A comprehensive, beginner-to-advanced guide to mastering ethical hacking, penetration testing, and cybersecurity.
This repository curates the best bug bounty resources, OSINT tools, CTF challenges, and privilege escalation techniques, along with Linux commands, Metasploit usage, and networking fundamentals — making it a perfect learning hub for aspiring ethical hackers and seasoned professionals.
- Learn the principles of ethical hacking and hacking methodologies
- Explore Linux basics and essential networking concepts
- Understand web application security and common vulnerabilities
- Complete penetration testing roadmaps
- Real-world bug bounty practice labs from TryHackMe & HackTheBox
- Privilege escalation guides for Linux and Windows systems
- Reconnaissance using free and open-source tools
- Social media and domain footprinting techniques
- CTF walkthroughs to sharpen problem-solving skills
- Cryptography puzzles and reverse engineering practice
- Metasploit exploitation framework
- Reverse engineering malware samples
- Secure coding and web application security testing
- Ethical hacking & penetration testing
- Bug bounty hunting & OSINT investigation
- Networking & Linux system administration
- Cryptography & reverse engineering
- Privilege escalation on Linux & Windows
- 🧑💻 TryHackMe
- 🕵️ HackTheBox
- Pentesting
- OSINT
- Introduction to Research
- Linux
- Linux Fundamentals
- Linux Privilage Escalation
- Linux Challenges
- Abusing SUID/GUID
- Security Misconfiguration
- Misconfigured Binaries
- Exploitation LXC/Docker
- Exploiting Crontab
- Capabilities
- Exploiting PATH Variable
- Networking
- Networking Fundamentals
- Network Enumeration
- Port Poking
- SMB Fundamentals, Enumeration, Exploitation
- Telnet Fundamentals, Enumeration, Exploitation
- FTP Fundamentals, Enumeration, Exploitation
- NFS Fundamentals, Enumeratuion, Exploitation
- SMTP Fundamentals, Enumeratuion, Exploitation
- DNS Enumeration
- Pop3 Enumeration
- Reverse Shells
- Network Tunneling
- Web Application Security
- Web Application Security Fundamentals
- Web Application Challenges
- Web Poking
- Insecure Direct Object Reference
- Forced Browsing
- API bypassing
- Command Injection
- Blind Command Injection
- Active Command Injection
- Privileged Remote and Client-Side Command Execution
- Cause
- Cross-site Scripting
- Directory Traversal
- Log Poisoning
- Server Side request forgery
- XML External Entity
- SQL Injection
- Effect
- OS Command Injection
- Local File Inclusion
- Remote File Inclusion
- Cross-site XMLHttpRequest
- Cryptography
- Character Encoding
- Leet Speak 1337
- URL Encoding
- HTML Entity
- Arithmetics Encoding
- Decimal
- Binary
- Hex
- Substitution Cipher
- ROT11
- ROT13
- ROT13 (Amount 14)
- ROT47
- Poly-Alphabetic Cipher
- Vigenère
- Binary-to-text encoding
- Base10
- Base16
- Base32
- Base58
- Base62
- Base64
- Base85
- Base91
- Programming Language
- Brainfuck
- Spoon
- Communication System
- Morse Code
- Morse Code (Audio)
- Modern Cryptography
- AES
- RSA
- Character Encoding
- Steganography
- Common Vulnerabilities and Exposures (CVE)
- CVE-2004-1561 - Icecast 2.0.1
- CVE-2014-0160 - OpenSSL 1.0.1 - 1.0.1f
- CVE-2014-0346 - OpenSSL 1.0.1 - 1.0.1f
- CVE-2014-6271 - shellshock
- CVE-2014-6287 - Rejetto HTTP File Server (HFS) 2.3.x
- CVE-2015-1328 - Linux Kernel 3.13.0 < 3.19
- CVE-2015-7501 - Jboss Java Deserialization
- CVE-2017-0213 - Windows COM Aggregate Marshaler/IRemUnknown2
- CVE-2017-8917 - Joomla! 3.7.0
- CVE-2019-6714 - BlogEngine.NET 3.3.6
- CVE-2019-7609 - Kibana Timelion < 5.6.15 and 6.6.1
- CVE-2019-9053 - CMS Made Simple < 2.2.10
- CVE-2019-14287 - Sudo < 1.8.28
- CVE-2019-15949 - Nagios XI
- CVE-2017-16995 - Linux Kernel < 4.13.9
- CVE-2018-17057 - LimeSurvey < 3.16
- CVE-2019-18634 - Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
