Nytro Posted November 12, 2011 Report Share Posted November 12, 2011 (edited) Blogs, Feeds, Guides & Links I was cleaning out my bookmarks, de-cluttering twitter favourites and closing a few tabs. Re-saw a few 'hidden gems' as well as repeating finding links for people, so I thought I would try and 'dump' them all in one place.These are roughly sorted, if you're wanting something better - I highly recommend having a look at the pentest-bookmarks.Programming/Coding[bash] Advanced Bash-Scripting Guide - http://tldp.org/LDP/abs/html/[bash] Bash shell scripting tutorial - http://steve-parker.org/sh/sh.shtml[bash] Bourne Shell Reference - http://linuxreviews.org/beginner/bash_GNU_Bourne-Again_SHell_Reference/[CheatSheet] Scripting Languages: PHP, Perl, Python, Ruby - http://hyperpolyglot.org/scriptingOffensive Security's Pentesting With BackTrack (PWB) Course[Pre-course] Corelan Team - http://www.corelan.be[Pre-course] The Penetration Testing Execution Standard - http://www.pentest-standard.org/index.php/Main_Page[Hash] NTLM Decrypter - http://www.md5decrypter.co.uk/ntlm-decrypt.aspx[Hash] reverse hash search and calculator - http://goog.lihttp://security.crudtastic.com/?p=213Tunnelling / Pivoting[Linux] SSH gymnastics with proxychains - http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html[Windows] Nessus Through SOCKS Through Meterpreter - http://www.digininja.org/blog/nessus_over_sock4a_over_msf.phpWarGames / Online Challenges[WarGames] Title - http://securityoverride.com[WarGames] Title - http://intruded.net[Challenge] The Ksplice Pointer Challenge - http://blogs.oracle.com/ksplice/[WarGames] Title - http://spotthevuln.com[WarGames] Title - http://cvo-lab.blogspot.com/2011/05/iawacs-2011-forensics-challenge.html[WarGames] Title - http://ftp.hackerdom.ru/ctf-images/Exploit Development (Programs)[Download] Title - http://www.oldapps.com/[Download] Title - http://www.oldversion.com/[Download] Title - http://www.exploit-db.com/webapps/Misc[RSS] Open Penetration Testing Bookmarks Collection - https://code.google.com/p/pentest-bookmarks/downloads/list[ExploitDev] Data mining Backtrack 4 for buffer overflow return addresses - http://insidetrust.blogspot.com/2010/12/data-mining-backtrack-4-for-buffer.html[DIY] Repair a Broken Ethernet Plug - http://www.instructables.com/id/Repair-a-Broken-Ethernet-Plug/step5/Make-its-Head-Thin/[Desktop] Ubuntu Security - http://ubuntuforums.org/showthread.php?t=510812[TechHumor] Title - https://www.xkcd.com[TechHumor] Title - http://www.blackhat.com/presentations/bh-europe-05/BH_EU_05-Long.pdfExploit Development[Guides] Corelan Team - http://www.corelan.be[Guide] From 0x90 to 0x4c454554, a journey into exploitation. - http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html[Guide] An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities - http://resources.infosecinstitute.com/intro-to-fuzzing/ TiGa's Video Tutorial Series on IDA Pro - http://www.woodmann.com/TiGa/idaseries.html[Guide] Advanced Windows Buffer Overflows - http://labs.snort.org/awbo/[Guide] Stack Based Windows Buffer Overflow Tutorial - http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.htmlt[Guide] SEH Stack Based Windows Buffer Overflow Tutorial - http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html[Guide] Windows Buffer Overflow Tutorial: Dealing with Character Translation - http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html[Guide] Heap Spray Exploit Tutorial: Internet Explorer Use After Free Aurora Vulnerability< - http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html[Guide] Windows Buffer Overflow Tutorial: An Egghunter and a Conditional Jump - http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html[Linux] Linux exploit development part 1 – Stack overflow. - http://sickness.tor.hu/?p=363[Linux] Linux Exploit Writing Tutorial Pt 2 – Stack Overflow ASLR bypass Using ret2reg - http://sickness.tor.hu/?p=365[Linux] Linux exploit development part 3 – ret2libc - http://sickness.tor.hu/?p=368[Linux] Linux exploit development part 4 – ASCII armor bypass + return-to-plt - http://sickness.tor.hu/?p=378[TechHumor] Title - [TechHumor] Title - http://amolnaik4.blogspot.com/2011/06/exploit-development-with-monapy.htmlExploit Development (Case Studies/Walkthroughs)[Web] Finding 0days in Web Applications - http://www.exploit-db.com/finding-0days-in-web-applications/[Windows] Offensive Security Exploit Weekend - http://www.corelan.be/index.php/2010/11/13/offensive-security-exploit-weekend/[Windows] From vulnerability to exploit under 5 min - http://0entropy.blogspot.com/2011/02/from-vulnerability-to-exploit-under-5.htmlExploit Development (Patch Analysis)[Windows] A deeper look at ms11-058 - http://www.skullsecurity.org/blog/2011/a-deeper-look-at-ms11-058[Windows] Patch Analysis for MS11-058 - https://community.qualys.com/blogs/securitylabs/2011/08/23/patch-analysis-for-ms11-058[Windows] CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation vulnerability - http://j00ru.vexillium.org/?p=893[Mobile] Analyzing and dissecting Android applications for security defects and vulnerabilities - https://www.net-security.org/article.php?id=1613Exploit Development (Metasploit Wishlist)[ExplotDev] Metasploit Exploits Wishlist ! - http://esploit.blogspot.com/2011/03/metasploit-exploits-wishlist.html[Guide] Porting Exploits To Metasploit Part 1 - http://www.securitytube.net/video/2118Passwords & Rainbow Tables (WPA)[RSS] Title - http://ob-security.info/?p=475[RSS] Title - http://nakedsecurity.sophos.com/2011/06/14/the-top-10-passcodes-you-should-never-use-on-your-iphone/[RSS] Title - http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html[WPA] Offensive Security: WPA Rainbow Tables - http://www.offensive-security.com/wpa-tables/[Tool] Ultra High Security Password Generator - https://www.grc.com/passwords.htm[Guide] Creating effective dictionaries for password attacks - http://insidetrust.blogspot.com/2010/07/creating-effective-dictionaries-for.html[Leaked] Diccionarios con Passwords de Sitios Expuestos - http://www.dragonjar.org/diccionarios-con-passwords-de-sitios-expuestos.xhtml[Download] Index of / - http://svn.isdpodcast.com/wordlists/[Guide] Using Wikipedia as brute forcing dictionary - http://lab.lonerunners.net/blog/using-wikipedia-as-brute-forcing-dictionary[Tool] CeWL - Custom Word List generator - http://www.digininja.org/projects/cewl.php[Download] Title - http://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists[Leaked] Passwords - http://www.skullsecurity.org/wiki/index.php/PasswordsCheat-Sheets[OS] A Sysadmin's Unixersal Translator - http://bhami.com/rosetta.html[WiFi] WirelessDefence.org's Wireless Penetration Testing Framework - http://www.wirelessdefence.org/Contents/Wireless%20Pen%20Test%20Framework.htmlAnti-Virus[Metasploit] Facts and myths about antivirus evasion with Metasploit - http://schierlm.users.sourceforge.net/avevasion.html[Terms] Methods of bypassing Anti-Virus (AV) Detection - NetCat - http://compsec.org/security/index.php/anti-virus/283-anti-virus-central-methods-of-bypassing-anti-virus-av-detection.htmlPrivilege Escalation[Linux] Hacking Linux Part I: Privilege Escalation - http://www.dankalia.com/tutor/01005/0100501004.htm[Windows] Windows 7 UAC whitelist - http://www.pretentiousname.com/misc/win7_uac_whitelist2.html[Windows] Windows Privilege Escalation Part 1: Local Administrator Privileges - http://www.netspi.com/blog/2009/10/05/windows-privilege-escalation-part-1-local-administrator-privileges/Metasploit[Guide] fxsst.dll persistence: the evil fax machine - http://www.room362.com/blog/2011/6/27/fxsstdll-persistence-the-evil-fax-machine.html[Guide] Bypassing DEP/ASLR in browser exploits with McAfee and Symantec - http://www.scriptjunkie.us/2011/08/custom-payloads-in-metasploit-4/[Guides] Metasploit Unleashed - http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training[Guides] Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1 - http://www.securitytube.net/video/1175Default Generators[WEP] mac2wepkey - Huawei default WEP generator - http://websec.ca/blog/view/mac2wepkey_huawei[WEP] Generator: Attacking SKY default router password - http://sec.jetlib.com/BackTrack_Linux_Forums/2011/01/12/Generator:_Attacking_SKY_default_router_passwordStatistics[Defacements] Zone-H - http://www.zone-h.org[ExploitKits] CVE Exploit Kit list - http://exploitkit.ex.ohost.de/CVE%20Exploit%20Kit%20List.htmCross Site Scripting (XSS)[Guide] vbSEO – From XSS to Reverse PHP Shell - http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/[RSS] Title - http://www.thespanner.co.uk/2009/03/25/xss-rays/Podcasts[Weekly] PaulDotCom - http://pauldotcom.com/podcast/psw.xml[Monthly] Social-Engineer - http://socialengineer.podbean.com/feed/Blogs & RSS[RSS] SecManiac - http://www.secmaniac.com[Guides] Carnal0wnage & Attack Research - http://carnal0wnage.attackresearch.com[RSS] Contagio - http://contagiodump.blogspot.com[News] THN : The Hacker News - http://thehackernews.com[News] Packet Storm: Full Disclosure Information Security - http://packetstormsecurity.org[Guides] pentestmonkey | Taking the monkey work out of pentesting - http://pentestmonkey.net[RSS] Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security - http://www.darknet.org.uk[RSS] Irongeek - http://www.irongeek.com[Metasploit] Room 363 - http://www.room362.com[Guides] Question Defense: Technology Answers For Technology Questions - http://www.question-defense.com/[Guides] stratmofo's blog - http://securityjuggernaut.blogspot.com[Guides] TheInterW3bs - http://theinterw3bs.com[Guides] consolecowboys - http://console-cowboys.blogspot.com[Guides] A day with Tape - http://adaywithtape.blogspot.com[Guides] Cybexin's Blog - Network Security Blog - http://cybexin.blogspot.com[RSS] BackTrack Linux - Penetration Testing Distribution - http://www.backtrack-linux.org/feed/[RSS] Offensive Security - http://www.offensive-security.com/blog/feed/[RSS] Title - http://www.pentestit.com[RSS] Title - http://michael-coates.blogspot.com[RSS] Title - http://blog.0x0e.org[RSS] Title - http://0x80.org/blog[RSS] Title - http://archangelamael.shell.tor.hu[RSS] Title - http://archangelamael.blogspot.com[RSS] Title - http://www.coresec.org[RSS] Title - http://noobys-journey.blogspot.com[RSS] Title - http://www.get-root.com[RSS] Title - http://www.kislaybhardwaj.com[RSS] Title - https://community.rapid7.com/community/metasploit/blog[RSS] Title - http://mimetus.blogspot.com[RSS] Title - http://hashcrack.blogspot.com[RSS] Title - https://rephraseit.wordpress.com[RSS] Title - http://www.exploit-db.com[RSS] Title - http://skidspot.blogspot.com[RSS] Title - http://grey-corner.blogspot.com[RSS] Title - http://vishnuvalentino.com[RSS] Title - http://ob-security.infoSursa:http://g0tmi1k.blogspot.com/2011/11/blog-guides-links.html Edited November 12, 2011 by Nytro 2 Quote Link to comment Share on other sites More sharing options...
Usr6 Posted May 15, 2016 Report Share Posted May 15, 2016 [RSS] Udemy coupons/free courses http://bestblackhatforum.com/syndication.php?fid=877&limit=15 Quote Link to comment Share on other sites More sharing options...
Jako Posted September 2, 2016 Report Share Posted September 2, 2016 Old darkode.com repository: http://darkode.cybercrime-tracker.net Directory listing script used for tracker: http://web2.uconn.edu/webdev/doc/scripts.htm#file_list_script Quote Link to comment Share on other sites More sharing options...
Technetium Posted October 4, 2016 Report Share Posted October 4, 2016 (edited) Programming e-books: https://github.com/andrewpage/programming-ebooks https://github.com/HackathonHackers/programming-ebooks Information Security related Mind Maps: http://www.amanhardikar.com/mindmaps.html OSINT related links: https://inteltechniques.com/links.html Edited September 2, 2017 by Technetium Quote Link to comment Share on other sites More sharing options...
Technetium Posted August 7, 2017 Report Share Posted August 7, 2017 (edited) https://twitter.com/makassarhack repository: http://repo.meh.or.id/ while dorking gasit, postat: https://blkbx.info/Downloads/MEGA/CyberSec/ Edited August 7, 2017 by Technetium 1 1 Quote Link to comment Share on other sites More sharing options...
Technetium Posted August 28, 2017 Report Share Posted August 28, 2017 500 GB programming resources: https://drive.google.com/drive/folders/0ByWO0aO1eI_MN1BEd3VNRUZENkU 1 Quote Link to comment Share on other sites More sharing options...