| Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
wiki:resources [2021/09/30 15:09]
admin |
wiki:resources [2021/12/24 02:51] (current)
poortheodore [Other Maintained Blogs/Resource Dumps] added TeachYourselfInfosec |
| * [[https://www.bau.edu.jo/UserPortal/UserProfile/PostsAttach/10617_1870_1.pdf|Computer Networking (PDF)]] | * [[https://www.bau.edu.jo/UserPortal/UserProfile/PostsAttach/10617_1870_1.pdf|Computer Networking (PDF)]] |
| * [[http://2thi.cc/doc/Internetworking_Technology_Handbook.pdf|Internetworking Technology Handbook (PDF)]] | * [[http://2thi.cc/doc/Internetworking_Technology_Handbook.pdf|Internetworking Technology Handbook (PDF)]] |
| * [[https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd|Professor Messer's CompTia Networks+ Course (Youtube)]] | * [[https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G|Professor Messer's CompTia Networks+ Course (Youtube)]] |
| * [[https://www.amazon.com/Computer-Networking-Top-Down-Approach-7th/dp/0133594149/ref=sr_1_1?ie=UTF8&qid=1548385689&sr=8-1&keywords=computer+networking+a+top-down+approach|Computer Networking: A Top Down Approach]] | * [[https://www.amazon.com/Computer-Networking-Top-Down-Approach-7th/dp/0133594149/ref=sr_1_1?ie=UTF8&qid=1548385689&sr=8-1&keywords=computer+networking+a+top-down+approach|Computer Networking: A Top Down Approach]] |
| * [[https://www.amazon.com/Nmap-Cookbook-Network-Security-Scanning/dp/1507781385/ref=sr_1_2?ie=UTF8&qid=1548386520&sr=8-2&keywords=nmap+cookbook|Nmap Cookbook]] | * [[https://www.amazon.com/Nmap-Cookbook-Network-Security-Scanning/dp/1507781385/ref=sr_1_2?ie=UTF8&qid=1548386520&sr=8-2&keywords=nmap+cookbook|Nmap Cookbook]] |
| * [[https://www.amazon.com/Networking-All-One-Dummies-Doug/dp/1119471605/ref=sr_1_2?ie=UTF8&qid=1548386670&sr=8-2&keywords=networking+all+in+one|Networking All-In-One]] | * [[https://www.amazon.com/Networking-All-One-Dummies-Doug/dp/1119471605/ref=sr_1_2?ie=UTF8&qid=1548386670&sr=8-2&keywords=networking+all+in+one|Networking All-In-One]] |
| * Port Forwarding Explanation | * [[wiki:port_forwarding_explanation|Port Forwarding Explanation]] |
| * [[wiki:networktalkwithpyro|Network Talk With Pyro]] | * [[wiki:networktalkwithpyro|Network Talk With Pyro]] |
| |
| ==== Web ==== | ==== Web ==== |
| |
| * [[|OWASP Web Security Testing Guide]] | * [[https://owasp.org/www-project-web-security-testing-guide/|OWASP Web Security Testing Guide]] |
| * [[|BugCrowd University Webinars]] | * [[https://www.bugcrowd.com/hackers/bugcrowd-university|BugCrowd University Webinars]] |
| * [[|PortSwigger Web Security Academy]] | * [[https://portswigger.net/web-security|PortSwigger Web Security Academy]] |
| * [[|Finding LFI and RFI (PDF)]] | * [[http://2thi.cc/doc/Finding_LFI_and_RFI.pdf|Finding LFI and RFI (PDF)]] |
| * [[|OWASP Top 10 2017 (PDF)]] | * [[http://2thi.cc/doc/OWASP_Top_10-2017_(en).pdf|OWASP Top 10 2017 (PDF)]] |
| * [[|Writing JIT-Spray Shellcode (PDF)]] | * [[http://2thi.cc/doc/Writing-JIT-Spray-Shellcode.pdf|Writing JIT-Spray Shellcode (PDF)]] |
| * [[|Kettle SSTI (PDF)]] | * [[http://2thi.cc/doc/us-15-Kettle-Server-Side-Template-Injection-RCE-For-The-Modern-Web-App-wp.pdf|Kettle SSTI (PDF)]] |
| * [[|The Web Application Hacker's Handbook]] | * [[https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=sr_1_2?ie=UTF8&qid=1548385158&sr=8-2&keywords=web+application+hackers+handbook|The Web Application Hacker's Handbook]] |
