```diff + UPDATE: Added my huge link of bookmarks / references ❤️ ``` *Do you have a million bookmarks saved? Do all of those bookmarks contain unique information? Github repos starred for later?* Well this is a compilation of all of these resources into a single repo known as **Cheatsheet-God**. No more need for bookmarked links. No need to open a web browser. Its all here for you. This is a collection of resources, scripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want! All contributions are welcomed! If you feel like you can contribute and make these documents more complete, please do! I'll acknowledge you. ### If you would like to improve anything, and add to this repo, PLEASE DO! Here's what you do: 1. Create Issue Request describing your `enhancement` 2. Fork this repository 3. Push some code to your fork 4. Come back to this repository and open a PR 5. After some review, get that PR merged to master 6. Make sure to update Issue Request so that I can credit you! You ROCK! Feel free to also open an issue with any questions, help wanted, or requests! ## Acknowledgments * Inspiration: Making a cheatsheet god would be proud of using. * Hat tip to anyone who ever contributed :shipit:   -> Much thanks to [MrTsRex](https://github.com/MrTsRex) for Cheatsheet_Windows.txt enumerating Windows version vulnerabilities     -> Much thanks to [susmithaaa](https://github.com/susmithaaa) for his contribution to Cheatsheet_PenTesting.txt password attacks section     -> Much thanks to [akshaycbor](https://github.com/akshaycbor) for his contribution to Cheatsheet_MobileAppTesting.txt regarding apk repackaging instructions   ## More #### WeChat Official Account A_Can_Of_Tuna  ## Get Some Practice [Hack The Box](https://www.hackthebox.eu/) [Attack Defense 1000+ Labs!](https://attackdefense.com/)
[VulnHub](https://www.vulnhub.com/)
[Root.me](https://www.root-me.org/)
[Penetration Testing Practice Lab / Vulnerable Apps/Systems ](https://www.amanhardikar.com/mindmaps/Practice.html)
[Vulhub](https://vulhub.org/)
[Vulapps](http://vulapps.evalbug.com/)
[Vulnspy](https://www.vulnspy.com/)
[Upload-Labs](https://github.com/c0ny1/upload-labs)
[TryHackMe](https://tryhackme.com/)
[HackThisSite](https://www.hackthissite.org/)
[PentesterLab](https://pentesterlab.com/exercises)
[HellBound Hackers](https://hbh.sh/home)
[PortSwigger Web Security Academy Labs](https://portswigger.net/web-security)
## BLOGS https://scriptkidd1e.wordpress.com/oscp-journey/ http://www.securitysift.com/offsec-pwb-oscp/ http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/ http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html http://hackingandsecurity.blogspot.com Http://carnal0wnage.blogspot.com/ Http://www.mcgrewsecurity.com/ Http://www.gnucitizen.org/blog/ Http://www.darknet.org.uk/ Http://spylogic.net/ Http://taosecurity.blogspot.com/ Http://www.room362.com/ Http://blog.sipvicious.org/ Http://blog.portswigger.net/ Http://pentestmonkey.net/blog/ Http://jeremiahgrossman.blogspot.com/ Http://i8jesus.com/ Http://blog.c22.cc/ Http://www.skullsecurity.org/blog/ Http://blog.metasploit.com/ Http://www.darkoperator.com/ Http://blog.skeptikal.org/ Http://preachsecurity.blogspot.com/ Http://www.tssci-security.com/ Http://www.gdssecurity.com/l/b/ Http://websec.wordpress.com/ Http://bernardodamele.blogspot.com/ Http://laramies.blogspot.com/ Http://www.spylogic.net/ Http://blog.andlabs.org/ Http://xs-sniper.com/blog/ Http://www.commonexploits.com/ Http://www.sensepost.com/blog/ Http://wepma.blogspot.com/ Http://exploit.co.il/ Http://securityreliks.wordpress.com/ Http://www.madirish.net/index.html Http://sirdarckcat.blogspot.com/ Http://reusablesec.blogspot.com/ Http://myne-us.blogspot.com/ Http://www.notsosecure.com/ Http://blog.spiderlabs.com/ Http://www.corelan.be/ Http://www.digininja.org/ Http://www.pauldotcom.com/ Http://www.attackvector.org/ Http://deviating.net/ Http://www.alphaonelabs.com/ Http://www.smashingpasswords.com/ Http://wirewatcher.wordpress.com/ Http://gynvael.coldwind.pl/ Http://www.nullthreat.net/ Http://www.question-defense.com/ Http://archangelamael.blogspot.com/ Http://memset.wordpress.com/ Http://sickness.tor.hu/ Http://punter-infosec.com/ Http://www.securityninja.co.uk/ Http://securityandrisk.blogspot.com/ Http://esploit.blogspot.com/ Http://www.pentestit.com/ ## FORUMS Http://sla.ckers.org/forum/index.php Http://www.ethicalhacker.net/ Http://www.backtrack-linux.org/forums/ Http://www.elitehackers.info/forums/ Http://www.hackthissite.org/forums/index.php Http://securityoverride.com/forum/index.php Http://www.iexploit.org/ Http://bright-shadows.net/ Http://www.governmentsecurity.org/forum/ Http://forum.intern0t.net/ ## MAGAZINES Http://www.net-security.org/insecuremag.php Http://hakin9.org/ ## VIDEO Http://www.hackernews.com/ Http://www.securitytube.net/ Http://www.irongeek.com/i.php?page=videos/aide-winter-2011 Http://avondale.good.net/dl/bd/ Http://achtbaan.nikhef.nl/27c3-stream/releases/mkv/ http://www.youtube.com/user/ChRiStIaAn008 http://www.youtube.com/user/HackingCons https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A https://www.youtube.com/channel/UCFmjA6dnjv-phqrFACyI8tw https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w https://www.youtube.com/user/RootOfTheNull https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA ## METHODOLOGIES http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html http://www.pentest-standard.org/index.php/Main_Page http://projects.webappsec.org/w/page/13246978/Threat-Classification http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Http://www.social-engineer.org/ ## PRESENTATIONS Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-1-social-networks/ http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata/ Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-3-monitoring/ http://www.slideshare.net/Laramies/tactical-information-gathering Http://www.sans.org/reading_room/whitepapers/privacy/document_metadata_the_silent_killer__32974 Http://infond.blogspot.com/2010/05/toturial-footprinting.html ## PEOPLE AND ORGANIZATIONAL Http://www.spokeo.com/ Http://www.123people.com/ Http://www.xing.com/ Http://www.zoominfo.com/search Http://pipl.com/ Http://www.zabasearch.com/ Http://www.searchbug.com/default.aspx Http://theultimates.com/ Http://skipease.com/ Http://addictomatic.com/ Http://socialmention.com/ Http://entitycube.research.microsoft.com/ Http://www.yasni.com/ Http://tweepz.com/ Http://tweepsearch.com/ Http://www.glassdoor.com/index.htm Http://www.jigsaw.com/ http://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp Http://www.tineye.com/ Http://www.peekyou.com/ Http://picfog.com/ Http://twapperkeeper.com/index.php ## INFRASTRUCTURE Http://uptime.netcraft.com/ Http://www.serversniff.net/ Http://www.domaintools.com/ Http://centralops.net/co/ Http://hackerfantastic.com/ Http://whois.webhosting.info/ Https://www.ssllabs.com/ssldb/analyze.html Http://www.clez.net/ Http://www.my-ip-neighbors.com/ Http://www.shodanhq.com/ Http://www.exploit-db.com/google-dorks/ Http://www.hackersforcharity.org/ghdb/ EXPLOITS AND ADVISORIES Http://www.exploit-db.com/ Http://www.cvedetails.com/ Http://www.packetstormsecurity.org/ http://www.securityforest.com/wiki/index.php/Main_Page Http://www.securityfocus.com/bid Http://nvd.nist.gov/ Http://osvdb.org/ http://www.nullbyte.org.il/Index.html Http://secdocs.lonerunners.net/ http://www.phenoelit-us.org/whatSAP/index.html Http://secunia.com/ Http://cve.mitre.org/ CHEATSHEETS AND SYNTAX Http://www.cheat-sheets.org/ Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/ ## AGILE HACKING Http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/ Http://blog.commandlinekungfu.com/ Http://www.securityaegis.com/simple-yet-effective-directory-bruteforcing/ Http://isc.sans.edu/diary.html?storyid=2376 Http://isc.sans.edu/diary.html?storyid=1229 Http://ss64.com/nt/ Http://pauldotcom.com/2010/02/running-a-command-on-every-mac.html Http://synjunkie.blogspot.com/2008/03/command-line-ninjitsu.html Http://www.zonbi.org/2010/06/09/wmic-the-other-other-white-meat/ Http://rstcenter.com/forum/22324-hacking-without-tools-windows.rst http://www.coresecurity.com/files/attachments/Core_Define_and_Win_Cmd_Line.pdf http://www.scribd.com/Penetration-Testing-Ninjitsu2-Infrastructure-and-Netcat-without-Netcat/d/3064507 Http://www.pentesterscripting.com/ Http://www.sans.org/reading_room/whitepapers/hackers/windows-script-host-hack-windows_33583 http://www.blackhat.com/presentations/bh-dc-10/Bannedit/BlackHat-DC-2010-Bannedit-Advanced-Command-Injection-Exploitation-1-wp.pdf ## OS AND SCRIPTS http://en.wikipedia.org/wiki/IPv4_subnetting_reference Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/ Http://shelldorado.com/shelltips/beginner.html Http://www.linuxsurvival.com/ http://mywiki.wooledge.org/BashPitfalls Http://rubular.com/ Http://www.iana.org/assignments/port-numbers Http://www.robvanderwoude.com/ntadmincommands.php Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/ ## TOOLS Http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf Http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html Http://h.ackack.net/cheat-sheets/netcat ## DISTROS Http://www.backtrack-linux.org/ Http://www.matriux.com/ Http://samurai.inguardians.com/ http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project Https://pentoo.ch/ Http://www.hackfromacave.com/articles_and_adventures/katana_v2_release.html Http://www.piotrbania.com/all/kon-boot/ Http://www.linuxfromscratch.org/ Http://sumolinux.suntzudata.com/ Http://blog.0x0e.org/2009/11/20/pentesting-with-an-ubuntu-box/#comments Http://www.backbox.org/ ## LABS ISOS AND VMS Http://sourceforge.net/projects/websecuritydojo/ http://code.google.com/p/owaspbwa/wiki/ProjectSummary Http://heorot.net/livecds/ Http://informatica.uv.es/~carlos/docencia/netinvm/ Http://www.bonsai-sec.com/en/research/moth.php Http://blog.metasploit.com/2010/05/introducing-metasploitable.html Http://pynstrom.net/holynix.php Http://gnacktrack.co.uk/download.php Http://sourceforge.net/projects/lampsecurity/files/ Https://www.hacking-lab.com/news/newspage/livecd-v4.3-available.html Http://sourceforge.net/projects/virtualhacking/files/ Http://www.badstore.net/ Http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 Http://www.dvwa.co.uk/ Http://sourceforge.net/projects/thebutterflytmp/ ## VULNERABLE SOFTWARE Http://www.oldapps.com/ Http://www.oldversion.com/ Http://www.exploit-db.com/webapps/ Http://code.google.com/p/wavsep/downloads/list http://www.owasp.org/index.php/Owasp_SiteGenerator Http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx Http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx ## TEST SITES Http://www.webscantest.com/ http://crackme.cenzic.com/Kelev/view/home.php http://zero.webappsecurity.com/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Http://testaspnet.vulnweb.com/ Http://testasp.vulnweb.com/ Http://testphp.vulnweb.com/ Http://demo.testfire.net/ Http://hackme.ntobjectives.com/ ## EXPLOITATION INTRO Http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html Http://www.mgraziano.info/docs/stsi2010.pdf Http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/ Http://www.ethicalhacker.net/content/view/122/2/ http://code.google.com/p/it-sec-catalog/wiki/Exploitation Http://x9090.blogspot.com/2010/03/tutorial-exploit-writting-tutorial-from.html Http://ref.x86asm.net/index.html ## REVERSE ENGINEERING & MALWARE http://www.woodmann.com/TiGa/idaseries.html Http://www.binary-auditing.com/ Http://visi.kenshoto.com/ Http://www.radare.org/y/ Http://www.offensivecomputing.net/ ## PASSWORDS AND HASHES Http://www.irongeek.com/i.php?page=videos/password-exploitation-class Http://cirt.net/passwords Http://sinbadsecurity.blogspot.com/2008/10/ms-sql-server-password-recovery.html Http://www.foofus.net/~jmk/medusa/medusa-smbnt.html Http://www.foofus.net/?page_id=63 Http://hashcrack.blogspot.com/ Http://www.nirsoft.net/articles/saved_password_location.html Http://www.onlinehashcrack.com/ Http://www.md5this.com/list.php? Http://www.virus.org/default-password Http://www.phenoelit-us.org/dpl/dpl.html Http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html ## WORDLISTS Http://contest.korelogic.com/wordlists.html http://packetstormsecurity.org/Crackers/wordlists/ http://www.skullsecurity.org/wiki/index.php/Passwords Http://www.ericheitzman.com/passwd/passwords/ ## PASS THE HASH Http://www.sans.org/reading_room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation_33283 Http://www.sans.org/reading_room/whitepapers/testing/crack-pass-hash_33219 Http://carnal0wnage.blogspot.com/2008/03/using-pash-hash-toolkit.html ## MITM Http://www.giac.org/certified_professionals/practicals/gsec/0810.php http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf Http://www.cs.uiuc.edu/class/sp08/cs498sh/slides/dsniff.pdf Http://www.techvibes.com/blog/a-hackers-story-let-me-tell-you-just-how-easily-i-can-steal-your-personal-data http://www.mindcenter.net/uploads/ECCE101.pdf Http://toorcon.org/pres12/3.pdf http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf Http://packetstormsecurity.org/papers/wireless/cracking-air.pdf Http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf http://www.oact.inaf.it/ws-ssri/Costa.pdf Http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf http://mcafeeseminar.com/focus/downloads/Live_Hacking.pdf http://www.seanobriain.com/docs/PasstheParcel-MITMGuide.pdf http://www.more.net/sites/default/files/2010JohnStrandKeynote.pdf http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf http://bandwidthco.com/whitepapers/netforensics/arp/EtterCap%20ARP%20Spoofing%20&%20Beyond.pdf http://bandwidthco.com/whitepapers/netforensics/arp/Fun%20With%20EtterCap%20Filters.pdf http://www.iac.iastate.edu/iasg/libarchive/0910/The_Magic_of_Ettercap/The_Magic_of_Ettercap.pdf Http://articles.manugarg.com/arp_spoofing.pdf http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf http://www.ucci.it/docs/ICTSecurity-2004-26.pdf http://web.mac.com/opticrealm/iWeb/asurobot/My%20Cyber%20Attack%20Papers/My%20Cyber%20Attack%20Papers_files/ettercap_Nov_6_2005-1.pdf Http://blog.spiderlabs.com/2010/12/thicknet.html Http://www.hackyeah.com/2010/10/ettercap-filters-with-metasploit-browser_autopwn/ Http://www.go4expert.com/forums/showthread.php?t=11842 Http://www.irongeek.com/i.php?page=security/ettercapfilter Http://openmaniak.com/ettercap_filter.php Http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming Http://www.irongeek.com/i.php?page=videos/ettercap-plugins-find-ip-gw-discover-isolate Http://www.irongeek.com/i.php?page=videos/ettercapfiltervid1 Http://spareclockcycles.org/2010/06/10/sergio-proxy-released/ ## TOOLS OSINT http://www.edge-security.com/theHarvester.php Http://www.mavetju.org/unix/dnstracer-man.php Http://www.paterva.com/web5/ ## Metadata Http://www.sans.org/reading_room/whitepapers/privacy/document-metadata-silent-killer_32974 