This project is a work in progress. I started it from scratch in 2018 and will probably never finish it. Those subjects evolve day after day. But rest assured, I don't plan on letting this project become deprecated.
The "Active Directory" part is a good example of what I want this whole project to be like
The ๐Ÿ› ๏ธ emoji is used where work has to be done.
This project is aimed at providing technical guides on various hacking topics:
  • Active Directory (80% done
  • Web services (60% done)
  • Systems & services (5% done)
  • Intelligence gathering (0% done)
  • Physical intrusion (0% done)
  • Social engineering (0% done)
  • Phishing (0% done)
  • Mobile apps (0% done)
  • Binary exploitation (0% done)
  • Code analysis (0% done)
  • ...
Cheatsheets are huge resources, but they sometimes lack simplicity or on the contrary they don't give any context or explanation. This is not a cheatsheets project. Everything here will be verified, tested, and not only copy-pasted from I don't know where.
Keep in mind that these guides are maintained by non-omniscient security enthusiasts in their spare time. You will probably find things missing or mistakes and writing all this takes time.
Please feel free to contribute, give feedback/suggestions or reach out to me on Twitter (@_nwodtuhs), Discord (Shutdown#2539), IRL or whatever you feel appropriate.
Feel free to show your support by donating: Ko-fi (one time donation), Patreon (monthly)
Almost every tool mentioned in theses notes is installed, and sometimes pre-configured, in Exegol, another project of mine of a docker environment ready to hack on day-to-day engagements. It's not much but I use it on all my engagements. Feel free to use it, to contribute, to give feedback etc.
Copy link