Resources/Credits

Inspiration to develop this site was driven by tremendous contribution of pioneers and brilliant minds in security. Thank you to all individual researchers who share their knowledge via Tubes/Blogs/Medium/Twitters/Books/Conferences/Meetups. Such sharing has let us go further with ever increasing knowledge that has been built upon existing knowledge. If you like to add new cool stuff or report broken links, please shoot a tweet.

Loading... Please wait..

  Source   Category
Attack&DefenseLab - https://attackdefense.com/ Labs
HackTheBox - https://www.hackthebox.eu/ Labs
PentesterLab - https://pentesterlab.com/referral/U2dFPhLRr2JDaA Labs
OWASP SKF Labs - https://github.com/blabla1337/skf-labs - https://owasp-skf.gitbook.io/asvs-write-ups/ Labs
Lesser Known Attack Labs - https://github.com/weev3/LKWA Labs
VulnHub - https://www.vulnhub.com/ Labs
Android Reverse Engineering Lab - https://maddiestone.github.io/AndroidAppRE/ Labs
CTFTimes - https://ctftime.org/ctfs Labs
Secure Code Warrior - https://securecodewarrior.com/ Labs
Immersive Labs - https://immersivelabs.online/ Labs
Practical Pentest Labs - https://practicalpentestlabs.com/ Labs
Virtual Hacking Labs - https://www.virtualhackinglabs.com/specials/virtual-hacking-labs/ Labs
SparcFLOW labs - https://www.hacklikeapornstar.com/learn-hacking-one-day/ Labs
Ubeeri Labs - https://www.ubeeri.com/preconfig-labs Labs
SANS Netwars Labs - https://www.sans.org/netwars/ Labs
HackingDojo Labs - https://hackingdojo.com/lab/ Labs
Mile2 Cyber Range Labs - https://mile2.com/cyber-range.html Labs
CTF365 Lab - https://ctf365.com/ Labs
Root-Me Lab - https://www.root-me.org/?lang=en Labs
InfoSec Ninja lab - https://www.infosec-ninjas.com/lab Labs
Hacking-Lab.com - https://www.hacking-lab.com/ Labs
PentestIt.RU Labs - https://lab.pentestit.ru/ Labs
gh0st Lab - http://www.gh0st.net/wiki/index.php?title=Main_Page Labs
Overthewires Wargames - https://overthewire.org/wargames/ Labs
Google Gruyere : http://google-gruyere.appspot.com/part1 Labs Online
DOMXSS Lab - http://www.domxss.com/domxss/domxss.php Labs Online
PortSwigger Lab - https://portswigger.net/web-security Labs Online
WebScan Test - https://www.webscantest.com/ Labs Online
VulnWeb PHP - http://testphp.vulnweb.com/ Labs Online
VulnWeb ASP - http://testasp.vulnweb.com/ Labs Online
VulnWeb ASPX - http://testaspnet.vulnweb.com/ Labs Online
VulnWeb HTML5 - http://testhtml5.vulnweb.com/ Labs Online
CrackMe - http://crackme.cenzic.com/ Labs Online
Hackyourself First - http://hack-yourself-first.com/ Labs Online
TestFire - http://demo.testfire.net/ Labs Online
Zero Bank - http://zero.webappsecurity.com/ Labs Online
ATT&CK Knowledgebase - https://attack.mitre.org/ - https://collaborate.mitre.org/attackics/index.php/Main_Page - https://attack.mitre.org/resources/training/ Libraries
SANS Reading Room - https://www.sans.org/reading-room/ Libraries
PentesterAcademy - https://www.pentesteracademy.com/ Libraries
OpenSecurityTraining - http://opensecuritytraining.info/ Libraries
Online ebook library - https://www.oreilly.com/online-learning/ (Best for research, building up technical foundations - inclusive of https://packtpub.com/) Libraries
RawSec Massive Inventory - https://inventory.rawsec.ml/ Libraries
Technology learning libraries - https://www.w3schools.com/ - https://www.tutorialspoint.com/ Libraries
ICS-CERT Virtual Learning Portal (VLP) - https://ics-cert-training.inl.gov/ Libraries
Cybrary - https://www.cybrary.it/ Libraries
Wikiversity - https://en.wikiversity.org/ Libraries
Microsoft TechNet Library - https://gallery.technet.microsoft.com/ Libraries
