Jump to content

Awesome Penetration Testing

Recommended Posts

[h=2]Awesome Penetration Testing[/h] A collection of awesome penetration testing resources, tools, books, confs, magazines and other shiny things

[h=3][/h][h=3]Online Resources[/h] [h=4]Penetration Testing Resources[/h]

  • Metasploit Unleashed - Free Offensive Security metasploit course
  • PTES - Penetration Testing Execution Standard
  • OWASP - Open Web Application Security Project
  • OSSTMM - Open Source Security Testing Methodology Manual

[h=4]Shell Scripting Resources[/h]

  • LSST - Linux Shell Scripting Tutorial

[h=4]Linux resources[/h]

  • Kernelnewbies - A community of aspiring Linux kernel developers who work to improve their Kernels

[h=4][/h][h=4]Shellcode development[/h]

[h=4][/h][h=4]Social Engineering Resources[/h]

[h=4][/h][h=4]Lock Picking Resources[/h]

[h=3][/h][h=3]Tools[/h] [h=4][/h][h=4]Penetration Testing Distributions[/h]

  • Kali - A Linux distribution designed for digital forensics and penetration testing
  • NST - Network Security Toolkit distribution
  • Pentoo - security-focused livecd based on Gentoo
  • BackBox - Ubuntu-based distribution for penetration tests and security assessments

[h=4]Basic Penetration Testing Tools[/h]

  • Metasploit - World's most used penetration testing software
  • Burp - An integrated platform for performing security testing of web applications

[h=4]Vulnerability Scanners[/h]

  • Netsparker - Web Application Security Scanner
  • Nexpose - Vulnerability Management & Risk Management Software
  • Nessus - Vulnerability, configuration, and compliance assessment
  • Nikto - Web application vulnerability scanner
  • OpenVAS - Open Source vulnerability scanner and manager
  • OWASP Zed Attack Proxy - Penetration testing tool for web applications
  • w3af - Web application attack and audit framework
  • Wapiti - Web application vulnerability scanner

[h=4][/h][h=4]Networks Tools[/h]

  • nmap - Free Security Scanner For Network Exploration & Security Audits
  • tcpdump/libpcap - A common packet analyzer that runs under the command line
  • Wireshark - A network protocol analyzer for Unix and Windows
  • Network Tools - Different network tools: ping, lookup, whois, etc
  • netsniff-ng - A Swiss army knife for for network sniffing
  • Intercepter-NG - a multifunctional network toolkit

[h=4]SSL Analysis Tools[/h]

  • SSLyze - SSL configuration scanner

[h=4]Hex Editors[/h]


[h=4]Windows Utils[/h]

[h=4]DDoS Tools[/h]

  • LOIC - An open source network stress tool for Windows
  • JS LOIC - JavaScript in-browser version of LOIC

[h=4]Social Engineering Tools[/h]

  • SET - The Social-Engineer Toolkit from TrustedSec

[h=4]Anonimity Tools[/h]

  • Tor - The free software for enabling onion routing online anonymity
  • I2P - The Invisible Internet Project

[h=4]Reverse Engineering Tools[/h]

  • IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • WDK/WinDbg - Windows Driver Kit and WinDbg
  • OllyDbg - An x86 debugger that emphasizes binary code analysis

[h=3]Books[/h] [h=4]Penetration Testing Books[/h]

[h=4]Hackers Handbook Series[/h]

[h=4]Network Analysis Books[/h]

[h=4]Reverse Engineering Books[/h]

[h=4]Malware Analysis Books[/h]

[h=4]Windows Books[/h]

[h=4]Social Engineering Books[/h]

[h=4][/h][h=4]Lock Picking Books[/h]

[h=3]Vulnerability Databases[/h]

[h=3][/h][h=3]Security Courses[/h]

[h=3]Information Security Conferences[/h]

  • DEF CON - An annual hacker convention in Las Vegas
  • Black Hat - An annual security conference in Las Vegas
  • BSides - A framework for organising and holding security conferences
  • CCC - An annual meeting of the international hacker scene in Germany
  • DerbyCon - An annual hacker conference based in Louisville
  • PhreakNIC - A technology conference held annually in middle Tennessee
  • ShmooCon - An annual US east coast hacker convention
  • CarolinaCon - An infosec conference, held annually in North Carolina
  • HOPE - A conference series sponsored by the hacker magazine 2600
  • SummerCon - One of the oldest hacker conventions, held during Summer
  • Hack.lu - An annual conference held in Luxembourg
  • HITB - Deep-knowledge security conference held in Malaysia and The Netherlands
  • Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany
  • Hack3rCon - An annual US hacker conference
  • ThotCon - An annual US hacker conference held in Chicago
  • LayerOne - An annual US security conerence held every spring in Los Angeles
  • DeepSec - Security Conference in Vienna, Austria
  • SkyDogCon - A technology conference in Nashville

[h=3][/h][h=3]Information Security Magazines[/h]

[h=3]Awesome Lists[/h]

[h=3][/h][h=3]Contribution[/h] Your contributions and suggestions are heartily? welcome. (????)

[h=3][/h][h=3]License[/h] 687474703a2f2f692e6372656174697665636f6d6d6f6e732e6f72672f6c2f62792f342e302f38387833312e706e67

This work is licensed under a Creative Commons Attribution 4.0 International License

Sursa: https://github.com/enaqx/awesome-pentest

  • Thanks 4
  • Upvote 8

Share this post

Link to post
Share on other sites
7 hours ago, Joseph14 said:

Great job.Thank you for sharing.

You have Like, Thanks, Upvote and Downvote buttons (The white heart with gray background at the bottom right of the screen of every forum post).

Please start using them and don't be a post hunter.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...