#resources

Does anyone have any notes on any of the paths they'd be willing to share? I've done the complete beginner and pre security pathways and It's just dawning on me I should have taken my own notes to study the material.

Was going to resort to just blowing an hour or two screen shotting haha

hey guys theres a web app lab called pentesterlab vulnerable blog does somebody have a walkthrough that i can watch thanks in advance

Can't really share my notes (since they're not all in English lol), but I've completed pre-security and I'm 70% on complete beginner. Here's a list of most useful things I've noted down:

• Linux (commands)
• OSI Layers
• nmap (commands and scan types)
• Exploiting SMB/Telnet/FTP/NFS/SMTP/mySQL
• Metasploit (some basic things)
• Burp Suite (Modules)
• OWASP Top 10 (What each one is, how it's exploited and how it's mitigated)
• gobuster (commands)

I recommend going through those modules and nothing what you think is important. It shouldn't take too long

Without notes, it would feel like I've learned almost nothing at all. I can't function without them in some rooms

CAPTCHA Solver Chrome extension
https://chrome.google.com/webstore/detail/noptcha-recaptcha-hcaptch/dknlfmjaanfblgfdfebhijalfmhmjjjo

Do you have anything on Windows part as well?

Haven't reached it yet

hey, i am struggling to understand Active Directory concepts and architecture/hierarchy. any good course for it ? i've been asked that in the last two job interviews and i feel like i don't understand it good enough to describe it

Microsoft documentation is a great resources. If you didn't, try to build your own lab. Break theory into concepts and try to implement on your environment.

https://fourcore.io/blogs/top-10-open-source-adversary-emulation-tools

hi anyone know any workable method to extract email from google dork?

most article utilize SERP...

they have alot of documents but the problem is that many of then not really explaining the basics

that why i asked here, to get more specific content

@hushed estuary

-ban 838655145557491742 -ddays 1 please don't share links to porn/scam sites. If this was in error, please secure your account and email bans@tryhackme.com afterwards

🔨 Banned maxiscool001#7738 indefinitely

Thanks mate, I like the format ! Will definitely come in handy

Gave +1 Rep to @tawdry bridge

My Notes about "Broken Access Control" and "IDOR" Attacks
https://sl4x0.github.io/Access-Control-Notes
https://sl4x0.github.io/IDOR-Attacks

https://escafl0wn3.com/2022/07/12/the-sand-clock-of-cybersecurity/

That's a terrible idea.

Why illegal, there are plenty of websites that do the same but for money, I want to make it free for the public

What's to stop a malicious individual from abusing it?

True 😦

Please stop asking here

!rule 9

Rule 9: No discussion of illegal/unethical topics or actions. If the target device doesn't belong to you and you don't have specific permission to perform an attack from the owner of the target, then you don't do it and we don't talk about it. This also applies to piracy / copyright violations -- illegally obtained materials (including classified or potentially classified materials) should not be posted here.
If in doubt, please ask a moderator before posting your message -- preferably without breaking rule 1. Whether an action is unethical or not is at the sole discretion of the moderation team. Be warned -- a community ban over ethical concerns may also be extended to a ban from the TryHackMe website; we do not teach blackhats.

Dealing in stolen data is unethical

https://escafl0wn3.com/2022/07/28/useful-sites-and-tools-for-an-investigation/

What are some good svg2png tools for Ubuntu? I tried svg2png, imagemagick and inkscape but all of them were too low quality

You can set the export resolution in InkScape and export at very high quality

What's the flag for that? Can't seem to find it, only the width and background opacity

Oh, at the command line. No idea.

Ah yeah should have been more specific, I need a CLI tool so I can automate the process

Hey Everyone 👋

We just put an article on Manipulating Windows Tokens with Go.

(And also open sourced a Go package to easily access and manipulate Windows Tokens!)

https://fourcore.io/blogs/manipulating-windows-tokens-with-golang

Hello. I Wrote an article about Docke (container in general) hardening and thought it is getting kinda cool. So if it can help someone:

https://farinap5.github.io/Docker-Hardening.html

hello

hi

i sent you friend request

Did you read the #rules ?
Especially rule 1 ?

....why?

any good text based resources on getting better at geoguesser?

I don't have anything text based that isn't already found in the OhShint gitbook or osint framework, but if you like YouTube, GeoWizard and RAINBOLT are cracked at the game.

https://application.security/free-application-security-training/understanding-apache-log4j-vulnerability

Superb website in explaining stuff interactively for free really well!

https://github.com/Cimihan123/Creating-Pivoting-Lab-In-Docker

smth. I was trying to create.

@shy glacier Please post this in #thm-community-media

Great work :v

Hey, searching for a resource that might help me with my ubuntu LTS server. I've done some code and made a website I bought a domain since i wanna try this out. I want to make my website public. But not sure how exactly i do this with the ubuntu server and how i point my domain the server or vice versa. Also how i should setup security. Any video or article would help me 🙂

Where's it being hosted?

My own server, an old computer i put ubuntu LTS on to learn myself about servers

Right so you have a couple of ways of making it publicly accessible, for example - port forwarding

What are you using as your web server software?

https://superuser.com/questions/802894/ubuntu-server-how-to-make-a-domain-point-to-it

This could be of help

Thanks @hazy bear @sonic abyss

Gave +1 Rep to @hazy bear

thanks @sonic abyss

Gave +1 Rep to @sonic abyss

the pings

@sonic abyss what about them 🤔

https://info.ine.com/ejptv2-beta/

New eJPTv2 training and exam is free if you sign up for the beta. I believe signups end tomorrow.

Make sure to put in your INE account email as it accepts anything ^

I reached out to support. You do not need to use an email associated with an INE account. I was super worried about that too @sonic abyss haha

You don't? That's pretty cool actully cc @obsidian peak

Yeah I was worried because the beta program was listed as free, however an INE account is not.

You can get a free INE account with the starter pass

Oh bet. That's good to know!

yo thx

Hey 👋 It appears that the site http://www.xss-payloads.com/ seems to be down. The site is mentioned in the XSS Room, and OWASP Top 10. Does anyone know a website with similar resources?

works fine for me too

Mee too 👍

Ditto

Hmm, problem's on my end then. Thanks @odd quest @steep dawn

Gave +1 Rep to @odd quest

You're going to be quite limited in the techniques you can use if you're using docker. No true tunnelling, for example.
Been there, done this, doesn't end too well 😆
I wrote a config to build a container that will allow you to better emulate a real pivoting scenario, but it opens it up to a bunch of possible breakouts (these things are disabled for a reason )

If you're building challenges, Docker is a pretty good bet (heck, hardest box I've ever built is a big docker network 🤷‍♂️)
LXC would be a better choice if you're wanting to build pivoting playgrounds though.

Harder to automate / compose, but system containers > application containers for this kinda thing anyday

Also, JFC for the love of all that's good and holy please please please consolidate those RUN directives in your docker files

I really did not get what you mean by "true tunneling".
Emulating a real pivoting scenario in a container really is not a thing. I don't know how much hassle I faced while exploiting it. Specially during the time of getting a reverse shell.
You can drop your config file here or DM me 😅
Def agree with the RUN directives. Racking up like that just makes awful. 😂

Emulating a real pivoting scenario in a container really is not a thing.
Not in an application container it isn't.

https://www.linux-magazine.com/tags/view/security
Can be a good time pass read.

Where? It wants credit card info for the trial.

Interesting. Do you happen know other magazines similar to this one?

Security zines?

What trial? It's free
https://checkout.ine.com/starter-pass

Oh.

