🧠 Staycyonline Knowledge Base
Search
Search
Dark mode
Light mode
Explorer
👽 Security
☁️ Cloud
☁️ AWS
ARTE Notes
1. Intro to AWS
flaws.cloud
Level 1 - buckets of fun
Level 2
Level 3
Null Humla - Hacking AWS
Learnings from Humla session 1 june
IAM
☁️ Azure
Azure Cli and Powershell
enumeration
Initial research
☁️ GCP
Thunder CTF
🌐Web and Network
Active Information Gathering
Active Information Gathering 1
ARP Poisoning
Blue Keep
Bug bounty mistakes-tips
Credential Stuffing
Cross site request forgery - CSRF
Cross site Scripting - XSS
CSRF in JSON body
Email OSINT (Recon)
Eternal Blue
Filtering basics - with TShark
FTP
FTP - Port 21
FTP - Port 21 - Enumeration
FTP - Port 21 - Exploitation
HTTP
JWT
Mapping a Network
Mapping a Network 1
Metasploit framework
Microsoft IIS
MSFVenom Cheat sheet
Oauth
Open URL Redirects
owasp zap + burp
Passive Information Gathering
Passive Information Gathering 1
Password breaches
Port 21 FTP
Port 22 SSH Enum and Attacking
Port 80 - http
Port 139,445 - SMB
Port 873 - rsync
Port 3389 - RDP
Port 6379 - Redis caching servers
Port 27017 - Mongodb
Race conditions
RDP
Resources
Reverse shell vs bind shell
SMB
SMB Basics
SMB relay attacks
SQL
SSH
Staged vs Non staged payloads
Telnet
Tshark
Web in depth
xss payloads
🐧 Linux
Commonly exploited linux vuln
Cron Job exploitation
Dirty Pipe (CVE-2022-0847)
Downloading files
Exploiting Bash
Exploiting SUID binaries
Linux - Enumeration
Linux - Privilege Escalation
Linux Cred Dumping
Linux Kernel exploits
👨💻 HTB Boxes Writeup
⚠️ Bashed
✋Brainfuck (on hold as it is confusing)
🗂️Index of HTB Writeups
Blue ✅⁉️
Devel
Editorial
Fawn
LAME ✅
Legacy✅
Nibbles
permX
Pilgrimage
Sense✅
Sunday ✅
TenTen
TenTen 1
TwoMillion
📁 Active Directory
📋AD-Index-Work-Log
Access Control Model
AD Defense
Domain Enumeration
Domain Enumeration using Bloodhound
Domain Persistence
Enumeration Cheatsheet AD
Group Policy
Introduction to Active Directory
Lateral Movement
LLMNR Poisoning
Local Privilage Escalation
Local Privilage Escalation Cheatsheet
Methodology
Microsoft AD Module
Password Cracking with Hashcat
Powershell
Powerview
Privilage Escalation using Feature Abuse
Trusts
User Hunting
📝 Exam review
Az 900
📱Android
Activities
Android App Components
Android Applications
Android Architcture
Android Dynamic analysis
Android Manifest.xml
Android red team
Android Static Analysis
Architecture
Broadcast Recievers
Certificate transparancy issue
Connecting Vitrual VM to a Physical Android Device over adb
Content providers
Humla android workshop
Injured Android Walkthrough
Intent Filters
Intents
Mobile Application Pentesting Process
Patching an app manually
Pentest process
Pentest process 1
Possible issues
Pull Apps from Playstore
Resources
Services
Shared Preferences
Signatures in Android App
📱iOS
Apps
Burp Mobile assistant
Emulator Options
Frida and objection
Getting IPA files
Installing ipa files directly
ios Architecture
ios filesystem
Jailbreaking - Notes and Resources
Lab Setup
Learnings from Null Humla Session Blr - 01 Feb 2025
Objection on ipa - patching
Proxyman (Alternative to burp)
setting up mac os on VM
Static Analysis
🔌 API
API Active Recon
API Authentication Attacks
API Authorization Attacks
API Passive Recon
API Recon
Combining techniques
Content type vulnerabilities
Evasive Measures
