From e7f7c6cfe6e96223ad6339bcc339e7cb43e1051a Mon Sep 17 00:00:00 2001 From: berndstelzl Date: Wed, 9 Oct 2019 09:17:52 +0200 Subject: [PATCH 1/9] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 51abe46..2b5da65 100644 --- a/README.md +++ b/README.md @@ -199,7 +199,8 @@ Name | Description [Stereotyped Challenges](https://chall.stypr.com/) | Challenges for web security professionals, account required. [Stripe CTF 2.0](https://github.com/stripe-ctf) | Past security contest where you can discover and exploit vulnerabilities in mock web applications. [Windows / Linux Local Privilege Escalation Workshop](https://github.com/sagishahar/lpeworkshop) | Practice your Linux and Windows privilege escalation -[Hacking Articles](http://www.hackingarticles.in/ctf-challenges1/) | CTF Brief Write up collection with a lot of screenshots good for beggainers +[Hacking Articles](http://www.hackingarticles.in/ctf-challenges1/) | CTF Brief Write up collection with a lot of screenshots good for beginners +[Hacking Lab](https://www.hacking-lab.com/index.html) | European platform hosting lots of riddles, challenges and competitions ### Reverse Engineering, Buffer Overflow and Exploit Development Name | Description From 7be4c09379c2be9f7ee6f054006f1465b7380894 Mon Sep 17 00:00:00 2001 From: Sergei Z <40901856+z3v5@users.noreply.github.com> Date: Sat, 12 Oct 2019 20:08:46 +0200 Subject: [PATCH 2/9] Added Hacker101 CTF --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 51abe46..a66b663 100644 --- a/README.md +++ b/README.md @@ -200,6 +200,7 @@ Name | Description [Stripe CTF 2.0](https://github.com/stripe-ctf) | Past security contest where you can discover and exploit vulnerabilities in mock web applications. [Windows / Linux Local Privilege Escalation Workshop](https://github.com/sagishahar/lpeworkshop) | Practice your Linux and Windows privilege escalation [Hacking Articles](http://www.hackingarticles.in/ctf-challenges1/) | CTF Brief Write up collection with a lot of screenshots good for beggainers +[Hacker101 CTF](https://ctf.hacker101.com/) | CTF hosted by HackerOne, always online. You will receive invitations to some private programs on HackerOne platform as a reward. ### Reverse Engineering, Buffer Overflow and Exploit Development Name | Description From 576a7b5764ed40908a382a17f5718fede58d98de Mon Sep 17 00:00:00 2001 From: sdikrip <56939630+sdikrip@users.noreply.github.com> Date: Tue, 29 Oct 2019 20:51:18 -0300 Subject: [PATCH 3/9] Update README.md added two new forums to the forums sub-set, a new resource to reverse-engineering and another security OS option. --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 51abe46..d0a7d75 100644 --- a/README.md +++ b/README.md @@ -228,6 +228,7 @@ Name | Description [reversing.kr challenges](http://www.reversing.kr/challenge.php) | reverse engineering challenges varying in difficulty [Shell storm](http://shell-storm.org/) | Blog style collection with organized info about Rev. Engineering. [Shellcode Injection](https://dhavalkapil.com/blogs/Shellcode-Injection/) | a blog entry from a grad student at SDS Labs +[Micro Corruption — Assembly](https://microcorruption.com) | CTF designed to learning Assembly by practicing ### Privilege Escalation Name | Description @@ -304,6 +305,7 @@ Name | Description [Kali](http://kali.org/) | the infamous pentesting distro from the folks at Offensive Security [LionSec Linux](https://lionsec-linux.org/) | pentesting OS based on Ubuntu [Parrot ](https://www.parrotsec.org/) | Debian includes full portable lab for security, DFIR, and development +[Pentoo](https://www.pentoo.ch/) | pentesting OS based on Gentoo ### Exploits Name | Description @@ -322,7 +324,8 @@ Name | Description [EAST Exploit database](http://eastexploits.com/) | exploit DB for commercial exploits written for EAST Pentest Framework [Greysec](https://greysec.net) | hacking and security forum [Hackforums](https://hackforums.net/) | posting webstite for hacks/exploits/various discussion - +[4Hat Day](http://4hatday.com) | brazilian based hacker forum +[CaveiraTech](https://caveiratech.com/forum) | brazilian based general hacker forum ### Archived Security Conference Videos From 9554ccf552daa8c71e0bf99ee22ca41a6a852b53 Mon Sep 17 00:00:00 2001 From: sdikrip <56939630+sdikrip@users.noreply.github.com> Date: Tue, 29 Oct 2019 20:53:23 -0300 Subject: [PATCH 4/9] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d0a7d75..2949b07 100644 --- a/README.md +++ b/README.md @@ -228,7 +228,7 @@ Name | Description [reversing.kr challenges](http://www.reversing.kr/challenge.php) | reverse engineering challenges varying in difficulty [Shell storm](http://shell-storm.org/) | Blog style collection with organized info about Rev. Engineering. [Shellcode Injection](https://dhavalkapil.com/blogs/Shellcode-Injection/) | a blog entry from a grad student at SDS Labs -[Micro Corruption — Assembly](https://microcorruption.com) | CTF designed to learning Assembly by practicing +[Micro Corruption — Assembly](https://microcorruption.com) | CTF designed to learn Assembly by practicing ### Privilege Escalation Name | Description @@ -325,7 +325,7 @@ Name | Description [Greysec](https://greysec.net) | hacking and security forum [Hackforums](https://hackforums.net/) | posting webstite for hacks/exploits/various discussion [4Hat Day](http://4hatday.com) | brazilian based hacker forum -[CaveiraTech](https://caveiratech.com/forum) | brazilian based general hacker forum +[CaveiraTech](https://caveiratech.com/forum) | brazilian based, general hacker forum ### Archived Security Conference Videos From ed864d08940366379908d2146046ebd4a05703d4 Mon Sep 17 00:00:00 2001 From: Myo Soe Date: Thu, 14 Nov 2019 00:04:41 +0800 Subject: [PATCH 5/9] Added cybersecurity.wtf --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 51abe46..d553bd1 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,7 @@ Name | Description [OWASP top 10 web security risks](https://www.online.hack2secure.com/courses/owasp-top10-web-security-risk) | free courseware, requires account [SecurityTube](http://www.securitytube.net/) | tube-styled content, "megaprimer" videos covering various topics, no readable content on site. [Seed Labs](http://www.cis.syr.edu/~wedu/seed/labs.html) | academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings +[CyberSec WTF](https://cybersecurity.wtf) | CyberSec WTF Web Hacking Challenges from Bounty write-ups ### YouTube Channels Name | Description From 4d2b58ea406f6f3b21acf5655849e644219249c7 Mon Sep 17 00:00:00 2001 From: Mark <55981308+Luci-d@users.noreply.github.com> Date: Tue, 19 Nov 2019 17:54:02 +0200 Subject: [PATCH 6/9] update added spyse --- tools.md | 1 + 1 file changed, 1 insertion(+) diff --git a/tools.md b/tools.md index 21cfd70..45a3278 100644 --- a/tools.md +++ b/tools.md @@ -90,6 +90,7 @@ Name | Description ### Search Engine for Penetration Tester Name | Description ---- | ---- +[Spyse](https://spyse.com/) | Spyse collects valuable data from all open source internet and stores it in its own database to provide instant access to the data. [Censys](https://www.censys.io/) | Censys continually monitors every reachable server and device on the Internet, so you can search for and analyze them in real time [Shodan](http://shodan.io/) | Shodan is the world's first search engine for Internet-connected devices. [WiGLE](https://wigle.net/index) | Maps and database of 802.11 wireless networks, with statistics, submitted by wardrivers, netstumblers, and net huggers. From e5306ef8f5498b34cbd921a52796506ad7e8c7dd Mon Sep 17 00:00:00 2001 From: Dennis Devey Date: Wed, 19 Feb 2020 21:24:02 -0800 Subject: [PATCH 7/9] added hoppersroppers --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 51abe46..5802802 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,7 @@ Name | Description [OWASP top 10 web security risks](https://www.online.hack2secure.com/courses/owasp-top10-web-security-risk) | free courseware, requires account [SecurityTube](http://www.securitytube.net/) | tube-styled content, "megaprimer" videos covering various topics, no readable content on site. [Seed Labs](http://www.cis.syr.edu/~wedu/seed/labs.html) | academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings +[Hopper's Roppers Intro to Security](https://hoppersroppers.github.io/course.html) | Free self-paced course that teaches foundational knowledge and how to find and use resources to succeed. Meant to prepare for students for whatever comes next. Guest access available. ### YouTube Channels Name | Description From 561e77fcc4e10cfb8e7a1c1b5c72cf56fa84abce Mon Sep 17 00:00:00 2001 From: Dennis Devey Date: Wed, 19 Feb 2020 21:27:28 -0800 Subject: [PATCH 8/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5802802..b63512b 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ Name | Description [Free cyber security training](https://www.samsclass.info/) | Academic content, 8 full courses with videos from a quirky instructor sam, links to research, defcon materials and other recommended training/learning [Interactive labs with White Hat Academy](https://ex.whitehat.academy) | 32 labs, easy account sign in with github credentials; this is no longer