Books
The Hacker Playbook 2: Practical Guide To Penetration Testing
The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy
Breaking into Information Security: Learning the Ropes 101
Penetration Testing: A Hands-On Introduction to Hacking
Social Engineering: The Art of Human Hacking
Hacking: The Art of Exploitation, 2nd Edition
Web Hacking 101
OWASP Testing Guide (A must read for web application developers and penetration testers)
The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
The Basics of Web Hacking: Tools and Techniques to Attack the Web
Learning Platforms to Sharpen Your Skills
Online
Name Description CTF Hacker101 The Hacker101 CTF is a game designed to let you learn to hack in a safe, rewarding environment. Hacker101 is a free educational site for hackers. Hack The Box :: Penetration Testing Labs An online platform to test and advance your skills in penetration testing and cyber security. Join today and start training in our online labs. TryHackMe TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. CTF365 An account based ctf site, awarded by Kaspersky, MIT, T-Mobile. Backdoor Pen testing labs that have a space for beginners, a practice arena and various competitions, account required. Hack.me Lets you build/host/attack vulnerable web apps. CTFLearn An account-based ctf site, where users can go in and solve a range of challenges. OWASP Vulnerable Web Applications Directory Project (Online) List of online available vulnerable applications for learning purposes. Pentestit labs Hands-on Pentesting Labs (OSCP style) Root-me.org Hundreds of challenges are available to train yourself in different and not simulated environments Vulnhub.com Vulnerable By Design VMs for practical ‘hands-on’ experience in digital security Windows / Linux Local Privilege Escalation Workshop Practice your Linux and Windows privilege escalation. Hacking Articles CTF Breif Write up collection with a lot of screenshots good for beggainers. Rafay Hacking Articles, a great blog Write up collections by Rafay Baloch. PentesterLab 20$ signature, complete content basic to write exploits, web, android. CyberSec WTF Emulated web pentesting challenges from bounty write-ups
Off-Line
Vulnerable Machines/Websites
FiringRange
Vulnerability Databases And Resources
Vulnerability Databases are the first place to start your day as a security professional. Any new vulnerability detection is generally available through the public vulnerability databases. These databases are a big source of information for hackers to be able to understand and exploit/avoid/fix the vulnerability.
http://www.exploit-db.com/
http://1337day.com/
http://securityvulns.com/
http://www.securityfocus.com/
http://www.osvdb.org/
http://www.securiteam.com/
http://secunia.com/advisories/
http://insecure.org/sploits_all.html
http://zerodayinitiative.com/advisories/published/
http://nmrc.org/pub/index.html
http://web.nvd.nist.gov
http://www.vupen.com/english/security-advisories/
http://www.vupen.com/blog/
http://cvedetails.com/
http://www.rapid7.com/vulndb/index.jsp
http://oval.mitre.org/
http://sploitus.com/
http://cxsecurity.com/
Malware Analysis
Linux Penetration Testing OS
Name Description Kali the infamous pentesting distro from the folks at Offensive Security Parrot Debian includes full portable lab for security, DFIR, and development Android Tamer Android Tamer is a Virtual / Live Platform for Android Security professionals. BlackArch Arch Linux based pentesting distro, compatible with Arch installs LionSec Linux pentesting OS based on Ubuntu
Courses
Computer Systems Security, MIT cisco’s cources cybrary hackers academy
For those who want to do CEH, the following links are for you.
CBT Nuggets CEH Training CEH Books Guide to Binary Exploitation
Workshops/Playlists
Web Hacking Ethical Hacking, A Comprehensive Playlist covering almost everything
Security Talks and Conferences
InfoCon – Hacking Conference Archive Curated list of Security Talks and Videos Blackhat Defcon Security Tube Kevin Mitnick: Live Hack at CeBIT Ghost in the Cloud, Kevin Mitnick Kevin Mitnick | Talks at Google Complete Free Hacking Course: Go from Beginner to Expert Hacker Today
YouTube Channels
Now let’s get Towards YouTube Channel Links… These Channels are Shared By Hackers where They Upload their Video POCs.. Watching them u can actually understand how to demonstrate these type of attacks…
LiveOverflow Black Hat Injector Pca Hisham Mir Devil Killer Suleman Malik Dem0n Frans Rosén HackerOne ak1t4 machine Shawar Khan vulnerability0lab Bugcrowd Vijay Kumar Web Development Tutorials Jan Wikholm Bhargav Tandel ErrOr SquaD SecurityIdiots Penetration Testing in Linux Hussnain Fareed Null Byte ZAID vabs tutorial the cyber mentor PwnFunction
Any Channel Link Missing? Kindly add it in Comments
Forums
Name Description 0x00sec hacker, malware, computer engineering, Reverse engineering Antichat russian based forum CODEBY.NET hacker, WAPT, malware, computer engineering, Reverse engineering, forensics – russian based forum EAST Exploit database exploit DB for commercial exploits written for EAST Pentest Framework Greysec hacking and security forum Hackforums posting webstite for hacks/exploits/various discussion
