InfosecNotes

Curated Notes for InfoSec

  • Blue Team Stuff
    • Linux
    • Windows
    • Networking
    • Logs & Threat Hunting
    • Splunk
    • Incident Response
    • Blue Team Tools & Resources
  • Penetration Testing/ OSCP
    • Enumeration
    • exploits
    • metasploit
    • Buffer Overflows
    • Password Attacks
    • Shells & Payloads
    • Privilege Escalation
    • Post Exploitation
    • Pentest Tools & Resources
  • Scripting
    • PowerShell
    • Python
  • Web Application Pentesting
    • Enumeration
    • XSS
    • SQL Injection
    • LFI & RFI
    • Authentication Bypass
    • Web Shells
    • APIs
    • Vulnerable Applications
    • Web Pentest Tools & Resources
  • Blue Team Stuff
  • Penetration Testing/ OSCP
  • Scripting
  • Web Application Pentesting
say-lan_33 November 23, 2019 Pass The Hash

exploits • Password Attacks • Penetration Testing/ OSCP

What is it? Pass the hash is an exploit technique that allows an attacker to bypass password authentication. Instead the […]

say-lan_33 November 9, 2019 Vulnerability & Exploit Research Resources

Enumeration • exploits • Penetration Testing/ OSCP • Pentest Tools & Resources

Vulnerabilities: vfeed https://vfeed.io/  https://github.com/toolswatch/vFeed Cve lookup by vendor https://www.cvedetails.com/vendor.php Cve information https://www.cvedetails.com/cve/ Mitre Cve Database https://cve.mitre.org/ Nist National VulnDatabase https://web.nvd.nist.gov/view/vuln/detail?vulnId= […]

say-lan_33 November 9, 2019 Passive Recon Tools & Resources

Enumeration • Penetration Testing/ OSCP

OneTwoPunch https://github.com/superkojiman/onetwopunch   Mascan https://github.com/robertdavidgraham/masscan ● cd /opt/masscan/bin/ ● ./masscan -p80,8000-8100 10.0.0.0/8 ● ./masscan -p0-65535 –rate 150000 -oL output.txt ○ […]

say-lan_33 November 9, 2019 Information Gathering for Linux Privilege Escalation – Part 1

Penetration Testing/ OSCP

Once we get an initial foothold on our target system it’s time to start all over again gathering information and […]

say-lan_33 November 9, 2019 Kali Linux Post Installation Tasks

Penetration Testing/ OSCP • Pentest Tools & Resources

These are things that I like to configure right after installing a fresh copy of Kali Linux. This can and […]

say-lan_33 November 9, 2019 Metasploit msfvenom Payloads

metasploit • Penetration Testing/ OSCP • Shells & Payloads

The payloads below are commonly used and can be used from within Metasploit. They can also be used outside of […]

say-lan_33 November 8, 2019 Word Lists for URL Enumeration

Enumeration • Web Application Pentesting • Web Pentest Tools & Resources

Kali Linux Word Lists DirB – /usr/share/dirb/wordlists/ wfuzz – /usr/share/wfuzz/wordlist/ SecList – /usr/share/seclists/ Raft Word Lists https://code.google.com/archive/p/raft/downloads

say-lan_33 November 8, 2019 Disable/ Enable Windows Firewall

Blue Team Stuff • Penetration Testing/ OSCP • Post Exploitation • Windows

After we have successfully exploited a system and have a shell, we may want to alter the host firewall so […]

say-lan_33 November 8, 2019 Nmap – Basic Commands

Enumeration • Penetration Testing/ OSCP • Pentest Tools & Resources

Common Switches: -sU Scan UDP ports -sS Scan default TCP ports -A All -sV Service Detection -O OS detection T1, […]

say-lan_33 November 8, 2019 How to Generate a Weevly PHP Backdoor Shell

Web Application Pentesting • Web Pentest Tools & Resources • Web Shells

Weevly allows you to easily setup a php shell Type Weevely help for a list of all available commands. To […]

Posts navigation

1 2 Next

Copyright © 2019 InfosecNotes.

Inbox by MetricThemes. Powered by WordPress.