Links 2021-09-01Links Page content Submit URL MyLinkList Submit URL URL Kommentar sha256: 5a435c353625ca104716332149688bd030004d896774b4803af081bf77057021 MyLinkList A Cyber Threat Intelligence Self-Study Plan: Part 1 - https://medium.com/ - - cut here - - test - http://www.test.ch Password Storage Cheat Sheet¶ - https://cheatsheetseries.owasp.org/ - - cut here - - SQL Injection Prevention Cheat Sheet¶ - https://cheatsheetseries.owasp.org/ - - cut here - - The Fuzzing Project - https://fuzzing-project.org/ turnoff.us - comics - https://turnoff.us/ Frida cheat sheet - https://awakened1712.github.io/ - - cut here - - CAS Cybersecurity gitbook documentation - https://cas-cyber.gitbook.io/ - - cut here - - MOBEXLER - A Mobile Application Penetration Testing Platform - https://mobexler.com/ Unleash the power of Frida. - https://codeshare.frida.re/ Java Decompiler Online - https://www.decompiler.com/ Zerodium - BugBunty Price Lists - https://zerodium.com/program.html WMI Explorer - https://github.com/ - - cut here - - MITRE ATT&CK® Matrix for Enterprise - https://attack.mitre.org/ - - cut here - - Virustotal - https://www.virustotal.com/ Malware Bazar - https://bazaar.abuse.ch/ GreyNoise is THE source for understanding internet noise. - https://www.greynoise.io/ Krebs on Security - https://krebsonsecurity.com/ Cisa Gov - KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/ - - cut here - - improve your reverse engineering skills - https://crackmes.one/ Radare2: Unix-Like Reverse Engineering Framework - https://github.com/ - - cut here - - Dependency Walker is a free utility that scans any 32-bit or 64-bit Windows module (exe, dll, ocx, sys, etc.) and builds a hierarchical tree diagram of all dependent modules - http://www.dependencywalker.com/ Blackhat Anti Disassembly - https://github.com/ - - cut here - - X86 Opcode and Instruction Reference - http://ref.x86asm.net/ ANTI-DISASSEMBLY TECHNIQUES - https://1malware1.medium.com/ - - cut here - - Reverse Engineering For Everyone! - https://0xinfection.github.io/ - - cut here - - Ost Sharepoint All Dokus - https://ostch.sharepoint.com/ - - cut here - - PE file viewer/editor for Windows, Linux and MacOS. - https://github.com/ - - cut here - - Intel x86 JUMP quick reference - http://unixwiz.net/ - - cut here - - VSCodium - VS Code without Tracking Info - https://vscodium.com/ Deobfuscating VBA & PowerShell Scripts of an Emotet Trojan Downloader - https://www.softscheck.com/ - - cut here - - Introduction to Reverse Engineering with Ghidra - https://hackaday.io/ - - cut here - - Build desktop Windows apps using the Win32 API - https://docs.microsoft.com/ - - cut here - - New Way Of Learning Security by - https://securityzines.com/ HSTS Preload - https://hstspreload.org/ PowerShell - How-to: The -f Format operator - https://ss64.com/ - - cut here - - The JavaScript Object Notation (JSON) Data Interchange Format - https://datatracker.ietf.org/ - - cut here - - HOW HTTPS WORKS - https://howhttps.works/ SQL injection - https://github.com/ - - cut here - - Setting Cache control headers for common content types Nginx and Apache - https://webdock.io/ - - cut here - - How to configure Security Headers in Nginx and Apache - https://webdock.io/ - - cut here - - SSTI (Server Side Template Injection) - https://book.hacktricks.xyz/ - - cut here - - Automatic SQL injection and database takeover tool - https://sqlmap.org/ Free Password Hash Cracker - https://crackstation.net/ Compare Browsers - https://caniuse.com/ ICANN Registration data lookup tool - https://lookup.icann.org/lookup Online CSP Evaluator - https://csp-evaluator.withgoogle.com/ - - cut here - - Bypassing Content Security Policy - https://www.arridae.com/ - - cut here - - Report URI Documentation - CSP - https://docs.report-uri.com/ BeEF is short for The Browser Exploitation Framework - https://beefproject.com/ HTML5 Security Cheatsheet - https://html5sec.org/ How I Discovered Thousands of Open Databases on AWS - https://infosecwriteups.com/ - - cut here - - Eric Zimmerman Tools - https://ericzimmerman.github.io/ - - cut here - - Autopsy® is the premier end-to-end open