When you click sign up on their website it directs you to their trial.

I want to learn more about edb and Linux buffer overflow, Is there any recommendations

Anyone know when BHUSA talks will end up on youtube?

Anyone knows where to find certs on thm?

Certs?

Are you talking about the certificates?

Within a month, usually.

what do yall use for phishing

ive got html files already but how do people spoof the name of the website/ the email

Now phishing is rarely ethical.

Or rather, when it is, it's being done by people who don't need to ask that question

https://tenor.com/view/atg-capa-stucapa-studiocapa-pandu-gif-24944581

im just learning to uise

testing it on myself im not tryna hack ppl

https://university.apisec.ai/

https://fourcore.io/blogs/mitre-attack-mitre-defend-detection-engineering-threat-hunting

Can I share my first writeup on Tryhackme room article here?

#thm-community-media

I don't have permission to message in that channel.

What shall I do?

Here?

Ok

Thanks @sharp grove and @hazy bear

Gave +1 Rep to @sharp grove

+rep @hazy bear

Gave +1 Rep to @hazy bear

@pliant maple Don’t post referral links.

Yeah Sorry about that

😅

-ban @shut ferry -ddays 1 Posting piracy list

🔨 Banned koi#7579 indefinitely

Hi. Anyone know if there’s anything like pspy for Windows?

I need some guidance I am on a module and when i try to nmap my hackme ip address it will not show me any ftp options to complete the module.

@novel lodge #room-help please

@shut ferry Are you ok there?

@odd quest I got it figured out it was a noob error lol thank you for the guidance

Gave +1 Rep to @odd quest

Hate it or not but the certificate map got updated https://pauljerimy.com/security-certification-roadmap/

CRTO below OSCP 🤔

CRTO > OSCP

I'm so glad CBBH is on it

hopefully that one gets more industry recognition

Did u watch it?

They’re not in the discord

Neither this nor the Flare-VM repo have been updated in about a year. I don’t know how well the commando script works, but the Flare script has been way more inconsistent as time goes on

I’m just sad the Flare repo has gotten no love and is slowly becoming more problematic. I’ll probably need to write my own FLARE-lite or something if they don’t update it

Tooling i made that people might find useful https://github.com/1337Rin/Swag-PSO https://github.com/1337Rin/Auto-Magic

https://www.ncsc.gov.uk/collection/building-a-security-operations-centre

Hey Hackers, I hope you’ve been doing well! Here are the Agenda for this Week (16th - 22nd Aug 2022):
https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_03.md

• 1. Hiring & Free course
• 2. Events, Talks & Webinars
• 3. Cve's POC and analysis
  • CVE's Week 04 → 16th—22nd August 2022
• 4. Vulnerability/bugs Write-ups.
  • Hackerone Report Segment:
  • Bugs Analysis and write-ups segment:
• 5. Twitter threads
• 6. Research Article/White paper & Statistics Reports.
• 7. Tools, framework, RAT, Ransomware and malware
  • SAST/DAST/Recon/Exploit Web : * Tool
  • Cloud Security : * Tool
  • Blue Team : * Tool
  • OSINT Tools : * Tool
  • Malware Analysis : * Tool
• 8. Secuirty & Researchers: Pentesting, AppSec, SOC, Red team, Blue team, threat intelligence, Malware, Ransomware etc.
  • Misc. :
  • Blue Team :
• 9. Grey/Black Hat Hacker News:
• 10. How to get involve in Contribution ?
• 11. Source for Weekly infosec Update.
• 12. Wrapping Up. 🙂

Friendly powershell script, might help someone with DF https://github.com/Johnng007/Live-Forensicator

Where do people learn ISO-27001, SIEM, SCRUM, etc?

I see those things on every vacancy but I know no resources to learn them

Those are 3 very different things. One is compliance related, the other describes various logging and monitoring tools, and the last one is a “framework” for working in a development team

To address each of those respectively

1. Just read it idk I don’t do compliance 🤷‍♂️
2. TryHackMe has a couple rooms on Splunk, the most popular SIEM afaik, and ELK stuff in general (I think), so that’s a good place to start
3. There’s really no way to “learn” it except being in a Scrum team, because that’s what an employer is probably looking for. You can look up how scrum/agile compares to waterfall and at least know that, but not much more beyond that.

Interested in getting started with API hacking? Then check out this article: https://danaepp.com/beginners-guide-to-api-hacking

Would someone like to suggest some good repos for red teaming activities specifically exploitation phase and better if it consists ways to avoid detection

https://pastebin.com/SMzEZP9x https://github.com/themixedcoder/IT-Resources/blob/main/README.md#tech-youtubers-and-videos

hi guys, do you have any resources/books for security/security flaws in SCADA systems? I am working on security for a SCADA network and i need more details on how to ensure the security of it. thanks in advance

I don't have too much but I think these two are decent places to look
https://github.com/hslatman/awesome-industrial-control-system-security
https://github.com/neutrinoguy/awesome-ics-writeups

We started working on "Weekly Infosec Update" because It's very time consuming to monitor the InfoSec Community on twitter, telegram, reddit. discord and visiting security website every day.

I had no idea we’d end up releasing "Weekly Infosec Update" every Wednesday.
I hope community will enjoy the new version.🙏
https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_04.md

@hushed estuary ^

I don't know if I want to click that

it's a malicious link?

I have a feeling they may have deleted a malicious link 🙂

https://github.com/1337Rin/CVE-2021-4034

I would suggest using github releases for holding the artefact instead of git repo 🙂
also why don't you use os.CreateTemp() instead hardcoding /tmp PATH? not every system has /tmp mount 😄

Noted, will update the repo to use os.CreateTemp() later today.

https://github.com/SaintsConnor/Scripts-PenTest - Hopefully all scripts here work.

If anyone knows of any scripts they'd like added or coded please let me know and I'll try to get them in there.

DISCLAIMER: NOT ALL SCRIPTS ARE MINE, CREDITS HAVE BEEN GIVEN.

PS: Any CVE Scripts, will be placed in a separate folder upon creation

https://tenor.com/view/hacker-pc-meme-matrix-codes-gif-16730883

Is this we’re I can find stuff to become ultimate heker

Let me show you how to exploit APIs with cURL: https://danaepp.com/exploit-apis-with-curl

That's how I often use Pwncat
https://medium.com/@dolor3sh4ze/how-i-use-pwncat-to-reverse-shell-privesc-69f85ac78024

ooh! nice thanks!

Gave +1 Rep to @hazy bear

i love docker https://notateamserver.xyz/docker-101/

@umbral epoch please dont post (paid) self promotion as per the rules

https://regexper.com/

I tend to use https://regexr.com/

Hey Hackers, I hope you’ve been doing well on weekend!

Here are the Agenda for "Weekly infosec Update" (31th August 2022 - 6th September 2022)🙏🙏
https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_05.md

https://media.ccc.de/search/?q=scada take a look here 😉

There's also https://regex101.com

Learn about careers where you can make money hacking APIs: https://danaepp.com/how-to-make-money-hacking-apis

@elder parrot is that your site?

A personal blog. I’m at a point in my life where I want to try to give back to the community, especially the next generation coming up.

has someone any explaining resources about SSRF? I can not really understand it

https://application.security/free-application-security-training/server-side-request-forgery-in-capital-one

Here's one as an example

thank you!

Gave +1 Rep to @sonic abyss

Anyone got any good threat models for use of a vpn? Based around network attacks

No worries, can I ask - what's the reaction for lol

Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight: https://danaepp.com/hardcoded-cloud-creds-prove-its-easy-for-api-hackers-to-win

Hey Hackers, I hope you’ve been doing well on the weekend!