- CVE-2020-1938 - Apache Tomcat
- CVE-2020-12772 - Spark 2.8.3
- Exploitation
- Metasploit
- Metasploit Challenges
- Hash Cracking
- Brute Forcing
- Brute Forcing Challenges
- Brute Forcing (Zip)
- Brute Forcing (FTP)
- Brute Forcing (http-get)
- Brute Forcing (http-post-form)
- Brute Forcing (Burp Intruder)
- Brute Forcing (Wordpress)
- Brute Forcing (Joomla)
- Brute Forcing (Json API)
- Brute FOrcing (SSH)
- Brute Forcing (SSH Key)
- Brute Forcing (pfx)
- Brute Forcing (Hash)
- Brute Forcing (Vigenere)
- Brute Forcing (NTML)
- Brute Forcing (Binary)
- Brute Forcing (GPG)
- Brute Forcing (KDBX KeePass)
- Windows
- Windows Fundamentals
- Windows Privilage Escalation
- Windows Post-Exploitation
- Windows Challenges
- Databases
- Scripting
- Scripting Challenges
- Forensic
- System Forensic
- Network Forensic
- Reverse Engineering
- Reverse Engineering Challenges
- Puzzle Challenges
- Miscellaneous
- Tutorial
- TryHackMe Tutorial
- Kali Machine
- TryHackMe Tutorial
- Getting Started
- TryHackMe Tutorial
- Web Poking
- Starting Out In Cyber Sec
- TryHackMe Tutorial
- Cyber Security Career Paths
- Introductory Researching
- OSINT
- Vulnerability Analysis
- Linux Fundamentals
- Google Dorking
- OSINT
- OhSINT
- OSINT
- Steganography
- Passive Web Enumeration
- Geolocating Images
- Geolocating
- OSINT
- Shodan.io
- Shodan.io Fundamentals
- OSINT
- Sublist3r
- Sublist3r Fundamentals
- OSINT
- Web Enumeration
- Learn Linux
- Linux Fundamentals
- NIS - Linux Part I
- Linux Fundamentals
- The find command
- Linux Fundamentals
- Linux find Command
- Ninja Skills
- Linux Fundamentals
- Linux find Command
- Linux: Local Enumeration
- Linux Fundamentals
- Linux Local Enumeration
- Linux Challenges
- Linux Fundamentals
- Linux find Command
- Privilage Escalation
- Cryptography
- Base64
- Hex
- SQL Enumeration
- Networking
- Network Fundamentals
- Nmap
- NMAP Fundamentals
- Network Enumeration
- Wireshark 101
- Wireshark Fundamentals
- Network Forensics
- Introductory Networking
- Network Fundamentals
- Network Forensics
- Network Enumeration
- Network Services
- SMB Fundamentals
- SMB Enumeration
- SMB Exploitation
- Telnet Fundamentals
- Telnet Enumeration
- Telnet Exploitation
- FTP Fundamentals
- FTP Enumeration
- FTP Exploitation
- Network Services 2
- NFS Fundamentals
- NFS Enumeratuion
- NFS Exploitation
- SMTP Fundamentals
- SMTP Enumeratuion
- SMTP Exploitation
- MySQL Fundamentals
- MySQL Enumeratuion
- MySQL Exploitation
- Web Fundamentals
- Web Fundamentals
- Burp Suite
- Web Application Analysis
- Burp Suite Fundamentals
- Web Scanning
- Web Application Analysis
- OWASP Zap Fundamentals
- OWASP ZAP
- Web Application Analysis
- OWASP Zap Fundamentals
- Nessus
- Web Application Analysis
- Nesus Fundamentals
- Content Security Policy
- Content Security Policy Fundamentals
- Bypass Content Security Policy
- Upload Vulnerabilities
- Bypassing Client-Side Filtering
- Bypassing Server-Side Filtering: File Extensions
- Bypassing Server-Side Filtering: Magic Numbers
- Cross-site Scripting
- Stored XSS
- Reflected XSS
- DOM-Based XSS
- Filter Evasion
- Authenticate
- Brute Force (http-post-form)
- Re-registration
- JSON Web Token
- SSRF
- Server Side request forgery (SSRF)
- XXE
- XML Fundamentals
- XML External Entity (XXE)
- ZTH: Web 2
- Insecure Direct Object Reference
- Forced Browsing
- API Authentication Bypass
- OWASP Top 10
- Injection
- OS Command Injection
- Command Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entity
- Broken Access Control
- Security Misconfiguration
- Cross-site Scripting
- Insecure Deserialization
- Known Vulnerabilities
- Insufficient Logging and Monitoring
- OWASP Juice Shop
- Web Poking
- OSINT
- Email Injection
- Brute Forcing (Burp Intruder)
- Sensitive Data Exposure
