Notes
Search…
Notes
Resources
Web PenTesting / Bug Bounty
Bug Bounty Methodology
XSS
XXE
Exploit Development / BoF
Pwntools
Buffer Overflows
Powered By
GitBook
Resources
A complex collection of infosec resources collected throughout my journey.
Themes
N_D: Not Defined (If you know where to place these, please place them in the right 'theme').
Books: Everything with a table of contents and longer than 50 pages.
Posts: Posts (commonly blogposts) small one-page literature (with an informational subject).
Papers: Scientific papers (You know...).
Blogs: website consisting of multiple posts.
Lists: A list of some sorts (tools, commands, etc.) without (much) explanations.
Cheat sheets: A list with common commands to use with a certain tool or in a scenario, with explanation of what it does.
Databases: Larger searchable lists about a subject.
Tutorials: (Web)Page about a specific subject for learning a specific part of a tool, langauge, exploit, etc.
Videos: One video about a subject (a video from youtube, daily motion, twitch clip, etc.).
Courses: Multiple Tutorials stacked into lessons about a certain (larger than with a tutorial) subject.
Challenges: CTFs, wargames and other challenges on a certain subject.
Writeups: Explainations of the CTFs, wargames or challenges.
Playlists: Youtube channels, playlists or other video based 'collection'.
Tools: (Web based) programs, frameworks, etc. about a certain subject.
Podcasts: audio based fragments of certain subjects.
dumps: shared (private) cloud services with multiple files (books, courses, etc.)
EXCEPTION: Everything in [Hacking & Security Resources, but if it fits.....]
General Resources
N_D
​
https://pindancing.blogspot.com/2010/12/answer-to-will-you-mentor-me-is.html
​
Books
​
http://www.allitebooks.org/
​
​
https://flazxbooks.blogspot.com/
​
​
http://www.ebookee.ws/
​
​
https://www.onlineprogrammingbooks.com/
​
​
https://b-ok.org/
​
​
https://www.free-ebooks.net/
​
​
http://www.ebook3000.com/
​
​
https://www.freetechbooks.com/
​
​
https://knowfree.tradepub.com/
​
​
https://www.manning.com/
​
​
https://www.pdfdrive.com/
​
​
http://freecomputerbooks.com/
​
​
http://gen.lib.rus.ec/
​
Posts
​
https://blog.cloudflare.com/the-history-of-the-url/
​
Cheat sheets
​
http://cheat.sh/
​
​
https://learnxinyminutes.com/
​
​
https://packetlife.net/library/cheat-sheets/
​
​
https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/?utm_medium=Email&utm_source=HL-NA&utm_content=660935 Cheat Sheet Button&utm_campaign=SANS Free Resources
​
Courses
​
https://freecoursesite.com/
​
​
https://www.discudemy.com/
​
​
https://www.codecademy.com/
​
​
https://www.coursera.org/
​
​
https://www.cybrary.it/
​
​
https://www.edx.org/
​
​
https://www.futurelearn.com/
​
​
https://www.tenable.com/education/on-demand-courses
​
​
https://www.cisco.com/c/m/en_sg/partners/cisco-networking-academy/index.html
​
​
https://www.udemy.com/course/itprotv-comptia-it-fundamentals-fc0-u61/
​
​
https://cdn.discordapp.com/attachments/692315721480274050/710497529615351878/VLZ-Premium-Subscription-6-Month-Promotion-External-FAQ.pdf
​
​
https://www.udemy.com/courses/vodafone/
​
​
https://dfirdiva.com/training#FreeTraining
​
​
https://geek-university.com/courses/
​
​
https://www-freecodecamp-org.cdn.ampproject.org/c/s/www.freecodecamp.org/news/free-courses-top-cs-universities/amp/
​
​
https://www.cyberaces.org/courses.html
​
​
https://www.microsoft.com/en-gb/events/training-days/
​
Tutorials
​
https://brainbell.com/
​
Tools
​
https://gchq.github.io/CyberChef/
​
​
https://www.hybrid-analysis.com/
