A compilation of the many resources I’ve found over the years coving various topics which I found that provide some value or valuable Github repos/profiles/blogs. Perpetual work in progress. Links may appear in multiple places.
What this is: This is a compilation of resources aggregated in one place.
What this is not: A one-stop shop for all resources on all things InfoSec. This industry is massive and it would be impossible to house every helpful link in a single place.
Table of Contents
Foundations
Nothing hacking related in this section, just links covering what are considered the foundations of InfoSec
General Links
- 5pillars
- https://github.com/gerryguy311/Free_CyberSecurity_Professional_Development_Resources
- https://github.com/zardus/wargame-nexus
- https://github.com/Hack-with-Github/Awesome-Hacking
- https://github.com/trimstray/the-book-of-secret-knowledge
- https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/RT.md
Networking
General Links
- Prof. Messers Net+
- TheNewBoston Networking Playlist
- https://www.redsiege.com/blog/2021/02/networkfunpart1/
Assigning IP Addresses
Protocols
DHCP
Network Analysis Tools
- https://wiki.wireshark.org/SampleCaptures
- https://www.tcpdump.org/manpages/tcpdump.1.html
- Packet Decoder
- https://www.splunk.com/en_us/download/previous-releases.html
- https://www.elastic.co/what-is/elk-stack
- https://thehelk.com/intro.html
IPTABLES
Packet Filter
- https://www.usenix.org/legacy/publications/library/proceedings/sd93/mccanne.pdf
- http://www.infosecwriters.com/text_resources/pdf/JStebelton_BPF.pdf
Programming
General Links
Python
PowerShell
CSharp
Windows
General Links
- SysInternals
- https://medium.com/ax1al/a-brief-introduction-to-pe-format-6052914cc8dd
- https://nasbench.medium.com/windows-system-processes-an-overview-for-blue-teams-42fa7a617920
Registry Stuffs
Win Internals
*nix
General Links
Web App
HTTP/2
- https://http2-explained.haxx.se/en/part6
- https://developers.google.com/web/fundamentals/performance/http2
- https://tools.ietf.org/html/rfc7540
GitHub Repos
- https://github.com/killswitch-GUI/Persistence-Survivability
- https://github.com/Mr-Un1k0d3r/ThunderShell
- https://github.com/xforcered/StandIn
- https://github.com/ustayready/geacon
- https://github.com/S3cur3Th1sSh1t/PowerSharpPack
- https://github.com/Flangvik/SharpCollection
- https://github.com/xorrior/RemoteRecon
- https://github.com/AXI4L/Community-Papers
GitHub Profiles
- https://github.com/mdsecactivebreach
- https://github.com/specterops
- https://github.com/S3cur3Th1sSh1t
- https://github.com/r3nhat
- https://github.com/RomanRII
Blogs
- https://silentbreaksecurity.com/blog/
- https://www.huntress.com/blog
- https://www.trustedsec.com/blog/
- https://posts.specterops.io/
- https://blog.xpnsec.com/
- https://www.cyberark.com/resources/threat-research-blog
Tools
Pentesting vs. Red Teaming
Pentesting
General Links
- https://jhalon.github.io/becoming-a-pentester/
- https://www.reddit.com/r/redteamsec/
- https://github.com/Voorivex/pentest-guide
Web App Stuffs
- https://application.security/free/owasp-top-10
- https://application.security/free/owasp-top-10-API
- https://portswigger.net/web-security
Active Directory
- https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/
- https://github.com/cfalta/adsec
- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- https://posts.specterops.io/the-attack-path-management-manifesto-3a3b117f5e5
- https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
- https://zer1t0.gitlab.io/posts/attacking_ad/
- https://posts.specterops.io/shadow-credentials-abusing-key-trust-account-mapping-for-takeover-8ee1a53566ab
- Compromising a Network in 20 minutes via AD
- https://www.exploit-db.com/docs/english/46990-active-directory-enumeration-with-powershell.pdf
- https://posts.specterops.io/hunting-in-active-directory-unconstrained-delegation-forests-trusts-71f2b33688e1
- https://github.com/Mr-Un1k0d3r/ADHuntTool
- https://rootdse.org/posts/active-directory-basics-1/
- https://github.com/infosecn1nja/AD-Attack-Defense
AD CS
- https://posts.specterops.io/certified-pre-owned-d95910965cd2
- https://www.exandroid.dev/2021/06/23/ad-cs-relay-attack-practical-guide/
- https://dirkjanm.io/ntlm-relaying-to-ad-certificate-services/
- https://github.com/dirkjanm/PKINITtools
Kerberoasting
