RicardoRobledo/CherryTree-Notes

# 📚 Cybersecurity Notes - CherryTree ## 📋 Description This knowledge repository contains organized notes on cybersecurity techniques, tools, and methodologies for pentesting and ethical hacking. The notes are structured in CherryTree for easy navigation and quick reference during security audits and penetration testing exercises. **Sources**: These notes are compiled from various sources including TryHackMe rooms, online tutorials, security courses, and hands-on practice labs. ## 🗂️ Estructura de Contenidos ### 🔓 Brute Force & Password Cracking - **Hydra**: Brute force attacks against network services - **John The Ripper**: Password and hash cracking - **FuerzaBrua**: General brute force techniques ### 🔍 Reconnaissance & Enumeration - **nmap**: Port and service scanning - **PassiveReconnaissance**: Passive reconnaissance techniques - **ActiveReconnaissance**: Active reconnaissance techniques - **SubdomainEnumeration**: Subdomain discovery methods - **ProtocolosyServidores**: Protocol and service information ### 🪟 Active Directory ### 📱 Mobile Security - **Android**: Android security techniques and tools ### 🌐 Web Security - **IDOR**: Insecure Direct Object Reference - **SSRF**: Server-Side Request Forgery - **XSS**: Cross-Site Scripting - **SQLInjection**: SQL injection techniques - **CommandInjection**: Command injection attacks - **AuthenticationByPass**: Authentication bypass methods - **Webshells**: Web shell deployment and usage ### 🎯 Exploitation - **Metasploit**: Exploitation framework - **EternalBlue**: MS17-010 vulnerability exploitation - **FileIntrusion**: File-based intrusion techniques ### 🔐 Post-Exploitation - **Post-exploitationBasics**: Post-exploitation fundamentals - **WindowsPrivilegeEscalation**: Windows privilege escalation ## 🎯 Purpose These notes serve as: - ✅ Quick reference during pentesting engagements - ✅ Study guide for certifications (CEH, OSCP, eJPT, etc.) - ✅ Personal repository of commands and techniques - ✅ Knowledge base for security audits - ✅ Documentation of TryHackMe room solutions and walkthroughs - ✅ Collection of best practices from tutorials and courses ## 🚀 How to Use 1. Open the `.ctb` file with CherryTree 2. Navigate through nodes based on your area of interest 3. Use the search function (Ctrl+F) to find specific commands 4. Nodes are organized hierarchically for progressive learning 5. Reference TryHackMe room notes for hands-on practice scenarios 6. Review tutorial sections for step-by-step explanations ## ⚠️ Legal Disclaimer **These notes are for educational purposes and authorized testing only.** - Only use these techniques on your own systems or with explicit authorization - Unauthorized use of these techniques is illegal - The author is not responsible for misuse of this information - Always follow responsible disclosure practices - Respect TryHackMe's terms of service and ethical guidelines ## 📝 Maintenance - Regularly update with new techniques and tools - Add practical examples and use cases - Document specific commands with their parameters - Include references to external resources and official documentation - Add new TryHackMe room notes as you complete them - Link tutorial sources for future reference ## 🛠️ Recommended Tools - **CherryTree**: For viewing and editing these notes - **Kali Linux**: Operating system with pre-installed security tools - **TryHackMe**: Hands-on cybersecurity training platform - **Burp Suite**: Web application security testing - **Wireshark**: Network traffic analysis ## 📚 Learning Resources - [TryHackMe](https://tryhackme.com) - Interactive cybersecurity training - [OWASP](https://owasp.org) - Web application security - Official tool documentation and man pages