This repository contains resources, tools, and documentation related to cybersecurity, penetration testing, and Capture The Flag (CTF) challenges.
- Overview
- Repository Structure
- CTF Challenges
- Penetration Testing Methodologies
- Tools & Techniques
- References
ctf/
tryhackme/
pickle_rick/
nmap/
...- ctf/: Contains CTF challenge writeups and resources.
- tryhackme/: Subdirectory for TryHackMe rooms and walkthroughs.
- pickle_rick/: Example room with enumeration and exploitation artifacts.
- nmap/: Network scan outputs and enumeration results.
This repository includes detailed writeups and artifacts for various CTF challenges. Each challenge directory may contain:
- Reconnaissance and enumeration results (e.g., Nmap, Gobuster, Nikto outputs)
- Exploitation scripts and payloads
- Post-exploitation notes
- Flag locations and extraction methods
The repository follows standard penetration testing phases:
- Reconnaissance: Passive and active information gathering (WHOIS, DNS, OSINT).
- Scanning & Enumeration: Network mapping (Nmap), service enumeration, vulnerability scanning.
- Exploitation: Gaining access using exploits, custom payloads, or misconfigurations.
- Post-Exploitation: Privilege escalation, persistence, data exfiltration.
- Reporting: Documentation of findings, vulnerabilities, and remediation steps.
- Nmap: Network discovery and vulnerability scanning.
- Gobuster/Dirbuster: Directory and file brute-forcing.
- Hydra/Medusa: Brute-force attacks on authentication services.
- Metasploit: Exploit development and execution.
- Burp Suite: Web application security testing.
- Custom Scripts: Python, Bash, and PowerShell scripts for automation.
nmap -sC -sV -oA nmap/initial <target-ip>- Cybersecurity Wiki
- Awesome Hacking
- OWASP Top Ten
- MITRE ATT&CK
- NIST Cybersecurity Framework
- TryHackMe
- Hack The Box
For educational and authorized testing purposes only. Always obtain proper permission before conducting any security testing.