https://hackerone.com/h1-415-ctf -> #ctf #hackerone
https://github.com/CJHackerz/ReverseSh3LL_As_R00tkit -> #kernel #reverseshell
https://github.com/ffuf/ffuf -> #web #fuzzer
https://github.com/0xb0bb/pwndra -> #ghidra
https://subinsb.com/default-device-ttl-values/ -> #default #ttl #fingerprint
https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/ -> #sql #injection #filters
http://blog.digital-horror.com/exploiting-microsoft-iis-tilde-enumeration/ -> #microsoft #iis #shortname
https://iwantmore.pizza/posts/ctp-osce-guide.html -> #osce
https://medium.com/@kamran.bilgrami/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f -> #ad #windows
https://miloserdov.org/?p=3867 -> #DS_Store
https://www.sc0tfree.com/sc0tfree-blog/optimizing-rubber-ducky-attacks-with-empire-stagers -> #rubberducky
https://vincentyiu.com/red-team-tips -> #tips #redteam
https://www.peerlyst.com/posts/the-best-resources-for-learning-exploit-development -> #resources #exploitation
https://medium.com/@sangeeta.igit/pool-of-resources-for-oscp-28d0dea9e5ed -> #oscp #resources
https://github.com/ssh3ll/Windows-10-Hardening -> #windows #hardening
https://medium.com/walmartlabs/reverse-engineering-an-obfuscated-malicious-macro-3fd4d4f9c439 -> #macros #oletools #reversing
https://posts.xh4h.com -> #blog
https://blog.blazeinfosec.com/leveraging-web-application-vulnerabilities-to-steal-ntlm-hashes-2/amp -> #web #ntlm #responder
https://github.com/api0cradle/UltimateAppLockerByPassList/blob/master/Generic-AppLockerbypasses.md -> #applocker #bypass
https://prune2000.github.io/tools/pentest -> #tools #list #collection
https://www.owasp.org/images/a/a5/2018-02-05-AhmadAshraff.pdf -> #timing #web
https://w3challs.com/index.php -> #challenges
https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty -> #bugbounty
https://anee.me/reversing-a-real-world-249-bytes-backdoor-aadd876c0a32 -> #reversing
https://github.com/ambionics/phpggc -> #unserialize #php
https://github.com/stunn4/securitynotes/tree/master/binary/linux/x86/fusion -> #fusion #exercises
https://exploit-exercises.lains.space/fusion/ -> #exercises
https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite -> #privesc
https://github.com/juliocesarfort/public-pentesting-reports -> #pentest #reports
https://decoder.cloud/2019/12/12/from-iphone-to-nt-authoritysystem/amp -> #windows
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=43 -> #research #api #tim
https://blahcat.github.io/2018/03/11/fuzzing-arbitrary-functions-in-elf-binaries/ -> #fuzzing
https://www.reddit.com/r/HowToHack/comments/e7k4pu/xss_mind_map_by_jackmasa -> #xss #mindmap
https://github.com/infosecn1nja/AD-Attack-Defense/blob/master/README.md -> #windows #ad #activedirectory
https://www.slideshare.net/DirkjanMollema/aclpwn-active-directory-acl-exploitation-with-bloodhound -> #acl #pwn #windows
https://www.ernw.de/download/BloodHoundWorkshop/ERNW_DogWhispererHandbook.pdf -> #bloodhound
https://www.offensive-security.com/offsec/analyzing-a-creative-attack-chain -> #offsec
https://labs.portcullis.co.uk/blog/se-and-you/ -> #windows #permissions #se*
https://github.com/stunn4/securitynotes/tree/master/misc/privesc -> #checklist #basic #keepinmind
https://weakpass.com -> #bruteforce #wordlists
https://github.com/davtur19/DotGit -> #browsers #addon #git
https://lab.pentestit.ru/pentestlabs/14 -> #pentest
https://medium.com/@rudrasarkar/how-i-hacked-92k-users-information-using-open-s3-bucket-6471b30c1cf5 -> #aws #s3
https://sinhack.blog -> #blog
https://www.vulnhub.com/timeline -> #vulnhub #list
https://cybersecurity.upv.es/attacks/offset2lib/offset2lib.html -> #pwn #linux #pie
https://filippo.io/linux-syscall-table -> #linux #syscall #table
https://http.cat -> #miao
@exploitdbrss -> #exploitdb
https://github.com/OlivierLaflamme/Cheatsheet-God -> #cheatsheet
https://iwantmore.pizza/posts/quickzip-seh-win10-wow64.html -> #windows #binary
https://github.com/Xh4H/CanaryBrute3 -> #pwn #canary #x64
https://www.notsosecure.com/anatomy-of-a-hack-docker-registry/ -> #docker #APIs
https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/amp -> #shellcodes #windows #x64
https://georgeom.net/StegOnline/checklist -> #stego
https://iwantmore.pizza/posts/cve-2019-1414.html -> #vscode
