Giter Site home page Giter Site logo

notes's Introduction

Notes

Here is where I upload some of my notes. Typically they are related to information security.

All dark mode notes can be found in their HTML format on my website: https://0xd4y.com/.

AWS

Hands on AWS Pentesting

https://0xd4y.com/2022/09/11/Hands-on-AWS-Penetration-Testing-Notes/

  • Privilege escalation techniques
  • AWS pentest tools
  • Bypassing GuardDuty and Cloudtrail
  • And much more!

AWS Security Specialty

https://0xd4y.com/2022/03/15/AWS-Security-Specialty-Notes/

  • Notes from security engineer point of view
  • Securely configuring AWS environments
  • Security responsibility & access management
  • Monitoring, logging, and auditing
  • Best practices and automation
  • Encryption and data security

GCP

GCP Penetration Testing Notes

https://0xd4y.com/2022/10/01/GCP-Penetration-Testing-Notes/

  • GCP fundamentals
  • Privilege escalation techniques
  • Common misconfigurations
  • Pivoting to G Suite
  • Avoiding alerts
  • GCP networking

GCP Penetration Testing Notes 2

https://0xd4y.com/2022/10/24/GCP-Penetration-Testing-Notes-2/

  • Privilege escalation techniques (IAM and Non-IAM)
  • GKE, Google Cloud Storage, Cloud Build, etc.
  • Remediation
  • Tools

Active Directory

Active Directory Pentesting Notes

https://0xd4y.com/2023/02/28/Active-Directory-Pentesting-Notes/

  • Common tactics, techniques, and procedures used by threat actors
  • Active Directory security fundamentals
  • Common tools used for AD pentesting
  • Bypassing security mechanisms

CRTP Notes

https://0xd4y.com/2023/04/05/CRTP-Notes/

  • Local privilege escalation
  • Domain privilege escalation
  • Tools for AD pentesting and red teaming
  • AV bypassing
  • Web exploitation
  • AD best practices
  • Defense
  • Threat detection
  • Trust relationships
  • AD fundamentals

CRTE Notes

https://0xd4y.com/2023/06/12/CRTE-Notes/

  • LAPS, gMSA, and Azure AD exploitation
  • Delegation
  • AD pentesting and red teaming tools
  • Tunneling
  • Bypassing defenses
  • Evading detection
  • Certification Authority
  • Advanced SQL exploitation
  • Cross-forest attacks

Wi-Fi

Wi-Fi Pentesting Notes

https://0xd4y.com/2023/01/19/Wi-Fi-Pentesting-Notes/

  • MITM SSL
  • Hotspot attacks
  • Gaining access to hidden SSIDs
  • Wireless IDS and IPS
  • WEP, WPA-PSK, and WPA2-PSK attacks
  • Spoofing attacks and detection

notes's People

Contributors

0xd4y avatar

Stargazers

Ahsan Ali Khan avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.