Skip to content

Instantly share code, notes, and snippets.

@kawing-ho

kawing-ho/r3s0urc3s.md

Last active April 23, 2020 17:12
Show Gist options
  • Save kawing-ho/666c5c51dda08fe82e4751191a398442 to your computer and use it in GitHub Desktop.
Save kawing-ho/666c5c51dda08fe82e4751191a398442 to your computer and use it in GitHub Desktop.
Download ZIP
For quick access to slides / other links :)
Raw
r3s0urc3s.md

Week 1

Intro
(no 6843 lecture)

Break 1: *.nsnagency (Solution)

Week 2

Recon
Intro (6843)

Week 3

Authentication
Advanced Recon

Break 2: (Solution)

    dev.ns.agency 
    team.ns.agency
    admin.ns.agency

Ext Break 1: (Solution)

    oauth-really-secret.jp.ns.agency
    very-secret.jp.ns.agency

Week 4

Session Management
OAuth and SAML 💩

Week 5

Access Control 🈲
XXE + PHP Unserialize

Break 3: (Solution)

    yipple.ns.agency
    yipple-dev.ns.agency
    pre-flighting.ns.agency
    yipple-qa.ns.agency

Ext Break 2: (Solution)

    sharp-edges.ru.ns.agency
    saml-super-secret.eu.ns.agency
    hush-hush-con.eu.ns.agency
    cereal.dev.ns.agency
    8xxxxxxxxml.redline.jp.ns.agency

Week 6

XSS
XSS, CSP, SOP

Week 7

Revision -- no slides wtf
(Shubs and Naffy guest talk)

Week 8

SQLi 💉
Injections And Spooks

Break 4: (Solution)

    gov.ns.agency 
    yuan.ns.agency
    ru.ns.agency

Ext Break 3: (Solution)

    internship.dev.ns.agency
    cspdomain1.dev.ns.agency
    cspxss1.dev.ns.agency
    cspdomain2.dev.ns.agency

Week 9

ServerSideMagic 🔮
SSRF

Week 10

WebServices + REST APIs
Cloud ☁️

Break 5: (Solution)

    smartcontracts.dev1-x.ns.agency
    math.group.ns.agency
    vault5.gov.ns.agency

Ext Break 4: (Solution)

    moonshot.oneshot.ns.agency
    ssrfsquared.ns.agency

Week 11

Environment
Vuln Research (not examinable?)

Week 12

Revision
(no 6843 lecture)

[6843 Tutorial links]

7xxxxxxxml.redline.eu.ns.agency  -- xxe
logfile.lecture.ns.agency  -- logfile injection 
chain.demo.ns.agency -- CSRF 
ssrf1.lecture.ns.agency -- SSRF
ssrfphp.lecture.ns.agency -- SSRF
xml.lecture.ns.agency -- xxe into ssrf 
xxe-xss.demo.ns.agency/testxml
ssti.lecture.ns.agency  -- Template Injection / __mro__

Other

https://mewy.pw/blog/2017/06/22/COMP6443.html
https://html5sec.org/  -- stuff that WAFs don't expect
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet -- Holy Grail of XSS payloads
https://gist.github.com/BuffaloWill/fa96693af67e3a3dd3fb   -- Cloud Metadata stuff
https://github.com/cry/ctf-toolchain/tree/master/miniHTTPCatcher  -- DIY RequestBin
http://pentestmonkey.net/category/cheat-sheet/sql-injection -- SQLi cheatsheet 
github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Remote%20commands%20execution -- RCE no spaces
http://v.mewy.pw/xml/index.xml  -- XXE example
https://gist.github.com/staaldraad/01415b990939494879b4 -- XXE payloads
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment