Tools Cheat Sheets:

https://hackviser.com/tactics/tools

Exploit Notes:

https://exploit-notes.hdks.org/

https://hackviser.com/tactics/pentesting

Evasions

A resource for understanding and implementing various evasion techniques.
Link: https://evasions.checkpoint.com/

LOLBins

Living off the land, Command and Fileless Technique Resources

GTFOBins: GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
Link: https://gtfobins.github.io/

GTFOArgs
GTFOArgs is a curated list of Unix binaries that can be manipulated for argument injection, possibly resulting in security vulnerabilities.
Link:https://gtfoargs.github.io/

LOLDrivers
Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats.
Link:https://www.loldrivers.io/

LOLBAS
The goal of the LOLBAS project is to document every binary, script, and library that can be used for Living Off The Land techniques.
Link:https://lolbas-project.github.io/#

LOLApps
This project was made because exploitation isn't limited to binaries using command line techniques. Both built-in and third-party applications have been used & abused for adversarial gain since the dawn of time, and knowing these methods can help when all else fail.
Link: https://lolapps-project.github.io/

LOLESXI
LOLESXi features a comprehensive list of binaries/scripts natively available in VMware ESXi that adversaries have utilised in their operations. The information on this site is compiled from open-source threat research.
Link: https://lolesxi-project.github.io/LOLESXi/

LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes.
Link: https://www.loobins.io/

LOLCerts
This project aims at collecting the details of the certificates that are known to be abused in the wild by malicious actors.
Link: https://github.com/ReversecLabs/lolcerts

LOLAD
The LOLAD project provides a comprehensive collection of Active Directory techniques, commands, and functions that can be used natively to support offensive security operations and Red Team exercises.
Link: https://lolad-project.github.io/

LOTLWeb
Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection. The list of websites below allow attackers to use their domain or subdomain.
Link: https://lots-project.com/

MalAPI
MalAPI.io maps Windows APIs to common techniques used by malware.
Link: https://malapi.io/

FileExtension
Stay up-to-date with the latest file extensions being used by attackers
Link: https://filesec.io/

Bootloaders
bootloaders.io is a curated list of known malicious bootloaders for various operating systems.
Link: https://www.bootloaders.io/

Awesome Living off the Land