Resources/Credits

Inspiration to develop this site was driven by tremendous contribution of pioneers and brilliant minds in security. Thank you to all individual researchers who share their knowledge via Tubes/Blogs/Medium/Twitters/Books/Conferences/Meetups. Such sharing has let us go further with ever increasing knowledge that has been built upon existing knowledge. If you like to add new cool stuff or report broken links, please shoot a tweet.

Loading... Please wait..

  Source   Category
@Twitter search - search?q=privilege%20escalation&src=typed_query&f=live - Twitter search - https://twitter.com/search?q=privilege%20escalation&src=typed_query&f=live Search
.Blog search - https://www.google.com/search?newwindow=1&q=privilege+escalation+site%3A*.blog Search
Blogspot search - https://www.google.com/search?newwindow=1&q=privilege+escalation+site%3Ahttps%3A%2F%2F*.blogspot.com Search
Medium search - https://medium.com/search?q=privilege+escalation Search
Exploit search - https://www.exploit-db.com/ Search
Shodan search - https://exploits.shodan.io/ Search
Search in Metasploit - https://github.com/rapid7/metasploit-framework/search?utf8=%E2%9C%93&q=Myo+Soe&type= Search
Github Search - https://github.com/search?q=privilege+escalation&s=updated&type=Repositories Search
Search in SANS NewsBites - https://www.google.com/search?newwindow=1&q=privilege+site%3Ahttps%3A%2F%2Fwww.sans.org%2Fnewsletters%2Fnewsbites Search
Powershell browser - https://docs.microsoft.com/en-gb/powershell/module/ Search
Search in ATT&CK - https://www.google.com/search?q=dumping+site%3Ahttps%3A%2F%2Fattack.mitre.org%2F - JSON file https://attack.mitre.org/index.json Search
CVE Search - https://www.cvedetails.com/google-search-results.php?q=privilege+escalation Search
Nessus plugin search - https://www.tenable.com/plugins/search?q=privilege%20escalation Search
Aggregated search - Vulns - https://vulners.com/search?query=privilege%20escalation Search
Aggregated search - Morningstar - https://www.morningstarsecurity.com/vulnerability-search Search
Assessment Mindmap - https://github.com/dsopas/assessment-mindset Cheatsheets/Notes
Bob1Bob2 - http://wg135.github.io/ Cheatsheets/Notes
Bounty Cheatsheet - https://github.com/EdOverflow/bugbounty-cheatsheet Cheatsheets/Notes
Brute Logic's XSS Cheat Sheet - https://brutelogic.com.br/blog/ebook/xss-cheat-sheet/ Cheatsheets/Notes
BugBounty Cheatsheet - https://m0chan.github.io/2019/12/17/Bug-Bounty-Cheetsheet.html Cheatsheets/Notes
Guif's Notes - https://guif.re/ - https://github.com/guifre/notes Cheatsheets/Notes
Highon Cheatsheets - https://highon.coffee/blog/cheat-sheet/ Cheatsheets/Notes
https://github.com/randorisec/MobileHackingCheatSheet Cheatsheets/Notes
Linux Exploitation Cheatsheet - https://m0chan.github.io/2018/07/31/Linux-Notes-And-Cheatsheet.html Cheatsheets/Notes
LOLBin - Linux - GTFOBins - https://gtfobins.github.io/ Cheatsheets/Notes
LOLBins - Windows - https://lolbas-project.github.io/ Cheatsheets/Notes
M0chan - https://m0chan.github.io/ Cheatsheets/Notes
OWASP CheatSheet Series - https://cheatsheetseries.owasp.org/ Cheatsheets/Notes
PayloadsAllTheThings Cheatsheets (Active Directory, Pentest) - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Methodology%20and%20Resources Cheatsheets/Notes
Windows Exploitation Cheatsheet - https://m0chan.github.io/2019/07/30/Windows-Notes-and-Cheatsheet.html Cheatsheets/Notes
Active Defense - http://adhdproject.github.io/ Gits
ajinabraham - https://github.com/ajinabraham Gits
Attack KB - https://github.com/mubix - https://malicious.link/tags/ Gits
Awesome Crypto - https://github.com/7Hxz233/awesome-ctf-crypto Gits
Awesome CTF Wargame - https://github.com/2O2L2H/awesome-ctf-wargame Gits
Awesome Hacking - https://github.com/vitalysim/Awesome-Hacking-Resources Gits
Awesome Infosec - https://github.com/edwardqiu/awesome-infosec Gits
Awesome Machine Learning for Cyber Security - https://github.com/jivoi/awesome-ml-for-cybersecurity Gits
Awesome Pentest - https://github.com/enaqx/awesome-pentest Gits
Awesome RedTeam - https://github.com/yeyintminthuhtut/Awesome-Red-Teaming/ Gits
Awesome RedTeaming - https://github.com/yeyintminthuhtut/Awesome-Red-Teaming Gits
Awesome Repo - https://github.com/ov3rclocked/Awesome-Repositories Gits
Awesome Sec Conference Talks - https://github.com/PaulSec/awesome-sec-talks/ Gits
Awesome Vulnerable Apps - https://github.com/vavkamil/awesome-vulnerable-apps/ Gits
Awesome Windows Redteam - https://github.com/marcosValle/awesome-windows-red-team Gits
awesome-CTF - https://github.com/AntiverX/awesome-CTF Gits
Awesome-CTF - https://github.com/apsdehal/awesome-ctf Gits