- https://blog.xpnsec.com/kerberos-attacks-part-1/#more
- https://blog.perf3ct.tech/csl-machine-writeup-roast-kerberoasting/#Kerberoasting_overview
- https://www.harmj0y.net/blog/powershell/kerberoasting-without-mimikatz/
- https://www.youtube.com/watch?v=Jaa2LmZaNeU
- https://en.hackndo.com/kerberos/
- https://youtu.be/SStP2RjVq0I
- https://nored0x.github.io/red-teaming/Kerberos-Attacks-Silver-Ticket/
PowerShell For Pentesters
- SANS Webcast: PowerShell for PenTesting
- SANS Webcast: Pen Testing with PowerShell – Data Exfiltration Techniques
- SANS Webcast: Pen Testing with PowerShell – Local Privilege Escalation Techniques
Miscellaneous
- https://malicious.link/post/2020/run-as-system-using-evil-winrm/
- https://www.netspi.com/resources/netspi-open-source-tools/
- https://attack.mitre.org/
- https://www.alteredsecurity.com/post/introduction-to-365-stealer
- How PsExec Works
GTFOBins
Red Teaming
General Links
Github Repos
- https://github.com/xbl3/Red-Teaming-Toolkit_infosecn1nja
- https://github.com/threatexpress/red-team-scripts
- https://github.com/marcosValle/awesome-windows-red-team
- https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
- https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
- https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
- https://github.com/andrewchiles/PowerLessShell
- https://github.com/Mr-Un1k0d3r/RedTeamPowershellScripts
- https://github.com/Mr-Un1k0d3r/RedTeamScripts
- https://github.com/redcode-labs
- https://github.com/optiv/Dent
- https://github.com/jhackz/RTO-Implant
- https://github.com/S3cur3Th1sSh1t/Creds
- https://github.com/N7WEra/SharpAllTheThings
- https://github.com/cfalta/PowerShellArmoury
- https://github.com/gtworek/PSBits
- https://github.com/malware-unicorn/GoPEInjection
Blogs
- https://offensivedefence.co.uk/posts/
- https://rastamouse.me/
- https://blog.romanrii.com/
- https://www.vincentyiu.com/
- https://vysecurity.rocks/#
- https://fortynorthsecurity.com/blog/
- https://www.redteam.cafe/
- https://blog.redteam-pentesting.de/
- https://blog.dylan.codes/
- https://blog.xpnsec.com/
- https://www.trustedsec.com/blog/
- https://www.bc-security.org/blog/
- https://www.coresecurity.com/core-labs/articles
- https://www.blackhillsinfosec.com/blog/
- https://blog.harmj0y.net/
- https://dirkjanm.io/
- https://stealthbits.com/blog/
- https://blog.sektor7.net/#!index.md
- https://outflank.nl/blog/
- http://jackson-t.ca/
- http://redsiege.com/blog
- https://s3cur3th1ssh1t.github.io
- http://www.harmj0y.net/blog/blog/
- https://riccardoancarani.github.io/
- https://kwcsec.gitbook.io/the-red-team-handbook/
- https://dmcxblue.gitbook.io/red-team-notes/
- https://github.com/mytechnotalent
Tools
Initial Access
DevOps for RT
Pivoting
SSH Tunneling
Persistence
Evasion Techniques
- https://github.com/ion-storm/sysmon-edr
- https://www.ired.team/offensive-security/defense-evasion/bypassing-cylance-and-other-avs-edrs-by-unhooking-windows-apis
- https://ethicalchaos.dev/2020/05/27/lets-create-an-edr-and-bypass-it-part-1/
- https://blog.redbluepurple.io/offensive-research/bypassing-injection-detection
- https://github.com/sinfulz/JustEvadeBro
- https://youtu.be/UO3PjJIiBIE
- https://www.xanthus.io/building-an-obfuscator-to-evade-windows-defender/
- https://klezvirus.github.io/RedTeaming/AV_Evasion/CodeExeNewDotNet/
- https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion/
- https://synzack.github.io/Blinding-EDR-On-Windows/
Obfuscation
Bypassin’ UAC
- https://hausec.com/2020/10/30/using-a-c-shellcode-runner-and-confuserex-to-bypass-uac-while-evading-av/
- https://github.com/aaaddress1/PR0CESS/tree/main/UACBypassJF_RpcALPC
Breakin’ AMSI
- https://amsi.fail/
- https://github.com/S3cur3Th1sSh1t/Amsi-Bypass-Powershell
- https://www.cyberark.com/resources/threat-research-blog/amsi-bypass-patching-technique
- https://www.cyberark.com/resources/threat-research-blog/amsi-bypass-redux
- https://s3cur3th1ssh1t.github.io/Powershell-and-the-.NET-AMSI-Interface/
- https://rastamouse.me/memory-patching-amsi-bypass/
Messing W/ WinAPI
D/Invoke
- https://thewover.github.io/Dynamic-Invoke/
- https://github.com/rasta-mouse/DInvoke
- https://blog.nviso.eu/2020/11/20/dynamic-invocation-in-net-to-bypass-hooks/
- https://klezvirus.github.io/RedTeaming/Development/From-PInvoke-To-DInvoke/
P/Invoke
AV/EDR? What’s that?
