimate guide to cracking foreign character passwords using hashcat:

http://www.netmux.com/blog/ultimate-guide-to-cracking-foreign-character-passwords-using-has

-1311-Building_a_Password_Cracking_Rig_forHashcat-_Part_III:

https://www.unix-ninja.com/p/Building_a_Password_Cracking_Rig_for_Hashcat_-_Part_III

-1312-cracking story how i cracked over 122 million sha1 and md5 hashed passwords:

http://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords/

-1313-CSA (Cloud Security Alliance) Security White Papers:

https://cloudsecurityalliance.org/download/

-1314-NIST Security Considerations in the System Development Life Cycle:

https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-64r2.pdf

-1315-ISO 29100 information technology security techniques privacy framework:

https://www.iso.org/standard/45123.html

-1316-NIST National Checklist Program:

https://nvd.nist.gov/ncp/repository

-1317-OWASP Guide to Cryptography:

https://www.owasp.org/index.php/Guide_to_Cryptography

-1318-NVD (National Vulnerability Database):

https://nvd.nist.gov/

-1319-CVE details:

https://cvedetails.com/

-1320-CIS Cybersecurity Tools:

https://www.cisecurity.org/cybersecurity-tools/

-1321-Security aspects of virtualization by ENISA:

https://www.enisa.europa.eu/publications/security-aspects-of-virtualization/

-1322-CIS Benchmarks also provides a security guide for VMware, Docker, and Kubernetes:

https://www.cisecurity.org/cis-benchmarks/

-1323-OpenStack's hardening of the virtualization layer provides a secure guide to building the virtualization layer:

https://docs.openstack.org/security-guide/compute/hardening-the-virtualization-layers.html

-1324-Docker security:

https://docs.docker.com/engine/security/security/

-1325-Microsoft Security Development Lifecycle:

http://www.microsoft.com/en-us/SDL/

-1326-OWASP SAMM Project:

https://www.owasp.org/index.php/OWASP_SAMM_Project

-1327-CWE/SANS Top 25 Most Dangerous Software Errors:

https://cwe.mitre.org/top25/

-1329-OWASP Vulnerable Web Applications Directory Project:

https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project

-1330-CERT Secure Coding Standards:

https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards

-1331-NIST Special Publication 800-53:

https://nvd.nist.gov/800-53

-1332-SAFECode Security White Papers:

https://safecode.org/publications/

-1333-Microsoft Threat Modeling tool 2016:

https://aka.ms/tmt2016/

-1334-Apache Metron for real-time big data security:

http://metron.apache.org/documentation/

-1335-Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process:

https://resources.sei.cmu.edu/asset_files/TechnicalReport/2007_005_001_14885.pdf

-1336-NIST 800-18 Guide for Developing Security Plans for Federal Information Systems:

http://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-18r1.pdf

-1337-ITU-T X.805 (10/2003) Security architecture for systems providing end- to-end communications:

https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.805-200310-I!!PDF-E&type=items

-1338-ETSI TS 102 165-1 V4.2.1 (2006-12) : Method and proforma for Threat, Risk, Vulnerability Analysis:

http://www.etsi.org/deliver/etsi_ts/102100_102199/10216501/04.02.01_60/ts_10216501v040201p.pdf

-1339-SAFECode Fundamental Practices for Secure Software Development:

https://safecode.org/wp-content/uploads/2018/03/SAFECode_Fundamental_Practices_for_Secure_Software_Development_March_2018.pdf

-1340-NIST 800-64 Security Considerations in the System Development Life Cycle:

https://csrc.nist.gov/publications/detail/sp/800-64/rev-2/final

-1341-SANS A Security Checklist for Web Application Design:

https://www.sans.org/reading-room/whitepapers/securecode/security-checklist-web-application-design-1389

-1342-Best Practices for implementing a Security Awareness Program:

https://www.pcisecuritystandards.org/documents/PCI_DSS_V1.0_Best_Practices_for_Implementing_Security_Awareness_Program.pdf

-1343-ETSI TS 102 165-1 V4.2.1 (2006-12): Method and proforma for Threat, Risk, Vulnerability Analysis:

http://www.etsi.org/deliver/etsi_ts/102100_102199/10216501/04.02.03_60/ts_10216501v040203p.pdf

-1344-NIST 800-18 Guide for Developing Security Plans for Federal Information Systems:

https://csrc.nist.gov/publications/detail/sp/800-18/rev-1/final

-1345-SafeCode Tactical Threat Modeling:

https://safecode.org/safecodepublications/tactical-threat-modeling/

-1346-SANS Web Application Security Design Checklist:

https://www.sans.org/reading-room/whitepapers/securecode/security-checklist-web-application-design-1389

-1347-Data Anonymization for production data dumps:

https://github.com/sunitparekh/data-anonymization

-1348-SANS Continuous Monitoring—What It Is, Why It Is Needed, and How to Use It:

https://www.sans.org/reading-room/whitepapers/analyst/continuous-monitoring-is-needed-35030

-1349-Guide to Computer Security Log Management:

https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=50881

-1350-Malware Indicators:

https://github.com/citizenlab/malware-indicators

-1351-OSINT Threat Feeds:

https://www.circl.lu/doc/misp/feed-osint/

-1352-SANS How to Use Threat Intelligence effectively:

https://www.sans.org/reading-room/whitepapers/analyst/threat-intelligence-is-effectively-37282

-1353-NIST 800-150 Guide to Cyber Threat Information Sharing:

https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-150.pdf

-1354-Securing Web Application Technologies Checklist:

https://software-security.sans.org/resources/swat

-1355-Firmware Security Training:

https://github.com/advanced-threat-research/firmware-security-training

-1356-Burp Suite Bootcamp:

https://pastebin.com/5sG7Rpg5

-1357-Web app hacking:

https://pastebin.com/ANsw7WRx

-1358-XSS Payload:

https://pastebin.com/EdxzE4P1

-1359-XSS Filter Evasion Cheat Sheet:

https://pastebin.com/bUutGfSy

-1360-Persistence using RunOnceEx – Hidden from Autoruns.exe:

https://oddvar.moe/2018/03/21/persistence-using-runonceex-hidden-from-autoruns-exe/

-1361-Windows Operating System Archaeology:

https://www.slideshare.net/enigma0x3/windows-operating-system-archaeology

-1362-How to Backdoor Windows 10 Using an Android Phone & USB Rubber Ducky:

https://www.prodefence.org/how-to-backdoor-windows-10-using-an-android-phone-usb-rubber-ducky/

-1363-Malware Analysis using Osquery :

https://hackernoon.com/malware-analysis-using-osquery-part-2-69f08ec2ecec

-1364-Tales of a Blue Teamer: Detecting Powershell Empire shenanigans with Sysinternals :

https://holdmybeersecurity.com/2019/02/27/sysinternals-for-windows-incident-response/

-1365-Userland registry hijacking:

https://3gstudent.github.io/Userland-registry-hijacking/

-1366-Malware Hiding Techniques to Watch for: AlienVault Labs:

https://www.alienvault.com/blogs/labs-research/malware-hiding-techniques-to-watch-for-alienvault-labs

-1367- Full text of "Google hacking for penetration testers" :

https://archive.org/stream/pdfy-TPtNL6_ERVnbod0r/Google+Hacking+-+For+Penetration+Tester_djvu.txt

-1368- Full text of "Long, Johnny Google Hacking For Penetration Testers" :

https://archive.org/stream/LongJohnnyGoogleHackingForPenetrationTesters/Long%2C%20Johnny%20-%20Google%20Hacking%20for%20Penetration%20Testers_djvu.txt

-1369- Full text of "Coding For Penetration Testers" :

https://archive.org/stream/CodingForPenetrationTesters/Coding%20for%20Penetration%20Testers_djvu.txt

-1370- Full text of "Hacking For Dummies" :

https://archive.org/stream/HackingForDummies/Hacking%20For%20Dummies_djvu.txt

-1371-Full text of "Wiley. Hacking. 5th. Edition. Jan. 2016. ISBN. 1119154685. Profescience.blogspot.com" :

https://archive.org/stream/Wiley.Hacking.5th.Edition.Jan.2016.ISBN.1119154685.Profescience.blogspot.com/Wiley.Hacking.5th.Edition.Jan.2016.ISBN.1119154685.Profescience.blogspot.com_djvu.txt

-1372- Full text of "Social Engineering The Art Of Human Hacking" :

https://archive.org/stream/SocialEngineeringTheArtOfHumanHacking/Social%20Engineering%20-%20The%20Art%20of%20Human%20Hacking_djvu.txt

-1373- Full text of "CYBER WARFARE" :

https://archive.org/stream/CYBERWARFARE/CYBER%20WARFARE_djvu.txt

-1374-Full text of "NSA DOCID: 4046925 Untangling The Web: A Guide To Internet Research" :

https://archive.org/stream/Untangling_the_Web/Untangling_the_Web_djvu.txt

-1375- Full text of "sectools" :

https://archive.org/stream/sectools/hack-the-stack-network-security_djvu.txt

-1376- Full text of "Aggressive network self-defense" :

https://archive.org/stream/pdfy-YNtvDJueGZb1DCDA/Aggressive%20Network%20Self-Defense_djvu.txt

-1377-Community Texts:

https://archive.org/details/opensource?and%5B%5D=%28language%3Aeng+OR+language%3A%22English%22%29+AND+subject%3A%22google%22

-1378- Full text of "Cyber Spying - Tracking (sometimes).PDF (PDFy mirror)" :

https://archive.org/stream/pdfy-5-Ln_yPZ22ondBJ8/Cyber%20Spying%20-%20Tracking%20%28sometimes%29_djvu.txt

-1379- Full text of "Enzyclopedia Of Cybercrime" :

https://archive.org/stream/EnzyclopediaOfCybercrime/Enzyclopedia%20Of%20Cybercrime_djvu.txt

-1380- Full text of "Information Security Management Handbook" :

https://archive.org/stream/InformationSecurityManagementHandbook/Information%20Security%20Management%20Handbook_djvu.txt

-1381- Full text of "ARMArchitecture Reference Manual" :

https://archive.org/stream/ARMArchitectureReferenceManual/DetectionOfIntrusionsAndMalwareAndVulnerabilityAssessment2016_djvu.txt

-1382- Full text of "Metasploit The Penetration Tester S Guide" :

https://archive.org/stream/MetasploitThePenetrationTesterSGuide/Metasploit-The+Penetration+Tester+s+Guide_djvu.txt

-1383-Tips & tricks to master Google’s search engine:

https://medium.com/infosec-adventures/google-hacking-39599373be7d

-1384-Ethical Google Hacking - Sensitive Doc Dork (Part 2) :

https://securing-the-stack.teachable.com/courses/ethical-google-hacking-1/lectures/3877866

-1385- Google Hacking Secrets:the Hidden Codes of Google :

https://www.ma-no.org/en/security/google-hacking-secrets-the-hidden-codes-of-google

-1386-google hacking:

https://www.slideshare.net/SamNizam/3-google-hacking

-1387-How Penetration Testers Use Google Hacking:

https://www.cqure.nl/kennisplatform/how-penetration-testers-use-google-hacking

-1388-Free Automated Malware Analysis Sandboxes and Services:

https://zeltser.com/automated-malware-analysis/

-1389-How to get started with Malware Analysis and Reverse Engineering:

https://0ffset.net/miscellaneous/how-to-get-started-with-malware-analysis/

-1390-Handy Tools And Websites For Malware Analysis:

https://www.informationsecuritybuzz.com/articles/handy-tools-and-websites/

-1391-Dynamic Malware Analysis:

https://prasannamundas.com/share/dynamic-malware-analysis/

-1392-Intro to Radare2 for Malware Analysis:

https://malwology.com/2018/11/30/intro-to-radare2-for-malware-analysis/

-1393-Detecting malware through static and dynamic techniques:

https://technical.nttsecurity.com/.../detecting-malware-through-static-and-dynamic-tec...