Http://lcamtuf.coredump.cx/strikeout/ Http://www.sno.phy.queensu.ca/~phil/exiftool/ Http://www.edge-security.com/metagoofil.php Http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html ## GOOGLE HACKING Http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ Http://midnightresearch.com/projects/search-engine-assessment-tool/#downloads Http://sqid.rubyforge.org/#next http://voidnetwork.org/5ynL0rd/darkc0de/python_script/dorkScan.html ## WEB Http://www.bindshell.net/tools/beef Http://blindelephant.sourceforge.net/ Http://xsser.sourceforge.net/ Http://sourceforge.net/projects/rips-scanner/ Http://www.divineinvasion.net/authforce/ Http://andlabs.org/tools.html#sotf http://www.taddong.com/docs/Browser_Exploitation_for_Fun&Profit_Taddong-RaulSiles_Nov2010_v1.1.pdf Http://carnal0wnage.blogspot.com/2007/07/using-sqid-sql-injection-digger-to-look.html Http://code.google.com/p/pinata-csrf-tool/ Http://xsser.sourceforge.net/#intro Http://www.contextis.co.uk/resources/tools/clickjacking-tool/ Http://packetstormsecurity.org/files/view/69896/unicode-fun.txt Http://sourceforge.net/projects/ws-attacker/files/ Https://github.com/koto/squid-imposter ## ATTACK STRINGS Http://code.google.com/p/fuzzdb/ http://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database#tab=Statements ## SHELLS Http://sourceforge.net/projects/yokoso/ Http://sourceforge.net/projects/ajaxshell/ ## SCANNERS Http://w3af.sourceforge.net/ Http://code.google.com/p/skipfish/ Http://sqlmap.sourceforge.net/ Http://sqid.rubyforge.org/#next http://packetstormsecurity.org/UNIX/scanners/XSSscan.py.txt http://code.google.com/p/fimap/wiki/WindowsAttack Http://code.google.com/p/fm-fsf/ ## PROXIES Burp Http://www.sans.org/reading_room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder_33214 Http://www.gdssecurity.com/l/b/2010/08/10/constricting-the-web-the-gds-burp-api/ Http://sourceforge.net/projects/belch/files/ Http://www.securityninja.co.uk/application-security/burp-suite-tutorial-repeater-and-comparer-tools Http://blog.ombrepixel.com/ Http://andlabs.org/tools.html#dser Http://feoh.tistory.com/22 Http://www.sensepost.com/labs/tools/pentest/reduh http://www.owasp.org/index.php/OWASP_WebScarab_NG_Project Http://intrepidusgroup.com/insight/mallory/ Http://www.fiddler2.com/fiddler2/ http://websecuritytool.codeplex.com/documentation?referringTitle=Home http://translate.google.com/translate?hl=en&sl=es&u=http://xss.codeplex.com/releases/view/43170&prev=/search%3Fq%3Dhttp://www.hackingeek.com/2010/08/x5s-encuentra-fallos-xss-lfi-rfi-en-tus.html%26hl%3Den&rurl=translate.google.com&twu=1 ## SOCIAL ENGINEERING Http://www.secmaniac.com/ ## PASSWORD Http://nmap.org/ncrack/ Http://www.foofus.net/~jmk/medusa/medusa.html Http://www.openwall.com/john/ Http://ophcrack.sourceforge.net/ Http://blog.0x3f.net/tool/keimpx-in-action/ Http://code.google.com/p/keimpx/ Http://sourceforge.net/projects/hashkill/ ## METASPLOIT Http://www.indepthdefense.com/2009/02/reverse-pivots-with-metasploit-how-not.html http://code.google.com/p/msf-hack/wiki/WmapNikto Http://www.indepthdefense.com/2009/01/metasploit-visual-basic-payloads-in.html Http://seclists.org/metasploit/ Http://pauldotcom.com/2010/03/nessus-scanning-through-a-meta.html Http://meterpreter.illegalguy.hostzi.com/ Http://blog.metasploit.com/2010/03/automating-metasploit-console.html Http://www.workrobot.com/sansfire2009/561.html Http://www.securitytube.net/video/711 http://en.wikibooks.org/wiki/Metasploit/MeterpreterClient#download Http://vimeo.com/16852783 Http://milo2012.wordpress.com/2009/09/27/xlsinjector/ Http://www.fastandeasyhacking.com/ Http://trac.happypacket.net/ http://www.blackhat.com/presentations/bh-dc-10/Ames_Colin/BlackHat-DC-2010-colin-david-neurosurgery-with-meterpreter-wp.pdf