Skip to content

Everything needed for doing CTFs

Notifications You must be signed in to change notification settings

Shiva108/CTF-notes

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Project tree

.

  • Everything-OSCP(./Everything-OSCP)
    • Checklists(./Everything-OSCP/Checklists)
    • Linux Post exploitation(./Everything-OSCP/Linux Post exploitation)
    • Windows buffer overflow(./Everything-OSCP/Windows buffer overflow)
    • Windows Post exploitation(./Everything-OSCP/Windows Post exploitation)
  • pentestbook(./pentestbook)
    • assets(./pentestbook/assets)
    • physical_access_to_machine(./pentestbook/physical_access_to_machine)
    • styles(./pentestbook/styles)
    • writeups(./pentestbook/writeups)
  • AwesomeXSS(./AwesomeXSS)
    • Database(./AwesomeXSS/Database)
  • resource-threat-hunting(./resource-threat-hunting)
  • Offensive-Security-OSCP-Cheatsheets(./Offensive-Security-OSCP-Cheatsheets)
    • ctfs-walkthroughs(./Offensive-Security-OSCP-Cheatsheets/ctfs-walkthroughs)
    • lab(./Offensive-Security-OSCP-Cheatsheets/lab)
    • memory-forensics(./Offensive-Security-OSCP-Cheatsheets/memory-forensics)
    • offensive-security(./Offensive-Security-OSCP-Cheatsheets/offensive-security)
    • offensive-security-experiments(./Offensive-Security-OSCP-Cheatsheets/offensive-security-experiments)
  • SCADA PLC ICS Pentest PDFs(./SCADA PLC ICS Pentest PDFs)
    • awesome-industrial-control-system-security(./SCADA PLC ICS Pentest PDFs/awesome-industrial-control-system-security)
  • PayloadsAllTheThings(./PayloadsAllTheThings)
    • AWS Amazon Bucket S3(./PayloadsAllTheThings/AWS Amazon Bucket S3)
    • Command Injection(./PayloadsAllTheThings/Command Injection)
    • CRLF Injection(./PayloadsAllTheThings/CRLF Injection)
    • CSRF Injection(./PayloadsAllTheThings/CSRF Injection)
    • CSV Injection(./PayloadsAllTheThings/CSV Injection)
    • CVE Exploits(./PayloadsAllTheThings/CVE Exploits)
    • Directory Traversal(./PayloadsAllTheThings/Directory Traversal)
    • SAML Injection(./PayloadsAllTheThings/SAML Injection)
    • File Inclusion(./PayloadsAllTheThings/File Inclusion)
    • GraphQL Injection(./PayloadsAllTheThings/GraphQL Injection)
    • Insecure Deserialization(./PayloadsAllTheThings/Insecure Deserialization)
    • Insecure Direct Object References(./PayloadsAllTheThings/Insecure Direct Object References)
    • Insecure Management Interface(./PayloadsAllTheThings/Insecure Management Interface)
    • Insecure Source Code Management(./PayloadsAllTheThings/Insecure Source Code Management)
    • JSON Web Token(./PayloadsAllTheThings/JSON Web Token)
    • LaTeX Injection(./PayloadsAllTheThings/LaTeX Injection)
    • LDAP Injection(./PayloadsAllTheThings/LDAP Injection)
    • Methodology and Resources(./PayloadsAllTheThings/Methodology and Resources)
    • NoSQL Injection(./PayloadsAllTheThings/NoSQL Injection)
    • OAuth(./PayloadsAllTheThings/OAuth)
    • Open Redirect(./PayloadsAllTheThings/Open Redirect)
    • Server Side Request Forgery(./PayloadsAllTheThings/Server Side Request Forgery)
    • Server Side Template Injection(./PayloadsAllTheThings/Server Side Template Injection)
    • SQL Injection(./PayloadsAllTheThings/SQL Injection)
    • _template_vuln(./PayloadsAllTheThings/_template_vuln)
    • Type Juggling(./PayloadsAllTheThings/Type Juggling)
    • Upload Insecure Files(./PayloadsAllTheThings/Upload Insecure Files)
