🔮
P4n1cBook
  • 🏴‍☠️Welcome!
    • 🔮P4n1cBook
    • 📚Bookmarks
    • 🚨Licence and Disclaimer
  • Fundamentals
    • Starter Kit
      • Linux
      • PowerShell
      • Git
      • 💾Regex
      • Network Analysis
        • curl
        • tcpdump
        • Nmap
        • 🦈Wireshark
      • Metasploit
    • 🌐Network Protocols
      • ICMP
      • SSH
      • Telnet
      • DNS
      • FTP
      • HTTP/HTTPS
      • SMB
      • SNMP
      • SMTP
      • NFS
      • IPP
      • WinRM
      • LLMNR
      • JDWP
    • Code
      • Python Essentials
      • C & C++
    • Web APIs
      • GraphQL
    • Shells/TTYs
    • Dorks
    • Cryptography
    • Reverse Engineering
      • GDB
      • Binaries
  • Web Exploitation
    • Web Enumeration
      • User Endpoints
      • Web Fuzzing
        • ffuf
        • feroxbuster
        • Gobuster
        • GoWitness
      • Web Servers
        • Apache
        • Nginx
        • Werkzeug
      • Databases
        • MySQL
        • NoSQL
          • MongoDB
          • Redis
      • Web Services/Frameworks
        • Wordpress
        • Laravel
        • Express
        • Magento
        • AIOHTTP
        • HashiCorp Vault
        • Tiny File Manager
        • Joomla
        • CMS Made Simple
        • 🌵Cacti
        • Tomcat
        • Zabbix
        • OpenNetAdmin
        • ImageMagick
    • Vulnerabilities
      • Arbitrary File Read
      • Session Hijacking
      • SSRF
      • Eval Injection
      • Template Manipulation
      • Path Traversal
      • Prototype Pollution
      • XXE
      • Deserialization
      • Log Poisoning
      • Arbitrary Command Execution
      • SQLi
        • SQLmap
      • SSI
      • SSTI
      • LFI
      • XSS
    • Java-based web application
      • Struts
      • .WAR
      • pd4ml.jar
  • Cloud Exploitation
    • Kubernetes
    • AWS
  • Post Exploitation
    • File Transfer
      • Exfiltration
    • Credential Dumping
      • Thunderbird
    • Lateral Movement
    • Persistence
    • Linux Privilege Escalation
      • Static Binaries
      • Enumeration
      • Hijacks
      • Command Injection
      • Jailbreaks
      • Binary Exploitation - Linux
      • Kernel Exploits
      • Buffer Overflow - Linux
      • Docker
      • Abusing Wildcards
  • Wireless Exploitation
    • NFC
Powered by GitBook
On this page
  • HackTricks
  • GTFOBins
  • PayloadAllTheThings
  • HackTheBox
  • PortSwigger
  • StationX
  • 0xdf
  • Nonstarchpress
  • MITRE ATT&CK Framework
  • OWASP
Edit on GitHub
  1. Welcome!

Bookmarks

References and appreciations

PreviousP4n1cBookNextLicence and Disclaimer

Last updated 5 months ago

This book wouldn't exist without the following resources and there are a lot of borrowed words from them, so make sure you check then out as they are the prime source for the sauce.

HackTricks

Best Hacking resource and inspiration for this book by Carlos Palop

GTFOBins

The best curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

PayloadAllTheThings

Literally...

HackTheBox

Best learning resources out there, both academy and labs.

PortSwigger

Best free academy for web security out there with an extensive lab content.

StationX

Very nice cheat sheets

0xdf

The legend, best content to understand and solve boxes and even start making Bash and python scripts.

Nonstarchpress

Best publisher for technical books about hacking and programming.

MITRE ATT&CK Framework

Comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs) used for cybersecurity defense and incident response.

OWASP

The community-driven organization that provides resources and best practices for improving web application security.

🏴‍☠️
📚
HackTricksHackTricks
HackTricks
GTFOBins
PayloadsAllTheThings/XXE Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub
HTB Academy : Cyber Security Training
Academy
Web Security Academy: Free Online Training from PortSwiggerWebSecAcademy
Web-Academy
Logo
StationX - Cyber Security Training and Career DevelopmentStationX
Logo
0xdf hacks stuff0xdf hacks stuff
CTF Blog
No Starch Pressnostarch
AI generated Midway
Logo
MITRE ATT&CK®
Logo
OWASP Foundation | Open Source Foundation for Application Security
Logo
Logo
Introduction - OWASP Cheat Sheet Series
Logo
Logo
Logo
Logo
Logo