- Poison Null Byte
- Broken Access Control
- Cross-site Scripting
- WebAppSec 101
- Network Enumeration
- Web Poking
- Security Misconfiguration
- Cross-site Scripting
- Injection
- Logic Flaws
- ZTH: Obscure Web Vulns
- Server Side Template Injection (SSTI)
- Cross-site Request Forgery (CSRT)
- Json Web Token (JWT)
- XML External Entity Injection (XXE)
- CTF collection Vol.2
- Network Enumeration
- Web Enumeration
- Web Poking
- Cryptography
- Hex
- URL encoding
- Base64
- SQL Enumeration
- Brute Forcing Hash
- Web Cookie Manipulation
- Web Header Manipulation
- Python Scripting (Decoder)
- Reverse Engineering
- UNSOLVED: Internal
- Network Enumeration
- Web Enumeration
- Enumeration (Wordpress)
- Exploitation (Wordpress)
- Avengers Blog
- Cookie Enumeration
- Web Header Eumeration
- Network Enumeration
- Web Poking
- FTP Enumeration
- SQL Injection
- Command Injection
- AttackerKB
- Network Enumeration
- Webmin 1.890 Exploit
- Metasploit (webmin_backdoor)
- ToolsRus
- Web Enumeration
- Web Application Analysis
- Network Enumeration
- Brute Forcing HTTP-GET
- Exploitation Tomcat
- Vulnversity
- Network Enumeration
- Web Enumeration
- Exploitation Upload
- Abusing SUID/GUID
- Ignite
- Network Enumeration
- Web Enumeration
- Security Misconfiguration
- Exploitation Upload
- Stored Passwords & Keys
- Dav
- Network Enumeration
- Web Enumeration
- Security Misconfiguration
- WebDav Enumeration
- Misconfigured Binaries
- Tartarus
- Network Enumeration
- Web Enumeration
- FTP Enumeration
- Brute Forcing (http-post-form)
- Exploitation Upload
- Security Misconfiguration
- Mr Robot CTF
- Network Enumeration
- Web Enumeration
- Brute Forcing (Wordpress)
- Brute Forcing (Hash)
- Abusing SUID/GUID
- Boiler CTF
- FTP Enumeration
- Network Enumeration
- Web Enumeration
- Exploitation Joomle Sar2HTML 3.2.1
- Stored Passwords & Keys
- Abusing SUID/GUID
- ConvertMyVideo
- Network Enumeration
- Web Enumeration
- Web Poking
- Remote File Inclusion
- Brute Forcing (Hash)
- Injection
- Command Injection Fundamentals
- Blind Command Injection
- Active Command Injection
- LFI Basics
- Local File Inclusion Fundamentals
- Directory Traversal
- Log Poisoning
- LFI
- Local File Inclusion
- Directory Traversal
- Misconfigured Binaries (/bin/journalctl)
- Inclusion
- Network Enumeration
- Directory Traversal
- Brute Forcing Hash
- Misconfigured Binaries
- dogcat
- Network Enumeration
- Web Enumeration
- Web Poking
- Local File Inclusion
- Directory Traversal
- Python Scripting (Log Poisoning)
- Log Poisoning
- Abusing SUID/GUID
- Misconfigured Binaries
- Develpy
- Network Enumeration
- Code Injection (RCE)
- Exploiting Crontab
- Carpe Diem 1
- Network Enumeration
- Web Poking
- Web Enumeration
- Cross-site XMLHttpRequest
- Enumeration (GraphQL)
- Brute Forcing (KDBX KeePass)
- Game Zone
- SQL Injection
- Brute Forcing (Hash)
- SSH Tunneling
- Privileged Remote and Client-Side Command Execution
- Jurassic Park
- Network Enumeration
- Web Enermeration
- Bash SCripting (Fuzzing)
- SQL Enumeration
- SQL Injection
- Linux Enumeration
- Misconfigured Binaries
- CC: Steganography
- Steganography
- Musical Stego
- Steganography
- c4ptur3-th3-fl4g
- Cryptography
- L33t
- Binary
- Base32
- Base64
- Hex
- ROT13
- ROT47
- Morse Code
- Decimal
- Steganography
- Cryptography
- CTF collection Vol.1
- Cryptography
- Base64
- Base58
- ROT13
- Caesar
- Brainfuck
- Hex
- Vigenère
- Decimal
- Steganography
- Revers Engineering
- Web Poking
- Cryptography
- The Impossible Challenge
- Cryptography
- ROT13
- ROT47
- Hex
- Base64
- Web Poking
- Steganography
- Cryptography
- Pickle Rick
- Network Enumeration
- Web Enumeration
- Web Poking
- Cryptography
- Base64
- Misconfigured Binaries
- Cicada-3301 Vol:1
- Steganography
- Cryptography
- Base64
- Vigenère
- What the Shell?
