<h1 align="center"> <br> <img width="200" src="https://cdn.rawgit.com/sindresorhus/awesome/master/media/logo.svg" alt="awesome"> <br> </h1> # Awesome Hacking Resources ![Awesome Hacking](https://img.shields.io/badge/awesome-hacking-red.svg) ![Awesome community](https://img.shields.io/badge/awesome-community-green.svg) A collection of hacking / penetration testing resources to make you better! **Let's make it the biggest resource repository for our community.** **You are welcome to fork and [contribute](https://github.com/vitalysim/Awesome-Hacking-Resources/blob/master/contributing.md#contribution-guidelines).** We started a new [tools](https://github.com/vitalysim/Awesome-Hacking-Resources/blob/master/tools.md) list, come and contribute ## Table of Contents * [Learning the Skills](#learning-the-skills) * [YouTube Channels](#youtube-channels) * [Sharpening Your Skills](#sharpening-your-skills) * [Reverse Engineering, Buffer Overflow and Exploit Development](#reverse-engineering-buffer-overflow-and-exploit-development) * [Privilege Escalation](#privilege-escalation) * [Malware Analysis](#malware-analysis) * [Vulnerable Web Application](#vulnerable-web-application) * [Vulnerable OS]{#vulnerable-os) * [Exploits](#exploits) * [Forums](#forums) * [Archived Security Conference Videos](#archived-security-conference-videos) * [Online Communities](#online-communities) * [Online News Sources](#online-news-sources) Learning the Skills -- * [Learning Exploitation with Offensive Computer Security 2.0](http://howto.hackallthethings.com/2016/07/learning-exploitation-with-offensive.html) * [Cybrary](https://www.cybrary.it/) * [OffensiveComputerSecurity](https://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html) * [CS 642: Intro to Computer Security](http://pages.cs.wisc.edu/~ace/cs642-spring-2016.html) * [Free cyber security training](https://www.samsclass.info/) * [SecurityTube](http://www.securitytube.net/) * [Seed Labs](http://www.cis.syr.edu/~wedu/seed/labs.html) * [Hak5](https://www.hak5.org/) * [OWASP top 10 web security risks](https://www.online.hack2secure.com/courses/owasp-top10-web-security-risk) * [MIT OCW 6.858 Computer Systems Security](https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/) YouTube Channels -- * [OWASP](https://www.youtube.com/user/OWASPGLOBAL) * [Hak5](https://www.youtube.com/user/Hak5Darren) * [BlackHat](https://www.youtube.com/channel/UCJ6q9Ie29ajGqKApbLqfBOg) * [Christiaan008](https://www.youtube.com/channel/UCEPzS1rYsrkqzSLNp76nrcg) * [Samy Kamkar's Applied Hacking](https://www.youtube.com/user/s4myk) * [danooct1](https://www.youtube.com/channel/UCqbkm47qBxDj-P3lI9voIAw) * [DedSec](https://www.youtube.com/channel/UCx34ZZW2KgezfUPPeL6m8Dw) * [DEFCON Conference](https://www.youtube.com/channel/UC6Om9kAkl32dWlDSNlDS9Iw) * [DemmSec](https://www.youtube.com/channel/UCJItQmwUrcW4VdUqWaRUNIg) * [Don Does 30](https://www.youtube.com/channel/UCarxjDjSYsIf50Jm73V1D7g) * [Geeks Fort - KIF](https://www.youtube.com/channel/UC09NdTL2hkThGLSab8chJMw) * [iExplo1t](https://www.youtube.com/channel/UCx0HClQ_cv0sLNOVhoO2nxg/videos) * [Latest Hacking News](https://www.youtube.com/channel/UCDSLIfPnsK1WdEZi_AcvSlQ) * [HACKING TUTORIALS](https://www.youtube.com/channel/UCbsn2kQwNxcIzHwbdDjzehA) * [LiveOverflow](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w) * [Metasploitation](https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZrg) * [NetSecNow](https://www.youtube.com/channel/UC6J_GnSAi7F2hY4RmnMcWJw) * [Open SecurityTraining](https://www.youtube.com/channel/UCthV50MozQIfawL9a_g5rdg) * [BalCCon - Balkan Computer Congress](https://www.youtube.com/channel/UCoHypmu8rxlB5Axh5JxFZsA) * [Penetration Testing in Linux](https://www.youtube.com/channel/UC286ntgASMskhPIJQebJVvA) * [rwbnetsec](https://www.youtube.com/channel/UCAJ8Clc3188ek9T_5XTVzZQ) * [Security Weekly](https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg) * [Seytonic](https://www.youtube.com/channel/UCW6xlqxSY3gGur4PkGPEUeA) * [Shozab Haxor](https://www.youtube.com/channel/UCBwub2kRoercWQJ2mw82h3A) * [SSTec Tutorials](https://www.youtube.com/channel/UCHvUTfxL_9bNQgqzekPWHtg) * [Troy Hunt](https://www.youtube.com/channel/UCD6MWz4A61JaeGrvyoYl-rQ) * [Waleed Jutt](https://www.youtube.com/channel/UCeN7cOELsyMHrzfMsJUgv3Q) * [webpwnized](https://www.youtube.com/channel/UCPeJcqbi8v46Adk59plaaXg) * [JackkTutorials](https://www.youtube.com/channel/UC64x_rKHxY113KMWmprLBPA) * [Zer0Mem0ry](https://www.youtube.com/channel/UCDk155eaoariJF2Dn2j5WKA) * [LionSec](https://www.youtube.com/channel/UCCQLBOt_hbGE-b9I696VRow) * [Adrian Crenshaw](https://www.youtube.com/user/irongeek) * [HackerSploit](https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q) Sharpening Your Skills -- * [OWASP Security Shepherd](https://security-shepherd.ctf365.com/login.jsp) * [CTFLearn](https://ctflearn.com/) * [CTF365](https://ctf365.com/) * [Pentestit](https://lab.pentestit.ru/) * [Hacksplaining](https://www.hacksplaining.com/) * [The cryptopals crypto challenges](http://cryptopals.com/) * [The enigma group](https://www.enigmagroup.org/) * [Ringzer0 Team](https://ringzer0team.com/challenges) * [Hack The Box](https://www.hackthebox.gr/en/login) * [Over the wire](http://overthewire.org/wargames/) * [Backdoor](https://backdoor.sdslabs.co) * [Vulnhub](https://www.vulnhub.com/) * [Hack.me](https://hack.me/) * [Hack this site!](https://www.hackthissite.org/) * [Exploit exercises](https://exploit-exercises.com/) * [PentesterLab](https://pentesterlab.com/) * [SmashTheStack](http://smashthestack.org/wargames.html) * [Root-Me](https://www.root-me.org/) * [PicoCTF](https://2017game.picoctf.com/) * [Shellter Labs](https://shellterlabs.com/en/) * [Pentest Practice](https://www.pentestpractice.com/) * [Pentest.training](https://pentest.training) * [pwnable.kr](http://pwnable.kr/) * [hackburger.ee](http://hackburger.ee/) * [http://noe.systems/](http://noe.systems/) * [Hacker Gateway](https://www.hackergateway.com/) * [Solve Me](http://solveme.safflower.kr/) * [Challenge Land](http://challengeland.co/) * [Participating Challenge Sites](http://www.wechall.net/active_sites/all/by/site_avg/DESC/page-1) * [Hacker test](http://www.hackertest.net/) Reverse Engineering, Buffer Overflow and Exploit Development -- * [Shell storm](http://shell-storm.org/) * [Buffer Overflow Exploitation Megaprimer for Linux](http://www.securitytube.net/groups?operation=view&groupId=4) * [Reverse Engineering Malware 101](https://securedorg.github.io/RE101/) * [Reverse Engineering Malware 102](https://securedorg.github.io/RE102/) * [Modern Binary Exploitation - CSCI 4968](https://github.com/RPISEC/MBE) * [Introductory Intel x86](http://www.opensecuritytraining.info/IntroX86.html) * [Binary hacking](http://liveoverflow.com/binary_hacking/index.html) * [Shellcode Injection](https://dhavalkapil.com/blogs/Shellcode-Injection/) * [Reverse Engineering for Beginners](https://beginners.re/RE4B-EN.pdf) * [Exploit tutorials](http://www.primalsecurity.net/tutorials/exploit-tutorials/) * [Exploit development](https://0x00sec.org/c/exploit-development) * [Corelan tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) * [Reverse