LiveOverflow - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w Tubes
InfoSecInstitutes - https://www.youtube.com/user/InfoSecInstitute/videos Tubes
Pentest Workshop - https://www.youtube.com/channel/UCTlHy5I13anUl4-MCkRY7hg/videos Tubes
IronGeek - https://www.youtube.com/user/irongeek/playlists Tubes
Red Canary - https://www.youtube.com/channel/UCulDoWwoy0vNvRwl2tVX3-w/videos Tubes
SANS - https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos Tubes
PentesterAcademy TV - https://www.youtube.com/channel/UChjC1q6Ami7W0E71TzPZELA/playlists Tubes
OWASP - https://www.youtube.com/user/OWASPGLOBAL/playlists Tubes
Host Unknowns [Edutainment purpose] - https://www.youtube.com/user/HostUnknownTV/videos Tubes
Blackhat - https://www.youtube.com/user/BlackHatOfficialYT/videos CONs
DEFCON - https://www.youtube.com/user/DEFCONConference/videos CONs
HITB CON - https://www.youtube.com/user/hitbsecconf CONs
MITRE ATT&CKCON - https://www.youtube.com/user/mitrecorp/search?query=ATT%26CK CONs
CRESTCon - https://www.youtube.com/user/CRESTadvocate/videos CONs
CONFidence CON - https://www.youtube.com/user/PROIDEAconferences/search?query=CONFidence CONs
Shmoocon - https://www.youtube.com/results?search_query=shmoocon CONs
Cooper - https://www.youtube.com/channel/UCI6B0zYvK-7FdM0Vgh3v3Tg/playlists CONs
Hacktivity - https://www.youtube.com/user/hacktivity/playlists CONs
ZeroNights - https://www.youtube.com/channel/UCtQ0fPmP4fCGBkYWMxnjh6A/playlists CONs
BruCon - https://www.youtube.com/user/brucontalks/playlists CONs
ToorCon - https://www.youtube.com/channel/UCnzjmL0xkTBYwFZD7agHGWw/playlists CONs
Ekoparty CON - https://www.youtube.com/channel/UCiVNwNkoMapaeyr9o6XEonA/videos CONs
Rooted CON - https://www.youtube.com/user/rootedconmadrid/videos CONs
BalCCon - https://www.youtube.com/channel/UCoHypmu8rxlB5Axh5JxFZsA/playlists CONs
SetCT CON - https://www.youtube.com/user/SECTDirector/playlists CONs
x33fCON - https://www.youtube.com/channel/UC8wesSvHdlNXVZgSy_UU_Ug/videos CONs
BlackAlps CON - https://www.youtube.com/channel/UCkCV_HJUkI8PsFrX4wpPX4A/videos CONs
Security Onion CON - https://www.youtube.com/channel/UCNBFTyYCdjT5hnm7uW25vGQ/featured CONs
SyScan CON - https://www.youtube.com/channel/UCx5hZiie0VzFvV-u376v7DQ/videos CONs
Hack In Paris - https://www.youtube.com/user/hackinparis/videos CONs
NorthSec - https://www.youtube.com/channel/UCqVhMzTdQK5VAosAGkMtpJw/videos CONs
Con Archives - https://infocon.org/cons/ CONs
Cure53 - https://cure53.de/#publications Companies
Duo - https://duo.com/labs Companies
F-Secure/MWR - https://labs.f-secure.com/ - https://github.com/FSecureLABS Companies
NCC - https://labs.nccgroup.trust/ Companies
Aon - https://github.com/AonCyberLabs/ Companies
Veracode - https://www.veracode.com/resources Companies
SecurityInnovation - https://www.securityinnovation.com/resources/ Companies
TrustedSec - https://github.com/trustedsec Companies
Awesome Vulnerable Apps - https://github.com/vavkamil/awesome-vulnerable-apps/ Gits
Awesome-CTF - https://github.com/apsdehal/awesome-ctf Gits
Github Damn Vulnerable Apps - https://github.com/search?q=damn+vulnerable+apps Gits
Awesome CTF Wargame - https://github.com/2O2L2H/awesome-ctf-wargame Gits
Awesome Crypto - https://github.com/7Hxz233/awesome-ctf-crypto Gits
Awesome RedTeaming - https://github.com/yeyintminthuhtut/Awesome-Red-Teaming Gits
awesome-CTF - https://github.com/AntiverX/awesome-CTF Gits
BugBountyWorld - https://github.com/bugbountyworld/BugBountyWorld Gits
Awesome Infosec - https://github.com/edwardqiu/awesome-infosec Gits
Awesome-Ethical-Hacking-Resources - https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources Gits
