====== Resources ====== ===== Full Programs ===== * [[https://www.cyberaces.org/|Cyber Aces]] * [[http://opensecuritytraining.info/|Open Security Training]] * [[https://www.cybrary.it/|Cybrary]] * [[https://www.khanacademy.org/computing/ap-computer-science-principles|Khan Academy]] * [[https://missing.csail.mit.edu/|Hacker Tools MIT Lecture Series]] ===== Capture the Flag Games ===== * [[https://trailofbits.github.io/ctf/|General CTF Field Guide]] * [[https://ctf.laptophackingcoffee.org/|LHC CTF (under maintenence)]] * [[https://pwnable.tw/|Pwnable.tw]] * [[http://pwnable.kr/|Pwnable.kr]] * [[https://pwnable.xyz/|Pwnable.xyz]] * [[https://hackable.ca/|Hackable.ca]] * [[https://www.hackthebox.eu/|HackTheBox]] * [[https://www.root-me.org/|Root-Me]] * [[http://neverlanctf.com/|NeverLanCTF]] * [[https://angstromctf.com/|AngstromCTF]] * [[http://smashthestack.org/|SmashTheStack]] * [[https://www.hackthissite.org/|HackThisSite]] * DeadCTF (ironically dead) * [[https://ringzer0ctf.com/|RingZer0Team]] * CTF 365 (dead) * [[https://ctf.nullcon.net/|Nullcon]] * [[https://thisislegal.com/|This Is Legal]] * [[https://overthewire.org/wargames/|Over The Wire]] * [[http://training.zempirians.com/|Zempirians Pre-Vulnerable Environments]] * [[https://www.enigmagroup.org/|Enigma Group]] * [[https://w3challs.com/|W3 Challs]] * [[https://zenk-security.com/|Zenk Security]] * [[https://www.newbiecontest.org/|Newbie Contest]] * [[https://alf.nu/|Alert 1 and Return true]] * [[http://www.try2hack.nl/|Try2Hack]] * [[https://joincyberdiscovery.com/|CyberDiscovery (SANS)]] * [[https://defendtheweb.net/?hackthis|HackThis!!]] * [[https://365.csaw.io/|CSAW 365]] * [[https://github.com/BSidesPDX/CTF-2018/blob/master/README.md|BSidesPDX 2018]] * [[https://picoctf.org/|picoCTF]] * [[https://hardflag.q3k.org/|HardFlag]] Hardware CTF * [[http://vulnhub.com/|Vulnhub]] * [[https://cryptohack.org/|Cryptohack]] Cryptography focused * [[https://tryhackme.com/|TryHackMe]] ===== Programming/Coding ===== ==== Generic / Multiple Languages ==== === Tutorials === * [[https://www.codecademy.com/|Code Academy]] * [[https://www.codesdope.com/|Codes Dope]] * [[https://www.udemy.com/|Udemy]] * [[https://cses.fi/book/book.pdf|Competitive Programmer’s Handbook]] === Challenges === * [[https://www.codewars.com/|Code Wars]] * [[http://www.microcontest.com/index.php|Micro Contest]] * [[https://exercism.io/|Exercism]] === University Content === * [[https://www.edx.org/|EDX]] * [[https://ocw.mit.edu/index.htm|MIT Open Course Ware]] * [[https://missing.csail.mit.edu/|The Missing Semester of Your CS Education: Shells, environments, IDEs, debugging, and then some.]] === Books === * [[https://github.com/EbookFoundation/free-programming-books/blob/master/free-programming-books.md|Ebook Foundation (Git Repo)]] * [[https://www.ossblog.org/opensourcebooks/|Open Source Software Blog]] * [[https://mixmastamyk.bitbucket.io/pro_soft_dev/index.html|Professional Software Development]] * [[http://greenteapress.com/wp/think-data-structures/|Think Data Structures]] * [[https://people.mpi-inf.mpg.de/~mehlhorn/Toolbox.html|Algorithms and Data Structures: The Basic Toolbox]] === Miscellaneous Languages === * [[https://erkaman.github.io/posts/beginner_computer_graphics.html|Start Learning Computer Graphics Programming]] * [[https://phpapprentice.com/|PHP Apprentice]] * [[https://www.hpl.hp.com/techreports/2009/HPL-2009-259html.html|Threads Basics]] * [[https://www.fast.ai/2019/01/24/course-v3/|Practical Deep Learning for Coders]] ==== Python ==== === Tutorials === * [[https://docs.python.org/3/tutorial/index.html|Start Here with the official Python 3 tutorial]] * [[https://www.youtube.com/playlist?list=PL-osiE80TeTt2d9bfVyTiXJA-UTHn6WwU|Python Tutorials - Corey Schafer (Youtube)]] Comprehensive series that starts with basics and includes a dive into Flask and Django web frameworks. * [[https://docs.python-guide.org/intro/learning/|More Tutorials]] * [[https://realpython.com/start-here/|Real Python Tutorials]] * [[http://www.youtube.com/playlist?list=PL6gx4Cwl9DGCbpkBEMiCaiu_3OL-_Bz_8|Python Reverse Shells - thenewboston (Youtube Playlist, 15 videos)]] === Free Books === * [[https://automatetheboringstuff.com/|Automate the Boring Stuff With Python]] by Al Sweigart. * [[https://docs.python-guide.org/|The Hitchhiker's Guide to Python]] by Kenneth Reitz and Tanya Schlusser. * [[https://greenteapress.com/wp/think-python-2e/|Think Python, 2nd Edition]] by Allen B. Downey. 2nd Edition uses Python 3. This book was previously called “How to Think Like a Computer Scientist: Learning with Python”. * [[https://python-3-patterns-idioms-test.readthedocs.io/en/latest/index.html|Python 3 Patterns, Recipes and Idioms]] * [[https://python.swaroopch.com/|A Byte of Python]] === Developer References === * [[https://docs.python.org/3/|Official Python 3 Documentation]] * [[https://learnxinyminutes.com/docs/python/|Learn Python 3 in Y Minutes.]] Excellent for looking up syntax in a single page. * [[https://book.pythontips.com/en/latest/index.html|Python Tips]] === Podcasts === * [[https://talkpython.fm/|Talk Python To Me]] * [[https://pythonbytes.fm/|Python Bytes]] ==== C / C++ ==== === Developer References === * [[https://devdocs.io/c/|DevDocs]] * [[https://cplusplus.com/|CPP]] === Tutorials === * [[https://www.youtube.com/watch?v=l64ySYHmMmY&gl=US&hl=en|Fork and Exec Linux Programming (Youtube)]] * [[https://www.learn-c.org/|Learn C]] * [[https://fresh2refresh.com/c-programming/|Fresh 2 Refresh]] * [[https://www.learncpp.com/|Learn C++]] * [[https://www.learn-cpp.org/|Learn-C++]] === Books === * [[https://www.ossblog.org/learn-c-programming-with-9-excellent-open-source-books/|OSS Suggestions]] * [[https://www.amazon.com/Programming-Language-2nd-Brian-Kernighan/dp/0131103628|The C Programming Language]] (don't make this your first) * [[https://www.amazon.com/Head-First-C-Brain-Friendly-Guide/dp/1449399916/ref=sr_1_2?keywords=head+first+C&qid=1558403536&s=books&sr=1-2|Head First C]] * [[https://icps.icube.unistra.fr/index.php/File:ModernC.pdf|Modern C]] * [[https://publications.gbdirect.co.uk//c_book/|The C Book]] * [[https://www.amazon.ca/C-Programming-Language-4th/dp/0321563840|The C++ Programming Language]] * [[https://books.goalkicker.com/CPlusPlusBook/|C++ Notes for Professionals]] ==== Java ==== === Developer References === * [[https://docs.oracle.com/en/java/javase/11/docs/api/index.html|JavaDoc 11]] * [[https://docs.oracle.com/javase/specs/jls/se11/html/index.html|JSE specifications]] * [[https://docs.oracle.com/javase/tutorial/|Oracle Tutorials]] (they're pretty eh tbh) === Tutorials === * [[https://www.youtube.com/watch?v=Hl-zzrqQoSE&list=PLFE2CE09D83EE3E28|Basic Java (Youtube)]] * [[https://www.youtube.com/watch?v=TBWX97e1E9g&list=PLE7E8B7F4856C9B19|Another Basic Java (Youtube)]] === Books === * [[https://www.amazon.com/Head-First-Java-Kathy-Sierra/dp/0596009208/ref=sr_1_1?keywords=head+first+java&qid=1556909087&s=books&sr=1-1|Head First Java]] * [[https://www.amazon.com/Intro-Java-Programming-Comprehensive-Version/dp/0133761312|Intro to Java]] * [[https://www.amazon.com/Data-Structures-Algorithms-Michael-Goodrich/dp/1118771338/ref=sr_1_8?crid=17LYC0KSCCYZL&keywords=java+data+structures+and+algorithms&qid=1558318712&s=books&sprefix=java+data%2Cstripbooks%2C185&sr=1-8|Java data structures and algorithms]] * [[https://nostarch.com/learnjava|Learn Java (No Starch Press)]] ==== JavaScript ==== === Random useful FAQ bits === * [[https://github.com/lydiahallie/javascript-questions|Ongoing series of questions in a quiz-like manner with answers]] ==== Bash ==== === Useful Tools and Articles === * [[https://explainshell.com/|Shell Command Analyzer]] * [[https://www.shellcheck.net/|Shell Check]] * [[https://wiki.bash-hackers.org/start&1366709878|Bash Hackers Wiki]] * [[https://courses.cs.washington.edu/courses/cse390a/14au/bash.html|Bash Command List]] === Tutorials === * [[https://www.youtube.com/playlist?list=PLtK75qxsQaMIlFCcFZpTBLnaCJ0I0uiaY|Bash Scripting 101 (Youtube)]] === Free Books === * [[https://tldp.org/LDP/Bash-Beginners-Guide/html/index.html|Bash Guide for Beginners]] * [[https://tldp.org/LDP/abs/html/|Advanced Bash-Scripting Guide]] * [[http://tecmint.tradepub.com/free/w_wile48/?p=w_wile48|Shell Scripting: Expert Recipes...]] * [[http://tecmint.tradepub.com/free/w_pack42/prgm.cgi|Linux Shell Scripting Cookbook, Second Edition]] * [[http://linuxcommand.org/tlcl.php|The Linux Command Line: A Complete Introduction]] ===== Networking ===== * [[https://www.bau.edu.jo/UserPortal/UserProfile/PostsAttach/10617_1870_1.pdf|Computer Networking (PDF)]] * [[http://2thi.cc/doc/Internetworking_Technology_Handbook.pdf|Internetworking Technology Handbook (PDF)]] * [[https://youtube.com/playlist?list=PLG49S3nxzAnlCJiCrOYuRYb6cne864a7G|Professor Messer's CompTia Networks+ Course (Youtube)]] * [[https://www.amazon.com/Computer-Networking-Top-Down-Approach-7th/dp/0133594149/ref=sr_1_1?ie=UTF8&qid=1548385689&sr=8-1&keywords=computer+networking+a+top-down+approach|Computer Networking: A Top Down Approach]] * [[https://www.amazon.com/Nmap-Cookbook-Network-Security-Scanning/dp/1507781385/ref=sr_1_2?ie=UTF8&qid=1548386520&sr=8-2&keywords=nmap+cookbook|Nmap Cookbook]] * [[https://www.amazon.com/Networking-All-One-Dummies-Doug/dp/1119471605/ref=sr_1_2?ie=UTF8&qid=1548386670&sr=8-2&keywords=networking+all+in+one|Networking All-In-One]] * [[wiki:port_forwarding_explanation|Port Forwarding Explanation]] * [[wiki:networktalkwithpyro|Network Talk With Pyro]] ===== Hacking ===== ==== Web ==== * [[https://owasp.org/www-project-web-security-testing-guide/|OWASP