Useful-Links.md

Useful Links

• http://pentestmonkey.net/ - Lots of good info and tools here
• https://www.kitploit.com/ - Collection of pentesting tools
• https://danielmiessler.com/study/tcpdump/ - A tcpdump Tutorial and Primer
• https://www.reddit.com/r/netsec/ - Some good info here
• https://www.reddit.com/r/AskNetsec/ - ditto
• https://www.raymond.cc/blog/crack-or-decrypt-vnc-server-encrypted-password/ - Crack or Decrypt VNC Password
• http://www.hackvalue.nl/en/article/74/ – Learn to speak POP3 in one simple lesson
• https://www.rackaid.com/blog/linux-screen-tutorial-and-how-to/ - How To Use Linux Screen
• http://insidetrust.blogspot.com/2011/01/password-cracking-using-john-ripper-jtr.html - Password cracking with John
• http://www.tarasco.org/security/srvcheck/index.html - Security Services checker ( srvcheck )
• http://amolnaik4.blogspot.com/2012/05/sqlmap-operating-system-takeover.html - SQLMap - Operating System Takeover - Windows
• https://pen-testing.sans.org/blog/2014/07/08/sneaky-stealthy-su-in-web-shells - Sneaky Stealthy SU in (Web) Shells
• https://www.corelan.be/index.php/2011/07/14/mona-py-the-manual/ - Mona.py manual
• http://carnal0wnage.attackresearch.com/2010/05/playing-with-ms09-012-windows-local.html - Token Kidnapping (Churrasco)
• https://www.commonexploits.com/token-kidnapping-revenge/ - Token Kidnapping Revenge (Churraskito)
• https://www.commonexploits.com/unquoted-service-paths/ - Unquoted service paths/trusted paths

Port Scanning

• https://highon.coffee/blog/nmap-cheat-sheet/ - nmap cheat sheet
• https://github.com/superkojiman/onetwopunch - Onetwopunch
• http://kalilinuxtutorials.com/unicornscan/ - Unicornscan

Shells and payloads

• https://joncraton.org/blog/46/netcat-for-windows/ - Nc for Windows
• http://netsec.ws/?p=331 - Creating Metasploit Payloads
• https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/ - Upgrading simple shells to fully interactive TTYs
• https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/ - Linux Shells Using Built-in Tools
• https://pen-testing.sans.org/blog/2012/06/06/escaping-restricted-linux-shells - Escaping Restricted Linux Shells

Pivoting

• https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/ - SSH & Meterpreter Pivoting Techniques
• https://artkond.com/2017/03/23/pivoting-guide/ - A Red Teamer's guide to pivoting

Post Exploit:

• https://docs.google.com/document/d/1ObQB6hmVvRPCgPTRZM5NMH034VDM-1N-EWPRz2770K4/edit?hl=en_US - Linux/Unix/BSD Post-Exploitation Command List (mubix)
• https://docs.google.com/document/d/1U10isynOpQtrIK6ChuReu-K1WHTJm4fgG3joiuz43rw/edit?hl=en_US# - Windows Post-Exploitation Command Execution (mubix)
• https://adsecurity.org/?p=2362 - Attack Methods for Gaining Domain Admin Rights in Active Directory

File Transfers

• https://nakkaya.com/2009/04/15/using-netcat-for-file-transfers/ - Using NC for file transfers
• https://blog.ropnop.com/transferring-files-from-kali-to-windows/ - Transferring Files from Linux to Windows

Essential FireFox Addons:

• https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/ - Cookies Manager+
• https://addons.mozilla.org/en-US/firefox/addon/tamper-data/ - Tamper Data