Here are the Agenda for new version(v0.4) of “Weekly infosec Update” (7th September—13th September 2022).

https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_06.md

This week we have made some significant changes in New version of "Weekly Security Update" v0.4

1. Added navigation Bar (called SAVE TIME).
   So hacker can select the segment and read it without Hassle with scrolling.

2. We have reduced the segment from 12 to 7 (Event, CVE, Bug bounty, Research, NEWS, Hiring & Tools).
   And We're finding a way to make it shorter and more user-friendly.

Thank you

Really goes to show how many publicly available cams here are out there

can only happen in some developed country that has a lot of cameras around

8. Practice - CTF:
   a. Hacker101 CTF - https://ctf.hacker101.com/
   b. HackThebox - https://www.hackthebox.com/
   c. TryHackeMe - https://tryhackme.com/
   d. Root Me - https://www.root-me.org/fr/Capture-The-Flag/
   e. picoCTF - https://picoctf.org/

Happy Hacking! 🙂

Your post includes illegal resources.

This week I show 3 tricks that can help you discover the language an API was written in. Know any other tricks? Would ❤️ to hear about it.

https://danaepp.com/how-to-detect-the-programming-language-of-an-api

Most of us run virtual labs on our machines. Here's a PowerShell script to ease the pain of managing that lab:
https://github.com/yaksas443/Invoke-AKSH

Anyone have any recommendations for any good resources for something like Socat for dummies?

An unpacker for PyArmor (Python protector), useful for malware analysis or CTFs
https://github.com/Svenskithesource/PyArmor-Unpacker

Learn about control environment narratives
https://www.linkedin.com/pulse/control-environment-narratives-john-whalen

Learn about V8 exploitation:
https://www.youtube.com/watch?v=Uyrv2F6wI-E

@rich dawn Please wait for your room to be published by room reviewers before posting it:)

My bad..

Is room reviewer someone who is hired by THM or just community members that volunteer?

Volunteer.

No. We are almost solely working from our in-house QA team now.

Hey Hackers, I hope you’ve been doing well on the weekend!😀

After taking feedback for last 2+ month, Finally We have finalized the Template for "WEEKLY INFOSEC UPDATE"
Here are the Agenda for new version(v0.5)🎉 of Weekly infosec Update (14th September—20th September 2022).

https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_07.md

Want to learn how to reverse engineer an undocumented API? Check this out: https://danaepp.com/how-to-craft-rogue-api-docs-for-a-target-when-they-dont-exist

TCM Academy courses Windows Privesc and Linux Privesc are free for 24 hours. Code is 100OFF

https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners?coupon_code=100OFF

https://academy.tcm-sec.com/p/linux-privilege-escalation?coupon_code=100OFF

I don't have to input any code but it's free thank you

Gave +1 Rep to @small night

Yeah code is already given (see link)

ahh didn't realize that

Hacking APIs for fun and profit requires you to know how long to stay on target, and knowing when to give up. Let's discuss. https://danaepp.com/the-bug-bounty-dilemma-when-to-give-up-on-an-api-target

Blackhat talks have been uploaded to youtube

E.g. https://youtu.be/1titzBiuxSc

Edit: these are talks from may, not august

It sucks imo that most talks from BH asia have really obvious accents

(English is not my primary language fyi)

@spring moth Don't shitpost here

Hey Hackers, I hope you’ve been doing well on the weekend!😁:

Here is the agenda for #WeeklyInfoSecUpdate v0.6 (21st Sept-27th Sept, 2022)

• In the new Version(v0.6), We have divided #WIU into two parts

1. Professional.
2. Beginners/Intermediate friendly segment.

• And We have reduced the Segment from 7 to 5.

https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_08.md

A beginner's guide to the Sliver C2, out of (respectful) spite, because they've had the guide as TODO for 9+ months now
https://notateamserver.xyz/sliver-101/

https://youtu.be/n92YrzELBJU video explaining how lemmeknow works and how it's different from pyWhat!

Let me show you how to find access control issues in APIs: https://danaepp.com/how-to-find-access-control-issues-in-apis

Do you guys know and recommend some good courses in udemy about red team?

I read about a set of courses from TheHackerNews (even if I'm not sure if they are worth), but try to give a look: https://thehackernews.com/2022/10/pay-what-you-want-for-this-collection.html

Ive started The Web Application Hacker's Handbook by virtue of your posts, thanks for the discovery and for sharing with the community👊

Gave +1 Rep to @elder parrot

Ehy I have one question: this blog series does not aim to a beginner target, right? And in such case, would you recommend studying sth?

Start here: https://danaepp.com/beginners-guide-to-api-hacking

And if you haven’t yet, check this out and enter to win 3 of my favorite books. Content ends Tuesday: https://danaepp.com/5-books-every-api-hacker-should-read

I know, I already read that, nice post man. But maybe I have to learn the bare basics of IT: I'm so beginner that I don't even know what a proxy really is and how it works

Have you downloaded my API Hacking Resource Guide? It has tons of links to resources to learn. The first few pages are all about the fundamentals of HTTP, API protocols etc

I got the email with the downloadable Guide, I'll study that. Thank you!

Awesome. Hope you find all those resources helpful!!

Got an extra 1 month Voucher at the student's account rate... DM me if you want it. I don't need to tell you the things you can get from a subscription 😉...

@tribal belfry you can post your repo here 🙂 sorry for the wait!

Let me show you how to attack APIs using payload injection with the Postman Collection Runner.

https://danaepp.com/the-api-hackers-guide-to-payload-injection-with-postman

I wrote 2 blog posts on exploiting Trackmania's server binary with some pretty advanced format string techniques, enjoy 😄

Fuzzing + reverse engineering:
https://blog.bricked.tech/posts/tmnf/part1/
Exploitation:
https://blog.bricked.tech/posts/tmnf/part2/

Have these vulnerabilities been disclosed and patched?

If so, please provide the CVEs and/or patch notes

Disclosed and WONTFIX. Though I targeted a non-default config and my exploit uses the management port which you're supposed to firewall. I purposefully hunted in this area so my exploit doesn't actually affect real server owners. The game is from 2008, so I wasn't expecting any patches either

Original Trackmania?

Can you add remediation recommendations to the blog post?

It's literally the first chapter in the exploitation blog post

Sorry I just skimmed it

Alright

any resources for CTF pls ?

@elder parrot I appreciate all the content that you have been pushing out recently but this is an infosec community.

In the spirit of being civil and professional I would like to ask you to only share content that is purely educational

You don’t think the mindset of how we are seen as hackers isn’t educational? And understanding where to draw the line on hacking vs cybercrime isn’t valuable to understand?

There are people in this DISCORD who do not understand where that line should be drawn.

I don’t care about the mindset, a rant isn’t a resource. You might disagree with their point of view but this certainly isn’t the place to put your point across.

I understand blogs are opinionated but causing drama isn’t wanted here

It’s nothing against you, I’m here to keep the peace. I would do the same if someone made a blog post directed towards you

Well, that’s your right. I think it’s an unfortunate reality that I even had to write that post. I hate the drama, but I want people to understand that hacking is not a crime. But unethical criminal activity is. I will of course abide by your decision, but I think it’s unfortunate.

I appreciate that:)

I am curious though @prisma bison , did you read my article?

(I would have DM that question, but I know how some mods feel about that)

I did not read it all, I usually put a pin in them and come back to them when I’m not busy :)

Lol. Fair enough.

