Reading-List
A collection of articles I've read and enjoyed
Below is a list of articles / websites which I’ve read and enjoyed. I recommend you check them out!
Electronic Frontier Foundation
Crypto Gram Newsletter
So you want to expose Go on the Internet
OWASP Devsecops Maturity Model
Playing with LD_PRELOAD - BreakInSecurity
The Race to Limit Ptrace - Rezilion
Hooking Linux Libraries for Post-Exploitation Fun :: Mike Gualtieri
A Technique for Hooking Internal Functions of Dynamically-Linked ELF Binaries
nproc: netlink access to /proc information
mtree(8): map directory hierarchy - Linux man page
Web Security Academy
HackTricks - HackTricks
Bringing OAuth 2.0 Flow to Wrangler
sigstore/cosign: Container Signing
+
Application Signing
Log4J
Tamarin Prover
thinkst/canarytokens-docker: Docker configuration to quickly setup your own Canarytokens
biscuitsec.org
Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud – Google Research
API Tokens: A Tedious Survey · Fly
A Security Site - Everything you would ever need to know about crypto
Private Access Tokens -
Apple
+
RFC
+
Cloudflare
Portswigger - Web Security Training
Computerphile on Youtube
-
Good Zero Knowledge Proof Video from them
https://abuse.ch/
https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=930420
https://github.com/atc-project/atomic-threat-coverage
https://github.com/atc-project/atc-react
https://github.com/redcanaryco/atomic-red-team
https://github.com/iangcarroll/cookiemonster
https://samcurry.net/points-com/
https://github.com/lc/gau
https://samcurry.net/web-hackers-vs-the-auto-industry/
https://commoncrawl.org/
https://www.youtube.com/watch?v=OtM6iegGYAQ
https://www.youtube.com/watch?v=pYRM3Zcfajs
https://jedisct1.github.io/minisign/
https://github.com/aperezdc/signify
https://hijacklibs.net/
https://learn.microsoft.com/en-us/sysinternals/downloads/adexplorer + https://github.com/c3c/ADExplorerSnapshot.py + https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/bloodhound
https://dirkjanm.io/getting-in-the-zone-dumping-active-directory-dns-with-adidnsdump/ + https://github.https://dirkjanm.io/ + com/SpecterOps + https://github.com/dirkjanm?tab=repositories + https://github.com/dirkjanm/adidnsdump
https://1passwordstatic.com/files/security/1password-white-paper.pdf
https://www.youtube.com/watch?v=SgkgsgaBBCA
https://github.com/ShorSec/KrbRelayUp
https://github.com/golem445/Corporate_Masks
https://github.com/fabacab/awesome-cybersecurity-blueteam
https://github.com/DominicBreuker/pspy
https://github.com/cdk-team/CDK