    • Web Cache Deception(./PayloadsAllTheThings/Web Cache Deception)
    • Web Sockets(./PayloadsAllTheThings/Web Sockets)
    • XPATH Injection(./PayloadsAllTheThings/XPATH Injection)
    • XSS Injection(./PayloadsAllTheThings/XSS Injection)
    • XXE Injection(./PayloadsAllTheThings/XXE Injection)
  • Bypassing-Web-Application-Firewalls(./Bypassing-Web-Application-Firewalls)
  • Hydra-Cheatsheet(./Hydra-Cheatsheet)
  • Powershell-Cheatsheet(./Powershell-Cheatsheet)
  • Active-Directory-Fun(./Active-Directory-Fun)
  • oscp(./oscp)
    • recon_enum(./oscp/recon_enum)
    • reports(./oscp/reports)
    • templates(./oscp/templates)
  • xapax.github.io(./xapax.github.io)
    • css(./xapax.github.io/css)
    • img(./xapax.github.io/img)
    • js(./xapax.github.io/js)
    • reveng(./xapax.github.io/reveng)
  • Awesome-Hacking-Resources(./Awesome-Hacking-Resources)
  • Books(./Books)
  • Notes VA(./Notes VA)
    • lpeworkshop(./Notes VA/lpeworkshop)
  • OSCPRepo(./OSCPRepo)
    • CheetSheets(./OSCPRepo/CheetSheets)
    • Local Info Enum(./OSCPRepo/Local Info Enum)
    • PDFs&Documents(./OSCPRepo/PDFs&Documents)
    • Priv Esc Checks(./OSCPRepo/Priv Esc Checks)
    • Process&Methodology(./OSCPRepo/Process&Methodology)
    • Reporting(./OSCPRepo/Reporting)
    • Scanning&Recon(./OSCPRepo/Scanning&Recon)
    • Tools(./OSCPRepo/Tools)
    • KeepNotes(./OSCPRepo/KeepNotes)
    • lists(./OSCPRepo/lists)
    • scripts(./OSCPRepo/scripts)
  • OSCP-Materials-master(./OSCP-Materials-master)
    • Cheat Sheets(./OSCP-Materials-master/Cheat Sheets)
    • Linux Privilege Escalation and Post Exploitation(./OSCP-Materials-master/Linux Privilege Escalation and Post Exploitation)
    • Metasploit-Meterpreter-Msfvenom(./OSCP-Materials-master/Metasploit-Meterpreter-Msfvenom)
    • PASSWORD CRACKING and Usefull TOOLS and Commands(./OSCP-Materials-master/PASSWORD CRACKING and Usefull TOOLS and Commands)
    • SHELLCODE and Buffer Over Flow(./OSCP-Materials-master/SHELLCODE and Buffer Over Flow)
    • Understand Privilege Escalation(./OSCP-Materials-master/Understand Privilege Escalation)
    • Window Privilege Escalation and Post Exploitation(./OSCP-Materials-master/Window Privilege Escalation and Post Exploitation)
  • ctf(./ctf)
    • natas(./ctf/natas)
  • metasploit scripts(./metasploit scripts)
  • penbook(./penbook)
    • assets(./penbook/assets)
    • physical_access_to_machine(./penbook/physical_access_to_machine)
    • styles(./penbook/styles)
    • writeups(./penbook/writeups)
  • python-pty-shells-master(./python-pty-shells-master)
  • liodeus.github.io(./liodeus.github.io)
    • assets(./liodeus.github.io/assets)
    • _includes(./liodeus.github.io/_includes)
    • _layouts(./liodeus.github.io/_layouts)
    • _posts(./liodeus.github.io/_posts)
  • OSEP-Code-Snippets(./OSEP-Code-Snippets)
    • AppLocker Bypass PowerShell Runspace(./OSEP-Code-Snippets/AppLocker Bypass PowerShell Runspace)
    • Fileless Lateral Movement(./OSEP-Code-Snippets/Fileless Lateral Movement)
    • Linux Shellcode Encoder(./OSEP-Code-Snippets/Linux Shellcode Encoder)
    • Linux Shellcode Loaders(./OSEP-Code-Snippets/Linux Shellcode Loaders)
    • MiniDump(./OSEP-Code-Snippets/MiniDump)
    • MSSQL(./OSEP-Code-Snippets/MSSQL)
    • PrintSpoofer.NET(./OSEP-Code-Snippets/PrintSpoofer.NET)
    • ROT Shellcode Encoder(./OSEP-Code-Snippets/ROT Shellcode Encoder)