​
Lists
​
https://github.com/sobolevn/awesome-cryptography/
​
Cyber Security Resources
N_D
​
https://www.bc-security.org/post/an-introduction-to-starkiller
​
​
https://trailofbits.github.io/ctf/
​
​
https://www.securitymagazine.com/articles/92068-free-security-resources-and-services-during-covid-19
(COVID-19)
​
https://github.com/RedLectroid/KingCrown
​
​
https://gist.github.com/terjanq/cd506a49d4439130966bf9855a12f925
​
​
https://otx.alienvault.com/
​
​
https://pypi.org/project/uncompyle6/
​
General
Books
​
https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/tech-briefs/cybersecurity-survival-guide-3rd-edition.pdf
​
​
https://github.com/tom0li/collection-document/blob/master/Blue Team Field Manual.pdf
​
​
https://doc.lagout.org/rtfm-red-team-field-manual.pdf
​
Tutorials
​
https://null-byte.wonderhowto.com/
​
​
https://www.hacksplaining.com/
​
​
https://sushant747.gitbooks.io/total-oscp-guide/
​
​
https://www.utc.edu/center-academic-excellence-cyber-defense/pdfs/4660-lab1.pdf
(until lab7.pdf)
Courses
​
https://www.cyberaces.org/
​
​
https://ropemporium.com/
​
​
https://hackademy.aetherlab.net/
​
​
https://evasions.checkpoint.com/
​
​
https://ctf101.org/
​
​
https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2020/fortinet-makes-all-online-cybersecurity-training-courses-available-for-free.html
​
​
https://application.security/free-application-security-training
​
​
https://bitvijays.github.io/index.html
​
​
https://hackademy.aetherlab.net/p/burp-suite
​
​
https://www.udemy.com/course/a-guide-to-security-information-and-event-management-siem/?couponCode=CYBERSECURITYMEGA2
(TEMP)
​
https://mega.nz/folder/HGg2TCTA#CjyPNP3bktKV9w4_g2xUDg
​
​
https://www.cs.fsu.edu/~redwood/OffensiveSecurity/lectures.html
​
​
https://ics-cert-training.inl.gov/learn
​
​
https://training.fortinet.com/
​
​
https://www.cyberaces.org/courses.html
​
​
https://www.securitylearningacademy.com/
​
​
https://paloaltonetworks.com/idp/lPidY/resumeSAML20/idp/SSO.ping&spentity=csod
​
​
https://training.cloudsecuritylabs.io/
​
​
https://enroll.isc2.org/product?catalog=ISC2-CISSP-RVW-PUB&fbclid=IwAR3BJhKDCrvzhW2iHucNd8eS154iKqi7VLHIcK1D8VdPTobx-L53ALCzTqk
​
​
https://www.futurelearn.com/courses/introduction-to-cyber-security
​
​
https://www.futurelearn.com/courses/network-security-basics
​
​
https://www.futurelearn.com/courses/network-defence-management-overview
​
​
https://www.futurelearn.com/courses/cyber-security-landscape
​
​
https://www.futurelearn.com/courses/defensive-programming-and-debugging
​
​
https://www.futurelearn.com/courses/security-operations
​
​
https://mega.nz/folder/yVhXmZiZ#PugSfAU8Z_BCVLg1tOLl_w
​
​
https://www.open.edu/openlearn/science-maths-technology/digital-forensics/content-section-0?active-tab=description-tab
​
​
http://opensecuritytraining.info/Training.html
​
​
https://www.itmasters.edu.au/free-short-course-enterprise-cyber-security-fundamentals/
​
​
https://www.itmasters.edu.au/free-short-course-phishing-countermeasures/
​
​
https://www.itmasters.edu.au/free-short-course-cyber-warfare-and-terrorism/
​
​
https://www.itmasters.edu.au/free-short-course-digital-forensics/
​
​
https://www.itmasters.edu.au/free-short-course-computer-network-fundamentals/
​
​
https://training.accessdata.com/exam/accessdata-certified-investigator
​
​
https://academy.ehacking.net/courses/category/Free
​
Databases
​
https://www.exploit-db.com/
​
​
https://nvd.nist.gov/vuln/search
​
​
https://cve.mitre.org/
​
Cheatsheets
​
https://www.hacktoday.io/t/pentesting-cheatsheets/2635
​
​
