HackAllTheThings
DNS Staging
Initializing search
GitHub
HackAllTheThings
GitHub
Hack All The Things
About me
Data Protection
Development Resources
OSINT
Security Architecture
Segmentation Testing
Threat Modeling
Vulnerability Scanning
Active Directory Assessment
Active Directory Assessment
Checklist
Fundmentals
Local Privilege Escalation - Work in progress
PowerView Dev Cheatsheet
Remote Enumeration
Mimikatz
Android Application Testing
Android Application Testing
Apache Cordova
Decompiling and Compiling Smali
Flutter
Frida
Learning Resources
My Testing Enviroment
Security Controls
Xamarin
Archived
Archived
AndroidManifest.xml
Root Detection
Intents
Build Settings
Checklist
Crypto APIs
Local Authentication
Misc
Network APIs
Network Controls
Tutorial
Other
Platform APIs
Resources
Backups
Static Analysis
Traffic Analysis
Certifications
Certifications
OASP
OSEP
OSWE
Cheatsheets
Cheatsheets
AWS Cli Cheatsheet
Bettercap
Frida & Objection cheatsheet
WebApplication Tooling
Configure WinDBG
adb Cheatsheet
Drozer cheatsheet
Jdb cheatsheet
R2frida cheatsheet
Cloud
Cloud
AWS Assessment
Azure AD Assessment
Azure
Azure Hardening Checklist
Azure best practices for network security
GCP Assessement
Kubernetes Assessment
Platform Agnostic Testing
Terraform Assessment
Code Snippets
Code Snippets
Hooking events using Inotify in C
C Linux Bind Shell
CMD Library
Databases
Databases
HSQLDB
MySQL
PSQL
SqlLite
Desktop Application Testing
Desktop Application Testing
C++ Win32 Applications
Checklist
Frida Windows
Hooking into an ELF binary
Tips and tricks
Win32 Internals
Evasion
Evasion
ASMI Bypass
Abusing Signed Executables
DNS Staging
Resources
Exploit Development
Exploit Development
Learning Resources
WinDbg
Msfvenom
IoT Testing
IoT Testing
Embedded Linux
Linux
Linux
Convert Debain to Kali
Kerberos
Local Machine Persistence
Miscellaneous
Privilege Escalation Checklist
Miscellaneous
Miscellaneous
Binaries
Convert Debain to Kali
Empire 4.0
Git
Hashcat
Interesting Reads
My host setup
PWN
Physical Attacks
Pivot & Tunnel
Scripting
Interactive Shells
Simple Servers
Social Engineering
Wordlists
jq
neo4j
Network Pen test
Network Pen test
Automation
DNS
DNS Rebind Attacks
IPv6
MSRPC
Port Scan
Resources
SMB
SMTP
SSH
Sniffing
gRPC
Security Consultancy
Security Consultancy
Obtaining Authorization
Scoping
Prerequisites checklists
Prerequisites checklists
Cloud Config Reviews
Web Application and API Penetration testing
Risk Rating
Risk Rating
CVSS 3.1
CVSS Shortcomings
OWASP Risk Rating
OWASP Shortcomings
Server Administration
Server Administration
2FA SSH
Headscale Work in progress
Nginx Work in Progress
SEO Optimization
Source Code Review
Source Code Review
Bash Scripting
DotNet Debugging
Methodology
Database Logging
Methodology
Misc
Node
PHP
Python Debugging
Resources
Tooling
Java
Technical Writing
Technical Writing
Grammar
Public Pen test reports
Technical Writing for Educators - Work in progess
Technical Writing for Engineers
Writing Checklist
Writing Error Messages Checklist
Writing Helpful Error Messages
Technologies Explained
Technologies Explained
Tailscale
Web Applications testing
Web Applications testing
Burp Extensions
CMS
Resources
Salesforce Testing
Tips and Tricks
WAF & Directory Brute Forcing
API
API
API Testing Checklist
API Tooling
Resources
Attacks
Attacks
AWS LocalStack
CORS
CSRF
CSV Injection
ClickJacking
Dangling markup injection
OGN/Expression Language Injection
HTTP Host header
LDAP Injection
Leak Server IP Address (WAF bypass)
Logic Attacks
Methodoloy
Misc
OAuth Workflow
SSL Certificate
SSRF
SSTI
Serialization
Server Side Include/SSI
Web cache poisoning
WebSockets & WebWorkers
XSLT Engines
XSS
Web Servers
Web Servers
Head Smuggling
Nginx
Mitigations & Protections
Mitigations & Protections
CSRF
Click Jacking
MIME Sniffing
SSL Strip attack
WebSockets
Mitigations
iOS Application Testing
iOS Application Testing
Basics
Burp Suite Setup
Connect to Shell Over USB
Extract IPA From AppStore Application
Frida Setup
Frida
LLDB
Learning Resource
My Setup
Objection
Reversing iOS Apps with Ghidra
Tweaks
DNS Staging
Unveiling DNSStager: A tool to hide your payload in DNS - Shells.Systems