When you do get to, I’d ❤️ some feedback on how I could have written that to be more aligned to the knowledge ethos on THM. Feel free to DM your input so I can incorporate that in how I write future articles.

Thanks in advance for any feedback you offer. And thanks for holding us accountable.

Perhaps because it's against rule 1 of the discord

Yep.

Can you please DM it to me, I'd like to read it. 🙂

Sure thing

Deleting the link without reading it in the first place 🤔

Even if it is technically an opinion piece, it also does go into a little bit of background on the ethical discourse around "hacking" with reference to the Computer Fraud and Abuse act and the programs created to help people, so I would argue it's educational in showing a side of that discussion.

If the conclusion is that it's an opinion piece and therefore does not count as a resource, that's cool, but it was solely judged off of the title, which is by no means perfect judgement of the contents of the article.

-mute @orchid basin Not your place to speak at all. You can argue whatever you want, the article was breaking the rule and henceforth it was removed. If you want to argue that, take it up with the community manager

🔇 Muted An00bRektn#2772 for 1 day

@elder parrot i would like to read it as well

Out of respect for the mods, let me DM you the link.

Intrigued, Id like to read that article too 🙌 feel free to DM me the link

Sent.

People can't stay away from controversy eh?

To be fair I read a portion, and while some of the claims are questionable, it is a sensitive subject in many circles, and can be subject to misinterpretation easily, as it's a very very nuanced subject, which I don't think you covered very clearly (unless it was further in bit I was somewhat occupied at the time)

What happened here 👀

Nothing major

Blog post was linked, bit of a touchy topic, asked to remove as opinion pieces aren't exactly resources

https://www.instagram.com/tv/CjgW0fEgxb1/?igshid=YmMyMTA2M2Y=

Small OSINT blog I’m starting to educate the public on OSINT and best steps to take regarding OPSEC

I hope this is okay I posted this as a resource 😅if not feel free to remove it. also any feedback is greatly appreciated

anyone got resources on image forensics? and i mean image as in identifying if a picture was adulterated by someone

@desert laurel please don't advertise your YouTube videos here

Advertise...!
It's a resource.

It's your video

Even if it is
Don't people create resources and share them so that others can use it.
It was not a tampon add..!

Advertising is against the rules here.

Are previous videos and articles only visible to me😅

Anyway leave it

Check out how to use Azure GPU-enabled virtual machines to crack your API JWT tokens to find broken user authentication vulns.

https://danaepp.com/how-to-use-azure-to-crack-api-auth-tokens

I got you bro

-mute 309688166929924096 7d You always trying to rebel against mod actions. James clearly told them to not advertise their youtube videos here, now you try to circumvent that decision by posting their video yourself.

🔇 Muted jB#9815 for 1 week

https://tenor.com/view/1984-gif-19260546

yes.

Hey Hackers, I hope you’ve been doing well on the weekend!😁:

Here is the agenda for #WeeklyInfoSecUpdate v0.7 an open source Newsletter (27th Sept—12th October 2022)

https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_09.md

Note: In upcoming weeks we'll be releasing Weekly Infosec Update v0.7 at different time and date.

Why not automate some of your API hacking to test for authorization vulnerabilities? Read this to find out how.
https://danaepp.com/automate-your-api-hacking-with-autorize

I hope it will be helpfull https://link.medium.com/Sw95L3DGZtb

https://link.medium.com/cFx3mpw1crb

https://github.com/coreb1t/awesome-pentest-cheat-sheets

@shut ferry please don't advertise here

Let me show you how to use Postman to attack the Microsoft Graph API.
https://danaepp.com/attacking-microsoft-graph-with-postman

https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki

if you complete one of the challenges you get a free cert exam for that challenge topic.
https://www.microsoft.com/en-US/cloudskillschallenge/ignite/officialrules/2022

Hey Hackers, I hope you’ve been doing well on the weekend!😁:

Presenting v0.7 of Weekly InfoSec Update #WIU - An open source Newsletter. For 12th Oct—18th October 2022

https://github.com/RESETHACKER-COMMUNITY/Pentesting-Bugbounty/blob/main/ResetCybersecuirty/Weekly_Infosec_Update(WIU)/Weekly_Infosec_Update_10.md

@shut ferry That site seems to have terrible reviews and requires a signup to access that, so I rather remove that post. (Not talking about the shared microsoft link, for anyone wondering)

oh ok

ill keep that in mind

no sign up books

@finite patio that’s not a resource

https://danaepp.com/can-sbom-help-you-attack-apis

https://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/proc.html

https://github.com/specterops/at-ps

Hey All,

Can any one help me Steel Mountain?
I'm getting an error that "Something went wrong..! Usage is :[.] python exploit.py <Target IP address> <Target Port Number>" though I have converted python script to latest python 3

Also not able to start http.server on port 80 as it is already used by other service & if I try to kill that service then the whole tryhackme attack machine is getting disconnected

Please don't ask the same question over multiple channels.
Also, this channel is for resources, not for room questions

https://danaepp.com/5-big-mistakes-beginners-make-hacking-apis

https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/

Choosing the right hacking PC for you can be difficult with all the choices. I tried without being too technical to tell how to choose a good pc for that purpose.

https://youtu.be/VjSmVtB1AEI

https://github.com/Supreme-coder929/Mist

I made this, tell me if you like it.

can has more tl;dr of what toolkit does???

Did you go to the link to see what it does?

I say it in the repo

It’s also not long to read

I made it short

fair enoughs

A proper description is nice though

If those keys are real, you should revoke them, now.

Quick refactor, you should probably extract the boys that colour the text to a separate class/module/function.

I'd also use command line parameters rather than menus to drive the thing. This will make scripting and automation much easier

Oh yeah they are realn

But it’s free

https://twitter.com/TCMSecurity/status/1585683642440814592?s=20&t=Sd4GxvOU7mnzP1PlgR8UHQ

Probably not acceptable use to share them

revoke them now, sharing API keys is usually against ToS, and you should never store secrets in git

https://github.com/psf/black

I'd like to recommend you this to use

And use a context manager ( with) instead of using f.open()

It’s tos in GitHub?

no, the service

Even if it's not against the ToS, you are responsible for all the actions taken with the API key - some might go against the ToS

https://www.ipqualityscore.com/terms-of-service

doesn't say anything about it

https://danaepp.com/7-essential-burp-extensions-for-hacking-apis

https://github.com/1337Rin/sec-resources currently looking for commits if anyone is inclined

blog related to CTF
https://wiki.bi0s.in/#introduction

https://danaepp.com/api-pentesting-101-the-rules-of-engagement

Kerberoasting tutorials for beginners. Also useful for oscp students.
https://link.medium.com/h9VdPtEhDub

Tried writing first time , so feel free to give feedback.

https://readme.so create neat and organized repositories

Hello everyone, I have created a cheatsheet while preparing for OSCP. It also has Active Directory Attacks, probably more than required by oscp.

https://strange-1.gitbook.io/notes/

https://www.youtube.com/watch?v=8mAITcNt710

Literally 3rd and 4th bullets

Anyone know of any good resources or books on cyber law? Reason I ask is because I want to get more experience with external reconnaissance using DNS, etc. but don't know where to draw the line.

Edit: Will just stick with systems I own or have written permission to test to be safe. Just got confused because I ran across a (seemingly) reputable resource with dnsrecon examples that do zone transfers on third-party domains the author clearly doesn't own. There are other examples too of probing what seems to be a bit too far into large company's DNS info.... Maybe I'm overly cautious, but seems better to be safe than sorry.

