A collection of security notes and procedures to be used during pentests/red team assessments. Don't expect to find detailed explanations of techniques since this is meant to be a collection of cheatsheets and not a full fledged guide.
Includes information from a variety of resources such as OSCP, eLearn preparation material for eWPT and eWPTX exams, TryHackMe.com and Burp Academy as well as the result of countless hours of research in the darkest corners of the internet and good old trial and error
Main GitBook link: https://security-notes.gitbook.io/security-notes/
GitHub repository: https://github.com/fborsani/security-notes
These notes cover the following topics:
- Network scan, exposed services and port forwarding
- Windows and Linux quick commands and administration
- Buffer Overflow
- Linux privilege escalation
- Windows privilege escalation
- Active Directory enumeration, pivoting and persistence
- Web application pentesting
- Attacking common AWS services