Cylabs
  • 😊Welcome to CyLabs
  • 101 Series
    • Cyber Security 101
      • Introduction to Cyber Security and core concepts
      • Getting Started into Cyber Security Career
      • Online Cybersecurity Practice Labs to Sharpen Your Skills
      • Cyber Security Interview Q&A
        • Careers in Cybersecurity
      • Stay Tuned : Cyber Resources
        • Blogs for Cyber Security
          • Blogs
            • Penetration Testing Automation
            • Security
              • Metasploit Framework
              • Jenkins Servers: Identifying Vulnerabilities and Exploiting Unauthenticated Access with Groovy Scrip
              • Securing Your Network: Printer Vulnerabilities, LDAP Exploits, and Defense Strategies
              • SSH for Red Teaming and Security Analysis
              • Operating Systems for Penetration Testing: Enhancing Your Cybersecurity Arsenal
              • Hacking Notes
                • Phineas Fisher
        • Cyber News
        • Leading Cybersecurity Companies to follow
        • Cybersecurity Courses and Certifications: Trends in 2024
        • ISACs: Enhancing Cybersecurity through Collaboration and Information Sharing
        • Global and National Cybersecurity Agencies: Guardians of the Digital Realm
        • Cyber Security News Feed Resources
    • Kubernetes 101
    • Web 101
    • Operating Systems
      • Linux 101
        • Linux Kernel
        • Basic Commands and Usage
          • Shell Commands
        • Linux File System
        • apt
        • su and sudo
        • File Search
        • Linux Services
        • Networking
          • Netcat
        • Corn Jobs
        • Shell Scripting
        • Linux OS API's
      • Windows 101
        • Windows system calls
        • Windows Event Logs and IDs
        • Windows UAC
        • Windows Registry
        • Windows Bit Locker
        • Volume Shadow Copy Service
        • Windows OS API's
    • Building the Security Lab
      • Virtualization with Virtual Box
        • Installing and setting Virtual Box
        • Vritual Box Networking
      • Home Lab Setup
        • PF Sense Installation
        • Ubuntu Installation
        • Metasploit Installation
        • Kali Linux Installation
    • Fundamentals of Programming
      • Python 101
      • Powershell 101
      • SQL 101
    • AI/ML and Data Science for Cyber Security and Analytics
    • IT Infrastructure and Hardware
    • Governance, Risk and Compliance
    • Networking 101
      • Network Packets and Frames
      • Network Switches and Routers: The Backbone of Connectivity
      • Network Security Devices and Strategies
      • Network Design and Architecture: A Foundation for Robust Connectivity
      • Specialized Network Equipment and Functions
      • Network Traffic Management and Analysis
      • Advanced Networking Concepts
      • ARP and RARP
      • How DNS, HTTP and HTTPS works
      • Understanding the Basics of Networking
  • Introduction to Cyber Security Operations
    • Security Architecture and Engineering
      • Security Controls
        • Preventive
        • Deterrent
        • Detective
        • Corrective
        • Compensating
        • Directive
    • GRC
      • Information Security and Risk Management
        • Risk Management
        • Supply Chain Risk Management
        • Governance
        • Asset Management
        • Cyber Security Road Map
        • Cyber Security Controls
        • Cyber Security Strategy and Architecture
        • Cyber Security Architecture
        • Risk Assessment and Security Questionnaire
        • Ransomware Prevention
        • Gap Assessment
        • Principle of Least Privilege
      • Governance
      • Asset Security
      • Communication and Network Security
      • Identity and Access Management
      • Security Assessment and Testing
      • Security Operations
      • Software Development Security
      • Security Baselines
      • Security Reporting
      • Data Loss Prevention
      • Zero Trust
      • MFA
      • Compliance
    • Security Policies and Procedures
    • Offensive Security
      • Stages of Penetration Testing
    • Cyber Defense
      • Security Operations Center (SOC)
        • SOC Architecture Development with ELK Stack:
      • Different Classes of Threat Actor
    • Security Principles, Controls and Strategies
      • Defense in Depth
      • Least Privilege
      • Zero Trust
  • Cyber Security Assessment
    • Planning and Scoping
      • Security Engagement
      • Security Assessment Questionaire
      • Who Targeting you
    • Reconnaissance
      • Active Recon
        • Tools
          • NMAP
          • Maascan
          • Recon-NG
          • Maltego
          • Spider Foot
          • Whois
          • TraceRoute
          • Amass
          • The Harvester
          • Nslookup
          • DNS Dumpster
          • BloodHound
          • Relay Attacks
          • Packet Crafting
          • NMAP+Proxychains+TOR
      • Passive Reconnaissance
        • Network Sniffing
          • Wireshark
          • TCPDump
        • Whois (online services)
        • EMail Account Enumeration
          • Hunter.io
        • Search Engine Analysis
          • Google Hacking Database
          • Shodan
          • Censys.io
        • Information Disclousre
        • Banner Grabbing
        • HTML Scrapping
        • Certificate Transparency Logs