RedTeaming Toolkit - https://github.com/infosecn1nja/Red-Teaming-Toolkit Gits
Awesome Windows Redteam - https://github.com/marcosValle/awesome-windows-red-team Gits
Awesome Sec Conference Talks - https://github.com/PaulSec/awesome-sec-talks/ Gits
Awesome Repo - https://github.com/ov3rclocked/Awesome-Repositories Gits
Secret KB - https://github.com/trimstray/the-book-of-secret-knowledge Gits
Awesome Hacking - https://github.com/vitalysim/Awesome-Hacking-Resources Gits
Phonexicum's InfoSec Notes - https://phonexicum.github.io/infosec/ Gits
Pentesterlab Walk-through https://github.com/crhystamils/pentesterlab01 Gits
pentesterlab walkthrough screenshots - https://github.com/cemberkongay/WebPentest Gits
Pentest Reports - https://github.com/juliocesarfort/public-pentesting-reports Gits
Bitvijays - Infrastructure Pentest Series - https://bitvijays.github.io/index.html#infrastructure-pentest-series Gits
Awesome Pentest - https://github.com/enaqx/awesome-pentest Gits
HarmJ0y - https://gist.github.com/HarmJ0y Gits
Awesome Machine Learning for Cyber Security - https://github.com/jivoi/awesome-ml-for-cybersecurity Gits
https://github.com/randorisec/MobileHackingCheatSheet Cheatsheets
Bounty Cheatsheet - https://github.com/EdOverflow/bugbounty-cheatsheet Cheatsheets
Brute Logic's XSS Cheat Sheet - https://brutelogic.com.br/blog/ebook/xss-cheat-sheet/ Cheatsheets
League of Bounties - https://discord.gg/VnhW5x5 Discords
Malware Tech - https://discord.gg/698CH7x Discords
Virtual Hacking Labs - https://discord.gg/wDh8GwD Discords
CyberXploit - https://disboard.org/server/join/572004140587417610 Discords
CSSLP CBK - https://www.isc2.org/Certifications/CSSLP Books.AppSec
Hacking Exposed: Web Application 3rd edition - https://amzn.to/2OGMqjC Books.AppSec
HackNotes(tm) Web Security Pocket Reference - https://www.amazon.com/dp/0072227842/ Books.AppSec
Mastering Modern Web Penetration Testing - https://www.packtpub.com/networking-and-servers/mastering-modern-web-penetration-testing Books.AppSec
Real-World Bug Hunting - https://nostarch.com/bughunting Books.AppSec
Security Testing Handbook for Banking Applications Books.AppSec
Web Application Hacker Handbook 2nd edition - https://amzn.to/2OGUK2V Books.AppSec
Web Hacking 101 - https://leanpub.com/web-hacking-101 Books.AppSec
XSS Attacks: Cross Site Scripting Exploits and Defense - https://amzn.to/2ABBCAp Books.AppSec
Advanced Penetration Testing: Red Team - by Mr Richard Knowell Books.RedTeam
Cybersecurity: Attack & Defense Strategies (Red & Blue Team) Books.RedTeam
Hack Like Series - https://www.amazon.com/Sparc-FLOW/e/B06WW4TL8H Books.RedTeam
Hands-On Penetration Testing on Windows - Packt Publishing Books.RedTeam
Hands-On Red Team Tactics Books.RedTeam
Next Generation Red Teaming Books.RedTeam
NoStarch - Blackhat Series - https://nostarch.com/catalog/security Books.RedTeam
Professional Red Teaming: Conducting Successful Cybersecurity Engagements Books.RedTeam
RTFM - Red Team Field Manual - https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504 Books.RedTeam
APISecurity - https://apisecurity.io/ Webs
AppSec Wiki - https://appsecwiki.com Webs
Bounty Hunter methodology and notes - http://bit.ly/338QvUx Webs
CAPEC™ - https://capec.mitre.org/ Webs
iRed.Team - https://ired.team/ Webs
CWE™ - https://cwe.mitre.org/ Webs
HackerOne Hackitivity - https://hackerone.com/hacktivity Webs
http://ghostlulz.com Webs
https://blog.securitee.org/ Webs
https://pentester.land/ Webs
https://pielco11.ovh/ Webs
https://securityidiots.com Webs
Product Vendor Blog - https://www.acunetix.com/blog/ Webs
https://www.hahwul.com Webs
