/Infosec-Notes

Notes from various sources for preparing to take the OSCP, Capture the Flag challenges, and Hack the Box machines.

description
A collection of notes for Penetration Testers and Ethical Hackers. My journey to OSCP and beyond.

Hacker's Rest

These are my publicly accessible notes from various sources for penetration testing, red-teaming, OSCP, Capture the Flag (CTF) challenges, and my Vulnhub/ Hack the Box machine write-ups.

{% hint style="warning" %} Warning - These notes are largely unformatted right now. They are based on my way of learning things - by reading, doing, studying, exploring, and taking notes. Cleaning up and formatting comes later.

  • Do not assume anything from these notes.
  • Do not expect the notes to be exhaustive, or to cover the techniques or the output they produce in full.
  • Expect mistakes in the notes.
  • Feel free to ask questions!
  • Always consult additional resources. If possible I will try to link to outside resources. If I have shared something of yours and you want credit, please let me know! {% endhint %}

Contribution

If you would like to add to, modify, or improve anything in my notes, PLEASE DO!

If you would like to give suggestions or even commit changes to these pages feel free to head to my GitHub page at:

{% embed url="https://github.com/zweilosec/Infosec-Notes" %}

How to contribute

  1. Create an Issue Request describing your changes/additions.
  2. Fork this repository.
  3. Push some code to your fork.
  4. Come back to this repository and open a pull request.
  5. After reviewing your changes, I will merge your pull request to the master repository.
  6. Make sure to update your Issue Request so that I can credit you! Thank you so much!

Feel free to also open an issue with any questions, help wanted, or requests! Throughout these notes I have put TODO: notes that indicate that I know a certain section needs work. Focus on these if you can!

TODO: Change all code examples to use variables (e.g. $host_ip)
rather than fill-in-the-blank format (e.g. <host_ip>). 
This will help greatly with copying code directly into scripts.

Contents

The following sub-pages of these notes will explore some of the common offensive and defensive security techniques including gaining shells, code execution, lateral movement, persistence, scripting, tools and much more. I also cover techniques for dealing with CTF-type challenges such as cryptography, reverse engineering, steganography and more.

{% hint style="success" %} Hack Responsibly.

Always ensure you have explicit permission to access any computer system before using any of the techniques contained in these documents. You accept full responsibility for your actions by applying any knowledge gained here. {% endhint %}

Linux

Windows

MacOS

Web

Mobile

OS Agnostic

Unsorted

OSCP/CTF Tools and Cheatsheets

See my list of outside sources!

If you like this content and would like to see more, please consider buying me a coffee!