Awesome-Ethical-Hacking-Resources - https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources Gits
Bitvijays - Infrastructure Pentest Series - https://bitvijays.github.io/index.html#infrastructure-pentest-series Gits
Bug Tracker - Bug management project for Bug Hunter - https://github.com/partha7278/BugHunter Gits
BugBountyWorld - https://github.com/bugbountyworld/BugBountyWorld Gits
Code samples for No Starch Press Black Hat Go https://nostarch.com/blackhatgo - https://github.com/blackhat-go/bhg Gits
Github Damn Vulnerable Apps - https://github.com/search?q=damn+vulnerable+apps Gits
HarmJ0y - https://gist.github.com/HarmJ0y Gits
https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE Gits
https://github.com/ctfs Gits
https://github.com/jekil/awesome-hacking Gits
https://github.com/mitre/cti Gits
https://github.com/pwning Gits
Invoke-Adversary - https://github.com/CyberMonitor/Invoke-Adversary Gits
Malware Attribute Enumeration and Characterization (MAEC™) - https://maecproject.github.io/ Gits
Mate - Mitre Att&ck Technique Emulation https://github.com/fugawi/mate Gits
Naughty String - https://github.com/minimaxir/big-list-of-naughty-strings Gits
Payloads All The Things - https://github.com/swisskyrepo/PayloadsAllTheThings Gits
Pentest Reports - https://github.com/juliocesarfort/public-pentesting-reports Gits
Pentesterlab Walk-through https://github.com/crhystamils/pentesterlab01 Gits
pentesterlab walkthrough screenshots - https://github.com/cemberkongay/WebPentest Gits
Phonexicum's InfoSec Notes - https://phonexicum.github.io/infosec/ Gits
Post-Exploitation - https://github.com/mubix/post-exploitation-wiki - https://github.com/mubix/post-exploitation Gits
PTF - https://github.com/trustedsec/ptf Gits
pxb1988 -https://github.com/pxb1988 Gits
Python Pentest Tools - https://github.com/dloss/python-pentest-tools Gits
Quick and Dirty Penetration Testing Notes - https://github.com/josephkingstone/keepnote Gits
RedTeam Toolkit - https://github.com/infosecn1nja/Red-Teaming-Toolkit Gits
RedTeaming Toolkit - https://github.com/infosecn1nja/Red-Teaming-Toolkit Gits
sailay1996 - https://github.com/sailay1996 Gits
SecLists - https://github.com/danielmiessler/SecLists Gits
Secret KB - https://github.com/trimstray/the-book-of-secret-knowledge Gits
venshin https://github.com/venshine Gits
SecWiki (Kernel exploits - multi-platform, office exploits) - https://github.com/SecWiki Gits
FuzzySecurity on multiple topics - http://www.fuzzysecurity.com/tutorials.html Trainings#Free
Introduction to Offensive Computer Security - http://howto.hackallthethings.com/2016/07/introduction-to-offensive-computer.html Trainings#Free
OpenSecurityTraining - http://opensecuritytraining.info/ Trainings#Free
Att&CK Training - https://attack.mitre.org/resources/training/ Trainings#Free
HackerOne - https://www.hacker101.com/videos Trainings#Free
Cybrary - https://www.cybrary.it/catalog/career-path/penetration-tester/ Trainings#Free
Berkely - http://www-inst.eecs.berkeley.edu/~cs161/ - https://cs161.org/ University#Free-Courses
Harvard University - https://online-learning.harvard.edu/subject/cybersecurity University#Free-Courses
MIT - https://www.edx.org/learn/cybersecurity University#Free-Courses
Purdue University - https://www.cerias.purdue.edu/ University#Free-Courses
Rensselaer Polytechnic Institute (RPI) - http://security.cs.rpi.edu/courses/ University#Free-Courses
SAMSCLASS - https://samsclass.info/ University#Free-Courses
Stanford University - https://crypto.stanford.edu/ - https://online.stanford.edu/courses University#Free-Courses
AS400 Mainframe skills - https://www.interskill.com/ Trainings#Commerical
CareerAcademy - https://www.careeracademy.com/page/catalog_CS Trainings#Commerical
CQuareAcademy.com - https://cqureacademy.com/cyber-security-training (Windows Internals) Trainings#Commerical
CyberTraining365 - https://www.cybertraining365.com/cybertraining/Courses Trainings#Commerical
eHacking.com - https://academy.ehacking.net/courses Trainings#Commerical
https://www.infosecinstitute.com/courses/?_all_training_styles=boot-camp Trainings#Commerical
https://www.pluralsight.com/authors/pavel-yosifovich (Windows Internals) Trainings#Commerical
InfoSec Institute - https://www.infosecinstitute.com/ Trainings#Commerical
ITU Security Courses - https://ituonline.com/shop/courses/cybersecurity-training/ Trainings#Commerical
Mossé Cyber Security Institute Online Training Platform - https://platform.mosse-institute.com/#/ Trainings#Commerical
PentesterAcademy - https://www.pentesteracademy.com/ Trainings#Commerical
PluralSight Security Courses - https://www.pluralsight.com/browse/information-cyber-security Trainings#Commerical