Web Security Testing Guide]] * [[https://www.bugcrowd.com/hackers/bugcrowd-university|BugCrowd University Webinars]] * [[https://portswigger.net/web-security|PortSwigger Web Security Academy]] * [[http://2thi.cc/doc/Finding_LFI_and_RFI.pdf|Finding LFI and RFI (PDF)]] * [[http://2thi.cc/doc/OWASP_Top_10-2017_(en).pdf|OWASP Top 10 2017 (PDF)]] * [[http://2thi.cc/doc/Writing-JIT-Spray-Shellcode.pdf|Writing JIT-Spray Shellcode (PDF)]] * [[http://2thi.cc/doc/us-15-Kettle-Server-Side-Template-Injection-RCE-For-The-Modern-Web-App-wp.pdf|Kettle SSTI (PDF)]] * [[https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=sr_1_2?ie=UTF8&qid=1548385158&sr=8-2&keywords=web+application+hackers+handbook|The Web Application Hacker's Handbook]] * [[https://book.hacktricks.xyz/|HackTricks Tips and Tricks]] * [[https://www.hacker101.com/videos|Hacker101 Videos and Webinars]] ==== Exploitation ==== * [[https://hshrzd.wordpress.com/how-to-start/|Starting Reverse Engineering and Malware Analysis]] * [[http://2thi.cc/doc/Riscure_Whitepaper_Escalating_Privileges_in_Linux_using_Fault_Injection.pdf|Escalating Privileges in Linux (PDF)]] * [[https://old.liveoverflow.com/binary_hacking/|Binary Hacking Course]] * [[http://opensecuritytraining.info/Exploits1.html|Introduction to Software Exploits (PDF)]] * [[http://2thi.cc/doc/Smashing_The_Stack_For_Fun_And_Profit.pdf|Smashing the Stack (PDF)]] * [[https://github.com/secfigo/Awesome-Fuzzing|Fuzzing (Repo)]] * [[https://www.amazon.com/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/047008023X/ref=sr_1_2?ie=UTF8&qid=1548386831&sr=8-2&keywords=shellcoders+handbook|Shellcoder's Handbook]] * [[https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ref=sr_1_3?ie=UTF8&qid=1548386831&sr=8-3&keywords=shellcoders+handbook|Hacking: The Art of Exploitation]] * [[https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN|LiveOverflow's Binary Exploitation / Memory Corruption Series (Youtube)]] ==== Reverse Engineering ==== * [[http://2thi.cc/doc/Reverse_Engineering_For_Beginners-Dennis_Yurichev.pdf|REing for Beginners (PDF)]] * [[http://2thi.cc/doc/Binary_Code_Disassembly_For_RE.pdf|Binary Code Disassembly (PDF)]] * [[http://2thi.cc/doc/04-Machine-Level-Programming-Basics.pdf|Machine Level Programming (PDF)]] * [[http://2thi.cc/doc/x86_Win32_Reverse_Engineering_Cheat_Sheet.pdf|WIN32 RE Cheat Sheet (PDF)]] * [[http://2thi.cc/doc/reverse-engineering-malicious-code-tips.pdf|RE Malicious Code Tips (PDF)]] * [[https://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/ref=sr_1_1?ie=UTF8&qid=1548387014&sr=8-1&keywords=art+of+memory+forensics|The Art of Memory Forensics]] * [[https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_2?ie=UTF8&qid=1548387096&sr=8-2&keywords=practical+reverse+engineering|Practical Reverse Engineering]] * [[https://nostarch.com/malware|Practical Malware Analysis]] * [[https://nostarch.com/binaryanalysis|Practical Binary Analysis]] * [[https://github.com/guyinatuxedo/nightmare|Nightmare Bin Exp/Reverse Engineering Intro]] * [[https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426|The Art of Software Security Assessment]] ==== Password Cracking ==== * [[https://www.ma.rhul.ac.uk/static/techrep/2013/MA-2013-07.pdf|Modern Password Cracking (PDF)]] * [[https://www.amazon.com/Hash-Crack-Password-Cracking-Manual/dp/1975924584/ref=sr_1_1?ie=UTF8&qid=1548387205&sr=8-1&keywords=hash+crack|Hash Crack: Password Cracking Manual]] * [[https://cirt.net/passwords|Directory of default passwords]] * [[https://www.routerpasswords.com/|Directory of default router passwords]] ==== Post-Exploitation ==== * [[https://blog.ropnop.com/transferring-files-from-kali-to-windows/|Transferring Files from Linux to Windows (Blog post)]] ===== Cryptography / Steganography ===== * [[https://inventwithpython.com/cracking/|Cracking Codes with Python (eBook)]] * [[https://www.amazon.com/Understanding-Cryptography-Textbook-Students-Practitioners/dp/3642041000/ref=sr_1_1?ie=UTF8&qid=1548387603&sr=8-1&keywords=introduction+to+cryptography|Introduction to Cryptography]] * [[https://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246/ref=sr_1_1?ie=UTF8&qid=1548387507&sr=8-1&keywords=cryptography+engineering|Cryptography Engineering, Design Principles and Practical Applications]] * [[https://cryptopals.com/|CryptoPals Crypto Challenges]] * [[http://cacr.uwaterloo.ca/hac/|Handbook Of Applied Cryptography (All Chapters Free)]] ===== RTL-SDR & Radio ===== * https://hackmethod.com/hacking-mifare-rfid-2/ * https://www.researchgate.net/publication/326560663_Challenge_RFID_Hacking_for_Fun_and_Profit ===== Operating Systems ===== ==== Linux ==== * [[https://dflinux.frama.io/thebeginnershandbook/|Brand new to Linux? Start here]] * [[http://linuxjourney.com/|Linux Journey (Bare bones Linux)]] * [[https://www.youtube.com/playlist?list=PLtK75qxsQaMLZSo7KL-PmiRarU7hrpnwK|Linux Basics (Youtube)]] * [[https://www.youtube.com/playlist?list=PLtGnc4I6s8dssa8hF4yMTAa4BrSJCSwux|Linux Essentials (Youtube)]] * [[http://linuxcommand.org/tlcl.php|The Linux Command Line (Free Book, PDF available)]] * [[https://webminal.org/|Webminal (GNU/Linux Online Terminal/Learning Platform)]] * [[wiki:passwordlesslinux|Passwordless Linux Tutorial]] * [[wiki:howdyfacialrecognition|Howdy - Windows Hello for Linux]] * See also: [[wiki:resources#bash|BASH Resources]] * [[https://linux-kernel-labs.github.io/refs/heads/master/index.html|Linux Kernel]] ==== Windows ==== * [[https://ss64.com/ps/|Powershell Command List]] ==== BSD ==== * [[https://www.freebsd.org/projects/newbies.html|BSD Resources for Newbies]] * [[https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/|FreeBSD Handbook]] ==== Operating System Concepts and Execution ==== * [[https://wiki.osdev.org/Expanded_Main_Page|OS Dev wiki]] * [[http://pages.cs.wisc.edu/~remzi/OSTEP/|Operating Systems: Three Easy Pieces]] (AKA The Comet Book) * [[https://www.wiley.com/en-ca/Operating%2BSystem%2BConcepts,%2B10th%2BEdition-p-9781119320913|Operating System Concepts]] (AKA The Dinosaur Book) * [[http://www.amazon.ca/Modern-Operating-Systems-Andrew-Tanenbaum/dp/013359162X|Modern Operating Systems]] (A good read after you're comfortable with the concepts) * [[https://www.amazon.com/Operating-Systems-Design-Implementation-3rd/dp/0131429388|Operating Systems Design and Implementation]] (A book about and how to develop Minix) * [[https://www.amazon.ca/Design-Implementation-FreeBSD-Operating-System/dp/0321968972|The Design and Implementation of the FreeBSD Operating System]] * [[http://www.greenteapress.com/thinkos/index.html|Think OS; A Brief Introduction to Operating Systems]] * [[https://littleosbook.github.io/|The little book about OS development]] * [[https://tuhdo.github.io/os01/|Operating Systems: From 0 to 1]] (incomplete book, but still worth a read) ===== Computer Architecture ===== * [[https://www.nand2tetris.org/|nand2tetris]] * [[http://www.intel.com/content/www/us/en/architecture-and-technology/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.html|Intel 64 and IA-32 Architectures Developer's Manual]] * [[https://developer.amd.com/resources/developer-guides-manuals/|AMD Documentation]] * [[https://people.freebsd.org/~lstewart/articles/cpumemory.pdf|What Every Programmer Should Know About Memory (PDF)]] * [[https://exercism.io/tracks/mips|MIPS Assembly Track]] * [[http://danluu.com/new-cpu-features/|What's new in CPUs since the 80s?]] * [[https://inst.eecs.berkeley.edu/~cs61c/sp15/|CS61C Berkley 2015 Lecture PDFs, exercises, and assignments]] ===== Open Source Intelligence (OSINT) ===== * [[https://www.tracelabs.org/resources|TraceLabs Resources]] * [[https://www.search.org/resources/search-investigative-and-forensic-toolbar/|Search.org Investigative and Forensic Toolbar]] * [[https://osintframework.com/|OSINT Framework]] * [[https://blog.appsecco.com/open-source-intelligence-gathering-101-d2861d4429e3?gi=e97a869a3f48|OSINT 101]] * [[https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544?gi=650e4519d0fe|OSINT 201]] * [[https://medium.com/@micallst/osint-resources-for-2019-b15d55187c3f|OSINT Resources for 2019]] * [[https://inteltechniques.com/index.html|Intel Techniques]] * [[https://jakecreps.com/2018/09/28/advanced-osint-tools/|Advanced OSINT Tools]] * [[https://hunch.ly/osint-webinars/osint-webinar-advanced-social-media-01252019.php|Advanced Social Media OSINT]] * [[https://www.youtube.com/watch?v=hPIhItC-Vr8&|Network Fingerprinting With Maltego (Youtube)]] * [[https://otx.alienvault.com/|AlienVault Open Threat Exchange]] (Threat Intelligence sharing platform) * [[https://iknowwhatyoudownload.com/en/peer/|Torrent download checking by IP Address.]] * [[https://github.com/jaegeral/security-apis|REST API service registration listing]] * [[https://thispersondoesnotexist.com/|Profile Picture Generator]] (These people don't exist) * [[https://github.com/lulz3xploit/LittleBrother|European persons lookup tool]] * [[https://github.com/0xZDH/BridgeKeeper|LinkedIn web scraper]] * [[https://github.com/jivoi/awesome-osint|Awesome OSINT research board]] * [[http://iknowwhereyourcatlives.com/|Mapping tool with information of locations of cats]] * [[http://le-tools.com/ExtractFace.html|Facebook extraction tool]] * [[https://github.com/sa7mon/venmo-data|Venmo transaction logs]] (Open API) ==== OSINT Start Boards ==== * [[https://start.me/p/rxRbpo/ti|General OSINT starting point]] * [[https://start.me/p/nRQNRb/addons|OSINT Web browser extensions]] * [[https://start.me/p/VRxaj5/dating-apps-and-hook-up-sites-for-investigators|Dating/Hook-up website listing