| * [[|HackTricks Tips and Tricks]] | * [[https://book.hacktricks.xyz/|HackTricks Tips and Tricks]] |
| * [[|Hacker101 Videos and Webinars]] | * [[https://www.hacker101.com/videos|Hacker101 Videos and Webinars]] |
| |
| ==== Exploitation ==== | ==== Exploitation ==== |
| |
| * [[|Starting Reverse Engineering and Malware Analysis]] | * [[https://hshrzd.wordpress.com/how-to-start/|Starting Reverse Engineering and Malware Analysis]] |
| * [[|Escalating Privileges in Linux (PDF)]] | * [[http://2thi.cc/doc/Riscure_Whitepaper_Escalating_Privileges_in_Linux_using_Fault_Injection.pdf|Escalating Privileges in Linux (PDF)]] |
| * [[|Binary Hacking Course]] | * [[https://old.liveoverflow.com/binary_hacking/|Binary Hacking Course]] |
| * [[|Introduction to Software Exploits (PDF)]] | * [[http://opensecuritytraining.info/Exploits1.html|Introduction to Software Exploits (PDF)]] |
| * [[|Smashing the Stack (PDF)]] | * [[http://2thi.cc/doc/Smashing_The_Stack_For_Fun_And_Profit.pdf|Smashing the Stack (PDF)]] |
| * [[|Fuzzing (Repo)]] | * [[https://github.com/secfigo/Awesome-Fuzzing|Fuzzing (Repo)]] |
| * [[|Shellcoder's Handbook]] | * [[https://www.amazon.com/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/047008023X/ref=sr_1_2?ie=UTF8&qid=1548386831&sr=8-2&keywords=shellcoders+handbook|Shellcoder's Handbook]] |
| * [[|Hacking: The Art of Exploitation]] | * [[https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_3?ie=UTF8&qid=1548386831&sr=8-3&keywords=shellcoders+handbook|Hacking: The Art of Exploitation]] |
| * [[|LiveOverflow's Binary Exploitation / Memory Corruption Series (Youtube)]] | * [[https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN|LiveOverflow's Binary Exploitation / Memory Corruption Series (Youtube)]] |
| |
| ==== Reverse Engineering ==== | ==== Reverse Engineering ==== |
| |
| * [[|REing for Beginners (PDF)]] | * [[http://2thi.cc/doc/Reverse_Engineering_For_Beginners-Dennis_Yurichev.pdf|REing for Beginners (PDF)]] |
| * [[|Binary Code Disassembly (PDF)]] | * [[http://2thi.cc/doc/Binary_Code_Disassembly_For_RE.pdf|Binary Code Disassembly (PDF)]] |
| * [[|Machine Level Programming (PDF)]] | * [[http://2thi.cc/doc/04-Machine-Level-Programming-Basics.pdf|Machine Level Programming (PDF)]] |
| * [[|WIN32 RE Cheat Sheet (PDF)]] | * [[http://2thi.cc/doc/x86_Win32_Reverse_Engineering_Cheat_Sheet.pdf|WIN32 RE Cheat Sheet (PDF)]] |
| * [[|RE Malicious Code Tips (PDF)]] | * [[http://2thi.cc/doc/reverse-engineering-malicious-code-tips.pdf|RE Malicious Code Tips (PDF)]] |
| * [[|The Art of Memory Forensics]] | * [[https://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/ref=sr_1_1?ie=UTF8&qid=1548387014&sr=8-1&keywords=art+of+memory+forensics|The Art of Memory Forensics]] |
| * [[|Practical Reverse Engineering]] | * [[https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_2?ie=UTF8&qid=1548387096&sr=8-2&keywords=practical+reverse+engineering|Practical Reverse Engineering]] |
| * [[|Nightmare Bin Exp/Reverse Engineering Intro]] | * [[https://nostarch.com/malware|Practical Malware Analysis]] |
| | * [[https://nostarch.com/binaryanalysis|Practical Binary Analysis]] |
| | * [[https://github.com/guyinatuxedo/nightmare|Nightmare Bin Exp/Reverse Engineering Intro]] |