http://www.blackhat.com/presentations/bh-dc-10/Egypt/BlackHat-DC-2010-Egypt-UAV-slides.pdf http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training Http://www.irongeek.com/i.php?page=videos/metasploit-class Http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6158.0/ Http://vimeo.com/16925188 Http://www.ustream.tv/recorded/13396511 Http://www.ustream.tv/recorded/13397426 Http://www.ustream.tv/recorded/13398740 ## MSF Exploits or Easy Http://www.nessus.org/plugins/index.php?view=single&id=12204 Http://www.nessus.org/plugins/index.php?view=single&id=11413 Http://www.nessus.org/plugins/index.php?view=single&id=18021 Http://www.nessus.org/plugins/index.php?view=single&id=26918 Http://www.nessus.org/plugins/index.php?view=single&id=34821 Http://www.nessus.org/plugins/index.php?view=single&id=22194 Http://www.nessus.org/plugins/index.php?view=single&id=34476 Http://www.nessus.org/plugins/index.php?view=single&id=25168 Http://www.nessus.org/plugins/index.php?view=single&id=19408 Http://www.nessus.org/plugins/index.php?view=single&id=21564 Http://www.nessus.org/plugins/index.php?view=single&id=10862 Http://www.nessus.org/plugins/index.php?view=single&id=26925 Http://www.nessus.org/plugins/index.php?view=single&id=29314 Http://www.nessus.org/plugins/index.php?view=single&id=23643 Http://www.nessus.org/plugins/index.php?view=single&id=12052 Http://www.nessus.org/plugins/index.php?view=single&id=12052 Http://www.nessus.org/plugins/index.php?view=single&id=34477 Http://www.nessus.org/plugins/index.php?view=single&id=15962 Http://www.nessus.org/plugins/index.php?view=single&id=42106 Http://www.nessus.org/plugins/index.php?view=single&id=15456 Http://www.nessus.org/plugins/index.php?view=single&id=21689 Http://www.nessus.org/plugins/index.php?view=single&id=12205 Http://www.nessus.org/plugins/index.php?view=single&id=22182 Http://www.nessus.org/plugins/index.php?view=single&id=26919 Http://www.nessus.org/plugins/index.php?view=single&id=26921 Http://www.nessus.org/plugins/index.php?view=single&id=21696 Http://www.nessus.org/plugins/index.php?view=single&id=40887 Http://www.nessus.org/plugins/index.php?view=single&id=10404 Http://www.nessus.org/plugins/index.php?view=single&id=18027 Http://www.nessus.org/plugins/index.php?view=single&id=19402 Http://www.nessus.org/plugins/index.php?view=single&id=11790 Http://www.nessus.org/plugins/index.php?view=single&id=12209 Http://www.nessus.org/plugins/index.php?view=single&id=10673 ## NSE Http://www.securitytube.net/video/931 Http://nmap.org/nsedoc/ ## NET SCANNERS AND SCRIPTS Http://nmap.org/ Http://asturio.gmxhome.de/software/sambascan2/i.html Http://www.softperfect.com/products/networkscanner/ Http://www.openvas.org/ Http://tenable.com/products/nessus Http://www.rapid7.com/vulnerability-scanner.jsp Http://www.eeye.com/products/retina/community ## POST EXPLOITATION Http://www.awarenetwork.org/home/rattle/source/python/exe2bat.py Http://www.phx2600.org/archive/2008/08/29/metacab/ Http://www.room362.com/blog/2011/9/6/post-exploitation-command-lists.html ## NETCAT Http://readlist.com/lists/insecure.org/nmap-dev/1/7779.html Http://www.radarhack.com/tutorial/ads.pdf http://www.infosecwriters.com/text_resources/pdf/Netcat_for_the_Masses_DDebeer.pdf Http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf Http://www.dest-unreach.org/socat/ Http://www.antionline.com/archive/index.php/t-230603.html Http://technotales.wordpress.com/2009/06/14/netcat-tricks/ Http://seclists.org/nmap-dev/2009/q1/581 Http://www.terminally-incoherent.com/blog/2007/08/07/few-useful-netcat-tricks/ http://www.inguardians.com/research/docs/Skoudis_pentestsecrets.pdf Http://gse-compliance.blogspot.com/2008/07/netcat.html ## SOURCE INSPECTION