- Reverse Shell Fundamentals
- Shell Stabilisation
- Common Shell Payloads
- Metasploit (multi/handler)
- Msfvenom (Payloads)
- WebShells
- BasicPentesting
- Web Enumeration
- Linux Enumeration
- Brute Forcing Hash
- Brute Forcing SSH Key
- CC: Pen Testing
- Network Enumaration
- Web Enumeration
- Exploitation
- SQL Injection
- SMB Enumaration
- Brute Forcing Hash
- Misconfigured Binaries
- Sudo Security Bypass
- Misconfigured Binaries
- CVE-2019-14287 - Sudo < 1.8.28
- Sudo Buffer Overflow
- Misconfigured Binaries
- CVE-2019-18634 - Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
- kiba
- Network Enumeration
- CVE-2019-7609 - Kibana Timelion < 5.6.15 and 6.6.1
- Capabilities
- tomghost
- Network Enumeration
- CVE-2020-1938 - Apache Tomcat
- Brute Forcing (GPG)
- Misconfigured Binaries
- hackerNote
- Network Enumeration
- Web Enumeration
- Username timing attack
- Brute Forcing (http-post-form)
- CVE-2019-18634 - Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
- Agent Sudo
- Network Enumeration
- Web Header Manipulation
- Brute Forcing (FTP)
- Brute Forcing (Zip)
- Steganography
- Cryptography
- Base64
- OSINT
- CVE-2019-14287 - Sudo < 1.8.28
- Ghizer
- Network Enumeration
- Security Misconfiguration
- CVE-2018-17057 - LimeSurvey < 3.16
- Stored Passwords & Keys
- Abusing SUID/GUID
- NerdHerd
- Network Enumeration
- Linux Enumeration
- FTP Enumeration
- SMB Enumeration
- Steganography
- Cryptography
- Base64
- Vigenère
- CVE-2017-16995 - Linux Kernel < 4.13.9
- Daily Bugle
- Network Enumeration
- Web Poking
- Enumeration (Joomla)
- CVE-2017-8917 - Joomla! 3.7.0
- Brute Forcing (Joomla)
- Stored Passwords & Keys
- Misconfigured Binaries
- UNSOLVED: GoldenEye
- Network Enumeration
- Cryptography
- HTML Entity
- Base64
- Pop3 Enumeration
- Brute Force (Pop3)
- Stored Passwords & Keys
- Steganography
- CVE-2015-1328 - Linux Kernel 3.13.0 < 3.19
- Simple CTF
- Web Enumeration
- Network Enumeration
- CVE-2019-9053 - CMS Made Simple < 2.2.10
- Brute Forcing (SSH)
- Misconfigured Binaries
- Tony the Tiger
- Network Enumeration
- Web Poking
- CVE-2015-7501 - Jboss Java Deserialization
- Stored Passwords & Keys
- Misconfigured Binaries
- Brute Forcing (Hash)
- HeartBleed
- HeartBleed
- CVE-2014-0346 - OpenSSL 1.0.1 - 1.0.1f
- CVE-2014-0160 - OpenSSL 1.0.1 - 1.0.1f
- Metaspliot
- Metasploit Fundamentals
- Networking
- Network Enumeration
- Vulnerability Analysis
- Reverse Shell
- Exploitation
- Network Tunneling
- Source
- Network Enumeration
- Metasploit (webmin_backdoor)
- Bolt
- Network Enumeration
- Web Enumeration
- Web Poking
- Security Misconfiguration
- Using Metasploit
- Exploitation Bolt CMS 3.7.0
- Blue
- Network Enumeration
- Metasploit (MS17-010)
- Metasploit (hashdump)
- Brute Forcing (Hash)
- Ice
- Network Enumeration
- CVE-2004-1561 - Icecast 2.0.1
- Metasploit (local_exploit_suggester)
- Metasploit (bypassuac_eventvwr)
- Blog
- Network Enumeration
- Enumeration (Wordpress)
- Metasploit (wp_crop_rce)
- Abusing SUID/GUID
- Nax
- Network Enumeration
- Steganography
- CVE-2019-15949 - Nagios XI
- Metasploit (nagios_xi_authenticated_rce)
- Poster
- Network Enumeration
- Metasploit (postgres_login)
- Metasploit (postgres_sql)
- Metasploit (postgres_hashdump)
- Metasploit (postgres_readfile)
- Metasploit (postgres_copy_from_program_cmd_exec)
- Stored Passwords & Keys
- Misconfigured Binaries
- Encryption - Crypto 101
- Brute Forcing
- Hashing - Crypto 101
- Brute Forcing
- Hydra
- Hydra Fundamentals
- Brute Forcing (FTP
