easyg

easyg copied to clipboard

███████╗ █████╗ ███████╗██╗   ██╗ ██████╗
██╔════╝██╔══██╗██╔════╝╚██╗ ██╔╝██╔════╝
█████╗  ███████║███████╗ ╚████╔╝ ██║  ███╗
██╔══╝  ██╔══██║╚════██║  ╚██╔╝  ██║   ██║
███████╗██║  ██║███████║   ██║   ╚██████╔╝
╚══════╝╚═╝  ╚═╝╚══════╝   ╚═╝    ╚═════╝
Made with <3 by Riccardo Malatesta (@seeu)

EasyG started out as a script that I use to automate some information gathering tasks for my hacking process, you can find it here. Now it's more than that. Here I gather all the resources about hacking that I find interesting: notes, payloads, tools and more.

I try as much as possible to link to the various sources or inspiration for these notes. A large part of these notes are from: PTS v4, PortSwigger Web Security Academy, PEN-200, Proving Grounds, "Attacking and Defending Active Directory Lab (CRTP)" by Altered Security, Patrick Collins and Updraft, TryHackMe, Hack The Box, PentesterLab, HackTricks, Jhaddix, The Cyber Mentor, NahamSec (and NahamCon), InfoSec Twitter and many other amazing people.

Table of Contents

• Resources
• Useful tips
• Check-lists
• Linux
• Tools
  • EasyG
• Passive Information Gathering (OSINT)
• Active Information Gathering
• Content Discovery
• Networking
• Source code review
• Vulnerability Scanning
• Web vulnerabilities
• Client-Side Attacks
• Server-side Attacks
• Thick client vulnerabilities
• System Attacks
  • Port Redirection and Tunneling
  • Linux Privilege Escalation
  • Windows Privilege Escalation
• Active Directory
• Mobile
• Cloud hacking
• AI / LLM vulnerabilities
• Web3