When I started out as a developer you quickly realize that Stack Overflow is the a lifeline a new developer and a time saver once you become more experienced. However in security you don't get one helpful site that you can copy and paste the solution. The good news is that over I have found a list of sites that I bookmark as they are extremely useful when you are in the middle of an engagement.
Hacktricks
This site is the handbook of penetration testing, covering just about everything that you would need to get through a engagement or pwning a box. What I like most of this is the pages on services and the ports. For example if you just performed a nmap scan and got back port 3690 being open but you don't know anything about that this is the site for you. Simply scroll down or Ctrl-F "3690" and you'll see a page specifically on Pentesting Subversion (svn server). It then breaks down all the actions you can perform on that service related to pen testing. In minutes you're download that repository with the cleartext passwords in the commit messages.
GTFObins
Knowledge of Linux binaries is the key to many privilege escalations. Knowing how to execute a shell with find or file uploads with vim isn't something I personally memorized so thankfully there is a site for that. Let me give you a scenario when you would use this. You just got your foothold as a low level user and did all your enumeration to find that date has SUID permission. Going to GTFObins you can search date to find out that it has a file read function allowing you to read that file on the administrators desktop. Saved me from yelling "who would know that" when looking through walkthroughs.
Living Off The Land Binaries, Scripts and Libraries
This is the Windows equivalent to GTFObins. I'll be honest I haven't used this site much but I think it's important to keep these 2 together. It also seems like this is a lot more experimental as many of the techniques are being discovered by researchers posted in twitter and github. I want to dive into this more when I get the opportunity.
WADComs
WADComs is a mind map for Windows and Linux. It's extremely helpful when you're stuck or your brain is fried from a long day. If you have some information and have identified services you can plug that into WADComs and it will give you a list of commands for whatever stage of the engagement you are in. I like this side specifically for the Active Directory services assistant it provide as well.
0xdf hacks stuff
I know there are hundreds of sites that have write ups of hackthebox machines but the reason I like this one specifically is the tags. 0xdf tags every writeup with every service that appears or any program that is used in the write up. This is super helpful when you have discovered something similar in your own engagement but want to see some examples. Just click tags and CTRL-F whatever you are looking for and 0xdf will provide a list of machine writeups that contain that service/program/etc.
Site: https://0xdf.gitlab.io/
Ippsec
Ippsec post videos of most every box from hackthebox and walkthrough how to solve that machine. Ippsec is just the video equivalent of 0xdf but some people are more visual learners or 0xdf left out a step that was just unclear.
Site: https://ippsec.rocks/?#
Comments