Http://www.justanotherhacker.com/projects/graudit.html Http://code.google.com/p/javasnoop/ ## FIREFOX ADDONS https://addons.mozilla.org/en-US/firefox/addon/wappalyzer/?src=collection https://addons.mozilla.org/en-US/firefox/addon/web-developer/?src=collection https://addons.mozilla.org/en-CA/firefox/addon/cookie-quick-manager/ https://addons.mozilla.org/en-CA/firefox/addon/hackbartool/ ## TOOL LISTINGS Http://packetstormsecurity.org/files/tags/tool http://tools.securitytube.net/index.php?title=Main_Page ## TRAINING/CLASSES SEC/HACKING Http://pentest.cryptocity.net/ Http://www.irongeek.com/i.php?page=videos/network-sniffers-class http://samsclass.info/124/124_Sum09.shtml Http://www.cs.ucsb.edu/~vigna/courses/cs279/ Http://crypto.stanford.edu/cs142/ Http://crypto.stanford.edu/cs155/ Http://cseweb.ucsd.edu/classes/wi09/cse227/ Http://www-inst.eecs.berkeley.edu/~cs161/sp11/ http://security.ucla.edu/pages/Security_Talks Http://www.cs.rpi.edu/academics/courses/spring10/csci4971/ Http://cr.yp.to/2004-494.html Http://www.ece.cmu.edu/~dbrumley/courses/18732-f09/ Https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot Http://stuff.mit.edu/iap/2009/#websecurity ## PROGRAMMING Python Http://code.google.com/edu/languages/google-python-class/index.html http://www.swaroopch.com/notes/Python_en: Table_of_Contents http://www.thenewboston.com/?cat=40&pOpen=tutorial Http://showmedo.com/videotutorials/python Http://www.catonmat.net/blog/learning-python-programming-language-through-video-lectures/ ## PROGRAMMING Ruby Http://www.tekniqal.com/ ## OTHER MISC Http://www.cs.sjtu.edu.cn/~kzhu/cs490/ Https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot/ http://i-web.iu-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/ Http://resources.infosecinstitute.com/ Http://vimeo.com/user2720399 ## WEB VECTORS SQLI Http://pentestmonkey.net/blog/mssql-sql-injection-cheat-sheet/ Http://isc.sans.edu/diary.html?storyid=9397 Http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ Http://www.evilsql.com/main/index.php Http://xd-blog.com.ar/descargas/manuales/bugs/full-mssql-injection-pwnage.html http://securityoverride.com/articles.php?article_id=1&article=The_Complete_Guide_to_SQL_Injections Http://websec.wordpress.com/2010/03/19/exploiting-hard-filtered-sql-injections/ Http://sqlzoo.net/hack/ Http://www.sqlteam.com/article/sql-server-versions Http://www.krazl.com/blog/?p=3 http://www.owasp.org/index.php/Testing_for_MS_Access http://web.archive.org/web/20101112061524/http://seclists.org/pen-test/2003/May/0074.html http://web.archive.org/web/20080822123152/http://www.webapptest.org/ms-access-sql-injection-cheat-sheet-EN.html http://www.youtube.com/watch?v=WkHkryIoLD0 http://layerone.info/archives/2009/Joe%20McCray%20-%20Advanced%20SQL%20Injection%20-%20L1%202009.pdf Http://vimeo.com/3418947 Http://sla.ckers.org/forum/read.php?24,33903 Http://websec.files.wordpress.com/2010/11/sqli2.pdf Http://old.justinshattuck.com/2007/01/18/mysql-injection-cheat-sheet/ Http://ha.ckers.org/sqlinjection/ http://lab.mediaservice.net/notes_more.php?id=MSSQL ## WEB VECTORS UPLOAD TRICKS Http://www.google.com/#hl=en&q=bypassing+upload+file+type&start=40&sa=N&fp=a2bb30ecf4f91972 Http://blog.skeptikal.org/2009/11/adobe-responds-sort-of.html Http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/ Http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/ Http://ex.ploit.net/f20/tricks-tips-bypassing-image-uploaders-t3hmadhatt3r-38/ Http://www.ravenphpscripts.com/article2974.html Http://www.acunetix.com/cross-site-scripting/scanner.htm Http://www.vupen.com/english/advisories/2009/3634 Http://msdn.microsoft.com/en-us/library/aa478971.aspx Http://dev.tangocms.org/issues/237 http://seclists.org/fulldisclosure/2006/Jun/508 