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
​
​
https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
​
​
https://www.h21lab.com/tools/penetration-testing-cheat-sheet
​
​
https://www.hackingdream.net/2020/03/linux-privilege-escalation-cheatsheet-for-oscp.html
​
​
https://www.blackhillsinfosec.com/hashcat-4-10-cheat-sheet-v-1-2018-1/
​
​
https://www.marcolancini.it/images/posts/blog_hackerplaybook_mindmap.png
​
​
https://morph3sec.com/Cheat-Sheets/Pentest-Cheat-Sheet/index.html
​
​
https://github.com/CompassSecurity/Hacking_Tools_Cheat_Sheet
​
Lists
​
https://github.com/danielmiessler/SecLists
​
​
https://github.com/swisskyrepo/PayloadsAllTheThings/
​
​
https://github.com/qazbnm456/awesome-web-security/
​
​
https://github.com/netbiosX/Checklists
​
​
https://www.reddit.com/user/goretsky/m/security/new
​
​
https://github.com/thebleucheese/awesome-threat-intelligence
​
​
https://github.com/Naetw/CTF-pwn-tips
​
​
https://github.com/BrieflyX/ctf-pwns
​
​
https://github.com/sundowndev/hacker-roadmap
​
Blogs
​
https://pentestlab.blog/
​
​
https://d4mianwayne.github.io/blog/
​
​
https://clement.notin.org/
​
​
https://ired.team/
​
​
https://www.coalfire.com/The-Coalfire-Blog
​
​
https://sudocuong.com/
​
​
https://www.kitploit.com/
​
​
https://blog.checkpoint.com/
​
​
https://www.pentestpartners.com/security-blog/
​
​
https://syedfarazabrar.com/
​
​
https://resources.infosecinstitute.com/
​
Posts
​
https://github.com/tjnull/TJ-JPT
​
​
https://github.com/SethTHM/OldieButGoldie
​
Tools
General
​
https://github.com/gwen001/pentest-tools
​
​
https://github.com/SofianeHamlaoui/Lockdoor-Framework
​
​
https://github.com/SamuraiWTF/samuraiwtf
​
​
https://ninjutsu-os.github.io/2020/04/18/What-Is-Ninjutsu-OS/
​
​
https://drive.google.com/file/d/1dxw7KXTyNHCpCwIzVHXD9JclXq3YQ3xf/view
(Burp Suite Cracked 2020.4)
​
https://github.com/mandatoryprogrammer/CursedChrome
​
​
https://github.com/deadjakk/Reg1c1de/blob/master/README.md
​
Recon
​
https://github.com/rebootuser/LinEnum
​
​
https://github.com/Tib3rius/AutoRecon
​
​
https://www.zoomeye.org/
​
Enummeration
​
https://github.com/portcullislabs/enum4linux
​
​
https://github.com/projectdiscovery/nuclei
​
​
https://github.com/projectdiscovery/nuclei-templates
​
Retrieval
​
https://github.com/taviso/loadlibrary
​
Lists
​
https://github.com/matesz44/favtools
​
​
https://gist.github.com/gwen001
​
​
https://github.com/google/fuzzing/tree/master/dictionaries
​
Challenges
​
https://www.hackthebox.eu/
​
​
https://www.vulnhub.com/
​
​
https://practicalpentestlabs.com/
​
​
https://www.hackthissite.org/
​
​
https://overthewire.org/wargames/
​
​
https://tryhackme.com/
​
​
https://exploit-exercises.lains.space/
​
​
https://old.liveoverflow.com/intro.html
​
​
https://ropemporium.com/
​
​
https://xss-game.appspot.com/
​
​
https://underthewire.tech/
​
​
https://ctftime.org/
​
​
https://www.root-me.org/
​
​
http://smashthestack.org/
​
​
https://exploit.education/
​
​
https://ctf101.org/
​
​
https://github.com/bkimminich/juice-shop-ctf
​
​
https://practicalpentestlabs.com/
​
​
https://cyberedu.ro/
​
​
https://sqlpd.com/
​
​
https://www.crimediggers.nl/
​
Writeups
​
https://github.com/BrieflyX/ctf-pwns
​
​
https://github.com/0xb0bb/pwndra
​
​
https://kileak.github.io/
​
​
https://blog.skullsecurity.org/
​
Linux Specific
​
https://github.com/xairy/easy-linux-pwn
​
​
https://github.com/scwuaptx/HITCON-Training
​
​
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
​
Windows Specific
​
https://libraries.io/github/rkmylo/UACME
​
​