But still, if you have any good resources/books on cyber law, I'm still interested.

Have you checked the #bookclub ?

ToolBar has its first official release:

v0.5 - The first Brew is now out!

https://GitHub.com/SaintsConnor/ToolBar

https://github.com/RUB-NDS/PRET

When developers use insecure defaults, API security testing gets much more interesting. Let's predict and pwn those GUIDs used in APIs.

https://danaepp.com/attacking-predictable-guids-when-hacking-apis

https://skerritt.blog/tryhackme-hard/

https://blog.ret2.io/2022/06/29/pwn2own-2021-safari-sandbox-intel-graphics-exploit/

https://blog.ret2.io/assets/img/p2o_2021_eop_demo.mp4

Why click link no work

this would be really great

if you could post the actual pdf

hey i know that girl

What pdf ??

Just zoom in on the images @sonic abyss.

What is the original file

not being able to click on the links is painful tbh

this help?

found the pdf from the authors linkedin page that was listed in the first image also available through this route if preferred:

https://www.linkedin.com/posts/chintangurjar_repo-list-activity-6996618801899274240-UE4Y?utm_source=share&utm_medium=member_desktop

Hello, any good resource for Active directory pentesting ?

would always pref PDF's

Anyone have resources for AWS Cloud Practitioner Cert?

A Cloud Guru has a good course on it.

https://whalenenterprise.com/security-safeguards

The Gramm-Leach-Bliley Act requires companies

that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

https://www.youtube.com/watch?v=gd7BXuUQ91w

Never authorize any company to use your data for information sharing purposes.

Seriously, too much resource

https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/

How can you have too much resources ???
That's the equivalent of going to the bank and informing the person standing behind the counter that you believe you have too much money.

Introducing 23 free resources to learn about API security testing:

- Video: Traceable AI, API Hacking 101.
- Video: Katie Paxton-Fear, API Hacking.
- Video: Bugcrowd, Bad API, hAPI Hackers.
- Video: OWASP API Security Top 10 Webinar.
- Blog: Detectify, How To Hack API's in 2021.
- Blog: HackXpert, Let's build an API to hack.
- Video: Bugcrowd, API Security 101 by Sadako.
- Video: David Bombal, Free API Hacking Course.
- Blog: Wallarm, How To Hack API In 60 Minutes.
- Website: APIsecurity IO, API Security Articles.
- Blog: Curity, The API Security Maturity Model.
- Blog: Expedited Security, API Security MegaGuide.
- Video: Grant Ongers, API Security Testing Workshop.
- Videos: The XSS Rat, API Testing And Securing Guide.
- Blog: APIsec OWASP API Security Top 10: A Deep Dive.
- Podcast: We Hack Purple, API Security Best Practices.
- Blog: Kontra Application Security, Owasp Top 10 for API.
- Blog: Secure Delivery, OWASP API Top 10 CTF Walk-through.
- Blog: SmartBear, How To Hack An API And Get Away With It.
- Blog: Ping Identity, API Security: The Complete Guide 2022.
- Video: SANS Offensive Operations, Analyzing OWASP API Security.
- Blog: Bend Theory, Exploiting Unintended Functionality in API's.
- Blog: Bright Security, Complete Guide to Threats, Methods & Tools.

https://xss-quiz.int21h.jp/ - some neat beginnerish XSS challs (looks like 9 is broken, and 11 is giving me a 500)
https://xss.challenge.training.hacq.me/ - some more irritating, CTF style ones although some are broken now

hi

https://danaepp.com/tracing-api-exploitability-through-code-review-and-taint-analysis

@shut ferry

!rule 3

Rule 3: No excessive self promotion. You are welcome to post livestreams, writeups, and videos of THM content in #thm-community-media; these should be submitted to the room in question and approved by the creator before being posted here (it goes without saying that 'writeups' which are just copy/pasted room content, or are answer dumps, are a big no-no). Please do not abuse this. Be respectful to other users -- we are not interested in seeing you repeatedly spam your own content.
When in doubt, ask a moderator in the chat :)

Oh my bad😅

I'll ask next time

https://www.youtube.com/watch?v=92I5JwlluK4

why does that girl kinda look like andrew tate

wut.

It is his stunt double.

 Introducing 24 web-application hacking tools:

1. Burp Suite - Framework.
2. ZAP Proxy - Framework.
3. Dirsearch - HTTP bruteforcing.
4. Nmap - Port scanning.
5. Sublist3r - Subdomain discovery.
6. Amass - Subdomain discovery.
7. SQLmap - SQLi exploitation.
8. Metasploit - Framework.
9. WPscan - WordPress exploitation.
10. Nikto - Webserver scanning.
11. HTTPX - HTTP probing.
12. Nuclei - YAML based template scanning.
13. FFUF - HTTP probing.
14. Subfinder - Subdomain discovery.
15. Masscan - Mass IP and port scanner.
16. Lazy Recon - Subdomain discovery.
18. XSS Hunter - Blind XSS discovery.
19. Aquatone - HTTP based recon.
20. LinkFinder - Endpoint discovery through JS files.
21. JS-Scan - Endpoint discovery through JS files.
22. GAU - Historical attack surface mapping.
23. Parameth - Bruteforce GET and POST parameters.
24. truffleHog - Find credentials in GitHub commits.

https://www.osintme.com/index.php/2021/12/06/how-to-investigate-a-massive-phishing-campaign/

Is it possible for tryhackme to give me there set up for Ubuntu with all the tools virtual machine for VMware 🤔

No, they don't give the attackbox out.

@stuck abyss that sucks it’s such a good layout 😎

https://github.com/0x90n/InfoSec-Black-Friday

https://www.inc.com/jason-aten/the-fbi-has-a-warning-for-tiktok-users-why-it-says-you-should-be-extremely-concerned.html

https://github.com/trungdq88/Awesome-Black-Friday-Cyber-Monday
re-share from other server

https://sqlbolt.com/ great sql refresher :)

Looking for good resources on Python/C++ programming specifically for hacking/cyber sec. Something like "Python for Black Hat Hackers"

Also looking for good resources on Cloud basics and security

I know a lot of people have asked about building home labs, BHIS is having a webinar on Thursday about how to do this https://zoom.us/webinar/register/WN_lav-QqASTUi--pAp7reMgA

if you are interested in Azure, look up John Savill on Youtube. He is great.
Black Hills InfoSec also has a lot of stuff on Cloud security https://www.youtube.com/c/BlackHillsInformationSecurity/videos

Are there any resources that individuals can recommend for policy frameworks? I'm interviewing for a medical device start up and I know ISO 14971:2019 is considered the gold standard, but I think it might be cost prohibitive while the company is in stealth mode. Is there a NIST equivalent or other that one could recommend?

https://blog.bushidotoken.net/2022/11/detecting-and-fingerprinting.html

How much experience do you have with Python? Like learning from scratch or do you already know basics?

Decently experienced, been programming Java and python for 5-6 months pretty intensively

https://tech.lgbt/@autumnalbee/109445555183161530

This is nuts, but it's a great resource. I have been using it to learn new things all day and it's so cool that it can just write detailed instructions on contributing to open source projects

There are plenty of books available for learning Python hacking, I would look up a few and check the table of contents and check if there is anything interesting for you there.

Personally, I have read Black Hat Python 2e by Justin Seitz, Tim Arnold and Python Pentesting essentials by Mohit. And they are good for getting started.

I think THM also has a few modules with Python scripting which are great for getting started.

https://www.linkedin.com/posts/john-r-whalen_why-you-should-use-identity-access-management-activity-7004891679337967616-kpN8?utm_source=share&utm_medium=member_desktop Why is Identity access management SO imperative for excellent performing remote teams?

I explain how to leverage identity access management to clearly align scope, and objectives for distributed technical teams in this 30 second video.

A great video/interview on OSINT

https://www.youtube.com/watch?v=ImWJgDQ-_ek

Regarding 'note taking' whilst you study and practice. I'm generally not a note taker, i never have been - however, i definitely now understand the importance and value of it. There is so much to take in working through the THM Rooms and then doing further deep dives in to topics, it would be near impossible to just remember everything.

Someone suggested to me 'Obsidian.md' - https://obsidian.md/

honestly had to share it on, i found it incredibly easy to use and internally link/branch topics. I now have my own Archive of knowledge!!

I noticed a lot of people making writeups for things like sans-holiday hack and tryhackme use https://squidfunk.github.io/mkdocs-material/. Ive been trying it out for my own writeups and its pretty nice. lots of formatting options and its markdown

Any resources for hardware hacking? I’ve been told to just open up computers but it’s quite overwhelming and I don’t know where to go from there.

"just open up computers" sounds like real shady advice 😅
I'm not into hardware hacking but I know there is a sub on reddit for it (/r/hardwarehacking) which might be a good start. Also one of the books included in the hacking humble bundle that's running at the moment is for hardware ("The Hardware Hacker" by Andrew Huang)
Good luck and have fun 👍

https://tenor.com/view/do-it-kermit-darth-kermit-gif-25450285

This humble bundle has some nice books in it
https://www.humblebundle.com/books/holiday-encore-become-cybersecurity-expert-wiley-books

any good resources for beginner-level malware analysis?

https://danaepp.com/how-to-extract-artifacts-from-openapi-docs-to-help-attack-apis

Check NoStarchPress Malware related books (Practical Malware Analysis and Malware Data Science), but also, Husky's Malware analysis course is great. https://academy.tcm-sec.com/p/practical-malware-analysis-triage You will learn how to build safe env, and you will get modified samples. really solid course for beginners.

Hi All this is a good article to go through
https://blog.securelayer7.net/web-service-security-penetration-testing/

Hi everyone, http://whalenenterprise.com/events-project I offer free digital security courses every Wednesday from 6:30-730 Mountain

Hey, one of the tasks for advent of cyber was de-obsfucating malware. I was actually interested in the methods of the reverse. I just don't understand how you manage to do that to your code and still have it run.

And it peaked my interest after doing that task

ooh, i haven't done that one yet - but you have peaked MY interest now 😄 following, for any good resources to deep dive into after

i was just looking at the sections of this course, @sterile gale it may have some answers here. it's a paid course, but not overly expensive to be fair.

I'll take a look. Thanks

Gave +1 Rep to @mortal wadi

Yea, Husky's course is great - I really recommend it, especially for beginners. I forgot to mention also Sam's Bowne course, which is open to everyone. It uses NoStarch book as a textbook. https://samsclass.info/126/126_S17.shtml

Thanks @shut ferry - bookmarked for later 🙂

Gave +1 Rep to @mighty gazelle

Thanks a heap

Gave +1 Rep to @mighty gazelle

The Wreath network kind of intros to the ideas behind obfuscation as it relates to AV evasion, but Holo dives way deeper into it. It's a fairly deep topic that I think is more appropriate for the #exploit-and-mal-studies chat, but you're usually writing a readable payload first, then using automated and manual processes to change things around.

You're really just changing the code to be "worse" by traditional programming standards. Adding redundant conditions, making the way data is stored more complicated, etc.

michael bazzel: i can fix that

I saw this on reddit. If anyone is interested (ISC)2 has released a new course called Certified in Cybersecurity. The first 1 million people to register for it can get the self-paced study guide + exam for free:
https://www.isc2.org/landing/1MCC

$50 fee if you want to sign up

After you pass

Idk if everyone already knows about this since it’s really good, but I found this on gitbooks. Has links to resources on cyber intelligence, red team, blue team, and yellow team stuff. Also goes over anonymity. https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/

didn't know about it, looks interesting, will take a look over it, thanks for sharing.

Gave +1 Rep to @eternal rivet

If someone ist interested

waf bypassing related resources anybody have

Why are you trying to bypass a WAF?

Does anyone have any idea about an Autoit decompiler?? exe2aut doesn't seem to work

Hi, any good resources on Encryption and Key Management(PKI)?

Hi folks here is a good article to read https://blog.securelayer7.net/attack-surface-management/

linux file permissions for beginners: https://tomsitcafe.com/2022/12/15/understanding-the-linux-file-permissions/

I'm reading the mdn docs for javascript and it says you can declare and reference variables before/without initializing them (assigning them a value), in which case, (without a value) they will always return undefined.

Why would you want to do something like this?

The Docs also mentioned variable mutations, which allow you to change the value of a const...? I'm assuming you can use this to manipulate available functionality based on varying events or context?

Hey wrapper, have a look through this: https://github.com/getify/You-Dont-Know-JS/blob/2nd-ed/scope-closures/ch5.md
Perhaps that answers some of your questions

This particular chapter is useful I think but this series in general is a good one if you want to learn the workings of js well

https://www.youtube.com/watch?v=qdw7ul5_Sjo 

The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. VERIS targets this problem by helping organizations to collect useful incident-related information and to share that information - anonymously and responsibly - with others. The overall goal is to lay a foundation from which we can constructively and cooperatively learn from our experiences to better measure and manage risk.

Oh my god I almost didn't see this, thank you!

Gave +1 Rep to @hollow depot

no problem, I recommend that whole book series in general 🙂

Also, I thought I sent those messages to programming, whaddahek lol

its ok, its still a resource I guess haha

Lmao true

I can't sleep so I'll go give that a read now,.thanks again!

Hi ! I'm looking for a good book on sys calls, any recommendation ?

Learn about bypassing SID Filtering Techniques
https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-4-bypass-sid-filtering-research

Anyone listening to any interesting podcasts for cybersecurity that a beginner should listen too? I watch Dr. Auger on youtube, Neil Bridges, David Bombal, and Network Chuck currently.

You should check Darknet Dairies by Jack Rhysider. It has interesting hacker stories from darkweb, blackhat hackers and pentesting stories. Available on Spotify!

ah very nice thank you @polar siren

Gave +1 Rep to @polar siren

Darknet Dairies is the shit. It's so cool

Cyber Security Headlines

https://cisoseries.com/category/podcast/cyber-security-headlines/

Also there is SANS Stormcast

https://isc.sans.edu/podcast.html

Thank you!

Gave +1 Rep to @south marlin

I’m going check this out.

https://danaepp.com/how-to-use-oast-to-detect-vulnerabilities-in-an-api

Would anyone be willing to share their thm notes with me?

Hey guys I am currently writing notes on THM advent of cyber 2022 challenge, I just did post Day 02 article yesterday and today I am gonna post Day 03 as well.

Link (Medium) --> https://medium.com/@dasitha.samarasinghe

If there's anything wrong please be kind to leave feedbacks or DM me on discord, and I am open to work on writing articles with anyone!

DM me brother! 🙂

you could probably use the -i switch for grep to make it case insensitive

Thank you so much for correcting me, just made the edit now

Gave +1 Rep to @west galleon

@graceful saffron that’s an answer dump, it is against our content policy.

If you copy and paste whole tasks including all their answers, we may report your blog.

