# Notes - [Red Teaming](/home/notes/red-teaming.md) - [WAF Exploitation](/home/notes/red-teaming/waf-exploitation.md): Techniques to exploit WAF - [Introduction to WAF](/home/notes/red-teaming/waf-exploitation/introduction-to-waf.md): Notes from the WAF Introduction room on TryHackMe. - [LLM Hacking](/home/notes/red-teaming/llm-hacking.md) - [System Prompts](/home/notes/red-teaming/llm-hacking/system-prompts.md) - [Jailbreaking](/home/notes/red-teaming/llm-hacking/jailbreaking.md) - [Prompt Injection](/home/notes/red-teaming/llm-hacking/prompt-injection.md) - [Improper Output Handling](/home/notes/red-teaming/llm-hacking/improper-output-handling.md) - [Sensitive Information Disclosure](/home/notes/red-teaming/llm-hacking/sensitive-information-disclosure.md) - [Web Pentesting](/home/notes/red-teaming/web-pentesting.md) - [SQL Injection](/home/notes/red-teaming/web-pentesting/sql-injection.md): https://tryhackme.com/room/advancedsqlinjection - [Stored SQLi](/home/notes/red-teaming/web-pentesting/sql-injection/stored-sqli.md) - [Filter Evasion](/home/notes/red-teaming/web-pentesting/sql-injection/filter-evasion.md): My notes from the Filter Evasion section in the Advanced SQLi room on TryHackme. - [HTTP Header Injection](/home/notes/red-teaming/web-pentesting/sql-injection/http-header-injection.md) - [Other Endpoints](/home/notes/red-teaming/web-pentesting/sql-injection/other-endpoints.md) - [Tools for Automation](/home/notes/red-teaming/web-pentesting/sql-injection/tools-for-automation.md) - [Tips for Pentesters](/home/notes/red-teaming/web-pentesting/sql-injection/tips-for-pentesters.md): Taken from the Advanced SQLi room in TryHackMe. - [NoSQL Injection](/home/notes/red-teaming/web-pentesting/nosql-injection.md): The notes I took while doing the NoSQLi Walkthrough on TryHackMe. - [Types of Injection](/home/notes/red-teaming/web-pentesting/nosql-injection/types-of-injection.md) - [Example 1](/home/notes/red-teaming/web-pentesting/nosql-injection/example-1.md) - [Example 2](/home/notes/red-teaming/web-pentesting/nosql-injection/example-2.md) - [Regex Operator](/home/notes/red-teaming/web-pentesting/nosql-injection/regex-operator.md) - [XXE Injection](/home/notes/red-teaming/web-pentesting/xxe-injection.md) - [XML Entities](/home/notes/red-teaming/web-pentesting/xxe-injection/xml-entities.md) - [XML Parser](/home/notes/red-teaming/web-pentesting/xxe-injection/xml-parser.md) - [Exploitation](/home/notes/red-teaming/web-pentesting/xxe-injection/exploitation.md) - [SSTI](/home/notes/red-teaming/web-pentesting/ssti.md): My notes on Server Side Template Injection taken while solving the SSTI walkthroughs on TryHackMe. - [Example 1](/home/notes/red-teaming/web-pentesting/ssti/example-1.md) - [SSTImap](/home/notes/red-teaming/web-pentesting/ssti/sstimap.md) - [LDAP](/home/notes/red-teaming/web-pentesting/ldap.md): Port 389 and 636 - [LDAP Search Queries](/home/notes/red-teaming/web-pentesting/ldap/ldap-search-queries.md) - [LDAP Injection](/home/notes/red-teaming/web-pentesting/ldap/ldap-injection.md) - [API Pentesting](/home/notes/red-teaming/api-pentesting.md): My notes on API Pentesting - [Server Side Parameter Pollution](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution.md) - [Server Side Parameter Pollution in REST paths](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution-in-rest-paths.md) - [Server Side Parameter Pollution in structured data formats](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution-in-structured-data-formats.md) - [SMB Enumeration](/home/notes/red-teaming/smb-enumeration.md): My basic notes on SMB Enumeration for reference. - [Blue Teaming](/home/notes/blue-teaming.md) - [Network Miner](/home/notes/blue-teaming/network-miner.md) - [Wireshark](/home/notes/blue-teaming/wireshark.md) - [Traffic Analysis](/home/notes/blue-teaming/wireshark/traffic-analysis.md) - [ARP Poisoning](/home/notes/blue-teaming/wireshark/arp-poisoning.md) - [Host Identification](/home/notes/blue-teaming/wireshark/host-identification.md): Using DHCP, NetBios and Kerberos - [Detecting Data Exfiltration](/home/notes/blue-teaming/detecting-data-exfiltration.md) - [DNS Tunneling](/home/notes/blue-teaming/detecting-data-exfiltration/dns-tunneling.md) - [Analysing network captures with Wireshark](/home/notes/blue-teaming/detecting-data-exfiltration/dns-tunneling/analysing-network-captures-with-wireshark.md) - [Investigating using Splunk](/home/notes/blue-teaming/detecting-data-exfiltration/dns-tunneling/investigating-using-splunk.md) - [Data Exfil using FTP](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-ftp.md) - [Analysing network captures](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-ftp/analysing-network-captures.md) - [Data Exfil using HTTP](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-http.md) - [Investigating in Splunk](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-http/investigating-in-splunk.md) - [Packet capture analysis](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-http/packet-capture-analysis.md) - [Data Exfil using ICMP](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-icmp.md) - [Analysing network packets](/home/notes/blue-teaming/detecting-data-exfiltration/data-exfil-using-icmp/analysing-network-packets.md) - [Windows Monitoring](/home/notes/blue-teaming/windows-monitoring.md) - [Linux Security Monitoring](/home/notes/blue-teaming/linux-security-monitoring.md) - [Logging](/home/notes/blue-teaming/linux-security-monitoring/logging.md) - [Runtime Monitoring](/home/notes/blue-teaming/linux-security-monitoring/runtime-monitoring.md) - [Detecting DDOS Attacks](/home/notes/blue-teaming/detecting-ddos-attacks.md): Notes from the TryHackMe Room - [Tools](/home/notes/tools.md) - [SQLMAP](/home/notes/tools/sqlmap.md): My notes on SQLMAP (using version 1.9.4#stable) - [Nmap](/home/notes/tools/nmap.md): My notes for using Nmap - [Malware Analysis](/home/notes/malware-analysis.md) - [Static Analysis](/home/notes/malware-analysis/static-analysis.md) - [Living off the Land Attacks](/home/notes/malware-analysis/living-off-the-land-attacks.md)