Excessive Data Exposure
GraphQL - Humla
Improper Asset Management
Injection Attacks
Mass Assignment Attack
Methodology - Checklist
Reverse Engineering an API
scan with zap (manual)
SSRF
Tools
Vulns
X forwarded for header to bypass auth
🔍Code Review
Code review
🧠 Prompt Engineering
1 Intro
2 Elements of a prompt
3. Use case
Offensive Approach
🫙 Container security
Docker Basics
Hacking docker
Humla container sec
Architecture
API Integration Patterns
Building an Identity Architecture
Federation
Windows
Alternate data streams
Dumping hashes with Mimikatz
Kernel Explots - Win Priv Esc
Microsoft IIS + Webdav
Pass the hash
Searching for passwords in windows config files
UAC Bypass
Windows
Windows - Privilege Escalation 1
Windows Access Tokens - Token Impersonation
Windows Password Hashes
WINRM
Engineering Blogs links
Iot hacking bsides notes
Knowledge Store
Learnings from Source code review null humla - 12th May 2024
Tools you need for Bug Bounty
Tunneling Traffic via SSH
💎 Obsidian Plugin Guide
Dataview
Excalibrain
Excalidraw
Leaflet
💪 Project 1000
What is this❓
💼 Building a business
Productivity
Random Business Knowledge
📕 Books - Notes and Reviews
Learnings from Zseano's methodology
Life is short - So is this book
📽️ Content Creation
grading
Settings for reels
tips
🔧 Programming
Rust - Programming Language
1. Installation
2. Hello World
3. Functions, Macros, Comments and Errors
4. Variables and Data Types
5. Control Flow
6. Structures and Enums
7. Ownership and Move semantics
8. References and borrowing
Algorithm design techniques
Asymptotic Notation
z_📋Templates
🗂️ TEMPLATE - INDEX
Note Template
Plan to learn template
Quick note template
z_📝Markdown_syntax_help
Basic note
Dataview queries
Using leaflet plugin
Learnings
Tunneling
Home
❯
👽 Security
❯
📱Android
Folder: 👽-Security/📱Android
27 items under this folder.
Apr 12, 2026
Mobile Application Pentesting Process
Apr 12, 2026
Patching an app manually
Apr 12, 2026
Pentest process 1
Apr 12, 2026
Pentest process
Apr 12, 2026
Possible issues
Apr 12, 2026
Pull Apps from Playstore
Apr 12, 2026
Resources
Apr 12, 2026
Services
android
mobile
bug-bounty
hacking
Apr 12, 2026
Shared Preferences
android
mobile
bug-bounty
hacking
Apr 12, 2026
Signatures in Android App
signature
android
mobile
bug-bounty
hacking
tools
Apr 12, 2026
Activities
android
mobile
bug-bounty
hacking
Apr 12, 2026
Android App Components
android
mobile
bug-bounty
hacking
Apr 12, 2026
Android Applications
android
mobile
bug-bounty
mobexler
hacking
Apr 12, 2026
Android Architcture
android
architecture
mobile
hacking
bug-bounty
system
security
Apr 12, 2026
Android Dynamic analysis
Apr 12, 2026
Android Manifest.xml
android
mobile
hacking
bug-bounty
Apr 12, 2026
Android Static Analysis
Apr 12, 2026
Android red team
Apr 12, 2026
Architecture
Apr 12, 2026
Broadcast Recievers
android
mobile
bug-bounty
hacking
Apr 12, 2026
Certificate transparancy issue
Apr 12, 2026
Connecting Vitrual VM to a Physical Android Device over adb
android
adb
hacking
setup
mobile
remote-machine
virtualbox
mobexler
bug-bounty
lab
Apr 12, 2026
Content providers
android
mobile
bug-bounty
hacking
Apr 12, 2026
Humla android workshop
Apr 12, 2026
Injured Android Walkthrough
Apr 12, 2026
Intent Filters
Apr 12, 2026
Intents
android
mobile
bug-bounty
hacking