-1394-Malware Analysis Tutorial : Tricks for Confusing Static Analysis Tools:

https://www.prodefence.org/malware-analysis-tutorial-tricks-confusing-static-analysis-tools

-1395-Malware Analysis Lab At Home In 5 Steps:

https://ethicalhackingguru.com/malware-analysis-lab-at-home-in-5-steps/

-1396-Malware Forensics Guide - Static and Dynamic Approach:

https://www.yeahhub.com/malware-forensics-guide-static-dynamic-approach/

-1397-Top 30 Bug Bounty Programs in 2019:

https://www.guru99.com/bug-bounty-programs.html

-1398-Introduction - Book of BugBounty Tips:

https://gowsundar.gitbook.io/book-of-bugbounty-tips/

-1399-List of bug bounty writeups:

https://pentester.land/list-of-bug-bounty-writeups.html

-1400-Tips From A Bugbounty Hunter:

https://www.secjuice.com/bugbounty-hunter/

-1401-Cross Site Scripting (XSS) - Book of BugBounty Tips:

https://gowsundar.gitbook.io/book-of-bugbounty-tips/cross-site-scripting-xss

-1402-BugBountyTips:

https://null0xp.wordpress.com/tag/bugbountytips/

-1403-Xss Filter Bypass Payloads:

www.oroazteca.net/mq67/xss-filter-bypass-payloads.html

-1404-Bug Bounty Methodology:

https://eforensicsmag.com/bug-bounty-methodology-ttp-tacticstechniques-and-procedures-v-2-0

-1405-GDB cheat-sheet for exploit development:

www.mannulinux.org/2017/01/gdb-cheat-sheet-for-exploit-development.html

-1406-A Study in Exploit Development - Part 1: Setup and Proof of Concept :

https://www.anitian.com/a-study-in-exploit-development-part-1-setup-and-proof-of-concept

-1407-Exploit development tutorial :

https://www.computerweekly.com/tutorial/Exploit-development-tutorial-Part-Deux

-1408-exploit code development:

http://www.phreedom.org/presentations/exploit-code-development/exploit-code-development.pdf

-1409-“Help Defeat Denial of Service Attacks: Step-by-Step”:

http://www.sans.org/dosstep/

-1410-Internet Firewalls: Frequently Asked Questions:

http://www.interhack.net/pubs/fwfaq/

-1411-Service Name and Transport Protocol Port Number:

http://www.iana.org/assignments/port-numbers

-1412-10 Useful Open Source Security Firewalls for Linux Systems:

https://www.tecmint.com/open-source-security-firewalls-for-linux-systems/

-1413-40 Linux Server Hardening Security Tips:

https://www.cyberciti.biz/tips/linux-security.html

-1414-Linux hardening: A 15-step checklist for a secure Linux server :

https://www.computerworld.com/.../linux-hardening-a-15-step-checklist-for-a-secure-linux-server

-1415-25 Hardening Security Tips for Linux Servers:

https://www.tecmint.com/linux-server-hardening-security-tips/

-1416-How to Harden Unix/Linux Systems & Close Security Gaps:

https://www.beyondtrust.com/blog/entry/harden-unix-linux-systems-close-security-gaps

-1417-34 Linux Server Security Tips & Checklists for Sysadmins:

https://www.process.st/server-security/

-1418-Linux Hardening:

https://www.slideshare.net/MichaelBoelen/linux-hardening

-1419-23 Hardening Tips to Secure your Linux Server:

https://www.rootusers.com/23-hardening-tips-to-secure-your-linux-server/

-1420-What is the Windows Registry? :

https://www.computerhope.com/jargon/r/registry.htm

-1421-Windows Registry, Everything You Need To Know:

https://www.gammadyne.com/registry.htm

-1422-Windows Registry Tutorial:

https://www.akadia.com/services/windows_registry_tutorial.html

-1423-5 Tools to Scan a Linux Server for Malware and Rootkits:

https://www.tecmint.com/scan-linux-for-malware-and-rootkits/

-1424-Subdomain takeover dew to missconfigured project settings for Custom domain .:

https://medium.com/bugbountywriteup/subdomain-takeover-dew-to-missconfigured-project-settings-for-custom-domain-46e90e702969

-1425-Massive Subdomains p0wned:

https://medium.com/bugbountywriteup/massive-subdomains-p0wned-80374648336e

-1426-Subdomain Takeover: Basics:

https://0xpatrik.com/subdomain-takeover-basics/

-1427-Subdomain Takeover: Finding Candidates:

https://0xpatrik.com/subdomain-takeover-candidates/

-1428-Bugcrowd's Domain & Subdomain Takeover!:

https://bugbountypoc.com/bugcrowds-domain-takeover/

-1429-What Are Subdomain Takeovers, How to Test and Avoid Them?:

https://dzone.com/articles/what-are-subdomain-takeovers-how-to-test-and-avoid

-1430-Finding Candidates for Subdomain Takeovers:

https://jarv.is/notes/finding-candidates-subdomain-takeovers/

-1431-Subdomain takeover of blog.snapchat.com:

https://hackernoon.com/subdomain-takeover-of-blog-snapchat-com-60860de02fe7

-1432-Hostile Subdomain takeove:

https://labs.detectify.com/tag/hostile-subdomain-takeover/

-1433-Microsoft Account Takeover Vulnerability Affecting 400 Million Users:

https://www.safetydetective.com/blog/microsoft-outlook/

-1434-What is Subdomain Hijack/Takeover Vulnerability? How to Identify? & Exploit It?:

https://blog.securitybreached.org/2017/10/11/what-is-subdomain-takeover-vulnerability/

-1435-Subdomain takeover detection with AQUATONE:

https://michenriksen.com/blog/subdomain-takeover-detection-with-aquatone/

-1436-A hostile subdomain takeover! – Breaking application security:

https://evilenigma.blog/2019/03/12/a-hostile-subdomain-takeover/

-1437-Web Development Reading List:

https://www.smashingmagazine.com/2017/03/web-development-reading-list-172/

-1438-CSRF Attack can lead to Stored XSS:

https://medium.com/bugbountywriteup/csrf-attack-can-lead-to-stored-xss-f40ba91f1e4f

-1439-What is Mimikatz: The Beginner's Guide | Varonis:

https://www.varonis.com/bog/what-is-mimikatz

-1440-Preventing Mimikatz Attacks :

https://medium.com/blue-team/preventing-mimikatz-attacks-ed283e7ebdd5

-1441-Mimikatz tutorial: How it hacks Windows passwords, credentials:

https://searchsecurity.techtarget.com/.../Mimikatz-tutorial-How-it-hacks-Windows-passwords-credentials

-1442-Mimikatz: Walkthrough [Updated 2019]:

https://resources.infosecinstitute.com/mimikatz-walkthrough/

-1443-Mimikatz -Windows Tutorial for Beginner:

https://hacknpentest.com/mimikatz-windows-tutorial-beginners-guide-part-1/

-1444-Mitigations against Mimikatz Style Attacks:

https://isc.sans.edu/forums/diary/Mitigations+against+Mimikatz+Style+Attacks

-1445-Exploring Mimikatz - Part 1 :

https://blog.xpnsec.com/exploring-mimikatz-part-1/

-1446-Powershell AV Evasion. Running Mimikatz with PowerLine:

https://jlajara.gitlab.io/posts/2019/01/27/Mimikatz-AV-Evasion.html

-1447-How to Steal Windows Credentials with Mimikatz and Metasploit:

https://www.hackingloops.com/mimikatz/

-1448-Retrieving NTLM Hashes without touching LSASS:

https://www.andreafortuna.org/2018/03/26/retrieving-ntlm-hashes-without-touching-lsass-the-internal-monologue-attack/

-1449-From Responder to NT Authority\SYSTEM:

https://medium.com/bugbountywriteup/from-responder-to-nt-authority-system-39abd3593319

-1450-Getting Creds via NTLMv2:

https://0xdf.gitlab.io/2019/01/13/getting-net-ntlm-hases-from-windows.html

-1451-Living off the land: stealing NetNTLM hashes:

https://www.securify.nl/blog/SFY20180501/living-off-the-land_-stealing-netntlm-hashes.html

-1452-(How To) Using Responder to capture passwords on a Windows:

www.securityflux.com/?p=303

-1453-Pwning with Responder - A Pentester's Guide:

https://www.notsosecure.com/pwning-with-responder-a-pentesters-guide/

-1454-LLMNR and NBT-NS Poisoning Using Responder:

https://www.4armed.com/blog/llmnr-nbtns-poisoning-using-responder/

-1455-Responder - Ultimate Guide :

https://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/guide/

-1456-Responder - CheatSheet:

https://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/cheatsheet/

-1457-LM, NTLM, Net-NTLMv2, oh my! :

https://medium.com/@petergombos/lm-ntlm-net-ntlmv2-oh-my-a9b235c58ed4

-1458-SMB Relay Attack Tutorial:

https://intrinium.com/smb-relay-attack-tutorial

-1459-Cracking NTLMv2 responses captured using responder:

https://zone13.io/post/cracking-ntlmv2-responses-captured-using-responder/

-1460-Skip Cracking Responder Hashes and Relay Them:

https://threat.tevora.com/quick-tip-skip-cracking-responder-hashes-and-replay-them/

-1461-Metasploit's First Antivirus Evasion Modules:

https://blog.rapid7.com/2018/10/09/introducing-metasploits-first-evasion-module/

-1462-Evading Anti-virus Part 1: Infecting EXEs with Shellter:

https://www.hackingloops.com/evading-anti-virus-shellter/

-1463-Evading AV with Shellter:

https://www.securityartwork.es/2018/11/02/evading-av-with-shellter-i-also-have-sysmon-and-wazuh-i/

-1464-Shellter-A Shellcode Injecting Tool :

https://www.hackingarticles.in/shellter-a-shellcode-injecting-tool/

-1465-Bypassing antivirus programs using SHELLTER:

https://myhackstuff.com/shellter-bypassing-antivirus-programs/

-1466-John the Ripper step-by-step tutorials for end-users :

openwall.info/wiki/john/tutorials

-1467-Beginners Guide for John the Ripper (Part 1):

https://www.hackingarticles.in/beginner-guide-john-the-ripper-part-1/

-1468-John the Ripper Basics Tutorial:

https://ultimatepeter.com/john-the-ripper-basics-tutorial/

-1469-Crack Windows password with john the ripper:

https://www.securitynewspaper.com/2018/11/27/crack-windows-password-with-john-the-ripper/