- Brute Forcing (SSH)
- Brute Forcing (http-post-form)
- UNSOLVED: Crack the hash
- Brute Forcing
- Brute It
- Network Enumeration
- Web Enumeration
- Souce Code Enumeration
- Brute Forcing (http-post-form)
- Brute Forcing (SSH)
- Misconfigure Binary (/bin/cat)
- Brute Forcing (Hash)
- Mnemonic
- Network Enumeration
- Web Poking
- Web Enumeration
- Brute Forcing (Zip)
- Brute Forcing (FTP)
- Brute Forcing (SSH)
- Cryptography
- Base64
- Misconfigured Binaries
- CherryBlossom
- Network Enumeration
- Web Enumeration
- Rerverse Engineering
- Brute Forcing (Zip)
- Brute Forcing (Hash)
- Brute Forcing (SSH)
- Brute Forcing (Hash)
- CVE-2019-18634 - Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
- Anonforce
- Network Enumeration
- FTP Enumeration
- Brute Forcing GPG
- Backup Poking
- Brute Forcing Hash
- Tempus Fugit Durius
- Network Enumeration
- Code Injection
- Stored Passwords & Keys
- Exploitation FTP
- DNS Enumeration
- SQL Enumeration
- Brute Forcing (Hash)
- Common Linux Privesc
- Privilege Escalation Fundamentals
- Privilege Escalation Enumeration
- Abusing SUID/GUID
- Exploiting Writeable
- Misconfigured Binaries
- Exploiting Crontab
- Exploiting PATH Variable
- Linux PrivEsc
- Misconfigured Services
- Exploiting Writeable
- Brute Forcing Hash
- Misconfigured Binaries
- Exploiting PATH Variable
- Exploiting Crontab
- Abusing SUID/GUID
- Linux Enumeration
- Stored Passwords & Keys
- NFS Enumaration
- Kernel Exploits
- Linux PrivEsc Arena
- Kernel Exploits
- Stored Passwords & Keys
- Misconfigured Binaries
- Abusing SUID/GUID
- Capabilities
- Exploiting Crontab
- NFS Enumaration
- RootMe
- Network Enumeration
- Web Enumeration
- Abusing SUID/GUID
- Anonymous
- Network Enumeration
- SMB Enumeration
- FTP Enumeration
- Security Misconfiguration
- Abusing SUID/GUID
- Jack-of-All-Trades
- Network Enumeration
- Web Poking
- Cryptography
- Base64
- Base32
- Hex
- ROT13
- Steganography
- Code Injection (RCE)
- Brute Forcing SSH
- Abusing SUID/GUID
- harder
- Network Enumeration
- Web Enumeration
- Security Misconfiguration
- Enumeration (Git)
- Code Injection
- Exploiting Crontab
- Abusing SUID/GUID
- Racetrack Bank
- Network Enumeration
- Web Enumeration
- Code Injection
- Abusing SUID/GUID
- Kenobi
- Network Enumeration
- SMB Enumeration
- SMB Exploitation
- Abusing SUID/GUID
- Network Enumeration
- FTP Enumeration
- Brute Forcing SSH
- Security Misconfiguration
- Erit Securus I
- Network Enuemration
- Exploitation Bolt CMS 3.7.0
- SQL Enumeration
- Brute Forcing (Hash)
- Misconfigured Binaries (/usr/bin/zip)
- Brooklyn Nine Nine
- Wgel CTF
- Network Enumeration
- Web Enumeration
- Web Poking
- Security Misconfiguration
- Misconfigured Binaries
- LazyAdmin
- Network Enumeration
- Web Enumeration
- Backup Poking
- Brute Forcing (Hash)
- Misconfigured Binaries
- Revenge
- Network Enumeration
- SQL Enumeration
- Brute Forcing (Hash)
- Misconfigured Binaries
- StuxCTF
- Network Enumeration
- Web Poking
- Cryptography
- AES
- Local File Inclusion
- Misconfigured Binaries
- Year of the Pig
- Network Enumeration
- Web Enumeration
- Brute Forcing (http-get)
- Local File Inclusion
- SQL Enumeration
- Misconfigured Binaries
- Bounty Hacker
- Network Enumeration
- FTP Enumeration
- Brute Forcing (SSH)
- Misconfigured Binaries
- symfonos6
- Network Enumeration
- Web Enumeration
- Cross-site Scripting
- Stored Passwords & Keys
- Code Injection
- Misconfigured Binaries
- Overpass
- Network Enumeration
- Web Enumeration
- Web Poking
- Cookie Manipulation