| | * [[https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426|The Art of Software Security Assessment]] |
| |
| ==== Password Cracking ==== | ==== Password Cracking ==== |
| |
| * [[|Modern Password Cracking (PDF)]] | * [[https://www.ma.rhul.ac.uk/static/techrep/2013/MA-2013-07.pdf|Modern Password Cracking (PDF)]] |
| * [[|Hash Crack: Password Cracking Manual]] | * [[https://www.amazon.com/Hash-Crack-Password-Cracking-Manual/dp/1975924584/ref=sr_1_1?ie=UTF8&qid=1548387205&sr=8-1&keywords=hash+crack|Hash Crack: Password Cracking Manual]] |
| * [[|Directory of default passwords]] | * [[https://cirt.net/passwords|Directory of default passwords]] |
| * [[|Directory of default router passwords]] | * [[https://www.routerpasswords.com/|Directory of default router passwords]] |
| |
| ==== Post-Exploitation ==== | ==== Post-Exploitation ==== |
| |
| * [[|Transferring Files from Linux to Windows (Blog post)]] | * [[https://blog.ropnop.com/transferring-files-from-kali-to-windows/|Transferring Files from Linux to Windows (Blog post)]] |
| |
| ===== Cryptography / Steganography ===== | ===== Cryptography / Steganography ===== |
| |
| * [[|Cracking Codes with Python (eBook)]] | * [[https://inventwithpython.com/cracking/|Cracking Codes with Python (eBook)]] |
| * [[|Introduction to Cryptography]] | * [[https://www.amazon.com/Understanding-Cryptography-Textbook-Students-Practitioners/dp/3642041000/ref=sr_1_1?ie=UTF8&qid=1548387603&sr=8-1&keywords=introduction+to+cryptography|Introduction to Cryptography]] |
| * [[|Cryptography Engineering, Design Principles and Practical Applications]] | * [[https://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246/ref=sr_1_1?ie=UTF8&qid=1548387507&sr=8-1&keywords=cryptography+engineering|Cryptography Engineering, Design Principles and Practical Applications]] |
| * [[|CryptoPals Crypto Challenges]] | * [[https://cryptopals.com/|CryptoPals Crypto Challenges]] |
| * [[|Handbook Of Applied Cryptography (All Chapters Free)]] | * [[http://cacr.uwaterloo.ca/hac/|Handbook Of Applied Cryptography (All Chapters Free)]] |
| |
| ===== RTL-SDR & Radio ===== | ===== RTL-SDR & Radio ===== |
| ==== Linux ==== | ==== Linux ==== |
| |
| * [[|Brand new to Linux? Start here]] | * [[https://dflinux.frama.io/thebeginnershandbook/|Brand new to Linux? Start here]] |
| * [[|Linux Journey (Bare bones Linux)]] | * [[http://linuxjourney.com/|Linux Journey (Bare bones Linux)]] |
| * [[|Linux Basics (Youtube)]] | * [[https://www.youtube.com/playlist?list=PLtK75qxsQaMLZSo7KL-PmiRarU7hrpnwK|Linux Basics (Youtube)]] |
| * [[|Linux Essentials (Youtube)]] | * [[https://www.youtube.com/playlist?list=PLtGnc4I6s8dssa8hF4yMTAa4BrSJCSwux|Linux Essentials (Youtube)]] |
| * [[|The Linux Command Line (Free Book, PDF available)]] | * [[http://linuxcommand.org/tlcl.php|The Linux Command Line (Free Book, PDF available)]] |
| * [[|Webminal (GNU/Linux Online Terminal/Learning Platform)]] | * [[https://webminal.org/|Webminal (GNU/Linux Online Terminal/Learning Platform)]] |
| * [[|Passwordless Linux Tutorial]] | * [[wiki:passwordlesslinux|Passwordless Linux Tutorial]] |
| * [[|Howdy - Windows Hello for Linux]] | * [[wiki:howdyfacialrecognition|Howdy - Windows Hello for Linux]] |
| * [[|See also: BASH Resources]] | * See also: [[wiki:resources#bash|BASH Resources]] |
