Online Resources
Penetration Testing Resources
Metasploit Unleashed - Free Offensive Security Metasploit course
PTES - Penetration Testing Execution Standard
OWASP - Open Web Application Security Project
PENTEST-WIKI - A free online security knowledge library for pentesters / researchers.
Vulnerability Assessment Framework - Penetration Testing Framework.
The Pentesters Framework - PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used.
Exploit development
Shellcode Tutorial - Tutorial on how to write shellcode
Shellcode Examples - Shellcodes database
Exploit Writing Tutorials - Tutorials on how to develop exploits
shellsploit - New Generation Exploit Development Kit
Voltron - A hacky debugger UI for hackers
Social Engineering Resources
Social Engineering Framework - An information resource for social engineers
Lock Picking Resources
Schuyler Towne channel - Lockpicking videos and security talks
/r/lockpicking - Resources for learning lockpicking, equipment recommendations.
Tools
Penetration Testing Distributions
Kali - A Linux distribution designed for digital forensics and penetration testing
ArchStrike - An Arch Linux repository for security professionals and enthusiasts
BlackArch - Arch Linux-based distribution for penetration testers and security researchers
NST - Network Security Toolkit distribution
Pentoo - Security-focused livecd based on Gentoo
BackBox - Ubuntu-based distribution for penetration tests and security assessments
Parrot - A distribution similar to Kali, with multiple architecture
Fedora Security Lab - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
Basic Penetration Testing Tools
Metasploit Framework - World's most used penetration testing software
Burp Suite - An integrated platform for performing security testing of web applications
ExploitPack - Graphical tool for penetration testing with a bunch of exploits
BeeF - The Browser Exploitation Framework Project
faraday - Collaborative Penetration Test and Vulnerability Management Platform
evilgrade - The update explotation framework
commix - Automated All-in-One OS Command Injection and Exploitation Tool
routersploit - Automated penetration testing software for router
[redsnarf] (https://github.com/nccgroup/redsnarf) - Post-exploitation tool for grabbing credentials
Docker for Penetration Testing
docker pull kalilinux/kali-linux-docker official Kali Linux
docker pull owasp/zap2docker-stable - official OWASP ZAP
docker pull wpscanteam/wpscan - official WPScan
docker pull pandrew/metasploit - docker-metasploit
docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA)
docker pull wpscanteam/vulnerablewordpress - Vulnerable WordPress Installation
docker pull hmlio/vaas-cve-2014-6271 - Vulnerability as a service: Shellshock
docker pull hmlio/vaas-cve-2014-0160 - Vulnerability as a service: Heartbleed
docker pull opendns/security-ninjas - Security Ninjas
docker pull diogomonica/docker-bench-security - Docker Bench for Security
docker pull ismisepaul/securityshepherd - OWASP Security Shepherd
docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project docker image
docker-compose build && docker-compose up - OWASP NodeGoat
docker pull citizenstig/nowasp - OWASP Mutillidae II Web Pen-Test Practice Application
docker pull bkimminich/juice-shop - OWASP Juice Shop
Vulnerability Scanners
Nexpose - Vulnerability Management & Risk Management Software
Nessus - Vulnerability, configuration, and compliance assessment
Nikto - Web application vulnerability scanner
OpenVAS - Open Source vulnerability scanner and manager
OWASP Zed Attack Proxy - Penetration testing tool for web applications
Secapps - Integrated web application security testing environment
w3af - Web application attack and audit framework
Wapiti - Web application vulnerability scanner
WebReaver - Web application vulnerability scanner for Mac OS X
DVCS Ripper - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR
arachni - Web Application Security Scanner Framework
Network Tools
nmap - Free Security Scanner For Network Exploration & Security Audits
pig - A Linux packet crafting tool
tcpdump/libpcap - A common packet analyzer that runs under the command line
Wireshark - A network protocol analyzer for Unix and Windows
Network Tools - Different network tools: ping, lookup, whois, etc
netsniff-ng - A Swiss army knife for for network sniffing
Intercepter-NG - a multifunctional network toolkit
SPARTA - Network Infrastructure Penetration Testing Tool
dnschef - A highly configurable DNS proxy for pentesters
DNSDumpster - Online DNS recon and search service
