Links

A lot of these were found here.

Other notebooks

TechNote (Korean)
Hacktricks
0xFFsec
Kathan19

Open services

Hacktricks contains a lot of information about pentesting specific protocols, as well as other gems.

SSTI, SQLI, LFI, RFI, ...

Anywhere user input is accepted, there's a possibility for format trickery.

PayloadsAllTheThings has excellent lists of everything from server-side template injections to file traversal paths, etc. Take one of the intruder files and use it in your own scanning tool to quickly evaluate what's open and what's not.

This cheat sheet contains a lot of tools and links.

Unicode normalization bypass

This page is about open redirects, but contains a neat table of unicode replacements that normalize to numbers and letters.

OSINT

jivoi

Privesc

m0nad

Windows and DOS

Docs and such for various microsoft platforms

PreviousFormats NextReversing

Last updated 3 years ago