-1470-Getting Started Cracking Password Hashes with John the Ripper :

https://www.tunnelsup.com/getting-started-cracking-password-hashes/

-1471-Shell code exploit with Buffer overflow:

https://medium.com/@jain.sm/shell-code-exploit-with-buffer-overflow-8d78cc11f89b

-1472-Shellcoding for Linux and Windows Tutorial :

www.vividmachines.com/shellcode/shellcode.html

-1473-Buffer Overflow Practical Examples :

https://0xrick.github.io/binary-exploitation/bof5/

-1474-Msfvenom shellcode analysis:

https://snowscan.io/msfvenom-shellcode-analysis/

-1475-Process Continuation Shellcode:

https://azeria-labs.com/process-continuation-shellcode/

-1476-Dynamic Shellcode Execution:

https://www.countercept.com/blog/dynamic-shellcode-execution/

-1477-Tutorials: Writing shellcode to binary files:

https://www.fuzzysecurity.com/tutorials/7.html

-1478-Creating Shellcode for an Egg Hunter :

https://securitychops.com/2018/05/26/slae-assignment-3-egghunter-shellcode.html

-1479-How to: Shellcode to reverse bind a shell with netcat :

www.hackerfall.com/story/shellcode-to-reverse-bind-a-shell-with-netcat

-1480-Bashing the Bash — Replacing Shell Scripts with Python:

https://medium.com/capital-one-tech/bashing-the-bash-replacing-shell-scripts-with-python-d8d201bc0989

-1481-How to See All Devices on Your Network With nmap on Linux:

https://www.howtogeek.com/.../how-to-see-all-devices-on-your-network-with-nmap-on-linux

-1482-A Complete Guide to Nmap:

https://www.edureka.co/blog/nmap-tutorial/

-1483-Nmap from Beginner to Advanced :

https://resources.infosecinstitute.com/nmap/

-1484-Using Wireshark: Identifying Hosts and Users:

https://unit42.paloaltonetworks.com/using-wireshark-identifying-hosts-and-users/

-1485-tshark tutorial and filter examples:

https://hackertarget.com/tshark-tutorial-and-filter-examples/

-1486-Fuzz Testing(Fuzzing) Tutorial: What is, Types, Tools & Example:

https://www.guru99.com/fuzz-testing.html

-1487-Tutorial: Dumb Fuzzing - Peach Community Edition:

community.peachfuzzer.com/v3/TutorialDumbFuzzing.html

-1488-HowTo: ExploitDev Fuzzing:

https://hansesecure.de/2018/03/howto-exploitdev-fuzzing/

-1489-Fuzzing with Metasploit:

https://www.corelan.be/?s=fuzzing

-1490-Fuzzing – how to find bugs automagically using AFL:

9livesdata.com/fuzzing-how-to-find-bugs-automagically-using-afl/

-1491-Introduction to File Format Fuzzing & Exploitation:

https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3

-1492-0x3 Python Tutorial: Fuzzer:

https://www.primalsecurity.net/0x3-python-tutorial-fuzzer/

-1493-Hunting For Bugs With AFL:

https://research.aurainfosec.io/hunting-for-bugs-101/

-1494-Fuzzing: The New Unit Testing:

https://www.slideshare.net/DmitryVyukov/fuzzing-the-new-unit-testing

-1495-Fuzzing With Peach Framework:

https://www.terminatio.org/fuzzing-peach-framework-full-tutorial-download/

-1496-How we found a tcpdump vulnerability using cloud fuzzing:

https://www.softscheck.com/en/identifying-security-vulnerabilities-with-cloud-fuzzing/

-1497-Finding a Fuzzer: Peach Fuzzer vs. Sulley:

https://medium.com/@jtpereyda/finding-a-fuzzer-peach-fuzzer-vs-sulley-1fcd6baebfd4

-1498-Android malware analysis:

https://www.slideshare.net/rossja/android-malware-analysis-71109948

-1499-15+ Malware Analysis Tools & Techniques :

https://www.template.net/business/tools/malware-analysis/

-1500-30 Online Malware Analysis Sandboxes / Static Analyzers:

https://medium.com/@su13ym4n/15-online-sandboxes-for-malware-analysis-f8885ecb8a35

-1501-Linux Command Line Forensics and Intrusion Detection Cheat Sheet:

https://www.sandflysecurity.com/blog/compromised-linux-cheat-sheet/

-1502-Cheat Sheets - SANS Digital Forensics:

https://digital-forensics.sans.org/community/cheat-sheets

-1503-Breach detection with Linux filesystem forensics:

https://opensource.com/article/18/4/linux-filesystem-forensics

-1504-Digital Forensics Cheat Sheets Collection :

https://neverendingsecurity.wordpress.com/digital-forensics-cheat-sheets-collection/

-1505-Security Incident Survey Cheat Sheet for Server Administrators:

https://zeltser.com/security-incident-survey-cheat-sheet/

-1506-Digital forensics: A cheat sheet :

https://www.techrepublic.com/article/digital-forensics-the-smart-persons-guide/

-1507-Windows Registry Forensics using 'RegRipper' Command-Line on Linux:

https://www.pinterest.cl/pin/794815034207804059/

-1508-Windows IR Live Forensics Cheat Sheet:

https://www.cheatography.com/koriley/cheat-sheets/windows-ir-live-forensics/

-1509-10 Best Known Forensics Tools That Works on Linux:

https://linoxide.com/linux-how-to/forensics-tools-linux/

-1510-Top 20 Free Digital Forensic Investigation Tools for SysAdmins:

https://techtalk.gfi.com/top-20-free-digital-forensic-investigation-tools-for-sysadmins/

-1511-Windows Volatile Memory Acquisition & Forensics 2018:

https://medium.com/@lucideus/windows-volatile-memory-acquisition-forensics-2018-lucideus-forensics-3f297d0e5bfd

-1512-PowerShell Cheat Sheet :

https://www.digitalforensics.com/blog/powershell-cheat-sheet-2/

-1513-Forensic Artifacts: evidences of program execution on Windows systems:

https://www.andreafortuna.org/forensic-artifacts-evidences-of-program-execution-on-windows-systems

-1514-How to install a CPU?:

https://www.computer-hardware-explained.com/how-to-install-a-cpu.html

-1515-How To Upgrade and Install a New CPU or Motherboard:

https://www.howtogeek.com/.../how-to-upgrade-and-install-a-new-cpu-or-motherboard-or-both

-1516-Installing and Troubleshooting CPUs:

www.pearsonitcertification.com/articles/article.aspx?p=1681054&seqNum=2

-1517-15 FREE Pastebin Alternatives You Can Use Right Away:

https://www.rootreport.com/pastebin-alternatives/

-1518-Basic computer troubleshooting steps:

https://www.computerhope.com/basic.htm

-1519-18 Best Websites to Learn Computer Troubleshooting and Tech support:

http://transcosmos.co.uk/best-websites-to-learn-computer-troubleshooting-and-tech-support

-1520-Post Exploitation with PowerShell Empire 2.3.0 :

https://www.yeahhub.com/post-exploitation-powershell-empire-2-3-0-detailed-tutorial/

-1521-Windows Persistence with PowerShell Empire :

https://www.hackingarticles.in/windows-persistence-with-powershell-empire/

-1522-powershell-empire-tutorials-empire-to-meterpreter-shellcode-injection-ssl-tutorial:

https://www.dudeworks.com/powershell-empire-tutorials-empire-to-meterpreter-shellcode-injection-ssl-tutorial

-1523-Bypassing Anti-Virtus & Hacking Windows 10 Using Empire :

https://zsecurity.org/bypassing-anti-virtus-hacking-windows-10-using-empire/

-1524-Hacking with Empire – PowerShell Post-Exploitation Agent :

https://www.prodefence.org/hacking-with-empire-powershell-post-exploitation-agent/

-1525-Hacking Windows Active Directory Full guide:

www.kalitut.com/hacking-windows-active-directory-full.html

-1526-PowerShell Empire for Post-Exploitation:

https://www.hackingloops.com/powershell-empire/

-1527-Generate A One-Liner – Welcome To LinuxPhilosophy!:

linuxphilosophy.com/rtfm/more/empire/generate-a-one-liner/

-1528-CrackMapExec - Ultimate Guide:

https://www.ivoidwarranties.tech/posts/pentesting-tuts/cme/crackmapexec/

-1529-PowerShell Logging and Security:

https://www.secjuice.com/enterprise-powershell-protection-logging/

-1530-Create your own FUD Backdoors with Empire:

http://blog.extremehacking.org/blog/2016/08/25/create-fud-backdoors-empire/

-1531-PowerShell Empire Complete Tutorial For Beginners:

https://video.hacking.reviews/2019/06/powershell-empire-complete-tutorial-for.html

-1532-Bash Bunny: Windows Remote Shell using Metasploit & PowerShell:

https://cyberarms.wordpress.com/.../bash-bunny-windows-remote-shell-using-metasploit-powershell

-1533-Kerberoasting - Stealing Service Account Credentials:

https://www.scip.ch/en/?labs.20181011

-1534-Automating Mimikatz with Empire and DeathStar :

https://blog.stealthbits.com/automating-mimikatz-with-empire-and-deathstar/

-1535-Windows oneliners to get shell :

https://ironhackers.es/en/cheatsheet/comandos-en-windows-para-obtener-shell/

-1536-ObfuscatedEmpire :

https://cobbr.io/ObfuscatedEmpire.html

-1537-Pentesting with PowerShell in six steps:

https://periciacomputacional.com/pentesting-with-powershell-in-six-steps/

-1538-Using Credentials to Own Windows Boxes - Part 3 (WMI and WinRM):

https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-3-wmi-and-winrm

-1539-PowerShell Security Best Practices:

https://www.digitalshadows.com/blog-and-research/powershell-security-best-practices/

-1540-You can detect PowerShell attacks:

https://www.slideshare.net/Hackerhurricane/you-can-detect-powershell-attacks

-1541-Detecting and Preventing PowerShell Attacks:

https://www.eventsentry.com/.../powershell-pw3rh311-detecting-preventing-powershell-attacks

-1542-Detecting Offensive PowerShell Attack Tools – Active Directory Security:

https://adsecurity.org/?p=2604

-1543-An Internal Pentest Audit Against Active Directory:

https://www.exploit-db.com/docs/46019

-1544-A complete Active Directory Penetration Testing Checklist :

https://gbhackers.com/active-directory-penetration-testing-checklist/

-1545-Active Directory | Penetration Testing Lab:

https://pentestlab.blog/tag/active-directory/

-1546-Building and Attacking an Active Directory lab with PowerShell :

https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell

-1547-Penetration Testing in Windows Server Active Directory using Metasploit:

https://www.hackingarticles.in/penetration-testing-windows-server-active-directory-using-metasploit-part-1

-1548-Red Team Penetration Testing – Going All the Way (Part 2 of 3) :

https://www.anitian.com/red-team-testing-going-all-the-way-part2/

-1549-Penetration Testing Active Directory, Part II:

https://www.jishuwen.com/d/2Mtq

-1550-Gaining Domain Admin from Outside Active Directory:

https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html

-1551-Post Exploitation Cheat Sheet:

https://0xsecurity.com/blog/some-hacking-techniques/post-exploitation-cheat-sheet

