Ottimo's Webpage

Cheat Sheets Threat Intelligence CVEs

Cheatsheets

Cheatsheets

All
Active Directory
DOM
OAuth2
Cloud
SANS
Assessment
Red Team
Blue Team
Sandbox
Certs
Bug Bounty
Training
OSINT
Anonimity
Lab
Threat Intelligence
Free Resources
Reverse
Forum
Dark Forum
Search Engine
Dev Tools
MLOps

Cheatsheets

https://zer1t0.gitlab.io/posts/attacking_ad/ https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet https://www.sans.org/security-resources/posters/pen-testing/bloodhound-cheat-sheet-430 https://www.alteredsecurity.com/post/fantastic-windows-logon-types-and-where-to-find-credentials-in-them https://insinuator.net/2021/05/dogwhisperers-sharphound-cheat-sheet/ https://vincentyiu.com https://cybersecuritynews.com/active-directory-checklist/

https://domevents.dev/ https://tinyxss.terjanq.me/ https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

https://www.binarybrotherhood.io/oauth2_threat_model.html

https://github.com/dafthack/CloudPentestCheatsheets

https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

https://raw.githubusercontent.com/her0ness/assessment-mindset/master/assessment-mindset.png https://lolbas-project.github.io/ https://wadcoms.github.io/ https://gtfobins.github.io/ https://weakpass.com/wordlist https://pentestbook.six2dez.com/ https://kwcsec.gitbook.io/the-red-team-handbook/ http://bookmarkz.sofianehamlaoui.fr/ http://live.sysinternals.com/ https://pentest.ws/login https://faradaysec.com

https://www.revshells.com/ https://sploitus.com/ https://nored0x.github.io/ https://synzack.github.io/Blinding-EDR-On-Windows/ https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a https://pentest.ws/login https://byouwcph.apps.faradaysec.com/login https://www.thehacker.recipes/ https://hideandsec.sh/books https://www.hackingarticles.in/a-detailed-guide-on-rubeus/ https://cheatsheet.haax.fr/ https://0x1.gitlab.io/pentesting/Red-Teaming-Toolkit/

https://github.com/rabobank-cdc/DeTTECT https://shield.mitre.org/matrix/ https://d3fend.mitre.org/ https://car.mitre.org/ https://www.jaiminton.com/cheatsheet/DFIR/ https://threathunterplaybook.com/ https://rmusser.net/docs/ https://www.unh4ck.com/ https://malapi.io/ https://filesec.io/ https://jpcertcc.github.io/ToolAnalysisResultSheet/ https://www.jpcert.or.jp/english/pub/sr/ir_research.html https://www-uptycs-com.cdn.ampproject.org/c/s/www.uptycs.com/blog/lolbins-are-no-laughing-matter?hs_amp=true https://www.what2log.com/ https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/ https://thedfirreport.com/2022/01/24/cobalt-strike-a-defenders-guide-part-2/ https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/ https://elastic.github.io/security-research/whitepapers/2022/02/03.exploring-windows-uac-bypass-techniques-detection-strategies/article/ https://blueteamlabs.online/ https://cyberdefenders.org/blueteam-ctf-challenges/ https://www.immersivelabs.com/ https://biggingerhoneypot.notion.site/68fb84422c8b47118569f7585054a7d7?v=570aca319ed34b3da252ffb5a74ae698 https://cybersecuritynews-com.cdn.ampproject.org/c/s/cybersecuritynews.com/active-directory-checklist/?amp https://awesomedfir.com/ https://github.com/aboutsecurity/blueteam_homelabs

https://any.run/ https://tria.ge/

https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/ https://theaveragenz.com/cracking-the-oswe-certification/ https://github.com/johnthebrit/CertificationMaterials https://www.whizlabs.com/google-cloud-certified-professional-cloud-architect/

https://danielv.com.br/cheatsheets/ https://www.bugbountytips.tech/ https://blog.0xffff.info/ https://labs.detectify.com/2021/08/10/how-to-hack-apis-in-2021/ https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html https://gowthams.gitbook.io/bughunter-handbook/mindmaps

https://www.simplycyber.io/free-cyber-resources https://ethicalhackersacademy.com/blogs/ethical-hackers-academy/penetration-testing-tools https://training.dfirdiva.com/ https://training.dfirdiva.com/listing-category/dfir-blue-team-ctfs https://wargames.ret2.systems/ https://pwn.college/ https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/ https://div0playground.df.r.appspot.com/ https://ost2.fyi/Home.html https://www.hoppersroppers.org/ https://training.olicyber.it/ https://academy.fuzzinglabs.com/free-courses https://beginners.re/ https://www.malware-traffic-analysis.net/ https://class.malware.re/ https://voidsec.com/windows-drivers-reverse-engineering-methodology/ https://academy.wehackpurple.com/ https://drive.google.com/drive/u/0/folders/1rr765z3XwW_NwhcFwWfgPrGsSLW2LuKk https://platform.mosse-institute.com/#/ https://portal.tutorialsdojo.com/ https://samsclass.info/127/ED_2020.shtml https://courses.shostack.org/collections http://fancy4n6.com/dfir-resources/

