Tools and writeups that I’ve found useful over the course of my career:
- Insomnia - php object injection
- php object injection video
- SimpleHTTPServer Setup
- GraphQL Setup and Usage
- John The Ripper Usage Examples
- Online Hash Cracker
- Zabbix CTL - Install/Config/Usage
- Zabbix CLI - Install/Config/Usage
- Unix Wild Cards
- $PATH Priv-Esc
- Steghide Usage
- Firefox Decrypt
- Upgrading Netcat Shells to Meterpreter
- Quagga Documentation
- BGP Hijacking (course materials)
- BGP Hijacking Demo (not an instructional) (youtube)
- BGP Hijacking (conceptual) (youtube)
- OneSixtyOne
- PRTG Network Monitor---Priv Esc
- PRTG Network Monitor---Priv Esc
- OSCP Prep
- PDFtk Merge/Encrypt
- Magento 1.8/1.9 Connect Manager PHP Upload
- Anatomy Of A Magento Attack---Froghopper
- Magento eCommerce---Remote Code Execution
- Magento Neko.php PHP Web Shell
- Magpleasure_Filesystem---Magento Extension
- LinEnum
- JWT token-based authentication
- Files over SSH with key
- PWNTools
- Bitterman CTF---ROP-Chains
- APT Repo Poisoning
- Windows PowerUp Priv-Esc Enumeration
- Impackit Tool kit Guide (Windows)
- Just Another Windows (Enum) Script
- IppSec---Giddy---Windows SQL Injection, Web-Powershell
- ZipSlip Exploit (Zip File Upload Vulnerability)
- Port Knocking
- Serve Webshell W/O Upload
- Eternal-Pulsar Attack W/O MSF
- EternalBlue Automated Script W/O MSF
- EternalBlue Python Script W/O MSF
- Netcat Reverse Shell without '-e' option
- hMailServer---Open W/O SQL Server
- hMailServer Password Decrypter
- Manual Samba Symlink Directory Traversal 3.x/4.x
- Deathstar---Active Directory Automation
- CrackMapExec---Active Directory Network Attacking
- NTLM Relaying
- Simple XSS Examples
- MAC Address and OUI Lookup
- Circumventing Countermeasures In AD