-1552-Windows post-exploitation :

https://github.com/emilyanncr/Windows-Post-Exploitation

-1553-OSCP - Windows Post Exploitation :

https://hackingandsecurity.blogspot.com/2017/9/oscp-windows-post-exploitation.html

-1554-Windows Post-Exploitation Command List:

http://pentest.tonyng.net/windows-post-exploitation-command-list/

-1555-Windows Post-Exploitation Command List:

http://tim3warri0r.blogspot.com/2012/09/windows-post-exploitation-command-list.html

-1556-Linux Post-Exploitation · OSCP - Useful Resources:

https://backdoorshell.gitbooks.io/oscp-useful-links/content/linux-post-exploitation.html

-1557-Pentesting Cheatsheet:

https://anhtai.me/pentesting-cheatsheet/

-1558-Pentesting Cheatsheets - Red Teaming Experiments:

https://ired.team/offensive-security-experiments/offensive-security-cheetsheets

-1559-OSCP Goldmine:

http://0xc0ffee.io/blog/OSCP-Goldmine

-1560-Linux Post Exploitation Cheat Sheet:

http://red-orbita.com/?p=8455

-1562-OSCP useful resources and tools:

https://acknak.fr/en/articles/oscp-tools/

-1563-Windows Post-Exploitation Command List :

https://es.scribd.com/document/100182787/Windows-Post-Exploitation-Command-List

-1564-Metasploit Cheat Sheet:

https://pentesttools.net/metasploit-cheat-sheet/

-1565-Windows Privilege Escalation:

https://awansec.com/windows-priv-esc.html

-1566-Linux Unix Bsd Post Exploitation:

https://attackerkb.com/Unix/LinuxUnixBSD_Post_Exploitation

-1567-Privilege Escalation & Post-Exploitation:

https://movaxbx.ru/2018/09/16/privilege-escalation-post-exploitation/

-1568-Metasploit Cheat Sheet:

https://vk-intel.org/2016/12/28/metasploit-cheat-sheet/

-1569-Metasploit Cheat Sheet :

https://nitesculucian.github.io/2018/12/01/metasploit-cheat-sheet/

-1570-Privilege escalation: Linux:

https://vulp3cula.gitbook.io/hackers-grimoire/post-exploitation/privesc-linux

-1571-Cheat Sheets — Amethyst Security:

https://www.ssddcyber.com/cheatsheets

-1572-Responder - CheatSheet:

https://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/cheatsheet/

-1573-Cheatsheets:

https://h4ck.co/wp-content/uploads/2018/06/cheatsheet.txt

-1574-Are you ready for OSCP?:

https://www.hacktoday.io/t/are-you-ready-for-oscp/59

-1575-Windows Privilege Escalation:

https://labs.p64cyber.com/windows-privilege-escalation/

-1576-A guide to Linux Privilege Escalation:

https://payatu.com/guide-linux-privilege-escalation/

-1577-Windows Post-Exploitation-Cheat-Sheet:

http://pentestpanther.com/2019/07/01/windows-post-exploitation-cheat-sheet/

-1578-Windows Privilege Escalation (privesc) Resources:

https://www.willchatham.com/security/windows-privilege-escalation-privesc-resources/

-1579-Dissecting Mobile Malware:

https://slideplayer.com/slide/3434519/

-1580-Android malware analysis with Radare: Dissecting the Triada Trojan:

www.nowsecure.com/blog/2016/11/21/android-malware-analysis-radare-triad/

-1581-Dissecting Mobile Native Code Packers:

https://blog.zimperium.com/dissecting-mobile-native-code-packers-case-study/

-1582-What is Mobile Malware? Defined, Explained, and Explored:

https://www.forcepoint.com/cyber-edu/mobile-malware

-1583-Malware Development — Professionalization of an Ancient Art:

https://medium.com/scip/malware-development-professionalization-of-an-ancient-art-4dfb3f10f34b

-1584-Weaponizing Malware Code Sharing with Cythereal MAGIC:

https://medium.com/@arun_73782/cythereal-magic-e68b0c943b1d

-1585-Web App Pentest Cheat Sheet:

https://medium.com/@muratkaraoz/web-app-pentest-cheat-sheet-c17394af773

-1586-The USB Threat is [Still] Real — Pentest Tools for Sysadmins, Continued:

https://medium.com/@jeremy.trinka/the-usb-threat-is-still-real-pentest-tools-for-sysadmins-continued-88560af447bf

-1587-How to Run An External Pentest:

https://medium.com/@_jayhill/how-to-run-an-external-pentest-dd76ed14bb6a

-1588-Advice for new pentesters:

https://medium.com/@PentesterLab/advice-for-new-pentesters-a5f7d75a3aea

-1589-NodeJS Application Pentest Tips:

https://medium.com/bugbountywriteup/nodejs-application-pentest-tips-improper-uri-handling-in-express-390b3a07cb3e

-1590-How to combine Pentesting with Automation to improve your security:

https://medium.com/how-to-combine-pentest-with-automation-to-improve-your-security

-1591-Day 79: FTP Pentest Guide:

https://medium.com/@int0x33/day-79-ftp-pentest-guide-5106967bd50a

-1592-SigintOS: A Wireless Pentest Distro Review:

https://medium.com/@tomac/sigintos-a-wireless-pentest-distro-review-a7ea93ee8f8b

-1593-Conducting an IoT Pentest :

https://medium.com/p/6fa573ac6668?source=user_profile...

-1594-Efficient way to pentest Android Chat Applications:

https://medium.com/android-tamer/efficient-way-to-pentest-android-chat-applications-46221d8a040f

-1595-APT2 - Automated PenTest Toolkit :

https://medium.com/media/f1cf43d92a17d5c4c6e2e572133bfeed/href

-1596-Pentest Tools and Distros:

https://medium.com/hacker-toolbelt/pentest-tools-and-distros-9d738d83f82d

-1597-Keeping notes during a pentest/security assessment/code review:

https://blog.pentesterlab.com/keeping-notes-during-a-pentest-security-assessment-code-review-7e6db8091a66?gi=4c290731e24b

-1598-An intro to pentesting an Android phone:

https://medium.com/@tnvo/an-intro-to-pentesting-an-android-phone-464ec4860f39

-1599-The Penetration Testing Report:

https://medium.com/@mtrdesign/the-penetration-testing-report-38a0a0b25cf2

-1600-VA vs Pentest:

https://medium.com/@play.threepetsirikul/va-vs-pentest-cybersecurity-2a17250d5e03

-1601-Pentest: Hacking WPA2 WiFi using Aircrack on Kali Linux:

https://medium.com/@digitalmunition/pentest-hacking-wpa2-wifi-using-aircrack-on-kali-linux-99519fee946f

-1602-Pentesting Ethereum dApps:

https://medium.com/@brandonarvanaghi/pentesting-ethereum-dapps-2a84c8dfee19

-1603-Android pentest lab in a nutshell :

https://medium.com/@dortz/android-pentest-lab-in-a-nutshell-ee60be8638d3

-1604-Pentest Magazine: Web Scraping with Python :

https://medium.com/@heavenraiza/web-scraping-with-python-170145fd90d3

-1605-Pentesting iOS apps without jailbreak:

https://medium.com/securing/pentesting-ios-apps-without-jailbreak-91809d23f64e

-1606-OSCP/Pen Testing Resources:

https://medium.com/@sdgeek/oscp-pen-testing-resources-271e9e570d45

-1607-Web Application Security & Bug Bounty (Methodology, Reconnaissance, Vulnerabilities, Reporting):

https://blog.usejournal.com/web-application-security-bug-bounty-methodology-reconnaissance-vulnerabilities-reporting-635073cddcf2?gi=4a578db171dc

-1608-Local File Inclusion (LFI) — Web Application Penetration Testing:

https://medium.com/@Aptive/local-file-inclusion-lfi-web-application-penetration-testing-cc9dc8dd3601

-1609-Local File Inclusion (Basic):

https://medium.com/@kamransaifullah786/local-file-inclusion-basic-242669a7af3

-1610-PHP File Inclusion Vulnerability:

https://www.immuniweb.com/vulnerability/php-file-inclusion.html

-1611-Local File Inclusion:

https://teambi0s.gitlab.io/bi0s-wiki/web/lfi/

-1612-Web Application Penetration Testing: Local File Inclusion:

https://hakin9.org/web-application-penetration-testing-local-file-inclusion-lfi-testing/

-1613-From Local File Inclusion to Code Execution :

https://resources.infosecinstitute.com/local-file-inclusion-code-execution/

-1614-RFI / LFI:

https://security.radware.com/ddos-knowledge-center/DDoSPedia/rfi-lfi/

-1615-From Local File Inclusion to Remote Code Execution - Part 2:

https://outpost24.com/blog/from-local-file-inclusion-to-remote-code-execution-part-2

-1616-Local File Inclusion:

https://xapax.gitbooks.io/security/content/local_file_inclusion.html

-1617-Beginner Guide to File Inclusion Attack (LFI/RFI) :

https://www.hackingarticles.in/beginner-guide-file-inclusion-attack-lfirfi/

-1618-LFI / RFI:

https://secf00tprint.github.io/blog/payload-tester/lfirfi/en

-1619-LFI and RFI Attacks - All You Need to Know:

https://www.getastra.com/blog/your-guide-to-defending-against-lfi-and-rfi-attacks/

-1620-Log Poisoning - LFI to RCE :

http://liberty-shell.com/sec/2018/05/19/poisoning/

-1621-LFI:

https://www.slideshare.net/cyber-punk/lfi-63050678

-1622-Hand Guide To Local File Inclusion(LFI):

www.securityidiots.com/Web-Pentest/LFI/guide-to-lfi.html

-1623-Local File Inclusion (LFI) - Cheat Sheet:

https://ironhackers.es/herramientas/lfi-cheat-sheet/

-1624-Web Application Penetration Testing Local File Inclusion (LFI):

https://www.cnblogs.com/Primzahl/p/6258149.html

-1625-File Inclusion Vulnerability Prevention:

https://www.pivotpointsecurity.com/blog/file-inclusion-vulnerabilities/

-1626-The Most In-depth Hacker's Guide:

https://books.google.com/books?isbn=1329727681

-1627-Hacking Essentials: The Beginner's Guide To Ethical Hacking:

https://books.google.com/books?id=e6CHDwAAQBAJ

-1628-Web App Hacking, Part 11: Local File Inclusion:

https://www.hackers-arise.com/.../Web-App-Hacking-Part-11-Local-File-Inclusion-LFI

-1629-Local and remote file inclusion :

https://vulp3cula.gitbook.io/hackers-grimoire/exploitation/web-application/lfi-rfi

-1630-Upgrade from LFI to RCE via PHP Sessions :

https://www.rcesecurity.com/2017/08/from-lfi-to-rce-via-php-sessions/

-1631-CVV #1: Local File Inclusion:

https://medium.com/bugbountywriteup/cvv-1-local-file-inclusion-ebc48e0e479a

-1632-(PDF) Cross Site Scripting (XSS) in Action:

https://www.researchgate.net/publication/241757130_Cross_Site_Scripting_XSS_in_Action

