View on GitHub

Cyber-Bookmarks

A list of bookmarks I have used since I started my journey in cyber security

Bookmarks

Penetration Testing

OffSec

Penetration Testing with Kali - Online Security Training
Offensive Security Student Support
Offensive Security Forums
Exploits Database by Offensive Security

Windows Privilege Escalation

Checklists/Windows-Privilege-Escalation.md at master · netbiosX/Checklists
Windows Privilege Escalation - a cheatsheet | Tim Arneaud
OSCP - Windows Priviledge Escalation | Hacking and security
FuzzySecurity | Windows Privilege Escalation Fundamentals
Privilege Escalation | To Shell And Back: Adventures In Pentesting

Cheat Sheets

Spawning a TTY Shell
MSFVennom cheat sheet
Msfvenom Cheat Sheet – Security-Geek
Path Traversal Cheat Sheet: Linux — GracefulSecurity
Path Traversal Cheat Sheet: Windows — GracefulSecurity
Reverse Shell Cheat Sheet | pentestmonkey
How to Bypassing Filter to Traversal Attacks ? | Hacking & Tricks
Local Linux Enumeration & Privilege Escalation Cheatsheet – Rebootuser
Escape From SHELLcatraz - Breaking Out of Restricted Unix Shells - Speaker Deck
Common Web-services · Security - My notepad
Nmap Cheat Sheet
Luke’s Ultimate OSCP Guide: Part 3 — Practical hacking tips and tricks
Penetration Testing Methodology - 0DAYsecurity.com
OSCP-Survival-Guide.pdf

SQLinjection

Login Bypass Using SQL Injection
Hacking website using SQL Injection -step by step guide – Ethical Hacking Tutorials | Learn How to Hack | Hacking Tricks | Penetration Testing Lab
Vulnhub – Kioptrix: Level 1.2 (#3) – Guillermo Cura

Enumeration Visualized Wiki

Guides

OSCP · Teck_k2
Offensive Security's Complete Guide to Alpha
how-to-oscp-final.md
Loot and Enumerate · Security - My notepad
Offensive Security's PWB and OSCP - My Experience - Security SiftSecurity Sift
Jack Hacks
Interesting Local File Inclusion method | DiabloHorn
ferreirasc/oscp: oscp study
Offensive Security Certified Professional (OSCP) Review - Jim Wilbur's Blog
Passing OSCP - scund00r
BlackWinter Security | Code and Stuff

Linux Privilege Escalation

Linux Privilege Escalation by Exploiting Cronjobs
Basic Linux Privilege Escalation

Pentest Practice Links

Penetration test lab "Test lab" | Pentestit
CTF365 - Capture The Flag | Security Training Platform
[PentesterLab] PentesterLab Pro
Mainsequence - Exploit Exercises
OverTheWire: Natas Level 0
Welcome [Root Me : Hacking and Information Security learning platform]
Hack The Box :: Penetration Testing Labs
Hack The Box :: Forums
Vulnerable By Design ~ VulnHub

PentesterAcademy

Pentester Academy: Learn Pentesting Online
AttackDefense Labs: Pentester Academy

Bug Bounty

HackerOne

Hacker101 CTF
Hacker101 | HackerOne Platform Documentation

Synack

Synack - Dashboard
Synack Onboarding

Learn to hack and collaborate with other security researchers on bug bounties | BugBountyNotes.com
GitHub - jhaddix/tbhm: The Bug Hunters Methodology
Tomnomnom Vim Tutorial - Knowledge Base
Assetnote Wordlists

Penetration Testing with Kali - Online Security Training
Offensive Security Student Support
Offensive Security - Purchase Page
Offensive Security - Exam Scheduling Link
Exploits Database by Offensive Security
Offensive Security Forums
Hack The Box :: Penetration Testing Labs
Hack The Box :: Forums
IppSec - YouTube
Vulnerable By Design ~ VulnHub
codingo/Reconnoitre: A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Scripts/Enumeration.py at master · MistSpark/Scripts · GitHub

Pentesting Links

Penetration test lab "Test lab" | Pentestit
CTF365 - Capture The Flag | Security Training Platform
[PentesterLab] PentesterLab Pro
Mainsequence - Exploit Exercises
OverTheWire: Natas Level 0
Welcome [Root Me : Hacking and Information Security learning platform]

Pentester Academy: Learn Pentesting Online
AttackDefense Labs: Pentester Academy
Attify Store - Offensive IoT Exploitation | Attify Store
Flex Center // Infosec Skills :: Home

Reverse Engineering

GREM

IT and Information Security Cheat Sheets
GIAC GREM Certification | Reverse Engineering Malware
Cheat Sheet for Analyzing Malicious Software