dnsenum - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results
dnsmap - Passive DNS network mapper
dnsrecon - DNS Enumeration Script
dnstracer - Determines where a given DNS server gets its information from, and follows the chain of DNS servers
passivedns-client - Provides a library and a query tool for querying several passive DNS providers
passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
Mass Scan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Zarp - Zarp is a network attack tool centered around the exploitation of local networks
mitmproxy - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
mallory - HTTP/HTTPS proxy over SSH
Netzob - Reverse engineering, traffic generation and fuzzing of communication protocols
DET - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time
pwnat - punches holes in firewalls and NATs
dsniff - a collection of tools for network auditing and pentesting
tgcd - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls
smbmap - a handy SMB enumeration tool
scapy - a python-based interactive packet manipulation program & library
Dshell - Network forensic analysis framework
Debookee (MAC OS X) - Intercept traffic from any device on your network
Dripcap - Caffeinated packet analyzer
Wireless Network Tools
Aircrack-ng - a set of tools for auditing wireless network
Kismet - Wireless network detector, sniffer, and IDS
Reaver - Brute force attack against Wifi Protected Setup
Wifite - Automated wireless attack tool
wifiphisher - Automated phishing attacks against Wi-Fi networks
SSL Analysis Tools
SSLyze - SSL configuration scanner
sslstrip - a demonstration of the HTTPS stripping attacks
sslstrip2 - SSLStrip version to defeat HSTS
tls_prober - fingerprint a server's SSL/TLS implementation
Web exploitation
WPScan - Black box WordPress vulnerability scanner
SQLmap - Automatic SQL injection and database takeover tool
weevely3 - Weaponized web shell
Wappalyzer - Wappalyzer uncovers the technologies used on websites
cms-explorer - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
joomscan - Joomla CMS scanner
WhatWeb - Website Fingerprinter
BlindElephant - Web Application Fingerprinter
fimap - Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs
Kadabra - Automatic LFI exploiter and scanner
Kadimus - LFI scan and exploit tool
liffy - LFI exploitation tool
Hex Editors
HexEdit.js - Browser-based hex editing
Hexinator (commercial) - World's finest Hex Editor
HxD - Freeware Hex Editor and Disk Editor
Crackers
John the Ripper - Fast password cracker
Online MD5 cracker - Online MD5 hash Cracker
Hashcat - The more fast hash cracker
THC Hydra - Another Great Password Cracker
Windows Utils
Sysinternals Suite - The Sysinternals Troubleshooting Utilities
Windows Credentials Editor - security tool to list logon sessions and add, change, list and delete associated credentials
mimikatz - Credentials extraction tool for Windows OS
PowerSploit - A PowerShell Post-Exploitation Framework
Windows Exploit Suggester - Detects potential missing patches on the target
Responder - A LLMNR, NBT-NS and MDNS poisoner
Bloodhound - A graphical Active Directory trust relationship explorer
Empire - Empire is a pure PowerShell post-exploitation agent
Fibratus - Tool for exploration and tracing of the Windows kernel
Linux Utils
Linux Exploit Suggester - Linux Exploit Suggester; based on operating system release number.
DDoS Tools
LOIC - An open source network stress tool for Windows
JS LOIC - JavaScript in-browser version of LOIC
T50 - The more fast network stress tool
Social Engineering Tools
SET - The Social-Engineer Toolkit from TrustedSec
OSInt Tools
Maltego - Proprietary software for open source intelligence and forensics, from Paterva.
theHarvester - E-mail, subdomain and people names harvester
creepy - A geolocation OSINT tool
metagoofil - Metadata harvester
Google Hacking Database - a database of Google dorks; can be used for recon
Censys - Collects data on hosts and websites through daily ZMap and ZGrab scans
Shodan - Shodan is the world's first search engine for Internet-connected devices
recon-ng - A full-featured Web Reconnaissance framework written in Python
github-dorks - CLI tool to scan github repos/organizations for potential sensitive information leak
vcsmap - A plugin-based tool to scan public version control systems for sensitive information
Spiderfoot - multi-source OSINT automation tool with a Web UI and report visualizations
Anonymity Tools
Tor - The free software for enabling onion routing online anonymity
I2P - The Invisible Internet Project
Nipe - Script to redirect all traffic from the machine to the Tor network.