        • Open Source Intelligence (OSINT)
          • Ship OSINT
          • Social Media
          • Code Repositories
          • Darkweb Analysis
          • DNS
          • Cached Pages
          • Password Dumps
          • Anonymity
    • Enumeration
      • OS Finger Printing
      • Service Discovery
      • Protocol Enumeration
      • DNS Enumeration
      • FTP Service
      • HTTP/HTTPS
      • WMI
      • DCOM
      • RPC Remote Procedure Call
      • Directory Enumeration
      • Host Discovery
      • Share Enumeration
        • SMB
      • Local User Enumeration
      • Email Account Enumeration
      • SSH Service
      • Wireless Enumeration
        • Wigle.net
        • InSSIDer
        • Aircrack-ng
      • Permission Enumeration
      • Secrets Enumeration
        • Passwords
        • Session Tokens
        • Cloud Access Keys
      • Attack Path Mapping
      • VNC
      • Web Application Firewall
      • Wordpress Scan
      • Remote Desktop Protocol
      • SNMP
      • SMTP
      • Web Crawling
        • Platform Plugins
        • Sitemap
        • Robots.txt
      • Active Directory Enumeration
    • Vulnerability Assessment and Management
      • Terminology
      • Vulnerability Database
      • Vulnerability Scoring
        • CWE
        • CVSS
        • CVE
        • EPSS
      • Vulnerability Scan
        • Authenticated vs Unauthenticated Scans
        • OS Security Assessment
        • Tenable
        • Nikto
        • Open VAS
      • Exploit Databases
      • Tools
        • Tenable.IO
        • Open VAS
    • Exploitation
      • Attack Surface and Target Prioritization
        • High Valued Assets and Identification
        • Vulnerability Metrics
        • End of Life Softwares
        • Default Configuration
        • Running Services
        • Vulnerable Encryption Methods
        • Defensive Capabilities
        • Attack Path
      • Attack Types
        • Network Attacks
          • Virtual LAN Hopping
          • Packet Crafting
            • Attacks Scenario
          • Default Credentials
          • On-Path / Man in the Middle Attacks
          • Certificate Services Attacks
      • Host Based Attacks
        • Privilege Escalation
        • Credential Dumping
        • Shell Escape
        • UAC Bypass
        • Payload Obfuscation
        • Endpoint Security Bypass
        • Process Hallowing
        • Log Tampering
        • DLL Injection
        • Service Path Injection
      • Authentication Attacks
        • LDAP Injection
        • SAML Attacks
        • Open ID Connect Attacks
        • Dictionary Attacks
        • Credential Stuffing
        • MFA Fatigue
        • Pass the Hash attacks
        • Kerberos Attacks
        • Pass the Ticket Attacks
      • Vulnerable Encryption Methods
      • Tools
        • Metsploit
        • Netcat
        • LOLbins
        • Mimikatz
        • Rubeus
        • Certify
        • AD Search
        • Powerview
        • SeaBelt
        • Evil winRM
        • PSEXEC
        • Powersploit
        • Metasploit
        • Impacket
        • Responder
        • CrackMapExec
        • Msfvenom
        • Responder
        • Searhsploit
        • Powersploit
      • Password Attacks
        • Password Cracking
        • Password Spraying
        • Tools
          • Medusa
          • Burpsuite
          • John the Ripper
          • Hydra
          • Hashcat
        • Password Attacks
    • Lateral Movement
      • Relay Creation
      • String Searches
      • Service Discovery
      • Tunneling
        • SSH Tunneling
      • Pivoting
      • Exfiltration
        • DNS
        • HTTPS
        • EMail
        • Cloud Storage
      • Tools
        • sshuttle
        • Page 1
    • Post Exploitation
      • Persistance
        • Scheduled Taks
        • Bind Shell
        • Registry Keys
        • C2 Frameworks
        • Tampering Security Controls
        • Back Door
          • Trojan
          • Root Kit
          • Web Shell
        • Searching Valid Account Credetials
        • New Account Creation
        • Reverse Shell
        • Service Creation
        • Cron Jobs
      • Command and Control
    • Reporting
  • Cybersecurity Frameworks and Standards
    • CREST
    • CIS
    • NIST Publications
      • NIST SP 800-171
      • NIST CSF
      • NIST SP 800-115
    • MITRE
      • MITRE D3FEND
      • MITRE ATT&CK
    • Penetration Testing Execution Standard (PTES)
    • OWASP Top 10
    • Purdue Model
    • Open Source Security Testing Methodology Manual (OSSTMM)
    • Council of Registered Ethical Security Testers (CREST)
    • Zero Trust
    • CMMC
    • Threat Modeling Frameworks
      • STRIDE
      • OCTAVE
      • DREAD
    • Mitigation Strategies
      • Network Segmentaion
      • Access Control
      • Application Control
      • Isolation Techniques
      • Default Password Changes
      • Host based firewall
      • Protocol blocking
      • Port blocking
      • Host based intrusion prevention
      • Endpoint Management
      • Decommissioning
      • Configuration Management
      • Least Privilege
      • Logging
      • Monitoring
      • Encryption
      • Patching
    • Security Governance
      • Data and System: Roles and Responsiblities
      • Security Policies
        • Access Use Policy
      • Security Standards
        • Access Control
        • Encryption
        • Password
      • Security Procedures
        • Change Management
  • Security Domains
    • Security Designing
    • Application Security
      • Cryptographic Attacks
      • Password Attacks
      • Web Application Security
        • Enumeration
          • Cookie and Header Security Review
        • Bruteforce Attack
        • Directory Traversal
        • Insecure Direct Object Reference (IDOR)
        • Session Hijacking
        • File Inclusion Attacks
          • LFI
          • Webshell
          • RFI
        • Server-Side Request Forgery (SSRF)
        • Deserialization Attacks
        • Command Injection
        • Server Side Template Injection
        • Cross Site Scripting (XSS)
        • SQL Injection
          • Union Based SQL Injection
          • Blind SQL Injection
        • Cross-Site Request Forgery (CSRF)
        • XML External Entity (XXE)
        • File Upload Vulnerabilites
        • Remote Code Execution (RCE)
        • Tools
          • Hetty
      • OWASP TOP 10 API
        • API Abuse
        • JWT Token manipulation
        • Graph QL security
        • API security
      • OWASP Top 10 Mobile
      • OWASP Top 10 IOT
      • Web Application Security
        • Getting Started in BugBounty Hutning
        • Subdomain Enumeration
        • Subdomain Takeover: Understanding the Risks and Prevention
        • Tools and Technologies
      • Microservices
      • WPscan
        • Burpsuite
        • Ffuf
        • Gobuster
        • Postman
        • Dirbuster
        • Wfuzz
        • ZAP
      • Tools
        • BurpSuite
        • SQLmap
    • Cloud Security
      • Metadata Service Attacks
      • IAM misconfigurations
      • Tools
        • Pacu
        • Prowler
        • Scoutsuite
        • Docker Bench
      • Container Escape
      • Workload Runtime Attacks
      • Supply Chain Attacks
      • Misconfigurations
        • Network Segmentation
        • Network Controls
        • IAM Credentials
        • Public Access to Services
        • Exposed Storage Buckets
        • Logging Information Exposure
      • Azure Security : Components and Assessment Guide
        • Azure Security Assessment Tools : Installation and usuage
    • Identity and Access Management
    • Cloud Security
      • Cloud Engineering and Architecture concepts
      • Cloud Data Security
      • Cloud Platform and Infrastructure Security
      • Cloud Application Security
      • Cloud Security Operations
      • Cloud Legal, Risk and Compliance
      • Azure Security
      • Azure Pentest
    • DevSecOps
      • Static Application Security Testing (SAST)
        • Code Quality
        • CheckMarx
        • Sonarqube
          • Sonarqube Installation using Helm Chart on AKS
      • Interactive Application Security Testing (IAST)
      • Dynamic Application Security Testing (DAST)
      • SCA
      • Wazuh SIEM and XDR
        • Wazuh on Azure AKS
        • Azure + Argo
      • DevSecOps
    • Social Engineering
      • Vishing
      • Spearphishing
      • Smishing
      • Eavesdropping
      • Impersonation
      • Watering Hole
      • Shoulder Surfing
      • Whaling
      • Phishing
      • Tools
        • GoPhish
        • Beef
        • Evilginx
        • SET social engineering toolkit
    • DevOps
      • Kubernetes
        • Kubernetes Architecture and Components
        • Mastering kubectl: The Command Line Interface for Kubernetes
        • Overview of Kubernetes Tools and Utilities
        • Container vs Pod vs Deployment
        • Kubernetes and Docker Swarm
        • Deploying a Kubernetes Cluster Using Minikube
        • Deploying a Kubernetes Cluster Using Kind
        • Integrating Kubernetes with Azure Key Vault
        • Containers vs Virtual Machines
        • Comprehensive Guide to Kubernetes Security and Analysis Tools
        • Monitoring Kubernetes with Prometheus and Grafana
        • Introduction to Azure Kubernetes Service (AKS) and Deploying Your First Cluster
        • Kubernetes Persistence with Backend Databases
        • Kubernetes StatefulSet vs. Deployment
        • DevSecOps Architecture for Kubernetes
      • Docker
      • Helm
        • Scenario : Configuring Azure Key Vault and Using Secrets in Helm Deployments
      • Git Ops
        • Argo CD
      • Git and Versioning
      • Terraform
      • Virtualization
    • Mobile Security
      • Android Mobile App Security Assessment
      • Suspicious Malware App Analysis
      • Android App Penetration Testing
      • Permission Abuse
      • Jailbreak/Rooting
      • Tools
        • MobSF
        • Drozer
        • Frida
    • IOT/OT/SCADA
      • Power Supply
        • Juice Jacking
      • RFID
      • Bluetooth
        • BlueJacking
        • Bluetooth Spamming
      • Ports and Services
      • Port Mirroring
      • Modbus Attack
      • CAN Bus Attack
      • Replay Attack
      • Memory Registry Attacks
      • Tools
        • BlueCrack
        • Scapy
        • TCP Replay
    • Network Security
      • Network Attacks
        • DNS Attacks
        • DDOS
      • Network Assessment
      • Wireshark
      • Zeek
      • Snort
      • TCPDump
      • Defensive Network
        • Firewalls
        • Intrusion Detection System
    • Wireless Attacks
      • Service Set Identifier (SSID)
      • Wardriving
      • Evil Twin Attack
      • Deauthentication Attacks
      • Signal Jamming
      • Channel Scanning
      • Signal Strength Scanning
      • Tools
        • WiFi Pumpkin
        • AirCrack Ng
        • Kismet
    • Purple Teaming
      • Tools
        • Infection Monkey
        • Atomic RedTeam
        • Caldera
    • Kubernetes Security
      • AKS Security
      • Kube-Hunter
      • KubeEscape
    • Hardware Security
    • Container Security
      • Grype
      • Trivy
      • Clair
    • AI
      • LLM (Large Language Models)
      • Prompt Engineering
      • AI Cyber Security Risk Management
        • AI Policies
      • AI Security
      • AI Attacks
        • Prompt Injection
        • Model Manipulation
      • Security Frameworks
        • MITRE ATLAS
        • OWASP Top 10 LLMs
        • NIST AI Risk Management Framework
    • Reverse Engineering
      • Scenarios
        • Browser Plugin
        • PDF document
        • Word Doc
        • Windows Binary File
        • Mobile App
      • Buffer Overflow
  • Operational Security
    • Identity and Access Management
      • Identity
      • Authentication
      • Accountability
      • Access Management
      • Authorization
      • Access Controls
    • Deception Technology
      • Honeypot
      • Honeynet
      • Honeyfile
      • Honey Token
    • Cryptography
      • Data at Rest
      • Data at Transit
      • Hashing
      • BlockChain
      • Digital Signatures
      • Certificates
      • Encryption
        • Public Key Infrastructure (PKI)
          • Public Key
          • Private Key
        • Tools
      • Certification Preparation
        • Penetration Testing
        • GRC and Audit
    • File Integrity Monitoring
    • Data Security
      • DLP
    • Change Management
      • Impact Analysis
    • Malware Analysis
      • Malware Analysis Tool
      • Malware Analysis Books
      • university courses and resources related to malware analysis
      • Binary Analysis
    • Data Loss Prevention
    • Threat Modeling
      • Attack Surface Management
        • Introduction
      • Threats, Technologies, Procedures
        • Threat Actors
      • Threat Hunting
        • Indicators of Compromise
      • Threat Assessment
        • Threat Modeling
          • OCTAVE
          • DREAD
          • STRIDE
        • Threat Hunting
          • Threat Hunting Blogs
          • Ransomware: An Overview
          • Threat Hunting and Incident Response Q&A
          • Network Traffic Analysis: Wireshark
          • Threat Hunting Questionnaire
          • KQL
          • Email Header Analysis
          • TH
          • Windows Process Exploration
        • Threat Intelligence
          • Threat Intelligence Tools and Techniques
            • Yara
      • Malware Attacks
    • Digital Forensics
      • Network Forensics
      • Forensic Tool Analysis
      • Data Recovery
    • Endpoint Management
    • SOC/SOAR
      • Threat hunting scenarios
      • Log Management
        • AWS VPC flow log analysis
        • Linux Logs
        • Windows Logs
    • Ransomware Prevention
      • APT Groups
    • Security Automation
      • C
      • Powershell
      • Python
      • C++
      • GO
      • Rust
    • Incident Response
      • Scenarios
        • Windows : No Event Logs
      • Tools
        • Chainsaw
    • Defensive Security Controls
    • Physical Security
      • Physical Attacks
        • USB (Universal Serial Bus)
        • Tailgating
        • Lock Picking
        • RFID Cloning
          • Badge Cloning
    • Personal Security
    • Security Awareness and Training
    • Firewall
    • Network Access Control
    • Intrusion Detection System
    • Intrusion Prevention System
    • Operating System Security
    • Secure Protocol Usuage
    • Business Continuity
    • Email Security
    • DNS Filtering
    • user behaviour analytics
    • Host Security
    • Mobile Device Security
    • Change Management
    • Vulnerability Management
      • Vulnerability Assessment
        • Vulnerability Analysis
      • Types of Vulnerabilites
    • Penetration Testing/Red Teaming
    • Disaster Recovery
    • Logging and Monitoring
      • Monitoring
        • Systems
        • Infrastructure
        • Applications
      • Logging
        • Log Data
          • Application Logs
          • Network Logs
          • WAF Logs
          • IDS/IPS logs
          • OS logs
          • Endpoint Logs
          • Firewall Logs
        • Alerting
        • Log Aggregation
      • Tools
    • Endpoint
    • Security Metrics
  • Industry Specific Security:Case Studies
    • Aviation Security
      • The Integral Role of Airports in National Security : Operations Perspective
      • Cyber Attacks on Airports
      • Navigating the Complex Web of Airport Operations: Key Components and Leading Industry Providers
    • Aviation Security
  • Computational Science
    • Quantum Computing
      • Quantum Computing: Unleashing the Power of Qubits
    • Probability
  • Data Engineering
  • AI/ML and Data Science
    • Installation
      • Ollama
    • Machine Learning
    • Large Language Models (LLM)
    • Security Analytics
    • Untitled
      • Roles and Responsibilites
      • Azure AI Services
        • AI Services Security
        • Monitoring Azure AI Services
        • AI services on containers
  • Application Development
    • Django
  • Radom Topics :)
    • CSA WAI
  • CISSP
Powered by GitBook
On this page

