Resources

Notes
Search…
Notes
Resources
Web PenTesting / Bug Bounty
Bug Bounty Methodology
XSS
XXE
Exploit Development / BoF
Pwntools
Buffer Overflows
Resources
A complex collection of infosec resources collected throughout my journey.
Themes
N_D: Not Defined (If you know where to place these, please place them in the right 'theme').
Books: Everything with a table of contents and longer than 50 pages.
Posts: Posts (commonly blogposts) small one-page literature (with an informational subject).
Papers: Scientific papers (You know...).
Blogs: website consisting of multiple posts.
Lists: A list of some sorts (tools, commands, etc.) without (much) explanations.
Cheat sheets: A list with common commands to use with a certain tool or in a scenario, with explanation of what it does.
Databases: Larger searchable lists about a subject.
Tutorials: (Web)Page about a specific subject for learning a specific part of a tool, langauge, exploit, etc. 
Videos: One video about a subject (a video from youtube, daily motion, twitch clip, etc.).
Courses: Multiple Tutorials stacked into lessons about a certain (larger than with a tutorial) subject.
Challenges: CTFs, wargames and other challenges on a certain subject.
Writeups: Explainations of the CTFs, wargames or challenges.
Playlists: Youtube channels, playlists or other video based 'collection'.
Tools: (Web based) programs, frameworks, etc. about a certain subject.
Podcasts: audio based fragments of certain subjects.
dumps: shared (private) cloud services with multiple files (books, courses, etc.)
EXCEPTION: Everything in [Hacking & Security Resources, but if it fits.....]
General Resources
N_D
​https://pindancing.blogspot.com/2010/12/answer-to-will-you-mentor-me-is.html​
Books
​http://www.allitebooks.org/​
​https://flazxbooks.blogspot.com/​
​http://www.ebookee.ws/​
​https://www.onlineprogrammingbooks.com/​
​https://b-ok.org/​
​https://www.free-ebooks.net/​
​http://www.ebook3000.com/​
​https://www.freetechbooks.com/​
​https://knowfree.tradepub.com/​
​https://www.manning.com/​
​https://www.pdfdrive.com/​
​http://freecomputerbooks.com/​
​http://gen.lib.rus.ec/​
Posts
​https://blog.cloudflare.com/the-history-of-the-url/​
Cheat sheets
​http://cheat.sh/​
​https://learnxinyminutes.com/​
​https://packetlife.net/library/cheat-sheets/​
​https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/?utm_medium=Email&utm_source=HL-NA&utm_content=660935 Cheat Sheet Button&utm_campaign=SANS Free Resources​
Courses
​https://freecoursesite.com/​
​https://www.discudemy.com/​
​https://www.codecademy.com/​
​https://www.coursera.org/​
​https://www.cybrary.it/​
​https://www.edx.org/​
​https://www.futurelearn.com/​
​https://www.tenable.com/education/on-demand-courses​
​https://www.cisco.com/c/m/en_sg/partners/cisco-networking-academy/index.html​
​https://www.udemy.com/course/itprotv-comptia-it-fundamentals-fc0-u61/​
​https://cdn.discordapp.com/attachments/692315721480274050/710497529615351878/VLZ-Premium-Subscription-6-Month-Promotion-External-FAQ.pdf​
​https://www.udemy.com/courses/vodafone/​
​https://dfirdiva.com/training#FreeTraining​
​https://geek-university.com/courses/​
​https://www-freecodecamp-org.cdn.ampproject.org/c/s/www.freecodecamp.org/news/free-courses-top-cs-universities/amp/​
​https://www.cyberaces.org/courses.html​
​https://www.microsoft.com/en-gb/events/training-days/​
