☠️
Uriel Berdeja
  • General
    • Virtual Machines Setup Notes
    • C++17 and C++20 Interesting Features
  • Windows
    • A walkthrough over Themida anti-debug techniques
    • Structured Exception Handlers
    • Win32 Authorization System
    • .NET CLR process internals
    • ClickOnce Technical Details
    • WebDAV Technical Details
    • Monikers
  • Uncategorized
    • Snippets
    • Windows Various Notes
    • Index of ingest resources
    • Tooling Resources
    • TODO List
Powered by GitBook
On this page

Was this helpful?

  1. Uncategorized

Index of ingest resources

PreviousWindows Various NotesNextTooling Resources

Last updated 7 months ago

Was this helpful?

This blog has more interesting Windows Internals topics

Interesting Linux Syscalls Tables

Living Off The Land

Iptables cheatsheet

Windows API Cheatsheet

AD credentials harvesting from Request Smuggling

Multithreading in C (Linux)

Intro to Linux Kernel Exploitation

Useful LPE workshop Linux and Windows

tooling for SUID enum

FUSE based Linux Kernel exploitation

Linux LPE cheatsheet

Windows Security Descriptor

Android Drivers Exploitation

Chromium V8 Heap Sandbox Evasion

Heap Exploitation Series

Reverse Engineering AWS Session Tokens

Chrome Exploitation Introduction

Cool Windows Kernel Exploitation adn Reversing resources

Certs in MSIX ???

Linux Process Memory Layout

Windows Access Tokens

Active Directory Cheatsheet

iOS mobile auth attack

Forest Compromise through AMA abuse

ARM64 Reversing and Exploitation Series

LDAP offensive queries

Sockets without Winsocks!!!

Some interesting pentest notes

Cloud hacking cheatsheets

Javascript files and wayback

waybackurls url | grep '.js$' | awk -F '?' '{print $1}' | sort -u | xargs -I{} python lazyegg[.]py "{}" --js_urls --domains --ips > urls && cat urls | grep '.' | sort -u | xargs -I{} httpx -silent -u {} -sc -title -td

Win32 memory internals

IOT exploitation series

Android ART Hijacking based obfuscation

Linux Kernel Internals

Mega Awesome List

IDOR cheathseet

SSTI

sdclt.exe fileless uac bypass

Websec mindmap

Stack Spoofing Intro

Signing Trusted in Azure

AD mind map

SS7 exploitation

Azure Agents and Defender for Endpoints

Windows UEFI bootkit

LTE Sniffer

Browser Fingerprinting Checker

Akamai

Hcaptca anaylsis

Hardware Hacking BIOS

Active Directory Cheatsheet

SIM hijacking

.NET deserealization attack using XAML formatter

Binary Diffing

Bitlocker key tpm

OLE object exploitaiton

Abusing OAUTH

Trickbot Webinjects analysis

Segment Selectors and Segmentation Registers

Linux System Call Tracer:

https://github.com/7etsuo/windows-api-function-cheatsheets
https://tij.me/blog/harvesting-active-directory-credentials-via-http-request-smuggling/
https://x.com/7etsuo/status/1823584755398664370
https://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x0-debugging.html
http://blog.k3170makan.com/2020/11/linux-kernel-exploitation-0x1-smashing.html
https://blog.k3170makan.com/2021/01/linux-kernel-exploitation-0x2.html
https://github.com/sagishahar/lpeworkshop?tab=readme-ov-file
https://github.com/Anon-Exploiter/SUID3NUM
https://exploiter.dev/blog/2022/FUSE-exploit.html
https://guif.re/linuxeop
https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
https://sh4dy.com/2024/08/03/beetracer/
https://anvbis.au/posts/code-execution-in-chromiums-v8-heap-sandbox/
https://x.com/0xor0ne/status/1818663168517767544
https://medium.com/@TalBeerySec/revealing-the-inner-structure-of-aws-session-tokens-a6c76469cba7
https://www.matteomalvica.com/blog/2024/06/05/intro-v8-exploitation-maglev/
https://x.com/7etsuo/status/1816285806547591371
https://x.com/SquiblydooBlog/status/1811003687566754034
https://x.com/7etsuo/status/1810523604217639357
https://aas-s3curity.gitbook.io/cheatsheet/internalpentest/active-directory
https://evanconnelly.github.io/post/ios-oauth/
https://blog.qdsecurity.se/2024/04/07/forest-compromise-through-ama-abuse/
https://8ksec.io/arm-64-reversing-and-exploitation-series/
https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations
https://www.x86matthew.com/view_post?id=ntsockets
https://securitycipher.com/docs/security/penetration-testing-tricks/
https://hackingthe.cloud/
https://azr43lkn1ght.github.io/Malware%20Development,%20Analysis%20and%20DFIR%20Series%20-%20Part%20III/
https://x.com/0xor0ne/status/1797297237032153478
https://blog.quarkslab.com/dji-the-art-of-obfuscation.html
https://linux-kernel-labs.github.io/refs/heads/master/index.html
https://github.com/0xor0ne/awesome-list/tree/main
https://posts.specterops.io/fileless-uac-bypass-using-sdclt-exe-3e9f9ad4e2b3
https://dtsec.us/2023-09-15-StackSpoofin/
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/trusted-signing-is-in-public-preview/ba-p/4103457
https://xmind.ai/share/uA1rWwCT
https://www.enea.com/insights/the-hunt-for-hiddenart/
https://techcommunity.microsoft.com/t5/fasttrack-for-azure/the-ultimate-guide-to-deciphering-azure-agents-defender-for/ba-p/4111480
https://github.com/memN0ps/redlotus-rs
https://github.com/SysSec-KAIST/LTESniffer
https://niespodd.github.io/browser-fingerprinting/
https://github.com/luluhoc/akamai_v2_toolkit
https://github.com/xvertile/akamai-bmp-generator
https://github.com/HypePhilosophy/Akamai_Sensor_Generator
https://github.com/d4c5d1e0/hcaptcha
https://cybercx.co.nz/blog/bypassing-bios-password/
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
https://sensepost.com/blog/2022/sim-hijacking/
https://knifecoat.com/Posts/ObjectDataProvider+Deserialization+using+a+Xaml+Formatter
http://diffing.quarkslab.com/
https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/
https://github.com/edwardzpeng/presentations/tree/main/POC%202023
https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts
https://unit42.paloaltonetworks.com/banking-trojan-techniques/
https://pokhym.com/2016/12/31/segment-selectors-and-segmentation-registers/
https://enigma0x3.net/
https://www.cybereason.com/blog/dcom-lateral-movement-techniques
https://securityonline.info/cve-2024-8105-an-uefi-flaw-putting-millions-of-devices-at-risk/
https://0xinfection.github.io/reversing/
https://github.com/enigma0x3/Misc-PowerShell-Stuff/blob/master/Get-ScheduledTaskComHandler.ps1
https://github.com/3gstudent/COM-Object-hijacking
https://github.com/nccgroup/acCOMplice
https://bohops.com/2018/06/28/abusing-com-registry-structure-clsid-localserver32-inprocserver32/
https://pentestlab.blog/2020/05/20/persistence-com-hijacking/
https://void-stack.github.io/blog/post-VMUnprotect-PART1/
https://www.cencenelec.eu/areas-of-work/xfs_cwa15748_310_release/
https://web.archive.org/web/20230521082239/https://blog.threat.zone/deep-dive-into-the-threads-in-windows/
https://www.codeproject.com/Articles/662735/Internals-of-Windows-Thread
https://blog.deeb.ch/posts/how-edr-works/#intro
https://csandker.io/2021/01/10/Offensive-Windows-IPC-1-NamedPipes.html
https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
https://csandker.io/2022/05/24/Offensive-Windows-IPC-3-ALPC.html
https://csandker.io/
https://arm64.syscall.sh/
https://syscalls.mebeim.net/?table=x86/64/x64/latest
https://lolbas-project.github.io/#
https://www.loldrivers.io/