-1633-XSS exploitation part 1:

www.securityidiots.com/Web-Pentest/XSS/xss-exploitation-series-part-1.html

-1634-Weaponizing self-xss:

https://silentbreaksecurity.com/weaponizing-self-xss/

-1635-Cookie Tracking and Stealing using Cross-Site Scripting:

https://www.geeksforgeeks.org/cookie-tracking-stealing-using-cross-site-scripting/

-1636-Defense against the Black Arts:

https://books.google.com/books?isbn=1439821224

-1637-CSRF Attacks: Anatomy, Prevention, and XSRF Tokens:

https://www.acunetix.com/websitesecurity/csrf-attacks/

-1638-Bypassing CSRF protection:

https://www.bugbountynotes.com/training/tutorial?id=5

-1639-Stealing CSRF tokens with XSS:

https://digi.ninja/blog/xss_steal_csrf_token.php

-1640-Same Origin Policy and ways to Bypass:

https://medium.com/@minosagap/same-origin-policy-and-ways-to-bypass-250effdc4a12

-1641-Bypassing Same Origin Policy :

https://resources.infosecinstitute.com/bypassing-same-origin-policy-sop/

-1642-Client-Side Attack - an overview :

https://www.sciencedirect.com/topics/computer-science/client-side-attack

-1643-Client-Side Injection Attacks:

https://blog.alertlogic.com/blog/client-side-injection-attacks/

-1645-The Client-Side Battle Against JavaScript Attacks Is Already Here:

https://medium.com/swlh/the-client-side-battle-against-javascript-attacks-is-already-here-656f3602c1f2

-1646-Why Let’s Encrypt is a really, really, really bad idea:

https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801

-1647-Huge Guide to Client-Side Attacks:

https://www.notion.so/d382649cfebd4c5da202677b6cad1d40

-1648-OSCP Prep – Episode 11: Client Side Attacks:

https://kentosec.com/2018/09/02/oscp-prep-episode-11-client-side-attacks/

-1649-Client side attack - AV Evasion:

https://rafalharazinski.gitbook.io/security/oscp/untitled-1/client-side-attack

-1650-Client-Side Attack With Metasploit (Part 4):

https://thehiddenwiki.pw/blog/2018/07/23/client-side-attack-metasploit/

-1651-Ransomware: Latest Developments and How to Defend Against Them:

https://www.recordedfuture.com/latest-ransomware-attacks/

-1652-Cookie Tracking and Stealing using Cross-Site Scripting:

https://www.geeksforgeeks.org/cookie-tracking-stealing-using-cross-site-scripting/

-1653-How to Write an XSS Cookie Stealer in JavaScript to Steal Passwords:

https://null-byte.wonderhowto.com/.../write-xss-cookie-stealer-javascript-steal-passwords-0180833

-1654-How I was able to steal cookies via stored XSS in one of the famous e-commerce site:

https://medium.com/@bhavarth33/how-i-was-able-to-steal-cookies-via-stored-xss-in-one-of-the-famous-e-commerce-site-3de8ab94437d

-1655-Steal victim's cookie using Cross Site Scripting (XSS) :

https://securityonline.info/steal-victims-cookie-using-cross-site-scripting-xss/

-1656-Remote Code Execution — Damn Vulnerable Web Application(DVWA) - Medium level security:

https://medium.com/@mikewaals/remote-code-execution-damn-vulnerable-web-application-dvwa-medium-level-security-ca283cda3e86

-1657-Remote Command Execution:

https://hacksland.net/remote-command-execution/

-1658-DevOops — An XML External Entity (XXE) HackTheBox Walkthrough:

https://medium.com/bugbountywriteup/devoops-an-xml-external-entity-xxe-hackthebox-walkthrough-fb5ba03aaaa2

-1659-XML External Entity - Beyond /etc/passwd (For Fun & Profit):

https://www.blackhillsinfosec.com/xml-external-entity-beyond-etcpasswd-fun-profit/

-1660-XXE - ZeroSec - Adventures In Information Security:

https://blog.zsec.uk/out-of-band-xxe-2/

-1661-Exploitation: XML External Entity (XXE) Injection:

https://depthsecurity.com/blog/exploitation-xml-external-entity-xxe-injection

-1662-Hack The Box: DevOops:

https://redteamtutorials.com/2018/11/11/hack-the-box-devoops/

-1663-Web Application Penetration Testing Notes:

https://techvomit.net/web-application-penetration-testing-notes/

-1664-WriteUp – Aragog (HackTheBox) :

https://ironhackers.es/en/writeups/writeup-aragog-hackthebox/

-1665-Linux Privilege Escalation Using PATH Variable:

https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/

-1666-Linux Privilege Escalation via Automated Script :

https://www.hackingarticles.in/linux-privilege-escalation-via-automated-script/

-1667-Privilege Escalation - Linux :

https://chryzsh.gitbooks.io/pentestbook/privilege_escalation_-_linux.html

-1668-Linux Privilege Escalation:

https://percussiveelbow.github.io/linux-privesc/

-1669-Perform Local Privilege Escalation Using a Linux Kernel Exploit :

https://null-byte.wonderhowto.com/how-to/perform-local-privilege-escalation-using-linux-kernel-exploit-0186317/

-1670-Linux Privilege Escalation With Kernel Exploit:

https://www.yeahhub.com/linux-privilege-escalation-with-kernel-exploit-8572-c/

-1671-Reach the root! How to gain privileges in Linux:

https://hackmag.com/security/reach-the-root/

-1672-Enumeration for Linux Privilege Escalation:

https://0x00sec.org/t/enumeration-for-linux-privilege-escalation/1959

-1673-Linux Privilege Escalation Scripts :

https://netsec.ws/?p=309

-1674-Understanding Privilege Escalation:

www.admin-magazine.com/Articles/Understanding-Privilege-Escalation

-1675-Toppo:1 | Vulnhub Walkthrough:

https://medium.com/egghunter/toppo-1-vulnhub-walkthrough-c5f05358cf7d

-1676-Privilege Escalation resources:

https://forum.hackthebox.eu/discussion/1243/privilege-escalation-resources

-1678-OSCP Notes – Privilege Escalation (Linux):

https://securism.wordpress.com/oscp-notes-privilege-escalation-linux/

-1679-Udev Exploit Allows Local Privilege Escalation :

www.madirish.net/370

-1680-Understanding Linux Privilege Escalation and Defending Against It:

https://linux-audit.com/understanding-linux-privilege-escalation-and-defending-againt-it

-1681-Windows Privilege Escalation Using PowerShell:

https://hacknpentest.com/windows-privilege-escalation-using-powershell/

-1682-Privilege Escalation | Azeria Labs:

https://azeria-labs.com/privilege-escalation/

-1683-Abusing SUDO (Linux Privilege Escalation):

https://touhidshaikh.com/blog/?p=790

-1684-Privilege Escalation - Linux:

https://mysecurityjournal.blogspot.com/p/privilege-escalation-linux.html

-1685-0day Linux Escalation Privilege Exploit Collection :

https://blog.spentera.id/0day-linux-escalation-privilege-exploit-collection/

-1686-Linux for Pentester: cp Privilege Escalation :

https://hackin.co/articles/linux-for-pentester-cp-privilege-escalation.html

-1687-Practical Privilege Escalation Using Meterpreter:

https://ethicalhackingblog.com/practical-privilege-escalation-using-meterpreter/

-1688-dirty_sock: Linux Privilege Escalation (via snapd):

https://www.redpacketsecurity.com/dirty_sock-linux-privilege-escalation-via-snapd/

-1689-Linux privilege escalation:

https://jok3rsecurity.com/linux-privilege-escalation/

-1690-The Complete Meterpreter Guide | Privilege Escalation & Clearing Tracks:

https://hsploit.com/the-complete-meterpreter-guide-privilege-escalation-clearing-tracks/

-1691-How to prepare for PWK/OSCP, a noob-friendly guide:

https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob

-1692-Basic Linux privilege escalation by kernel exploits:

https://greysec.net/showthread.php?tid=1355

-1693-Linux mount without root :

epaymentamerica.com/tozkwje/xlvkawj2.php?trjsef=linux-mount-without-root

-1694-Linux Privilege Escalation Oscp:

www.condadorealty.com/2h442/linux-privilege-escalation-oscp.html

-1695-Privilege Escalation Attack Tutorial:

https://alhilalgroup.info/photography/privilege-escalation-attack-tutorial

-1696-Oscp Bethany Privilege Escalation:

https://ilustrado.com.br/i8v7/7ogf.php?veac=oscp-bethany-privilege-escalation

-1697-Hacking a Website and Gaining Root Access using Dirty COW Exploit:

https://ethicalhackers.club/hacking-website-gaining-root-access-using-dirtycow-exploit/

-1698-Privilege Escalation - Linux · Total OSCP Guide:

https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_-_linux.html

-1699-Linux advanced privilege escalation:

https://www.slideshare.net/JameelNabbo/linux-advanced-privilege-escalation

-1700-Local Linux privilege escalation overview:

https://myexperiments.io/linux-privilege-escalation.html

-1701-Windows Privilege Escalation Scripts & Techniques :

https://medium.com/@rahmatnurfauzi/windows-privilege-escalation-scripts-techniques-30fa37bd194

-1702-Penetration Testing: Maintaining Access:

https://resources.infosecinstitute.com/penetration-testing-maintaining-access/

-1703-Kali Linux Maintaining Access :

https://www.tutorialspoint.com/kali_linux/kali_linux_maintaining_access.htm

-1704-Best Open Source Tools for Maintaining Access & Tunneling:

https://n0where.net/maintaining-access

-1705-Maintaining Access Part 1: Introduction and Metasploit Example:

https://www.hackingloops.com/maintaining-access-metasploit/

-1706-Maintaining Access - Ethical hacking and penetration testing:

https://miloserdov.org/?cat=143

-1707-Maintaining Access with Web Backdoors [Weevely]:

https://www.yeahhub.com/maintaining-access-web-backdoors-weevely/

-1708-Best Open Source MITM Tools: Sniffing & Spoofing:

https://n0where.net/mitm-tools

-1709-Cain and Abel - Man in the Middle (MITM) Attack Tool Explained:

https://cybersguards.com/cain-and-abel-man-in-the-middle-mitm-attack-tool-explained/

-1710-Man In The Middle Attack (MITM):

https://medium.com/@nancyjohn.../man-in-the-middle-attack-mitm-114b53b2d987

-1711-Real-World Man-in-the-Middle (MITM) Attack :

https://ieeexplore.ieee.org/document/8500082

-1712-The Ultimate Guide to Man in the Middle Attacks :

https://doubleoctopus.com/blog/the-ultimate-guide-to-man-in-the-middle-mitm-attacks-and-how-to-prevent-them/

-1713-How to Conduct ARP Spoofing for MITM Attacks:

https://tutorialedge.net/security/arp-spoofing-for-mitm-attack-tutorial/

-1714-How To Do A Man-in-the-Middle Attack Using ARP Spoofing & Poisoning:

https://medium.com/secjuice/man-in-the-middle-attack-using-arp-spoofing-fa13af4f4633

-1715-Ettercap and middle-attacks tutorial :

https://pentestmag.com/ettercap-tutorial-for-windows/

-1716-How To Setup A Man In The Middle Attack Using ARP Poisoning:

https://online-it.nu/how-to-setup-a-man-in-the-middle-attack-using-arp-poisoning/