| * [[|Linux Kernel]] | * [[https://linux-kernel-labs.github.io/refs/heads/master/index.html|Linux Kernel]] |
| |
| ==== Windows ==== | ==== Windows ==== |
| |
| * [[|Powershell Command List]] | * [[https://ss64.com/ps/|Powershell Command List]] |
| |
| ==== BSD ==== | ==== BSD ==== |
| |
| * [[|BSD Resources for Newbies]] | * [[https://www.freebsd.org/projects/newbies.html|BSD Resources for Newbies]] |
| * [[|FreeBSD Handbook]] | * [[https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/|FreeBSD Handbook]] |
| |
| ==== Operating System Concepts and Execution ==== | ==== Operating System Concepts and Execution ==== |
| |
| * [[|OS Dev wiki]] | * [[https://wiki.osdev.org/Expanded_Main_Page|OS Dev wiki]] |
| * [[|Operating Systems: Three Easy Pieces]] (AKA The Comet Book) | * [[http://pages.cs.wisc.edu/~remzi/OSTEP/|Operating Systems: Three Easy Pieces]] (AKA The Comet Book) |
| * [[|Operating System Concepts]] (AKA The Dinosaur Book) | * [[https://www.wiley.com/en-ca/Operating%2BSystem%2BConcepts,%2B10th%2BEdition-p-9781119320913|Operating System Concepts]] (AKA The Dinosaur Book) |
| * [[|Modern Operating Systems]] (A good read after you're comfortable with the concepts) | * [[http://www.amazon.ca/Modern-Operating-Systems-Andrew-Tanenbaum/dp/013359162X|Modern Operating Systems]] (A good read after you're comfortable with the concepts) |
| * [[|Operating Systems Design and Implementation]] (A book about and how to develop Minix) | * [[https://www.amazon.com/Operating-Systems-Design-Implementation-3rd/dp/0131429388|Operating Systems Design and Implementation]] (A book about and how to develop Minix) |
| * [[|The Design and Implementation of the FreeBSD Operating System]] | * [[https://www.amazon.ca/Design-Implementation-FreeBSD-Operating-System/dp/0321968972|The Design and Implementation of the FreeBSD Operating System]] |
| * [[|Think OS; A Brief Introduction to Operating Systems]] | * [[http://www.greenteapress.com/thinkos/index.html|Think OS; A Brief Introduction to Operating Systems]] |
| * [[|The little book about OS development]] | * [[https://littleosbook.github.io/|The little book about OS development]] |
| * [[|Operating Systems: From 0 to 1]] (incomplete book, but still worth a read) | * [[https://tuhdo.github.io/os01/|Operating Systems: From 0 to 1]] (incomplete book, but still worth a read) |
| |
| ===== Computer Architecture ===== | ===== Computer Architecture ===== |
| |
| * [[|nand2tetris]] | * [[https://www.nand2tetris.org/|nand2tetris]] |
| * [[|Intel 64 and IA-32 Architectures Developer's Manual]] | * [[http://www.intel.com/content/www/us/en/architecture-and-technology/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.html|Intel 64 and IA-32 Architectures Developer's Manual]] |
| * [[|AMD Documentation]] | * [[https://developer.amd.com/resources/developer-guides-manuals/|AMD Documentation]] |
| * [[|What Every Programmer Should Know About Memory (PDF)]] | * [[https://people.freebsd.org/~lstewart/articles/cpumemory.pdf|What Every Programmer Should Know About Memory (PDF)]] |
| * [[|MIPS Assembly Track]] | * [[https://exercism.io/tracks/mips|MIPS Assembly Track]] |
| * [[|What's new in CPUs since the 80s?]] | * [[http://danluu.com/new-cpu-features/|What's new in CPUs since the 80s?]] |
| * [[|CS61C Berkley 2015 Lecture PDFs, exercises, and assignments]] | * [[https://inst.eecs.berkeley.edu/~cs61c/sp15/|CS61C Berkley 2015 Lecture PDFs, exercises, and assignments]] |