Udemy Security Courses - https://www.udemy.com/topic/security-hacking/ Trainings#Commerical
VTC Security Courses - https://www.vtc.com/networking_security.htm Trainings#Commerical
https://udemy.com/course/practical-ethical-hacking/ Trainings#Udemy
https://udemy.com/course/x86-assembly-programming-from-ground-uptm/ Trainings#Udemy
https://www.udemy.com/advance-your-ethical-hacking-skills/ Trainings#Udemy
https://www.udemy.com/course/draft/406326/ Trainings#Udemy
https://www.udemy.com/course/reverse-engineering-and-exploit-development/ Trainings#Udemy
https://www.udemy.com/course/windows-exploit-development-megaprimer/ Trainings#Udemy
https://www.udemy.com/course/windows-kernel-defense-and-attack-for-beginners-to-expert/ Trainings#Udemy
https://www.udemy.com/course/x86-asm-foundations/ Trainings#Udemy
BugCrowd - https://www.bugcrowd.com/ Bounty
Cobalt - https://cobalt.io/ Bounty
Facebook - https://www.facebook.com/whitehat Bounty
Github - https://bounty.github.com/ Bounty
Google - https://www.google.com/about/appsecurity/reward-program/ Bounty
H1 - https://www.hackerone.com/ Bounty
Intel - https://www.intel.com/content/www/us/en/security-center/bug-bounty-program.html Bounty
Microsoft - https://www.microsoft.com/en-us/msrc/bounty?rtc=1 Bounty
Mozilla - https://www.mozilla.org/en-US/security/bug-bounty/ Bounty
YesWeHack - https://www.yeswehack.com/ Bounty
Zerodium - https://zerodium.com/ Bounty
Attack&DefenseLab - https://attackdefense.com/ Labs#Commercial
Hacking-Lab.com - https://www.hacking-lab.com/ Labs#Commercial
HackingDojo Labs - https://hackingdojo.com/lab/ Labs#Commercial
HackTheBox - https://www.hackthebox.eu/ Labs#Commercial
Immersive Labs - https://immersivelabs.online/ Labs#Commercial
InfoSec Ninja lab - https://www.infosec-ninjas.com/lab Labs#Commercial
Mile2 Cyber Range Labs - https://mile2.com/cyber-range.html Labs#Commercial
PentesterLab (Web, Linux-Local-Priv, Android) - https://pentesterlab.com/ Labs#Commercial
Practical Pentest Labs - https://practicalpentestlabs.com/ Labs#Commercial
Root-Me Lab (free + premium) - https://www.root-me.org/?lang=en Labs#Commercial
SANS Netwars Labs - https://www.sans.org/netwars/ Labs#Commercial
Secure Code Warrior - https://securecodewarrior.com/ Labs#Commercial
SnapLabs - https://www.snaplabs.io/ Labs#Commercial
SparcFLOW labs - https://www.hacklikeapornstar.com/learn-hacking-one-day/ Labs#Commercial
TryHackMe - https://tryhackme.com/paths Labs#Commercial
Virtual Cybersecurity Labs - https://www.cloudshare.com/cybersecurity/ Labs#Commercial
Virtual Hacking Labs - https://www.virtualhackinglabs.com/specials/virtual-hacking-labs/ Labs#Commercial
Android Reverse Engineering Lab - https://maddiestone.github.io/AndroidAppRE/ Labs#Free
CTF365 Lab - https://ctf365.com/ Labs#Free
CTFTimes - https://ctftime.org/ctfs Labs#Free
gh0st Lab - http://www.gh0st.net/wiki/index.php?title=Main_Page Labs#Free
Lesser Known Attack Labs - https://github.com/weev3/LKWA Labs#Free
Overthewires Wargames - https://overthewire.org/wargames/ Labs#Free
OWASP SKF Labs - https://github.com/blabla1337/skf-labs - https://owasp-skf.gitbook.io/asvs-write-ups/ Labs#Free
PentestIt.RU Labs - https://lab.pentestit.ru/ Labs#Free
VulnHub - https://www.vulnhub.com/ Labs#Free
WebSec.Fr - https://Websec.fr Labs#Free
CrackMe - http://crackme.cenzic.com/ HackMe#Web
DOMXSS Lab - http://www.domxss.com/domxss/domxss.php HackMe#Web
Google Gruyere : http://google-gruyere.appspot.com/part1 HackMe#Web
Hackyourself First - http://hack-yourself-first.com/ HackMe#Web
PortSwigger Lab - https://portswigger.net/web-security HackMe#Web
TestFire - http://demo.testfire.net/ HackMe#Web
VulnWeb ASP - http://testasp.vulnweb.com/ HackMe#Web
VulnWeb ASPX - http://testaspnet.vulnweb.com/ HackMe#Web
VulnWeb HTML5 - http://testhtml5.vulnweb.com/ HackMe#Web
VulnWeb PHP - http://testphp.vulnweb.com/ HackMe#Web
WebScan Test - https://www.webscantest.com/ HackMe#Web
Zero Bank - http://zero.webappsecurity.com/ HackMe#Web
EggHead (specialized in booming JavaScript technologies) https://egghead.io/ Cyber-Training
Microsoft TechNet Library - https://gallery.technet.microsoft.com/ Cyber-Training
Online ebook library - https://www.oreilly.com/online-learning/ (Best for research, building up technical foundations - inclusive of https://packtpub.com/) Cyber-Training
PluralSight - https://www.pluralsight.com/ Cyber-Training
TutorialsPoint - https://www.tutorialspoint.com Cyber-Training
Udemy - https://www.udemy.com/ Cyber-Training
W3Schools - https://www.w3schools.com/ Cyber-Training
Wikiversity - https://en.wikiversity.org/ Cyber-Training
APISecurity - https://apisecurity.io/ Libraries
