https://r0tbyt3.dev/tags/moc/Recent content in Moc on Jesus OsegueraHugoen-ushttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/Active Directory Active Directory - Microsoft’s directory service for managing users, computers, and policies in Windows domain environments. Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Management User Administration Related Links: Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/Active Directory Enumeration Active Directory Enumeration - techniques for querying Active Directory to gather information about users, groups, computers, and domain configuration. Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumeration Related Links: Active Directory Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/encryption/aes/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/encryption/aes/AES AES - Advanced Encryption Standard implementations across various libraries and APIs for use in security tooling. AES Decryption Encryption via CTAES Library AES Decryption Encryption via Tiny AES Library AES Decryption Encryption via WinAPIs AES Encryption Decryption Related Links: Base N Encoder Entropy Reduction Brute Forcing Key Decryption Caesar Cipher Encryption Decryption ChaCha20 Encryption Algorithm Data Encryption Techniques Encryption Fundamentals Generating Encryption Keys Without WinAPI Calls Random Key Generation RC4 SystemFunction040 Encryption Decryption XOR Encryption Decryption via Multi-Byte Key XOR Encryption Decryption via Single Bytehttps://r0tbyt3.dev/wiki/content/backend-engineering/python/ai-and-llms/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/python/ai-and-llms/AI and LLMs AI and LLMs - integrating AI models and large language model capabilities into Python backend applications. Ai in development Embeddings Function calling RAGs Structured outputs Related Links: Language Fundamentals Software Engineeringhttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/aitm-and-mfa-bypass/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/aitm-and-mfa-bypass/AitM and MFA Bypass AitM and MFA Bypass - adversary-in-the-middle proxy techniques and OAuth device code flows used to bypass multi-factor authentication. Adversary in the Middle (AitM) via Evilginx Customizing Evilginx OPSEC Configuration Dynamic Device Code Phishing Evilginx Phishlet Development Evilginx URL Rewriting GitHub Device Code Phishing GitLab Device Code Phishing Illicit Consent Grant Invisible Proxy OPSEC Considerations Manual TOTP Harvesting MFA Bypass Azure AitM Phishing MFA Bypass Building an Invisible Proxy MFA Bypass Building an Invisible Proxy via Cloudflare Workers Microsoft Device Code Phishing Protecting Evilginx Server via Caddy Related Links: Anti-Bot Email Attachments and Phishing Campaigns HTML Smuggling Infrastructure Introduction to Phishing Page Design and Delivery Phishing Anti-Analysis Phishing Requirementshttps://r0tbyt3.dev/wiki/content/backend-engineering/dsa/algorithms/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/dsa/algorithms/Algorithms Algorithms - core algorithmic techniques and their Python 3 implementations for technical interview preparation. Backtracking Big O Notation Bit Manipulation Divide and Conquer Dynamic Programming Graph Algorithms Greedy Algorithms Recursion Searching Sorting Related Links: Data Structures Patternshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/amsi-bypass/AMSI Bypass AMSI Bypass - techniques for disabling or circumventing the Antimalware Scan Interface to prevent PowerShell and script content from being scanned. AMSI Bypass Byte Patching AMSI Evasion AMSI Evasion via Hardware Breakpoint Hooks AMSI Evasion via Patching Introduction to AMSI Patchless AMSI Bypass via Hardware Breakpoints Related Links: Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-analysis/analysis-methods/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-analysis/analysis-methods/Analysis Methods Analysis Methods - techniques and methodologies for examining malware through static inspection and dynamic execution. Dynamic Analysis Malware Analysis Techniques Static Analysis Related Links: Automated Malware Analysis Maltego Memory Leaks Metasploit Reverse Engineering Urlvoid Virustotalhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/anti-analysis/Anti-Analysis Anti-Analysis - techniques that detect and subvert debugging, virtual machine, and sandbox environments to prevent dynamic malware analysis. Anti-Debugging Techniques Anti-Debugging via NtGlobalFlag Anti-Debugging via NtSystemDebugControl Anti-Debugging via ProcessDebugFlags Anti-Debugging via Ptrace Anti-Debugging via TLS Callbacks Anti-Forensic Evasion Techniques Anti-Malware Evasion Techniques Anti-Virtualization Techniques Anti-Virus Evasion Techniques Automated Evasion Techniques Avoid Detection Techniques Check Debug Object Handle Check Debug Object Handle via NtQueryInformationProcess Check Hyper-V Status Detect Virtualization Methods Detect Virtualization via Hardware Specification Detect Virtualization via Monitor Resolution Detect Virtualization via User Interaction Detect Virtualized Environments IDS Evasion Techniques IP Address Whitelisting Multiple Anti-Debugging Techniques Network Evasion Techniques Overview Sandbox Evasion Techniques TLS Callbacks for Anti-Debugging User Interaction Evasion Techniques Related Links: AMSI Bypass Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/anti-bot/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/anti-bot/Anti-Bot Anti-Bot - techniques for detecting and blocking automated scanners, security bots, and analysis tools from accessing phishing pages. Ad Blocker Detection Anti-Bot Library Anti-Bot via Advanced JA4 Analysis Anti-Bot via CAPTCHA Anti-Bot via Improper Window Size Anti-Bot via User Agent Filtering Anti-Bot via User Agent Spoofing Detection Anti-Bot via User Interaction Client Analysis via Cloudflare Workers Client Logging Library Collecting and Analyzing Bot Telemetry Collecting and Analyzing JA4 Bot Telemetry Detecting Headless Browsers via WebDriver Property Incognito Mode Detection JA3 JA3S Fingerprinting JA4 Analysis Blacklisting JA4 Fingerprints JA4 Analysis Blacklisting Partial JA4 Fingerprints JA4 Analysis Calculating JA4 Fingerprints JA4 Analysis Whitelisting Partial JA4 Fingerprints JA4 JA4S Fingerprinting JARM Fingerprinting Related Links: AitM and MFA Bypass Email Attachments and Phishing Campaigns HTML Smuggling Infrastructure Introduction to Phishing Page Design and Delivery Phishing Anti-Analysis Phishing Requirementshttps://r0tbyt3.dev/wiki/content/backend-engineering/web/apis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/web/apis/APIs APIs - protocols, styles, and standards for designing and consuming application programming interfaces. API API Design API styles GraphQL GraphQL Fundamentals GRPC HTTP and API Fundamentals Open API Specification (OAS) REST REST API Design SOAP Related Links: Web Infrastructurehttps://r0tbyt3.dev/wiki/content/cybersecurity/application-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/application-security/Application Security Application Security - the practice of identifying and mitigating vulnerabilities in software applications throughout the development lifecycle. Authentication and Authorization Automated Exploit Generation Automated Vulnerability Discovery Common Exploit Frameworks and Tools Injection Attacks OWASP Top 10 Secure Coding Fundamentals Software Vulnerabilities and Exploits Target-Specific Exploitation Web Based Attacks Related Links: Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/backend-engineering/system-design/architecture-patterns/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/system-design/architecture-patterns/Architecture Patterns Architecture Patterns - high-level structural patterns for organizing backend systems including monoliths, microservices, and serverless. Architectural patterns Backend Architecture Microservices Monolith Monolith vs Microservices Serverless Serverless computing Service mesh architecture Service meshes Service-oriented architecture (SOA) Twelve-factor app Related Links: Scalability and Infrastructurehttps://r0tbyt3.dev/wiki/content/backend-engineering/security/authentication/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/security/authentication/Authentication Authentication - mechanisms for verifying identity including passwords, tokens, sessions, and multi-factor methods. Authentication and Authorization AuthN vs AuthZ Multi-factor authentication (MFA) Password-based authentication Session and Token Security Token-based authentication Related Links: Authorization Cryptography Web Securityhttps://r0tbyt3.dev/wiki/content/cybersecurity/application-security/authentication-and-authorization/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/application-security/authentication-and-authorization/Authentication and Authorization Authentication and Authorization - attack techniques targeting weak authentication mechanisms and improper access control implementations. Authentication Bypass Techniques Breaking Authentication Breaking Authorization Brute Force vs Password Spraying Related Links: Automated Exploit Generation Automated Vulnerability Discovery Common Exploit Frameworks and Tools Injection Attacks OWASP Top 10 Secure Coding Fundamentals Software Vulnerabilities and Exploits Target-Specific Exploitation Web Based Attackshttps://r0tbyt3.dev/wiki/content/backend-engineering/security/authorization/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/security/authorization/Authorization Authorization - mechanisms for controlling access to resources based on verified identity and assigned permissions. Access control lists (ACLs) Attribute-based access control (ABAC) Capability-based access control OAuth OpenID Connect (OIDC) Role-based access control (RBAC) Related Links: Authentication Cryptography Web Securityhttps://r0tbyt3.dev/wiki/content/backend-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/Backend Engineering Backend Engineering - design, development, and maintenance of server-side applications, APIs, databases, and infrastructure that power web applications and services. Concurrency Databases Django DSA Python Security System Design Web Related Links: Cybersecurity DevOps and Platform Engineering Embedded Systems Homehttps://r0tbyt3.dev/wiki/content/cybersecurity/bash/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/bash/Bash Bash - the Bourne Again Shell scripting language used extensively in Linux-based cybersecurity tooling, automation, and offensive operations. Bash Fundamentals Related Links: Application Security Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/beacon-object-files-bof/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/beacon-object-files-bof/Beacon Object Files (BOF) Beacon Object Files (BOF) - position-independent code objects executed in-process by C2 frameworks such as Cobalt Strike for post-exploitation. BOF Execution Introduction to BOF LSASS Dump BOF Object File Loader with Module Stomping Threadless Shellcode Injection via HWBPs BOF Writing BOF Files Related Links: C2 and Networking Credential Dumping Malware Concepts Payload and PE Persistence Process Injection Sleep Obfuscation Windows Internalshttps://r0tbyt3.dev/wiki/content/cybersecurity/burp-suite/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/burp-suite/Burp Suite Burp Suite - an integrated web application security testing platform used for intercepting, inspecting, and manipulating HTTP traffic. Burp Suite Fundamentals Intercepting Proxy Intruder Repeater Scanner Related Links: Application Security Bash Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/embedded-systems/c-language/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/c-language/C Language for Embedded Systems C Language for Embedded Systems - the programming language commonly used for developing software for embedded systems due to its efficiency and low-level control. (Note: This is different from application-level C programming, which may involve higher-level abstractions and libraries.) Accessing Memory-Mapped Registers with Pointers Bitwise Operators and Bit Manipulation Techniques Compiler Optimization Behavior and volatile Fixes Complex const and volatile Combinations Control Flow for Firmware Data Types, Variables, and Storage Class Specifiers Defensive C Patterns for Vulnerability Prevention ELF File Format, Symbols, Sections, and Segments Functions and Modular Firmware Design Pointers and Casting in Embedded C Register Definitions with C Structures Relocation, Linking, Literal Pools, and Veneers Structures, Bitfields, Unions, and Bit Extraction Toolchain Fundamentals Related Links: Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Hardware Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/c2-and-networking/C2 and Networking C2 and Networking - command-and-control communication patterns, protocol abuse, and network-based techniques used in post-exploitation operations. Alertable Functions APC Queues Automated C2 Infrastructure Setup C2 Communication Techniques Command and Control Patterns Custom SMB Client Data Exfiltration Techniques Domain Generation Algorithms (DGA) Domain Registration Kill Switch Download and Upload via SMB Download File via BITS Execute Shell Command Fetch Payload via URL Fetch Payload via URL using IWinHttpRequest COM Interface File Upload via SMB Get Payload from URL Introduction to Havoc C2 List SMB Files Malware Kill Date Malware Working Hours MsgWaitForMultipleObjectsEx Alertable Function Multiple Alertable Functions Named Pipes PowerShell Execution via .https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/CI-CD CI-CD - continuous integration, continuous delivery, and DevSecOps practices for modern software pipelines. DevOps Fundamentals DevSecOps Pipeline and Delivery Related Links: Containers and Kubernetes DevOps and Platform Engineering Infrastructure as Code Observability and SREhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/code-obfuscation/Code Obfuscation Code Obfuscation - techniques that transform malware code to disguise its true purpose and evade signature-based and heuristic detection. AP String Hashing Algorithm AP String Hashing Algorithm ASCII AP String Hashing Syscalls Hash Values NT AP Syscalls Hash Values ZW AP WinAPIs Hash Values Bypass EAF Export Address Filtering CFG Query Code Obfuscation Compile-Time GetModuleHandle Compile-Time GetProcAddress Evasion with File Bloating File Entropy Reduction Techniques FNV1A String Hashing Algorithm FNV1A String Hashing Algorithm ASCII FNV1A String Hashing Syscalls Hash Values FNV1A String Hashing Syscalls Hash Values NT FNV1A Syscalls Hash Values ZW FNV1A WinAPIs Hash Values Function Replacements Function Replacements eg Malloc Strcpy ZeroMemory GoTo Functionality IAT Camouflage IAT Obfuscation Variants JS String Hashing Algorithm JS String Hashing Algorithm ASCII JS String Hashing Syscalls Hash Values NT JS Syscalls Hash Values ZW JS WinAPIs Hash Values Malware Binary Signing Obfuscation Mmgetsystemroutineaddress Replacement String Hashing Kernel Multiple Function Replacements Multiple GetModuleHandle Replacement Functions MurmurHash3 String Hashing Algorithm MurmurHash3 String Hashing Algorithm ASCII MurmurHash3 String Hashing Syscalls Hash Values NT MurmurHash3 Syscalls Hash Values ZW MurmurHash3 WinAPIs Hash Values Obfuscation IPv4fuscation IPv6fuscation UUIDfuscation MACfuscation Payload Obfuscation PJW String Hashing Algorithm PJW String Hashing Algorithm ASCII PJW String Hashing Syscalls Hash Values NT PJW Syscalls Hash Values ZW PJW WinAPIs Hash Values SDBM String Hashing Algorithm SDBM String Hashing Algorithm ASCII SDBM String Hashing Syscalls Hash Values NT SDBM Syscalls Hash Values ZW SDBM WinAPIs Hash Values Self Deletion String Hashing String Hashing Obfuscation Techniques Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Covering Tracks ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/backend-engineering/concurrency/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/concurrency/Concurrency Concurrency - patterns and techniques for handling parallel execution, async processing, and real-time data. Backpressure Circuit breakers Event-driven architecture Failure modes Graceful degradation Loadshifting Rate limiting Real time data Realtime Server sent events short polling Streaming Throttling Websockets Related Links: Backend Engineering Databases Django DSA Python Security System Design Webhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/containers-and-kubernetes/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/containers-and-kubernetes/Containers and Kubernetes Containers and Kubernetes - containerization fundamentals, orchestration, and security for cloud-native applications. Container Fundamentals Container Scanning Tools Docker Security Kubernetes Fundamentals Kubernetes Security Kubernetes Security Basics Related Links: CI-CD DevOps and Platform Engineering Infrastructure as Code Observability and SREhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/covering-tracks/Covering Tracks Covering Tracks - techniques to erase or tamper with forensic evidence including logs, timestamps, and file system artifacts after a compromise. Anti-Forensic Techniques Covering Tracks Techniques Data Destruction Techniques File Time Stomping Log Tampering Techniques Self-Deletion Techniques Shadow Copy Deletion Timestomping Techniques Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation ETW Bypass NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/credential-dumping/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/credential-dumping/Credential Dumping Credential Dumping - techniques for extracting authentication credentials from memory, registry, disk, and browser storage on compromised systems. Clipboard Data Theft Dumping Browser Cookies Chrome Dumping Browser Cookies Firefox Dumping Saved Logins Chrome Dumping Saved Logins Firefox Dumping the SAM Database Dumping the SAM from Disk Dumping the SAM Remotely Enable WDigest Extract WiFi Passwords Fetching LSASS Handle and Bypassing PPL Get Current Token Impersonate Process User Introduction to LSASS Dumping LSASS Dump via Handle Duplication LSASS Dump via MiniDumpWriteDump LSASS Dump via RtlReportSilentProcessExit LSASS Dump via SecLogon Race Condition Privilege Query Read Clipboard Data Set Privilege via AdjustTokenPrivileges Set Privilege via RtlAdjustPrivilege SMB Pass the Hash Token Impersonation Token Manipulation Token Querying Utilizing Hardware Breakpoints for Credential Dumping Related Links: Beacon Object Files (BOF) C2 and Networking Malware Concepts Payload and PE Persistence Process Injection Sleep Obfuscation Windows Internalshttps://r0tbyt3.dev/wiki/content/backend-engineering/security/cryptography/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/security/cryptography/Cryptography Cryptography - cryptographic primitives and protocols used to protect data integrity, confidentiality, and authenticity. Argon2 Bcrypt Hashing algorithms MD5 Scrypt SHA-1 SHA-256 TLS Related Links: Authentication Authorization Web Securityhttps://r0tbyt3.dev/wiki/content/cybersecurity/cryptography/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/cryptography/Cryptography Cryptography - the study of techniques for secure communication and data protection using mathematical algorithms and protocols. Cryptographic Algorithms Cryptography Fundamentals Data Anonymization Techniques Data Masking Techniques Secure Communication Techniques Steganography Related Links: Application Security Bash Burp Suite Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/Cybersecurity Map Cybersecurity - the practice of protecting computer systems, networks, and data from unauthorized access, attacks, and damage. Application Security Bash Burp Suite Cryptography Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wireshark Related Links: Backend Engineering DevOps and Platform Engineering Embedded Systems Homehttps://r0tbyt3.dev/wiki/content/backend-engineering/dsa/data-structures/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/dsa/data-structures/Data Structures Data Structures - fundamental data structures every engineer must know, with Python 3 implementations and complexity analysis. Arrays Binary Search Trees Graphs Hash Tables Heaps Linked Lists Queues Sets Stacks Strings Trees Tries Related Links: Algorithms Patternshttps://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-fundamentals/Database Fundamentals Database Fundamentals - core concepts underlying all database systems including transactions, ACID, normalization, and data modeling. ACID CAP theorem Data constraints Data definition language Data integrity and normalization and security Data manipulation language Databases and Data Modeling Migrations Normalization ORMs Transactions Transactions and isolation levels Related Links: Database Performance Database Types SQLhttps://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-performance/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-performance/Database Performance Database Performance - techniques for indexing, scaling, and optimizing database queries and infrastructure. Data replication Database index Database scaling Indexes and performance optimization Indexing and Query Performance N+1 query problem Performance tuning and query optimization Sharding Related Links: Database Fundamentals Database Types SQLhttps://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-types/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/databases/database-types/Database Types Database Types - survey of relational, NoSQL, and specialized database systems and their appropriate use cases. Column dbs Document dbs Elasticsearch Graphdbs Key value Memcached Non-relational databases NoSQL databases Redis Relational databases Search engines Solr Time series dbs Vector databases Related Links: Database Fundamentals Database Performance SQLhttps://r0tbyt3.dev/wiki/content/backend-engineering/databases/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/databases/Databases Databases - foundational database systems covering SQL, NoSQL, data modeling, and performance for backend development. Database Fundamentals Database Performance Database Types SQL Related Links: Backend Engineering Concurrency Django DSA Python Security System Design Webhttps://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/detection-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/detection-engineering/Detection Engineering Detection Engineering - the systematic development and tuning of detection rules, analytics, and coverage mappings against adversary techniques. Detection Engineering Fundamentals MITRE ATT&CK Mapping Related Links: Endpoint Security SIEM and Tools SOC Honeypots Threat Hunting Techniqueshttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/DevOps and Platform Engineering DevOps and Platform Engineering - practices, tools, and methodologies for software delivery, infrastructure management, and operational excellence. CI-CD Containers and Kubernetes Infrastructure as Code Observability and SRE Related Links: Backend Engineering Cybersecurity Embedded Systems Homehttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devops-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devops-fundamentals/DevOps Fundamentals DevOps Fundamentals - foundational concepts and methodologies underlying the DevOps and DevSecOps culture. Agile and Scrum DevOps and DevSecOps Fundamentals Phases of DevOps Software Delivery Models Waterfall vs Agile vs DevOps Related Links: DevSecOps Pipeline and Deliveryhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/DevSecOps DevSecOps - integrating security into every phase of the CI/CD pipeline through automated testing and tooling. API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3af Related Links: DevOps Fundamentals Pipeline and Deliveryhttps://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/digital-forensics/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/digital-forensics/Digital Forensics Digital Forensics - the collection, preservation, and analysis of digital evidence from storage media, memory, and network artifacts. Disk Forensics Host Forensics Fundamentals Memory Forensics Related Links: Anti-Forensic Techniques Automated Reverse Engineering Forensics Hayabusa Incident Response Threat Hunting Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/digital-social-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/digital-social-engineering/Digital Social Engineering Digital Social Engineering - online-based manipulation techniques that exploit trust, urgency, and human psychology to achieve unauthorized access. Business Email Compromise Drive-By Downloads File Sharing and Removable Media Phishing Overview Typo Squatting Watering Hole Attacks Related Links: Automated Social Engineering Techniques Automated Spear Phishing Email Generation Physical Social Engineering Social Engineering Fundamentals Social Engineering Techniqueshttps://r0tbyt3.dev/wiki/content/backend-engineering/django/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/django/Django Django - high-level Python web framework for rapid, secure, and scalable web application development. Class-Based Views Custom User Model Deployment Django Admin Django Security Django Testing Forms and Validation Function-Based Views Middleware Migrations ModelForms Models and ORM Permissions and Groups QuerySets and Managers Settings and Configuration Signals Static Files and Media Templates and Template Tags URL Routing User Authentication Related Links: Backend Engineering Concurrency Databases DSA Python Security System Design Webhttps://r0tbyt3.dev/wiki/content/backend-engineering/dsa/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/dsa/DSA DSA - data structures and algorithms covering must-know topics for technical interviews, implemented in Python 3. Algorithms Data Structures Patterns Related Links: Backend Engineering Concurrency Databases Django Python Security System Design Webhttps://r0tbyt3.dev/wiki/content/embedded-systems/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/Embedded Systems Map Embedded Systems - design, development, and maintenance of specialized computing systems that are integrated into larger devices or systems to perform specific functions. Architectures C Language Communication Protocols Execution Models Exploits Hardware Runtime View STM32 Microcontrollers Related Links: Backend Engineering Cybersecurity DevOps and Platform Engineering Homehttps://r0tbyt3.dev/wiki/content/embedded-systems/architectures/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/architectures/Embedded Systems Architectures Embedded Systems Architectures - the different approaches to designing and structuring embedded systems, including single-core, multi-core, and heterogeneous architectures. Arm M-profile Bus Fabrics and On-Chip Interconnects CPU Core Concepts Heterogeneous SoCs and Co-processors Memory Architecture Power and Clock Domain Architecture RISC-V Single-Core vs Multi-Core Architectures Related Links: C Language for Embedded Systems Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Hardware Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/embedded-systems/communication-protocols/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/communication-protocols/Embedded Systems Communication Protocols Embedded Systems Communication Protocols - the methods and standards used for communication between embedded systems and other devices or systems. CAN Bus I2C Monodon Firmware SPI UART Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Hardware Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/embedded-systems/execution-models/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/execution-models/Embedded Systems Execution Models Embedded Systems Execution Models - the different approaches to managing and executing code in embedded systems, including polling, interrupt-driven, and real-time operating system (RTOS) based models. Cooperative Scheduling Event-Driven and State-Machine Models Failure Recovery Models Hybrid Polling and Interrupt Models Interrupt-Driven Execution ISR-to-Task Communication Patterns Power-Aware Execution Strategies Preemptive RTOS Scheduling Real-Time Constraints, Latency, and Jitter Shared-State Synchronization and Concurrency Safety Superloop Task Priorities and Deadline Handling Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Exploits Embedded Systems Hardware Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/embedded-systems/exploits/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/exploits/Embedded Systems Exploits Embedded Systems Exploits - the methods and techniques used to identify and exploit vulnerabilities in embedded systems. Buffer Overflow Firmware Exploitation Network Attacks Physical Attacks Side-Channel Attacks Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Hardware Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/embedded-systems/hardware/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/hardware/Embedded Systems Hardware Embedded Systems Hardware - the physical components and architecture of embedded systems, including microcontrollers, memory, and peripheral devices. Board Bring-Up and Hardware Validation Cables, Connectors, and Physical Interfaces Clocking and Reset Circuits Debug and Programming Hardware Digital and Analog Peripherals Memory Hardware Microcontrollers and Selection Criteria Power Regulation and Conversion Power Sources and Power Budgeting Sensors, Actuators, and Driver Components Signal Integrity, Protection, and Level Shifting Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Runtime View STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/cybersecurity/encryption/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/encryption/Encryption Encryption - the process of encoding data using cryptographic algorithms so that only authorized parties can decode and read it. AES Base N Encoder Entropy Reduction Brute Forcing Key Decryption Caesar Cipher Encryption Decryption ChaCha20 Encryption Algorithm Data Encryption Techniques Encryption Fundamentals Generating Encryption Keys Without WinAPI Calls Random Key Generation RC4 SystemFunction040 Encryption Decryption XOR Encryption Decryption via Multi-Byte Key XOR Encryption Decryption via Single Byte Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/etw-bypass/ETW Bypass ETW Bypass - techniques for disabling or subverting Event Tracing for Windows to prevent telemetry collection by EDR and monitoring tools. ETW Bypass Byte Patching ETW Bypass Improved Patching ETW Discovering ETW Tools ETW Evasion ETW Evasion via NtTraceEvent Patching ETW Evasion via Patching ETW Evasion via Patching EtwpEventWrite ETW Evasion via Patching EtwpEventWrite v2 ETW Evasion via WinAPIs Patching ETW Provider Session Hijacking Introduction to ETW Patchless ETW Bypass via Hardware Breakpoints Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks NTDLL Unhooking and API Hookinghttps://r0tbyt3.dev/wiki/content/cybersecurity/firewalls/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/firewalls/Firewalls Firewalls - network security systems that monitor and control incoming and outgoing traffic based on predetermined security rules. DMZ Firewalls Overview Honeypots Jump Server Microsegmentation Network Segmentation Port Blocking Zero Trust Architecture Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/ghidra/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/ghidra/Ghidra Ghidra - a free and open-source reverse engineering tool suite developed by the NSA for analyzing compiled code across multiple platforms. Ghidra Fundamentals Ghidra Scripting Reverse Engineering with Ghidra Static Analysis with Ghidra Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/labs/hackthebox/hackthebox/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/labs/hackthebox/hackthebox/Hack the Box Writeups NOTICE: In order to maintain the integrity of the Hack the Box platform, this webpage only contains writeups for retired machines or specific, designated Pro Labs. Additionally, writeups do not contain any flags. Hack the Box - a platform for learning and practicing cybersecurity skills through real-world challenges and exercises. Hack the Box writeups and solutions. Active Directory Exploitation AI and ML Exploitation Binary Exploitation Hardware Exploitation Reverse Engineering Related Links: Try Hack Me RingZer0 CTFhttps://r0tbyt3.dev/wiki/content/cybersecurity/hashing/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/hashing/Hashing Hashing - the transformation of arbitrary data into a fixed-size digest using one-way cryptographic functions for integrity verification and storage. CRC DJB2 Lose Lose Hashing Algorithms Hashing Fundamentals Multiple Hashing Algorithms Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/home/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/home/Computer Science and Cybersecurity wiki on various topics, domains, tools, and playbooks. Have fun exploring and learning! Backend Engineering Cybersecurity DevOps and Platform Engineering Embedded Systemshttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/html-smuggling/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/html-smuggling/HTML Smuggling HTML Smuggling - techniques for delivering malicious payloads by encoding them within HTML and JavaScript to bypass email and web content filters. Analyzing and Evading SmuggleShield HTML Smuggling HTML Smuggling Strategies Integrating Anti-Bot with HTML Smuggling MOTW Bypass via FileFix Variations SVG Smuggling WebAssembly Smuggling Related Links: AitM and MFA Bypass Anti-Bot Email Attachments and Phishing Campaigns Infrastructure Introduction to Phishing Page Design and Delivery Phishing Anti-Analysis Phishing Requirementshttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/iac-tools/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/iac-tools/IaC Tools IaC Tools - provisioning infrastructure declaratively with Terraform and enforcing configuration with management frameworks. Configuration Management Fundamentals IaC Security Infrastructure as Code Fundamentals Terraform Fundamentals Related Links: Server Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/incident-response/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/incident-response/Incident Response Incident Response - the coordinated approach to preparing for, detecting, containing, and recovering from cybersecurity incidents. Incident Response Lifecycle Related Links: Anti-Forensic Techniques Automated Reverse Engineering Digital Forensics Forensics Hayabusa Threat Hunting Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/incident-response-and-forensics/Incident Response and Forensics Incident Response and Forensics - the structured process of detecting, analyzing, containing, and recovering from security incidents while preserving evidence. Anti-Forensic Techniques Automated Reverse Engineering Digital Forensics Forensics Hayabusa Incident Response Threat Hunting Techniques Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/information-security-models/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/information-security-models/Information Security Models Information Security Models - frameworks, principles, and governance models used to guide the design and assessment of secure information systems. CIA Triad Information Security Models Overview Privacy Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/infrastructure/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/infrastructure/Infrastructure Infrastructure - the server setup, domain configuration, SSL management, and automation required to deploy and operate phishing campaigns. Automate Phishing Infrastructure Ansible Automate Phishing Infrastructure Terraform Database Setup MySQL Deploying Phishing Infrastructure Domain and DNS Configuration Improving Domain Reputation Domain Aging Improving Domain Reputation Domain Categorization Improving Domain Reputation Web Traffic Introduction to Caddy OPSEC Failure Directory Listing Performing Input Validation Protecting Phishing Servers via Caddy Protecting Phishing Servers via Mod Rewrite Secure SSH Configuration Securing Server Blocking Direct IP Access Securing Server Removing Verbose Information Securing Server Restrict HTTP Access Securing Server via Cloudflare Serverless Phishing Cloudflare Worker SSL Configuration Comodo SSL SSL Configuration Lets Encrypt Web Server Setup Apache PHP Web Server Setup Nginx Flask Wildcard Certificate via Lets Encrypt Related Links: AitM and MFA Bypass Anti-Bot Email Attachments and Phishing Campaigns HTML Smuggling Introduction to Phishing Page Design and Delivery Phishing Anti-Analysis Phishing Requirementshttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/Infrastructure as Code Infrastructure as Code - provisioning, managing, and securing infrastructure through versioned code and automation. IaC Tools Server Administration Related Links: CI-CD Containers and Kubernetes DevOps and Platform Engineering Observability and SREhttps://r0tbyt3.dev/wiki/content/cybersecurity/application-security/injection-attacks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/application-security/injection-attacks/Injection Attacks Injection Attacks - attack techniques that insert malicious data into an application to alter its execution or query behavior. Buffer Overflows CSRF Directory Traversal SQL Injection Timing Attacks XSS Related Links: Authentication and Authorization Automated Exploit Generation Automated Vulnerability Discovery Common Exploit Frameworks and Tools OWASP Top 10 Secure Coding Fundamentals Software Vulnerabilities and Exploits Target-Specific Exploitation Web Based Attackshttps://r0tbyt3.dev/wiki/labs/lab-home/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/labs/lab-home/Tracks Crackmes.one Hack the Box Portswigger Academy RingZer0 CTF TryHackMe Related Home Cybersecurity DevOps and Platform Engineering Embedded Systems Backend Engineeringhttps://r0tbyt3.dev/wiki/content/backend-engineering/python/language-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/python/language-fundamentals/Language Fundamentals Language Fundamentals - core Python syntax, operators, data types, and functional programming constructs. Advanced functions Basic keywords Basic operators Basic data types Related Links: AI and LLMs Software Engineeringhttps://r0tbyt3.dev/wiki/content/cybersecurity/linux-operating-system/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/linux-operating-system/Linux Operating System Linux Operating System - Linux fundamentals, administration, and command-line tools used in cybersecurity operations and penetration testing environments. Ipconfig and Ifconfig Kali vs Parrot vs BlackArch vs Qubes Linux Fundamentals Ping Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-analysis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-analysis/Malware Analysis Malware Analysis - the process of examining malicious software to understand its behavior, functionality, origin, and impact on affected systems. Analysis Methods Automated Malware Analysis Maltego Memory Leaks Metasploit Reverse Engineering Urlvoid Virustotal Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/malware-concepts/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/malware-concepts/Malware Concepts Malware Concepts - foundational knowledge about malware types, behaviors, and development techniques used in offensive security research. Add Binary Icon AI-Generated Malware Assembly Automated Botnet Development Automated Cryptojacking Malware Development Automated Fileless Malware Development Automated Malware Delivery Techniques Automated Malware Distribution Techniques Automated Payload Generation Automated Polymorphic and Metamorphic Malware Development AV Detection Mechanisms Binary Metadata Modification Binary Properties Icon Metadata Block DLL Policy Bring Your Own File Extension Bring Your Own Protocol Handler Bring Your Own Vulnerable Driver (BYOVD) Building a DRM-Equipped Malware C Programming Capturing and Saving Screenshots into Memory Create a DLL Template Cryptojacking Exploits Custom Built Tools Demonstration Developing a Keylogger DLL Sideloading for EDR Evasion DLL Sideloading Overview DLL Sideloading Practical Example DRM-Equipped Malware Encryption and Packing Encryption and Packing Techniques Exploiting EDR for Evasion Fileless Malware Hide Console Window Hide Process Kernel Hide Thread Kernel Introduction to DLL Sideloading Introduction to EDRs Introduction to Keylogging Introduction to MASM Assembly Introduction to the Windows OS Malware Binary Signing Malware Compiling Malware Development Techniques Malware Directory Placement Metamorphic Malware Monitoring Display State Kernel Monitoring User Presence Kernel More C Fundamentals Persistence Techniques Overview Polymorphic and Metamorphic Techniques Polymorphic Malware Print a Hexadecimal Array Print OS Version Process Creation Python for Malware Development Rootkits Rootkits and Bootkits Screen Capture to BMP Windows DLL Template Worm-Like Propagation XLL Templates Related Links: Beacon Object Files (BOF) C2 and Networking Credential Dumping Payload and PE Persistence Process Injection Sleep Obfuscation Windows Internalshttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/Malware Development Malware Development - the study of techniques used to create, deploy, and operate malicious software including loaders, implants, and post-exploitation tools. Beacon Object Files (BOF) C2 and Networking Credential Dumping Malware Concepts Payload and PE Persistence Process Injection Sleep Obfuscation Windows Internals Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/network-security/network-attacks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/network-security/network-attacks/Network Attacks Network Attacks - offensive techniques targeting network infrastructure, protocols, and data in transit to intercept, disrupt, or manipulate communications. DNS Poisoning MITM Network Attacks Overview Packet Sniffing Exploits Spoofing VLAN Hopping VMescape Exploits Related Links: DNS Lookup Host Check ICMP Echo Network Evasion Techniques Network Protocols Port Scanning TCP Port Scan VPNs Wireless and Physical Attackshttps://r0tbyt3.dev/wiki/content/cybersecurity/network-security/network-protocols/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/network-security/network-protocols/Network Protocols Network Protocols - core networking standards and protocols that define how data is transmitted and received across computer networks. DNS Handshakes HTTPS Networking Networking Fundamentals Subnetting Related Links: DNS Lookup Host Check ICMP Echo Network Attacks Network Evasion Techniques Port Scanning TCP Port Scan VPNs Wireless and Physical Attackshttps://r0tbyt3.dev/wiki/content/cybersecurity/network-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/network-security/Network Security Network Security - the practices and technologies used to protect network infrastructure, data in transit, and communication channels from unauthorized access and attacks. DNS Lookup Host Check ICMP Echo Network Attacks Network Evasion Techniques Network Protocols Port Scanning TCP Port Scan VPNs Wireless and Physical Attacks Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/nginx/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/nginx/Nginx Nginx - a high-performance web server, reverse proxy, and load balancer widely used in phishing infrastructure, C2 redirectors, and web application delivery. Introduction to Nginx Capabilities Nginx Demo Reverse Proxying Nginx Fundamentals Protecting Phishing Servers via Nginx Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/nmap/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/nmap/Nmap Nmap - a powerful open-source network scanner used for host discovery, port scanning, service version detection, and OS fingerprinting. Nmap Fundamentals Nmap NSE Scripts Port Scanning Techniques Service Detection Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/ntdll-unhooking-and-api-hooking/NTDLL Unhooking and API Hooking NTDLL Unhooking and API Hooking - techniques to restore hooked NTDLL functions or intercept API calls to bypass EDR user-mode hooks. API Hooking Variants Hardware Hooks NTDLL Unhooking NTDLL Unhooking Variants Unhooking All DLLs Utilizing Hardware Breakpoints for Hooking 1 Utilizing Hardware Breakpoints for Hooking 2 Related Links: AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypasshttps://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/obfuscation-and-detection-evasion/Obfuscation and Detection Evasion Obfuscation and Detection Evasion - techniques used to conceal malicious code and behavior from security tools, analysts, and automated detection systems. AMSI Bypass Anti-Analysis Automated Obfuscation Techniques Code Obfuscation Covering Tracks ETW Bypass NTDLL Unhooking and API Hooking Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/observability-and-sre/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/observability-and-sre/Observability and SRE Observability and SRE - monitoring, reliability engineering, and incident management for production systems. Incident Management for SRE Monitoring and Observability Monitoring Tools Observability Fundamentals SLI SLO SLA Related Links: CI-CD Containers and Kubernetes DevOps and Platform Engineering Infrastructure as Codehttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/Offensive Phishing Operations Offensive Phishing Operations - the planning, infrastructure, and execution of phishing campaigns to harvest credentials and deliver payloads in controlled engagements. AitM and MFA Bypass Anti-Bot Email Attachments and Phishing Campaigns HTML Smuggling Infrastructure Introduction to Phishing Page Design and Delivery Phishing Anti-Analysis Phishing Requirements Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/page-design-and-delivery/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/page-design-and-delivery/Page Design and Delivery Page Design and Delivery - techniques for creating convincing phishing pages, cloning legitimate sites, and delivering payloads via ClickFix and other vectors. ClickFix Run Dialog Alternatives Cloning Websites via Browser Extension Designing Custom Phishing Pages Integrating Backend Functionality Introduction to Apache Mod Rewrite Introduction to ClickFix Introduction to Flask Living Off Trusted Sites (LOTS) Related Links: AitM and MFA Bypass Anti-Bot Email Attachments and Phishing Campaigns HTML Smuggling Infrastructure Introduction to Phishing Phishing Anti-Analysis Phishing Requirementshttps://r0tbyt3.dev/wiki/content/backend-engineering/dsa/patterns/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/dsa/patterns/Patterns Patterns - common problem-solving patterns used in technical interviews, with Python 3 solution templates. BFS Pattern Binary Search Pattern DFS Pattern Fast and Slow Pointers Merge Intervals Monotonic Stack Sliding Window Top K Elements Two Pointers Union Find Related Links: Algorithms Data Structureshttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/payload-and-pe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/payload-and-pe/Payload and PE Payload and PE - techniques for building, loading, and executing shellcode and PE-format payloads in offensive security implants. APC Injection via Write to Process Memory Automated Payload Generation Techniques Building a Loader Building a PE Packer Building an Evasive DLL Payload Loader Command Line Argument Spoofing Compile-Time Hash Obfuscation Compile-Time String Encryption Controlling Payload Execution CRT Library Removal CRT Removal Custom WinAPI Functions DLL Sideloading via at.exe Executing Commands via IShellDispatch2 COM Interface Executing Files via IHxHelpPaneServer COM Interface Executing Files via IHxInteractiveUser COM Interface Fetch a Pointer to PEB Fetch a Pointer to PEB ARM Fetch a Pointer to TEB Fetch Image DOS Header Fetch Image Headers Fetch Image NT Headers File Entropy Reduction Forwarded Functions Get NTDLL Base Address from Stack Frame Walk GetModuleHandle Replacement GetProcAddress Replacement IAT API Set Resolution Inserting a Custom Section into a PE Local Payload Execution Local PE Execution Local Shellcode Execution Manually Mapping API Set Names NET Assemblies Patching SystemEnvironment.https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/persistence/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/persistence/Persistence Persistence - techniques used by malware to maintain access to a compromised system across reboots, logoffs, and security tool detections. Abusing WMI for Persistence Introduction to Windows Persistence Persistence via COM Object Hijacking Persistence via Electron Applications Persistence via File System Persistence via Startup Folder Persistence via Windows Registry Persistence via Windows Services Persistence via Windows Tasks Related Links: Beacon Object Files (BOF) C2 and Networking Credential Dumping Malware Concepts Payload and PE Process Injection Sleep Obfuscation Windows Internalshttps://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/phishing-anti-analysis/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/offensive-phishing-operations/phishing-anti-analysis/Phishing Anti-Analysis Phishing Anti-Analysis - techniques to detect and evade automated phishing page scanners, security analysts, and threat intelligence crawlers. Analyzing Server Security Anti-Analysis Approve Access via Discord Anti-Analysis Approve Access via Email Anti-Analysis Approve Access via Push Notifications Anti-Analysis Dynamic Obfuscation via Obfuscatorio Anti-Analysis via AES Encryption Anti-Analysis via Base64 Obfuscation Anti-Analysis via Cookie Check Anti-Analysis via Dynamic Encryption Anti-Analysis via Dynamic HTML Generation Anti-Analysis via Fetching Remote Content Anti-Analysis via Honeypots Anti-Analysis via Invisible Encoding Anti-Analysis via IP Restrictions Anti-Analysis via Reverse DNS Query Anti-Analysis via Website Keying Anti-Analysis via XOR Obfuscation Cloning Detection Mechanisms Evading Google Safe Browsing Hiding Domain via Referrer Policy Phishing Detection Methods Practical Phishing Detection Examples Related Links: AitM and MFA Bypass Anti-Bot Email Attachments and Phishing Campaigns HTML Smuggling Infrastructure Introduction to Phishing Page Design and Delivery Phishing Requirementshttps://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/physical-social-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/physical-social-engineering/Physical Social Engineering Physical Social Engineering - in-person deception and manipulation techniques that exploit physical access, trust, and human behavior. Dumpster Diving Impersonation Techniques Lock Picking Pretexting Related Links: Automated Social Engineering Techniques Automated Spear Phishing Email Generation Digital Social Engineering Social Engineering Fundamentals Social Engineering Techniqueshttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/pipeline-and-delivery/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/pipeline-and-delivery/Pipeline and Delivery Pipeline and Delivery - CI/CD pipeline design, release strategies, and automated software delivery practices. CI-CD Fundamentals Deployment Development Phase Release Strategies Requirements and Design Phase Testing Related Links: DevOps Fundamentals DevSecOpshttps://r0tbyt3.dev/wiki/content/cybersecurity/information-security-models/privacy/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/information-security-models/privacy/Privacy Privacy - technologies, tools, and techniques for protecting personal data and maintaining anonymity in digital environments. Operating Systems for Privacy Privacy Techniques Privacy-Focused Cloud Storage Providers Privacy-Focused Email Providers Privacy-Focused Hardware Devices Privacy-Focused Messaging Apps Privacy-Focused Operating Systems Privacy-Focused Search Engines Privacy-Focused Social Media Platforms Privacy-Focused Software Applications Privacy-Focused VPN Providers Privacy-Focused Web Browsers Related Links: CIA Triad Information Security Models Overviewhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/process-injection/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/process-injection/Process Injection Process Injection - techniques for executing arbitrary code inside the address space of a legitimate process to evade detection and gain privileges. API Hooking Cross-Architecture Injection x86 to x64 DLL Injection via ZwCreateThreadEx Kernel Function Stomping Ghost Process Injection Ghostly Hollowing Hardware Breakpoint Hooking Library Hardware Breakpoint Threadless Injection Hellshall Herpaderping Hollowing Herpaderping Process Injection KnownDLL Cache Poisoning Injection Library Proxy Loading Local APC Injection Local DLL Injection Local Function Stomping Local Mapping Injection Module Overloading Module Stomping Multiple Anti-Debugging Techniques Multiple Payload Execution Control Methods Patchless Threadless Injection via Hardware Breakpoints Payload Execution Control Payload Execution Control via Events Payload Execution Control via Mutexes Payload Execution Control via Semaphores Payload Execution via Callbacks Payload Execution via CertEnumSystemStore Callback Payload Execution via CertEnumSystemStoreLocation Callback Payload Execution via CopyFileExW Callback Payload Execution via CryptEnumOIDInfo Callback Payload Execution via EnumCalendarInfoW Callback Payload Execution via EnumDesktopsW Callback Payload Execution via EnumDesktopWindows Callback Payload Execution via EnumDirTreeW Callback Payload Execution via EnumDisplayMonitors Callback Payload Execution via EnumerateLoadedModules Callback Payload Execution via EnumFontFamiliesW Callback Payload Execution via EnumFontsW Callback Payload Execution via EnumLanguageGroupLocalesW Callback Payload Execution via EnumObjects Callback Payload Execution via EnumPageFilesW Callback Payload Execution via EnumPropsW Callback Payload Execution via EnumPwrSchemes Callback Payload Execution via EnumResourceTypesW Callback Payload Execution via EnumSystemLocalesEx Callback Payload Execution via EnumThreadWindows Callback Payload Execution via EnumTimeFormatsEx Callback Payload Execution via EnumWindows Callback Payload Execution via EnumWindowStationsW Callback Payload Execution via Fibers Payload Execution via FlsAlloc Callback Payload Execution via ImageGetDigestStream Callback Payload Execution via ImmEnumInputContext Callback Payload Execution via InitOnceExecuteOnce Callback Payload Execution via SymEnumProcesses Callback Payload Execution via SymEnumSourceFiles Callback Payload Execution via SymFindFileInPath Callback Process Hollowing Process Hypnosis Proxy Execute NtAllocateVirtualMemory with Timer APIs C Proxy Execute NtAllocateVirtualMemory with Work Item APIs C Proxy Execute NtCreateThreadEx with Work Item APIs C Reflective DLL Injection Reimplementing Injection via Syscalls Remote APC Injection Remote DLL Injection Remote Function Stomping Remote Mapping Injection Remote Module Stomping Remote Payload Execution via Injection ROP Hellshall RunPE Shellcode Injection Shellcode Injection via ZwCreateThreadEx Kernel Shellcode Reflective DLL Injection (sRDI) Technique Thread Hijacking Kernel Threadless Injection VEH Manipulation for Local Code Execution Related Links: Beacon Object Files (BOF) C2 and Networking Credential Dumping Malware Concepts Payload and PE Persistence Sleep Obfuscation Windows Internalshttps://r0tbyt3.dev/wiki/content/backend-engineering/python/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/python/Python Python - Python language features, tooling, testing, and AI capabilities relevant to backend development. AI and LLMs Language Fundamentals Software Engineering Related Links: Backend Engineering Concurrency Databases Django DSA Security System Design Webhttps://r0tbyt3.dev/wiki/content/cybersecurity/ransomware/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/ransomware/Ransomware Ransomware - malware that encrypts victim data and demands payment for decryption keys, studied here from a development and defensive perspective. Automated Ransomware Development Deleting Shadow Copies and System Restore Points File Encryption File Enumeration Legal and Ethical Considerations Ransomware Emulation Ransomware Overview Windows Internals for Ransomware Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/encryption/rc4/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/encryption/rc4/RC4 RC4 - a stream cipher algorithm and its various implementation approaches for use in offensive security tools. RC4 Decryption Encryption via Custom RC4 Algorithm RC4 Decryption Encryption via NTAPI RC4 Encryption Decryption Related Links: AES Base N Encoder Entropy Reduction Brute Forcing Key Decryption Caesar Cipher Encryption Decryption ChaCha20 Encryption Algorithm Data Encryption Techniques Encryption Fundamentals Generating Encryption Keys Without WinAPI Calls Random Key Generation SystemFunction040 Encryption Decryption XOR Encryption Decryption via Multi-Byte Key XOR Encryption Decryption via Single Bytehttps://r0tbyt3.dev/wiki/content/embedded-systems/runtime-view/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/runtime-view/Runtime View of Embedded Systems Runtime View of Embedded Systems - the perspective of how an embedded system behaves during execution, including the management of resources, task scheduling, and interaction with the hardware. Runtime Memory Management Task Scheduling and Context Switching Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Hardware STM32 Microcontrollershttps://r0tbyt3.dev/wiki/content/backend-engineering/system-design/scalability-and-infrastructure/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/system-design/scalability-and-infrastructure/Scalability and Infrastructure Scalability and Infrastructure - principles and tools for building systems that grow reliably under increasing load. Building for scale Caching Caching Fundamentals Docker Instrumentation and monitoring Kubernetes Profiling performance System Design Fundamentals Telemetry Related Links: Architecture Patternshttps://r0tbyt3.dev/wiki/content/backend-engineering/security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/security/Security Security - authentication, authorization, cryptography, and security best practices for backend systems. Authentication Authorization Cryptography Web Security Related Links: Backend Engineering Concurrency Databases Django DSA Python System Design Webhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/server-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/infrastructure-as-code/server-administration/Server Administration Server Administration - administering and hardening Linux and Windows servers in cloud and on-premises environments. Firewall Configuration Linux Security and Hardening Linux Server Administration SSH Windows Security and Hardening Windows Server Administration Related Links: IaC Toolshttps://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/siem-and-tools/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/siem-and-tools/SIEM and Tools SIEM and Tools - security information and event management platforms and supporting tools used for log aggregation, correlation, and alerting. Hayabusa Maltego SIEM Fundamentals Splunk Related Links: Detection Engineering Endpoint Security SOC Honeypots Threat Hunting Techniqueshttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/sleep-obfuscation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/sleep-obfuscation/Sleep Obfuscation Sleep Obfuscation - techniques that encrypt or hide implant code in memory during beacon sleep intervals to evade memory scanning. Ekko Sleep Obfuscation with Control Flow Guard Ekko Sleep Obfuscation with Restored File Section Protections Ekko Sleep Obfuscation with RtlEncryptMemory and RtlDecryptMemory Ekko Sleep Obfuscation with Stack Spoofing Heap Encryption with Ekko Sleep Obfuscation Introduction to Ekko Sleep Obfuscation Introduction to Foliage Sleep Obfuscation Introduction to Sleep Obfuscation PEfluctuation Zilean Sleep Obfuscation with Stack Duplication Related Links: Beacon Object Files (BOF) C2 and Networking Credential Dumping Malware Concepts Payload and PE Persistence Process Injection Windows Internalshttps://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/soc-and-detection-engineering/SOC and Detection Engineering SOC and Detection Engineering - the processes and tools used by security operations centers to monitor, detect, triage, and respond to cyber threats. Detection Engineering Endpoint Security SIEM and Tools SOC Honeypots Threat Hunting Techniques Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware Social Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/social-engineering/Social Engineering Social Engineering - the use of psychological manipulation to deceive individuals into divulging confidential information or performing actions that compromise security. Automated Social Engineering Techniques Automated Spear Phishing Email Generation Digital Social Engineering Physical Social Engineering Social Engineering Fundamentals Social Engineering Techniques Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Threat Modeling Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/backend-engineering/python/software-engineering/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/python/software-engineering/Software Engineering Software Engineering - practices for writing maintainable, testable, and well-documented Python code. Code reviews Documentation generation Functional testing Git Integration testing Refactoring Unit testing Related Links: AI and LLMs Language Fundamentalshttps://r0tbyt3.dev/wiki/content/backend-engineering/databases/sql/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/databases/sql/SQL SQL - Structured Query Language for defining, querying, and manipulating relational database data. Advanced SQL Aggregate queries Common table expressions (CTEs) Dynamic SQL Join queries Pivot and unpivot operations Recursive queries Select, insert, delete, update statements Stored procedures and triggers Subqueries Views Window functions Related Links: Database Fundamentals Database Performance Database Typeshttps://r0tbyt3.dev/wiki/content/embedded-systems/stm32-microcontrollers/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/embedded-systems/stm32-microcontrollers/STM32 Microcontrollers STM32 Microcontrollers - a family of 32-bit ARM Cortex-M microcontrollers designed by STMicroelectronics with a vendor-specific microcontroller architecture used in a wide range of embedded systems applications. STM32 Blue Pill STM32L5 Series Related Links: C Language for Embedded Systems Embedded Systems Architectures Embedded Systems Communication Protocols Embedded Systems Execution Models Embedded Systems Exploits Embedded Systems Hardware Embedded Systems Runtime Viewhttps://r0tbyt3.dev/wiki/content/backend-engineering/system-design/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/system-design/System Design System Design - architecture patterns, scalability strategies, and infrastructure practices for backend systems. Architecture Patterns Scalability and Infrastructure Related Links: Backend Engineering Concurrency Databases Django DSA Python Security Webhttps://r0tbyt3.dev/wiki/content/cybersecurity/application-security/target-specific-exploitation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/application-security/target-specific-exploitation/Target-Specific Exploitation Target-Specific Exploitation - techniques for attacking unique infrastructure and deployment environments beyond standard web applications. Exploiting Cloud Infrastructure Exploiting Containerized Environments Exploiting Embedded Systems Exploiting Industrial Control Systems (ICS) Exploiting IoT Devices Exploiting Mobile Devices Exploiting Operational Technology (OT) Systems Exploiting Serverless Environments Related Links: Authentication and Authorization Automated Exploit Generation Automated Vulnerability Discovery Common Exploit Frameworks and Tools Injection Attacks OWASP Top 10 Secure Coding Fundamentals Software Vulnerabilities and Exploits Web Based Attackshttps://r0tbyt3.dev/wiki/content/cybersecurity/threat-modeling/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/threat-modeling/Threat Modeling Threat Modeling - the structured process of identifying, quantifying, and prioritizing potential threats to a system in order to guide security decisions. APT OSINT Reconnaissance Techniques Supply Chain Attacks Threat Modeling Fundamentals Zero Day Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Windows Security and Administration Wiresharkhttps://r0tbyt3.dev/wiki/content/backend-engineering/web/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/web/Web Web - HTTP, APIs, web servers, and protocols powering modern backend web services. APIs Web Infrastructure Related Links: Backend Engineering Concurrency Databases Django DSA Python Security System Designhttps://r0tbyt3.dev/wiki/content/backend-engineering/web/web-infrastructure/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/web/web-infrastructure/Web Infrastructure Web Infrastructure - servers, protocols, and network primitives that underpin web application delivery. Apache Caddy Domain name Domain name system Http caching Https Nginx Fundamentals Web servers Related Links: APIshttps://r0tbyt3.dev/wiki/content/backend-engineering/security/web-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/backend-engineering/security/web-security/Web Security Web Security - browser and server-side protections against common web application vulnerabilities and attacks. API security best practices Container security best practices CORS CSP Mitigation techniques OWASP risks Server security Related Links: Authentication Authorization Cryptographyhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/Windows Administration Windows Administration - core Windows system administration tasks including user management, registry operations, services, and remote access. Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentals Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/Windows Exploitation Windows Exploitation - techniques for escalating privileges, moving laterally, and maintaining persistence in Windows environments post-compromise. AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switch Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/windows-internals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/malware-development/windows-internals/Windows Internals Windows Internals - foundational knowledge of Windows architecture, kernel structures, API resolution, and PE file format for malware development. API Set Resolution Blocking Driver Loading Kernel Check If Process Is WOW64 Cleaning Driver Artifacts from Memory Dumps Kernel Disabling the Debugger Kernel DLL Injection via ZwCreateThreadEx Kernel Internals Elevate Process to SYSTEM Kernel Enable SeDebugPrivilege Hide Process Kernel Internals Hide Thread Kernel Internals Indirect Syscalls Kernel Modules Enumeration via AuxKlibQueryModuleInformation Kernel Modules Enumeration via PsLoadedModuleList Kernel Modules Enumeration via ZwQuerySystemInformation Mmgetsystemroutineaddress Replacement with String Hashing Kernel Process Enumeration via ZwQuerySystemInformation Kernel Reading a File Kernel Retrieving Kernel Version Retrieving Process Identifier Kernel Retrieving Process Image Base Address Kernel Retrieving Process Name Kernel Retrieving Process Parent ID Kernel Retrieving Process Session ID Kernel Retrieving the Address of an Unexported ZW API Kernel Shellcode Injection via ZwCreateThreadEx Kernel Internals Syscall Gadget Pattern Scan Syscall Number Retrieval from NTDLL Kernel Syscalls Tampering Tampered Syscalls via Hardware Breakpoints Terminating a Process Kernel Thread Enumeration Techniques Thread Enumeration via ProcFS Thread Enumeration via Syscall Thread Hijacking Kernel Internals User Mode Function Lookup in Process Modules Kernel User Mode Process Modules Enumeration Kernel Using Class in C Kernel WinAPIs PE File Format Overview Related Links: Beacon Object Files (BOF) C2 and Networking Credential Dumping Malware Concepts Payload and PE Persistence Process Injection Sleep Obfuscationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/Windows Security and Administration Windows Security and Administration - Windows OS administration, Active Directory management, security hardening, and post-exploitation techniques. Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Disk Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/network-security/wireless-and-physical-attacks/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/network-security/wireless-and-physical-attacks/Wireless and Physical Attacks Wireless and Physical Attacks - techniques exploiting wireless communications, radio frequencies, and physical-layer channels to compromise systems. Acoustic Communication Exploits Bluetooth Exploits Deauth Evil Twin Attacks Infrared Exploits Near-Field Communication (NFC) Exploits Power Line Communication Exploits Quantum Communication Exploits Radio Frequency Exploits Rogue Access Point Satellite Communication Exploits Ultrasonic Communication Exploits Visible Light Communication Exploits WiFi Exploits Related Links: DNS Lookup Host Check ICMP Echo Network Attacks Network Evasion Techniques Network Protocols Port Scanning TCP Port Scan VPNshttps://r0tbyt3.dev/wiki/content/cybersecurity/wireshark/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/wireshark/Wireshark Wireshark - a widely used network protocol analyzer for capturing and interactively inspecting network traffic in real time. Network Forensics with Wireshark Protocol Analysis Tcpdump Wireshark Fundamentals Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Windows Security and Administration