Helpful Links

A collection of helpful links to the work of third-party people.

When you use a link make sure to check out all other work of the persons that are responsible for the here listed contentĀ  and show them some love by comments, subscriptions or by any other way. Because they are all awesome!



Pentestmonkey – Reve Shell Cheat Sheet

Pentestmonkey – Web Shells

NETSEC – Spawning a TTY Shell

GTFOBins – Exploitable Unix binaries (Living off the Land)

LOLBAS – Exploitable Windows binaries (Living off the Land)

SecLists – Enumeration List for Usernames, Passwords, Directories etc.

Payload all the things – Massive amount of payloads for all kinds of stuff

Applocker Bypasses – List of handy bypasses for Windows Applocker

Nishang PowerShell – List of neat PowerShell scripts

Qualys SSL Labs – Test the encryption for public web servers

KoreLogic rules for Hashcat – Cracking rules for Hashcat

Some Ways to dump LSASS.exe – Blogpost from Mark Mo on dumping LSASS

LinEnum – Script for Linux privilege escalation and system enumeration

PEAS – Windows & Linux privilege-escalation-awesome-scripts-suiteĀ 


Box-JS – Analyzing obfuscated and malicious java script

Python-oletools – Analyzing obfuscated and malicious Microsoft Office documents


Tutorials & Training:

Hack The Box – Online Pen-Testing Labs

VulnHub – Free boot-2-root machines

IppSec – Youtube channel with awesome Hack The Box walkthroughs