Penetration Testing
These resources are useful for Pentest/Red Team related certification preparation [collection from 2016]
OSCP preparation Writeup https://www.jimwilbur.com/oscp-links/
https://www.willchatham.com/general/oscp-and-pwk-tips-resources-tools/
https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3
https://hausec.com/pentesting-cheatsheet/
https://www.fabbricabinaria.it/home/blog/11-news/64-offensive-security-oscp-certification
https://www.securitysift.com/offsec-pwb-oscp/
https://github.com/frizb/OSCP-Survival-Guide/blob/master/OSCP_Helpful_Links.md
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://www.rcesecurity.com/2014/07/slae-shell-reverse-tcp-shellcode-linux-x86/
http://www.fuzzysecurity.com/tutorials.html
https://www.corelan.be/index.php/articles/
http://www.offensive-security.com/blog/
http://captf.com/practice-chttps://www.jimwilbur.com/2017/07/oscp-review/tf/
http://chandel1.rssing.com/chan-10364660/all_p30.html
Linux privilege escalation:
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Windows privilege escalation:
http://www.fuzzysecurity.com/tutorials/16.html
Meterpreter payloads:
Reverse shells:
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
http://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for
Web Security Resources:
https://www.pentesterlab.com/exercises/web_for_pentester
https://www.pentesterlab.com/exercises/linux_host_review
https://forum.bugcrowd.com/t/researcher-resources-getting-started/115
https://blog.bugcrowd.com/getting-started-bug-bounty-hunter-methodology
Metasploit :
http://www.securitytube.net/groups?operation=view&groupId=10
https://www.offensive-security.com/metasploit-unleashed/
Buffer overflow :
https://www.youtube.com/watch?v=1S0aBV-Waeo
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
http://insecure.org/stf/smashstack.html
https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/
http://netsec.ws/?p=180http://www.securitytube.net/groups?operation=view&groupId=4
Exploit writing:
http://www.securitytube.net/groups?operation=view&groupId=7
Assembly language
http://www.securitytube.net/groups?operation=view&groupId=5
Enumeration:
http://www.0daysecurity.com/penetration-testing/enumeration.html
Refer fyodor’s defcon video on “nmap: scanning theinternet” https://www.youtube.com/watch?v=Hk-21p2m8YY
Shell Exploitation
http://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
Binary
http://www.fuzzysecurity.com/tutorials/expDev/1.html
Privilege escalation:
https://github.com/rebootuser/LinEnum
http://www.securitysift.com/download/linuxprivchecker.py
http://pentestmonkey.net/category/cheat-sheet/shell
http://www.fuzzysecurity.com/tutorials/16.html
https://github.com/GDSSecurity/Windows-Exploit-Suggester
https://www.youtube.com/watch?v=PC_iMqiuIRQ
http://pwnwiki.io/#!privesc/windows/index.md
https://github.com/PenturaLabs/Linux_Exploit_Suggester
http://www.greyhathacker.net/?p=738
Windows Privilege Escalation
https://www.youtube.com/watch?v=kMG8IsCohHA
https://github.com/GDSSecurity/Windows-Exploit-Suggester
Linux Privilege Escalation
https://www.youtube.com/watch?v=dk2wsyFiosg
https://www.rebootuser.com/?p=1623
Privilege escalation recon scripts:
http://pentestmonkey.net/tools/audit/unix-privesc-check
http://www.abatchy.com/2017/02/oscp-like-vulnhub-vms.html
Online games:
http://resources.infosecinstitute.com/hacking-lab/
http://blog.pushebx.com/2011/03/penetration-testing-iso.html
http://captf.com/practice-ctf/
http://overthewire.org/wargames/
http://overthewire.org/wargames/natas/
nebula
Root-me.org
https://www.pentesterlab.com/exercises
Linux
http://www.tldp.org/LDP/Bash-Beginners-Guide/html/
exploits:
http://www.kitploit.com/2017/05/reconnoitre-security-tool-for.html
Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:Tools:
Netcat:
Ncat: http://www.binarytides.com/netcat-tutorial-for-beginners/
https://github.com/gabemarshall/Brosec
TCP/IP
https://support.microsoft.com/en-us/help/172983/explanation-of-the-three-way-handshake-via-tcp-ip
http://techgenix.com/understanding-udp-protocol/
https://www.redbooks.ibm.com/redbooks/pdfs/gg243376.pdf
Code academy:
https://learnpythonthehardway.org/
https://www.codecademy.com/learn/learn-the-command-line
https://www.ibm.com/developerworks/library/l-lpic1-103-1/
http://www.greenteapress.com/thinkpython/thinkpython.html
Automate the Boring Stuff with Python: Practical Programming for Total Beginners 1st Edition
http://www.primalsecurity.net/tutorials/python-tutorials/
Payloads:
https://rmccurdy.com/scripts/downloaded/www.offensive-security.com/
github
https://github.com/enaqx/awesome-pentest
oscp useful tools:
https://github.com/frizb/OSCP-Survival-Guide/blob/master/README.md
https://github.com/burntmybagel/OSCP-Prep
https://jivoi.github.io/2015/06/19/oscp-prepare/
https://github.com/xapax/oscp/
https://github.com/opendns/Security_Ninjas_AppSec_Training
https://github.com/chrisallenlane/cheat
https://github.com/tldr-pages/tldr
https://github.com/ferreirasc/oscp
https://guif.re/webtestingoscp
http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html
https://www.gitbook.com/book/belouve/belouve-infosec/details
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
http://mateustymbu.xpg.uol.com.br/Bibliography/Pentest_Checklist.pdf
https://www.mrb3n.com/?page_id=329
http://blackpentesters.blogspot.com/2013/12/pentesting-with-backtrack-pwb-offensive.html
http://www.vishalitacademy.com/oscp
https://blog.propriacausa.de/wp-content/uploads/2016/07/oscp_notes.html
http://infosectalk.com/my-oscp-notes/
https://sushant747.gitbooks.io/total-oscp-guide/content/
http://bytec0de.com/blog/oscp-prepration-time-tutorial-basics-commands-and-understandings/
http://ramunix.blogspot.com/2016/10/oscp-cheat-sheet.html
https://github.com/re-pronin/pwk-cheatsheet
nmap nse:
https://hackertarget.com/7-nmap-nse-scripts-recon/
https://www.timborninkhof.com/oscp-exam-review/
http://www.hackingarticles.in/hack-lord-root-vm-ctf-challenge/
https://www.willchatham.com/security/kioptrix-level-1-3-vm-4-walkthrough/
http://techorganic1.rssing.com/chan-5366139/all_p2.html
http://www.securityartist.com/the-hackers-library/
http://justpentest.blogspot.com/
http://www.offensive-security.com/metasploit-unleashed/Main_Page
http://www.hackingtutorials.org
https://www.kernel-exploits.com/
https://backdoorshell.gitbooks.io/oscp-useful-links/content/
http://www.primalsecurity.net/0x0-exploit-tutorial-buffer-overflow-vanilla-eip-overwrite-2/
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation
www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
http://0daysecurity.com/penetration-testing/enumeration.html
http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.html
http://pentestmonkey.net/tools/windows-privesc-check
www.youtube.com/watch?v=kMG8IsCohHA
http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats
www.toshellandback.com/2015/11/24/ms-priv-esc/
https://geekviews.tech/kali-linux-commands-complete-list/
http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
http://www.toshellandback.com/
https://pinboard.in/u:unfo/t:oscp
https://github.com/PaulSec/awesome-sec-talks
https://www.offensive-security.com/metasploit-unleashed/portfwd/
https://junksecurity.com/taking-the-course-and-exam-preparation/
http://ianthomasfry.blogspot.com/2017/05/oscp-exam-study-guide-i-first-steps.html
https://insekurity.wordpress.com/
https://www.nop.cat/nmapscans/
https://github.com/1N3/PrivEsc
