'Documentation is a love letter that you write to your future self.' - Damian Conway
Go
- Web Assembly and Go: A look to the future
- Go 1.11: WebAssembly for the gophers
- Using Interfaces and Dependency Injection to Future Proof Your Designs
- Taking Go modules for a spin
- How to build RPC server in golang
- one-file-pdf - A minimalist PDF generator
- Introduction to Go Modules
- Tracking down a Golang memory leak with grmon
- Using Go modules with vendor support on Travis CI
- A quick one-liner to list all imports of your current project
- Go Compiler Internals
- goebpf - Library to work with eBPF programs from Go
- script - Making it easy to write shell-like scripts in Go
.NET
- Mallet, a framework for creating proxies
- House: A Mobile Analysis Platform Built on Frida
- Socks proxy server using powershell
- BeRoot: Privilege Escalation Project - Windows / Linux / Mac
- DbgShell: A PowerShell front-end for the Windows debugger engine
- SleuthQL: - Burp History parsing tool to discover potential SQL injection points
- ExchangeRelayX: An NTLM relay tool to the EWS endpoint for on-premise exchange servers
- windows-acl: working with ACLs in Rust
- Notable: Note taking app
- TCPHound: Win32 utility for auditing TCP connections
- PolarProxy is a transparent TLS proxy that creates PCAP files with the decrypted data.
- InfinityHook: Hook system calls, context switches, page faults and more.
- Fermion, an electron wrapper for Frida & Monaco.
- pown-cdb: Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line
- VS Code x Frida
- burptime:- Burp Show Response Time.
Static Analysis
- Static Program Analysis book (updated regularly)
Cloud
- AWS Privilege Escalation – Methods and Mitigation
Mobile - IoT
- Learning Bluetooth Hackery with BLE CTF
- Giving Yourself a Window to Debug a Shared Library Before DT_INIT – with Frida, on Android
- Getting started with Firmware Emulation for IoT Devices
- Patching Binaries with Radare2 – ARM64
- Independent Security Evaluators IoT Writeups
- Let’s write Swift code to intercept SSL Pinning HTTPS Requests
- Android CrackMes
- Defeating an Android Packer with Frida
- Frida-onload: Frida module to hook module initializations on Android
- The Path to the Payload - Android Edition - Recon 2019
- SafetyNet Killer - a Frida script to bypass SafetyNet attestation
- Bypassing Certificate Pinning on iOS 12 with Frida
- Breaking mobile userland w[0x42]alls - Giovanni - iGio90 - Rocca
- Skiptracing: Reversing Spotify.app
- Reverse Engineering the iClicker Base Station
- Calling iOS Native Functions from Python Using Frida and RPC
CTF
- Collections of 150 CTF Challenges (Vulnhub+HTB)
- Google's Beginner CTF
- Small CTF challenges running on Docker
- CTF Series : Vulnerable Machines
- Dockerscan: Docker Security Analysis Tools
- Defcon DFIR CTF 2018
Netsec
Not Security
- Dealing with Hard Problems
- Generation of diagram and flowchart from text in a similar manner as markdown
- Zotero: An open-source tool to help collect, organize, cite, and share research
- How to Learn Anything... Fast - Josh Kaufman
*nix
- Intercepting and Emulating Linux System Calls with Ptrace
- Sed - An Introduction and Tutorial
- Compiling DLLs with MinGW on Kali
- How hostname to IP address Conversion or Name Resolution works in Linux?
- Lin.security – practice your Linux privilege escalation foo
- Replace a string with a new one in all files using sed and xargs
Windows
- Windows Privilege Escalation Methods for Pentesters
- System call dispatching on Windows ARM64
- Juicy Potato, Local Privilege Escalation tool from a Windows Service Accounts to SYSTEM
- You can't contain me!: Analyzing and Exploiting an Elevation of Privilege Vulnerability in Docker for Windows
- About WriteProcessMemory
- Triaging a DLL planting vulnerability
- Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome
- Fix Windows 10 Privacy
- The Art of Becoming TrustedInstaller - Task Scheduler Edition
- Modern Windows Attacks and Defense Lab
- Spying on HTTPS - How Antivirus apps monitor HTTPs
- An In Depth Tutorial on Linux Development on Windows with WSL and Visual Studio Code
- [How To] Identify File Types in Windows
- CVE-2019–13142: Razer Surround Elevation of Privilege
- Executing Code Using Microsoft Teams Updater
- Windows API Hooking
- How to Transfer and Share Files Between Windows and Linux
- Deobfuscating Powershell Scripts
- "whoami /priv" - Hack in Paris 2019
- Sysmon 10 - New features including DNS monitoring
- Hunting COM Objects
- Hello World - Compiling Executables for the Classic POSIX Subsystem on Windows
- 1-click RCE with Skype Web Plugin and QT apps
- Windows 10 - Task Scheduler service - Privilege Escalation/Persistence through DLL planting
- Windows NamedPipes 101 + Privilege Escalation
- DLL Import Redirection in Windows 10 1909
- Debug C++ applications inside the Windows Subsystem for Linux using Visual Studio Code
- CVE-2020-0668 - A Trivial Privilege Escalation Bug in Windows Service Tracing
