Reading-List

A collection of articles I've read and enjoyed

Below is a list of articles / websites which I’ve read and enjoyed. I recommend you check them out!

• Electronic Frontier Foundation
• Crypto Gram Newsletter
• So you want to expose Go on the Internet
• OWASP Devsecops Maturity Model
• Playing with LD_PRELOAD - BreakInSecurity
• The Race to Limit Ptrace - Rezilion
• Hooking Linux Libraries for Post-Exploitation Fun :: Mike Gualtieri
• A Technique for Hooking Internal Functions of Dynamically-Linked ELF Binaries
• nproc: netlink access to /proc information
• mtree(8): map directory hierarchy - Linux man page
• Web Security Academy
• HackTricks - HackTricks
• Bringing OAuth 2.0 Flow to Wrangler
• sigstore/cosign: Container Signing + Application Signing
• Log4J
• Tamarin Prover
• thinkst/canarytokens-docker: Docker configuration to quickly setup your own Canarytokens
• biscuitsec.org
• Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud – Google Research
• API Tokens: A Tedious Survey · Fly
• A Security Site - Everything you would ever need to know about crypto
• Private Access Tokens - Apple + RFC + Cloudflare
• Portswigger - Web Security Training
• Computerphile on Youtube - Good Zero Knowledge Proof Video from them
• https://abuse.ch/
• https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=930420
• https://github.com/atc-project/atomic-threat-coverage
• https://github.com/atc-project/atc-react
• https://github.com/redcanaryco/atomic-red-team
• https://github.com/iangcarroll/cookiemonster
• https://samcurry.net/points-com/
• https://github.com/lc/gau
• https://samcurry.net/web-hackers-vs-the-auto-industry/
• https://commoncrawl.org/
• https://www.youtube.com/watch?v=OtM6iegGYAQ
• https://www.youtube.com/watch?v=pYRM3Zcfajs
• https://jedisct1.github.io/minisign/
• https://github.com/aperezdc/signify
• https://hijacklibs.net/
• https://learn.microsoft.com/en-us/sysinternals/downloads/adexplorer + https://github.com/c3c/ADExplorerSnapshot.py + https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/bloodhound
• https://dirkjanm.io/getting-in-the-zone-dumping-active-directory-dns-with-adidnsdump/ + https://github.https://dirkjanm.io/ + com/SpecterOps + https://github.com/dirkjanm?tab=repositories + https://github.com/dirkjanm/adidnsdump
• https://1passwordstatic.com/files/security/1password-white-paper.pdf
• https://www.youtube.com/watch?v=SgkgsgaBBCA
• https://github.com/ShorSec/KrbRelayUp
• https://github.com/golem445/Corporate_Masks
• https://github.com/fabacab/awesome-cybersecurity-blueteam
• https://github.com/DominicBreuker/pspy
• https://github.com/cdk-team/CDK
• https://github.com/arget13/DDexec
• https://github.com/nettitude/Aladdin#defensive-considerations
• https://blog.foxio.io/ja4-network-fingerprinting-9376fe9ca637
• https://www.youtube.com/watch?v=g1Q7wFFIxfU
• https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/
• https://ebpf.io/books/buzzing-across-space-illustrated-childrens-guide-to-ebpf.pdf
• https://github.com/linux-application-whitelisting/fapolicyd
• https://moxie.org/2022/01/07/web3-first-impressions.html
• https://pentestlab.blog/2020/01/13/persistence-image-file-execution-options-injection/
• https://securityscorecards.dev/
• https://github.com/ossf/scorecard
• https://github.com/ossf/malicious-packages
• https://openssf.org/
• https://www.bestpractices.dev/en/criteria/0#0.dynamic_analysis_unsafe
• https://github.com/ossf/package-analysis
• https://github.com/ossf/scorecard/blob/main/docs/checks.md
• https://osv.dev/
• https://www.sigstore.dev/
• https://docs.sigstore.dev/verifying/verify/
• https://amsi.fail/
• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/peeling-back-the-layers-of-remcosrat-malware/
• https://authzed.com/
• https://redcanary.com/threat-detection-report/techniques/windows-management-instrumentation/
• https://bruteratel.com/
• https://github.com/BishopFox/sliver
• https://www.cobaltstrike.com/
• https://c2matrix.webflow.io/matrix
• https://github.com/yuankong666/Ultimate-RAT-Collection
• https://firecracker-microvm.github.io/
• https://luemmelsec.github.io/Kerberoasting-VS-AS-REP-Roasting/
• https://luemmelsec.github.io/
• https://github.com/mandiant/GoReSym

• https://docs.mythic-c2.net/

  https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/elastic-edr/#setup

https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/linux-evasion/#timestomping

https://swisskyrepo.github.io/InternalAllTheThings/redteam/evasion/windows-amsi-bypass/#summary

https://swisskyrepo.github.io/InternalAllTheThings/active-directory/kerberos-tickets/#pass-the-ticket-golden-tickets

https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#customer-id

https://swisskyrepo.github.io/InternalAllTheThings/command-control/cobalt-strike/#elevate-kit

https://swisskyrepo.github.io/InternalAllTheThings/command-control/metasploit/#scripting-metasploit

https://github.com/mandiant/SharPersist/wiki

https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html

https://adsecurity.org/?p=3458

https://learn.microsoft.com/en-gb/archive/blogs/pie/credential-theft-made-easy-with-kerberos-delegation

Event tracing for windows bypass

AMSI Bypass

https://linux.die.net/man/1/msktutil

https://www.youtube.com/channel/UCJU2r634VNPeCRug7Y7qdcw

https://github.com/nettitude/Aladdin?tab=readme-ov-file

https://mayfly277.github.io/posts/GOADv2/

https://maldevacademy.com/syllabus

https://www.netexec.wiki/

https://www.inetsim.org/features.html

https://pentestlab.blog/2022/03/21/unconstrained-delegation/

https://www.securityandit.com/network/kerberos-protocol-understanding/

https://www.tarlogic.com/blog/kerberos-iii-how-does-delegation-work/

https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory

https://blog.improsec.com/tech-blog/the-mind-blowing-kerberos-use-any-authentication-protocol-delegation

https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/configure-kerberos-delegation-group-managed-service-accounts

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_identity_management/assembly_using-constrained-delegation-in-idm_configuring-and-managing-idm#doc-wrapper