https://github.com/xapax/oscp/blob/master/linux-template.md
https://github.com/xapax/oscp/blob/master/windows-template.md
https://github.com/slyth11907/Cheatsheets
https://github.com/erik1o6/oscp/
https://highon.coffee/blog/lord-of-the-root-walkthrough/
MsfVenom
https://www.offensive-security.com/metasploit-unleashed/msfvenom/
Shell Escape Techniques
https://pen-testing.sans.org/blog/2012/06/06/escaping-restricted-linux-shells
https://airnesstheman.blogspot.ca/2011/05/breaking-out-of-jail-restricted-shell.html
https://speakerdeck.com/knaps/escape-from-shellcatraz-breaking-out-of-restricted-unix-shells
Pivoting
http://www.fuzzysecurity.com/tutorials/13.html
http://exploit.co.il/networking/ssh-tunneling/
https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
https://0x90909090.blogspot.ie/2015/07/no-one-expect-command-execution.html
https://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/\#gref
https://github.com/mzet-/linux-exploit-suggester
https://github.com/SecWiki/linux-kernel-exploits
https://highon.coffee/blog/linux-commands-cheat-sheet/
https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt
https://github.com/lucyoa/kernel-exploits
https://www.rebootuser.com/?p=1758
https://www.securitysift.com/download/linuxprivchecker.py
https://www.youtube.com/watch?v=1A7yJxh-fyc
https://www.youtube.com/watch?v=2NMB-pfCHT8
https://www.youtube.com/watch?v=MN3FH6Pyc_g
https://www.slideshare.net/nullthreat/fund-linux-priv-esc-wprotections
https://www.exploit-db.com/exploits/39166/
https://www.exploit-db.com/exploits/15274/
https://blog.cobaltstrike.com/2014/03/20/user-account-control-what-penetration-testers-should-know/
https://github.com/foxglovesec/RottenPotato
https://github.com/GDSSecurity/Windows-Exploit-Suggester/blob/master/windows-exploit-suggester.py
https://github.com/pentestmonkey/windows-privesc-check
https://github.com/PowerShellMafia/PowerSploit
https://github.com/SecWiki/windows-kernel-exploits
https://hackmag.com/security/elevating-privileges-to-administrative-and-further/
https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
https://toshellandback.com/2015/11/24/ms-priv-esc/
https://www.gracefulsecurity.com/privesc-unquoted-service-path/
https://www.commonexploits.com/unquoted-service-paths/
https://www.exploit-db.com/dll-hijacking-vulnerable-applications/
https://www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
https://www.youtube.com/watch?v=vqfC4gU0SnY
https://www.exumbraops.com/penetration-testing-102-windows-privilege-escalation-cheatsheet/X
https://www.fuzzysecurity.com/tutorials/16.html
http://www.labofapenetrationtester.com/2015/09/bypassing-uac-with-powershell.html
Interesting reading:
https://code.google.com/p/pentest-bo.../BookmarksList
http://resources.infosecinstitute.co...door-python-z/
https://blog.netspi.com/netspis-top-...ords-for-2014/
https://github.com/SpiderLabs/Responder
http://windowssecrets.com/top-story/
http://resources.infosecinstitute.co...using-ollydbg/
https://www.corelan.be/index.php/200...t-development/
http://jbremer.org/mona-101-a-global-samsung-dll/
http://sgros-students.blogspot.sg/20...cs-part-1.html
http://sgros-students.blogspot.sg/20...cs-part-2.html
http://blog.cobaltstrike.com/2014/03...s-should-know/
http://www.pretentiousname.com/misc/...hitelist2.html
http://www.pretentiousname.com/misc/...c_details.html
http://withinwindows.com/2009/02/05/...ated-binaries/
https://www.exploit-db.com/bypassing...vista7-mirror/
http://security.stackexchange.com/qu...-for-windows-7
http://www.primalsecurity.net/0x8-ex...ive-egghunter/
http://veneetbhardwaj.blogspot.sg/
http://nethekk.blogspot.sg/2014/01/slmail-exploit.html
https://github.com/samratashok/nishang
https://twitter.com/ithurricanept