AppSec Wiki - https://appsecwiki.com Libraries
CAPEC™ - https://capec.mitre.org/ Libraries
CWE™ - https://cwe.mitre.org/ Libraries
NATO CybeDefence Library - https://ccdcoe.org/library/publications Libraries
RawSec Massive Inventory - https://inventory.rawsec.ml/ Libraries
SANS Reading Room - https://www.sans.org/reading-room/ Libraries
Giovanni Vigna - https://www.youtube.com/channel/UCQABGyeT4SskXtL507nVN1g/playlists YouTubes
Host Unknowns [Edutainment purpose] - https://www.youtube.com/user/HostUnknownTV/videos YouTubes
InfoSecInstitutes - https://www.youtube.com/user/InfoSecInstitute/videos YouTubes
IronGeek - https://www.youtube.com/user/irongeek/playlists - http://www.irongeek.com/ YouTubes
John Hammond - https://www.youtube.com/user/RootOfTheNull YouTubes
LiveOverflow - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w YouTubes
OWASP - https://www.youtube.com/user/OWASPGLOBAL/playlists YouTubes
Pentest Workshop - https://www.youtube.com/channel/UCTlHy5I13anUl4-MCkRY7hg/videos YouTubes
PentesterAcademy TV - https://www.youtube.com/channel/UChjC1q6Ami7W0E71TzPZELA/playlists YouTubes
Red Canary - https://www.youtube.com/channel/UCulDoWwoy0vNvRwl2tVX3-w/videos YouTubes
SANS - https://www.youtube.com/user/TheSANSInstitute/channels - Pentest - https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos YouTubes
The CyberMentor - https://www.youtube.com/c/thecybermentor YouTubes
BalCCon - https://www.youtube.com/channel/UCoHypmu8rxlB5Axh5JxFZsA/playlists CONs
BlackAlps CON - https://www.youtube.com/channel/UCkCV_HJUkI8PsFrX4wpPX4A/videos CONs
Blackhat - https://www.youtube.com/user/BlackHatOfficialYT/videos CONs
BruCon - https://www.youtube.com/user/brucontalks/playlists CONs
Con Archives - https://infocon.org/cons/ CONs
CONFidence CON - https://www.youtube.com/user/PROIDEAconferences/search?query=CONFidence CONs
Cooper - https://www.youtube.com/channel/UCI6B0zYvK-7FdM0Vgh3v3Tg/playlists CONs
CRESTCon - https://www.youtube.com/user/CRESTadvocate/videos CONs
CyCON by NATO CyberDefence - https://www.youtube.com/user/natoccdcoe CONs
DEFCON - https://www.youtube.com/user/DEFCONConference/videos CONs
Ekoparty CON - https://www.youtube.com/channel/UCiVNwNkoMapaeyr9o6XEonA/videos CONs
Hack In Paris - https://www.youtube.com/user/hackinparis/videos CONs
Hacktivity - https://www.youtube.com/user/hacktivity/playlists CONs
HITB CON - https://www.youtube.com/user/hitbsecconf CONs
MITRE ATT&CKCON - https://www.youtube.com/user/mitrecorp/search?query=ATT%26CK CONs
NorthSec - https://www.youtube.com/channel/UCqVhMzTdQK5VAosAGkMtpJw/videos CONs
Rooted CON - https://www.youtube.com/user/rootedconmadrid/videos CONs
Security Onion CON - https://www.youtube.com/channel/UCNBFTyYCdjT5hnm7uW25vGQ/featured CONs
SetCT CON - https://www.youtube.com/user/SECTDirector/playlists CONs
Shmoocon - https://www.youtube.com/results?search_query=shmoocon CONs
SyScan CON - https://www.youtube.com/channel/UCx5hZiie0VzFvV-u376v7DQ/videos CONs
ToorCon - https://www.youtube.com/channel/UCnzjmL0xkTBYwFZD7agHGWw/playlists CONs
x33fCON - https://www.youtube.com/channel/UC8wesSvHdlNXVZgSy_UU_Ug/videos CONs
ZeroNights - https://www.youtube.com/channel/UCtQ0fPmP4fCGBkYWMxnjh6A/playlists CONs
Acunetix - https://www.acunetix.com/blog/category/web-security-zone/ Companies
Aon - https://github.com/AonCyberLabs/ Companies
Bluinfy - http://blog.blueinfy.com/ Companies
Coalfire blog - https://www.coalfire.com/The-Coalfire-Blog Companies
Cure53 - https://cure53.de/#publications Companies
Duo - https://duo.com/labs Companies
F-Secure/MWR - https://labs.f-secure.com/ - https://github.com/FSecureLABS Companies
IS2 Webcast - ​ https://www.sans.org/webcasts/upcoming - https://www.sans.org/webcasts/archive Companies
ISC Trainings - ​ https://www.sans.org/webcasts/upcoming - https://www.sans.org/webcasts/archive Companies
NCC - https://labs.nccgroup.trust/ Companies
Netsparker - https://www.netsparker.com/blog/ Companies
NowSecure Blog - https://www.nowsecure.com/blog/ Companies
Portswigger - https://portswigger.net/kb/issues Companies
Rapid7 - https://blog.rapid7.com/ Companies
SANS WebCasts - https://www.sans.org/webcasts/upcoming - https://www.sans.org/webcasts/archive Companies
SecurityInnovation - https://www.securityinnovation.com/resources/ Companies
Securus Global - https://securusglobal.com/community/ Companies
SensePost - https://sensepost.com/blog/ - https://github.com/sensepost Companies
Spiderlabs - https://github.com/SpiderLabs Companies
Sucuri - https://blog.sucuri.net/ Companies
TrustedSec - https://github.com/trustedsec - https://www.trustedsec.com/resources/ Companies
VantagePoint - http://www.vantagepoint.sg/research/ Companies