- https://www.mdsec.co.uk/2019/03/silencing-cylance-a-case-study-in-modern-edrs/
- https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
- https://sol-secure.blogspot.com/2021/03/bypassing-edr-primer-sophos.html
- https://github.com/CCob/SharpBlock
- https://arty-hlr.com/blog/2021/05/06/how-to-bypass-defender/
- https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
- https://blog.sevagas.com/IMG/pdf/BypassAVDynamics.pdf
- https://github.com/GetRektBoy724/SharpUnhooker
- https://abdelrahmanessaam.blogspot.com/2021/06/how-malwares-use-dynamic-api-loading-to.html
- https://bruteratel.com/research/feature-update/2021/06/01/PE-Reflection-Long-Live-The-King/?s=09
- https://blog.redbluepurple.io/offensive-research/bypassing-injection-detection
- https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
- https://www.youtube.com/watch?v=6OF6lA0kCuY&t=3s
- https://github.com/RedTeamOperations/Journey-to-McAfee
Process Injection n Stuffs
- https://github.com/3xpl01tc0d3r/ProcessInjection
- https://3xpl01tc0d3r.blogspot.com/2019/08/process-injection-part-i.html
- https://github.com/enkomio/ManagedInjector
- https://blog.xenoscr.net/2021/07/26/Process-Injection-with-Assembly.html
- https://www.netero1010-securitylab.com/evasion/alternative-process-injection
- https://github.com/plackyhacker/Shellcode-Injection-Techniques
- https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop
- https://github.com/hasherezade/process_overwriting
- https://pentestlaboratories.com/2021/12/08/process-ghosting/
Messing w/ Syscalls
- https://jhalon.github.io/utilizing-syscalls-in-csharp-1/
- https://offensivedefence.co.uk/posts/dinvoke-syscalls/
- https://github.com/j00ru/windows-syscalls
- https://dronesec.pw/blog/2021/05/12/on-the-fanciful-allure-of-raw-syscalls/
- https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/
- https://redteaming.co.uk/2021/10/28/understanding-syscalls/
Lateral Movement
- https://eaneatfruit.github.io/2019/08/18/Offensive-Lateral-Movement/
- https://mergene.medium.com/hunting-for-lateral-movement-local-accounts-bc08742f3d83
- https://twitter.com/CyberWarship/status/1456632406623064068?s=20
- https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f
Exfiltration
Domain Fronting/Borrowing
Domain Borrowing
- https://github.com/Dliv3/DomainBorrowing
- https://i.blackhat.com/asia-21/Thursday-Handouts/as-21-Ding-Domain-Borrowing-Catch-My-C2-Traffic-If-You-Can.pdf
Domain Fronting
Command and Control
- https://www.thec2matrix.com/
- https://shogunlab.gitbook.io/building-c2-implants-in-cpp-a-primer/
- Covenant 101
- https://nasbench.medium.com/understanding-detecting-c2-frameworks-darkfinger-c2-539c79282a1c
Detecting Attacks
Building out a AdSim Lab
- https://blog.xpnsec.com/designing-the-adversary-simulation-lab/#more
- https://nickzero.co.uk/automating-a-red-team-lab/
Mudge Youtube Playlists
LOLBAS
Malware Analysis/Dev
- https://youtu.be/SIem8ZIe1xk
- https://0xpat.github.io/Malware_development_part_1/
- https://gist.github.com/muff-in/ff678b1fda17e6188aa0462a99626121
- https://github.com/CyberSecurityUP/Awesome-Malware-Analysis-Reverse-Engineering
- https://hackerspot.net/2021/06/21/building-your-own-dynamic-malware-analysis-lab/
- .NET Advanced Malware Dev
Macro Magic
Miscellaneous
- https://blog.romanrii.com/using-icmp-to-deliver-shellcode
- https://blog.joeminicucci.com/2021/who-let-the-arps-out-from-arp-spoof-to-domain-compromise
- https://www.mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/
- https://blog.huntresslabs.com/tried-and-true-hacker-technique-dos-obfuscation-400b57cd7dd
- https://github.com/mdsecactivebreach/WMIPersistence
- https://posts.specterops.io/what-is-it-that-makes-a-microsoft-executable-a-microsoft-executable-b43ac612195e
