🧠 Staycyonline Knowledge Base
Search
Search
Dark mode
Light mode
Explorer
👽 Security
☁️ Cloud
☁️ AWS
flaws.cloud
Level 1 - buckets of fun
Level 2
Level 3
Null Humla - Hacking AWS
Learnings from Humla session 1 june
IAM
☁️ Azure
Blacksky - Cyclone
Flag 1 - Basics🚩
Flag 2 - Data leak🚩
Flag 3 - Hardcoded🚩
Flag 4 - Run me🚩
Azure Cli and Powershell
enumeration
Initial research
☁️ GCP
Thunder CTF
🌐Web and Network
Active Information Gathering
Active Information Gathering 1
ARP Poisoning
Blue Keep
Bug bounty mistakes-tips
Credential Stuffing
Cross site request forgery - CSRF
Cross site Scripting - XSS
Email OSINT (Recon)
Eternal Blue
Filtering basics - with TShark
FTP
FTP - Port 21
FTP - Port 21 - Enumeration
FTP - Port 21 - Exploitation
HTTP
JWT
Mapping a Network
Mapping a Network 1
Metasploit framework
Microsoft IIS
MSFVenom Cheat sheet
Oauth
Open URL Redirects
owasp zap + burp
Passive Information Gathering
Passive Information Gathering 1
Password breaches
Port 21 FTP
Port 22 SSH Enum and Attacking
Port 80 - http
Port 139,445 - SMB
Port 873 - rsync
Port 3389 - RDP
Port 6379 - Redis caching servers
Port 27017 - Mongodb
Race conditions
RDP
Resources
Reverse shell vs bind shell
SMB
SMB Basics
SMB relay attacks
SQL
SSH
Staged vs Non staged payloads
Telnet
Tshark
Web in depth
xss payloads
🐧 Linux
Commonly exploited linux vuln
Cron Job exploitation
Dirty Pipe (CVE-2022-0847)
Downloading files
Exploiting Bash
Exploiting SUID binaries
Linux - Enumeration
Linux - Privilege Escalation
Linux Cred Dumping
Linux Kernel exploits
👨💻 HTB Boxes Writeup
⚠️ Bashed
✋Brainfuck (on hold as it is confusing)
🗂️Index of HTB Writeups
Blue ✅⁉️
Devel
Editorial
Fawn
LAME ✅
Legacy✅
Nibbles
permX
Pilgrimage
Sense✅
Sunday ✅
TenTen
TenTen 1
TwoMillion
📁 Active Directory
Access Control Model
AD Defense
Domain Enumeration
Domain Enumeration using Bloodhound
Enumeration Cheatsheet AD
Group Policy
Introduction to Active Directory
LLMNR Poisoning
Local Privilage Escalation
Local Privilage Escalation Cheatsheet
Local Privilege Escalation
Microsoft AD Module
Password Cracking with Hashcat
Powerview
Privilage Escalation using Feature Abuse
Privilege Escalation using Feature Abuse
Trusts
📝 Exam review
Az 900
📱Android
Activities
Android App Components
Android Applications
Android Architcture
Android Dynamic analysis
Android Manifest.xml
Android Static Analysis
Architecture
Broadcast Recievers
Certificate transparancy issue
Connecting Vitrual VM to a Physical Android Device over adb
Content providers
Humla android workshop
Intents
Pull Apps from Playstore
Resources
Services
Shared Preferences
Signatures in Android App
📱iOS
Apps
Burp Mobile assistant
Emulator Options
Getting IPA files
Installing ipa files directly
ios Architecture
ios filesystem
Jailbreaking - Notes and Resources
Lab Setup
Objection on ipa - patching
Proxyman (Alternative to burp)
setting up mac os on VM
Static Analysis
🔌 API
API Active Recon
API Passive Recon
API Recon
GraphQL - Humla
Reverse Engineering an API
🧠 Prompt Engineering
1 Intro
2 Elements of a prompt
3. Use case
Offensive Approach
🫙 Container security
Docker Basics
Hacking docker
Humla container sec
Windows
Alternate data streams
Dumping hashes with Mimikatz
Kernel Explots - Win Priv Esc
Microsoft IIS + Webdav
Pass the hash
Searching for passwords in windows config files
UAC Bypass
Windows
Windows - Privilege Escalation 1
Windows Access Tokens - Token Impersonation
Windows Password Hashes
WINRM
Engineering Blogs links
Iot hacking bsides notes
Knowledge Store
Learnings from Source code review null humla - 12th May 2024
Tools you need for Bug Bounty
💎 Obsidian Plugin Guide
Dataview
Excalibrain
Excalidraw
Leaflet
📕 Books - Notes and Reviews
Learnings from Zseano's methodology
Life is short - So is this book
📽️ Content Creation
grading
Settings for reels
tips
🔧 Programming
Rust - Programming Language
1. Installation
2. Hello World
3. Functions, Macros, Comments and Errors
z_📋Templates
🗂️ TEMPLATE - INDEX
Note Template
Plan to learn template
Quick note template
z_📝Markdown_syntax_help
Basic note
Dataview queries
Using leaflet plugin
Learnings
Productivity
Home
❯
👽 Security
❯
☁️ Cloud
❯
☁️ Azure
❯
Blacksky Cyclone
❯
Flag 3 - Hardcoded🚩
Flag 3 - Hardcoded🚩
Nov 26, 2024
1 min read
Password was hardcoded in the automation account configuration
Graph View
Backlinks
No backlinks found