Veracode - https://www.veracode.com/resources Companies
Bishopfox - https://know.bishopfox.com/research Companies
1.0.0.1 DNS
1.1.1.1 DNS
149.112.112.112 DNS
2606:4700:4700::1001 DNS
2606:4700:4700::1111 DNS
2620:fe::9 DNS
2620:fe::fe DNS
8.8.4.4 DNS
8.8.8.8 DNS
9.9.9.9 DNS
CyberXploit - https://disboard.org/server/join/572004140587417610 Discords
League of Bounties - https://discord.gg/VnhW5x5 Discords
Malware Tech - https://discord.gg/698CH7x Discords
The Cyber Mentor - https://discord.gg/REfpPJB Discords
Virtual Hacking Labs - https://discord.gg/wDh8GwD Discords
Cert - OSCP - https://www.reddit.com/r/oscp/new/ Reddits
Cert - OSEE - https://www.reddit.com/r/osee/new/ Reddits
Cert - OSWE - https://www.reddit.com/r/OSWE/new/ Reddits
Reddit - NetSec - https://www.reddit.com/r/netsec/new/ Reddits
RedTeamSec - https://www.reddit.com/r/redteamsec/new/ Reddits
SecurityCTF - https://www.reddit.com/r/securityCTF/new/ Reddits
Reddit WebSecResearch - https://www.reddit.com/r/websecurityresearch/ Reddits
Cert - eLearnSecurity - https://www.reddit.com/r/eLearnSecurity/ Reddits
NetSec Students - https://www.reddit.com/r/netsecstudents/ Reddits
CyberSecurity - https://www.reddit.com/r/cybersecurity/ Reddits
AskNetsec - https://www.reddit.com/r/AskNetsec/new/ Reddits
ADSec - https://adsecurity.org/ ( slide: https://bit.ly/2X0kqhA ) Webs#RedTeam
ATT&CK Knowledgebase - https://attack.mitre.org/ - https://collaborate.mitre.org/attackics/index.php/Main_Page Webs#RedTeam
DSInternals - https://www.dsinternals.com/en/ Webs#RedTeam
iRed.Team - https://ired.team/ Webs#RedTeam
Malware Analysis - https://class.malware.re/ Webs#RedTeam
Nikhil SamratAshok Mittal - http://www.labofapenetrationtester.com/ Webs#RedTeam
Red Canary - https://redcanary.com/ Webs#RedTeam
RedTeam Guide - https://redteam.guide/docs/ Webs#RedTeam
.NET debugger and assembly editor - https://github.com/0xd4d/dnSpy Binary
.NET Decompilers - https://www.jetbrains.com/decompiler/ - https://github.com/icsharpcode/ILSpy Binary
ARM Exploitation - https://azeria-labs.com/ Binary
Binary to ASM Converter including DIFFing tool - https://godbolt.org/ Binary
CTF101 - https://ctf101.org/binary-exploitation/overview/ Binary
Delphi Decompiler - https://github.com/crypto2011/IDR Binary
Deviare API Hook - https://www.nektra.com/products/deviare-api-hook-windows/index.html Binary
DotNet Fuzzing - https://github.com/nccgroup/dotnetpefuzzing Binary
LiveOverflow - https://old.liveoverflow.com/binary_hacking/ Binary
MITM on Binary Traffic - Bettercap https://www.bettercap.org/ | NetRipper - https://github.com/NytroRST/NetRipper Binary
Multiple platform binary analysis - https://rada.re/r/ Binary
Nirsoft utilities - http://www.nirsoft.net/utils/index.html Binary
PythonShell2Bin - https://www.elevenpaths.com/labstools/pyshell2bin/index.html Binary
Registry Finder - https://registry-finder.com/ Binary
ROP Emporium - https://ropemporium.com/ Binary
Search in memory | Memgrep - https://github.com/nccgroup/memgrep | RAM Capturer - https://belkasoft.com/ram-capturer Binary
Slideshares - https://www.slideshare.net/nullbind/thick-application-penetration-testing-crash-course - https://www.slideshare.net/sanjucsrf/thick-client-application-security-assessment Binary
Spy Studio - https://www.nektra.com/products/spystudio-api-monitor/index.html Binary
Tool to manipulate window objects in Windows - https://github.com/appsecco/winmanipulate Binary
Trailofbits - https://trailofbits.github.io/ctf/ Binary
Win32 Exploitation - https://medium.com/@keplar20/win32-exploitation-67ad69738397 Binary
WinBinaryAudit - https://github.com/olliencc/WinBinaryAudit Binary
Windows Sysinternals - https://docs.microsoft.com/en-us/sysinternals/ Binary
@0ktavandi - https://twitter.com/0ktavandi Twitters
@0xz3z4d45 - https://twitter.com/0xz3z4d45 Twitters
@_khaledfarah - https://twitter.com/_khaledfarah Twitters
@_sawzeeyy - https://twitter.com/_sawzeeyy Twitters
@_ttffdd_ - https://twitter.com/_ttffdd_ Twitters
@Agarri_FR - https://twitter.com/Agarri_FR Twitters
@agrawalsmart7 - https://twitter.com/agrawalsmart7 Twitters
@albinowax - https://twitter.com/albinowax Twitters
@apisecurityio - https://twitter.com/apisecurityio Twitters
@brutelogic - https://twitter.com/brutelogic Twitters
@bugbountyforum - https://twitter.com/bugbountyforum Twitters
@bughuntercat - https://twitter.com/bughuntercat Twitters
@chybeta - https://twitter.com/chybeta Twitters
@chybeta/ - https://twitter.com/chybeta/ Twitters
@cry__pto - https://twitter.com/cry__pto Twitters
@dhakal_ananda - https://twitter.com/dhakal_ananda Twitters
@ghostlulz1337 - https://twitter.com/ghostlulz1337 Twitters