Reverse Engineering Tools
IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
IDA Free - The freeware version of IDA v5.0
WDK/WinDbg - Windows Driver Kit and WinDbg
OllyDbg - An x86 debugger that emphasizes binary code analysis
Radare2 - Opensource, crossplatform reverse engineering framework
x64_dbg - An open-source x64/x32 debugger for windows
Immunity Debugger - A powerful new way to write exploits and analyze malware
Evan's Debugger - OllyDbg-like debugger for Linux
Medusa disassembler - An open source interactive disassembler
plasma - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code
peda - Python Exploit Development Assistance for GDB
dnSpy - dnSpy is a tool to reverse engineer .NET assemblies
CTF Tools
Pwntools - CTF framework for use in CTFs
Books
Penetration Testing Books
The Art of Exploitation by Jon Erickson, 2008
Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011
Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014
Rtfm: Red Team Field Manual by Ben Clark, 2014
The Hacker Playbook 2: Practical Guide To Penetration Testing
The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013
Professional Penetration Testing by Thomas Wilhelm, 2013
Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012
Violent Python by TJ O'Connor, 2012
Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007
Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014
Penetration Testing: Procedures & Methodologies by EC-Council, 2010
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010
Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014
Bug Hunter's Diary by Tobias Klein, 2011
Hackers Handbook Series
The Database Hacker's Handbook, David Litchfield et al., 2005
The Shellcoders Handbook by Chris Anley et al., 2007
The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009
The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011
iOS Hackers Handbook by Charlie Miller et al., 2012
Android Hackers Handbook by Joshua J. Drake et al., 2014
The Browser Hackers Handbook by Wade Alcorn et al., 2014
The Mobile Application Hackers Handbook by Dominic Chell et al., 2015
Car Hacker's Handbook by Craig Smith, 2016
Defensive Development
Holistic Info-Sec for Web Developers (Fascicle 0)
Holistic Info-Sec for Web Developers (Fascicle 1)
Network Analysis Books
Nmap Network Scanning by Gordon Fyodor Lyon, 2009
Practical Packet Analysis by Chris Sanders, 2011
Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012
Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012
Reverse Engineering Books
Reverse Engineering for Beginners by Dennis Yurichev
Hacking the Xbox by Andrew Huang, 2003
The IDA Pro Book by Chris Eagle, 2011
Practical Reverse Engineering by Bruce Dang et al., 2014
Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015
Malware Analysis Books
Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012
The Art of Memory Forensics by Michael Hale Ligh et al., 2014
Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010
Windows Books
Windows Internals by Mark Russinovich et al., 2012
Social Engineering Books
The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002
The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005
Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011
No Tech Hacking by Johnny Long & Jack Wiles, 2008
Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010
Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014
Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014
Lock Picking Books
Practical Lock Picking by Deviant Ollam, 2012
Keys to the Kingdom by Deviant Ollam, 2012
CIA Lock Picking Field Operative Training Manual
Lock Picking: Detail Overkill by Solomon
Eddie the Wire books
Vulnerability Databases
NVD - US National Vulnerability Database
CERT - US Computer Emergency Readiness Team
OSVDB - Open Sourced Vulnerability Database
Bugtraq - Symantec SecurityFocus
Exploit-DB - Offensive Security Exploit Database
Fulldisclosure - Full Disclosure Mailing List
MS Bulletin - Microsoft Security Bulletin
MS Advisory - Microsoft Security Advisories
Inj3ct0r - Inj3ct0r Exploit Database
Packet Storm - Packet Storm Global Security Resource
SecuriTeam - Securiteam Vulnerability Information
CXSecurity - CSSecurity Bugtraq List
Vulnerability Laboratory - Vulnerability Research Laboratory
ZDI - Zero Day Initiative
Vulners - Security database of software vulnerabilities
Security Courses
Offensive Security Training - Training from BackTrack/Kali developers
SANS Security Training - Computer Security Training & Certification
Open Security Training - Training material for computer security classes
CTF Field Guide - everything you need to win your next CTF competition
ARIZONA CYBER WARFARE RANGE - 24x7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare.
Cybrary - Free courses in ethical hacking and advanced penetration testing. Advanced penetration testing courses are based on the book 'Penetration Testing for Highly Secured Enviroments'.