Http://www.gnucitizen.org/blog/cross-site-file-upload-attacks/ http://www.ipolicynetworks.com/technology/files/TikiWiki_jhot.php_Script_File_Upload_Security_Bypass_Vulnerability.html http://shsc.info/FileUploadSecurity ## WEB VECTORS LFI/RFI Http://pastie.org/840199 Http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/ Http://www.notsosecure.com/folder2/2010/08/20/lfi-code-exec-remote-root/?utm_source=twitterfeed&utm_medium=twitter Http://labs.neohapsis.com/2008/07/21/local-file-inclusion-%E2%80%93-tricks-of-the-trade/ Http://www.digininja.org/blog/when_all_you_can_do_is_read.php ## WEB VECTORS XSS Http://www.infosecwriters.com/hhworld/hh8/csstut.htm http://www.technicalinfo.net/papers/CSS.html Http://msmvps.com/blogs/alunj/archive/2010/07/07/1773441.aspx Http://forum.intern0t.net/web-hacking-war-games/112-cross-site-scripting-attack-defense-guide.html https://media.blackhat.com/bh-eu-10/presentations/Lindsay_Nava/BlackHat-EU-2010-Lindsay-Nava-IE8-XSS-Filters-slides.pdf Http://sirdarckcat.blogspot.com/2009/08/our-favorite-xss-filters-and-how-to.html Http://www.securityaegis.com/filter-evasion-houdini-on-the-wire/ Http://heideri.ch/jso/#javascript Http://www.reddit.com/r/xss/ Http://sla.ckers.org/forum/list.php?2 ## COLDFUSION Http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/ http://zastita.com/02114/Attacking_ColdFusion..html Http://www.nosec.org/2010/0809/629.html http://h30507.www3.hp.com/t5/Following-the-White-Rabbit-A/Adobe-ColdFusion-s-Directory-Traversal-Disaster/ba-p/81964 http://cfunited.com/2009/files/presentations/254_ShlomyGantz_August2009_HackProofingColdFusion.pdf ## SHAREPOINT http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6131.msg32678/#msg32678 ## LOTUS http://blog.ombrepixel.com/post/2009/05/06/Lotus-Notes/Domino-Security http://seclists.org/pen-test/2002/Nov/43 Http://www.sectechno.com/2010/07/12/hacking-lotus-domino/? ## JBOSS http://www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf Http://blog.mindedsecurity.com/2010/04/good-bye-critical-jboss-0day.html ## VMWARE WEB Http://www.metasploit.com/modules/auxiliary/scanner/http/vmware_server_dir_trav ## ORACLE APP SERVERS Http://www.hideaway.net/2007/07/hacking-oracle-application-servers.html http://www.owasp.org/index.php/Testing_for_Oracle Http://www.ngssoftware.com/services/software-products/internet-security/orascan.aspx http://www.ngssoftware.com/services/software-products/Database-Security/NGSSQuirreLOracle.aspx Http://www.ngssoftware.com/papers/hpoas.pdf ## SAP Http://www.onapsis.com/research.html#bizploit Http://marc.info/?l=john-users&m=121444075820309&w=2 http://www.phenoelit-us.org/whatSAP/index.html ## WIRELESS Http://code.google.com/p/pyrit/ ## CAPTURE THE FLAG/WARGAMES Http://intruded.net/ Http://smashthestack.org/ Http://flack.hkpco.kr/ Http://ctf.hcesperer.org/ Http://ictf.cs.ucsb.edu/ Http://capture.thefl.ag/calendar/ ## MISC/UNSORTED http://www.ikkisoft.com/stuff/SMH_XSS.txt Http://securestate.blogspot.com/2010/08/xfs-101-cross-frame-scripting-explained.html?utm_source=twitterfeed&utm_medium=twitter Http://whatthefuckismyinformationsecuritystrategy.com/ Http://video.google.com/videoplay?docid=4379894308228900017&q=owasp# http://video.google.com/videoplay?docid=4994651985041179755&ei=_1k4TKj-PI-cqAPioJnKDA&q=deepsec# Http://www.sensepost.com/blog/4552.html Http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html Http://threatpost.com/en_us/blogs/hd-moore-metasploit-exploitation-and-art-pen-testing-040210 Http://carnal0wnage.attackresearch.com/node/410 Http://www.cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf http://www.spy-hunter.com/Database_Pen_Testing_ISSA_March_25_V2.pdf Http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/