Move privesc section to appropriate place, consolidate RE resources.

This commit is contained in:
fabacab 2020-07-06 18:45:33 -04:00
parent 3424cd0dce
commit 2d67eb6528
No known key found for this signature in database
GPG Key ID: B0303BF6BA36A560

View File

@ -20,7 +20,6 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [Malware Analysis Books](#malware-analysis-books)
* [Network Analysis Books](#network-analysis-books)
* [Penetration Testing Books](#penetration-testing-books)
* [Reverse Engineering Books](#reverse-engineering-books)
* [Social Engineering Books](#social-engineering-books)
* [Windows Books](#windows-books)
* [CTF Tools](#ctf-tools)
@ -75,7 +74,9 @@ Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Plea
* [Periodicals](#periodicals)
* [Physical Access Tools](#physical-access-tools)
* [Privilege Escalation Tools](#privilege-escalation-tools)
* [Reverse Engineering Tools](#reverse-engineering-tools)
* [Reverse Engineering](#reverse-engineering)
* [Reverse Engineering Books](#reverse-engineering-books)
* [Reverse Engineering Tools](#reverse-engineering-tools)
* [Security Education Courses](#security-education-courses)
* [Side-channel Tools](#side-channel-tools)
* [Social Engineering Tools](#social-engineering-tools)
@ -173,21 +174,6 @@ See also [DEF CON Suggested Reading](https://www.defcon.org/html/links/book-list
* [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE)
* [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
## Privilege Escalation Tools
* [Active Directory and Privilege Escalation (ADAPE)](https://github.com/hausec/ADAPE-Script) - Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
* [LinEnum](https://github.com/rebootuser/LinEnum) - Scripted local Linux enumeration and privilege escalation checker useful for auditing a host and during CTF gaming.
* [Postenum](https://github.com/mbahadou/postenum) - Shell script used for enumerating possible privilege escalation opportunities on a local GNU/Linux system.
* [unix-privesc-check](https://github.com/pentestmonkey/unix-privesc-check) - Shell script to check for simple privilege escalation vectors on UNIX systems.
## Reverse Engineering Books
* [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386)
* [Hacking the Xbox by Andrew Huang, 2003](https://nostarch.com/xbox.htm)
* [Practical Reverse Engineering by Bruce Dang et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html)
* [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/)
* [The IDA Pro Book by Chris Eagle, 2011](https://nostarch.com/idapro2.htm)
### Social Engineering Books
* [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/)
@ -696,10 +682,27 @@ See also [awesome-pcaptools](https://github.com/caesar0301/awesome-pcaptools).
* [Thunderclap](https://thunderclap.io/) - Open source I/O security research platform for auditing physical DMA-enabled hardware peripheral ports.
* [USB Rubber Ducky](http://usbrubberducky.com/) - Customizable keystroke injection attack platform masquerading as a USB thumbdrive.
## Reverse Engineering Tools
## Privilege Escalation Tools
* [Active Directory and Privilege Escalation (ADAPE)](https://github.com/hausec/ADAPE-Script) - Umbrella script that automates numerous useful PowerShell modules to discover security misconfigurations and attempt privilege escalation against Active Directory.
* [LinEnum](https://github.com/rebootuser/LinEnum) - Scripted local Linux enumeration and privilege escalation checker useful for auditing a host and during CTF gaming.
* [Postenum](https://github.com/mbahadou/postenum) - Shell script used for enumerating possible privilege escalation opportunities on a local GNU/Linux system.
* [unix-privesc-check](https://github.com/pentestmonkey/unix-privesc-check) - Shell script to check for simple privilege escalation vectors on UNIX systems.
## Reverse Engineering
See also [awesome-reversing](https://github.com/tylerha97/awesome-reversing), [*Exploit Development Tools*](#exploit-development-tools).
### Reverse Engineering Books
* [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386)
* [Hacking the Xbox by Andrew Huang, 2003](https://nostarch.com/xbox.htm)
* [Practical Reverse Engineering by Bruce Dang et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html)
* [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/)
* [The IDA Pro Book by Chris Eagle, 2011](https://nostarch.com/idapro2.htm)
### Reverse Engineering Tools
* [Capstone](http://www.capstone-engine.org/) - Lightweight multi-platform, multi-architecture disassembly framework.
* [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for GNU/Linux.
* [Frida](https://www.frida.re/) - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.