Computer Security Student - Many free tutorials, great for beginners, $10/mo membership unlocks all content
European Union Agency for Network and Information Security - ENISA Cyber Security Training material
Information Security Conferences
DEF CON - An annual hacker convention in Las Vegas
Black Hat - An annual security conference in Las Vegas
BSides - A framework for organising and holding security conferences
CCC - An annual meeting of the international hacker scene in Germany
DerbyCon - An annual hacker conference based in Louisville
PhreakNIC - A technology conference held annually in middle Tennessee
ShmooCon - An annual US east coast hacker convention
CarolinaCon - An infosec conference, held annually in North Carolina
CHCon - Christchurch Hacker Con, Only South Island of New Zealand hacker con
SummerCon - One of the oldest hacker conventions, held during Summer
Hack.lu - An annual conference held in Luxembourg
HITB - Deep-knowledge security conference held in Malaysia and The Netherlands
Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany
Hack3rCon - An annual US hacker conference
ThotCon - An annual US hacker conference held in Chicago
LayerOne - An annual US security conference held every spring in Los Angeles
DeepSec - Security Conference in Vienna, Austria
SkyDogCon - A technology conference in Nashville
SECUINSIDE - Security Conference in Seoul
DefCamp - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania
AppSecUSA - An annual conference organised by OWASP
BruCON - An annual security conference in Belgium
Infosecurity Europe - Europe's number one information security event, held in London, UK
Nullcon - An annual conference in Delhi and Goa, India
RSA Conference USA - An annual security conference in San Francisco, California, USA
Swiss Cyber Storm - An annual security conference in Lucerne, Switzerland
Virus Bulletin Conference - An annual conference going to be held in Denver, USA for 2016
Ekoparty - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina
44Con - Annual Security Conference held in London
BalCCon - Balkan Computer Congress, annualy held in Novi Sad, Serbia
FSec - FSec - Croatian Information Security Gathering in Varaždin, Croatia
Information Security Magazines
2600: The Hacker Quarterly - An American publication about technology and computer "underground"
Phrack Magazine - By far the longest running hacker zine
https://github.com/wtsxDev/Penetration-Testing
.jpg.479638741d4b372c7bcbc64560bd6f47.jpg)
.thumb.jpg.7cb5d595aaab30025ddf359b87a7f6e1.jpg)
Books Reverse Engineering Books The IDA Pro Book Reverse Engineering for Beginners The Art of Assembly Language Practical Reverse Engineering Reversing: Secrets of Reverse Engineering Practical Malware Analysis Malware Analyst's Cookbook Gray Hat Hacking The Art of Memory Forensics Hacking: The Art of Exploitation Fuzzing for Software Security Art of Software Security Assessment The Antivirus Hacker's Handbook The Rootkit Arsenal Windows Internals Part 1 Part 2 Inside Windows Debugging iOS Reverse Engineering Courses Reverse Engineering Courses Lenas Reversing for Newbies Open Security Training Dr. Fu's Malware Analysis Binary Auditing Course TiGa's Video Tutorials Legend of Random Modern Binary Exploitation RPISEC Malware Course SANS FOR 610 GREM REcon Training Blackhat Training Offensive Security Corelan Training Offensive and Defensive Android Reversing Practice Practice Reverse Engineering. Be careful with malware. OSX Crackmes ESET Challenges Flare-on Challenges Github CTF Archives Reverse Engineering Challenges xorpd Advanced Assembly Exercises Virusshare.com Contagio Malware-Traffic-Analysis Malshare Malware Blacklist malwr.com vxvault Hex Editors Hex Editors HxD 010 Editor Hex Workshop HexFiend Hiew hecate Binary Format Binary Format Tools CFF Explorer Cerbero Profiler // Lite PE Insider Detect It Easy PeStudio PEiD MachoView nm - View Symbols file - File information codesign - Code signing information usage: codesign -dvvv filename Disassemblers Disassemblers IDA Pro Binary Ninja Radare Hopper Capstone objdump fREedom Binary Analysis Binary Analysis Resources Mobius Resources z3 bap angr Bytecode Analysis Bytecode Analysis Tools dnSpy Bytecode Viewer Bytecode Visualizer JPEXS Flash Decompiler Import Reconstruction Import Reconstruction Tools ImpRec Scylla LordPE Dynamic Analysis Dynamic Analysis Tools ProcessHacker Process Explorer Process Monitor Autoruns Noriben API Monitor iNetSim SmartSniff TCPView Wireshark Fakenet Volatility Dumpit LiME Cuckoo Objective-See Utilities XCode Instruments - XCode Instruments for Monitoring Files and Processes User Guide dtrace - sudo dtruss = strace dtrace recipes fs_usage - report system calls and page faults related to filesystem activity in real-time. File I/O: fs_usage -w -f filesystem dmesg - display the system message buffer Debugging Debugging Tools WinDbg OllyDbg v1.10 OllyDbg v2.01 OllySnD Olly Shadow Olly CiMs Olly UST_2bg x64dbg gdb vdb lldb qira unicorn Mac Decrypt Mac Decrypting Tools Cerbero Profiler - Select all -> Copy to new file AppEncryptor - Tool for decrypting Class-Dump - use deprotect option readmem - OS X Reverser's process dumping tool Document Analysis Document Analysis Tools Ole Tools Didier's PDF Tools Origami Scripting Scripting IDA Python Src IDC Functions Doc Using IDAPython to Make your Life Easier Introduction to IDA Python The Beginner's Guide to IDA Python IDA Plugin Contest onehawt IDA Plugin List pefile Python Library Android Android tools Android Studio APKtool dex2jar Bytecode Viewer IDA Pro JaDx Yara Yara Resources Yara docs Cheatsheet yarGen Yara First Presentation https://github.com/wtsxDev/reverse-engineering
