Real_Issue

Example vulnerabilities in real scenario and some resource from https://twitter.com/Alra3ees

Google Hacking for PenTester,Cheat Sheet And dorks :

• http://rookiehacke.blogspot.com/2014/04/google-hacking-cheat-sheet.html
• https://gist.github.com/stevenswafford/393c6ec7b5375d5e8cdc
• https://gist.github.com/wookiecooking/5950305
• https://webvivant.com/writing-journalism/sample-features/google-hacking-101/
• https://securityonline.info/google-hacking-pentester/
• https://www.alienvault.com/blogs/security-essentials/how-pen-testers-use-google-hacking

Attacking .NET Serialization:

• https://speakerdeck.com/pwntester/attacking-net-serialization
• https://github.com/pwntester/ysoserial.net
• https://media.blackhat.com/bh-us-12/Briefings/Forshaw/BH_US_12_Forshaw_Are_You_My_Type_WP.pdf
• https://labs.mwrinfosecurity.com/advisories/milestone-xprotect-net-deserialization-vulnerability/
• https://soroush.secproject.com/blog/2018/08/asp-net-resource-files-resx-and-deserialization-issues/
• https://www.gosecure.net/blog/2017/03/22/detecting-deserialization-bugs-with-dns-exfiltration
• https://ionize.com.au/deserialisation-vulnerabilities/

JAVA DESERIALIZATION VULNERABILITY:

• https://link.medium.com/1lzbelq0dV
• https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
• http://blog.securelayer7.net/thick-client-penetration-testing-3javadeserialization-exploit-rce/
• https://www.slideshare.net/codewhitesec/exploiting-deserialization-vulnerabilities-in-java-54707478
• https://techblog.mediaservice.net/2017/05/reliable-discovery-and-exploitation-of-java-deserialization-vulnerabilities/
• https://tint0.com/expanding-java-deserialization-struts/
• https://www.synopsys.com/blogs/software-security/mitigate-java-deserialization-vulnerability-jboss/
• https://nytrosecurity.com/2018/05/30/understanding-java-deserialization/
• https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Deserialization_Cheat_Sheet.md
• https://medium.com/@gigacyclecouk/coldfusion-hotfix-resolves-xss-java-deserialization-bugs-3cadc6dc49f9
• https://medium.com/abn-amro-red-team/java-deserialization-from-discovery-to-reverse-shell-on-limited-environments-2e7b4e14fbef
• https://link.medium.com/kf3PLyo1dV

Attacking JSON Web Token (JWT) authentication:

• https://medium.com/101-writeups/hacking-json-web-token-jwt-233fe6c862e6
• https://www.sjoerdlangkemper.nl/2016/09/28/attacking-jwt-authentication/
• https://github.com/ticarpi/jwt_tool
• https://hackernoon.com/can-timing-attack-be-a-practical-security-threat-on-jwt-signature-ba3c8340dea9
• https://medium.com/@valeriyshevchenko/brute-forcing-jwt-token-hs256-6f545d24c7c3
• https://blog.websecurify.com/2017/02/hacking-json-web-tokens.html
• https://trustfoundry.net/jwt-hacking-101/
• https://dev.to/antoinette0x53/forging-json-web-tokens-to-win-a-prize
• https://www.slideshare.net/loige/processing-your-pdf-into-slides-cracking-jwt-tokens-a-tale-of-magic-nodejs-and-parallel-computing-code-europe-wroclaw-december-2017
• https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/JSON_Web_Token_Cheat_Sheet_for_Java.md
• https://www.moses-security.com/blog/exploiting-json-web-token-vulnerability
• https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/JSON%20Web%20Token
• https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
• https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/january/jwt-attack-walk-through/
• https://blog.compass-security.com/2017/05/jwt-burp-extension/
• https://blog.compass-security.com/2017/01/wrap-up-hack-lab-1-2017/

SAML Authentication Pentest:

• https://darkweblinks.org/2018/08/10/bypassing-saml-2-0-sso-with-xml-signature-attacks/
• https://blog.netspi.com/attacking-sso-common-saml-vulnerabilities-ways-find/
• https://blog.compass-security.com/2015/07/saml-burp-extension/
• https://www.redteam-pentesting.de/de/advisories/rt-sa-2017-013/-truncation-of-saml-attributes-in-shibboleth-2
• https://www.okta.com/blog/2018/02/what-you-need-to-know-about-saml-vulnerability-research/
• https://www.bleepingcomputer.com/news/security/saml-vulnerability-lets-attackers-log-in-as-other-users/
• https://jumpcloud.com/blog/security/notice-recently-discovered-saml-authentication-bypass-vulnerabilities/
• https://blog.centrify.com/saml/
• https://pulsesecurity.co.nz/advisories/WebLogic-SAML-Vulnerabilities
• https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/SAML_Security_Cheat_Sheet.md

Training for Exploit develop

• Buffer Overflow Practical Examples - ret2libc : http://ow.ly/Zs6B30o8Q6T
• Shellcode Injection and Local Privilege Escalation : http://ow.ly/Vsse30o8Q6U
• Exploiting EIP : http://ow.ly/lfIZ30o8Q6V
• Metasploit , gdb and objdump : http://ow.ly/Bf1V30o8Q6W

The Top 5 Mistakes AngularJS Developers Make

• Part 1:
• Part 2:
• Part 3:
• Part 4:
• Part 5:

Search engines for Hackers

• https://censys.io/
• https://www.shodan.io/
• https://viz.greynoise.io/table
• https://www.zoomeye.org/
• https://wigle.net/
• https://publicwww.com/
• https://hunter.io/
• https://haveibeenpwned.com/
• https://pipl.com/
• https://osintframework.com/