Till Studer's Notes

Search CTRL + K

Till Studer's Notes

Search CTRL + K

01_Zettelkasten

Actionable Alerting

Active Directory Setup

Active Directory

Active Information Gathering

Add user to sudo

Address Resolution Protocol

Advanced Encryption Standard

Alert Prioritization Framework

Alerting and Detection Strategy Framework

Alexiou Principle

Analog Synthesizer

Anti-Virus Evasion Techniques

Antivirus Evasion

Asymmetric-Key Encryption

Audit Deamon Rules

Auto Updates with Unattended Upgrades

Bash History Tricks

Bash Scripting Basics

Breadth-first search

Buffer Overflow

Capability Abstraction

Cascading Styles Sheets

Challenges Unique to Information Security

Chord Inversion

Chord Progression

Circle of fifths

Client-Side Attacks

Common VST Plugins

Comparing Files

Comprehensive Detection

Connecting Hardware Synthesizer

Context Triggered Piecewise Hashes

Core Principles of DFIR

Crack the Hashes

Cross-Site Scripting

Customizing the Bash Environment

Cyber Kill Chain

Data Packets and Analysis

Defense in Depth

Detection as Code

Detection Backlog Prioritization

Detection Breadth and Depth

Detection Development Lifecycle

Detection Engineering

Detection Maturity Level Model

Detection Spectrum

Detection Template

Digital Audio Workstation

Digital Forensics

Directory Traversal Vulnerabilities

Downloading Files

Dunning Kruger effect

Dynamic Host Configuration Protocol

Editing Files from the Command Line

Elastic Stack Setup

Electronic Festivals Map

Electronic Music Production

Enable xterm.js on Proxmox VM

Equilateral of Exclusion Risk

Every Noise at Once

Exploiting Admin Consoles

Extend Windows Server Evaluation

Feynman Technique

File and Command Monitoring

File Inclusion Vulnerabilities

File Transfer Protocol

File Transfer Techniques

Firewall Evasion

Fixing Exploits

Force DHCP Client Release

Forward Secrecy

Frequency Analysis

Frequency Spectrum

Friendly Intelligence

Funnel of Fidelity

Get service overview of a individual host or network

HomeLab Networking

HyperText Markup Language

HyperText Transfer Protocol Secure

HyperText Transfer Protocol

Incident Response

Indicators of Compromise

Information Security

Install QEMU Guest Agent on Proxmox VM

Intelligence Architecture Mind Map

Internet Control Messaging Protocol

Internet Protocol

Ishkur's Guide to Electronic Music

Isolating Temporary VMs from the Home Network

Kevin Mitnick Lessons

Kusto Query Language

Linux Buffer Overflow

Linux Networking & Services

Linux Privileges

Locating Public Exploits

Malicious Microsoft Word Macro

Managing Processes

MSSQL Error Based SQLi Template

Network Address Translation

Network Protocols

Network Technologies

Open Systems Interconnection Model

Parallel Processing

Pareto Principle

Passive Information Gathering

Password Attacks

Passwordless SSH

Penetration Testing Workflow

Penetration Testing

Phishing Case Summary Template

Piping and Redirection

Port Address Translation

Post-Escalation Enumeration

Post-Exploitation Enumeration

PowerShell Scripting Basics

Principle of Least Privilege

Privilege Escalation

Proxmox Hardening

Public Attack Simulation Repos

Public Detection Rule Repos

Pyramid of Pain

Python Buffer Overflow Sample Script

Questions for Increasing Closeness

Recruiter Response

Remote Administration through Tailscale

Remote Command Execution

Risky User Template

Searching, Installing and Removing Tools

Secondary Percussion

Security by Obscurity

Security Engineering

Service Enumeration and Locating Public Exploits

Shift Handover Template

Sidechain Compression

Simple Case Summary Template

Simple Mail Transfer Protocol

Simple User Clarification Message

Software Development and Systems Engineering

Software Development Concepts and Principles

Symmetric-Key Encryption

Tactical to Functional

Tactics, Techniques & Procedures

Text Searching and Manipulation

The Security Mindset

The Zeigarnik effect can be used deliberately to let ideas develop in our subconscious

The Zen of Python

The Zen of Security Rules

Threat Hunting Loop

Threat Hunting Matrix

Threat Hunting Maturity Model

Threat Hunting vs Detection Engineering

Tools for Research

Traffic Light Protocol

Transport Layer Security

Unified Kill Chain

Upgrading Simple Shells to Fully Interactive TTYs

User Account Control

Virtual Private Networks

Vulnerability Management

Wavetable Synthesizer

Web Application Attacks

Windows Buffer Overflow

Windows Malware Lab Install Script

Windows Networking & Services

Windows Privileges and Integrity Levels

WMIC WinRM LOLBin Execution by Provider Host

Working With The Garage Door Up

Enter to select

to navigate

ESC to close

Penetration Testing

Atlas

Penetration Testing Workflow
Get service overview of a individual host or network
Service Enumeration and Locating Public Exploits
Exploitation
Post-Exploitation Enumeration
Privilege Escalation
Persistence
Post-Escalation Enumeration
Pivoting

Principles

Breadth-first search

Cheat Sheets

MalAPI.io
Filesec.io
Unprotect Project
LoFP
LOLOL
GTFOBins
GTFOArgs
LOOBins
LOLBAS
LOLAPPS
LOFLCAB
LOTS Project
LOLDrivers
LOTPipeline
LOLRMM
LOLESXi
Bootloaders.io
HijackLibs
WADComs
Arsenal
Reconnoitre Config

Wikis

HackTricks
HackTricks Cloud
Pentester's Promiscuous Notebook
The Hacker Recipes
Red Teaming Experiments
Red Team Notes 2.0
CheatSheets
OSCP Cheat Sheet and Command Reference
PayloadsAllTheThings
HardwareAllTheThings
Penetration Testing Tools Cheat Sheet
OSCP personal cheatsheet
OWASP Cheat Sheet Series
Infosec_Reference | An Information Security Reference That Doesn't Suck!
CompassSecurity/security_resources: Collection of online security resources
A-poc/RedTeam-Tools: Tools and Techniques for Red Team / Penetration Testing
pentestmonkey
Penetration Testing Tools Cheat Sheet

Videos

IppSec

Tools

All Kali Tools
CVE Calculator
Exploit Database
VulnHub
Shodan
Flangvik/SharpCollection
djhohnstein/WireTap
blacklanternsecurity/writehat

Relevant Note(s):

Connected Pages

Depth

On this page

Penetration Testing
1. Atlas
2. Principles
3. Cheat Sheets
4. Wikis
5. Videos
6. Tools

Pages mentioning this page

Active Information Gathering

Buffer Overflow

Client-Side Attacks

Detection Engineering

File Transfer Techniques

Firewall Evasion

Get service overview of a individual host or network

Information Security

Passive Information Gathering

Post-Escalation Enumeration

Post-Exploitation Enumeration

Privilege Escalation

Service Enumeration and Locating Public Exploits

Web Application Attacks