Resources: Repos, payloads, supplimental material, info, Notes,checklists, writeups & more
- https://github.com/topics/penetration-testing
- https://github.com/LinuxUser255/Web-Security-Academy-Series/blob/main/MapTheApp.png
- https://github.com/swisskyrepo
- https://gitlab.com/gh0s7
- https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
- https://github.com/wwong99/pentest-notes
- https://github.com/Anof-cyber/Application-Security
- https://github.com/The-Art-of-Hacking/h4cker
- https://github.com/daffainfo/AllAboutBugBounty
- https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/blogposts.md
- https://github.com/topics/bugbountytips
- https://github.com/topics/bugbounty-writeups
- https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/tools.md
- https://portswigger.net/web-security/learning-path
- https://book.hacktricks.xyz/welcome/readme
- https://github.com/swisskyrepo/PayloadsAllTheThings
- http://www.0daysecurity.com/penetration-testing/enumeration.html
- https://highon.coffee/
- http://pentestmonkey.net/
- https://netsec.ws/?p=353
- https://pastebin.com/
- https://www.exploit-db.com
- https://www.hackers-arise.com/hacking-fundamentals-1
- https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
- http://www.fuzzysecurity.com/tutorials/16.html
- https://github.com/carlospolop/hacktricks/tree/master/pentesting-web
- https://book.hacktricks.xyz/welcome/readme
- https://pentesterlab.com/
- https://university.apisec.ai/apisec-certified-expert
- https://ippsec.rocks/?#
- https://www.hackingarticles.in/burp-suite-for-pentester-software-vulnerability-scanner/
- https://portswigger.net/web-security/sql-injection/cheat-sheet
- https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
- https://www.stationx.net/nmap-cheat-sheet/
- https://fatalsecurity.com/posts/sqlmap-cheatsheet-and-examples.html
- https://docs.python.org/3/library/string.html#format-string-syntax
- https://netsec.ws/?p=353
- http://mywiki.wooledge.org/BashFAQ/031
- https://devhints.io/bash
- https://www.base64decode.org/
Operating Systems & more
- https://www.kali.org/
- https://www.blackarch.org/
- https://www.parrot.sh/
- https://www.backbox.org/
- https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/
- https://blackarch.org/downloads.html#ova-download
- https://www.virtualbox.org
- https://www.vulnhub.com/?page=1
- http://www.samurai-wtf.org/
OSINT & Info gathering websites
- https://www.shodan.io/
- https://www.robtex.com/
- https://toolbar.netcraft.com/site_report
- https://inteltechniques.com/podcast.html
- https://www.truepeoplesearch.com/
- https://www.fastpeoplesearch.com/
- https://nuwber.com/
- https://xlek.com/
- https://www.cyberbackgroundchecks.com/
- https://www.intelius.com/
- https://radaris.com/
- https://www.spytox.com/
- https://www.advancedbackgroundchecks.com/
- http://www.yasni.com/
- https://thatsthem.com/
- https://webmii.com/
General Info
- https://www.owasp.org/index.php/Main_Page
- https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OTG-INPVAL-001)
- https://zsecurity.org/hacking-and-security/
OSCP Advise
- https://www.peerlyst.com/posts/the-how-to-get-the-oscp-certification-wiki-peerlyst?utm_source=linkedin&
- https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob.html
- https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms.html
- https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97