Was this helpful?

  1. Operational Security
  2. Cryptography
  3. Certification Preparation

Penetration Testing

These resources are useful for Pentest/Red Team related certification preparation [collection from 2016]

PreviousCertification PreparationNextGRC and Audit

Last updated 1 year ago

Was this helpful?

OSCP preparation Writeup

Linux privilege escalation:

Windows privilege escalation:

Meterpreter payloads:

Reverse shells:

Web Security Resources:

Metasploit :

Buffer overflow :

Exploit writing:

Assembly language

Enumeration:

Shell Exploitation

Binary

Privilege escalation:

Windows Privilege Escalation

Linux Privilege Escalation

Privilege escalation recon scripts:

Online games:

nebula

Root-me.org

Linux

exploits:

Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:

Netcat:

TCP/IP

Code academy:

Automate the Boring Stuff with Python: Practical Programming for Total Beginners 1st Edition

Payloads:

github

oscp useful tools:

nmap nse:

MsfVenom

Shell Escape Techniques

Pivoting

Interesting reading:

Exploit and vulnerability databases:

Restricted shell escape:

ROP: ASLR and DEP/NX:

Boot to root websites:

Pentesting blogs:

Reconnaissance websites:

Shell codes:

Tools to hide Shells:

EggHunters:

Exploit Development:

Password leaks/lists:

OSCP reviews:

Hash cracking:

Information Gathering:

Pivoting:

Local File Inclusion / Remote File Inclusion:

SQLi:

BruteForce w/ Burp Suite:

Reverse Shell Cheat Sheet/various shells:

Password Cracking:

Intro to Pentest Books:

Penetration Testing Standards:

Refer fyodor’s defcon video on “nmap: scanning theinternet”

Ncat:

Git Book -

Ctf guide bt vijays :

