4368acd290 | ||
---|---|---|
LICENSE | ||
README.md |
README.md
Awesome Resources For Learning Hacking & Pentesting
What I’m sharing here is a collection of some best resources about Hacking & Penetration Testing to make you learn faster! Let's make it the best resource repository for our community.
Also you can find my own writeups/tutorials on medium : @hussnainfareed :)
Books
- The Hacker Playbook 2: Practical Guide To Penetration Testing
- The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy
- Breaking into Information Security: Learning the Ropes 101
- Penetration Testing: A Hands-On Introduction to Hacking
- Social Engineering: The Art of Human Hacking
- Hacking: The Art of Exploitation, 2nd Edition
- Web Hacking 101
- OWASP Testing Guide (A must read for web application developers and penetration testers)
Learning Platforms to Sharpen Your Skills
Online
Name | Description |
---|---|
CTF Hacker101 | The Hacker101 CTF is a game designed to let you learn to hack in a safe, rewarding environment. Hacker101 is a free educational site for hackers. |
Hack The Box :: Penetration Testing Labs | An online platform to test and advance your skills in penetration testing and cyber security. Join today and start training in our online labs. |
CTF365 | An account based ctf site, awarded by Kaspersky, MIT, T-Mobile. |
Backdoor | Pen testing labs that have a space for beginners, a practice arena and various competitions, account required. |
Hack.me | Lets you build/host/attack vulnerable web apps. |
CTFLearn | An account-based ctf site, where users can go in and solve a range of challenges. |
OWASP Vulnerable Web Applications Directory Project (Online) | List of online available vulnerable applications for learning purposes. |
Pentestit labs | Hands-on Pentesting Labs (OSCP style) |
Root-me.org | Hundreds of challenges are available to train yourself in different and not simulated environments |
Vulnhub.com | Vulnerable By Design VMs for practical 'hands-on' experience in digital security |
Windows / Linux Local Privilege Escalation Workshop | Practice your Linux and Windows privilege escalation. |
Hacking Articles | CTF Breif Write up collection with a lot of screenshots good for beggainers. |
Rafay Hacking Articles, a great blog | Write up collections by Rafay Baloch. |
Off-Line
Name | Description |
---|---|
Damn Vulnerable Xebia Training Environment | Docker Container including several vurnerable web applications (DVWA,DVWServices, DVWSockets, WebGoat, Juiceshop, Railsgoat, django.NV, Buggy Bank, Mutilidae II and more) |
OWASP Vulnerable Web Applications Directory Project (Offline) | List of offline available vulnerable applications for learning purposes |
Vulnerable Machines/Websites
Vulnerability Databases And Resources
Vulnerability Databases are the first place to start your day as a security professional. Any new vulnerability detection is generally available through the public vulnerability databases. These databases are a big source of information for hackers to be able to understand and exploit/avoid/fix the vulnerability.
- http://www.exploit-db.com/
- http://1337day.com/
- http://securityvulns.com/
- http://www.securityfocus.com/
- http://www.osvdb.org/
- http://www.securiteam.com/
- http://secunia.com/advisories/
- http://insecure.org/sploits_all.html
- http://zerodayinitiative.com/advisories/published/
- http://nmrc.org/pub/index.html
- http://web.nvd.nist.gov
- http://www.vupen.com/english/security-advisories/
- http://www.vupen.com/blog/
- http://cvedetails.com/
- http://www.rapid7.com/vulndb/index.jsp
- http://oval.mitre.org/
Linux Penetration Testing OS
Name | Description |
---|---|
Android Tamer | Android Tamer is a Virtual / Live Platform for Android Security professionals. |
BackBox | open source community project, promoting security in IT enivornments |
BlackArch | Arch Linux based pentesting distro, compatible with Arch installs |
Bugtraq | advanced GNU Linux pen-testing technology |
Kali | the infamous pentesting distro from the folks at Offensive Security |
LionSec Linux | pentesting OS based on Ubuntu |
Parrot | Debian includes full portable lab for security, DFIR, and development |
Courses
For those who want to do CEH, the following links are for you. 2. CBT Nuggets CEH Training 3. CEH Books 4. Guide to Binary Exploitation
Workshops/Playlists
Security Talks and Conferences
- InfoCon - Hacking Conference Archive
- Curated list of Security Talks and Videos
- Blackhat
- Defcon
- Security Tube
- Kevin Mitnick: Live Hack at CeBIT
- Ghost in the Cloud, Kevin Mitnick
- Kevin Mitnick | Talks at Google
- Complete Free Hacking Course: Go from Beginner to Expert Hacker Today
YouTube Channels
Now let’s get Towards YouTube Channel Links... These Channels are Shared By Hackers where They Upload their Video POCs.. Watching them u can actually understand how to demonstrate these type of attacks...
- SecurityIdiots
- Black Hat
- Injector Pca
- Hisham Mir
- Devil Killer
- Suleman Malik
- Dem0n
- Frans Rosén
- HackerOne
- ak1t4 machine
- Shawar Khan
- vulnerability0lab
- Bugcrowd
- Vijay Kumar
- Web Development Tutorials
- Jan Wikholm
- Bhargav Tandel
- ErrOr SquaD
- Hussnain Fareed
- Penetration Testing in Linux
Any Channel Link Missing? Kindly add it in Comments
Forums
Name | Description |
---|---|
0x00sec | hacker, malware, computer engineering, Reverse engineering |
Antichat | russian based forum |
CODEBY.NET | hacker, WAPT, malware, computer engineering, Reverse engineering, forensics - russian based forum |
EAST Exploit database | exploit DB for commercial exploits written for EAST Pentest Framework |
Greysec | hacking and security forum |
Hackforums | posting webstite for hacks/exploits/various discussion |
Contribution
Your contributions and suggestions are heartily welcome.
NOTE:
All references taken from Internet and shared on internet xD Thanks to those who shared their opinion before that helped me learn 😉 if you have any questions, please ask in the comments. If you know about any good resource for beginners, please share it.
For more articles on hacking you can follow me on Medium: