๐Ÿ”ฎ
P4n1cBook
  • ๐Ÿดโ€โ˜ ๏ธWelcome!
    • ๐Ÿ”ฎP4n1cBook
    • ๐ŸšจLicence and Disclaimer
    • โšกAbout Author
    • ๐Ÿ“šBookmarks
  • Fundamentals
    • Basic Commands
      • Linux
      • Git
    • ๐ŸŒNetwork Protocols
      • ICMP
      • SSH
      • Telnet
      • DNS
      • FTP
      • HTTP/HTTPS
      • SMB
      • SNMP
      • SMTP
      • NFS
      • IPP
      • WinRM
      • LLMNR
    • Databases
      • MySQL
      • NoSQL
    • Web APIs
      • GraphQL
    • Shells/TTYs
    • ๐Ÿ’พRegex
    • Dorks
    • Python Essentials
    • Cryptography
    • Reverse Engineering
    • Tools
      • curl
      • Netcat
      • tcpdump
      • Nmap
      • ffuf
      • Gobuster
      • feroxbuster
      • SQLmap
      • ๐ŸฆˆWireshark
      • Metasploit
      • GoWitness
      • Crunch
      • NetExec
  • Web Exploitation
    • Recon
    • Main Techniques
      • Session Hijacking
      • SSRF
      • Eval Injection
      • Template Manipulation
      • Path Traversal
      • Prototype Pollution
      • XXE
      • Deserialization
      • Log Poisoning
      • Command Injection
      • SQLi
      • Arbitrary File Upload
      • SSTI
      • LFI
      • XSS
    • Web Servers
      • Apache
      • Nginx
    • Web Services
      • HashiCorp Vault
      • Laravel
      • Express
      • Magento
      • Tiny File Manager
      • Joomla
      • CMS Made Simple
      • Werkzeug
      • ๐ŸŒตCacti
      • Tomcat
      • Zabbix
      • OpenNetAdmin
      • Wordpress
      • Java-based web application
        • Struts
        • .WAR
        • JDWP
      • ImageMagick
  • Cloud Exploitation
    • Kubernetes
  • Post Exploitation
    • File Transfer
    • Credential Dumping
      • Thunderbird
    • Pivoting/Lateral Movement
    • Persistence
    • Linux Privilege Escalation
      • Hijacks
      • Jailbreaks
      • Binary Exploitation - Linux
      • Kernel Exploits
      • Buffer Overflow - Linux
      • Escaping Docker
  • Wireless Exploitation
    • NFC
Powered by GitBook
On this page
  • HackTricks
  • GTFOBins
  • PayloadAllTheThings
  • HackTheBox
  • PortSwigger
  • StationX
  • 0xdf
  • Nonstarchpress
  • MITRE ATT&CK Framework
  • OWASP
Edit on GitHub
  1. Welcome!

Bookmarks

References and appreciations

PreviousAbout AuthorNextBasic Commands

Last updated 2 months ago

This book wouldn't exist without the following resources and there are a lot of borrowed words from them, so make sure you check then out as they are the prime source for the sauce.

HackTricks

Best Hacking resource and inspiration for this book by Carlos Palop

GTFOBins

The best curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

PayloadAllTheThings

Literally...

HackTheBox

Best learning resources out there, both academy and labs.

PortSwigger

Best free academy for web security out there with an extensive lab content.

StationX

Very nice cheat sheets

0xdf

The legend, best content to understand and solve boxes and even start making Bash and python scripts.

Nonstarchpress

Best publisher for technical books about hacking and programming.

MITRE ATT&CK Framework

Comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs) used for cybersecurity defense and incident response.

OWASP

The community-driven organization that provides resources and best practices for improving web application security.

๐Ÿดโ€โ˜ ๏ธ
๐Ÿ“š
LogoHackTricksHackTricks
HackTricks
LogoGTFOBins
LogoPayloadsAllTheThings/XXE Injection at master ยท swisskyrepo/PayloadsAllTheThingsGitHub
LogoHTB Academy : Cyber Security Training
Academy
LogoWeb Security Academy: Free Online Training from PortSwiggerWebSecAcademy
Web-Academy
AI generated Midway
LogoStationX - Cyber Security Training and Career DevelopmentStationX
Logo0xdf hacks stuff0xdf hacks stuff
CTF Blog
LogoNo Starch Pressnostarch
LogoMITRE ATT&CKยฎ
LogoOWASP Foundation | Open Source Foundation for Application Security
LogoIntroduction - OWASP Cheat Sheet Series