    • Sections Shellcode Process Injector(./OSEP-Code-Snippets/Sections Shellcode Process Injector)
    • Shellcode Process Hollowing(./OSEP-Code-Snippets/Shellcode Process Hollowing)
    • Shellcode Process Injector(./OSEP-Code-Snippets/Shellcode Process Injector)
    • Simple Shellcode Runner(./OSEP-Code-Snippets/Simple Shellcode Runner)
    • XOR Shellcode Encoder(./OSEP-Code-Snippets/XOR Shellcode Encoder)
  • pentest_notebook(./pentest_notebook)
    • Active Directory(./pentest_notebook/Active Directory)
    • Blue Team(./pentest_notebook/Blue Team)
    • Cheatsheets(./pentest_notebook/Cheatsheets)
    • Code snippets(./pentest_notebook/Code snippets)
    • Consultation(./pentest_notebook/Consultation)
    • DFIR(./pentest_notebook/DFIR)
    • Metasploit(./pentest_notebook/Metasploit)
    • Mind Maps(./pentest_notebook/Mind Maps)
    • Mobile Pentest(./pentest_notebook/Mobile Pentest)
    • Networking(./pentest_notebook/Networking)
    • Network Pentest(./pentest_notebook/Network Pentest)
    • Privilege Escalation(./pentest_notebook/Privilege Escalation)
    • SCREENSHOTS(./pentest_notebook/SCREENSHOTS)
    • Scripts(./pentest_notebook/Scripts)
    • Testing Checklists(./pentest_notebook/Testing Checklists)
    • VA SCAN CONFIG(./pentest_notebook/VA SCAN CONFIG)
    • Web Pentest(./pentest_notebook/Web Pentest)
    • WIFI Pentest(./pentest_notebook/WIFI Pentest)
  • Awesome-Advanced-Windows-Exploitation-References(./Awesome-Advanced-Windows-Exploitation-References)
  • Buffer_Overflow(./Buffer_Overflow)
    • Screenshots(./Buffer_Overflow/Screenshots)
  • Cheatsheet-God(./Cheatsheet-God)
  • Linux-Privilege-Escalation(./Linux-Privilege-Escalation)
  • MSF-Venom-Cheatsheet(./MSF-Venom-Cheatsheet)
  • OSCP-Exam-Report-Template(./OSCP-Exam-Report-Template)
  • Red-Team-Infrastructure-Wiki(./Red-Team-Infrastructure-Wiki)
    • images(./Red-Team-Infrastructure-Wiki/images)
  • security-cheatsheets(./security-cheatsheets)
  • Open-Source-Security-List-(./Open-Source-Security-List-)
  • awesome-mitre-attack(./awesome-mitre-attack)
  • escalationserver(./escalationserver)
    • AutoLocalPrivilegeEscalation(./escalationserver/AutoLocalPrivilegeEscalation)
    • BeRoot(./escalationserver/BeRoot)
    • JAWS(./escalationserver/JAWS)
    • kernelpop(./escalationserver/kernelpop)
    • linux-smart-enumeration(./escalationserver/linux-smart-enumeration)
    • mimikatz(./escalationserver/mimikatz)
    • Powerless(./escalationserver/Powerless)
    • PowerLessShell(./escalationserver/PowerLessShell)
    • PowerSploit(./escalationserver/PowerSploit)
    • Privesc(./escalationserver/Privesc)
    • PrivEsc(./escalationserver/PrivEsc)
    • pypykatz(./escalationserver/pypykatz)
  • pentest-book(./pentest-book)
    • exploitation(./pentest-book/exploitation)
    • enumeration(./pentest-book/enumeration)
    • img(./pentest-book/img)
    • mobile(./pentest-book/mobile)
    • others(./pentest-book/others)
    • post-exploitation(./pentest-book/post-exploitation)
    • recon(./pentest-book/recon)
    • sections(./pentest-book/sections)
  • pentest_compilation(./pentest_compilation)
    • Phishing(./pentest_compilation/Phishing)
    • PostExplotation(./pentest_compilation/PostExplotation)
    • Recon(./pentest_compilation/Recon)
    • Shells(./pentest_compilation/Shells)
    • WebVulnerabilities(./pentest_compilation/WebVulnerabilities)
