Shotokhan

Buffer overflow cheatsheet for pentesters

This will be a cheatsheet for exploitation of binary services, aimed at pentesters preparing for exams like eCPPT and OSCP (look at other resources for training about binary exploitation in general, like pwnable.kr).

BOF Windows (no protections, stack buffer overflow)

Suppose you find an open port, you don't know what service is on it but then you realize that there is a custom binary, by interacting with it with netcat. You may have obtained the binary for that service by interacting with other services (e.g., a path traversal vulnerability in a web application) or from external sources (e.g., OSINT).

Preparing a local environment for testing the service

At this point, you can't make the service crash by fuzzing it on the target server, you need a reliable exploit. So, you fire up your Windows 7 VM with debugging tools installed (Immunity with mona). You copy the binary there, open it with Immunity, then you run it (Debug -> Run).

ScienceWolf666

📖 | Operating Systems Administrator Cheat Sheet

Systems Operation Manual " Ubuntu & Debian " Basic Commands Help Guide

---

Aktualizacja systemu

• Aktualizacja listy pakietów: sudo apt update
• Aktualizacja zainstalowanych pakietów: sudo apt upgrade
• Aktualizacja systemu (uwzględnia usuwanie niepotrzebnych pakietów): sudo apt dist-upgrade

Instalacja i usuwanie pakietów

kconner

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

rain-1

Purpose

Bootstrap knowledge of LLMs ASAP. With a bias/focus to GPT.

Avoid being a link dump. Try to provide only valuable well tuned information.

Prelude

Neural network links before starting with transformers.

localzet

AI Tool Master List

Audio Editing

1. Krisp
2. Adobe Podcast
3. Beatoven.ai
4. Audio Strip

axelarator

<?xml version="1.0" encoding="UTF-8"?>

<opml version="1.0">
    <head>
        <title>Taylor subscriptions in feedly Cloud</title>
    </head>
    <body>
        <outline text="Threat Intelligence" title="Threat Intelligence">
            <outline type="rss" text="secrutiny.com" title="secrutiny.com" xmlUrl="https://secrutiny.com/feed/" htmlUrl="https://secrutiny.com/"/>
            <outline type="rss" text="Infosec in Walmart Global Tech Blog on Medium" title="Infosec in Walmart Global Tech Blog on Medium" xmlUrl="https://medium.com/feed/walmartglobaltech/tagged/infosec" htmlUrl="https://medium.com/walmartglobaltech/tagged/infosec?source=rss----905ea2b3d4d1--infosec"/>

ruevaughn

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

---

• My Methodology

extratone

thypon

! name: MyNetsec
! description: Prioritizes domains popular with the information security community. Primarily uses submissions and scoring from /r/netsec.
! public: true
! author: Andrea Brancaleoni
! avatar: #ff0000
! homepage: https://github.com/thypon

! Goggle extras
$discard
$boost=3,site=github.io

Te-k

Threat intelligence platforms

Port Scans

• Shodan : community access + commercial access
• Censys : community + commercial access (access posible for independent researchers)
• ZoomEye : community + commercial access
• Onyphe : community + commercial access
• BinaryEdge : commercial access only