interesting websites

Tools for pentesting

GENERAL:
https://github.com/alancruzs/alanpentesting
https://www.exploit-db.com/
https://gchq.github.io/CyberChef/
https://www.revshells.com/
https://hashcat.net/wiki/doku.php?id=example_hashes
https://gtfobins.github.io/

Generals, but I use always!!
https://wadcoms.github.io
https://github.com/swisskyrepo/PayloadsAllTheThings
https://book.hacktricks.xyz/welcome/readme

______________________________________________________


LINUX PRIV ESC

https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_-_linux.html

________________________________________________________________________________________________________________

KERBEROS
https://pentestbook.six2dez.com/post-exploitation/windows/ad/kerberos-attacks
https://www.tarlogic.com/blog/how-kerberos-works/
https://www.tarlogic.com/blog/how-to-attack-kerberos/

____________________________________________________________

SQLI cheat sheets
https://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
______________________________________________________________________________________________________________

WINDOWS PRIV ESC
token imperson
https://steflan-security.com/linux-privilege-escalation-token-impersonation/
https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation/privilege-escalation-abusing-tokens
https://steflan-security.com/windows-privilege-escalation-cheat-sheet/

https://github.com/PowerShellMafia/PowerSploit
https://ss64.com/nt/syntax-security_groups.html
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-groups
____________________________________________________________________________________________________________

TO STUDY
hackthebox
letsdefend
portswigger labs