https://www.blackhillsinfosec.com/training/breaching-the-cloud-perimeter-training/
​
​
https://github.com/specterops/at-ps
​
​
https://fullpwnops.com/windows-exploitation-pathway.html
​
Android Specific
​
https://www.youtube.com/watch?v=2uwhrfXCl4I&feature=youtu.be
​
​
https://github.com/ClaudiuGeorgiu/Obfuscapk
​
Privelege Escalation
Tutorials
​
https://payatu.com/guide-linux-privilege-escalation
​
OSINT Tutorials
​
https://community.turgensec.com/shodan-pentesting-guide/
​
​
https://purplesec.us/privilege-escalation-attacks/
​
Tools
​
https://osintframework.com/
​
Buffer Overflows
Videos
​
https://www.youtube.com/watch?v=B4v56Ns3QhQ
​
Tutorials
​
https://github.com/justinsteven/dostackbufferoverflowgood
​
Playlists
​
https://www.youtube.com/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G
​
Binary Exploitation
Playlists
​
https://www.youtube.com/channel/UCi-IXmtQLrJjg5Ji78DqvAg/videos
​
​
https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN
​
Courses
​
https://github.com/RPISEC/MBE
​
Challanges
​
http://pwnable.kr/
​
​
https://pwnable.tw/
​
​
http://pwn.eonew.cn/
​
​
https://github.com/scwuaptx/HITCON-Training
​
​
Reverse Engineering
General
​
https://github.com/ReversingID/Awesome-Reversing
​
Courses
​
https://guyinatuxedo.github.io/index.html
​
Tools
​
https://github.com/horsicq/XELFViewer
​
Malware Analysis
Courses
​
https://class.malware.re/
​
​
https://github.com/ckane/CS7038-Malware-Analysis
​
Bug Bounty
Posts
​
https://forum.bugcrowd.com/t/some-information-for-the-people-getting-started-in-bug-bounties/8464
​
SysAdmin Resources
Linux
N_D
​
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-managing_services_with_systemd-unit_files
​
https://www.onsecurity.co.uk/blog/abusing-kerberos-from-linux
​
Tool
​
https://explainshell.com/
​
​
https://wiki.debian.org/DontBreakDebian
​
​
https://chmod-calculator.com/
​
Courses
​
http://www.vimgenius.com/
​
​
https://www.aws.training/Details/eLearning?id=34259
​
​
https://www.elastic.co/training/specializations/security-analytics/elastic-siem-fundamentals
​
​
https://www.coursera.org/promo/cloud-technology-free-courses
​
Tools
​
https://github.com/sharkdp/bat
​
​
https://github.com/gpakosz/.tmux
​
​
https://github.com/sc0tfree/updog
​
Books
​
http://www.linuxcommand.org/tlcl.php/
​
Windows
Videos
​
https://www.youtube.com/watch?v=qW361k3-BtU
​
Courses
​
https://www.udemy.com/course/installing-configuring-dns-services-on-windows-server-2016/?couponCode=DNS2016FREE
(TEMP)
Programming Resources
General
Challenges
​
https://exercism.io/
​
​
https://runcode.ninja/
​
Books
​
https://www.onlineprogrammingbooks.com/
​
Blogs
​
https://blog.notryan.com/
​
Courses
​
https://codereviewnews.com/learn-about-code-reviews-with-this-free-course/
​
​
https://www.reddit.com/r/learnprogramming/comments/gbfs1w/7_free_courses_100_off_coupons_on_programming/
(TEMP)
Python
Challenges
​
https://py.checkio.org/
​
Books
​
https://automatetheboringstuff.com/
​
Courses
​
https://training.talkpython.fm/courses/all
​
Podcasts
​
https://talkpython.fm/
​
JavaScript
Challenges
​
https://js.checkio.org/
​
Assembly
Courses
​
https://asmtutor.com/
​
​
https://azeria-labs.com/
​
Next - Web PenTesting / Bug Bounty
Bug Bounty Methodology
Last modified
1yr ago
Copy link
Outline
Themes
General Resources
Cyber Security Resources
General
Tools
Challenges
Linux Specific
Windows Specific
Android Specific
Privelege Escalation
OSINT Tutorials
Buffer Overflows
Binary Exploitation
Malware Analysis
Bug Bounty
SysAdmin Resources
Linux
Windows
Programming Resources
Python
JavaScript
Assembly