https://www.osintdojo.com//resources/ https://rr.reuser.biz/ https://ohshint.gitbook.io/oh-shint-its-a-blog/ https://crt.sh/ https://search.censys.io/ https://cipher387.github.io/osintmap/ https://valhalla.nextron-systems.com/ https://dorksearch.com/ https://www.aware-online.com/en/osint-tools/ https://www.onyphe.io/ https://map.malfrats.industries/ https://usersearch.org/index.php https://viewdns.info/ https://leak-lookup.com https://data.zercurity.com/ https://www.osinttechniques.com/osint-tools.html https://www.criminalip.io/ https://avatarapi.com/

https://anonymousplanet.org/guide.html

https://www.detectionlab.network/ https://hackaflag.com.br/ https://attackdefense.com https://alf.nu/alert1 https://ctf.komodosec.com https://cmdchallenge.com https://exploit.education https://lnkd.in/e46drbz8 https://www.hackthebox.com https://www.hackthis.co.uk https://lnkd.in/eAB5CSTA https://ctf.hacker101.com https://lnkd.in/ex7R-C-e https://hacking-lab.com/ https://hstrike.com https://immersivelabs.com https://lnkd.in/ewBk6fU5 http://overthewire.org https://lnkd.in/esq9Yuv5 https://pentesterlab.com https://lnkd.in/e6wVANYd https://lab.pentestit.ru https://picoctf.com https://lnkd.in/eMEwBJzn https://www.root-me.org http://rootinjail.com https://lnkd.in/e5TAMawK https://lnkd.in/eVn9rP9p https://cryptopals.com https://tryhackme.com https://www.vulnhub.com https://w3challs.com http://www.wechall.net https://lnkd.in/ewJ5rNx2 https://pwnx.io/ https://www.katacoda.com/learn https://secureflag.owasp.org/login.html https://ctf.hacker101.com/ https://www.linkedin.com/posts/francescofaenzi_microsoft-activedirectory-bloodhound-activity-6905565424453574656-YNmf/

https://app.netlas.io/responses/ https://pulsedive.com/ https://publicwww.com/ https://www.zoomeye.org/ https://www.binaryedge.io/ https://platform.darktracer.com/ https://darkfeed.io/

https://www.cisa.gov/free-cybersecurity-services-and-tools https://www.linkedin.com/pulse/free-cybersecurity-training-why-pay-thousands-dollars-meece-/ https://medium.com/malware-buddy/security-infographics-9c4d3bd891ef#18dd https://www.simplycyber.io/free-cyber-resources https://securityzines.com/ https://x0rb3l.github.io/Cyber-Bookmarks/ https://lookbook.cyberjungles.com/ https://offsec.tools/

https://www.intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/ https://greysec.net/showthread.php?tid=2451 https://www.codereversing.com/blog/archives/420 https://reversingforfun.info/wp-content/uploads/2021/05/Reversingforfun.info-PwnDBG_gdb_MindMap-v0.1-MediumRes.png

https://0x00sec.org/ https://greysec.net/index.php https://gambe.ro/ https://console.dev/ https://cohackers.co/ https://securitycreators.video/

https://eternia.to/

https://www.shodan.io/dashboard https://search.censys.io/ https://fullhunt.io/ https://www.onyphe.io/ https://redhuntlabs.com/online-ide-search https://ivre.rocks/ https://www.binaryedge.io/ https://synapsint.com/ https://natlas.io/ https://socradar.io/ https://hunter.io/ https://spyse.com/ https://vulners.com/ https://www.greynoise.io/viz https://intelx.io/ https://www.zoomeye.org/ https://pulsedive.com/ https://urlscan.io https://zorexeye.com/ https://wigle.net/ https://search.redteam.fail/?# https://bevigil.com/

https://cloud.hasura.io/ https://insomnia.rest/ https://vercel.com/ https://www.gigalixir.com/ https://render.com/ https://fly.io/ https://dashboard.doppler.com/login https://www.freetsa.org/index_en.php# https://cloud.community.humio.com/ https://www.heroku.com/ https://supabase.com/ https://retool.com/ https://goteleport.com/ https://app.lightstep.com/ https://app.aspecto.io/ https://hoppscotch.io/ https://www.jsonapi.co/ https://rapidapi.com/hub

https://hydra.cc/ https://dvc.org/