Tutorials
​https://brainbell.com/​
Tools
​https://gchq.github.io/CyberChef/​
​https://www.hybrid-analysis.com/​
Lists
​https://github.com/sobolevn/awesome-cryptography/​
Cyber Security Resources
N_D
​https://www.bc-security.org/post/an-introduction-to-starkiller​
​https://trailofbits.github.io/ctf/​
​https://www.securitymagazine.com/articles/92068-free-security-resources-and-services-during-covid-19 (COVID-19)
​https://github.com/RedLectroid/KingCrown​
​https://gist.github.com/terjanq/cd506a49d4439130966bf9855a12f925​
​https://otx.alienvault.com/​
​https://pypi.org/project/uncompyle6/​
General
Books
​https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/tech-briefs/cybersecurity-survival-guide-3rd-edition.pdf​
​https://github.com/tom0li/collection-document/blob/master/Blue Team Field Manual.pdf​
​https://doc.lagout.org/rtfm-red-team-field-manual.pdf​
Tutorials
​https://null-byte.wonderhowto.com/​
​https://www.hacksplaining.com/​
​https://sushant747.gitbooks.io/total-oscp-guide/​
​https://www.utc.edu/center-academic-excellence-cyber-defense/pdfs/4660-lab1.pdf (until lab7.pdf)
Courses
​https://www.cyberaces.org/​
​https://ropemporium.com/​
​https://hackademy.aetherlab.net/​
​https://evasions.checkpoint.com/​
​https://ctf101.org/​
​https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2020/fortinet-makes-all-online-cybersecurity-training-courses-available-for-free.html​
​https://application.security/free-application-security-training​
​https://bitvijays.github.io/index.html​
​https://hackademy.aetherlab.net/p/burp-suite​
​https://www.udemy.com/course/a-guide-to-security-information-and-event-management-siem/?couponCode=CYBERSECURITYMEGA2 (TEMP)
​https://mega.nz/folder/HGg2TCTA#CjyPNP3bktKV9w4_g2xUDg​
​https://www.cs.fsu.edu/~redwood/OffensiveSecurity/lectures.html​
​https://ics-cert-training.inl.gov/learn​
​https://training.fortinet.com/​
​https://www.cyberaces.org/courses.html​
​https://www.securitylearningacademy.com/​
​https://paloaltonetworks.com/idp/lPidY/resumeSAML20/idp/SSO.ping&spentity=csod​
​https://training.cloudsecuritylabs.io/​
​https://enroll.isc2.org/product?catalog=ISC2-CISSP-RVW-PUB&fbclid=IwAR3BJhKDCrvzhW2iHucNd8eS154iKqi7VLHIcK1D8VdPTobx-L53ALCzTqk​
​https://www.futurelearn.com/courses/introduction-to-cyber-security​
​https://www.futurelearn.com/courses/network-security-basics​
​https://www.futurelearn.com/courses/network-defence-management-overview​
​https://www.futurelearn.com/courses/cyber-security-landscape​
​https://www.futurelearn.com/courses/defensive-programming-and-debugging​
​https://www.futurelearn.com/courses/security-operations​
​https://mega.nz/folder/yVhXmZiZ#PugSfAU8Z_BCVLg1tOLl_w​
​https://www.open.edu/openlearn/science-maths-technology/digital-forensics/content-section-0?active-tab=description-tab​
​http://opensecuritytraining.info/Training.html​
​https://www.itmasters.edu.au/free-short-course-enterprise-cyber-security-fundamentals/​
​https://www.itmasters.edu.au/free-short-course-phishing-countermeasures/​
​https://www.itmasters.edu.au/free-short-course-cyber-warfare-and-terrorism/​
​https://www.itmasters.edu.au/free-short-course-digital-forensics/​
​https://www.itmasters.edu.au/free-short-course-computer-network-fundamentals/​
​https://training.accessdata.com/exam/accessdata-certified-investigator​
​https://academy.ehacking.net/courses/category/Free​