engineering reading list](https://github.com/onethawt/reverseengineering-reading-list/blob/master/README.md) * [Reverse Engineering challenges](https://challenges.re/) * [Reverse Engineering for beginners (GitHub project)](https://github.com/dennis714/RE-for-beginners) * [reversing.kr challenges](http://www.reversing.kr/challenge.php) * [Analysis and exploitation (unprivileged)](https://www.it-sec-catalog.info/analysis_and_exploitation_unprivileged.html) Privilege Escalation -- * [Reach the root](https://hackmag.com/security/reach-the-root/) * [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) * [Windows Privilege Escalation](http://www.bhafsec.com/wiki/index.php/Windows_Privilege_Escalation) * [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) * [Windows Privilege Escalation Fundamentals](http://www.fuzzysecurity.com/tutorials/16.html) * [RootHelper](https://github.com/NullArray/RootHelper) * [Windows exploits, mostly precompiled.](https://github.com/abatchy17/WindowsExploits) * [Unix privesc checker](http://pentestmonkey.net/tools/audit/unix-privesc-check) * [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) * [Windows privilege escalation checker](https://github.com/netbiosX/Checklists/blob/master/Windows-Privilege-Escalation.md) * [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) * [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) * [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) * [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) * [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) Malware Analysis -- * [Malware traffic analysis](http://www.malware-traffic-analysis.net/) * [Malware Analysis - CSCI 4976](https://github.com/RPISEC/Malware/blob/master/README.md) Vulnerable Web Application -- * [OWASP Hackademic Challenges project](https://github.com/Hackademic/hackademic/) * [bWAPP](http://www.itsecgames.com/) * [Damn Vulnerable Web Application (DVWA)](http://www.dvwa.co.uk/) * [Xtreme Vulnerable Web Application (XVWA)](https://github.com/s4n7h0/xvwa) * [WebGoat: A deliberately insecure Web Application](https://github.com/WebGoat/WebGoat) * [OWASP Mutillidae II](https://sourceforge.net/projects/mutillidae/files/) * [OWASP Juice Shop](https://github.com/bkimminich/juice-shop) * [OWASP Broken Web Applications Project](https://github.com/chuckfw/owaspbwa/) * [Damn Small Vulnerable Web](https://github.com/stamparm/DSVW) * [OWASP Juice Shop](https://github.com/bkimminich/juice-shop) Vulnerable OS -- * [Metasploitable2 (Linux)](https://sourceforge.net/projects/metasploitable/files/Metasploitable2/) * [Metasploitable3](https://github.com/rapid7/metasploitable3) \[[Installation](https://github.com/rapid7/metasploitable3/blob/master/README.md)\] Exploits -- * [Exploit Database](https://www.exploit-db.com/) * [CXsecurity](https://cxsecurity.com/exploit/) * [0day.today](http://0day.today/) * [Snyk Vulnerability DB](https://snyk.io/vuln/) Forums -- * [Greysec](https://greysec.net) * [Hackforums](https://hackforums.net/) * [0x00sec](https://0x00sec.org/) * [Antichat](https://forum.antichat.ru/) Archived Security Conference Videos -- * [InfoCon.org](https://infocon.org/cons/) * [Irongeek](http://www.irongeek.com/) Online Communities -- * [Hack+](http://t.me/hacking_group_channel) Online News Sources -- * [InfoSec](http://www.infosecurity-magazine.com/) * [Threatpost](https://threatpost.com/) * [Security Intell](https://securityintelligence.com/news/git-vulnerabilities-found-in-version-control-systems/) * [Hacker New](https://thehackernews.com/)