27

GitHub - OlivierLaflamme/Cheatsheet-God: Penetration Testing Biggest Reference B...

4 years ago

source link: https://github.com/OlivierLaflamme/Cheatsheet-God
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md

📂 Cheatsheet-God 📂

+ UPDATE: Added my huge link of bookmarks / references ❤️ love

Do you have a million bookmarks saved? Do all of those bookmarks contain unique information? Github repos starred for later?

Well this is a compilation of all of these resources into a single repo known as Cheatsheet-God. No more need for bookmarked links. No need to open a web browser. Its all here for you.

This is a collection of resources, scripts and easy to follow how-to's. I have been gathering (and continuing to gather) in preparation for the OSCP as well as for general pentesting. Feel free to use however you want!

All contributions are welcomed! If you feel like you can contribute and make these documents more complete, please do! I'll acknowledge you.

If you would like to improve anything, and add to this repo, PLEASE DO!

Here's what you do:

Create Issue Request describing your enhancement
Fork this repository
Push some code to your fork
Come back to this repository and open a PR
After some review, get that PR merged to master
Make sure to update Issue Request so that I can credit you! You ROCK!

Feel free to also open an issue with any questions, help wanted, or requests!

Acknowledgments

Inspiration: Making a cheatsheet god would be proud of using.
Hat tip to anyone who ever contributed

-> Much thanks to MrTsRex for Cheatsheet_Windows.txt enumerating Windows version vulnerabilities

-> Much thanks to susmithaaa for his contribution to Cheatsheet_PenTesting.txt password attacks section

Helpful Links / Articles I'd Reccomend You Check Out

Amazing Blog http://hackingandsecurity.blogspot.com
OSCP Journey https://scriptkidd1e.wordpress.com/oscp-journey/
Offensive Security PWB and OSCP My Experience http://www.securitysift.com/offsec-pwb-oscp/
Down with OSCP http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/
Jolly Frogs - Tech Exams (Very thorough) http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html
Exploit-db https://www.exploit-db.com/
SecurityFocus - Vulnerability database http://www.securityfocus.com/
Vuln Hub - Vulnerable by design https://www.vulnhub.com/
Offensive Security’s PWB and OSCP — My Experience
http://www.securitysift.com/offsec-pwb-oscp/
Exploit Exercises https://exploit-exercises.com/
SecLists - collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads https://github.com/danielmiessler/SecLists
Security Tube http://www.securitytube.net/
Metasploit Unleashed - free course on how to use Metasploit https://www.offensive-security.com/metasploit-unleashed/
0Day Security Enumeration Guide http://www.0daysecurity.com/penetration-testing/enumeration.html

Get Some Practice

Hack The Box
Attack Defense 1000+ Labs!
VulnHub
Root.me
Penetration Testing Practice Lab / Vulnerable Apps/Systems
Vulhub
Vulapps
Vulnspy
Upload-Labs

BLOGS

Http://carnal0wnage.blogspot.com/ Http://www.mcgrewsecurity.com/ Http://www.gnucitizen.org/blog/ Http://www.darknet.org.uk/ Http://spylogic.net/ Http://taosecurity.blogspot.com/ Http://www.room362.com/ Http://blog.sipvicious.org/ Http://blog.portswigger.net/ Http://pentestmonkey.net/blog/ Http://jeremiahgrossman.blogspot.com/ Http://i8jesus.com/ Http://blog.c22.cc/ Http://www.skullsecurity.org/blog/ Http://blog.metasploit.com/ Http://www.darkoperator.com/ Http://blog.skeptikal.org/ Http://preachsecurity.blogspot.com/ Http://www.tssci-security.com/ Http://www.gdssecurity.com/l/b/ Http://websec.wordpress.com/ Http://bernardodamele.blogspot.com/ Http://laramies.blogspot.com/ Http://www.spylogic.net/ Http://blog.andlabs.org/ Http://xs-sniper.com/blog/ Http://www.commonexploits.com/ Http://www.sensepost.com/blog/ Http://wepma.blogspot.com/ Http://exploit.co.il/ Http://securityreliks.wordpress.com/ Http://www.madirish.net/index.html Http://sirdarckcat.blogspot.com/ Http://reusablesec.blogspot.com/ Http://myne-us.blogspot.com/ Http://www.notsosecure.com/ Http://blog.spiderlabs.com/ Http://www.corelan.be/ Http://www.digininja.org/ Http://www.pauldotcom.com/ Http://www.attackvector.org/ Http://deviating.net/ Http://www.alphaonelabs.com/ Http://www.smashingpasswords.com/ Http://wirewatcher.wordpress.com/ Http://gynvael.coldwind.pl/ Http://www.nullthreat.net/ Http://www.question-defense.com/ Http://archangelamael.blogspot.com/ Http://memset.wordpress.com/ Http://sickness.tor.hu/ Http://punter-infosec.com/ Http://www.securityninja.co.uk/ Http://securityandrisk.blogspot.com/ Http://esploit.blogspot.com/ Http://www.pentestit.com/