Databases
​https://www.exploit-db.com/​
​https://nvd.nist.gov/vuln/search​
​https://cve.mitre.org/​
Cheatsheets
​https://www.hacktoday.io/t/pentesting-cheatsheets/2635​
​https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/​
​https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List​
​https://www.h21lab.com/tools/penetration-testing-cheat-sheet​
​https://www.hackingdream.net/2020/03/linux-privilege-escalation-cheatsheet-for-oscp.html​
​https://www.blackhillsinfosec.com/hashcat-4-10-cheat-sheet-v-1-2018-1/​
​https://www.marcolancini.it/images/posts/blog_hackerplaybook_mindmap.png​
​https://morph3sec.com/Cheat-Sheets/Pentest-Cheat-Sheet/index.html​
​https://github.com/CompassSecurity/Hacking_Tools_Cheat_Sheet​
Lists
​https://github.com/danielmiessler/SecLists​
​https://github.com/swisskyrepo/PayloadsAllTheThings/​
​https://github.com/qazbnm456/awesome-web-security/​
​https://github.com/netbiosX/Checklists​
​https://www.reddit.com/user/goretsky/m/security/new​
​https://github.com/thebleucheese/awesome-threat-intelligence​
​https://github.com/Naetw/CTF-pwn-tips​
​https://github.com/BrieflyX/ctf-pwns​
​https://github.com/sundowndev/hacker-roadmap​
Blogs
​https://pentestlab.blog/​
​https://d4mianwayne.github.io/blog/​
​https://clement.notin.org/​
​https://ired.team/​
​https://www.coalfire.com/The-Coalfire-Blog​
​https://sudocuong.com/​
​https://www.kitploit.com/​
​https://blog.checkpoint.com/​
​https://www.pentestpartners.com/security-blog/​
​https://syedfarazabrar.com/​
​https://resources.infosecinstitute.com/​
Posts
​https://github.com/tjnull/TJ-JPT​
​https://github.com/SethTHM/OldieButGoldie​
Tools
General
​https://github.com/gwen001/pentest-tools​
​https://github.com/SofianeHamlaoui/Lockdoor-Framework​
​https://github.com/SamuraiWTF/samuraiwtf​
​https://ninjutsu-os.github.io/2020/04/18/What-Is-Ninjutsu-OS/​
​https://drive.google.com/file/d/1dxw7KXTyNHCpCwIzVHXD9JclXq3YQ3xf/view (Burp Suite Cracked 2020.4)
​https://github.com/mandatoryprogrammer/CursedChrome​
​https://github.com/deadjakk/Reg1c1de/blob/master/README.md​
Recon
​https://github.com/rebootuser/LinEnum​
​https://github.com/Tib3rius/AutoRecon​
​https://www.zoomeye.org/​
Enummeration
​https://github.com/portcullislabs/enum4linux​
​https://github.com/projectdiscovery/nuclei​
​https://github.com/projectdiscovery/nuclei-templates​
Retrieval
​https://github.com/taviso/loadlibrary​
Lists
​https://github.com/matesz44/favtools​
​https://gist.github.com/gwen001​
​https://github.com/google/fuzzing/tree/master/dictionaries​
Challenges
​https://www.hackthebox.eu/​
​https://www.vulnhub.com/​
​https://practicalpentestlabs.com/​
​https://www.hackthissite.org/​
​https://overthewire.org/wargames/​
​https://tryhackme.com/​
​https://exploit-exercises.lains.space/​
​https://old.liveoverflow.com/intro.html​
​https://ropemporium.com/​
​https://xss-game.appspot.com/​
​https://underthewire.tech/​
​https://ctftime.org/​
​https://www.root-me.org/​
​http://smashthestack.org/​
​https://exploit.education/​
​https://ctf101.org/​
​https://github.com/bkimminich/juice-shop-ctf​
​https://practicalpentestlabs.com/​
​https://cyberedu.ro/​
​https://sqlpd.com/​
​https://www.crimediggers.nl/​
Writeups
​https://github.com/BrieflyX/ctf-pwns​
​https://github.com/0xb0bb/pwndra​
​https://kileak.github.io/​
​https://blog.skullsecurity.org/​
Linux Specific
