- uncoder.io translate between SIEM rules/queries - Flamingo for capturing sprayed creds on network - greynoise filters wide scans like shodan and censys - chekra.in ios root vuln 12.3+ - ls -a (hidden) -F (directories as slash) -lart (permission) - chmod ugo (u, group, other) 1-7 p.121 - Linux defense volatility artifacts p.123 - linenum, beroot, linux-smart-enumeration for priv escal - mac hardening 182 - viruses and c2 matrix: 195 - mimikatz defense and detect 208 - excellent OSINT resource listing - yandex bing google tineye order of reverse img - reverse shells 269 - invisible ssh and circumvent ip filter: 291 - socks and ssh sniffing - threat intelligence sources 297 - security certs progression certification ![[Pasted image 20201213154905.png]] -  - webservers 327 - delete event logs 336 and other commands - attack surface analyzer and rapid incident response 337 - artifacts including powershell log 338 - counterhack and export wlan passwords, then xreference with geodata in pics, find home wireless - lolbins (living off the land) misc - exploit suggester with systeminfo input, can run sysinfo remotely 360 - binary overwrite 361 and a list of all win xploit locally - persistence with shim interesting more lolbins - Both Linux and Windows have mindmaps for exploit bugs -  - -  -