Medium - Bugbounty writeups - https://medium.com/bugbountywriteup/ Webs
Medium - HTB Lab Challenge Write-ups - https://medium.com/search?q=hackthebox Webs
Medium - VulnHub Challenge Write-ups - https://medium.com/search?q=vulnhub Webs
Open Web Application Security Project - https://owasp.org/ Webs
Reddit - NetSec - https://www.reddit.com/r/netsec/ Webs
Reddit - RedTeamSec - https://www.reddit.com/r/redteamsec/new/ Webs
Reddit - SecurityCTF - https://www.reddit.com/r/securityCTF/ Webs
Reddit WebSecResearch - https://www.reddit.com/r/websecurityresearch/ Webs
SANS Pen-testing Blog - https://pen-testing.sans.org/ Webs
Yearly Top 10 Web Vulnerabilities - http://bit.ly/2Nv7RUZ Webs
IPPSEC - https://ippsec.rocks/ Webs
Windows Commandline - https://www.windows-commandline.com/ Webs
Red Canary - https://redcanary.com/ Webs
CISO MindMap - https://www.sans.org/security-resources/posters/security-leadership-poster/135/download Webs
Data Breach Infographics - https://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Webs
Hacking Incidents dated from 1900 to until now - https://en.wikipedia.org/wiki/List_of_security_hacking_incidents Webs
VulnerabilityAssessment.Co.UK - http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html Webs
Penetration Testing Execution Standard - http://www.pentest-standard.org/index.php/Main_Page Webs
https://blog.bi.tk/ Webs
Password - http://wiki.skullsecurity.org/Passwords Webs
# Dr.-Ing. Mario Heiderich, a pioneer in discovering and sharing back fantastic web attack vectors - https://cure53.de/ Pioneers of Web Security
@# Gareth Heyes, a pioneer in discovering and sharing back fantastic web attack vectors - http://www.thespanner.co.uk/ - garethheyes - # Gareth Heyes, a pioneer in discovering and sharing back fantastic web attack vectors - http://www.thespanner.co.uk/ - https://twitter.com/garethheyes Pioneers of Web Security
# Jeremiah, a pioneer in discovering and sharing back fantastic web attack vectors - https://blog.jeremiahgrossman.com/ Pioneers of Web Security
@# RSnake, a pioneer in discovering and sharing back fantastic web attack vectors - rsnake - # RSnake, a pioneer in discovering and sharing back fantastic web attack vectors - https://twitter.com/rsnake Pioneers of Web Security
https://medium.com/@filipvitas for his https://medium.com/@filipvitas/how-to-bypass-slider-captcha-with-js-and-puppeteer-cd5e28105e3c Twitters
@0ktavandi - https://twitter.com/0ktavandi Twitters
@_sawzeeyy - https://twitter.com/_sawzeeyy Twitters
@_ttffdd_ - https://twitter.com/_ttffdd_ Twitters
@Agarri_FR - https://twitter.com/Agarri_FR Twitters
@albinowax - https://twitter.com/albinowax Twitters
@apisecurityio - https://twitter.com/apisecurityio Twitters
@brutelogic - https://twitter.com/brutelogic Twitters
@bugbountyforum - https://twitter.com/bugbountyforum Twitters
@bughuntercat - https://twitter.com/bughuntercat Twitters
@chybeta - https://twitter.com/chybeta Twitters
@chybeta/ - https://twitter.com/chybeta/ Twitters
@cry__pto - https://twitter.com/cry__pto Twitters
@dhakal_ananda - https://twitter.com/dhakal_ananda Twitters
@ghostlulz1337 - https://twitter.com/ghostlulz1337 Twitters
@HudelC - https://twitter.com/HudelC Twitters
@HusseiN98D - https://twitter.com/HusseiN98D Twitters
@IAmMandatory - https://twitter.com/IAmMandatory Twitters
@Jhaddix - https://twitter.com/Jhaddix Twitters
@justin_gardner - https://twitter.com/justin_gardner Twitters
@karna__1 - https://twitter.com/karna__1 Twitters
@KassihMouhssine/ - https://twitter.com/KassihMouhssine/ Twitters
@LooseSecurity - https://twitter.com/LooseSecurity Twitters