Reading

The_Evolution_of_TDL.pdf
Detecting DNS Tunneling
Two's Complement

VirusTotal
Learn to Develop with Microsoft Developer Network | MSDN
GitHub - ytisf/theZoo: A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
MalwareTech - Life of a Malware Analyst
The “Ultimate”Anti-Debugging Reference
DEF CON CHINA
Reverse Engineering challenges

ARM

Writing ARM Assembly (Part 1) | Azeria Labs

Hardware

FCC OET Authorization Search
IoT Firmware Exploitation Online
Practical Reverse Engineering Part 1 - Hunting for Debug Ports · Hack The World
Intro to Hardware Hacking - Dumping your First Firmware
IoT Hacking Tools | Attify Store
Electronics – /dev/ttyS0
Extracting Flash Memory over SPI | GracefulSecurity
NAND Flash Data Recovery Cookbook
Centrifuge Platform® | Firmware Security Analysis | ReFirm Labs
Binwalk Pro

Network Protocols

Reverse Engineering Network Protocols - Jack Hacks

hasherezade (hasherezade)
Hasherezade's projects

SDR Hacking

Signal Identification Wiki

The Cryptopals Crypto Challenges

ExploitDev

Corelan

..:: Corelan Team | Peter Van Eeckhoutte (corelanc0d3r) ::..
Exploit writing tutorial part 1 : Stack Based Overflows | Corelan Team
Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode | Corelan Team
Exploit writing tutorial part 3 : SEH Based Exploits | Corelan Team
Exploit writing tutorial part 3b : SEH Based Exploits – just another example | Corelan Team
Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics | Corelan Team
Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development | Corelan Team
Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR | Corelan Team
Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc | Corelan Team
Exploit writing tutorial part 8 : Win32 Egg Hunting | Corelan Team
Exploit writing tutorial part 9 : Introduction to Win32 shellcoding | Corelan Team

Reverse Engineering and Binary Exploitation Series | PWNTHEBOX!
FuzzySecurity | Tutorials

ARM

Products
GitHub - Billy-Ellis/Exploit-Challenges: A collection of vulnerable ARM binaries for practicing exploit development
Writing ARM Assembly (Part 1) | Azeria Labs
Search [Root Me : Hacking and Information Security learning platform]
Corellium
arm_exploitation/exploitation_on_arm_based_systems.pdf at master · sashs/arm_exploitation
15/85 Security
ROP on ARM with radare2
Microsoft Word - ARM paperF.docx

OSCE

Offensive Security’s CTP & OSCE Review - Jack Hacks
OSCE/CTP Prep Guide – Tulpa Security
mona.py – the manual | Corelan Team
Resources for OSCE
CTP/OSCE Prep – Wrapping Up Our Prep - The Human Machine Interface
h0mbre/CTP-OSCE: Scripts I used during CTP
jtpereyda/boofuzz: A fork and successor of the Sulley Fuzzing Framework
Study Guide & Tips: Offensive Security Certified Expert (OSCE) / Cracking The Perimeter (CTP) - Amin Bohio
phra's blog ~ Technical posts about InfoSec
abatchy's blog | OSCE Study Plan
Upgrade from LFI to RCE via PHP Sessions - RCE Security
Taking_Back_Netcat.pdf
OSCE Review (CTP Course) - Everything S3curity

The Human Machine Interface
h0mbre/Learning-C: A series of mini-projects used to learn C for beginners
metasploit-payloads/c/meterpreter/workspace at master · rapid7/metasploit-payloads

Linux Exploitation

xairy/linux-kernel-exploitation: A collection of links related to Linux kernel exploitation

OSEE

awe_syllabus_2018
OSEE - AWEstralia 2018 preparations | www.jollyfrogs.com
timip/OSEE: OSEE Preparation
Common WinDbg Commands (Thematically Grouped)
Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment - rootkit
abatchy's blog | Tutorials

IoT Hardware

IoT Firmware Exploitation Online | Registration

The best resources for learning exploit development – Fabio Baroni
Backdooring PE Files with Shellcode - Red Teaming Experiments

Windows Exploitation

Ricerca Security: "I'll ask your body": SMBGhost…
SMBleedingGhost Writeup: Chaining SMBleed (CVE-20…
Windows Internals & Software Drivers – OSR
What is this? - Red Teaming Experiments

Qemu

Installing Qemu for Windows [E-Maculation wiki]
Qemu package and guide for Windows available • E-Maculation Forum
Index of /lubuntu/releases/16.04/release
Building PPC Linux code using QEMU on Ubuntu 18.04 LTS
Debian Ports
Qemu - Google Drive
hugsy/cemu: Cheap EMUlator: lightweight multi-architecture assembly playground

Microcontrollers and SDRs

Nyan Sat - Satellite Communications Challenge - Chapter 0

GNURadio

GNU Radio
Tutorials - GNU Radio

Embedded Programming

FastBit Embedded Brain Academy | Works on Firmware and Embedded Engineering | Udemy

WebSecAcademy

Web Security Academy: Free Online Training from PortSwigger