@guifreruiz - https://twitter.com/guifreruiz Twitters
@HudelC - https://twitter.com/HudelC Twitters
@HusseiN98D - https://twitter.com/HusseiN98D Twitters
@IAmMandatory - https://twitter.com/IAmMandatory Twitters
@Jhaddix - https://twitter.com/Jhaddix Twitters
@justin_gardner - https://twitter.com/justin_gardner Twitters
@karna__1 - https://twitter.com/karna__1 Twitters
@KassihMouhssine/ - https://twitter.com/KassihMouhssine/ Twitters
@LooseSecurity - https://twitter.com/LooseSecurity Twitters
@M3n7sh - https://twitter.com/M3n7sh Twitters
@maddiestone - https://twitter.com/maddiestone Twitters
@Mahmoud0x00 - https://twitter.com/Mahmoud0x00 Twitters
@mazen160 - https://twitter.com/mazen160 Twitters
@not_aardvark - https://twitter.com/not_aardvark Twitters
@osamaavvan - https://twitter.com/osamaavvan Twitters
@OsandaMalith - https://twitter.com/OsandaMalith Twitters
@PanegavSharan - https://twitter.com/PanegavSharan Twitters
@PentesterLab - https://twitter.com/PentesterLab Twitters
@PortSwiggerRes - https://twitter.com/PortSwiggerRes Twitters
@PranayB2511 - https://twitter.com/PranayB2511 Twitters
@prateek_0490 - https://twitter.com/prateek_0490 Twitters
@redteamfieldman - https://twitter.com/redteamfieldman Twitters
@rotem_reiss - https://twitter.com/rotem_reiss Twitters
@SecuAudit - https://twitter.com/SecuAudit Twitters
@secuninja - https://twitter.com/secuninja Twitters
@smaury92 - https://twitter.com/smaury92 Twitters
@snyff - https://twitter.com/snyff Twitters
@SpiderSec - https://twitter.com/SpiderSec Twitters
@spyerror/ - https://twitter.com/spyerror/ Twitters
@stealthybugs - https://twitter.com/stealthybugs Twitters
@stueotue - https://twitter.com/stueotue Twitters
@stvemillertime/ - https://twitter.com/stvemillertime/ Twitters
@Sunilkande1137 - https://twitter.com/Sunilkande1137 Twitters
@vickieli7 - https://twitter.com/vickieli7 Twitters
@yaworsk - https://twitter.com/yaworsk Twitters
@YogoshaOfficial - https://twitter.com/YogoshaOfficial Twitters
@Zombiehelp54 - https://twitter.com/Zombiehelp54 Twitters
@ZrariAnas - https://twitter.com/ZrariAnas Twitters
@https://www.twitter.com/ironfisto - https://www.twitter.com/ironfisto Twitters
@https://www.twitter.com/knoxss_me - https://www.twitter.com/knoxss_me Twitters
@https://www.twitter.com/rvrshell - https://www.twitter.com/rvrshell Twitters
@Twitter #bugbountytips - search?q=%23bugbountytips&src=typeahead_click&f=live - Twitter #bugbountytips - https://twitter.com/search?q=%23bugbountytips&src=typeahead_click&f=live Twitters
@Twitter #redteam - search?src=typd&q=%23redteam - Twitter #redteam - https://twitter.com/search?src=typd&q=%23redteam Twitters
EDB - https://Exploit-db.com VulnDb
SeeBug - https://www.seebug.org VulnDb
VMware Markets - VMs with outdated / exploitable vulnerabilities - https://marketplace.vmware.com/ VulnDb
2TB Life-Time File Storage (Cheaper Alternatives to Mega.NZ) - https://www.pcloud.com/welcome-to-pcloud/?discountcode=kCct3CCLPPF6jRYN4mnA34ZV Hostings
5GB FIle Transfer - https://transfer.pcloud.com/ Hostings
Convert to any Gits Repo to Web - https://raw.githack.com/ Hostings
Digital Ocean - https://www.digitalocean.com/ Hostings
Linode - https://www.linode.com Hostings
Mac VPS - https://www.hostmyapple.com/mac-vps-hosting Hostings
TailScale (Hardwareless VPN) - https://tailscale.com/ Hostings
AirDrive Forensic Keylogger - http://www.airdrivewifi.com/ Hardwares
Embedded device ~hacking - https://github.com/chorankates/h4ck Hardwares
Embedded Hardware Hacking - https://blog.rapid7.com/2019/02/20/iot-security-introduction-to-embedded-hardware-hacking/ Hardwares
Hackerwarehouse - https://hackerwarehouse.com/ Hardwares
Hak5 - https://shop.hak5.org/ Hardwares
ICS from NHSC -https://www.youtube.com/channel/UCQNkPfJvGnTXm5Nlu4jhKZg/videos Hardwares
ICS-CERT Virtual Learning Portal (VLP) - https://ics-cert-training.inl.gov/ Hardwares
IOT and Mobile Exploitation - https://www.attify-store.com/collections/training Hardwares
OPTICSPY - Optical data transmission covert channel - http://www.grandideastudio.com/opticspy/ Hardwares
Realtek 8812AU USB WiFi driver - https://github.com/diederikdehaas/rtl8812AU Hardwares
RF - https://www.nooelec.com/store/ Hardwares
Robotics - https://www.adafruit.com/ Hardwares
USB armory - https://inversepath.com/ Hardwares
Equifax Data Breach - https://www.youtube.com/watch?v=2u68rVGDSg4 Hearings
Facebook Data Breach - https://www.youtube.com/watch?v=mGpPHZB_fvI Hearings
Google Android Data Collection - https://www.youtube.com/watch?v=d3XwpStkZiI Hearings
IRS Data Breach - https://www.hsgac.senate.gov/templates/watch.cfm?id=4145AFAD-5056-A032-52BE-B457F12AF3C6 Hearings
