Exploit Notes Summary
Overview
Important Pages
Categories and Techniques
Reconnaissance
- Techniques for gathering information including email analysis, finding leaked API keys, GitHub and Google dorks, subdomain discovery and takeover, OSINT, port scanning, and more.
Linux
- Exploitation techniques for Linux systems, including privilege escalation, file transfer, and backdoors.
Windows
- Windows-specific exploitation techniques like privilege escalation, MSRPC pentesting, PowerShell policy bypass, and SMB pentesting.
Web
- Web application security tests, such as AJP pentesting, directory traversal, cookie hijacking, and Burp Suite troubleshooting.
Network
- Network-level pentesting, including protocols like SNMP, FTP, NFS, and tools like Tshark.
Reverse Engineering
- Techniques for analyzing binaries and debug processes, including JAR, ELF, and PE reversing, and WinDbg usage.
Database
- Database security testing for various systems like MSSQL, MongoDB, InfluxDB, Redis, and more.
Cryptography
- Covers cryptographic operations like AES, GPG, and bitwise operations, with scripting in Python.
Malware
- Malware analysis techniques, including evasion, static and dynamic analysis, and supply chain attacks.
Blockchain
- Smart contract exploitation and blockchain security practices, including Solidity vulnerabilities.
Machine Learning
- Security in machine learning systems, adversarial attacks, data manipulation, and model analysis.
Conclusion
- Techniques & Cheatsheets: Provides useful references for security professionals.
- Support: Encourages donations through platforms like Buy Me a Coffee and Ko-fi.
For further information and detailed guides on each technique or tool, visit the respective pages linked in each section. This resource is continuously updated to keep up with the latest in cybersecurity trends and methods.