-1717-Intro to Wireshark and Man in the Middle Attacks:

https://www.commonlounge.com/discussion/2627e25558924f3fbb6e03f8f912a12d

-1718-MiTM Attack with Ettercap:

https://www.hackers-arise.com/single-post/2017/08/28/MiTM-Attack-with-Ettercap

-1719-Man in the Middle Attack with Websploit Framework:

https://www.yeahhub.com/man-middle-attack-websploit-framework/

-1720-SSH MitM Downgrade :

https://sites.google.com/site/clickdeathsquad/Home/cds-ssh-mitmdowngrade

-1721-How to use Netcat for Listening, Banner Grabbing and Transferring Files:

https://www.yeahhub.com/use-netcat-listening-banner-grabbing-transferring-files/

-1722-Powershell port scanner and banner grabber:

https://www.linkedin.com/pulse/powershell-port-scanner-banner-grabber-jeremy-martin/

-1723-What is banner grabbing attack:

https://rxkjftu.ga/sport/what-is-banner-grabbing-attack.php

-1724-Network penetration testing:

https://guif.re/networkpentest

-1725-NMAP Cheatsheet:

https://redteamtutorials.com/2018/10/14/nmap-cheatsheet/

-1726-How To Scan a Network With Nmap:

https://online-it.nu/how-to-scan-a-network-with-nmap/

-1727-Hacking Metasploitable : Scanning and Banner grabbing:

https://hackercool.com/2015/11/hacking-metasploitable-scanning-banner-grabbing/

-1728-Penetration Testing of an FTP Server:

https://shahmeeramir.com/penetration-testing-of-an-ftp-server-19afe538be4b

-1729-Nmap Usage & Cheet-Sheet:

https://aerroweb.wordpress.com/2018/03/14/namp-cheat-sheet/

-1730-Discovering SSH Host Keys with NMAP:

https://mwhubbard.blogspot.com/2015/03/discovering-ssh-host-keys-with-nmap.html

-1731-Banner Grabbing using Nmap & NetCat - Detailed Explanation:

https://techincidents.com/banner-grabbing-using-nmap-netcat

-1732-Nmap – (Vulnerability Discovery):

https://crazybulletctfwriteups.wordpress.com/2015/09/5/nmap-vulnerability-discovery/

-1733-Penetration Testing on MYSQL (Port 3306):

https://www.hackingarticles.in/penetration-testing-on-mysql-port-3306/

-1774-Password Spraying - Infosec Resources :

https://resources.infosecinstitute.com/password-spraying/

-1775-Password Spraying- Common mistakes and how to avoid them:

https://medium.com/@adam.toscher/password-spraying-common-mistakes-and-how-to-avoid-them-3fd16b1a352b

-1776-Password Spraying Tutorial:

https://attack.stealthbits.com/password-spraying-tutorial-defense

-1777-password spraying Archives:

https://www.blackhillsinfosec.com/tag/password-spraying/

-1778-The 21 Best Email Finding Tools::

https://beamery.com/blog/find-email-addresses

-1779-OSINT Primer: People (Part 2):

https://0xpatrik.com/osint-people/

-1780-Discovering Hidden Email Gateways with OSINT Techniques:

https://blog.ironbastion.com.au/discovering-hidden-email-servers-with-osint-part-2/

-1781-Top 20 Data Reconnaissance and Intel Gathering Tools :

https://securitytrails.com/blog/top-20-intel-tools

-1782-101+ OSINT Resources for Investigators [2019]:

https://i-sight.com/resources/101-osint-resources-for-investigators/

-1783-Digging Through Someones Past Using OSINT:

https://nullsweep.com/digging-through-someones-past-using-osint/

-1784-Gathering Open Source Intelligence:

https://posts.specterops.io/gathering-open-source-intelligence-bee58de48e05

-1785-How to Locate the Person Behind an Email Address:

https://www.sourcecon.com/how-to-locate-the-person-behind-an-email-address/

-1786-Find hacked email addresses and check breach mails:

https://www.securitynewspaper.com/2019/01/16/find-hacked-email-addresses/

-1787-A Pentester's Guide - Part 3 (OSINT, Breach Dumps, & Password :

https://delta.navisec.io/osint-for-pentesters-part-3-password-spraying-methodology/

-1788-Top 10 OSINT Tools/Sources for Security Folks:

www.snoopysecurity.github.io/osint/2018/08/02/10_OSINT_for_security_folks.html

-1789-Top 5 Open Source OSINT Tools for a Penetration Tester:

https://www.breachlock.com/top-5-open-source-osint-tools/

-1790-Open Source Intelligence tools for social media: my own list:

https://www.andreafortuna.org/2017/03/20/open-source-intelligence-tools-for-social-media-my-own-list/

-1791-Red Teaming: I can see you! Insights from an InfoSec expert :

https://www.perspectiverisk.com/i-can-see-you-osint/

-1792-OSINT Playbook for Recruiters:

https://amazinghiring.com/osint-playbook/

-1793- Links for Doxing, Personal OSInt, Profiling, Footprinting, Cyberstalking:

https://www.irongeek.com/i.php?page=security/doxing-footprinting-cyberstalking

-1794-Open Source Intelligence Gathering 201 (Covering 12 additional techniques):

https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544?gi=2afe435c630a

-1795-Online Investigative Tools for Social Media Discovery and Locating People:

https://4thetruth.info/colorado-private-investigator-online-detective-social-media-and-online-people-search-online-search-tools.html

-1796-Expanding Skype Forensics with OSINT: Email Accounts:

http://www.automatingosint.com/blog/2016/05/expanding-skype-forensics-with-osint-email-accounts/

-1798-2019 OSINT Guide:

https://www.randhome.io/blog/2019/01/05/2019-osint-guide/

-1799-OSINT - Passive Recon and Discovery of Assets:

https://0x00sec.org/t/osint-passive-recon-and-discovery-of-assets/6715

-1800-OSINT With Datasploit:

https://dzone.com/articles/osint-with-datasploit

-1801-Building an OSINT Reconnaissance Tool from Scratch:

https://medium.com/@SundownDEV/phone-number-scanning-osint-recon-tool-6ad8f0cac27b

-1802-Find Identifying Information from a Phone Number Using OSINT Tools:

https://null-byte.wonderhowto.com/how-to/find-identifying-information-from-phone-number-using-osint-tools-0195472/

-1803-Find Details Of any Mobile Number, Email ID, IP Address in the world (Step By Step):

https://www.securitynewspaper.com/2019/05/02/find-details-of-any-mobile-number-email-id-ip-address-in-the-world-step-by-step/

-1804-Investigative tools for finding people online and keeping yourself safe:

https://ijnet.org/en/story/investigative-tools-finding-people-online-and-keeping-yourself-safe

-1805- Full text of "The Hacker Playbook 2 Practical Guide To Penetration Testing By Peter Kim":

https://archive.org/stream/TheHackerPlaybook2PracticalGuideToPenetrationTestingByPeterKim/The%20Hacker%20Playbook%202%20-%20Practical%20Guide%20To%20Penetration%20Testing%20By%20Peter%20Kim_djvu.txt

-1806-The Internet Archive offers over 15,000,000 freely downloadable books and texts. There is also a collection of 550,000 modern eBooks that may be borrowed by anyone with a free archive.org account:

https://archive.org/details/texts?and%5B%5D=hacking&sin=

-1807-Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read!:

https://medium.com/@zain.sabahat/exploiting-ssrf-like-a-boss-c090dc63d326

-1808-How to Pass OSCP Like Boss:

https://medium.com/@parthdeshani/how-to-pass-oscp-like-boss-b269f2ea99d

-1809-Deploy a private Burp Collaborator Server in Azure:

https://medium.com/bugbountywriteup/deploy-a-private-burp-collaborator-server-in-azure-f0d932ae1d70

-1810-Using Shodan Better Way! :):

https://medium.com/bugbountywriteup/using-shodan-better-way-b40f330e45f6

-1811-How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty:

https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115

-1812-How we got LFI in apache Drill (Recon like a boss)::

https://medium.com/bugbountywriteup/how-we-got-lfi-in-apache-drill-recon-like-a-boss-6f739a79d87d

-1813-Chaining Self XSS with UI Redressing is Leading to Session Hijacking:

https://medium.com/bugbountywriteup/chaining-self-xss-with-ui-redressing-is-leading-to-session-hijacking-pwn-users-like-a-boss-efb46249cd14

-1814-Week in OSINT #2019–19:

https://medium.com/week-in-osint/week-in-osint-2019-18-1975fb8ea43a4

-1814-Week in OSINT #2019–02:

https://medium.com/week-in-osint/week-in-osint-2019-02-d4009c27e85f

-1815-Week in OSINT #2019–24:

https://medium.com/week-in-osint/week-in-osint-2019-24-4fcd17ca908f

-1816-Page Admin Disclosure | Facebook Bug Bounty 2019:

https://medium.com/bugbountywriteup/page-admin-disclosure-facebook-bug-bounty-2019-ee9920e768eb

-1817-XSS in Edmodo within 5 Minute (My First Bug Bounty):

https://medium.com/@valakeyur/xss-in-edmodo-within-5-minute-my-first-bug-bounty-889e3da6167d

-1818-Collection Of Bug Bounty Tip-Will Be updated daily:

https://medium.com/@vignesh4303/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248

-1819-A Unique XSS Scenario in SmartSheet || $1000 bounty.:

https://medium.com/@rohanchavan/a-unique-xss-scenario-1000-bounty-347f8f92fcc6

-1820-How I found a simple bug in Facebook without any Test:

https://medium.com/bugbountywriteup/how-i-found-a-simple-bug-in-facebook-without-any-test-3bc8cf5e2ca2

-1821-Facebook BugBounty — Disclosing page members:

https://medium.com/@tnirmalz/facebook-bugbounty-disclosing-page-members-1178595cc520

-1822-Don’t underestimates the Errors They can provide good $$$ Bounty!:

https://medium.com/@noob.assassin/dont-underestimates-the-errors-they-can-provide-good-bounty-d437ecca6596

-1823-Django and Web Security Headers:

https://medium.com/@ksarthak4ever/django-and-web-security-headers-d72a9e54155e

-1824-Weaponising Staged Cross-Site Scripting (XSS) Payloads:

https://medium.com/redteam/weaponising-staged-cross-site-scripting-xss-payloads-7b917f605800

-1825-How I was able to Bypass XSS Protection on HackerOne’s Private Program:

https://medium.com/@vulnerabilitylabs/how-i-was-able-to-bypass-xss-protection-on-hackerones-private-program-8914a31339a9

-1826-XSS in Microsoft subdomain:

https://blog.usejournal.com/xss-in-microsoft-subdomain-81c4e46d6631

-1827-How Angular Protects Us From XSS Attacks?:

https://medium.com/hackernoon/how-angular-protects-us-from-xss-attacks-3cb7a7d49d95