Marriot Hotel data breach - https://www.youtube.com/watch?v=2u68rVGDSg4&t=10s Hearings
OPM Data Breach - https://www.hsgac.senate.gov/templates/watch.cfm?id=23C3D282-5056-A032-5289-536EA0BBADEA Hearings
Target Data Breach - https://www.youtube.com/watch?v=dj3lxOk7v40 - https://www.youtube.com/watch?v=SmiEIGccrGY Hearings
# Dr.-Ing. Mario Heiderich, a pioneer in discovering and sharing back fantastic web attack vectors - https://cure53.de/ Webs
@# Gareth Heyes, a pioneer in discovering and sharing back fantastic web attack vectors - http://www.thespanner.co.uk/ - garethheyes - # Gareth Heyes, a pioneer in discovering and sharing back fantastic web attack vectors - http://www.thespanner.co.uk/ - https://twitter.com/garethheyes Webs
# Jeremiah, a pioneer in discovering and sharing back fantastic web attack vectors - https://blog.jeremiahgrossman.com/ Webs
@# RSnake, a pioneer in discovering and sharing back fantastic web attack vectors - rsnake - # RSnake, a pioneer in discovering and sharing back fantastic web attack vectors - https://twitter.com/rsnake Webs
ATM Pentesting - https://resources.infosecinstitute.com/atm-penetration-testing/ Webs
Car Hacker's Handbook - http://opengarages.org/handbook/ebook/ Webs
CIS Security Benchmark - https://www.cisecurity.org/ Webs
CISO MindMap - https://www.sans.org/security-resources/posters/security-leadership-poster/135/download Webs
CVSS v3 calculator - https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator Webs
Data Breach Infographics - https://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Webs
Document Archives - http://scribd.com/ - https://kupdf.net/ Webs
HackerOne Bug Bounties Activities - https://hackerone.com/hacktivity Webs
Hacking Incidents dated from 1900 to until now - https://en.wikipedia.org/wiki/List_of_security_hacking_incidents Webs
http://ghostlulz.com Webs
https://blog.bi.tk/ Webs
https://blog.securitee.org/ Webs
https://pentester.land/ Webs
https://pielco11.ovh/ Webs
https://securityidiots.com Webs
https://www.hahwul.com Webs
IPPSEC - https://ippsec.rocks/ Webs
Medium - HTB Lab Challenge Write-ups - https://medium.com/search?q=hackthebox Webs
Medium - VulnHub Challenge Write-ups - https://medium.com/search?q=vulnhub Webs
Open Web Application Security Project - https://owasp.org/ - https://github.com/OWASP Webs
Password - http://wiki.skullsecurity.org/Passwords Webs
Penetration Testing Execution Standard - http://www.pentest-standard.org/index.php/Main_Page Webs
Puppeteer UI Captcha Bypass - https://medium.com/@filipvitas/how-to-bypass-slider-captcha-with-js-and-puppeteer-cd5e28105e3c Webs
SANS Pen-testing Blog - https://pen-testing.sans.org/ Webs
VulnerabilityAssessment.Co.UK - http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html Webs
Web of cybersecurity: Linking, locating, and discovering structured cybersecurity information - https://onlinelibrary.wiley.com/doi/full/10.1002/dac.3470 Webs
WebSecGeeks - https://www.websecgeeks.com/ Webs
Windows Commandline - https://www.windows-commandline.com/ Webs
Yearly Top 10 Web Vulnerabilities - http://bit.ly/2Nv7RUZ Webs
Dictionary - https://www.bishopfox.com/cybersecurity-style-guide/ Webs
Ryan McFarland - https://www.absolomb.com/ - https://www.absolomb.com/HackTheBox/ Webs
CSSLP CBK - https://www.isc2.org/Certifications/CSSLP Books#AppSec
Hacking Exposed: Web Application 3rd edition - https://amzn.to/2OGMqjC Books#AppSec
HackNotes(tm) Web Security Pocket Reference - https://www.amazon.com/dp/0072227842/ Books#AppSec
Mastering Modern Web Penetration Testing - https://www.packtpub.com/networking-and-servers/mastering-modern-web-penetration-testing Books#AppSec
Real-World Bug Hunting - https://nostarch.com/bughunting Books#AppSec
Security Testing Handbook for Banking Applications Books#AppSec
Web Application Hacker Handbook 2nd edition - https://amzn.to/2OGUK2V Books#AppSec
Web Hacking 101 - https://leanpub.com/web-hacking-101 Books#AppSec
XSS Attacks: Cross Site Scripting Exploits and Defense - https://amzn.to/2ABBCAp Books#AppSec
Advanced Penetration Testing: Red Team - by Mr Richard Knowell Books#RedTeam
Cybersecurity: Attack & Defense Strategies (Red & Blue Team) Books#RedTeam
Hack Like Series - https://www.amazon.com/Sparc-FLOW/e/B06WW4TL8H Books#RedTeam
Hands-On Penetration Testing on Windows - Packt Publishing Books#RedTeam
Hands-On Red Team Tactics Books#RedTeam
Next Generation Red Teaming Books#RedTeam
NoStarch - Blackhat Series - https://nostarch.com/catalog/security Books#RedTeam
Operator Handbook: Red Team + OSINT + Blue Team Reference Paperback by Joshua Picolet Books#RedTeam
