Ellie's cheatsheet & resource dump

1. ## General Resources:
2.  
3. - [The Book of Secret Knowledge](https://github.com/trimstray/the-book-of-secret-knowledge)
4. - [VX Underground](https://www.vx-underground.org/)
5. - [Security List](https://github.com/ByteHackr/SecurityList)
6. - [HackerOne](https://www.hackerone.com/)
7. - [HackTricks](https://book.hacktricks.xyz/welcome/readme)
8. - [MITRE ATT&CK](https://attack.mitre.org/)
9. - [Ired Team](https://www.ired.team/)
10. - [Sec-Consult](https://sec-consult.com/)
11. - [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)
12. - [Awesome Pentest](https://github.com/sundaysec/awesome-pentest)
13. - [OWASP Cheat Sheets](https://cheatsheetseries.owasp.org/)
14. - [Enumeration Guide](https://github.com/beyondtheoryio/Enumeration-Guide)
15. - [Exploit Notes](https://exploit-notes.hdks.org/)
16. - [Kernel Exploits](https://github.com/lucyoa/kernel-exploits)
17. - [The Concise Blue Team Cheat Sheets](https://itblogr.com/wp-content/uploads/2020/04/The-Concise-Blue-Team-cheat-Sheets.pdf)
18. - [Bug Bounty Hunting](https://www.bugbountyhunting.com/)
19. - [The Hacker Recipes](https://www.thehacker.recipes/)
20. - [Pentester Academy](https://www.pentesteracademy.com/topics)
21. - [Infosec Institute Resources](https://resources.infosecinstitute.com/topics/)
22. - [Infosec Writeups](https://infosecwriteups.com/)
23. - [SecurityTube](http://www.securitytube.net/listing?type=popular)
24. - [CTF 101](https://ctf101.org/)
25. - [Crypto Cat CTF](https://github.com/Crypto-Cat/CTF)
26. - [Red Team Toolkit](https://github.com/HildeTeamTNT/Red-Teaming-Toolkit)
27.  
28. ## Active Directory & Red Teaming:
29.  
30. - [AD Attack Defense](https://github.com/infosecn1nja/AD-Attack-Defense)
31. - [Active Directory Exploitation Cheat Sheet](https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet/tree/master)
32. - [Red Team Handbook](https://kwcsec.gitbook.io/the-red-team-handbook/)
33. - [Red Team Infrastructure Wiki](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki)
34. - [Red Team Cheat Sheet](https://github.com/0xJs/RedTeaming_CheatSheet)
35. - [Red Team Recipe](https://redteamrecipe.com/)
36. - [Red Team Guides](https://book.redteamguides.com/)
37. - [Attacking & Securing Active Directory](https://rmusser.net/docs/index.html#/./Active_Directory?id=active-directory)
38. - [Windows & Active Directory Exploitation Cheat Sheet](https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/)
39. - [Sudoninja Book](https://sudoninja.gitbook.io/sudoninjabook/)
40. - [HTB Academy CPTS](https://nukercharlie.gitbook.io/htb-academy-cpts)
41. - [Internal All The Things](https://swisskyrepo.github.io/InternalAllTheThings/)
42. - [AD Attack & Defense](https://github.com/infosecn1nja/AD-Attack-Defense)
43.  
44. ## Reverse Engineering:
45.  
46. - [Applied Reverse Engineering Series](https://revers.engineering/applied-reverse-engineering-series/)
47. - [Reversing](https://0xinfection.github.io/reversing/)
48.  
49. ## Web Pentesting:
50.  
51. - [Total OSCP Guide](https://sushant747.gitbooks.io/total-oscp-guide/content/)
52. - [Web Pentesting Enumeration](https://csbygb.gitbook.io/pentips/web-pentesting/enumeration)
53. - [Master Web Penetration Testing](https://infosecwriteups.com/master-web-penetration-testing-essential-resources-to-get-started-today-47bf90c3137d)
54. - [Pentest Lab](https://pentestlab.blog/)
55.  
56. ## Miscellaneous:
57.  