​https://github.com/xairy/easy-linux-pwn​
​https://github.com/scwuaptx/HITCON-Training​
​https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/​
Windows Specific
​https://libraries.io/github/rkmylo/UACME​
​https://www.blackhillsinfosec.com/training/breaching-the-cloud-perimeter-training/​
​https://github.com/specterops/at-ps​
​https://fullpwnops.com/windows-exploitation-pathway.html​
Android Specific
​https://www.youtube.com/watch?v=2uwhrfXCl4I&feature=youtu.be​
​https://github.com/ClaudiuGeorgiu/Obfuscapk​
Privelege Escalation
Tutorials
​https://payatu.com/guide-linux-privilege-escalation​
OSINT Tutorials
​https://community.turgensec.com/shodan-pentesting-guide/​
​https://purplesec.us/privilege-escalation-attacks/​
Tools
​https://osintframework.com/​
Buffer Overflows
Videos
​https://www.youtube.com/watch?v=B4v56Ns3QhQ​
Tutorials
​https://github.com/justinsteven/dostackbufferoverflowgood​
Playlists
​https://www.youtube.com/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G​
Binary Exploitation
Playlists
​https://www.youtube.com/channel/UCi-IXmtQLrJjg5Ji78DqvAg/videos​
​https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN​
Courses
​https://github.com/RPISEC/MBE​
Challanges
​http://pwnable.kr/​
​https://pwnable.tw/​
​http://pwn.eonew.cn/​
​https://github.com/scwuaptx/HITCON-Training​
​
Reverse Engineering
General
​https://github.com/ReversingID/Awesome-Reversing​
Courses
​https://guyinatuxedo.github.io/index.html​
Tools
​https://github.com/horsicq/XELFViewer​
Malware Analysis
Courses
​https://class.malware.re/​
​https://github.com/ckane/CS7038-Malware-Analysis​
Bug Bounty
Posts
​https://forum.bugcrowd.com/t/some-information-for-the-people-getting-started-in-bug-bounties/8464​
SysAdmin Resources
Linux
N_D
​https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-managing_services_with_systemd-unit_files 
​https://www.onsecurity.co.uk/blog/abusing-kerberos-from-linux​
Tool
​https://explainshell.com/​
​https://wiki.debian.org/DontBreakDebian​
​https://chmod-calculator.com/​
Courses
​http://www.vimgenius.com/​
​https://www.aws.training/Details/eLearning?id=34259​
​https://www.elastic.co/training/specializations/security-analytics/elastic-siem-fundamentals​
​https://www.coursera.org/promo/cloud-technology-free-courses​
Tools
​https://github.com/sharkdp/bat​
​https://github.com/gpakosz/.tmux​
​https://github.com/sc0tfree/updog​
Books
​http://www.linuxcommand.org/tlcl.php/​
Windows
Videos
​https://www.youtube.com/watch?v=qW361k3-BtU​
Courses
​https://www.udemy.com/course/installing-configuring-dns-services-on-windows-server-2016/?couponCode=DNS2016FREE (TEMP)
Programming Resources
General
Challenges
​https://exercism.io/​
​https://runcode.ninja/​
Books
​https://www.onlineprogrammingbooks.com/​
Blogs
​https://blog.notryan.com/​
Courses
​https://codereviewnews.com/learn-about-code-reviews-with-this-free-course/​
​https://www.reddit.com/r/learnprogramming/comments/gbfs1w/7_free_courses_100_off_coupons_on_programming/ (TEMP)
Python
Challenges
​https://py.checkio.org/​
Books
​https://automatetheboringstuff.com/​
Courses
​https://training.talkpython.fm/courses/all​
Podcasts
​https://talkpython.fm/​
JavaScript
Challenges
​https://js.checkio.org/​
Assembly
Courses
​https://asmtutor.com/​
​https://azeria-labs.com/​
Next - Web PenTesting / Bug Bounty
Bug Bounty Methodology
Last modified 1yr ago