Like I may have previously mentioned, my memory might not be the best (I think this is funny), but even if it was I would still keep these notes. Sometimes the syntax gets complicated or you just don’t want to search for that one exploit you read about once from a random blog months back. These pages are something I know I would have found useful when first starting out with sites like TryHackMe and HackTheBox - it’s really a collection of notes I’ve taken along the way but put into a much more organized format. There is far too much for just one web page, so I’ve broken this down into the following categories:
Brute forcing
This page covers brute forcing passwords and logins using tools like Hydra, John, and Burpsuite. This is a core part of pen testing, whether you’re using John to break private SSH keys you’ve gotten your hands on or using Hydra to brute force a login to a vulnerable web portal.
Privilege Escalation
The myriad of ways for privilege escalation. At a glance, knowing how to list files / programs that have higher privileges, increasing your shell’s capabilities, modifying access controls - I don’t know there’s a lot to go over here, check out the page for more info.
Metasploit
Brief overview of the metasploit framework, covering msfconsole and msfvenom.
Web Stuff
Web enumeration, starting a web server, and uses of curl.
Using Nmap
Brief overview of Nmap, flags to be aware of, and using specific scripts.
Kismet and the Aircrack-ng suite
Case study in attacking a wireless network with several tools.
Steganography
What is steganography, how is it used and how to counter it.
Resources
Useful stuff for CTFs with TryHackMe and my recommended Linux Distribution / fresh install.
The Basics
If you need any help with the basics, such as locating stuff, how linux permissions work, anything not directly addressed but still essential to know.