58. - [Dark Vortex Blog](https://0xdarkvortex.dev/blogs/)
59. - [Lolbas Project](https://lolbas-project.github.io/#)
60. - [Cobalt Blog](https://www.cobalt.io/blog)
61. - [Outflank Publications](https://www.outflank.nl/blog/)
62. - [Hacking Life](https://amandaguglieri.github.io/hackinglife/)
63. - [Apriorit Dev Blog](https://www.apriorit.com/dev-blog)
64. - [Crypt0ace](https://crypt0ace.github.io/)
65. - [Info-Sec Docs](https://docs.azumi.fr/)
66. - [Infinitelogins](https://infinitelogins.com/)
67. - [Hideandsec](https://hideandsec.sh/)
68. - [Zero Infection](https://0xd4y.com/)
69. - [Red Fox Security](https://redfoxsec.com/blog/category/red-team/)
70. - [Repos ZENK](https://repo.zenk-security.com/)
71. - [Burmat](https://burmat.gitbook.io/security/)
72. - [Pwn College](https://pwn.college/)
73. - [Security Reference Guide](https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/grey-privacy-tor-opsec)
74. - [Reversing](https://0xinfection.github.io/reversing/)
75. - [The Pentesting Guide](https://the-pentesting-guide.marmeus.com/)
76. - [Infosec Reference](https://github.com/rmusser01/Infosec_Reference)
77. - [Guy in a Tuxedo](https://guyinatuxedo.github.io/index.html)
78. - [AD Exploitation Cheat Sheet](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet)
79. - [Attacking AD](https://zer1t0.gitlab.io/posts/attacking_ad/)
80. - [WADCOMS](https://wadcoms.github.io/)
81. - [Windows Security](https://unprotect.it/map/)
82. - [Active Directory Exploitation](https://vladtoie.gitbook.io/secure-coding/client-side/xss)
83. - [Active Directory Exploitation](https://github.com/yeyintminthuhtut/Awesome-Red-Teaming)
84.  
85.  
86. ### Tools and Repositories:
87. https://github.com/Cn33liz/p0wnedLoader
88.  
89. https://rastamouse.me/2018/05/csharp-dotnettojscript-xsl/
90.  
91. https://github.com/Arno0x/PowerShellScripts
92.  
93. https://github.com/cobbr/PSAmsi/wiki/Introduction-To-PSAmsi
94.  
95. https://github.com/secabstraction/WmiSploit
96.  
97. ### More Resources:
98.  
99. https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
100.  
101. https://tyranidslair.blogspot.com/2018/06/disabling-amsi-in-jscript-with-one.html
102.  
103. https://oddvar.moe/
104.  
105. https://www.fortynorthsecurity.com/building-a-windows-defender-application-control-lab/
106.  
107. https://posts.specterops.io/threat-detection-using-windows-defender-application-control-device-guard-in-audit-mode-602b48cd1c11
108.  
109. https://www.mdsec.co.uk/2018/06/exploring-powershell-amsi-and-logging-evasion/
110.  
111. https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard
112.  
113. http://www.exploit-monday.com/2018/06/device-guard-and-application.html
114.  
115. https://lolbas-project.github.io/#
116.  
117. https://www.contextis.com/en/blog/amsi-bypass
118.  
119. ### References:
120.  
121. - [SNEAKING PAST DEVICE GUARD - Cybereason - Philip Tsukerman](https://troopers.de/downloads/troopers19/TROOPERS19_AR_Sneaking_Past_Device_Guard.pdf)
122. - [PowerShell about_Logging_Windows - Microsoft Documentation](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_logging_windows?view=powershell-7.3)
123. - [Do You Really Know About LSA Protection (RunAsPPL)? - itm4n - Apr 7, 2021](https://itm4n.github.io/lsass-runasppl/)
124. - [Determine the Enterprise Context of an app running in Windows Information Protection (WIP) - 03/10/2023 - Microsoft](https://learn.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/wip-app-enterprise-context)
125. - [Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate - 12/09/2022 - Microsoft](https://learn.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate)
126. - [DISABLING AV WITH PROCESS SUSPENSION - March 24, 2023 - By Christopher Paschen](https://www.trustedsec.com/blog/disabling-av-with-process-suspension/)
127. - [Disabling Event Tracing For Windows - UNPROTECT PROJECT - Tuesday 19 April 2022](https://unprotect.it/technique/disabling-event-tracing-for-windows-etw/)
128. - [ETW: Event Tracing for Windows 101 - ired.team](https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/etw-event-tracing-for-windows-101)
129. - [Remove Windows Defender Application Control (WDAC) policies - Microsoft - 12/09/2022](https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies)