CSbyGB - Pentips

CS By GB - PenTips
- Welcome to CSbyGB's Pentips
Networking, Protocols and Network pentest
Ethical Hacking - General Methodology
External Pentest
- External Pentest
Web Pentesting
Mobile App Pentest
- Android
- IOS
Wireless Pentest
- Wireless pentest
Cloud Pentest
Thick Client Pentest
- Thick Client
Hardware Pentest
- ATM
- IoT
Secure Code Review
- Secure code review
- Java notes for Secure Code Review
AI & AI Pentest
Checklist
Tools
VM and Labs
- General tips
- Setup your pentest lab
Linux
Windows
Programming
Binary Exploitation
OSINT
Pentester hardware toolbox
Post Exploitation
Reporting
- How to report your findings
Red Team
Writeups
Digital skills
Durable skills
- Durable skills wheel/Roue des compétences durables
Projects
- Projects
  - Technical Projects
  - General Projects
Talks
Resources
- A list of random resources

Powered by GitBook

On this page

Blogs and Pentesting notes from peeps in the community
Cryptography
Lists and mindmaps
Mobile App
Tools
Code Review
Passwords
Default Passwords
Weak and Leaked Passwords
Online Passwords crackers
Practice
API
Mobile App
Graphql
Web Apps

Resources

A list of random resources

PreviousOther of my talks and Podcast

Last updated 1 year ago

Blogs and Pentesting notes from peeps in the community

Cryptography

Lists and mindmaps

Mobile App

Tools

Code Review

Passwords

Default Passwords

When you find a login it is always worth to check and see if you can login using default credentials. You can find some default password here:

Weak and Leaked Passwords

There are plenty of lists with weak or leaked passwords that are worth trying for an engagement

Online Passwords crackers

Practice

API

Mobile App

Graphql

Web Apps

Pentest tips and resources by Lisandre

The Mayor Pentesting notes on Notion

Hacktricks by Carlos Polop

Pentesting bible - Ammar Amer

A lot of mindmaps inforsec related - Aman Hardikar

Android Application Testing Using Windows 11 and Windows Subsystem for Android

AERoot is a command line tool that allows you to give the root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs.

How to Analyze Code for Vulnerabilities - Vickie Lee

Passwords - CIRT

Default Password

Default Passwords - Data recovery

The section passwords of the very famous SecLists

The Leaked Databases section of the very famous SecLists

List of password on skull security

Cisco Password Cracker

vAPI is Vulnerable Adversely Programmed Interface

VAmPI - The Vulnerable API (Based on OpenAPI 3)

Reverse Engineering iOS Applications

Damn Vulnerable Graphql Application