| |
| ===== Open Source Intelligence (OSINT) ===== | ===== Open Source Intelligence (OSINT) ===== |
| |
| * [[|TraceLabs Resources]] | * [[https://www.tracelabs.org/resources|TraceLabs Resources]] |
| * [[|Search.org Investigative and Forensic Toolbar]] | * [[https://www.search.org/resources/search-investigative-and-forensic-toolbar/|Search.org Investigative and Forensic Toolbar]] |
| * [[|OSINT Framework]] | * [[https://osintframework.com/|OSINT Framework]] |
| * [[|OSINT 101]] | * [[https://blog.appsecco.com/open-source-intelligence-gathering-101-d2861d4429e3?gi=e97a869a3f48|OSINT 101]] |
| * [[|OSINT 201]] | * [[https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544?gi=650e4519d0fe|OSINT 201]] |
| * [[|OSINT Resources for 2019]] | * [[https://medium.com/@micallst/osint-resources-for-2019-b15d55187c3f|OSINT Resources for 2019]] |
| * [[|Intel Techniques]] | * [[https://inteltechniques.com/index.html|Intel Techniques]] |
| * [[|Advanced OSINT Tools]] | * [[https://jakecreps.com/2018/09/28/advanced-osint-tools/|Advanced OSINT Tools]] |
| * [[|Advanced Social Media OSINT]] | * [[https://hunch.ly/osint-webinars/osint-webinar-advanced-social-media-01252019.php|Advanced Social Media OSINT]] |
| * [[|Network Fingerprinting With Maltego (Youtube)]] | * [[https://www.youtube.com/watch?v=hPIhItC-Vr8&|Network Fingerprinting With Maltego (Youtube)]] |
| * [[|AlienVault Open Threat Exchange]] (Threat Intelligence sharing platform) | * [[https://otx.alienvault.com/|AlienVault Open Threat Exchange]] (Threat Intelligence sharing platform) |
| * [[|Torrent download checking by IP Address.]] | * [[https://iknowwhatyoudownload.com/en/peer/|Torrent download checking by IP Address.]] |
| * [[|REST API service registration listing]] | * [[https://github.com/jaegeral/security-apis|REST API service registration listing]] |
| * [[|Profile Picture Generator]] (These people don't exist) | * [[https://thispersondoesnotexist.com/|Profile Picture Generator]] (These people don't exist) |
| * [[|European persons lookup tool]] | * [[https://github.com/lulz3xploit/LittleBrother|European persons lookup tool]] |
| * [[|LinkedIn web scraper]] | * [[https://github.com/0xZDH/BridgeKeeper|LinkedIn web scraper]] |
| * [[|Awesome OSINT research board]] | * [[https://github.com/jivoi/awesome-osint|Awesome OSINT research board]] |
| * [[|Mapping tool with information of locations of cats]] | * [[http://iknowwhereyourcatlives.com/|Mapping tool with information of locations of cats]] |
| * [[|Facebook extraction tool]] | * [[http://le-tools.com/ExtractFace.html|Facebook extraction tool]] |
| * [[|Venmo transaction logs]] (Open API) | * [[https://github.com/sa7mon/venmo-data|Venmo transaction logs]] (Open API) |
| |
| ==== OSINT Start Boards ==== | ==== OSINT Start Boards ==== |
| |
| * [[|General OSINT starting point]] | * [[https://start.me/p/rxRbpo/ti|General OSINT starting point]] |
| * [[|OSINT Web browser extensions]] | * [[https://start.me/p/nRQNRb/addons|OSINT Web browser extensions]] |
| * [[|Dating/Hook-up website listing and tools]] | * [[https://start.me/p/VRxaj5/dating-apps-and-hook-up-sites-for-investigators|Dating/Hook-up website listing and tools]] |
| * [[|Online searchable databases]] | * [[https://start.me/p/QRENnO/databases|Online searchable databases]] |
| * [[|Generic OSINT Board 1]] | * [[https://start.me/p/b5Aow7/asint_collection|Generic OSINT Board 1]] |
| * [[|A list of OSINT/GEOINT/SIGINT/FOSINT tools]] | * [[https://start.me/p/7kxyy2/osint-tools-curated-by-lorand-bodo|A list of OSINT/GEOINT/SIGINT/FOSINT tools]] |
| |
| ===== Social Engineering ===== | ===== Social Engineering ===== |
| |
| * [[|The Social-Engineer Podcast]] | * [[https://www.social-engineer.org/category/podcast/|The Social-Engineer Podcast]] |
| * [[|Software Engineering Toolkit (SET) User Manual (PDF)]] | * [[http://2thi.cc/doc/Social_Engineering_Toolkit_User_Manual.pdf|Software Engineering Toolkit (SET) User Manual (PDF)]] |
| * [[|r/SocialEngineering Subreddit]] | * [[https://www.reddit.com/r/SocialEngineering|r/SocialEngineering Subreddit]] |
| * [[|Social Engineering: The Art of Human Hacking]] | * [[https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=sr_1_2?ie=UTF8&qid=1548388042&sr=8-2&keywords=art+of+human+hacking|Social Engineering: The Art of Human Hacking]] |
| |
| ===== Blue Team / Defensive ===== | ===== Blue Team / Defensive ===== |
| |
| * [[|Ultimate List of SANS cheat sheets]] | * [[https://securityboulevard.com/2020/05/the-ultimate-list-of-sans-cheat-sheets/|Ultimate List of SANS cheat sheets]] |
| * [[|Awesome Sysadmin List]] | * [[https://github.com/n1trux/awesome-sysadmin|Awesome Sysadmin List]] |
| * [[|Security Engineering: A guide to building dependable distributed systems]] | * [[https://www.cl.cam.ac.uk/~rja14/book.html|Security Engineering: A guide to building dependable distributed systems]] |
| * [[|Security Hardening for CentOS 7]] | * [[https://highon.coffee/blog/security-harden-centos-7/|Security Hardening for CentOS 7]] |
| * [[|13cubed]] | * [[https://www.13cubed.com/|13cubed]] |
| |
| ==== Dev Ops Testing ==== | ==== Dev Ops Testing ==== |
| |
| * [[|SecureCodeBox Tool-chain for scanning software and orchestrating automated security testing.]] | * [[https://github.com/secureCodeBox/secureCodeBox|SecureCodeBox Tool-chain for scanning software and orchestrating automated security testing.]] |
| |
| ==== Tools ==== | ==== Tools ==== |
| === Windows === | === Windows === |
| |
| * [[|HardenTools Basic feature disablement tool]] | * [[https://github.com/securitywithoutborders/hardentools|HardenTools Basic feature disablement tool]] |
| |
| === Unix/Linux === | === Unix/Linux === |
| |
| * [[|JShielder L[A|E]MP deployer and CIS benchmarker]] | * [[https://github.com/Jsitech/JShielder|JShielder L[A|E]MP deployer and CIS benchmarker]] |
| * [[|CIS implementation Puppet Module]] | * [[https://github.com/arildjensen/cis-puppet|CIS implementation Puppet Module]] |
| * [[|Stonix Hardening Tool]] (Los Alamos) | * [[https://github.com/CSD-Public/stonix|Stonix Hardening Tool]] (Los Alamos) |
| |
| === MacOS === | === MacOS === |
| === Multiple === | === Multiple === |
| |
| * [[|OpenSCAP Workbench]] | * [[https://www.open-scap.org/tools/scap-workbench/|OpenSCAP Workbench]] |
| * [[|NSA SIMP Systems automation and configuration management utilities]] | * [[https://www.simp-project.com/|NSA SIMP Systems automation and configuration management utilities]] |
| * [[|Lynis Automated Security Auditing Tool w/ compliance testing]] (Linux/MacOS) | * [[https://github.com/CISOfy/lynis|Lynis Automated Security Auditing Tool w/ compliance testing]] (Linux/MacOS) |