- Brute Forcing (SSH)
- Cryptography
- ROT47
- Linux Enumeration
- Exploiting Crontab
- Abusing SUID/GUID
- Misconfigured Binaries
- Misguided Ghosts
- Network Enumeration
- FTP Enumeration
- Port Knocking
- Web Enumeration
- SSL Enumeration
- Cookie Manipulation
- Code Injection
- Brute Forcing (Vigenere)
- SMB Enumeration
- Brute FOrcing (SSH)
- Misconfigured Binaries
- Library
- Network Enumeration
- Web Enumeration
- Web Poking
- Brute Forcing (SSH)
- Misconfigured Binaries
- Python Scripting (Rev Shell)
- Year of the Fox
- Network Enumeration
- SMB Enumeration
- Linux Enumeration
- Brute Force (http-get)
- Code Injection
- Network Tunneling
- Brute Force (SSH)
- Misconfigured Binaries
- Inoculation
- Network Enumeration
- Web Enumeration
- Web Poking
- Misconfigured Binaries
- Kernal Exploitation
- GamingServer
- Network Enumeration
- Web Enumeration
- Web Poking
- Security Misconfiguration
- Brute Forcing Hash
- Exploitation LXC
- HA Joker CTF
- Network Enumeration
- Web Enumeration
- Brute Forcing (http-get)
- Backup Poking
- Brute Forcing (Zip)
- Stored Passwords & Keys
- SQL Enumeration
- Brute Forcing (Hash)
- Exploitation (LXC)
- For Business Reasons
- Network Enumeration
- Web Enumeration
- Enumeration (Wordpress)
- Brute Forcing (Wordpress)
- Exploitation (Wordpress)
- Security Misconfiguration
- Stored Passwords & Keys
- Network Tunneling
- Exploitation (LXC)
- UltraTech
- Network Enumeration
- Web Enumeration
- Web Poking
- Command Injection
- Brute Forcing Hash
- Exploitation Docker
- The Marketplace
- Network Enumeration
- Web Enumeration
- Web Cookie Manipulation
- SQL Enumeration
- Misconfigured Binaries
- Exploitation Docker
- Year of the Dog
- Network Enumeration
- SQL Injection
- Reverse Engineering
- SQL Manupilation
- Git Hook Exploitation
- Docker Escape
- CMesS
- Network Enumeration
- Web Enumeration
- DNS Enumeration
- Stored Passwords & Keys
- SQL Enumeration
- Backup Poking
- Exploiting Crontab
- Jack
- Network Enumeration
- Web Enumeration
- Enumeration (Wordpress)
- Brute Forcing (Wordpress)
- Code Injection (RCE)
- Exploiting Crontab
- Skynet
- Network Enumeration
- Web Enumeration
- SMB Enumeration
- Brute Forcing (http-post-form)
- Local File Inclusion
- Directory Traversal
- Exploiting Crontab
- Easy Peasy
- Network Enumeration
- Web Enumeration
- Cryptography
- Base64
- Base62
- Binary
- Web Poking
- Brute Forcing (Hash)
- Stegangraphy
- Exploiting Crontab
- Anonymous Playground
- Network Enumeration
- Web Poking
- Cookie Manipulation
- Python Scripting (Decoding)
- Reverse Engineering
- Exploiting Crontab
- Thompson
- Network Enumeration
- Web Enumeration
- Web Poking
- Stored Passwords & Keys
- Metasploit (jsp_shell_reverse_tcp)
- Exploiting Crontab
- Mindgames
- Network Enumeration
- Web Poking
- Code Injection (RCE)
- Capabilities
- Undiscovered
- Network Enumeration
- Web Enumeration
- Brute Forcing (http-post-form)
- Exploitation Upload
- Exploitation NFS
- Exploitation User ID
- Abusing SUID/GUID
- Capabilities
- WWBuddy
- Network Enumeration
- Web Enumeration
- Cross-site Scripting
- Brute Forcing (SSH)
- Exploiting PATH Variable
- Hacking with Powershell
- PowerShell Fundamentals
- Active Directory Basics
- Active Directory Fundamentals
- Post-Exploitation Basics
- Windows Post-Exploitation Fundamentals
- PS Empire
- Empire
- Persistence
- Steel Mountain
- Network Enumeration
- CVE-2014-6287 - Rejetto HTTP File Server (HFS) 2.3.x
- Alfred
- Network Enumeration
- Abusing Token Privileges For LPE
- Blueprint
