This is will be a centralized place for me to put all the useful sites for pentesting so that I can reference them quickly.
This is not a place for exploit development. I will probably make a separate list in the future. No promises.
| url | description |
|---|---|
| https://vincentyiu.co.uk/red-team-tips/ | short and sweet tips, should review it from time to time |
| http://www.fuzzysecurity.com/tutorials/16.html | basic windows priv esc (local) |
| https://pentestlab.blog/2018/06/12/kerberoast/ | kerberoast to gain service accounts |
| https://decoder.cloud/2017/12/23/the-lonely-potato/ | service accounts priv esc using rotten potato |
| url | description |
|---|---|
| https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ | pretty much the checklist for linux priv esc. Follow thoroughly, do not miss a step! |
| url | function |
|---|---|
| https://github.com/Cgboal/SonarSearch | Subdomain Look up using Rapid7 Sonar Project. Passive Recon |