  • PENTESTING-BIBLE(./PENTESTING-BIBLE)
    • 1-part-100-article(./PENTESTING-BIBLE/1-part-100-article)
    • 10-part-100-article(./PENTESTING-BIBLE/10-part-100-article)
    • 11-part-24-article(./PENTESTING-BIBLE/11-part-24-article)
    • 2-part-100-article(./PENTESTING-BIBLE/2-part-100-article)
    • 2(./PENTESTING-BIBLE/2)
    • 3-part-100-article(./PENTESTING-BIBLE/3-part-100-article)
    • 4-part-100-article(./PENTESTING-BIBLE/4-part-100-article)
    • 5-part-100-article(./PENTESTING-BIBLE/5-part-100-article)
    • 6-part-100-article(./PENTESTING-BIBLE/6-part-100-article)
    • 7-part-100-article(./PENTESTING-BIBLE/7-part-100-article)
    • 8-part-100-article(./PENTESTING-BIBLE/8-part-100-article)
    • 9-part-100-article(./PENTESTING-BIBLE/9-part-100-article)
    • latest_articles(./PENTESTING-BIBLE/latest_articles)
    • new(./PENTESTING-BIBLE/new)
  • amr-git-dot.github.io(./amr-git-dot.github.io)
    • _includes(./amr-git-dot.github.io/_includes)
    • _layouts(./amr-git-dot.github.io/_layouts)
    • _pages(./amr-git-dot.github.io/_pages)
    • _sass(./amr-git-dot.github.io/_sass)
    • assets(./amr-git-dot.github.io/assets)
    • _data(./amr-git-dot.github.io/_data)
    • _posts(./amr-git-dot.github.io/_posts)
  • zer1t0.gitlab.io(./zer1t0.gitlab.io)
    • archetypes(./zer1t0.gitlab.io/archetypes)
    • content(./zer1t0.gitlab.io/content)
    • layouts(./zer1t0.gitlab.io/layouts)
    • static(./zer1t0.gitlab.io/static)
  • Active-Directory-Exploitation-Cheat-Sheet(./Active-Directory-Exploitation-Cheat-Sheet)
  • OSEP(./OSEP)
    • Bypass_Defender(./OSEP/Bypass_Defender)
    • Lateral_Movement(./OSEP/Lateral_Movement)
    • MSSQL(./OSEP/MSSQL)
    • Payloads(./OSEP/Payloads)
  • Pentest-Everything(./Pentest-Everything)
    • to-do-wip(./Pentest-Everything/to-do-wip)
    • writeups(./Pentest-Everything/writeups)
    • everything(./Pentest-Everything/everything)
    • resources(./Pentest-Everything/resources)
    • wip-osint(./Pentest-Everything/wip-osint)
  • RedTeaming_CheatSheet(./RedTeaming_CheatSheet)
    • cloud(./RedTeaming_CheatSheet/cloud)
    • coding(./RedTeaming_CheatSheet/coding)
    • infrastructure(./RedTeaming_CheatSheet/infrastructure)
    • windows-ad(./RedTeaming_CheatSheet/windows-ad)
  • tbhm(./tbhm)
    • v4(./tbhm/v4)
  • pronotes(./pronotes)
  • oscp-pre-preparation-plan-and-notes(./oscp-pre-preparation-plan-and-notes)
  • active-directory-pentest(./active-directory-pentest)
  • AD-Attack-Defense(./AD-Attack-Defense)
  • Security-Reference-Guide(./Security-Reference-Guide)
    • blue-defense(./Security-Reference-Guide/blue-defense)
    • code-tools(./Security-Reference-Guide/code-tools)
    • cyber-intelligence(./Security-Reference-Guide/cyber-intelligence)
    • dfir-digital-forensics-and-incident-response(./Security-Reference-Guide/dfir-digital-forensics-and-incident-response)
    • grey-privacy-tor-opsec(./Security-Reference-Guide/grey-privacy-tor-opsec)
    • red-offensive(./Security-Reference-Guide/red-offensive)
    • security-logging(./Security-Reference-Guide/security-logging)
    • training(./Security-Reference-Guide/training)
    • web-app-hacking(./Security-Reference-Guide/web-app-hacking)
  • port-forwarding(./port-forwarding)
  • Checklists(./Checklists)
  • Windows-Privilege-Escalation(./Windows-Privilege-Escalation)
  • Web-CTF-Cheatsheet(./Web-CTF-Cheatsheet)
    • scripts(./Web-CTF-Cheatsheet/scripts)