Reverse Engineering
- Reverse Engineering for Beginners
- How I Turn Frick into a Real Frida Based Debugger
- Beginner Malware Reversing Challenges
- x86 In-Depth 3: Identifying C-Style Structs
- x86 In-Depth 4: Labeling Structs Properly in IDA Pro
- Infected PDF: Extract the payload
- Solving the Atredis BlackHat 2018 CTF Challenge
- Tools for instrumenting Windows Defender's mpengine.dll
- Fast Incident Response: Tracking app
- Reflective DLL Injection
- Becoming a "Full-Stack Reverse Engineer" in three years
- Reverse engineering the rendering of The Witcher 3
- Behind Enemy Lines- Reverse Engineering C++ in Modern Ages
- COM Hijacking Techniques David Tulis - DerbyCon 2019
- WinDbg commands flash cards
- "Modern Debugging with WinDbg Preview" DEFCON 27 workshop
- Analysing RPC With Ghidra and Neo4j
- Trusted types & the end of DOM XSS - Krzysztof Kotowicz - LocoMocoSec 2019
- Malware Unicorn RE workshops
- Electronegativity - Electron security checks
- Overcoming Fear: Reversing With Radare2 - Arnau Gamez Montolio
- hm0x14 CTF: reversing a (not so simple) crackme
- Ghidra Utilities for Analyzing PC Firmware
- Implementing a New CPU Architecture for Ghidra
- gdbghidra - a visual bridge between a GDB session and GHIDRA
- python-decompile3: Python decompiler for 3.7+
- Dragon Dance - Binary code coverage visualizer plugin for Ghidra
- Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
- Virtual Method Table for newbies
- Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
- Extending LLVM for Code Obfuscation
Python
- CPython internals: A ten-hour codewalk through the Python interpreter source code
- Pyshark - Python Wrapper For Tshark, Allowing Python Packet Parsing Using Wireshark Dissectors
- FOIA-ed NSA Python Course
Websec
- Practical JSONP Injection
- WebAssembly: potentials and pitfalls
- Analyzing WebAssembly Binaries
- JWT Cheatsheet
- LDAP Injection Cheatsheet
- vuLnDAP: vulnerable LDAP based web app
- How to Hack WebSockets and Socket.io
- JSON Web Token Best Current Practices
- The Illustrated TLS Connection
- OAuth 2.0 Security Best Current Practice
- Automating local DTD discovery for XXE exploitation
- Jackson gadgets - Anatomy of a vulnerability - Java Deserialization
- Knife: A Burp extension that add some useful function to Context Menu
- Better API Penetration Testing with Postman
- JavaScript Supply Chain Security - LocoMocoSec 2019
- XXE: How to become a Jedi - Yaroslav Babin
- Java Serialization: A Practical Exploitation Guide
- XML External Entity(XXE)
- Exploiting XXE with local DTD files
- The parts of JWT security nobody talks about
- Pro Tips: Testing Applications Using Burp, and More
- Actual XSS in 2020
- XXE & SQLi In PaperThin CommonSpot CMS
- OpenID Connect & OAuth 2.0 Security Best Practices
- Reverb: speculative debugging for web applications
Misc
- Mainframe Hacking
- Woot 2018: A Modern History of Offensive Security Research
- Learning PowerShell
- ShellCheck, a static analysis tool for shell scripts
- CrystalBall, Data Gathering and Machine Learning System for SAT Solvers
- Beyond your studies: a presentation about job interviews by Ange Albertini
- Wireshark Tutorial: Examining Qakbot Infections
- Alfa AWUS036ACH Kali Configuration Guide
- Resistance Isn't Futile: A Practical Approach to Threat Modeling
Exploit Dev
- Return Oriented Programming Series
- Exploiting TurboFan Through Bounds Check Elimination
- HowTo: ExploitDev Fuzzing
- Vulnerable C++ code for practice
- Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB)
C
- Project Based Tutorials in C
Blockchain
- Wireshark dissectors for Ethereum ÐEVp2p protocols
- Using a Hardware Security Module with Hyperledger Fabric 1.2 SDK for Node.js
- Fumblechain - A Purposefully Vulnerable Blockchain
Cryptography
- A (relatively easy to understand) primer on elliptic curve cryptography
- A Decade of Lattice Cryptography
CI/CD
- Driving OWASP @zaproxy using Selenium
Docker
- Unprivileged Docker Builds – A Proof of Concept
- Understanding Docker container escapes
- Docker for Pentesters
AFL - Fuzzing
- Fuzzing projects with american fuzzy lop (AFL)
- AFL-unicorn: What is it and how to use it?
- A Simple Tutorial of AFL-Fuzzer
- FUZZING - AMERICAN FUZZY LOP, ADDRESS SANITIZER AND LIBFUZZER
- Binary fuzzing strategies: what works, what doesn't by AFL creator
- Google Fuzzing repository
- Mindshare: Automated Bug Hunting by Modeling Vulnerable Code
- Putting the Hype in the Hypervisor - Brandon Falk
- Microsoft lain fuzzing framework (in Rust)
- Grizzly: A cross-platform browser fuzzing framework
- Fuzzing the Kernel Using AFL-Unicorn
- Provoking Browser Quirks With Behavioural Fuzzing
Game Hacking
- Simple C++ DLL Injecting Source Code Tutorial
- How to Reverse Engineer Save Game Files - Titan Quest Cheats
Documentation/Automation/Efficiency
- Documentation Writing for System Administrators - 2003
- Manual Work is a Bug
- Effective Engineer:
- From Idiot to Imposter: how to get started in a new field