Study Notes
-
OSINT Tools: NOTES
Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and…
-
CTI: NOTES
Cyber Threat Intelligence (CTI) can be defined as evidence-based knowledge about adversaries, including their indicators, tactics, motivations, and actionable advice against them.…
-
UKC: NOTES
Threat modelling, in a cybersecurity context, is a series of steps to ultimately improve the security of a system. Threat modelling is…
-
Authentication Attacks:NOTES
Types: MFA Fatigue Attacks – Social Engineering Cyber attack repeatedly sending MFA requests; SPAM attack; Pass-The-Hash Attack – Steal Hashed user credentials…
-
ReconTools:NOTES
Wayback Machine For reviewing internet archives; Free Via internet browser; archive.org/web ; Can see historical data about a website to identify new…
-
Exploit Tools:NOTES
Metasploit Identifies potential exploits and provides ability to execute; Netcat Creates communication channels between two systems; Installed on linux, Install Nmap on…
-
AuthTools:NOTES
CrackMapExec Dump Hashes in for cracking and move laterally in network; Various Protocols – rdp, winrm, ldap, ssh, mssql, smb, ftp; —shares…
-
THM Web App Resources
OWASP Favicon Database: Other places to find information only using basic tools: robots.txt, sitemap.xml, HTTP Headers, Framework Stack – developer tools Google…
-
MISP: NOTES
MISP – MALWARE INFORMATION SHARING PLATFORM MISP (Malware Information Sharing Platform) is an open-source threat information platform that facilitates the collection, storage and distribution of…
-
Cyber Kill Chain: NOTES
Reconnaissance is discovering and collecting information on the system and the victim. The reconnaissance phase is the planning phase for the adversaries.…