https://github.com/psmiraglia/ctf/blob/master/kevgir/000-redis.md -> #redis #ssh
https://ironhackers.es/tutoriales/pwn-rop-bypass-nx-aslr-pie-y-canary/ -> #pwn #canary
https://made0x78.com/bseries-defeat-stack-cookies/ -> #binary #canary #pwn
http://microcorruption.com -> #reversing
https://morph3sec.com -> #blog
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=42 -> #xss2rce
https://blog.notso.pro/2019-10-24-tactical-debriefing1 -> #learned #offshore #hackthebox #c2 #pivoting
https://gist.github.com/superkojiman/b28c801a3b042072bc69 -> #ropprimer #binaries #pwn
https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a -> #kerberos #cheatsheet
https://github.com/kablaa/CTF-Workshop -> #challenges
https://github.com/stephenbradshaw/vulnserver -> #windows #binary
https://teckk2.github.io/category/Red%20Teaming.html -> #redteaming
https://iwantmore.pizza/posts/meterpreter-shellcode-inject.html -> #windows #mimikatz
https://medium.com/@hackerb0y/rest-framework-admin-panel-bypass-and-how-i-recon-for-this-vulnerability-a0ee41b01102 -> #bugbounty
https://labs.wizard-security.net is back! -> #ctf
https://ippsec.rocks -> #ippsec
https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en -> #binary #pwn #heap #cve
https://github.com/shellphish/how2heap -> #binary #pwn #heap
https://github.com/denisidoro/navi -> #cheatsheet
https://curl.haxx.se/h2c -> #curl #converter
https://github.com/incredibleindishell/SSRF_Vulnerable_Lab -> #web #ssrf
https://youtu.be/4uCoI5YzOwk -> #ctf #hackthebox #htb #crypto
https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell -> #windows #training
https://github.com/bkerler/exploit_me -> #pwn #binary #arm
@itsecalert -> #channel
https://iwantmore.pizza/posts/cve-2019-10392.html -> #jenkins
@FZSec -> #channel
https://ctf-wiki.github.io/ctf-wiki/pwn/linux/arm/arm_rop -> #pwn #arm #binary
https://exploitnetworking.com/security/il-mio-primo-pwn-arm -> #italian #pwn #arm #ret2libc
https://medium.com/@tarekmohamed_20773/add-new-user-with-admin-permission-and-takeover-the-organization-6318ee10154a -> #bugbounty
https://medium.com/@h4x0r101/damn-vulnerable-applications-c4e286832147 -> #training
https://polict.net/blog/web-tracking-via-http-cache-xs-leaks -> #xsleaks
https://medium.com/@fatin151485/how-i-found-my-first-stored-xss-on-popular-eboighar-com-6bd497b0bb96 -> #xss
https://ajinabraham.com/blog/exploiting-insecure-file-extraction-in-python-for-code-execution -> #python
https://quentinkaiser.be/exploitdev/2019/08/30/exploit-CVE-2019-1663 -> #binary #arm
https://www.systemtek.co.uk/2019/08/evilgnome-linux-backdoor -> #linux #backdoor
http://qira.me -> #binary
https://secgroup.dais.unive.it/teaching/security-course/format-strings/ -> #binary
https://docs.dbatools.io -> #mssql
https://www.kitploit.com/2019/08/theo-ethereum-recon-and-exploitation.html?m=1 -> #ethereum
https://github.com/xct/ropstar -> #binary #pwn
https://irumble.com/firsttweet -> #twitter
https://gitlab.com/NicoNex/echotron -> #telegram
https://github.com/Arvanaghi/CheckPlease -> #evasion
https://github.com/firmianay/Binary-Reading-List -> #binary
https://hackersonlineclub.com/mobile-security-penetration-testing/amp/ -> #mobile
https://medium.com/@antonioblescia/google-account-takeover-challenge-3f8af5873fc9 -> #challenge
https://github.com/bet4it/build-an-efficient-pwn-environment -> #pwn
https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c -> #opsec
https://cse.google.com/cse?q=+&cx=006368593537057042503:efxu7xprihg#gsc.tab=0&gsc.q=%20&gsc.page=1 -> #telegram
https://github.com/skelsec/pypykatz -> #windows
https://github.com/InQuest/awesome-yara/blob/master/README.md -> #detection
https://trustfoundry.net/basic-rop-techniques-and-tricks -> #pwn #rop
https://ijustwannared.team -> #redteaming
http://threatexpress.com -> #redteaming
https://github.com/d35ha/CallObfuscator -> #windows
https://github.com/o-o-overflow -> #pwn #binary
https://twitter.com/phraaaaaaa/status/1149252294392844288 -> #rustbuster
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325 -> #dns
https://youtu.be/bgr0VPxWIuY -> #bugbounty #web
https://github.com/areyou1or0/OSCP -> #oscp #linux #windows
https://medium.com/@markmotig/some-ways-to-dump-lsass-exe-c4a75fdc49bf -> #windows #lsass