Skip to content

MichalSzalkowski.com/security

Links

Initializing search

MichalSzalkowski.com/security

Home
Bruteforce
CTF
Kali
Binary
Binary
Enumeration
Enumeration
Links
Links
- Laboratory
- Links Links
  Table of contents
Linux
Linux
Metasploit
Metasploit
- msfvenom
Mobile
Mobile
- apk
- Laboratory-Mobile
Other
Other
- Kali Docker
- Pacu. iam__privesc_scan
Payloads
Payloads
Pentesting ports
Pentesting ports
Pentesting web
Pentesting web
- 0xdf.scf
- Apache Tomcat
- CGI
- CMS Made Simple
- ColdFusion 8
- cors
- Couch db
- Drupal
- File inclusion
- File Upload bypass
- Grafana
- iframe
- index of
- Jenkins
- JWT
- lxd/lxc group
- Magento
- Microsoft-IIS/7.5
- Microsoft SQL Server 2017 RTM
- nagios
- NoSql
- PHP LFI with RCE
- phpinfo
- phpmyadmin
- postfix-shellshock
- postMessage
- Python RCE
- WebAssembly
- webdav
- Wordpress
- XSS
Script
Script
Sso
Sso
Stego
Stego
Tool
Tool
- American fuzzy lop
- Amass
- AutoRecon
- bloodhound
- Censys
- cewl
- Chkrootkit
- crackmapexec
- Curl
- curlx.sh
- Microsoft Access Database
- Digbit
- Dirb
- DnsEnum
- evil-winrm
- ffuf
- Firefox
- ftp
- GHDB - Google hacking database
- GIT Dumper
- Gobuster
- Hashcat
- Host tracker
- hping3
- hydra
- impacket
- IP
- John
- kerbrute
- MongoDB
- Ncrack
- Netcat
- nishang
- Nmap
- PEASS-ng
- PHP
- ping
- Powercat
- PRET
- Protocol Buffers
- pwntools
- Python
- RKhunter
- Rubeus
- semgrep
- Sherlock.ps1
- Socat
- Sqlmap
- SSL
- Tcpdump
- Tweep
- unicornscan
- wget.vbs
- wgetx.sh
- Wordpress check
- xfreerdp
- xml
Vulnerabilities
Vulnerabilities
- Command Injection
- CSRF
- IDOR
- xee
- XXS
Windows
Windows
- HTA Reverse Connection
- Information gathering (windows)
- Local Persistence
- PowerShell
- Windows Privilege Escalation
- Rev-Shell dropper
- Transfer file
- Windows groups
- Active directory
  Active directory
- Pipe
  Pipe

Table of contents

Security Blog's
Search engine
OWASP
Safecode
Web
Vulnerability information source
Othe

Links

Security Blog's

AWS Security Blog
Cyber Security Sauna
CyberScoop
Full Disclosure
Google Online Security Blog
https://jasonhaddix.com
Naked Security
Null Byte
Packet Storm Security
Pivot Point Security
The Threatpost Podcast
WeLiveSecurity
Sucuri Blog
Graham Cluley
The Registerc Security
The Hacker News
RCE Security
Exploit Collector
Sekurak (pl)
Zaufana Trzecia Strona (pl)

Search engine

https://www.shodan.io/
https://censys.io/
https://www.zoomeye.org/

OWASP

OWASP Top Ten
OWASP Application Security Verification Standard Project
OWASP Mobile Application Security Verification
OWASP Proactive Controls

Safecode

https://safecode.org/publications/
https://safecode.org/training/
http://safecode.org/wp-content/uploads/2018/01/SAFECode_Agile_Dev_Security0712.pdf
http://safecode.org/wp-content/uploads/2018/01/SAFECode_Dev_Practices0211.pdf

Web

https://cheatsheets.pragmaticwebsecurity.com
https://pragmaticwebsecurity.com/talks/commonapisecuritypitfalls

Vulnerability information source

https://nvd.nist.gov/products/cpe/search
https://cve.mitre.org/
https://www.exploit-db.com
https://www.securityfocus.com/
Full Disclosure Mailing List
Hackerone internet
Packet Storm
CERT Vulnerability Notes Database

Othe

Framework Secure Software
Cyberespionage Are you aware of the risks?
Hacking iOS Applications
Engineering Principles for Information Technology Security
https://kali.training/lessons/introduction/