Penetration Testing
OffSec
- Penetration Testing with Kali - Online Security Training
- Offensive Security Student Support
- Offensive Security Forums
- Exploits Database by Offensive Security
- Offensive Security Student Support
Windows Privilege Escalation
- Checklists/Windows-Privilege-Escalation.md at master · netbiosX/Checklists
- Windows Privilege Escalation - a cheatsheet | Tim Arneaud
- OSCP - Windows Priviledge Escalation | Hacking and security
- FuzzySecurity | Windows Privilege Escalation Fundamentals
- Privilege Escalation | To Shell And Back: Adventures In Pentesting
- Windows Privilege Escalation - a cheatsheet | Tim Arneaud
Cheat Sheets
- Spawning a TTY Shell
- MSFVennom cheat sheet
- Msfvenom Cheat Sheet – Security-Geek
- Path Traversal Cheat Sheet: Linux — GracefulSecurity
- Path Traversal Cheat Sheet: Windows — GracefulSecurity
- Reverse Shell Cheat Sheet | pentestmonkey
- How to Bypassing Filter to Traversal Attacks ? | Hacking & Tricks
- Local Linux Enumeration & Privilege Escalation Cheatsheet – Rebootuser
- Escape From SHELLcatraz - Breaking Out of Restricted Unix Shells - Speaker Deck
- Common Web-services · Security - My notepad
- Nmap Cheat Sheet
- Luke’s Ultimate OSCP Guide: Part 3 — Practical hacking tips and tricks
- Penetration Testing Methodology - 0DAYsecurity.com
- OSCP-Survival-Guide.pdf
SQLinjection
- MSFVennom cheat sheet
- Login Bypass Using SQL Injection
- Hacking website using SQL Injection -step by step guide – Ethical Hacking Tutorials | Learn How to Hack | Hacking Tricks | Penetration Testing Lab
- Vulnhub – Kioptrix: Level 1.2 (#3) – Guillermo Cura
- Hacking website using SQL Injection -step by step guide – Ethical Hacking Tutorials | Learn How to Hack | Hacking Tricks | Penetration Testing Lab
- Enumeration Visualized Wiki
Guides
- OSCP · Teck_k2
- Offensive Security's Complete Guide to Alpha
- how-to-oscp-final.md
- Loot and Enumerate · Security - My notepad
- Offensive Security's PWB and OSCP - My Experience - Security SiftSecurity Sift
- Jack Hacks
- Interesting Local File Inclusion method | DiabloHorn
- ferreirasc/oscp: oscp study
- Offensive Security Certified Professional (OSCP) Review - Jim Wilbur's Blog
- Passing OSCP - scund00r
- BlackWinter Security | Code and Stuff
- Offensive Security's Complete Guide to Alpha
Linux Privilege Escalation
Pentest Practice Links
- Penetration test lab "Test lab" | Pentestit
- CTF365 - Capture The Flag | Security Training Platform
- [PentesterLab] PentesterLab Pro
- Mainsequence - Exploit Exercises
- OverTheWire: Natas Level 0
- Welcome [Root Me : Hacking and Information Security learning platform]
- Hack The Box :: Penetration Testing Labs
- Hack The Box :: Forums
- Vulnerable By Design ~ VulnHub
- CTF365 - Capture The Flag | Security Training Platform
PentesterAcademy
Bug Bounty
HackerOne
Synack
- Learn to hack and collaborate with other security researchers on bug bounties | BugBountyNotes.com
- GitHub - jhaddix/tbhm: The Bug Hunters Methodology
- Tomnomnom Vim Tutorial - Knowledge Base
- Assetnote Wordlists
- GitHub - jhaddix/tbhm: The Bug Hunters Methodology
- Penetration Testing with Kali - Online Security Training
- Offensive Security Student Support
- Offensive Security - Purchase Page
- Offensive Security - Exam Scheduling Link
- Exploits Database by Offensive Security
- Offensive Security Forums
- Hack The Box :: Penetration Testing Labs
- Hack The Box :: Forums
- IppSec - YouTube
- Vulnerable By Design ~ VulnHub
- codingo/Reconnoitre: A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
- Scripts/Enumeration.py at master · MistSpark/Scripts · GitHub
Pentesting Links
- Offensive Security Student Support
- Penetration test lab "Test lab" | Pentestit
- CTF365 - Capture The Flag | Security Training Platform
- [PentesterLab] PentesterLab Pro
- Mainsequence - Exploit Exercises
- OverTheWire: Natas Level 0
- Welcome [Root Me : Hacking and Information Security learning platform]
- CTF365 - Capture The Flag | Security Training Platform
- Pentester Academy: Learn Pentesting Online
- AttackDefense Labs: Pentester Academy
- Attify Store - Offensive IoT Exploitation | Attify Store
- Flex Center // Infosec Skills :: Home
- AttackDefense Labs: Pentester Academy
Reverse Engineering
GREM
- IT and Information Security Cheat Sheets
- GIAC GREM Certification | Reverse Engineering Malware
- Cheat Sheet for Analyzing Malicious Software
Reading
- GIAC GREM Certification | Reverse Engineering Malware
- VirusTotal
- Learn to Develop with Microsoft Developer Network | MSDN
- GitHub - ytisf/theZoo: A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
- MalwareTech - Life of a Malware Analyst
- The “Ultimate”Anti-Debugging Reference
- DEF CON CHINA
- Reverse Engineering challenges
ARM
- Learn to Develop with Microsoft Developer Network | MSDN
Hardware
- FCC OET Authorization Search
- IoT Firmware Exploitation Online
- Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
- Intro to Hardware Hacking - Dumping your First Firmware
- IoT Hacking Tools | Attify Store
- Electronics – /dev/ttyS0
- Extracting Flash Memory over SPI | GracefulSecurity
- NAND Flash Data Recovery Cookbook
- Centrifuge Platform® | Firmware Security Analysis | ReFirm Labs
- Binwalk Pro
- IoT Firmware Exploitation Online
Network Protocols
- hasherezade (hasherezade)
- Hasherezade's projects
SDR Hacking
- Hasherezade's projects
- The Cryptopals Crypto Challenges
ExploitDev
Corelan
- ..:: Corelan Team | Peter Van Eeckhoutte (corelanc0d3r) ::..