https://www.jimwilbur.com/oscp-links/
https://www.willchatham.com/general/oscp-and-pwk-tips-resources-tools/
https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3
https://hausec.com/pentesting-cheatsheet/
https://www.fabbricabinaria.it/home/blog/11-news/64-offensive-security-oscp-certification
https://www.securitysift.com/offsec-pwb-oscp/
https://github.com/frizb/OSCP-Survival-Guide/blob/master/OSCP_Helpful_Links.md
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://netsec.ws/?p=337
https://www.rcesecurity.com/2014/07/slae-shell-reverse-tcp-shellcode-linux-x86/
http://www.fuzzysecurity.com/tutorials.html
https://www.corelan.be/index.php/articles/
http://www.securitytube.net/
http://www.offensive-security.com/blog/
http://blog.g0tmi1k.com/
http://captf.com/practice-chttps://www.jimwilbur.com/2017/07/oscp-review/tf/
http://resources.infosecinstitute.com/tools-of-trade-and-resources-to-prepare-in-a-hacker-ctf-competition-or-challenge/#gref
http://kooksec.blogspot.com/
http://chandel1.rssing.com/chan-10364660/all_p30.html
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
http://www.fuzzysecurity.com/tutorials/16.html
http://netsec.ws/?p=331
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
http://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for
https://www.pentesterlab.com/exercises/web_for_pentester
https://www.pentesterlab.com/exercises/linux_host_review
https://forum.bugcrowd.com/t/researcher-resources-getting-started/115
https://blog.bugcrowd.com/getting-started-bug-bounty-hunter-methodology
https://blog.bugcrowd.com/tips-from-top-hackers-bug-hunting-methodology-and-the-importance-of-writing-quality-submissions
http://www.securitytube.net/groups?operation=view&groupId=10
https://www.offensive-security.com/metasploit-unleashed/
https://www.youtube.com/watch?v=1S0aBV-Waeo
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
http://insecure.org/stf/smashstack.html
https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/
http://netsec.ws/?p=180http://www.securitytube.net/groups?operation=view&groupId=4
http://www.securitytube.net/groups?operation=view&groupId=7
http://www.securitytube.net/groups?operation=view&groupId=5
http://www.0daysecurity.com/penetration-testing/enumeration.html
https://nmap.org/nsedoc/
https://www.youtube.com/watch?v=Hk-21p2m8YY
http://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
https://netsec.ws/?p=331
http://www.fuzzysecurity.com/tutorials/expDev/1.html
https://github.com/rebootuser/LinEnum
http://www.securitysift.com/download/linuxprivchecker.py
http://pentestmonkey.net/category/cheat-sheet/shell
http://www.fuzzysecurity.com/tutorials/16.html
https://github.com/GDSSecurity/Windows-Exploit-Suggester
https://www.youtube.com/watch?v=PC_iMqiuIRQ
https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/
http://pwnwiki.io/#!privesc/windows/index.md
https://github.com/PenturaLabs/Linux_Exploit_Suggester
http://www.greyhathacker.net/?p=738
https://www.youtube.com/watch?v=kMG8IsCohHA
https://github.com/GDSSecurity/Windows-Exploit-Suggester
https://www.youtube.com/watch?v=dk2wsyFiosg
https://www.rebootuser.com/?p=1623
http://pentestmonkey.net/tools/audit/unix-privesc-check
http://www.abatchy.com/2017/02/oscp-like-vulnhub-vms.html
https://netsecfocus.slack.com
http://resources.infosecinstitute.com/hacking-lab/
http://blog.pushebx.com/2011/03/penetration-testing-iso.html
http://captf.com/practice-ctf/
http://overthewire.org/wargames/
http://overthewire.org/wargames/natas/
https://ctf365.com/
https://www.hackthebox.gr/
https://www.pentesterlab.com/exercises
http://linuxcommand.org
https://linuxjourney.com/
http://www.tldp.org/LDP/Bash-Beginners-Guide/html/
https://www.explainshell.com/
https://linux.die.net/man/
http://www.kitploit.com/2017/05/reconnoitre-security-tool-for.html
http://osintframework.com/
http://www.binarytides.com/netcat-tutorial-for-beginners/
https://null-byte.wonderhowto.com/how-to/hack-like-pro-use-netcat-swiss-army-knife-hacking-tools-0148657/
https://github.com/gabemarshall/Brosec
https://github.com/1N3/Sn1per
https://support.microsoft.com/en-us/help/172983/explanation-of-the-three-way-handshake-via-tcp-ip
http://techgenix.com/understanding-udp-protocol/
https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys
https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel
https://www.redbooks.ibm.com/redbooks/pdfs/gg243376.pdf
https://www.codecademy.com/
https://learnpythonthehardway.org/
https://www.codecademy.com/learn/learn-the-command-line
https://www.ibm.com/developerworks/library/l-lpic1-103-1/
http://www.greenteapress.com/thinkpython/thinkpython.html
http://www.primalsecurity.net/tutorials/python-tutorials/
https://rmccurdy.com/scripts/downloaded/www.offensive-security.com/
https://github.com/enaqx/awesome-pentest
https://github.com/frizb/OSCP-Survival-Guide/blob/master/README.md
https://github.com/burntmybagel/OSCP-Prep
https://jivoi.github.io/2015/06/19/oscp-prepare/
https://github.com/xapax/oscp/
https://github.com/opendns/Security_Ninjas_AppSec_Training
https://github.com/chrisallenlane/cheat
https://github.com/tldr-pages/tldr
https://github.com/ferreirasc/oscp
https://guif.re/webtestingoscp
http://www.computersecurity.org/computer-cyber-security-certifications-education-college-courses/cheat-sheet-how-to-pass-the-oscp-offensive-security-certified-professional-exam-step-by-step-guide-network-pivoting-part-7/
http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html
https://www.gitbook.com/book/belouve/belouve-infosec/details
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
http://mateustymbu.xpg.uol.com.br/Bibliography/Pentest_Checklist.pdf
https://www.mrb3n.com/?page_id=329
http://blackpentesters.blogspot.com/2013/12/pentesting-with-backtrack-pwb-offensive.html
http://www.vishalitacademy.com/oscp
https://blog.propriacausa.de/wp-content/uploads/2016/07/oscp_notes.html
http://infosectalk.com/my-oscp-notes/
https://sushant747.gitbooks.io/total-oscp-guide/content/
http://bytec0de.com/blog/oscp-prepration-time-tutorial-basics-commands-and-understandings/
http://ramunix.blogspot.com/2016/10/oscp-cheat-sheet.html
https://github.com/re-pronin/pwk-cheatsheet
https://hackertarget.com/7-nmap-nse-scripts-recon/
https://www.timborninkhof.com/oscp-exam-review/
http://www.hackingarticles.in/hack-lord-root-vm-ctf-challenge/
https://www.willchatham.com/security/kioptrix-level-1-3-vm-4-walkthrough/
http://www.security-geek.in/
https://www.vulnhub.com/
http://techorganic1.rssing.com/chan-5366139/all_p2.html
https://ethicalhackers.club/
http://www.securityartist.com/the-hackers-library/
http://justpentest.blogspot.com/
http://www.offensive-security.com/metasploit-unleashed/Main_Page
http://www.hackingtutorials.org
https://www.offensive-security.com/information-security-training/penetration-testing-with-kali-linux/
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
https://www.kernel-exploits.com/
https://backdoorshell.gitbooks.io/oscp-useful-links/content/
http://www.primalsecurity.net/0x0-exploit-tutorial-buffer-overflow-vanilla-eip-overwrite-2/
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation
https://vulnhub.com
www.greyhathacker.net/?p=738/
www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
http://0daysecurity.com/penetration-testing/enumeration.html
https://crackstation.net/
http://www.scoop.it/t/d-n3n
http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.html
http://pentestmonkey.net/tools/windows-privesc-check
www.youtube.com/watch?v=kMG8IsCohHA
http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats
www.toshellandback.com/2015/11/24/ms-priv-esc/
https://geekviews.tech/kali-linux-commands-complete-list/
http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
http://pentestmonkey.net/
https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
http://www.toshellandback.com/
https://highon.coffee/
https://pinboard.in/u:unfo/t:oscp
https://github.com/PaulSec/awesome-sec-talks
http://www.rockfishsec.com/
http://batserver.co.uk/Batlab
https://www.offensive-security.com/metasploit-unleashed/portfwd/
http://netsec.ws/?p=278
https://junksecurity.com/taking-the-course-and-exam-preparation/
http://ianthomasfry.blogspot.com/2017/05/oscp-exam-study-guide-i-first-steps.html
https://insekurity.wordpress.com/
https://www.nop.cat/nmapscans/
https://github.com/1N3/PrivEsc
https://github.com/xapax/oscp/blob/master/linux-template.md
https://github.com/xapax/oscp/blob/master/windows-template.md
https://github.com/slyth11907/Cheatsheets
https://github.com/erik1o6/oscp/
https://highon.coffee/blog/lord-of-the-root-walkthrough/
https://www.offensive-security.com/metasploit-unleashed/msfvenom/
https://pen-testing.sans.org/blog/2012/06/06/escaping-restricted-linux-shells
https://airnesstheman.blogspot.ca/2011/05/breaking-out-of-jail-restricted-shell.html
https://speakerdeck.com/knaps/escape-from-shellcatraz-breaking-out-of-restricted-unix-shells
http://www.fuzzysecurity.com/tutorials/13.html
http://exploit.co.il/networking/ssh-tunneling/
https://www.sans.org/reading-room/whitepapers/testing/tunneling-pivoting-web-application-penetration-testing-36117
https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
https://0x90909090.blogspot.ie/2015/07/no-one-expect-command-execution.html
https://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/\#gref
https://github.com/mzet-/linux-exploit-suggester
https://github.com/SecWiki/linux-kernel-exploits
https://highon.coffee/blog/linux-commands-cheat-sheet/
https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt
https://github.com/lucyoa/kernel-exploits
https://www.rebootuser.com/?p=1758
https://www.securitysift.com/download/linuxprivchecker.py
https://www.youtube.com/watch?v=1A7yJxh-fyc
https://www.youtube.com/watch?v=2NMB-pfCHT8
https://www.youtube.com/watch?v=MN3FH6Pyc_g
https://www.slideshare.net/nullthreat/fund-linux-priv-esc-wprotections
https://www.exploit-db.com/exploits/39166/
https://www.exploit-db.com/exploits/15274/
https://blog.cobaltstrike.com/2014/03/20/user-account-control-what-penetration-testers-should-know/
https://github.com/foxglovesec/RottenPotato
https://github.com/GDSSecurity/Windows-Exploit-Suggester/blob/master/windows-exploit-suggester.py
https://github.com/pentestmonkey/windows-privesc-check
https://github.com/PowerShellMafia/PowerSploit
https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/ATT%26CK-Stuff/Windows/Windows_Privilege_Escalation.md
https://github.com/SecWiki/windows-kernel-exploits
https://hackmag.com/security/elevating-privileges-to-administrative-and-further/
