Protected: OSCP Prep

Last Updated on January 25, 2022 by aghanim Table Of ContentsHow websites work HTML JavaScript Sensitive Data Exposure HTML Injection  How websites work  When you visit a website, your browser makes a request to a web server asking for information about the page you’re visiting and will respond with data that your browser uses to show you the page; a web server is…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is Command Injection?Discovering Command InjectionExploiting Command InjectionDetecting Blind Command InjectionLinux WindowsRemediating Command InjectionVulnerable FunctionsInput sanitisationBypassing FiltersPractical: Command InjectionWhat user is…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsNMAP Live Host DiscoveryNMAP Basic Port ScansTCP FlagsTimingsSummaryNMAP Advanced Port ScansNMAP Post Port Scans NMAP Live Host Discovery Scan Type…

Last Updated on June 1, 2023 by aghanim This is notes taken from the THM room ‘Wreath’, which is a great room for learning Active Directory and pivoting. https://www.tryhackme.com/room/wreath And from other sources. Table Of ContentsSummaryWhat is pivoting?High level overviewEnumerationProxychains & FoxyProxyProxychainsFoxyProxySSH Tunnelig / Port ForwardingForward ConnectionsNMAP with SSH proxyReverse ConnectionsSSH Remote Port Forwarding (From…

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an IDOR?An IDOR ExampleFinding IDORs in Encoded IDsEncoded IDsFinding IDORs and Hashed IDsHashed IDsFinding IDORs in Unpredictable IDsUnpredictable IDsWhere are…

Last Updated on October 16, 2025 by aghanim Work in Progress Table Of ContentsCoursesSourcesx86 & x64 Assembler and DisassemblerCallback function listExample: Using  ​CertEnumSystemStore​ Convert raw shellcode to raw binary formatEDR TelematryEDR Telematry v2Entropy reductionHijackLibsJoesandbox – Malware AnalysisMalapi.ioNo-defenderNtDoc – The native NT API online documentationParasite-invokeReverse engineering of everything MicrosoftVergilius projectUnprotect.itEvasion techniquesWindows Icons Courses SEKTOR7 Institute https://maldevacademy.com/ EvasionEDR…