xcke/My-Gray-Hacker-Resources

Useful for CTFs, wargames, pentesting. Educational purposes. Or for fun. Or profit.

Gray Hacker Resources

All in one big bag. Educational purposes.

* CTFs and WARGAMES

* CRYPTOGRAPHY

* FORENSICS

* LINUX HACKING

* MEMORY EXPLOITS

* VULNERABILITIES AND EXPLOITS

* NETWORK and 802.11

* REVERSE ENGINEERING

* RUBBER DUCK

* STEGANOGRAPHY

* WEB EXPLOITS

* OTHER HACKINGS

* PEN TESTING

* MOBILE

* BOTNETS

---

Post-Exploitation

• Metasploit Post Exploitation Command List

• Obscure Systems (AIX, Embeded, etc) Post-Exploit Command List.

• OSX Post-Exploitation.

• Windows Post-Exploitation Command List.

• Linux/Unix/BSD Post-Exploitation Command List.

---

Useful Command Line

Searching

grep word f1

sort | uniq -c

diff f1 f2

find -size f1

Compressed Files

zcat f1 > f2

gzip -d file

bzip2 -d f1

tar -xvf file

Connecting to a Server/Port

nc localhost 30000

echo 4wcYUJFw0k0XLShlDzztnTBHiqxU3b3e | nc localhost 30000

openssl s_client -connect localhost:30001 -quiet

nmap -p 31000-32000 localhost

telnet localhost 3000

---

References:

Books I Recommend

Technical

• Bulletproof SSL and TLS
• Reversing: Secrets of Reverse Engineering
• The Art of Memory Forensics
• The C Programming Language
• The Unix Programming Environment
• UNIX Network Programming
• Threat Modeling: Designing for Security
• The Tangled Web
• The Art of Exploitation
• The Art of Software Security Assessment
• Practical Packet Analysis
• Gray Hat Python
• Black Hat Python
• Violent Python
• Shellcoders Handbook
• Practice Malware Analysis

Fun

• Spam Nation
• The Art of Intrusion
• This Machine Kills Secrets

Other Resources

• Krebs Series on how to be in InfoSec: Thomas Ptacek, Bruce Schneier, Charlie Miller
• How to be a InfoSec Geek
• My Blog

---

License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License