-1828-[FUN] Bypass XSS Detection WAF:

https://medium.com/soulsecteam/fun-bypass-xss-detection-waf-cabd431e030e

-1829-Bug Hunting Methodology(Part-2):

https://blog.usejournal.com/bug-hunting-methodology-part-2-5579dac06150

-1830-Learn Web Application Penetration Testing:

https://blog.usejournal.com/web-application-penetration-testing-9fbf7533b361

-1831-“Exploiting a Single Parameter”:

https://medium.com/securitywall/exploiting-a-single-parameter-6f4ba2acf523

-1832-CORS To CSRF Attack:

https://blog.usejournal.com/cors-to-csrf-attack-c33a595d441

-1833-Account Takeover Using CSRF(json-based):

https://medium.com/@shub66452/account-takeover-using-csrf-json-based-a0e6efd1bffc

-1834-Bypassing Anti-CSRF with Burp Suite Session Handling:

https://bestestredteam.com/tag/anti-csrf/

-1835-10 Methods to Bypass Cross Site Request Forgery (CSRF):

https://haiderm.com/10-methods-to-bypass-cross-site-request-forgery-csrf/

-1836-Exploiting CSRF on JSON endpoints with Flash and redirects:

https://medium.com/p/681d4ad6b31b

-1837-Finding and exploiting Cross-site request forgery (CSRF):

https://securityonline.info/finding-exploiting-cross-site-request-forgery/

-1838-Hacking Facebook accounts using CSRF in Oculus-Facebook integration:

https://www.josipfranjkovic.com/blog/hacking-facebook-oculus-integration-csrf

-1839-Synchronizer Token Pattern: No more tricks:

https://medium.com/p/d2af836ccf71

-1840-The $12,000 Intersection between Clickjacking, XSS, and Denial of Service:

https://medium.com/@imashishmathur/the-12-000-intersection-between-clickjacking-xss-and-denial-of-service-f8cdb3c5e6d1

-1841-XML External Entity(XXE):

https://medium.com/@ghostlulzhacks/xml-external-entity-xxe-62bcd1555b7b

-1842-XXE Attacks— Part 1: XML Basics:

https://medium.com/@klose7/https-medium-com-klose7-xxe-attacks-part-1-xml-basics-6fa803da9f26

-1843-From XXE to RCE with PHP/expect — The Missing Link:

https://medium.com/@airman604/from-xxe-to-rce-with-php-expect-the-missing-link-a18c265ea4c7

-1844-My first XML External Entity (XXE) attack with .gpx file:

https://medium.com/@valeriyshevchenko/my-first-xml-external-entity-xxe-attack-with-gpx-file-5ca78da9ae98

-1845-Open Redirects & Security Done Right!:

https://medium.com/@AkshaySharmaUS/open-redirects-security-done-right-e524a3185496

-1846-XXE on Windows system …then what ??:

https://medium.com/@canavaroxum/xxe-on-windows-system-then-what-76d571d66745

-1847-Unauthenticated Blind SSRF in Oracle EBS CVE-2018-3167:

https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145

-1848-SVG XLink SSRF fingerprinting libraries version:

https://medium.com/@arbazhussain/svg-xlink-ssrf-fingerprinting-libraries-version-450ebecc2f3c

-1849-What is XML Injection Attack:

https://medium.com/@dahiya.aj12/what-is-xml-injection-attack-279691bd00b6

-1850-SSRF - Server Side Request Forgery (Types and ways to exploit it) Part-1:

https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-1-29d034c27978

-1851-Penetration Testing Introduction: Scanning & Reconnaissance:

https://medium.com/cyberdefenders/penetration-testing-introduction-scanning-reconnaissance-f865af0761f

-1852-Beginner’s Guide to recon automation.:

https://medium.com/bugbountywriteup/beginners-guide-to-recon-automation-f95b317c6dbb

-1853-Red Teamer’s Guide to Pulse Secure SSL VPN:

https://medium.com/bugbountywriteup/pulse-secure-ssl-vpn-post-auth-rce-to-ssh-shell-2b497d35c35b

-1854-CVE-2019-15092 WordPress Plugin Import Export Users = 1.3.0 - CSV Injection:

https://medium.com/bugbountywriteup/cve-2019-15092-wordpress-plugin-import-export-users-1-3-0-csv-injection-b5cc14535787

-1855-How I harvested Facebook credentials via free wifi?:

https://medium.com/bugbountywriteup/how-i-harvested-facebook-credentials-via-free-wifi-5da6bdcae049

-1856-How to hack any Payment Gateway?:

https://medium.com/bugbountywriteup/how-to-hack-any-payment-gateway-1ae2f0c6cbe5

-1857-How I hacked into my neighbour’s WiFi and harvested login credentials?:

https://medium.com/bugbountywriteup/how-i-hacked-into-my-neighbours-wifi-and-harvested-credentials-487fab106bfc

-1858-What do Netcat, SMTP and self XSS have in common? Stored XSS:

https://medium.com/bugbountywriteup/what-do-netcat-smtp-and-self-xss-have-in-common-stored-xss-a05648b72002

-1859-1-Click Account Takeover in Virgool.io — a Nice Case Study:

https://medium.com/bugbountywriteup/1-click-account-takeover-in-virgool-io-a-nice-case-study-6bfc3cb98ef2

-1860-Digging into Android Applications — Part 1 — Drozer + Burp:

https://medium.com/bugbountywriteup/digging-android-applications-part-1-drozer-burp-4fd4730d1cf2

-1861-Linux for Pentester: APT Privilege Escalation:

https://www.hackingarticles.in/linux-for-pentester-apt-privilege-escalation

-1862-Linux for Pentester : ZIP Privilege Escalation:

https://www.hackingarticles.in/linux-for-pentester-zip-privilege-escalation

-1863-Koadic - COM Command & Control Framework:

https://www.hackingarticles.in/koadic-com-command-control-framework

-1864-Configure Sqlmap for WEB-GUI in Kali Linux :

https://www.hackingarticles.in/configure-sqlmap-for-web-gui-in-kali-linux

-1865-Penetration Testing:

https://www.hackingarticles.in/Penetration-Testing

-1866-Buffer Overflow Examples, Code execution by shellcode :

https://0xrick.github.io/binary-exploitation/bof5

-1867-Dynamic Shellcode Execution:

https://www.countercept.com/blog/dynamic-shellcode-execution

-1868-JSC Exploits:

-https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html

-1869-Injecting Into The Hunt:

https://jsecurity101.com/2019/Injecting-Into-The-Hunt

-1870-Bypassing Antivirus with Golang:

https://labs.jumpsec.com/2019/06/20/bypassing-antivirus-with-golang-gopher.it

-1871-Windows Process Injection: Print Spooler:

https://modexp.wordpress.com/2019/03/07/process-injection-print-spooler

-1872-Inject Shellcode Into Memory Using Unicorn :

https://ethicalhackingguru.com/inject-shellcode-memory-using-unicorn

-1873-Macros and More with SharpShooter v2.0:

https://www.mdsec.co.uk/2019/02/macros-and-more-with-sharpshooter-v2-0

-1874-Fuzz Testing(Fuzzing) Tutorial: What is, Types, Tools & Example:

https://www.guru99.com/fuzz-testing

-1875-Introduction to File Format Fuzzing & Exploitation:

https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3

-1876-Hacking a social media account and safeguarding it:

https://medium.com/@ujasdhami79/hacking-a-social-media-account-and-safeguarding-it-e5f69adf62d7

-1877-OTP Bypass on India’s Biggest Video Sharing Site:

https://medium.com/bugbountywriteup/otp-bypass-on-indias-biggest-video-sharing-site-e94587c1aa89

-1879-Getting Root on macOS via 3rd Party Backup Software:

https://medium.com/tenable-techblog/getting-root-on-macos-via-3rd-party-backup-software-b804085f0c9

-1880-How to Enumerate MYSQL Database using Metasploit:

https://ehacking.net/2020/03/how-to-enumerate-mysql-database-using-metasploit-kali-linux-tutorial.html

-1881-Exploiting Insecure Firebase Database!

https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty

-1882-Penetration Testing - Complete Guide:

https://softwaretestinghelp.com/penetration-testing-guide

-1883-How To Upload A PHP Web Shell On WordPress Site:

https://1337pwn.com/how-to-upload-php-web-shell-on-wordpress-site

-1884-Mimikatz tutorial: How it hacks Windows passwords, credentials:

https://searchsecurity.techtarget.com/tutorial/Mimikatz-tutorial-How-it-hacks-Windows-passwords-credentials

-1885-Ethical hacking: Lateral movement techniques:

https://securityboulevard.com/2019/09/ethical-hacking-lateral-movement-techniques

-1886-A Pivot Cheatsheet for Pentesters:

http://nullsweep.com/pivot-cheatsheet-for-pentesters

-1887-What to Look for When Reverse Engineering Android Apps:

http://nowsecure.com/blog/2020/02/26/what-to-look-for-when-reverse-engineering-android-apps

-1888-Modlishka: Advance Phishing to Bypass 2 Factor Auth:

http://crackitdown.com/2019/02/modlishka-kali-linux.html

-1889-Bettercap Usage Examples (Overview, Custom setup, Caplets ):

www.cyberpunk.rs/bettercap-usage-examples-overview-custom-setup-caplets

-1890-The Complete Hashcat Tutorial:

https://ethicalhackingguru.com/the-complete-hashcat-tutorial

-1891-Wireless Wifi Penetration Testing Hacker Notes:

https://executeatwill.com/2020/01/05/Wireless-Wifi-Penetration-Testing-Hacker-Notes

-1892-#BugBounty writeups:

https://pentester.land/list-of-bug-bounty-writeups.html

-1893-Kerberoasting attack:

https://en.hackndo.com/kerberoasting

-1894-A Pentester's Guide - Part 2 (OSINT - LinkedIn is not just for jobs):

https://delta.navisec.io/osint-for-pentesters-part-2-linkedin-is-not-just-for-jobs

-1895-Radare2 cutter tutorial:

http://cousbox.com/axflw/radare2-cutter-tutorial.html

-1896-Cracking Password Hashes with Hashcat:

http://hackingvision.com/2020/03/22/cracking-password-hashes-hashcat

-1897-From CSRF to RCE and WordPress-site takeover CVE-2020-8417:

http://blog.wpsec.com/csrf-to-rce-wordpress

-1898-Best OSINT Tools:

http://pcwdld.com/osint-tools-and-software

-1899-Metasploit Exploitation Tool 2020:

http://cybervie.com/blog/metasploit-exploitation-tool

-1900-How to exploit CVE-2020-7961:

https://synacktiv.com/posts/pentest/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html

-1901-PowerShell for Pentesters:

https://varonis.com/blog/powershell-for-pentesters

-1902-Android Pentest Tutorial:

https://packetstormsecurity.com/files/156432/Android-Pentest-Tutorial-Step-By-Step.html

-1903-Burp Suite Tutorial:

https://pentestgeek.com/web-applications/burp-suite-tutorial-1

-1904-Company Email Enumeration + Breached Email Finder:

https://metalkey.github.io/company-email-enumeration--breached-email-finder.html

-1905-Kali Linux Cheat Sheet for Penetration Testers:

https://github.com/NoorQureshi/kali-linux-cheatsheet

-1906-Active Directory Exploitation Cheat Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

https://github.com/buftas/Active-Directory-Exploitation-Cheat-Sheet#using-bloodhound