Professional Red Teaming: Conducting Successful Cybersecurity Engagements Books#RedTeam
RED TEAM - HOW TO SUCCEED BY THINKING LIKE THE ENEMY Books#RedTeam
Red Team Development and Operations: A practical guide Kindle Edition by Joe Vest (Author), James Tubberville (Author) Books#RedTeam
Red Team Planner: (Black & Red) by Joshua Picolet Books#RedTeam
RTFM - Red Team Field Manual - https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504 Books#RedTeam
Book names start with or include "System Programming with" - https://learning.oreilly.com/search/?query=system%20programming%20with Books#Weaponization
Hands-On System Programming with C++ | Dr. Rian Quinn - https://learning.oreilly.com/library/view/hands-on-system-programming/9781789137880/ Books#Weaponization
Hands-On System Programming with Go | Alex Guerrieri - https://learning.oreilly.com/library/view/hands-on-system-programming/9781789804072/ Books#Weaponization
Malicious Mobile Code by Roger A. Grimes (2001) despite being old, it's a good read for foundation - https://www.oreilly.com/library/view/malicious-mobile-code/156592682X/ Books#Weaponization
Microsoft® PowerShell, VBScript and JScript® Bible - https://learning.oreilly.com/library/view/microsoft-powershell-vbscript/9780470386804/ Books#Weaponization
NoStarch Black Hat Series - https://bit.ly/2uKjF0e Books#Weaponization
Rootkits and Bootkits by NoStarch Press - https://learning.oreilly.com/library/view/rootkits-and-bootkits/9781492071259 Books#Weaponization
VBScript Programmer's Reference - https://learning.oreilly.com/library/view/vbscript-programmers-reference/9780470168080/ Books#Weaponization
Windows Management Instrumentation (WMI) by publisher: sams - https://learning.oreilly.com/library/view/windows-management-instrumentation/1578702607/ Books#Weaponization
Automation - https://integromat.com/ Info Management
Best Mind Mapping Software (life-time trial usage available) - https://www.xmind.net/ Info Management
Bookmark manager with offline support - https://getpocket.com/ - https://help.getpocket.com/article/1136-using-pocket-offline Info Management
Diagram creation - https://www.websequencediagrams.com/ - https://www.draw.io/ Info Management
Easy reminder with SMS support - http://fut.io/a?a73cd1f3cb Info Management
Goals/Project/Tasks tracking - https://monday.com Info Management
Online Note Taking - Confluence (2GB free) - https://www.atlassian.com/software/confluence Info Management
Online Note Taking - NOTION.SO - https://bit.ly/2WBfz64 Info Management
Password management - Roboform (cheaper than DashLane) - https://bit.ly/2wn07zX Info Management
Pentest Note Taking - Cloud - Pentest Workspace - https://pentest.ws Info Management
Pentest Note Taking - Cross Platform - Standalone - CheeryTree - https://www.giuspen.com/cherrytree Info Management
Visualisation made Easy - https://public.tableau.com/en-gb/gallery/ - https://app.flourish.studio/login Info Management
Cybersecurity.wtf will not be possible without the following readily available technology tools: Built-with Credits
Serverside - PHP - https://php.net/ with JetBrains PHPStorm IDE - https://www.jetbrains.com/phpstorm/ Built-with Credits
BootStrap - https://getbootstrap.com/ Built-with Credits
jQuery - https://jquery.com/ Built-with Credits
cookie.js - https://github.com/js-cookie/js-cookie Built-with Credits
typeahead.js - http://www.runningcoder.org/jquerytypeahead/ Built-with Credits
highlight.js - https://travis-ci.org/github/highlightjs/highlight.js Built-with Credits
chart.js - https://www.chartjs.org Built-with Credits
slick.js - http://kenwheeler.github.io/slick Built-with Credits
Fingerprintjs2 - https://github.com/Valve/fingerprintjs2 Built-with Credits
wow.js - https://wowjs.uk/ Built-with Credits
pagination.js - https://github.com/superRaytin/paginationjs Built-with Credits
sticky.js - http://stickyjs.com/ Built-with Credits
anijs - https://anijs.github.io/ Built-with Credits
html5shiv - https://github.com/aFarkas/html5shiv Built-with Credits
html2canvas - https://html2canvas.hertzen.com Built-with Credits
css designs - https://codepen.io/FilipVitas Built-with Credits
Image sources: Google search results and https://unsplash.com/ Built-with Credits
animate.css - https://daneden.github.io/animate.css/ Built-with Credits
css table - https://www.smashingmagazine.com/2008/08/top-10-css-table-designs/ Built-with Credits
Responsive circle menu - https://www.jqueryscript.net/blog/best-circle-menu.html Built-with Credits
Ascii art generator - http://patorjk.com/software/taag/ Built-with Credits
GIF creator - https://giphy.com/create/gifmaker/create Built-with Credits
Icons source: https://fontawesome.com/ Built-with Credits