FORUMS

Http://sla.ckers.org/forum/index.php Http://www.ethicalhacker.net/ Http://www.backtrack-linux.org/forums/ Http://www.elitehackers.info/forums/ Http://www.hackthissite.org/forums/index.php Http://securityoverride.com/forum/index.php Http://www.iexploit.org/ Http://bright-shadows.net/ Http://www.governmentsecurity.org/forum/ Http://forum.intern0t.net/

MAGAZINES

Http://www.net-security.org/insecuremag.php Http://hakin9.org/

VIDEO

Http://www.hackernews.com/ Http://www.securitytube.net/ Http://www.irongeek.com/i.php?page=videos/aide-winter-2011 Http://avondale.good.net/dl/bd/ Http://achtbaan.nikhef.nl/27c3-stream/releases/mkv/ http://www.youtube.com/user/ChRiStIaAn008 http://www.youtube.com/user/HackingCons

METHODOLOGIES

http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html http://www.pentest-standard.org/index.php/Main_Page http://projects.webappsec.org/w/page/13246978/Threat-Classification http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Http://www.social-engineer.org/

PRESENTATIONS

Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-1-social-networks/ http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata/ Http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-3-monitoring/ http://www.slideshare.net/Laramies/tactical-information-gathering Http://www.sans.org/reading_room/whitepapers/privacy/document_metadata_the_silent_killer__32974 Http://infond.blogspot.com/2010/05/toturial-footprinting.html

PEOPLE AND ORGANIZATIONAL

Http://www.spokeo.com/ Http://www.123people.com/ Http://www.xing.com/ Http://www.zoominfo.com/search Http://pipl.com/ Http://www.zabasearch.com/ Http://www.searchbug.com/default.aspx Http://theultimates.com/ Http://skipease.com/ Http://addictomatic.com/ Http://socialmention.com/ Http://entitycube.research.microsoft.com/ Http://www.yasni.com/ Http://tweepz.com/ Http://tweepsearch.com/ Http://www.glassdoor.com/index.htm Http://www.jigsaw.com/ http://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp Http://www.tineye.com/ Http://www.peekyou.com/ Http://picfog.com/ Http://twapperkeeper.com/index.php

INFRASTRUCTURE

Http://uptime.netcraft.com/ Http://www.serversniff.net/ Http://www.domaintools.com/ Http://centralops.net/co/ Http://hackerfantastic.com/ Http://whois.webhosting.info/ Https://www.ssllabs.com/ssldb/analyze.html Http://www.clez.net/ Http://www.my-ip-neighbors.com/ Http://www.shodanhq.com/ Http://www.exploit-db.com/google-dorks/ Http://www.hackersforcharity.org/ghdb/ EXPLOITS AND ADVISORIES Http://www.exploit-db.com/ Http://www.cvedetails.com/ Http://www.packetstormsecurity.org/ http://www.securityforest.com/wiki/index.php/Main_Page Http://www.securityfocus.com/bid Http://nvd.nist.gov/ Http://osvdb.org/ http://www.nullbyte.org.il/Index.html Http://secdocs.lonerunners.net/ http://www.phenoelit-us.org/whatSAP/index.html Http://secunia.com/ Http://cve.mitre.org/ CHEATSHEETS AND SYNTAX Http://cirt.net/ports_dl.php?export=services Http://www.cheat-sheets.org/ Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/

AGILE HACKING

Http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/ Http://blog.commandlinekungfu.com/ Http://www.securityaegis.com/simple-yet-effective-directory-bruteforcing/ Http://isc.sans.edu/diary.html?storyid=2376 Http://isc.sans.edu/diary.html?storyid=1229 Http://ss64.com/nt/ Http://pauldotcom.com/2010/02/running-a-command-on-every-mac.html Http://synjunkie.blogspot.com/2008/03/command-line-ninjitsu.html Http://www.zonbi.org/2010/06/09/wmic-the-other-other-white-meat/ Http://rstcenter.com/forum/22324-hacking-without-tools-windows.rst http://www.coresecurity.com/files/attachments/Core_Define_and_Win_Cmd_Line.pdf http://www.scribd.com/Penetration-Testing-Ninjitsu2-Infrastructure-and-Netcat-without-Netcat/d/3064507 Http://www.pentesterscripting.com/ Http://www.sans.org/reading_room/whitepapers/hackers/windows-script-host-hack-windows_33583 http://www.blackhat.com/presentations/bh-dc-10/Bannedit/BlackHat-DC-2010-Bannedit-Advanced-Command-Injection-Exploitation-1-wp.pdf