https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
https://toshellandback.com/2015/11/24/ms-priv-esc/
https://www.gracefulsecurity.com/privesc-unquoted-service-path/
https://www.commonexploits.com/unquoted-service-paths/
https://www.exploit-db.com/dll-hijacking-vulnerable-applications/
https://www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
https://www.youtube.com/watch?v=vqfC4gU0SnY
https://www.exumbraops.com/penetration-testing-102-windows-privilege-escalation-cheatsheet/X
https://www.fuzzysecurity.com/tutorials/16.html
http://www.labofapenetrationtester.com/2015/09/bypassing-uac-with-powershell.html
https://code.google.com/p/pentest-bo.../BookmarksList
http://resources.infosecinstitute.co...door-python-z/
https://blog.netspi.com/netspis-top-...ords-for-2014/
https://github.com/SpiderLabs/Responder
http://windowssecrets.com/top-story/
http://resources.infosecinstitute.co...using-ollydbg/
https://www.corelan.be/index.php/200...t-development/
http://jbremer.org/mona-101-a-global-samsung-dll/
http://sgros-students.blogspot.sg/20...cs-part-1.html
http://sgros-students.blogspot.sg/20...cs-part-2.html
http://blog.cobaltstrike.com/2014/03...s-should-know/
http://www.pretentiousname.com/misc/...hitelist2.html
http://www.pretentiousname.com/misc/...c_details.html
http://withinwindows.com/2009/02/05/...ated-binaries/
https://www.exploit-db.com/bypassing...vista7-mirror/
http://security.stackexchange.com/qu...-for-windows-7
http://www.primalsecurity.net/0x8-ex...ive-egghunter/
http://hackerforhire.com.au/
http://n01g3l.tumblr.com/
http://veneetbhardwaj.blogspot.sg/
http://nethekk.blogspot.sg/2014/01/slmail-exploit.html
https://github.com/samratashok/nishang
http://j3rge.blogspot.sg/
https://twitter.com/ithurricanept
https://github.com/hfiref0x
https://zdresearch.com/internet-expl...rop-genration/
http://www.justanotherhacker.com/201...web-shell.html
http://woshub.com/how-to-extract-win...-hiberfil-sys/
http://rycon.hu/papers/goldenticket.html
http://www.beneaththewaves.net/Proje...lkthrough.html
http://www.exploit-db.com
https://code.google.com/p/google-sec...ry&cells=tiles
http://packetstormsecurity.com/files/os/7
https://packetstormsecurity.com/
http://farlight.org/index.html?type=local
https://blog.netspi.com/breaking-out...ix-and-kiosks/
http://blog.g0tmi1k.com/2011/08/basi...ge-escalation/
https://blog.netspi.com/windows-priv...or-privileges/
https://blog.netspi.com/windows-priv...in-privileges/
http://harmj0y.net
http://www.tarasco.org/
https://www.trustwave.com/Resources/...X-ASLR-bypass/
http://security.stackexchange.com/qu...es-aslr-dep-nx
http://en.wikipedia.org/wiki/Return-...ed_programming
http://www.mastropaolo.com/2005/06/0...d-bits-part-1/
https://samsclass.info/127/proj/rop.htm
http://nicholas.carlini.com/papers/2...ropattacks.pdf
https://ctf-team.vulnhub.com/picoctf-2014-hardcore-rop/
https://exploit-exercises.com/
http://0daysecurity.com/pentest.html
http://blog.agupieware.com/2014/10/h...ng-victim.html
https://idzer0.com
http://whois.domaintools.com/nextdc.com
https://www.exploit-db.com/shellcode/
http://www.secdev.org/projects/shellforge/
https://www.corelan.be/index.php/201...2-shellcoding/
http://www.leidecker.info/downloads/index.shtml#shells
https://github.com/dotcppfile/Serbot
http://shell-storm.org/shellcode/
http://bernardodamele.blogspot.sg/20...ne-liners.html
https://www.veil-framework.com/
https://github.com/SaltwaterC/sploit-tools
https://github.com/r41p41/snippets
https://github.com/byt3bl33d3r/MITMf
https://www.qualys.com/research/top10/2014/07/
http://www.leakedin.com
http://securityxploded.com/passwordsecrets.php
http://popped.io
http://forum.insidepro.com/viewforum...72f1dc23055572
http://www.hashkiller.co.uk
https://github.com/leebaird/discover
https://bitvijays.github.io/blog/2015/04/09/learning-from-the-field-intelligence-gathering/
http://toshellandback.com/2015/11/24/ms-priv-esc/
https://github.com/azmatt/windowsEnum
https://www.offensive-security.com/metasploit-unleashed/proxytunnels/
https://github.com/rofl0r/proxychains-ng
https://pentesterlab.com/exercises/php_include_and_post_exploitation/course
https://www.exploit-db.com/papers/12992/
http://www.itninja.com/blog/view/mysql-and-apache-profile-log-path-locations
https://www.exploit-db.com/papers/12975/
https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
https://pentestlab.wordpress.com/2012/12/21/brute-force-attack-with-burp/
http://pentestmonkey.net/tools/web-shells/php-reverse-shell
http://pentestmonkey.net/tools/web-shells/perl-reverse-shell
https://github.com/bartblaze/PHP-backdoors
https://github.com/BlackArch/webshells
https://hashkiller.co.uk/ntlm-decrypter.aspx
https://backdoorshell.gitbooks.io/oscp-useful-links/content/
https://bitvijays.github.io/LFC-VulnerableMachines.html
https://www.owasp.org/images/1/19/OTGv4.pdf
https://www.crest-approved.org/wp-content/uploads/CREST-Penetration-Testing-Guide.pdf
https://www.owasp.org/index.php/Web_Application_Penetration_Testing
https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
https://www.owasp.org/index.php/Penetration_testing_methodologies
https://www.trustedsec.com/june-2016/introduction-gpu-password-cracking-owning-linkedin-password-dwww.trustedsec.com