@Mahmoud0x00 - https://twitter.com/Mahmoud0x00 Twitters
@not_aardvark - https://twitter.com/not_aardvark Twitters
@osamaavvan - https://twitter.com/osamaavvan Twitters
@PanegavSharan - https://twitter.com/PanegavSharan Twitters
@PentesterLab - https://twitter.com/PentesterLab Twitters
@PortSwiggerRes - https://twitter.com/PortSwiggerRes Twitters
@PranayB2511 - https://twitter.com/PranayB2511 Twitters
@prateek_0490 - https://twitter.com/prateek_0490 Twitters
@rotem_reiss - https://twitter.com/rotem_reiss Twitters
@SecuAudit - https://twitter.com/SecuAudit Twitters
@secuninja - https://twitter.com/secuninja Twitters
@smaury92 - https://twitter.com/smaury92 Twitters
@snyff - https://twitter.com/snyff Twitters
@SpiderSec - https://twitter.com/SpiderSec Twitters
@spyerror/ - https://twitter.com/spyerror/ Twitters
@stealthybugs - https://twitter.com/stealthybugs Twitters
@stueotue - https://twitter.com/stueotue Twitters
@stvemillertime/ - https://twitter.com/stvemillertime/ Twitters
@Sunilkande1137 - https://twitter.com/Sunilkande1137 Twitters
@vickieli7 - https://twitter.com/vickieli7 Twitters
@yaworsk - https://twitter.com/yaworsk Twitters
@Zombiehelp54 - https://twitter.com/Zombiehelp54 Twitters
@ZrariAnas - https://twitter.com/ZrariAnas Twitters
@https://www.twitter.com/ironfisto - https://www.twitter.com/ironfisto Twitters
@https://www.twitter.com/knoxss_me - https://www.twitter.com/knoxss_me Twitters
@https://www.twitter.com/rvrshell - https://www.twitter.com/rvrshell Twitters
@YogoshaOfficial - https://twitter.com/YogoshaOfficial Twitters
Twitter #bugbountytips - http://bit.ly/2NBiOnY Twitters
@/maddiestone - https://twitter.com//maddiestone Twitters
EDB - https://Exploit-db.com VulnDb
SeeBug - https://www.seebug.org VulnDb
VMware Markets - Finding outdated / exploitable vulnerabilities - https://marketplace.vmware.com/ VulnDb
Linode - https://www.linode.com Affordable Clouds
Digital Ocean - https://www.digitalocean.com/ Affordable Clouds
Marriot Hotel data breach - https://www.youtube.com/watch?v=2u68rVGDSg4&t=10s Hearings
IRS Data Breach - https://www.hsgac.senate.gov/templates/watch.cfm?id=4145AFAD-5056-A032-52BE-B457F12AF3C6 Hearings
OPM Data Breach - https://www.hsgac.senate.gov/templates/watch.cfm?id=23C3D282-5056-A032-5289-536EA0BBADEA Hearings
Facebook Data Breach - https://www.youtube.com/watch?v=mGpPHZB_fvI Hearings
Equifax Data Breach - https://www.youtube.com/watch?v=2u68rVGDSg4 Hearings
Target Data Breach - https://www.youtube.com/watch?v=dj3lxOk7v40 - https://www.youtube.com/watch?v=SmiEIGccrGY Hearings
Google Android Data Collection - https://www.youtube.com/watch?v=d3XwpStkZiI Hearings
Better Evernote replacement - Confluence - https://atlassian.com/ Information Management
Easy reminder with SMS support - https://followupthen.com Information Management
https://getpocket.com - Bookmark manager with permanent copies of bookmarked links Information Management
Automation - https://integromat.com/ Information Management
Goals/Project/Tasks tracking - https://monday.com Information Management
Better Dradis Replacement - Pentest Workspace - https://pentest.ws Information Management
Visualisation made Easy - https://public.tableau.com/en-gb/gallery/ - https://app.flourish.studio/login Information Management
Best Mind Mapping Software (life-time trial usage available) - https://www.xmind.net/ Information Management
Kialo - Critical Thinking made easy - https://www.kialo-edu.com/ Information Management
Background images are from Google image results using terms : Hacker, BlockChain, IRON Man,Kali Graphics
Icons are from https://fontawesome.com/ Graphics