- Exploit writing tutorial part 1 : Stack Based Overflows | Corelan Team
- Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode | Corelan Team
- Exploit writing tutorial part 3 : SEH Based Exploits | Corelan Team
- Exploit writing tutorial part 3b : SEH Based Exploits – just another example | Corelan Team
- Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics | Corelan Team
- Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development | Corelan Team
- Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR | Corelan Team
- Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc | Corelan Team
- Exploit writing tutorial part 8 : Win32 Egg Hunting | Corelan Team
- Exploit writing tutorial part 9 : Introduction to Win32 shellcoding | Corelan Team
- Exploit writing tutorial part 1 : Stack Based Overflows | Corelan Team
- Reverse Engineering and Binary Exploitation Series | PWNTHEBOX!
- FuzzySecurity | Tutorials
ARM
- FuzzySecurity | Tutorials
- Products
- GitHub - Billy-Ellis/Exploit-Challenges: A collection of vulnerable ARM binaries for practicing exploit development
- Writing ARM Assembly (Part 1) | Azeria Labs
- Search [Root Me : Hacking and Information Security learning platform]
- Corellium
- arm_exploitation/exploitation_on_arm_based_systems.pdf at master · sashs/arm_exploitation
- 15/85 Security
- ROP on ARM with radare2
- Microsoft Word - ARM paperF.docx
- GitHub - Billy-Ellis/Exploit-Challenges: A collection of vulnerable ARM binaries for practicing exploit development
OSCE
- Offensive Security’s CTP & OSCE Review - Jack Hacks
- OSCE/CTP Prep Guide – Tulpa Security
- mona.py – the manual | Corelan Team
- Resources for OSCE
- CTP/OSCE Prep – Wrapping Up Our Prep - The Human Machine Interface
- h0mbre/CTP-OSCE: Scripts I used during CTP
- jtpereyda/boofuzz: A fork and successor of the Sulley Fuzzing Framework
- Study Guide & Tips: Offensive Security Certified Expert (OSCE) / Cracking The Perimeter (CTP) - Amin Bohio
- phra's blog ~ Technical posts about InfoSec
- abatchy's blog | OSCE Study Plan
- Upgrade from LFI to RCE via PHP Sessions - RCE Security
- Taking_Back_Netcat.pdf
- OSCE Review (CTP Course) - Everything S3curity
- OSCE/CTP Prep Guide – Tulpa Security
- The Human Machine Interface
- h0mbre/Learning-C: A series of mini-projects used to learn C for beginners
- metasploit-payloads/c/meterpreter/workspace at master · rapid7/metasploit-payloads
Linux Exploitation
- h0mbre/Learning-C: A series of mini-projects used to learn C for beginners
OSEE
- awe_syllabus_2018
- OSEE - AWEstralia 2018 preparations | www.jollyfrogs.com
- timip/OSEE: OSEE Preparation
- Common WinDbg Commands (Thematically Grouped)
- Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment - rootkit
- abatchy's blog | Tutorials
- OSEE - AWEstralia 2018 preparations | www.jollyfrogs.com
IoT Hardware
- The best resources for learning exploit development – Fabio Baroni
- Backdooring PE Files with Shellcode - Red Teaming Experiments
Windows Exploitation
- Backdooring PE Files with Shellcode - Red Teaming Experiments
- Ricerca Security: "I'll ask your body": SMBGhost…
- SMBleedingGhost Writeup: Chaining SMBleed (CVE-20…
- Windows Internals & Software Drivers – OSR
- What is this? - Red Teaming Experiments
- SMBleedingGhost Writeup: Chaining SMBleed (CVE-20…
Qemu
- Installing Qemu for Windows [E-Maculation wiki]
- Qemu package and guide for Windows available • E-Maculation Forum
- Index of /lubuntu/releases/16.04/release
- Building PPC Linux code using QEMU on Ubuntu 18.04 LTS
- Debian Ports
- Qemu - Google Drive
- hugsy/cemu: Cheap EMUlator: lightweight multi-architecture assembly playground
- Qemu package and guide for Windows available • E-Maculation Forum
Microcontrollers and SDRs
GNURadio
Embedded Programming
WebSecAcademy