- https://jhalon.github.io/reverse-engineering-protocols/
- https://pentestlab.blog/2020/05/20/persistence-com-hijacking/
- https://github.com/fozavci/ta505plus
- https://blog.focal-point.com/how-to-build-obfuscated-macros-for-your-next-social-engineering-campaign
- https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/
- https://thedfirreport.com/2021/06/20/from-word-to-lateral-movement-in-1-hour/
- https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
- https://adepts.of0x.cc/netsh-portproxy-code/
- https://bruteratel.com/research/feature-update/2021/01/30/OBJEXEC/
- https://gist.github.com/gabe31415/fe2a7bd7213739b2bc407ecf0e100f9a
- https://www.blackhillsinfosec.com/how-to-phish-for-user-passwords-with-powershell/
- https://aticleworld.com/reading-and-writing-windows-registry/
- https://connormcgarr.github.io/swimming-in-the-kernel-pool-part-2/
- COM Stuffs
- https://blog.sevagas.com/?Hide-HTA-window-for-RedTeam
- https://s3cur3th1ssh1t.github.io/Playing-with-OffensiveNim/
- https://www.exploit-db.com/papers?author=9381
- https://youtu.be/inRofFqeoLI – Mimi as a RAT
- https://www.youtube.com/watch?v=g27DorVva3M – Covert Tradecraft w/ C#
- https://tools.thehacker.recipes/mimikatz/modules – Mimi docs
- https://fortynorthsecurity.com/blog/under-the-hood-wmimplant-invoking-powershell/
- https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/
- https://www.pureid.io/dumping-abusing-windows-credentials-part-1/
- http://blog.redxorblue.com/2021/05/assemblylie-using-transactional-ntfs.html
- http://blog.opensecurityresearch.com/2013/01/windows-dll-injection-basics.html
- https://www.semperis.com/blog/golden-gmsa-attack/
- https://v3ded.github.io/redteam/abusing-lnk-features-for-initial-access-and-persistence
- https://www.trustedsec.com/blog/manipulating-user-passwords-without-mimikatz/
DFIR n stuff
General Links
- https://www.reddit.com/r/blueteamsec/
- https://github.com/DFIRmadness/infosec-fortress
- https://www.blueteamsacademy.com/
- https://cyberdefenders.org/blueteam-ctf-challenges/
DotNet
Forensics
- https://github.com/cugu/awesome-forensics
- https://stuxnet999.github.io/volatility/2020/08/18/Basics-of-Memory-Forensics.html
- https://twitter.com/BlackMatter23/status/1401523637019189258?s=20
SOC Stuffs
Attack Detection Series
- https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-1/
- https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-2/
- https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-3/
- https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-4/
Github Repos
- https://github.com/olafhartong/sysmon-modular
- https://github.com/trustedsec/SysmonCommunityGuide/blob/master/sysmon-events.md#create-remote-thread
- https://github.com/cado-security/DFIR_Resources_REvil_Kaseya/
Twitter Stuffs
- https://twitter.com/PythonResponder/status/1385064506049630211?s=20
- https://twitter.com/inversecos/status/1385456029400387584?s=20
Labs
Cons
- http://www.irongeek.com/i.php?page=videos%2Fderbycon7%2Fmainlist
- https://adversaryvillage.org/adversary-events/DEFCON-29/
Training
- https://www.netspi.com/training/
- https://www.fortynorthsecurity.com/public-training
- https://academy.tcm-sec.com/
- https://silentbreaksecurity.com/training/
- https://www.chironcommercial.com/train/courses/
- https://www.pentesteracademy.com/
- https://specterops.io/how-we-help/training-offerings
- https://github.com/specterops/at-ps (FREE SpecOps Course)
- https://institute.sektor7.net/
- https://academy.picussecurity.com/course/log-management-proactive-soc
Whitepapers
- https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/dosfuscation-report.pdf
- https://specterops.io/resources/research-and-development