| * [[|Nessus Automated Auditing]] | * [[https://www.tenable.com/products/nessus|Nessus Automated Auditing]] |
| |
| === Other (Cloud/Hypervisor) === | === Other (Cloud/Hypervisor) === |
| |
| * [[|Zeus AWS Auditing Tool]] | * [[https://github.com/DenizParlak/Zeus|Zeus AWS Auditing Tool]] |
| * [[|VMWare Hypervisor hardening]] | * [[https://www.vmware.com/security/hardening-guides.html|VMWare Hypervisor hardening]] |
| |
| ===== Online Tools ===== | ===== Online Tools ===== |
| |
| * [[|Crackstation]] | * [[http://crackstation.net/|Crackstation]] |
| * [[|Hash Analyzer]] | * [[https://www.tunnelsup.com/hash-analyzer/|Hash Analyzer]] |
| * [[|Hash Type Check Tool]] | * [[https://md5hashing.net/hash_type_checker|Hash Type Check Tool]] |
| * [[|Reverse MD5 Lookup]] | * [[https://md5.gromweb.com/?md5=f25a2fc72690b780b2a14e140ef6a9e0|Reverse MD5 Lookup]] |
| * [[|Reverse SHA1 Lookup]] | * [[https://sha1.gromweb.com/|Reverse SHA1 Lookup]] |
| * [[|Converter that supports many encodings/cyphers]] | * [[https://cryptii.com/|Converter that supports many encodings/cyphers]] |
| * [[|Repl.it Online development environment, supports multiple languages]] | * [[https://repl.it/|Repl.it Online development environment, supports multiple languages]] |
| * [[|CyberChef Swiss Army Knife Code-breaking and parsing]] | * [[https://gchq.github.io/CyberChef/|CyberChef Swiss Army Knife Code-breaking and parsing]] |
| * [[|Online Interpreters]] | * [[https://tio.run/|Online Interpreters]] |
| * [[|Piet]] | * [[http://www.bertnase.de/npiet/npiet-execute.php|Piet]] |
| * [[|SSH Policy Scanner]] | * [[https://github.com/mozilla/ssh_scan|SSH Policy Scanner]] |
| * [[|Cipher Policy Scanner]] | * [[https://github.com/mozilla/cipherscan|Cipher Policy Scanner]] |
| |
| ===== Tools ===== | ===== Tools ===== |
| |
| * [[|StegHide]] | * [[http://steghide.sourceforge.net/|StegHide]] |
| * [[|NMAP]] | * [[https://nmap.org/|NMAP]] |
| * [[|Fiddler]] | * [[https://www.telerik.com/fiddler|Fiddler]] |
| * [[|Wireshark]] | * [[https://www.wireshark.org/|Wireshark]] |
| * [[|Metasploit]] | * [[http://www.metasploit.com/|Metasploit]] |
| * [[|Nikto]] | * [[https://cirt.net/Nikto2|Nikto]] |
| * [[|JTR]] | * [[https://www.openwall.com/john/|JTR]] |
| * [[|Burp Suite]] | * [[https://portswigger.net/burp/communitydownload|Burp Suite]] |
| * [[|OpenVAS]] | * [[https://sectools.org/tool/openvas/|OpenVAS]] |
| * [[|Aircrack-NG]] | * [[http://aircrack-ng.org/|Aircrack-NG]] |
| * [[|Kismet]] | * [[https://kismetwireless.net/|Kismet]] |
| * [[|SpiderFoot]] | * [[https://www.spiderfoot.net/|SpiderFoot]] |
| * [[|THC-Hydra]] | * [[https://github.com/vanhauser-thc/thc-hydra|THC-Hydra]] |
| * [[|PWNTools]] | * [[https://github.com/arthaud/python3-pwntools|PWNTools]] |
| * [[|Clusterfuzz]] (Google's Web Fuzzer) | * [[https://github.com/google/clusterfuzz|Clusterfuzz]] (Google's Web Fuzzer) |
| * [[|Tulpar]] | * [[https://github.com/tulpar/tulpar|Tulpar]] |
| * [[|CypherScan]] | * [[https://github.com/mozilla/cipherscan|CypherScan]] |
| * [[|SQLite Browser - graphical SQLite database viewer]] | * [[https://sqlitebrowser.org/|SQLite Browser - graphical SQLite database viewer]] |
| * [[|GoBuster, URI Fuzzer]] | * [[https://github.com/OJ/gobuster|GoBuster, URI Fuzzer]] |
