{"id":13504055,"url":"https://github.com/TCM-Course-Resources/Practical-Ethical-Hacking-Resources","last_synced_at":"2025-03-29T19:30:41.667Z","repository":{"id":37351718,"uuid":"246183538","full_name":"TCM-Course-Resources/Practical-Ethical-Hacking-Resources","owner":"TCM-Course-Resources","description":"Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course ","archived":false,"fork":false,"pushed_at":"2023-02-12T00:50:34.000Z","size":65,"stargazers_count":5616,"open_issues_count":7,"forks_count":1411,"subscribers_count":342,"default_branch":"master","last_synced_at":"2025-03-28T16:03:39.438Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TCM-Course-Resources.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-03-10T01:51:20.000Z","updated_at":"2025-03-28T09:29:06.000Z","dependencies_parsed_at":"2022-07-10T14:00:48.988Z","dependency_job_id":"90c7c782-1ef4-40b3-b2ae-5b8385ec7729","html_url":"https://github.com/TCM-Course-Resources/Practical-Ethical-Hacking-Resources","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TCM-Course-Resources%2FPractical-Ethical-Hacking-Resources","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TCM-Course-Resources%2FPractical-Ethical-Hacking-Resources/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TCM-Course-Resources%2FPractical-Ethical-Hacking-Resources/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TCM-Course-Resources%2FPractical-Ethical-Hacking-Resources/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TCM-Course-Resources","download_url":"https://codeload.github.com/TCM-Course-Resources/Practical-Ethical-Hacking-Resources/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246234646,"owners_count":20745009,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T23:00:53.272Z","updated_at":"2025-03-29T19:30:41.630Z","avatar_url":"https://github.com/TCM-Course-Resources.png","language":"Python","readme":"# Practical-Ethical-Hacking-Resources\n\nCompilation of Resources from TCM's Udemy Course \n\n### General Links \n\nLink to Website: https://www.thecybermentor.com/\n\nLink to the course: \n* https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course (tcm academy)\n\nLink to discord server: https://discord.gg/EM6tqPZ\n\nFAQ: https://github.com/hmaverickadams/Practical-Ethical-Hacking-FAQ\n\n### Note Keeping\n\nTrilium: https://github.com/zadam/trilium\n\nKeepNote: http://keepnote.org/\n\nCherryTree: https://www.giuspen.com/cherrytree/\n\nGreenShot: https://getgreenshot.org/downloads/\n\nFlameShot: https://github.com/lupoDharkael/flameshot\n\nOneNote: https://products.office.com/en-us/onenote/digital-note-taking-app?rtc=1\n\nJoplin: https://github.com/laurent22/joplin\n\n### Networking Refresher\nSeven Second Subnetting: https://www.youtube.com/watch?v=ZxAwQB8TZsM\n\nSubnet Guide: https://drive.google.com/file/d/1ETKH31-E7G-7ntEOlWGZcDZWuukmeHFe/view\n\n### Setting up our Lab\nVMware: https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html\n\nVirtualBox: https://www.virtualbox.org/wiki/Downloads\n\nKali Download: https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/\n\nOfficial Offensive Security kali 2019.3 release: http://old.kali.org/kali-images/kali-2019.3/\n\nOther Offical kali 2019 Releases: https://cdimage.kali.org/\n\n### Mid-Course Capstone\nNew Capstone boxes: https://drive.google.com/drive/folders/1VXEuyySgzsSo-MYmyCareTnJ5rAeVKeH\n\nOld Capstone boxes: https://youtu.be/JZN3JhoAdWo\n\nLinux Priv Esc course: https://academy.tcm-sec.com/p/windows-privilege-escalation-for-beginners\n\nWindows Priv Esc Course: https://academy.tcm-sec.com/p/linux-privilege-escalation\n\n### Introduction to Exploit Development (Buffer Overflows)\nImmunity Debugger: https://www.immunityinc.com/products/debugger/\n\nVulnserver: http://www.thegreycorner.com/p/vulnserver.html\n\nBad Chars: https://www.ins1gn1a.com/identifying-bad-characters/\n\n### Attacking Active Directory: Initial Attack Vectors\n\nTop Five Ways I Got DA on Your Internal Network Before Lunch: https://adam-toscher.medium.com/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa \n\nmitm6: https://blog.fox-it.com/2018/01/11/mitm6-compromising-ipv4-networks-via-ipv6/\n\nCombining NTLM Relays and Kerberos Delegation: https://dirkjanm.io/worst-of-both-worlds-ntlm-relaying-and-kerberos-delegation/\n\n### Attacking Active Directory: Post-Compromise Enumeration\nPowerView Cheat Sheet: https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993\n\n### Attacking Active Directory: Post-Compromise Attacks\nGroup Policy Pwnage: https://blog.rapid7.com/2016/07/27/pentesting-in-the-real-world-group-policy-pwnage/\n\nMimikatz: https://github.com/gentilkiwi/mimikatz\n\nActive Directory Security Blog: https://adsecurity.org/\n\nHarmj0y Blog: http://blog.harmj0y.net/\n\nPentester Academy Active Directory: https://www.pentesteracademy.com/activedirectorylab\n\nPentester Academy Red Team Labs: https://www.pentesteracademy.com/redteamlab\n\neLS PTX: https://www.elearnsecurity.com/course/penetration_testing_extreme/\n\n### Web Application Enumeration, Revisited\nsumrecon: https://github.com/thatonetester/sumrecon\n\n### Testing the Top 10 Web Application Vulnerabilities\n OWASP Top 10: https://owasp.org/www-pdf-archive/OWASP_Top_10-2017_%28en%29.pdf.pdf\n \n OWASP Testing Checklist: https://github.com/tanprathan/OWASP-Testing-Checklist\n \n OWASP Testing Guide: https://owasp.org/www-pdf-archive/OTGv4.pdf\n \n Installing Docker on Kali: https://medium.com/@airman604/installing-docker-in-kali-linux-2017-1-fbaa4d1447fe\n \n OWASP Juice Shop: https://github.com/bkimminich/juice-shop\n \n OWASP A1-Injection: https://www.owasp.org/index.php/Top_10-2017_A1-Injection\n \n OWASP A2-Broken Authentication: https://www.owasp.org/index.php/Top_10-2017_A2-Broken_Authentication\n \n OWASP A3-Sensetive Data Exposure: https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Exposure\n \n OWASP A4-XML External Entities: https://www.owasp.org/index.php/Top_10-2017_A4-XML_External_Entities_(XXE)\n \n OWASP A5-Broken Access Control: https://www.owasp.org/index.php/Top_10-2017_A5-Broken_Access_Control\n \n OWASP A6-Security Misconfigurations: https://www.owasp.org/index.php/Top_10-2017_A6-Security_Misconfiguration\n \n OWASP A7-Cross Site Scripting: https://www.owasp.org/index.php/Top_10-2017_A7-Cross-Site_Scripting_(XSS)\n \n DOM Based XSS: https://www.scip.ch/en/?labs.20171214\n \n XSS Game: https://xss-game.appspot.com/\n \n OWASP A8-Insecure Deserialization: https://www.owasp.org/index.php/Top_10-2017_A8-Insecure_Deserialization\n \n OWASP A9-Using Components with Known Vulnerabilities: https://www.owasp.org/index.php/Top_10-2017_A9-Using_Components_with_Known_Vulnerabilities\n \n OWASP A10-Insufficient Logging \u0026 Monitoring: https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A10-Insufficient_Logging%252526Monitoring.html\n \n ### Legal Documents and Report Writing\n Sample Pentest Report: https://github.com/hmaverickadams/TCM-Security-Sample-Pentest-Report\n  \n ## Tools\n #### Pimpmykali\n * Github: https://github.com/Dewalt-arch/pimpmykali\n \n #### Hunter.io\n * Site: https://hunter.io/\n \n #### theHarvester\n * Github: https://github.com/laramies/theHarvester\n \n #### breach-parse\n * Github: https://github.com/hmaverickadams/breach-parse\n \n #### Hashcat: \n * Github: https://github.com/hashcat/hashcat\n * Installing on Windows: https://www.erobber.in/2017/04/hashcat-for-windows.html\n \n #### mitm6: \n * Github: https://github.com/fox-it/mitm6\n \n #### mimikatz:\n * Github: https://github.com/gentilkiwi/mimikatz\n \n #### sumrecon \n * Github: https://github.com/thatonetester/sumrecon\n \n ### Setting up Your AD Lab Using Azure\n Building Free AD lab: https://medium.com/@kamran.bilgrami/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f\n","funding_links":[],"categories":["Ethical Hacking","Python","HarmonyOS"],"sub_categories":["Windows Manager"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTCM-Course-Resources%2FPractical-Ethical-Hacking-Resources","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FTCM-Course-Resources%2FPractical-Ethical-Hacking-Resources","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTCM-Course-Resources%2FPractical-Ethical-Hacking-Resources/lists"}