free content [Hak5](https://www.hak5.org/) | podcast-style videos covering various topics, has a forum, "metasploit-minute" video series could be useful +[Hopper's Roppers Intro to Security](https://hoppersroppers.github.io/course.html) | Free self-paced course that teaches foundational knowledge and how to find and use resources to succeed. Meant to prepare for students for whatever comes next. Guest access available. [Learning Exploitation with Offensive Computer Security 2.0](http://howto.hackallthethings.com/2016/07/learning-exploitation-with-offensive.html) | blog-style instruction, includes: slides, videos, homework, discussion. No login required. [Mind Maps](http://www.amanhardikar.com/mindmaps.html) | Information Security related Mind Maps [MIT OCW 6.858 Computer Systems Security](https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/) | academic content, well organized, full-semester course, includes assigned readings, lectures, videos, required lab files. @@ -50,7 +51,6 @@ Name | Description [OWASP top 10 web security risks](https://www.online.hack2secure.com/courses/owasp-top10-web-security-risk) | free courseware, requires account [SecurityTube](http://www.securitytube.net/) | tube-styled content, "megaprimer" videos covering various topics, no readable content on site. [Seed Labs](http://www.cis.syr.edu/~wedu/seed/labs.html) | academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings -[Hopper's Roppers Intro to Security](https://hoppersroppers.github.io/course.html) | Free self-paced course that teaches foundational knowledge and how to find and use resources to succeed. Meant to prepare for students for whatever comes next. Guest access available. ### YouTube Channels Name | Description From 8e476223b82f6ef90e0aee6827f0e7979fa4e12d Mon Sep 17 00:00:00 2001 From: VS Date: Mon, 24 Feb 2020 13:54:42 +0200 Subject: [PATCH 9/9] Update README.md Applied changes suggested by Luci-d --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 3e2e2c9..1e388e9 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,7 @@ Name | Description [Mind Maps](http://www.amanhardikar.com/mindmaps.html) | Information Security related Mind Maps [MIT OCW 6.858 Computer Systems Security](https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/) | academic content, well organized, full-semester course, includes assigned readings, lectures, videos, required lab files. [OffensiveComputerSecurity](https://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html) | academic content, full semester course including 27 lecture videos with slides and assign readings -[OWASP top 10 web security risks](https://www.online.hack2secure.com/courses/owasp-top10-web-security-risk) | free courseware, requires account +[OWASP top 10 web security risks](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) | free courseware, requires account [SecurityTube](http://www.securitytube.net/) | tube-styled content, "megaprimer" videos covering various topics, no readable content on site. [Seed Labs](http://www.cis.syr.edu/~wedu/seed/labs.html) | academic content, well organized, featuring lab videos, tasks, needed code files, and recommended readings [CyberSec WTF](https://cybersecurity.wtf) | CyberSec WTF Web Hacking Challenges from Bounty write-ups @@ -227,8 +227,8 @@ Name | Description [Reverse engineering reading list](https://github.com/onethawt/reverseengineering-reading-list/blob/master/README.md) | a github collection of RE tools and books [Reverse Engineering challenges](https://challenges.re/) | collection of challenges from the writer of RE for Beginners [Reverse Engineering for beginners (GitHub project)](https://github.com/dennis714/RE-for-beginners) | github for the above -[Reverse Engineering Malware 101](https://securedorg.github.io/RE101/) | intro course created by Malware Unicorn, complete with material and two VM's -[Reverse Engineering Malware 102](https://securedorg.github.io/RE102/) | the sequel to RE101 +[Reverse Engineering Malware 101](https://malwareunicorn.org/workshops/re101.html) | intro course created by Malware Unicorn, complete with material and two VM's +[Reverse Engineering Malware 102](https://malwareunicorn.org/workshops/re102.html) | the sequel to RE101 [reversing.kr challenges](http://www.reversing.kr/challenge.php) | reverse engineering challenges varying in difficulty [Shell storm](http://shell-storm.org/) | Blog style collection with organized info about Rev. Engineering. [Shellcode Injection](https://dhavalkapil.com/blogs/Shellcode-Injection/) | a blog entry from a grad student at SDS Labs