The Hacker's Choice
THC is an acronym for 'The Hacker's Choice' and a group of international experts involved in network and system security. The group looks back on a long history, it was founded in 1995 and published over 70 technical papers and software releases covering a wide range of computer security aspects.
We research and publish tools and academic papers to expose fishy IT security that just isn’t secure. We also develop and publish tools to help the IT Security movement.
Official page
GitHub
InfosecExchange
Old page
#useful
THC is an acronym for 'The Hacker's Choice' and a group of international experts involved in network and system security. The group looks back on a long history, it was founded in 1995 and published over 70 technical papers and software releases covering a wide range of computer security aspects.
We research and publish tools and academic papers to expose fishy IT security that just isn’t secure. We also develop and publish tools to help the IT Security movement.
Official page
GitHub
InfosecExchange
Old page
#useful
👍4
Google Cloud Red Team Specialist [CGRTS] by Cyberwarfare Labs, ripped by hide01
Red Team engagement of GCP infrastructure that will include the following :
- Motive / Objective in Red Team Ops in Google Cloud
- MITRE ATT&CK Matrix for Cloud:
❖ OSINT➢
❖ Initial Access➢
❖ Authenticated Enumeration➢
❖ Privilege Escalation➢
❖ Persistence➢
❖ Credential Access➢
❖ Lateral Movement➢
❖ Data Exfiltration➢
And how to exploit security misconfiguration in:
➢ Identity & Access Management
➢ Service Account
➢ Cloud Function
➢ Compute Instance
➢ Virtual Private Cloud
➢ Cloud Storage
➢ Secret Manager
Official page
#education #pentest
Red Team engagement of GCP infrastructure that will include the following :
- Motive / Objective in Red Team Ops in Google Cloud
- MITRE ATT&CK Matrix for Cloud:
❖ OSINT➢
❖ Initial Access➢
❖ Authenticated Enumeration➢
❖ Privilege Escalation➢
❖ Persistence➢
❖ Credential Access➢
❖ Lateral Movement➢
❖ Data Exfiltration➢
And how to exploit security misconfiguration in:
➢ Identity & Access Management
➢ Service Account
➢ Cloud Function
➢ Compute Instance
➢ Virtual Private Cloud
➢ Cloud Storage
➢ Secret Manager
Official page
#education #pentest
👍5🔥1
API Pentesting Mindmap
Mind maps, represented in this document, serve as a powerful tool for enhancing API security testing. 🧠 They visually unravel complex software interactions, making it easier to understand and manipulate APIs by breaking down intricacies into manageable segments.
#
Mind maps, represented in this document, serve as a powerful tool for enhancing API security testing. 🧠 They visually unravel complex software interactions, making it easier to understand and manipulate APIs by breaking down intricacies into manageable segments.
#
👍6🔥1
🔥5
The Comprehensive CISSP Study Guide_2023.pdf
1.8 MB
The Comprehensive CISSP Study Guide by John Sisler, 2023
🔥4👍2
50 Interview Questions Answers with Explanation Network Management and Monitoring
𝐍𝐞𝐭𝐰𝐨𝐫𝐤 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 involve the administration, optimization, and oversight of computer networks. Management ensures efficient resource utilization, security, and performance, while monitoring employs tools to track network activity, diagnose issues, and proactively respond to disruptions, ensuring the network operates reliably and meets organizational needs.
#cisco
𝐍𝐞𝐭𝐰𝐨𝐫𝐤 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 involve the administration, optimization, and oversight of computer networks. Management ensures efficient resource utilization, security, and performance, while monitoring employs tools to track network activity, diagnose issues, and proactively respond to disruptions, ensuring the network operates reliably and meets organizational needs.
#cisco
👍3
50_Interview_Questions_Answers_with_Explanation_Network_Management.pdf
674.5 KB
50 Interview Questions Answers with Explanation Network Management and Monitoring
👍3🤔1
A Detailed Guide on Rubeus, 2023
In this guide, delve into the Kerberos authentication flow, understanding its major components and utilizing messages for workflow. Learn how to set up Rubeus, execute ticket operations, and create golden and silver tickets.
Rubeus, a C# toolkit, interacts with and exploits Kerberos. As a ticket-based network authentication protocol, Kerberos is extensively used in Active Directories. Unfortunately, misconfigurations in AD, often due to human error, can lead to security lapses.
Rubeus steps in to exploit vulnerabilities arising from these misconfigurations, performing tasks like crafting keys and granting access using forged certificates. This article serves as a comprehensive guide on leveraging Rubeus in various scenarios.
#pentest #windows
In this guide, delve into the Kerberos authentication flow, understanding its major components and utilizing messages for workflow. Learn how to set up Rubeus, execute ticket operations, and create golden and silver tickets.
Rubeus, a C# toolkit, interacts with and exploits Kerberos. As a ticket-based network authentication protocol, Kerberos is extensively used in Active Directories. Unfortunately, misconfigurations in AD, often due to human error, can lead to security lapses.
Rubeus steps in to exploit vulnerabilities arising from these misconfigurations, performing tasks like crafting keys and granting access using forged certificates. This article serves as a comprehensive guide on leveraging Rubeus in various scenarios.
#pentest #windows
👍4
Методическое руководство по извлечению данных из iPhone и других устройств Apple, ЭлкомСофт, 2023
В данном руководстве систематизирована информация по извлечению данных из iPhone и некоторых других устройств Apple, описаны подходы, стратегии и особенности разных методов, а также типичные ошибки.
#book #forensic
В данном руководстве систематизирована информация по извлечению данных из iPhone и некоторых других устройств Apple, описаны подходы, стратегии и особенности разных методов, а также типичные ошибки.
#book #forensic
🔥7👍1
Apple forensics by ElcomSoft (Nov 2023).pdf
13.1 MB
Методическое руководство по извлечению данных из iPhone и других устройств Apple, ЭлкомСофт, 2023
🔥10👍3
Путь в IT, GeekBrains (Александр Волчек, Александр Сагун)
После ознакомления с книгой вы сможете выделиться на фоне 90% новичков на рынке IT. Сложные технические термины уже не будут вызывать страх, а развернутое описание каждой профессии в этой области поможет вам определить свой карьерный путь.
Официальный сайт
Дополнительно:
Еще одна книга от Елены Правдиной
#newbie
После ознакомления с книгой вы сможете выделиться на фоне 90% новичков на рынке IT. Сложные технические термины уже не будут вызывать страх, а развернутое описание каждой профессии в этой области поможет вам определить свой карьерный путь.
Официальный сайт
Дополнительно:
Еще одна книга от Елены Правдиной
#newbie
🤡12🤔1