> For the complete documentation index, see [llms.txt](https://zweilosec.gitbook.io/hackers-rest/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://zweilosec.gitbook.io/hackers-rest/readme.md).

# Hacker's Rest

These are my publicly accessible notes from various sources for penetration testing, red-teaming, OSCP, Capture the Flag (CTF) challenges, and my [Vulnhub](https://www.vulnhub.com/)/ [Hack the Box](https://hackthebox.eu) machine [write-ups](https://zweilosec.github.io/).

{% hint style="warning" %}
Warning - These notes are largely unformatted right now. They are based on my way of learning things - by reading, doing, studying, exploring, and taking notes. Cleaning up and formatting comes later.

* Do not assume anything from these notes.
* Do not expect the notes to be exhaustive, or to cover the techniques or the output they produce in full.
* Expect mistakes in the notes.
* Feel free to ask questions!
* Always consult additional resources. If possible I will try to link to outside resources. *If I have shared something of yours and you want credit, please let me know!*
  {% endhint %}

## Contribution

**If you would like to add to, modify, or improve anything in my notes, PLEASE DO!**

If you would like to give suggestions or even commit changes to these pages feel free to head to my GitHub page at:

{% embed url="<https://github.com/zweilosec/Infosec-Notes>" %}

### How to contribute

1. [Create an Issue Request](https://github.com/zweilosec/Infosec-Notes/issues) describing your changes/additions.
2. Fork [this repository](https://github.com/zweilosec/Infosec-Notes).
3. Push some code to your fork.
4. Come back to this repository and [open a pull request](https://github.com/zweilosec/Infosec-Notes/pulls).
5. After reviewing your changes, I will merge your pull request to the master repository.
6. Make sure to update your Issue Request so that I can credit you! Thank you so much!

Feel free to also open an issue with any questions, help wanted, or requests! Throughout these notes I have put `TODO:` notes that indicate that I know a certain section needs work. Focus on these if you can!

```bash
TODO: Change all code examples to use variables (e.g. $host_ip)
rather than fill-in-the-blank format (e.g. <host_ip>). 
This will help greatly with copying code directly into scripts.
```

## Contents

The following sub-pages of these notes will explore some of the common offensive and defensive security techniques including gaining shells, code execution, lateral movement, persistence, scripting, tools and much more. I also cover techniques for dealing with CTF-type challenges such as cryptography, reverse engineering, steganography and more.

{% hint style="success" %}
Hack Responsibly.

Always ensure you have **explicit** permission to access any computer system **before** using any of the techniques contained in these documents. You accept full responsibility for your actions by applying any knowledge gained here.
{% endhint %}

### Unix/Linux

* [Unix Fundamentals](/hackers-rest/fundamentals/unix-fundamentals.md)
* [Hardening & Configuration Guide](/hackers-rest/linux-1/linux-hardening.md)
  * [TMUX/Screen Cheatsheet](/hackers-rest/linux-1/linux-hardening/tmux-screen-cheatsheet.md)
* [Red Team Notes](/hackers-rest/linux-1/linux-redteam.md)
  * [Enumeration](/hackers-rest/linux-1/linux-redteam/enumeration.md)
  * [Getting Access](/hackers-rest/linux-1/linux-redteam/getting-access.md)
  * [Privilege Escalation](/hackers-rest/linux-1/linux-redteam/privilege-escalation.md)
  * [Exfiltration](/hackers-rest/linux-1/linux-redteam/exfiltration.md)
  * [Persistence](/hackers-rest/linux-1/linux-redteam/persistance.md)
* [Vim](/hackers-rest/linux-1/vim.md)

### Windows

* [Windows Fundamentals](/hackers-rest/fundamentals/windows-basics.md)
* [Hardening & Configuration Guide](/hackers-rest/windows-1/windows-hardening.md)
* [Red Team Notes](/hackers-rest/windows-1/windows-redteam.md)
  * [Enumeration](/hackers-rest/windows-1/windows-redteam/enumeration.md)
  * [Getting Access](/hackers-rest/windows-1/windows-redteam/getting-access.md)
  * [Privilege Escalation](/hackers-rest/windows-1/windows-redteam/privilege-escalation.md)
  * [Persistence](/hackers-rest/windows-1/windows-redteam/persistence.md)
  * [Active Directory](/hackers-rest/windows-1/windows-redteam/active-directory.md)
  * [PowerShell](/hackers-rest/fundamentals/windows-basics/powershell.md)

### MacOS

* [MacOS Basics](/hackers-rest/macos/macos-basics.md)
* [Hardening & Configuration Guide](/hackers-rest/macos/macos-hardening.md)
* [Red Team Notes](/hackers-rest/macos/macos-redteam.md)
  * [Enumeration](/hackers-rest/macos/macos-redteam/enumeration.md)
  * [Getting Access](/hackers-rest/macos/macos-redteam/getting-access.md)
  * [Privilege Escalation](/hackers-rest/macos/macos-redteam/privilege-escalation.md)
  * [Persistence](/hackers-rest/macos/macos-redteam/persistence.md)

### Web

* [DNS](/hackers-rest/web/dns.md)
* [Subdomain/Virtual Host Enumeration](/hackers-rest/web/web-notes/subdomain-virtual-host-enumeration.md)
* [Web Apps](/hackers-rest/web/web-notes.md)
  * [Web Application Hacker's Handbook Task Checklist](/hackers-rest/web/web-notes/the-web-application-hackers-handbook.md)

### Mobile

* [iOS](/hackers-rest/mobile/ios.md)
* [Android](/hackers-rest/mobile/android.md)

### OS Agnostic

* [Cryptography & Encryption](/hackers-rest/os-agnostic/password-cracking.md)
* [Network Hardware](/hackers-rest/os-agnostic/network-hardware.md)
* [OS Agnostic](/hackers-rest/os-agnostic/os_agnostic.md)
* [OSINT](/hackers-rest/os-agnostic/osint.md)
* [Password Cracking](/hackers-rest/os-agnostic/password-cracking.md)
  * [Gathering the Hashes](/hackers-rest/os-agnostic/password-cracking/gathering-the-hashes.md)
  * [Wordlist Generation](/hackers-rest/os-agnostic/password-cracking/wordlist-manipulation.md)
  * [Cracking the Hashes](/hackers-rest/os-agnostic/password-cracking/cracking-the-hashes.md)
* [Reverse Engineering & Binary Exploitation](/hackers-rest/os-agnostic/reverse-engineering-and-binary-exploitation.md)
  * [Buffer Overflow](/hackers-rest/os-agnostic/reverse-engineering-and-binary-exploitation/buffer-overflow.md)
* [Scripting](/hackers-rest/os-agnostic/scripting.md)
  * [Scripting Language Syntax Comparison](/hackers-rest/os-agnostic/scripting/script-language-comparison.md)
* [SQL](/hackers-rest/os-agnostic/sql.md)
* [SSH & SCP](/hackers-rest/os-agnostic/ssh-and-scp.md)
* [Steganography](/hackers-rest/os-agnostic/steganography.md)
* [Wireless](/hackers-rest/os-agnostic/wifi.md)

### Unsorted

* [Unsorted Notes](/hackers-rest/untitled.md)

## OSCP/CTF Tools and Cheatsheets

See my [list of outside sources](/hackers-rest/tools-cheatsheets.md)!

If you like this content and would like to see more, please consider [buying me a coffee](https://www.buymeacoffee.com/zweilosec)!