-1907-Advanced Hacking Tutorials Collection:

https://yeahhub.com/advanced-hacking-tutorials-collection

-1908-Persistence – DLL Hijacking:

https://pentestlab.blog/2020/03/04/persistence-dll-hijacking

-1909-Brute force and dictionary attacks: A cheat sheet:

https://techrepublic.com/article/brute-force-and-dictionary-attacks-a-cheat-sheet

-1910-How to use Facebook for Open Source Investigation:

https://securitynewspaper.com/2020/03/11/how-to-use-facebook-for-open-source-investigation-osint

-1911-tcpdump Cheat Sheet:

https://comparitech.com/net-admin/tcpdump-cheat-sheet

-1912-Windows Post exploitation recon with Metasploit:

https://hackercool.com/2016/10/windows-post-exploitation-recon-with-metasploit

-1913-Bug Hunting Methodology:

https://blog.usejournal.com/bug-hunting-methodology-part-1-91295b2d2066

-1914-Malware traffic analysis tutorial:

https://apuntpsicolegs.com/veke0/malware-traffic-analysis-tutorial.html

-1915-Recon-ng v5 Tutorial:

https://geekwire.eu/recon-ng-v5-tutorial

-1916-Windows and Linux Privilege Escalation Tools:

https://yeahhub.com/windows-linux-privilege-escalation-tools-2019

-1917-Total OSCP Guide:

https://sushant747.gitbooks.io/total-oscp-guide

-1918-Phishing Windows Credentials:

https://pentestlab.blog/2020/03/02/phishing-windows-credentials

-1919-Getting What You're Entitled To: A Journey Into MacOS Stored Credentials:

https://mdsec.co.uk/2020/02/getting-what-youre-entitled-to-a-journey-in-to-macos-stored-credentials

-1920-Recent Papers Related To Fuzzing:

https://wcventure.github.io/FuzzingPaper

-1921-Web Shells 101 Using PHP (Web Shells Part 2):

https://acunetix.com/blog/articles/web-shells-101-using-php-introduction-web-shells-part-2/

-1922-Python3 reverse shell:

https://polisediltrading.it/hai6jzbs/python3-reverse-shell.html

-1923-Reverse Shell between two Linux machines:

https://yeahhub.com/reverse-shell-linux-machines

-1924-Tutorial - Writing Hardcoded Windows Shellcodes (32bit):

https://dsolstad.com/shellcode/2020/02/02/Tutorial-Hardcoded-Writing-Hardcoded-Windows-Shellcodes-32bit.html

-1925-How to Use Wireshark: Comprehensive Tutorial + Tips:

https://varonis.com/blog/how-to-use-wireshark

-1926-How To Use PowerShell for Privilege Escalation with Local Privilege Escalation?

https://varonis.com/blog/how-to-use-powershell-for-privilege-escalation-with-local-computer-accounts

-1927-Ethical hacking:Top privilege escalation techniques in Windows:

https://securityboulevard.com/2020/03/ethical-hacking-top-privilege-escalation-techniques-in-windows

-1928-How to Identify Company's Hacked Email Addresses:

https://ehacking.net/2020/04/how-to-identify-companys-hacked-email-addresses-using-maltego-osint-haveibeenpawned.html

-1929-Android APK Reverse Engineering: What's in an APK:

https://secplicity.org/2019/09/11/android-apk-reverse-engineering-whats-in-an-apk

-1930-Keep Calm and HackTheBox - Beep:

https://freecodecamp.org/news/keep-calm-and-hack-the-box-beep/

-1931-Keep Calm and HackTheBox -Legacy:

https://freecodecamp.org/news/keep-calm-and-hack-the-box-legacy/

-1932-Keep Calm and HackTheBox -Lame:

https://freecodecamp.org/news/keep-calm-and-hack-the-box-lame/

-1933-HacktheBox:Writeup Walkthrough:

https://hackingarticles.in/hack-the-box-writeup-walkthrough

-1934-2020 OSCP Exam Preparation:

https://cybersecurity.att.com/blogs/security-essentials/how-to-prepare-to-take-the-oscp

-1935-My OSCP transformation:

https://kevsec.fr/journey-to-oscp-2019-write-up

-1936-A Detailed Guide on OSCP Preparation:

https://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/

-1937-Useful Commands and Tools - #OSCP:

https://yeahhub.com/useful-commands-tools-oscp/

-1938-Comprehensive Guide on Password Spraying Attack

https://hackingarticles.in/comprehensive-guide-on-password-spraying-attack

-1939-Privilege Escalation:

https://pentestlab.blog/category/privilege-escalation/

-1940-Red Team:

https://pentestlab.blog/category/red-team/

-1941-Linux post-exploitation.Advancing from user to super-user in a few clicks

https://hackmag.com/security/linux-killchain/

-1942--#BugBounty Cheatsheet

https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html

-1943--#Windows Notes/Cheatsheet

https://m0chan.github.io/2019/07/30/Windows-Notes-and-Cheatsheet.html

-1944-#Linux Notes/Cheatsheet

https://m0chan.github.io/2018/07/31/Linux-Notes-And-Cheatsheet.html

-1945-Windows Notes

https://mad-coding.cn/tags/Windows/

-1946-#BlueTeam CheatSheet

https://gist.github.com/SwitHak/62fa7f8df378cae3a459670e3a18742d

-1947-Linux Privilege Escalation Cheatsheet for OSCP:

https://hackingdream.net/2020/03/linux-privilege-escalation-cheatsheet-for-oscp.html

-1948-Shodan Pentesting Guide:

https://community.turgensec.com/shodan-pentesting-guide

-1949-Pentesters Guide to PostgreSQL Hacking:

https://medium.com/@netscylla/pentesters-guide-to-postgresql-hacking-59895f4f007

-1950-Hacking-OSCP cheatsheet:

https://ceso.github.io/posts/2020/04/hacking/oscp-cheatsheet/

-1951-A Comprehensive Guide to Breaking SSH:

https://community.turgensec.com/ssh-hacking-guide

-1952-Windows Privilege Escalation Methods for Pentesters:

https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/

-1953-Best #firefox addons for #Hacking:

https://twitter.com/cry__pto/status/1210836734331752449

-1954-S3 Bucket Enumeration Tools:

https://twitter.com/cry__pto/status/1269862357645307904

-1955-Github Recon Tools:

https://twitter.com/cry__pto/status/1269362041044832257

-1956-i created this group for more in depth sharing about hacking and penetration testing /daily posts: you can join:

https://facebook.com/groups/AmmarAmerHacker

-1957-Directory Bruteforcing Tools: && SCREENSHOTTING Tools:

https://twitter.com/cry__pto/status/1270603017256124416

-1958-S3 Bucket Enumeration Tools:

https://twitter.com/cry__pto/status/1269862357645307904

-1959-Github Recon Tools:

https://twitter.com/cry__pto/status/1269362041044832257

-1960-Website Mirroring Tools:

https://twitter.com/cry__pto/status/1248640849812078593

-1961-automated credential discovery tools:

https://twitter.com/cry__pto/status/1253214720372465665

-1962-Antiforensics Techniques:

https://twitter.com/cry__pto/status/1215001674760294400

-1963-#bugbounty tools part (1):

https://twitter.com/cry__pto/status/1212096231301881857

1964-Binary Analysis Frameworks:

https://twitter.com/cry__pto/status/1207966421575184384

-1965-#BugBounty tools part (5):

https://twitter.com/cry__pto/status/1214850754055458819

-1966-#BugBounty tools part (3):

https://twitter.com/cry__pto/status/1212290510922158080

-1967-Kali Linux Commands List (Cheat Sheet):

https://twitter.com/cry__pto/status/1264530546933272576

-1968-#BugBounty tools part (4):

https://twitter.com/cry__pto/status/1212296173412851712

-1969--Automated enumeration tools:

https://twitter.com/cry__pto/status/1214919232389099521

-1970-DNS lookup information Tools:

https://twitter.com/cry__pto/status/1248639962746105863

-1971-OSCP:

https://twitter.com/cry__pto/status/1262089078339756032

-1972-Social Engineering Tools:

https://twitter.com/cry__pto/status/1180731438796333056

-1973-Hydra :

https://twitter.com/cry__pto/status/1247507926807449600

-1974-#OSINT Your Full Guide:

https://twitter.com/cry__pto/status/1244433669936349184

-1975-#BugBounty tools part (2):

https://twitter.com/cry__pto/status/1212289852059860992

-1976-my own ebook library:

https://twitter.com/cry__pto/status/1239308541468516354

-1977-Practice part (2):

https://twitter.com/cry__pto/status/1213165695556567040

-1978-Practice part (3):

https://twitter.com/cry__pto/status/1214220715337097222

-1979-my blog:

https://twitter.com/cry__pto/status/1263457516672954368

-1980-Practice:

https://twitter.com/cry__pto/status/1212341774569504769

-1981-how to search for XSS without proxy tool:

https://twitter.com/cry__pto/status/1252558806837604352

-1982-How to collect email addresses from search engines:

https://twitter.com/cry__pto/status/1058864931792138240

-1983-Hacking Tools Cheat Sheet:

https://twitter.com/cry__pto/status/1255159507891687426

-1984-#OSCP Your Full Guide:

https://twitter.com/cry__pto/status/1240842587927445504

-1985-#HackTheBox Your Full Guide:

https://twitter.com/cry__pto/status/1241481478539816961

-1986-Web Scanners:

https://twitter.com/cry__pto/status/1271826773009928194

-1987-HACKING MAGAZINES:

-1-2600 — The Hacker Quarterly magazine:www.2600.com

-2-Hackin9:http://hakin9.org

-3-(IN)SECURE magazine:https://lnkd.in/grNM2t8

-4-PHRACK:www.phrack.org/archives

-5-Hacker’s Manual 2019

-1988-Web Exploitation Tools:

https://twitter.com/cry__pto/status/1272778056952885249

-1989-Kali Linux Cheat Sheet for Hackers:

https://twitter.com/cry__pto/status/1272792311236263937

-1990-Web Exploitation Tools:

https://twitter.com/cry__pto/status/1272778056952885249

-1991-2020 OSCP Exam Preparation + My OSCP transformation +A Detailed Guide on OSCP Preparation + Useful Commands and Tools - #OSCP:

https://twitter.com/cry__pto/status/1262089078339756032

-1992-100 Best Hacking Tools for Security Professionals in 2020:

https://gbhackers.com/hacking-tools-list/

-1993-SNMP Enumeration:

OpUtils:www.manageengine.com

SNMP Informant:www.snmp-informant.com

SNMP Scanner:www.secure-bytes.com

SNMPUtil:www.wtcs.org

SolarWinds:www.solarwinds.com

-1994-INFO-SEC RELATED CHEAT SHEETS:

https://twitter.com/cry__pto/status/1274768435361337346

-1995-METASPLOIT CHEAT SHEET:

https://twitter.com/cry__pto/status/1274769179548278786

-1996-Nmap Cheat Sheet, plus bonus Nmap + Nessus:

https://twitter.com/cry__pto/status/1275359087304286210

-1997-Wireshark Cheat Sheet - Commands, Captures, Filters, Shortcuts & More:

https://twitter.com/cry__pto/status/1276391703906222080

-1998-learn penetration testing a great series as PDF:

https://twitter.com/cry__pto/status/1277588369426526209