OS AND SCRIPTS

http://en.wikipedia.org/wiki/IPv4_subnetting_reference Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/ Http://shelldorado.com/shelltips/beginner.html Http://www.linuxsurvival.com/ http://mywiki.wooledge.org/BashPitfalls Http://rubular.com/ Http://www.iana.org/assignments/port-numbers Http://www.robvanderwoude.com/ntadmincommands.php Http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/

TOOLS

Http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf Http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html Http://h.ackack.net/cheat-sheets/netcat

DISTROS

Http://www.backtrack-linux.org/ Http://www.matriux.com/ Http://samurai.inguardians.com/ http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project Https://pentoo.ch/ Http://www.hackfromacave.com/articles_and_adventures/katana_v2_release.html Http://www.piotrbania.com/all/kon-boot/ Http://www.linuxfromscratch.org/ Http://sumolinux.suntzudata.com/ Http://blog.0x0e.org/2009/11/20/pentesting-with-an-ubuntu-box/#comments Http://www.backbox.org/

LABS ISOS AND VMS

Http://sourceforge.net/projects/websecuritydojo/ http://code.google.com/p/owaspbwa/wiki/ProjectSummary Http://heorot.net/livecds/ Http://informatica.uv.es/~carlos/docencia/netinvm/ Http://www.bonsai-sec.com/en/research/moth.php Http://blog.metasploit.com/2010/05/introducing-metasploitable.html Http://pynstrom.net/holynix.php Http://gnacktrack.co.uk/download.php Http://sourceforge.net/projects/lampsecurity/files/ Https://www.hacking-lab.com/news/newspage/livecd-v4.3-available.html Http://sourceforge.net/projects/virtualhacking/files/ Http://www.badstore.net/ Http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 Http://www.dvwa.co.uk/ Http://sourceforge.net/projects/thebutterflytmp/

VULNERABLE SOFTWARE

Http://www.oldapps.com/ Http://www.oldversion.com/ Http://www.exploit-db.com/webapps/ Http://code.google.com/p/wavsep/downloads/list http://www.owasp.org/index.php/Owasp_SiteGenerator Http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx Http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx Http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx

TEST SITES

Http://www.webscantest.com/ http://crackme.cenzic.com/Kelev/view/home.php http://zero.webappsecurity.com/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com Http://testaspnet.vulnweb.com/ Http://testasp.vulnweb.com/ Http://testphp.vulnweb.com/ Http://demo.testfire.net/ Http://hackme.ntobjectives.com/

EXPLOITATION INTRO

Http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html Http://www.mgraziano.info/docs/stsi2010.pdf Http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/ Http://www.ethicalhacker.net/content/view/122/2/ http://code.google.com/p/it-sec-catalog/wiki/Exploitation Http://x9090.blogspot.com/2010/03/tutorial-exploit-writting-tutorial-from.html Http://ref.x86asm.net/index.html

REVERSE ENGINEERING & MALWARE

http://www.woodmann.com/TiGa/idaseries.html Http://www.binary-auditing.com/ Http://visi.kenshoto.com/ Http://www.radare.org/y/ Http://www.offensivecomputing.net/

PASSWORDS AND HASHES

Http://www.irongeek.com/i.php?page=videos/password-exploitation-class Http://cirt.net/passwords Http://sinbadsecurity.blogspot.com/2008/10/ms-sql-server-password-recovery.html Http://www.foofus.net/~jmk/medusa/medusa-smbnt.html Http://www.foofus.net/?page_id=63 Http://hashcrack.blogspot.com/ Http://www.nirsoft.net/articles/saved_password_location.html Http://www.onlinehashcrack.com/ Http://www.md5this.com/list.php? Http://www.virus.org/default-password Http://www.phenoelit-us.org/dpl/dpl.html Http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html

WORDLISTS

Http://contest.korelogic.com/wordlists.html http://packetstormsecurity.org/Crackers/wordlists/ http://www.skullsecurity.org/wiki/index.php/Passwords Http://www.ericheitzman.com/passwd/passwords/

PASS THE HASH

Http://www.sans.org/reading_room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation_33283 Http://www.sans.org/reading_room/whitepapers/testing/crack-pass-hash_33219 Http://carnal0wnage.blogspot.com/2008/03/using-pash-hash-toolkit.html