- Network Enumeration
- Code Injection
- Brute Forcing (NTML)
- HackPark
- Brute Forcing (http-post-form)
- CVE-2019-6714 - BlogEngine.NET 3.3.6
- Directory Traversal
- Windows Enumeration
- Exploiting Scheduler
- Retro
- Network Enumeration
- Web Enumeration
- Web Poking
- CVE-2017-0213 - Windows COM Aggregate Marshaler/IRemUnknown2
- Anthem
- Network Enumeration
- Web Poking
- OSINT
- Security Misconfiguration
- Backup Poking
- Relevant
- Network Enumeration
- SMB Enumeration
- Cryptography
- Base64
- Security Misconfiguration
- msfvenom (Aspx)
- Abusing Impersonation Privileges (PrintSpoofer)
- Iron Corp
- Network Enumeration
- Web Enumeration
- DNS Enumeration
- Brute Forcing (http-get)
- Web Poking
- Remote File Inclusion
- Metasploit (Delegation Tokens)
- Ra
- Network Enumeration
- Web Poking
- SMB Enumeration
- CVE-2020-12772 - Spark 2.8.3
- Brute Forcing (NTML)
- Evil-WinRM
- Code Injection
- Ra 2
- Network Enumeration
- Web Enumeration
- DNS Enumeration
- Brute Forcing (pfx)
- Brute Forcing (NTML)
- Abusing Impersonation Privileges (PrintSpoofer)
- Set
- Network Enumeration
- SSL Enumeration
- Web Poking
- Metasploit (smb_login)
- Linux Enumeration
- SMB Enumeration
- Brute Forcing (Hash)
- 0day
- Network Enumeration
- Web Enumeration
- CVE-2014-6271 - shellshock
- DirtyCow
- Startup
- Network Enumeration
- Web Enumeration
- FTP Enumeration
- FTP Exploitation
- Network Forensic
- Crontab Manipulation
- Smag Grotto
- Network Enueration
- Web Enumeration
- Network Forensics
- Stored Passwords & Keys
- Misconfigured Binaries
- Overpass 2 - Hacked
- Network Forensic
- Code Injection
- Brute Forcing (Hash)
- Reverse Engineering (Go)
- Misconfigured Binaries
- Forensics
- System Forensic
- Volatility Framework
- Volatility
- System Forensic
- Volatility Framework
- Splunk
- Splunk Fundamentals
- System Forensic
- Res
- Redis (RCE)
- Security Misconfiguration
- Abusing SUID/GUID
- Brute Forcing (Hash)
- Misconfigured Binaries
- Jacob the Boss
- Network Enumeration
- Jboss (Exploitation)
- Abusing SUID/GUID
- GraphQL
- GraphQL Fundamentals
- GraphQL Exploitation
- JavaScript Basics
- JavaScript Fundamentals
- Cross-Site Scripting
- Jupyter 101
- Intro to Python
- Coding Python
- Python Fundamemtals
- Scripting
- Coding Python
- Python Scripting
- Introduction to Django
- Coding Python
- Django Fundamentals
- Peak Hill
- Network Enumeration
- FTP Enumeration
- Cryptography
- Binary
- Python Scripting (Decoder)
- Reverse Enginierung
- Misconfigured Binaries
- Python Playground
- Network Enumeration
- Web Enumeration
- Web Poking
- Python Scripting (Decoder)
- Misconfigured Binaries
- Spring
- Network Enumeration
- Web Enumeration
- Git Enumeation
- Exploitation (Spring Boot)
- Brute Forcing (Hash)
- Brute Forcing (SSH Key)
- HaskHell
- Network Enumeration
- Web Enumeration
- Misconfigured Binaries
- Exploiting PATH Variable
- Exploiting Python Flesk
- Intro to x86-64
- Reverse Engineering
- Radar 2 Fundamentals
- CC: Radare2
- Reverse Engineering
- Radar 2 Fundamentals
- Reversing ELF
- Reverse Engineering
- Cryptography
- Base64
- Hex
- Basic Malware RE
- Reverse Engineering
- Buffer Overflow Prep
- Reverse Engineering
- Buffer Overflow
- Aster
- Network Enumeration
- Reverse Engineering (Python)
- Metasploit (asterisk_login)
- Asterisk Call Manager
- Reverse Engineering (Java)
- Recovery
- Network Enumeration
- Reverse Engineering (Bash)
- Exploiting Crontab
- Reverse Engineering (Cpp)
- Binex
- Network Enumeration
- Linux Enumeration
