General – Windows/AD – PWN – Web – Mobile – Password Cracking – Boot-2-Root/Wargames – Misc.
General
| Title | Link | Description |
|---|---|---|
| FuzzySecurity | Link! | Collection of security related topic by FuzzySecurity |
| Security and Pentesting Resources | Link! | A collection of online resources |
| 0x00sec | Link! | “The home of the Hacker” |
| Awesome Hacking | Link! | A collection of various awesome lists for hackers, pentesters and security researchers |
| CTF 101 | Link! | In this guide/wiki/handbook you’ll learn the techniques, thought processes, and methodologies you need to succeed in Capture the Flag competitions. |
Windows/AD
| Title | Link | Description |
|---|---|---|
| Microsoft Services and Ports | Link! | Service overview and network port requirements for Windows |
| Active Directory Kill Chain Attack & Defense | Link! | Attack and defend active directory using modern post exploitation adversary tradecraft activity |
| Awesome Windows Red Team | Link! | A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams |
| Active Directory Security | Link! | ADSecurity.org (Active Directory Security) is a place where he (Sean Metcalf) shares Microsoft enterprise security guidance and information about current threats to enterprise networks & mitigation for these threats, Active Directory design and configuration tips, as well as leveraging PowerShell in an Active Directory environment. |
Pwn
| Title | Link | Description |
|---|---|---|
| pwn.college | Link! | pwn.college is a first-stage education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion. It is designed to take a “white belt” in cybersecurity to becoming a “yellow belt”, able to approach (simple) CTFs and wargames. |
| ROP Emporium | Link! | Learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering or bug hunting. |
| Interactive Beginner’s Guide to ROP | Link! | Vetie’s Guide on ROP – Includes an interactive console |
| Linux Kernel Teaching | Link! | This is a collection of lectures and labs Linux kernel topics. The lectures focus on theoretical and Linux kernel exploration. |
| Nightmare | Link! | Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges |
| pwntools Tutorial | Link! | This repository contains some basic tutorials for getting started with pwntools (and pwntools). |
| Libc Database | Link! | libc database that allows version enumeration from a libc leak. Also includes the BuildID for use with One_Gadget |
| One_Gadget | Link! | The best tool for finding one gadget RCE in libc.so.6 |
Web
| Title | Link | Description |
|---|---|---|
| PortSwigger’s Web Security Academy | Link! | Brought to you by the creators of BurpSuite & the author of The Web Application Hacker’s Handbook |
| PentesterLab | Link! | Excellent resource to learn Web Hacking |
| OWASP’s Web Security Testing Guide | Link! | The WSTG is a comprehensive guide to testing the security of web applications and web services. |
Mobile
| Title | Link | Description |
|---|---|---|
| Mobile Application Penetration Testing Cheat Sheet | Link! | The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. |
| Android App Reverse Engineering 101 | Link! | This workshop’s goal is to give you the foundations to begin reverse engineering Android applications. |
| OWASP Mobile Security Testing Guide | Link! | The MSTG is a comprehensive manual for mobile app security testing and reverse engineering for iOS and Android mobile security testers. |
Password Cracking
| Title | Link | Description |
|---|---|---|
| One Rule to Rule Them All – Blog Post | Link! | |
| one Rule to Rule Them All – Rule | Link! | One rule to crack all passwords. or atleast we hope so. |
| J3rryBla4nks’ Password Cracking Methodology | Link! | |
| Probable Wordlists | Link! | Wordlists sorted by probability originally created for password generation and testing – make sure your passwords aren’t popular! |
Boot-2-Root/Wargames
| Title | Link | Description |
|---|---|---|
| HackTheBox | Link! | Cyber Security Gamified |
| VulnHub | Link! | To provide materials that allows anyone to gain practical ‘hands-on’ experience in digital security, computer software & network administration. |
| TryHackMe | Link! | A site geared toward beginners in cybersecurity, complete with public walkthroughs for most machines. |
| Exploit Education | Link! | exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues. |
| OverTheWire | Link! | The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. |
| PWNABLE.KR | Link! | ‘pwnable.kr’ is a non-commercial wargame site which provides various pwn challenges regarding system exploitation. the main purpose of pwnable.kr is ‘fun’. |
| crackmes.one | Link! | This is a simple place where you can download crackmes to improve your reverse engineering skills. |
Misc.
| Title | Link | Description |
|---|---|---|
| Crypto101 | Link! | Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels. |
| Powershell for Pentesters | Link! | A GitHub repo containing lessons for approaching powershell from the perspective of a pentester |
| How to Prepare to Take the Offensive Security Certified Professional (OSCP) Exam | Link! | |
| Reverse Engineering 101 | Link! | This workshop provides the fundamentals of reversing engineering (RE) Windows malware using a hands-on experience with RE tools and techniques. |