Our employees and partners have worked hard to make the content in Advent of Cyber 🙂

oh its like write up like others doing..i want to share the knowledge with my collegues on this journey

i explained how to obtain the answers, not just dump answers

please read my previous post, I did put hard work and big time to explain this with additional information

i dont understand why it tolerates, since others doing articles and yt video walkthroughs

i can stop from right now writing further about these challenges, if this is serious

i only copied quizzes

not whole contents

You copied the whole task content :)

can someone here please confirm that I that copied that contents?

there maybe exact words in both, I just got idea what these contents telling and i did put with my own way like a twist

the task contents, you mean, the quizzes?

while not a verbatim copy, it's still pretty close to what I'd call plagiarism. Also please refrain from posting direct answers, flags and passwords in writeups

Okay i will not to do this again future, hope team doesnt report this

Learn about GoldenGMSA Trust attack across intra-forest trusts.

https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-5-golden-gmsa-trust-attack-from-child-to-parent

Is there a John The Ripper Syntax#s cheatsheet somewhere? I have just made notes during the room but would like a good refrence to bookmark

Learn about how schema replication allows a child domain to modify the schema and compromise objects in the parent domain just like a Schema Admin

https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-6-schema-change-trust-attack-from-child-to-parent

https://github.com/chubin/cheat.sh
Does a great job of collecting and making popular cheatsheets usable from web/console (e.g. "curl cheat.sh/john"). I think that you can contribute to the project by submitting your your pull request here https://github.com/tldr-pages/tldr/blob/main/pages/common/john.md

here is some help for using LVM for the beginners: https://tomsitcafe.com/2022/12/22/what-is-the-logical-volume-manager-lvm-and-how-to-use-it/

hi all, i lookin for a software to scan my website directorie in my linux serveur, i tested clamAV but nothing and i know that i have some files infected. Can u tell me what is the best tool please ?

https://youtu.be/6xexyQwG7SY

What are some good THM rooms for binary exploitation?

To learn? Not many afaik. There's a "ret2libc" room and an "Intro to Pwntools", but those are the only I'd recommend. To practice? "Pwn 101" is the only one I can remember that was decent.

I would recommend looking at LiveOverflow's Binary Exploitation series or CryptoCat's Intro to Buffer Overflow for solid content. ROP Emporium, exploit.education, and pwn.college are other good places.

Thank you very much ^^

Mobile Application Security:

Websites:
https://snyk.io/learn/application-security/mobile-application-security/
https://mas.owasp.org
https://www.youtube.com/watch?v=Tujbk4ToVMI

Lectures/Courses:
https://www.udemy.com/course/mobile-application-security-and-penetration-testing-e/
https://ocw.mit.edu/courses/6-858-computer-systems-security-fall-2014/resources/lecture-20-mobile-phone-security/
https://people.eecs.ku.edu/~hossein/710/Lectures/Readings/00-EECS710-Workshops/24-mobile-app-sec-workshop.pdf
https://academy.tcm-sec.com/courses/enrolled/1557555

Applications for Testing:
https://github.com/0xArab/diva-apk-file
https://mas.owasp.org/MASTG/Tools/0x08a-Testing-Tools/#mobsf-for-ios
https://github.com/xtiankisutsa/awesome-mobile-CTF
https://www.vulnhub.com/entry/android4-1,233/

Certificates:
https://www.sans.org/cyber-security-courses/mobile-device-security-ethical-hacking/
https://elearnsecurity.com/product/emapt-certification/

Write-ups
https://cygnus.mataroa.blog/

Learn about how attackers with administrative access on a trusting domain can gain access to trusted domain with the exploitation of trust account.

https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-7-trust-account-attack-from-trusting-to-trusted

If you (or anybody else) are interested in learning about ICS sec and adjacent topics, you can also check what CISA offers: https://www.cisa.gov/uscert/ics/Training-Available-Through-CISA 301v and 401v are available for free online, you just need to register to them since number of seats is limited (https://www.cisa.gov/uscert/ics/Calendar). First, it is good to go through their listed web based stuff, you can check on https://ics-training.inl.gov/learn/catalog - you just make account and get access. :)

Web Application Security:

Websites/Videos:
https://owasp.org/
https://youtube.com/playlist?list=PLBf0hzazHTGO3EpGAs718LvLsiMIv9dSC

Lectures/Courses:
https://portswigger.net/
https://learn.snyk.io/
https://www.udemy.com/course/pentesting/learn/lecture/30191548?start=0

Applications for Testing:
https://owasp.org/www-project-juice-shop/
http://www.itsecgames.com/
https://github.com/digininja/DVWA
https://sourceforge.net/projects/metasploitable/
https://academy.hackthebox.com/catalogue

Certificates:
OffSec: Web 100-300
https://elearnsecurity.com/product/ewpt-certification/

Write-ups
https://docs.rapid7.com/metasploit/metasploitable-2-exploitability-guide/

Mass hunting IDORs using jq and Swagger files
https://blog.akenofu.me/mass-hunting-idors-in-openapispecification-swagger-files/

Learn how to bypass Kerberoast detection by modifying the encryption type and ticket options. Also, in the end, act as a purple teamer and use the detect&attack strategy which is useful to gain perspective of both sides

https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/

https://danaepp.com/hacking-a-net-api-in-the-real-world

As we push computers to “the edge,” building an increasingly complex world of interconnected systems and devices, security and privacy continue to dominate the national dialogue.

Check out the latest video
https://youtu.be/ZG8aUgTqtWg

@shut ferry Can you interact with the community instead of just promoting your content, please?

Just for anyone interested in starting off in binary exploitation, CryptoCat's course is amazing. I'm half-way through and having lots of fun.

Learn about the writable path local privilege escalation vulnerabilities adversary can abuse which includes methods like DLL Hijacking and DLL planting. In this, there are three system services that can be abused.

1. Windows Task Scheduler
2. NetMan Service
3. IKEEXT Service

https://www.praetorian.com/blog/red-team-local-privilege-escalation-writable-system-path-privilege-escalation-part-1/

https://njmulsqb.github.io/2022/12/28/Utilizing-data-from-azure-defender.html

K9-Crypter, written in C#
https://github.com/Nik0Sec/K9-Crypter

I would say my one con with it is that the explanation of the vulnerability and internals is a bit more high-level than I would want, but other than that yeah.

Yeah some more theory would be nice but nothing google and a second screen can't cover!

https://www.praetorian.com/blog/red-team-privilege-escalation-rbcd-based-privilege-escalation-part-2/

EP000: Setting Up The Hacking Lab | HACKING FOR DUMMIES

To set up a hacking lab, you will need to create a simulated environment in which you can practice and develop your hacking skills. This may involve setting up virtual machines or installing specialized software on a physical computer. It is important to follow best practices to ensure the lab is secure.

https://youtu.be/GuOibs-v8qo

https://www.praetorian.com/blog/inside-mimikatz-part1/

I am excited to announce the first release of "Damn Vulnerable Electron App", an intentionally-built vulnerable ElectronJS app for learning security issues in ElectronJS.

There was no other similar project to practice ElectronJS vulnerabilities on, so I built it!

For more details about DVEA visit: https://njmulsqb.github.io/2023/01/03/releasing-DVEA.html

https://www.praetorian.com/blog/inside-mimikatz-part2/

the njmulsqb.engineer link isn't resolving

Its njmulsqb.github.io and working fine with me

This is a huge block that looks a lot like spam. What's your goal in posting it?

do you?

it look like spam?

Yes

Enormous text walls are, definitionally, spam.