- SMB Enumeration
- Brute Forcing (SSH)
- Abusing SUID/GUID
- Buffer Overflow
- Exploiting PATH Variable
- Brainstorm
- Network Enumeration
- FTP Enumeration
- Reverse Engineering
- Buffer Overflow
- Dave's Blog
- Network Enumeration
- Web Enumeration
- Web Poking
- Code Injection
- MongoDB Enumeration
- Misconfigured Binaries
- Reverse Engineering
- The Blob Blog
- Network Enumeration
- Web Enumeration
- Cryptography
- Base64
- Brainfuck
- Base58
- Vigenère
- Port Knocking
- Stored Passwords & Keys
- FTP Enumeration
- Steganography
- Code Injection
- Rerverse Engineering
- Gatekeeper
- Network Enumeration
- SMB Enumeration
- Reverse Engineering
- Buffer Overflow
- Meterpreter (enum_applications)
- Meterpreter (firefox_creds)
- Psycho Break
- Network Enumeration
- Web Poking
- Cryptography
- Vigenère
- Morse Code (Audio)
- OSINT
- Web Enumeration
- Directory Traversal
- Reverse Engineering
- Steganography
- Brute Forcing (Binary)
- Exploitation Crontab
- Madness
- Web Poking
- Reverse Engineering
- Python Scripting (Fuzzing)
- Steganography
- Abusing SUID/GUID
- Lian_Yu
- Network Enumeration
- Web Enumeration
- Web Poking
- Cryptography
- Base58
- Steganography
- Misconfigured Binaries
- The Server From Hell
- Port Poking
- Bash Scripting (Port Scanning)
- NFS Enumeration
- NFS Exploitation
- Brute Forcing (Zip)
- Escape Ruby Shell
- Capabilities (Tar)
- Break Out The Cage
- Network ENumeration
- FTP Enumeration
- Cryptography
- Base64
- Vigenère
- Abusing SUID/GUID
- Stored Passwords & Keys
- Gotta Catch'em All!
- Network Enumeration
- Web Poking
- Cryptography
- Hex
- ROT13 (Amount 14)
- Base64
- Reverse Enigeering
- Willow
- Network Enumeration
- Web Poking
- Cryptography
- RSA
- Hex
- Brute Forcing (SSH)
- Misconfigured Binaries
- Stored Passwords & Keys
- Steganography
- Biohazard
- Network Enumeration
- Web Poking
- Cryptography
- Base64
- Base32
- Vigenère
- ROT13
- Base58
- Binary
- Hex
- FTP Enumeration
- Steganography
- Stored Passwords & Keys
- Year of the Rabbit
- Network Enumeration
- Web Poking
- Steganography
- Stored Passwords & Keys
- Brute Forcing (FTP)
- Cryptography
- Brainfuck
- Abusing SUID/GUID
- Adventure Time
- Network Enumeration
- FTP Enumeration
- Bash Scripting (Loop)
- Staganography
- Web Poking
- Web Enumeration
- SSL Enumeration
- Cryptography
- Base32
- ROT11
- Binary
- Morse Code
- AES
- Vigenère
- Spoon
- Brute Forcing (SSH)
- Wonderland
- Network Enumeration
- Web ENumeration
- Steganography
- Web Poking
- Misconfigured Binaries
- Reverse Engineering
- Looking Glass
- Network Enumeration
- SSH Enumeration
- Cryptography
- Vigenère
- Exploiting Crontab
- Misconfigured Binaries
- One Piece
- Network Enumeration
- FTP Enumeration
- Steganography
- Web Poking
- Crypthography
- Base32
- Base64
- Base85
- Base91
- Morse Code
- Binary
- Hex
- Web Enumeration
- Reverse Enigieering
- Stored Passwords & Keys
- Motunui
- Network Enumeration
- SMB Enumeration
- Web Enumeration
- Brute Forcing (Json API)
- Network Forensic
- Toolbox: Vim
- Linux Tools
- tmux
- Linux Tools
- REmux The Tmux
- Linux Tools
- The Docker Rodeo
- Docker Escaping
- Git Happens
- Network Enumeration
- Enumeration Git
- Tor
- History of Malware
- Printer Hacking 101
- Advent of Cyber
- Advent of Cyber 2
- HARD: Borderlands
- Attacking ICS Plant #1
Author❤️: UTTAM BODARA
License💀: MIT License
💻 Contribute & Learn Together — Fork, ⭐ Star, and Share this repo with fellow hackers!
📢 Stay curious, keep hacking (ethically), and never stop learning! 🔥