source digital forensics platform - https://www.autopsy.com/ vmware tools kali linux - https://www.kali.org/ - - cut here - - plaso - SuperTimeline Log Correlator - https://github.com/ - - cut here - - Commando VM: The First of Its Kind Windows Offensive Distribution - https://www.mandiant.com/ - - cut here - - Get-ZimmermanTools - https://github.com/ - - cut here - - DFIR Online NTFS Cheat Sheet - https://www.writeblocked.org/ - - cut here - - Living Off The Land Binaries, Scripts and Libraries - https://lolbas-project.github.io/ Assembler-Simulator - https://www.andreas-rozek.de/ - - cut here - - An online IDE to edit, compile and run code - https://www.mycompiler.io/ Red Teaming - Hacking Articles - https://www.hackingarticles.in/ - - cut here - - Strukturierte Datentypen in C - https://www.c-howto.de/ - - cut here - - Python 3 String Methods - https://www.python-ds.com/ - - cut here - - Searchable Linux Syscall Table for x86 and x86_64 - https://filippo.io/ - - cut here - - project webpage for the Netwide Assembler (NASM) - https://www.nasm.us/ C-howTo - Das Tutorial für eine praktische Einführung in C - https://www.c-howto.de/tutorial/ Ghost in the sfp ethernet optic - https://blog.benjojo.co.uk/ - - cut here - - tryhackme - Hands-on cyber security training through real-world scenarios - https://tryhackme.com/ hackthebox - Penetrate complex, realistic scenarios. Master red teaming. Get certified! - https://www.hackthebox.com/ - - cut here - - SS64 is a reference guide containing syntax and examples for the most prevalent computing commands - https://ss64.com/docs/ QOMPLX Knowledge: Kerberoasting Attacks Explained - https://www.qomplx.com/ - - cut here - - Microsoft Active Directory Golden Ticket Attacks Explained: QOMPLX Knowledge - https://www.qomplx.com/ - - cut here - - Ausgewählte Rheinwerk-Bücher jetzt online lesen - https://www.rheinwerk-verlag.de/ - - cut here - - Die Lambda-Funktion in Python - https://hellocoding.de/ - - cut here - - Delfstack Python Howto German - https://www.delftstack.com/ - - cut here - - Do You Really Know About LSA Protection (RunAsPPL)? - https://itm4n.github.io/ - - cut here - - SecureAuthCorp / impacket - https://github.com/ - - cut here - - Killing NTLM is Hard - https://syfuhs.net/ - - cut here - - Cobaltstrike - Strategic Cyber LLC - https://www.cobaltstrike.com/ Proxycap for Windows ($$$) - https://www.proxycap.com/ scip - LEBEWOHL NTLM ES IST ZEIT, NTLM ZU DEAKTIVIEREN - https://www.scip.ch/?labs.20210909 Deep Dive: Exploring an NTLM Brute Force Attack with Bloodhound - https://www.sentinelone.com/ - - cut here - - SLIDES_PasswordsWeakestLink - https://www.blackhillsinfosec.com/ - - cut here - - Python List sort - https://www.programiz.com/ - - cut here - - OWASP Transport Layer Protection Cheat Sheet - https://cheatsheetseries.owasp.org/ - - cut here - - OWASP Key Management Cheat Sheet - https://cheatsheetseries.owasp.org/ - - cut here - - Python-Kurs - https://www.python-kurs.eu/ - - cut here - - The Illustrated TLS Connection - https://tls.ulfheim.net/ AD Security Tutorials - https://adsecurity.org/ Lsass Memory Dumps are Stealthier than Ever Before - https://www.deepinstinct.com/ - - cut here - - log4j-scan - A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts - https://github.com/ - - cut here - - Log4j overview related software - https://github.com/ - - cut here - - log4shell - hisolutions research - https://research.hisolutions.com/ - - cut here - - MSFconsole Commands Cheat Sheet - https://pentestlab.blog/ - - cut here - - Metasploit commands - https://www.hackingtutorials.org/ - - cut here - - Metasploit commands - https://www.javatpoint.com/ - - cut here - - A modern practical book about cryptography for developers with code examples - https://cryptobook.nakov.com/ Exploit Curses from Dobin - https://exploit.courses/ ReconFTW automates the entire process of reconnaisance for you. - https://github.com/ - - cut here - - Exploit DB - https://www.exploit-db.com/ MITRE ATT&CK Framework - https://attack.mitre.org/ Understanding Authentication, Authorization, and Encryption - https://www.bu.edu/ - - cut here - - Authentifizierung - Uni Potsdamm - https://wi.uni-potsdam.de/ - - cut here - - XOR Calculator - https://xor.pw/ A Practical Introduction to Modern Encryption - https://nostarch.com/seriouscrypto Have i Been Pwned - https://haveibeenpwned.com/ CryptoKey Length Recommendation - https://www.keylength.com/ quic.rocks - https://quic.rocks:4433/ Web Technologies used by Google - https://w3techs.com/ - - cut here - - HTTP2 erklärt - https://kinsta.com/ - - cut here - - HTTP2 Explained from Mr. Curl :) - https://http2-explained.haxx.se/en Base64 Guru - https://base64.guru/ Base64 Decode and Encode - https://www.base64decode.org/ PHP Data Serializer - https://serializededitor.com/ Using HTTP Methods for RESTful Services - https://www.restapitutorial.com/ - - cut here - - HTML Special Characters - https://www.html.am/ - - cut here - - mozilla - Same-origin policy - https://developer.mozilla.org/ - - cut here - - ASCII to Hex …and other free text conversion tools - https://www.asciitohex.com/ mod_dumpio allows for the logging of all input received by Apache and/or all output sent by Apache to be logged (dumped) to the error.log file. - https://httpd.apache.org/ - - cut here - - Javascript - Vergleichsoperatoren - https://developer.mozilla.org/ - - cut here - - w3schools - javascript - https://www.w3schools.com/ - - cut here - - Azure Message Header Analyzer - https://mha.azurewebsites.net/ Two-Factor Authentication for OpenBSD - https://jonwillia.ms/ - - cut here - - Enable multi-factor authentication on OpenBSD - https://dataswamp.org/ - - cut here - - DMARC Generator - https://dmarcian.com/ - - cut here - - Corey Schafer - Python Guy - https://www.youtube.com/ - - cut here - - Top 5 OSINT Sources for Attack Surface Management - https://www.spiderfoot.net/ - - cut here - - Get really BAD at programming. - https://exercism.org/ dnstt is a DNS tunnel that can use DNS over HTTPS (DoH) - https://www.bamsoftware.com/ - - cut here - - kali - Home / Tools / blackarch - https://en.kali.tools/ - - cut here - - Turbo Intruder: Embracing the billion-request attack - burpsuite extension - https://portswigger.net/ - - cut here - - MARKDOWN SYNTAX - cheatsheet - https://guides.github.com/ - - cut here - - XMind, a full-featured mind mapping and brainstorming tool - https://www.xmind.net/ DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts - https://github.com/iphelix/dnschef learn regex - the easy way - https://github.com/ - - cut here - - omyzsh - Cheatsheet - https://github.com/ - - cut here - - Zsh Tricks to Blow your Mind - https://www.twilio.com/ - - cut here - - OPEN SOURCE INTELLIGENCE TOOLS AND RESOURCES HANDBOOK 2020 - https://i-intelligence.eu/ - - cut here - - dns recon & research, find & lookup dns records - https://dnsdumpster.com/ Chasing Anycast IP Addresses - https://blog.ipspace.net/ - - cut here - - Skip to the article MAnycast²: Using anycast to measure anycast - https://blog.apnic.net/ - - cut here - - Markdown CheetSheet - https://github.com/ - - cut here - - Mastering Markdown - https://guides.github.com/ - - cut here - - CyberChef - https://gchq.github.io/CyberChef/ Robtex is used for various kinds of research of IP numbers, Domain names, etc - https://www.robtex.com/ - - cut here - - making the internet safer, one IP at a time - https://www.abuseipdb.com/ Certificate Search - https://crt.sh/ MD Table Generator - https://www.tablesgenerator.com/ - - cut here - - Apple Tastatur mit Ubuntu Linux verwenden - https://www.unixfu.ch/ - - cut here - - Shell Style Guide - https://google.github.io/ - - cut here - - Login Microsoft Online - https://login.microsoftonline.com/ SWITCH EDU ID - https://login.eduid.ch/ Wiki Ost - https://wiki.ost.ch/ - - cut here - - github cas-cyber-security-2021-2022 - https://github.com/ - - cut here - - My Personal Blog - https://blog.stoege.net Hacking-Lab LiveCD (Sucessor for Auditor, Backtrack, …) - https://livecd.hacking-lab.com/ HackingLab at OST - https://ost.hacking-lab.com IconArchive - https://iconarchive.com/ - - cut here - - Compass Security - https://www.compass-security.com/ Ostschweizer Fachhochschule - https://www.ost.ch