| * [[|Zsteg]] | * [[https://github.com/zed-0xff/zsteg|Zsteg]] |
| * [[|SQL Map]] | * [[https://github.com/sqlmapproject/sqlmap|SQL Map]] |
| * [[|Hashcat, password cracker]] | * [[https://github.com/hashcat/hashcat|Hashcat, password cracker]] |
| * [[|Maltego]] | * [[https://www.maltego.com/?utm_source=paterva.com&utm_medium=referral&utm_campaign=301|Maltego]] |
| * [[|Ettercap MITM tool]] | * [[https://www.ettercap-project.org/|Ettercap MITM tool]] |
| * [[|HxD Hex Editor]] | * [[https://mh-nexus.de/en/hxd/|HxD Hex Editor]] |
| * [[|ExifTool]] | * [[https://github.com/exiftool/exiftool|ExifTool]] |
| * [[|Link Finder Utility to parse all JS on a page for links]] | * [[https://github.com/GerbenJavado/LinkFinder|Link Finder Utility to parse all JS on a page for links]] |
| |
| ===== Other Maintained Blogs/Resource Dumps ===== | ===== Other Maintained Blogs/Resource Dumps ===== |
| |
| * [[|The InfoSec Institute]] | * [[https://resources.infosecinstitute.com/|The InfoSec Institute]] |
| * [[|Swissky's Payload All The Things]] | * [[https://github.com/swisskyrepo/PayloadsAllTheThings|Swissky's Payload All The Things]] |
| * [[|IOT Security 101]] | * [[https://github.com/V33RU/IoTSecurity101|IOT Security 101]] |
| * [[|Free computer books, lectures, whitepapers, etc.]] | * [[https://freecomputerbooks.com/|Free computer books, lectures, whitepapers, etc.]] |
| | * [[https://www.ired.team/|Redteaming notes by @spottheplanet on twitter]] |
| | * [[https://teachyourselfinfosec.com/|Teach Yourself Infosec]] |
| * “Awesome Lists” | * “Awesome Lists” |
| * [[|Master List]] | * [[https://github.com/sindresorhus/awesome#security|Master List]] |
| * [[|Mobile Security]] | * [[https://github.com/vaib25vicky/awesome-mobile-security|Mobile Security]] |
| * [[|Forensics]] | * [[https://github.com/cugu/awesome-forensics|Forensics]] |
| |
| ===== Miscellaneous ===== | ===== Miscellaneous ===== |
| |
| * [[|The LHC Discord Server]] | * [[https://discord.gg/4YqpTVX|The LHC Discord Server]] |
| * [[|Five Things Every Pen Tester Should Know About Working with Lawyers]] | * [[https://www.sans.org/offensive-operations/blog/2014/06/04/five-things-every-pen-tester-should-know-about-working-with-lawyers|Five Things Every Pen Tester Should Know About Working with Lawyers]] |
| * [[|Vuln Hub Boxes]] | * [[http://vulnhub.com/|Vuln Hub Boxes]] |
| * [[|Don't Bother Using a VPN]] | * [[https://gist.github.com/joepie91/5a9909939e6ce7d09e29|Don't Bother Using a VPN]] |
| * [[|Security and Hacking Conferences]] | * Security and Hacking Conferences - page currently down. ETA October 15th 2021 |
| * [[|Proof-of-Concept or GTFO]] | * [[https://www.alchemistowl.org/pocorgtfo/|Proof-of-Concept or GTFO]] |
| * [[|An Introduction to Ray Tracing (Free Book)]] | * [[http://www.realtimerendering.com/blog/an-introduction-to-ray-tracing-is-now-free-for-download/|An Introduction to Ray Tracing (Free Book)]] |
| * [[|A challenge for wannabe Linux System Administrators]] | * [[wiki:challenges:linuxsysadmin|A challenge for wannabe Linux System Administrators]] |
| * [[|Lowebrew's Lair of Resources]] | * [[blogs:lowebrew_lair|Lowebrew's Lair of Resources]] |
| * [[|Logic Design with Darkium]] | * [[wiki:resources:fileformats|File Formats and structure]] |
| * [[|File Formats and structure]] | * [[https://hackerspaces.org/|hackerspaces]] |