and tools]] * [[https://start.me/p/QRENnO/databases|Online searchable databases]] * [[https://start.me/p/b5Aow7/asint_collection|Generic OSINT Board 1]] * [[https://start.me/p/7kxyy2/osint-tools-curated-by-lorand-bodo|A list of OSINT/GEOINT/SIGINT/FOSINT tools]] ===== Social Engineering ===== * [[https://www.social-engineer.org/category/podcast/|The Social-Engineer Podcast]] * [[http://2thi.cc/doc/Social_Engineering_Toolkit_User_Manual.pdf|Software Engineering Toolkit (SET) User Manual (PDF)]] * [[https://www.reddit.com/r/SocialEngineering|r/SocialEngineering Subreddit]] * [[https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539/ref=sr_1_2?ie=UTF8&qid=1548388042&sr=8-2&keywords=art+of+human+hacking|Social Engineering: The Art of Human Hacking]] ===== Blue Team / Defensive ===== * [[https://securityboulevard.com/2020/05/the-ultimate-list-of-sans-cheat-sheets/|Ultimate List of SANS cheat sheets]] * [[https://github.com/n1trux/awesome-sysadmin|Awesome Sysadmin List]] * [[https://www.cl.cam.ac.uk/~rja14/book.html|Security Engineering: A guide to building dependable distributed systems]] * [[https://highon.coffee/blog/security-harden-centos-7/|Security Hardening for CentOS 7]] * [[https://www.13cubed.com/|13cubed]] ==== Dev Ops Testing ==== * [[https://github.com/secureCodeBox/secureCodeBox|SecureCodeBox Tool-chain for scanning software and orchestrating automated security testing.]] ==== Tools ==== === Windows === * [[https://github.com/securitywithoutborders/hardentools|HardenTools Basic feature disablement tool]] === Unix/Linux === * [[https://github.com/Jsitech/JShielder|JShielder L[A|E]MP deployer and CIS benchmarker]] * [[https://github.com/arildjensen/cis-puppet|CIS implementation Puppet Module]] * [[https://github.com/CSD-Public/stonix|Stonix Hardening Tool]] (Los Alamos) === MacOS === === Multiple === * [[https://www.open-scap.org/tools/scap-workbench/|OpenSCAP Workbench]] * [[https://www.simp-project.com/|NSA SIMP Systems automation and configuration management utilities]] * [[https://github.com/CISOfy/lynis|Lynis Automated Security Auditing Tool w/ compliance testing]] (Linux/MacOS) * [[https://www.tenable.com/products/nessus|Nessus Automated Auditing]] === Other (Cloud/Hypervisor) === * [[https://github.com/DenizParlak/Zeus|Zeus AWS Auditing Tool]] * [[https://www.vmware.com/security/hardening-guides.html|VMWare Hypervisor hardening]] ===== Online Tools ===== * [[http://crackstation.net/|Crackstation]] * [[https://www.tunnelsup.com/hash-analyzer/|Hash Analyzer]] * [[https://md5hashing.net/hash_type_checker|Hash Type Check Tool]] * [[https://md5.gromweb.com/?md5=f25a2fc72690b780b2a14e140ef6a9e0|Reverse MD5 Lookup]] * [[https://sha1.gromweb.com/|Reverse SHA1 Lookup]] * [[https://cryptii.com/|Converter that supports many encodings/cyphers]] * [[https://repl.it/|Repl.it Online development environment, supports multiple languages]] * [[https://gchq.github.io/CyberChef/|CyberChef Swiss Army Knife Code-breaking and parsing]] * [[https://tio.run/|Online Interpreters]] * [[http://www.bertnase.de/npiet/npiet-execute.php|Piet]] * [[https://github.com/mozilla/ssh_scan|SSH Policy Scanner]] * [[https://github.com/mozilla/cipherscan|Cipher