Was that Medium link monetized in any way?

Please do not send unsolicited friend requests.

super amazing website that teaches refactoring for free. you can also buy the course, which i've done. i think it's worth it. https://refactoring.guru/ Note: I'm not affiliated with this site in any way, just found it because I want to learn refactoring

https://socradar.io/dark-web-profile-muddywater-apt-group/

Any learning resources for android/mobile based ctf's

Host your Obsidian notes with MkDocs & Nginx
https://www.youtube.com/watch?v=aMVi4kWd1b0

For what?

-undelete -a

Up to 10 last deleted messages (last hour or 12 hours for premium):

none...

Yikes

CyberDucky is ready to hack! Hope you all are having a great year so far. Thank you for all the love. Blueprint for how a pentest is structured!
https://youtu.be/6o25auMAVv8

Not sure if any of these contain any pirated resources, but there all linked on the defcon websites and I found some great resources in em
https://media.defcon.org/
https://infocon.org/podcasts/?C=N&O=A
https://defcon.org/html/links/dc-torrent.html

quite sure it is all legal stuff from defcon or they would get in a lot of trouble quickly

This is amazing, thanks for sharing!

Gave +1 Rep to @sonic abyss

i just put together some LUKS hands-on: https://tomsitcafe.com/2023/01/10/what-is-luks-and-how-to-use-it/

https://youtu.be/mJ-qvsxPHpY

Hi, curious to know if any automated vulnerability tool exists for Elasticsearch database vulnerability scan?

Maybe start here: https://book.hacktricks.xyz/network-services-pentesting/9200-pentesting-elasticsearch

https://www.youtube.com/watch?v=1EDI0YUXMRA Learn Information Security with pictures

https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

Interesting explanation of public key crypto

Anyone have a good resource to learn regexp? Looking for book recommendations and sites.

https://taggartinstitute.org/p/intro-to-regular-expressions

Thanks.

Gave +1 Rep to @nova current

Sharing this for those who may be interested: I added a #MalwareBazaar downloader to HuskyHack's blue-jupyter notebook. It works but still needs clean ingup.
https://github.com/accidentalrebel/blue-jupyter/blob/main/malware-analysis/Malware-Analysis.ipynb?fbclid=IwAR08jwn7CEp3_f5wi4FEKc8Z85nr2uqu_8jQdppaKF_DhJUcM7cGY452Fjo

https://www.humblebundle.com/books/linux-and-sysadmin-tools-oreilly-books

Hey guys, I created a free open source project to help people get started on making their first contribution with an easy step by step guide

If there's any suggestions or ways I can improve this please let me know

https://github.com/HyunCafe/contribute-practice

https://github.com/brightio/penelope

Have you guys tried this tool?

Hey, what's the best/most used emulator for mobile?

genymotion or the android emulator from android studio, if you go the android studio route this tutorial is pretty good for a full lab setup: https://www.trustedsec.com/blog/set-up-an-android-hacking-lab-for-0/

I've used nox and partially bluestacks, my somewhat illogical refrain from geny is that it requires virtualbox

Thanks

for debugging purposes these twos are more user friendly I would say but it depends on the user goals as usual

Bee even kindly gave the markdown version.

I added more rooms and removed expired ones, also I will be including the write-ups and events. The objective is to provide value and grow the community nothing more

I'm providing a place where people can get all the free rooms, track their process and solutions, and connect with other people with the same taste for cybersecurity, looking for contributors, not the opposite, take care guys @stuck abyss @hazy bear

I get that, however speaking from a personal POV, (and good practice for yourself).

You could give Bee a little credit.

Sure whats the socials? I think he deserve it but I couldn't find it so I just did the repo. I'm sure he doesn't mind anyway...

Good point, I don't actually know 😂

@tepid patio

What's your socials 😂

Thanks, It's on his discord profile, but I will ask first by email see if he wants

Greetings THM community! ❤️

Are you looking to master cybersecurity skills and take your knowledge to the next level?
Look no further than this TryHackMe free path repository! This collection of personal solutions and explanations will guide you through various rooms and challenges to help you improve your understanding of cybersecurity. Whether you're new to the field or looking to deepen your expertise, this repository has something to offer. Fork it today, and start your journey to becoming a cybersecurity pro!

https://github.com/migueltc13/TryHackMe

@iron cliff has been warned.

@brazen sequoia How do I get this message in #thm-community-media, thank you in advance

Gave +1 Rep to @brazen sequoia

You copy paste it?

I feel like having it in here already is good enough, but if you really feel the need to post it there too, go for it, since it's technically THM content

I have no permissions in that channel

You probably have to verify first

!docs verify

henlo bee_sec_san on twitter and skerritt.blog

i saw da email and DM on twitter

currently i am in a job interview rn lol so will look at it properly later

Good luck on the interview Bee!

I really like this idea, however I do think the order is a bit of - for example networking being pretty high up (even above things like RE), it should be lower as a core fundamental you should know

I also think the name of the repo should be more specific instead of just "TryHackMe"

i started to take notes during the rooms, now i switched to do write-ups: https://tomsitcafe.com/2023/01/16/tryhackme-owasp-juice-shop-write-up/

Hey, I just wanted to say I gave genymotion a chance and it works great!
Setting up was super easy with 0 errors, no hyper-V issues(Nox), no lock screen/root issues(Bluestacks).
Thanks again 🙂

Gave +1 Rep to @jagged haven

@gaunt needle has been warned.

Thank you for the feedback @sonic abyss, what I have in mind is to make more learning paths for specific skills in the future, maybe like "TryHackMe-Paths" idk yet
I will remove the categories and order the free path from fundamentals to advanced, ty

Gave +1 Rep to @sonic abyss

https://danaepp.com/a-step-by-step-guide-to-writing-extensions-for-api-pentesting-in-burpsuite

Hey! Can you tell me what guide you used for setting genymotion?
I've been trying to set it up so I can intercept requests in burp but have been unable to do so

I've downloaded genymotion with virtual box, installed, registered, opened a samsung galaxy S10 with default options

Android Certificate
Export certificate from burp

Convert the Certificate from der to acceptable formats:

Genymotion: 
openssl x509 -inform der -in cacert.der -out burp.cer
drag&drop and install from phone.

I used httptoolkit for proxy because setting burp to work for apps is problematic, it works great for web though

for beginners i put together a little help for Hydra https://youtu.be/jY6-ls1v_qM

John the Ripper will be the next tool

VulnPlanet repo - The most extensive collection of well-structured vulnerable code examples and fixes on the internet for Web2, Web3, API and Mobile (iOS and Android).

Link: https://github.com/yevh/VulnPlanet

Anyone have a good resource to learn binary exploitation and reverse engineering???

You can use the search icon at the top right of your screen and search for stuff people have already posted 🙂

👋 hey there! I started a security newsletter dedicated to Threat Detection and Detection Engineering. I try to aggregate news on the art of detection and send it to your inbox every week. Here's the latest issue https://www.detectionengineering.net/p/detection-engineering-weekly-7-circleci if this is useful feel free to subscribe, itll always be free!

Thanks @honest nebula 😄👍

Gave +1 Rep to @honest nebula

Hey, thm don't resources in mobile department, anyone knows a good source of similar style?

https://mobile-security.gitbook.io/mobile-security-testing-guide/overview/0x03-overview
https://book.hacktricks.xyz/mobile-pentesting/android-checklist

I was looking for something more towards the challenges and hands on style

TCM security has one course dedicated to mobile, although paid

Thanks! I will look into it

Gave +1 Rep to @jagged haven