https://zdresearch.com/internet-expl...rop-genration/
http://www.justanotherhacker.com/201...web-shell.html
http://woshub.com/how-to-extract-win...-hiberfil-sys/
http://rycon.hu/papers/goldenticket.html
http://www.beneaththewaves.net/Proje...lkthrough.html
Exploit and vulnerability databases:
https://code.google.com/p/google-sec...ry&cells=tiles
http://packetstormsecurity.com/files/os/7
https://packetstormsecurity.com/
http://farlight.org/index.html?type=local
Restricted shell escape:
https://blog.netspi.com/breaking-out...ix-and-kiosks/
http://blog.g0tmi1k.com/2011/08/basi...ge-escalation/
https://blog.netspi.com/windows-priv...or-privileges/
https://blog.netspi.com/windows-priv...in-privileges/
ROP: ASLR and DEP/NX:
https://www.trustwave.com/Resources/...X-ASLR-bypass/
http://security.stackexchange.com/qu...es-aslr-dep-nx
http://en.wikipedia.org/wiki/Return-...ed_programming
http://www.mastropaolo.com/2005/06/0...d-bits-part-1/
https://samsclass.info/127/proj/rop.htm
http://nicholas.carlini.com/papers/2...ropattacks.pdf
https://ctf-team.vulnhub.com/picoctf-2014-hardcore-rop/
Boot to root websites:
https://exploit-exercises.com/
http://0daysecurity.com/pentest.html
http://blog.agupieware.com/2014/10/h...ng-victim.html
Pentesting blogs:
Reconnaissance websites:
http://whois.domaintools.com/nextdc.com
Shell codes:
https://www.exploit-db.com/shellcode/
http://www.secdev.org/projects/shellforge/
https://www.corelan.be/index.php/201...2-shellcoding/
http://www.leidecker.info/downloads/index.shtml#shells
https://github.com/dotcppfile/Serbot
http://shell-storm.org/shellcode/
http://bernardodamele.blogspot.sg/20...ne-liners.html
Tools to hide Shells:
https://www.veil-framework.com/
EggHunters:
Exploit Development:
https://github.com/SaltwaterC/sploit-tools
https://github.com/r41p41/snippets
https://github.com/byt3bl33d3r/MITMf
https://www.qualys.com/research/top10/2014/07/
Password leaks/lists:
http://securityxploded.com/passwordsecrets.php
OSCP reviews:
Hash cracking:
http://forum.insidepro.com/viewforum...72f1dc23055572
Information Gathering:
https://github.com/leebaird/discover
https://bitvijays.github.io/blog/2015/04/09/learning-from-the-field-intelligence-gathering/
http://toshellandback.com/2015/11/24/ms-priv-esc/
https://github.com/azmatt/windowsEnum
Pivoting:
https://www.offensive-security.com/metasploit-unleashed/proxytunnels/
https://github.com/rofl0r/proxychains-ng
Local File Inclusion / Remote File Inclusion:
https://pentesterlab.com/exercises/php_include_and_post_exploitation/course
https://www.exploit-db.com/papers/12992/
http://www.itninja.com/blog/view/mysql-and-apache-profile-log-path-locations
SQLi:
https://www.exploit-db.com/papers/12975/
https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
BruteForce w/ Burp Suite:
https://pentestlab.wordpress.com/2012/12/21/brute-force-attack-with-burp/
Reverse Shell Cheat Sheet/various shells:
http://pentestmonkey.net/tools/web-shells/php-reverse-shell
http://pentestmonkey.net/tools/web-shells/perl-reverse-shell
https://github.com/bartblaze/PHP-backdoors
https://github.com/BlackArch/webshells
Password Cracking:
https://hashkiller.co.uk/ntlm-decrypter.aspx
Intro to Pentest Books:
Git Book - https://backdoorshell.gitbooks.io/oscp-useful-links/content/
Ctf guide bt vijays : https://bitvijays.github.io/LFC-VulnerableMachines.html
https://www.owasp.org/images/1/19/OTGv4.pdf
Penetration Testing Standards:
https://www.crest-approved.org/wp-content/uploads/CREST-Penetration-Testing-Guide.pdf
https://www.owasp.org/index.php/Web_Application_Penetration_Testing
https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
https://www.owasp.org/index.php/Penetration_testing_methodologies
Last updated
Was this helpful?