Policy Scanner]] ===== Tools ===== * [[http://steghide.sourceforge.net/|StegHide]] * [[https://nmap.org/|NMAP]] * [[https://www.telerik.com/fiddler|Fiddler]] * [[https://www.wireshark.org/|Wireshark]] * [[http://www.metasploit.com/|Metasploit]] * [[https://cirt.net/Nikto2|Nikto]] * [[https://www.openwall.com/john/|JTR]] * [[https://portswigger.net/burp/communitydownload|Burp Suite]] * [[https://sectools.org/tool/openvas/|OpenVAS]] * [[http://aircrack-ng.org/|Aircrack-NG]] * [[https://kismetwireless.net/|Kismet]] * [[https://www.spiderfoot.net/|SpiderFoot]] * [[https://github.com/vanhauser-thc/thc-hydra|THC-Hydra]] * [[https://github.com/arthaud/python3-pwntools|PWNTools]] * [[https://github.com/google/clusterfuzz|Clusterfuzz]] (Google's Web Fuzzer) * [[https://github.com/tulpar/tulpar|Tulpar]] * [[https://github.com/mozilla/cipherscan|CypherScan]] * [[https://sqlitebrowser.org/|SQLite Browser - graphical SQLite database viewer]] * [[https://github.com/OJ/gobuster|GoBuster, URI Fuzzer]] * [[https://github.com/zed-0xff/zsteg|Zsteg]] * [[https://github.com/sqlmapproject/sqlmap|SQL Map]] * [[https://github.com/hashcat/hashcat|Hashcat, password cracker]] * [[https://www.maltego.com/?utm_source=paterva.com&utm_medium=referral&utm_campaign=301|Maltego]] * [[https://www.ettercap-project.org/|Ettercap MITM tool]] * [[https://mh-nexus.de/en/hxd/|HxD Hex Editor]] * [[https://github.com/exiftool/exiftool|ExifTool]] * [[https://github.com/GerbenJavado/LinkFinder|Link Finder Utility to parse all JS on a page for links]] ===== Other Maintained Blogs/Resource Dumps ===== * [[https://resources.infosecinstitute.com/|The InfoSec Institute]] * [[https://github.com/swisskyrepo/PayloadsAllTheThings|Swissky's Payload All The Things]] * [[https://github.com/V33RU/IoTSecurity101|IOT Security 101]] * [[https://freecomputerbooks.com/|Free computer books, lectures, whitepapers, etc.]] * [[https://www.ired.team/|Redteaming notes by @spottheplanet on twitter]] * [[https://teachyourselfinfosec.com/|Teach Yourself Infosec]] * “Awesome Lists” * [[https://github.com/sindresorhus/awesome#security|Master List]] * [[https://github.com/vaib25vicky/awesome-mobile-security|Mobile Security]] * [[https://github.com/cugu/awesome-forensics|Forensics]] ===== Miscellaneous ===== * [[https://discord.gg/4YqpTVX|The LHC Discord Server]] * [[https://www.sans.org/offensive-operations/blog/2014/06/04/five-things-every-pen-tester-should-know-about-working-with-lawyers|Five Things Every Pen Tester Should Know About Working with Lawyers]] * [[http://vulnhub.com/|Vuln Hub Boxes]] * [[https://gist.github.com/joepie91/5a9909939e6ce7d09e29|Don't Bother Using a VPN]] * Security and Hacking Conferences - page currently down. ETA October 15th 2021 * [[https://www.alchemistowl.org/pocorgtfo/|Proof-of-Concept or GTFO]] * [[http://www.realtimerendering.com/blog/an-introduction-to-ray-tracing-is-now-free-for-download/|An Introduction to Ray Tracing (Free Book)]] * [[wiki:challenges:linuxsysadmin|A challenge for wannabe Linux System Administrators]] * [[blogs:lowebrew_lair|Lowebrew's Lair of Resources]] * [[wiki:resources:fileformats|File Formats and structure]] * [[https://hackerspaces.org/|hackerspaces]]