MITM

Http://www.giac.org/certified_professionals/practicals/gsec/0810.php http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf Http://www.cs.uiuc.edu/class/sp08/cs498sh/slides/dsniff.pdf Http://www.techvibes.com/blog/a-hackers-story-let-me-tell-you-just-how-easily-i-can-steal-your-personal-data http://www.mindcenter.net/uploads/ECCE101.pdf Http://toorcon.org/pres12/3.pdf http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf Http://packetstormsecurity.org/papers/wireless/cracking-air.pdf Http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf http://www.oact.inaf.it/ws-ssri/Costa.pdf Http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf http://mcafeeseminar.com/focus/downloads/Live_Hacking.pdf http://www.seanobriain.com/docs/PasstheParcel-MITMGuide.pdf http://www.more.net/sites/default/files/2010JohnStrandKeynote.pdf http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf http://bandwidthco.com/whitepapers/netforensics/arp/EtterCap%20ARP%20Spoofing%20&%20Beyond.pdf http://bandwidthco.com/whitepapers/netforensics/arp/Fun%20With%20EtterCap%20Filters.pdf http://www.iac.iastate.edu/iasg/libarchive/0910/The_Magic_of_Ettercap/The_Magic_of_Ettercap.pdf Http://articles.manugarg.com/arp_spoofing.pdf http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf http://www.ucci.it/docs/ICTSecurity-2004-26.pdf http://web.mac.com/opticrealm/iWeb/asurobot/My%20Cyber%20Attack%20Papers/My%20Cyber%20Attack%20Papers_files/ettercap_Nov_6_2005-1.pdf Http://blog.spiderlabs.com/2010/12/thicknet.html Http://www.hackyeah.com/2010/10/ettercap-filters-with-metasploit-browser_autopwn/ Http://www.go4expert.com/forums/showthread.php?t=11842 Http://www.irongeek.com/i.php?page=security/ettercapfilter Http://openmaniak.com/ettercap_filter.php Http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming Http://www.irongeek.com/i.php?page=videos/ettercap-plugins-find-ip-gw-discover-isolate Http://www.irongeek.com/i.php?page=videos/ettercapfiltervid1 Http://spareclockcycles.org/2010/06/10/sergio-proxy-released/

TOOLS OSINT

http://www.edge-security.com/theHarvester.php Http://www.mavetju.org/unix/dnstracer-man.php Http://www.paterva.com/web5/

Metadata

Http://www.sans.org/reading_room/whitepapers/privacy/document-metadata-silent-killer_32974 Http://lcamtuf.coredump.cx/strikeout/ Http://www.sno.phy.queensu.ca/~phil/exiftool/ Http://www.edge-security.com/metagoofil.php Http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html

GOOGLE HACKING

Http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/ Http://midnightresearch.com/projects/search-engine-assessment-tool/#downloads Http://sqid.rubyforge.org/#next http://voidnetwork.org/5ynL0rd/darkc0de/python_script/dorkScan.html

WEB

Http://www.bindshell.net/tools/beef Http://blindelephant.sourceforge.net/ Http://xsser.sourceforge.net/ Http://sourceforge.net/projects/rips-scanner/ Http://www.divineinvasion.net/authforce/ Http://andlabs.org/tools.html#sotf http://www.taddong.com/docs/Browser_Exploitation_for_Fun&Profit_Taddong-RaulSiles_Nov2010_v1.1.pdf Http://carnal0wnage.blogspot.com/2007/07/using-sqid-sql-injection-digger-to-look.html Http://code.google.com/p/pinata-csrf-tool/ Http://xsser.sourceforge.net/#intro Http://www.contextis.co.uk/resources/tools/clickjacking-tool/ Http://packetstormsecurity.org/files/view/69896/unicode-fun.txt Http://sourceforge.net/projects/ws-attacker/files/ Https://github.com/koto/squid-imposter

ATTACK STRINGS

Http://code.google.com/p/fuzzdb/ http://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database#tab=Statements

SHELLS

Http://sourceforge.net/projects/yokoso/ Http://sourceforge.net/projects/ajaxshell/

SCANNERS

Http://w3af.sourceforge.net/ Http://code.google.com/p/skipfish/ Http://sqlmap.sourceforge.net/ Http://sqid.rubyforge.org/#next http://packetstormsecurity.org/UNIX/scanners/XSSscan.py.txt http://code.google.com/p/fimap/wiki/WindowsAttack Http://code.google.com/p/fm-fsf/

PROXIES Burp

Http://www.sans.org/reading_room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder_33214 Http://www.gdssecurity.com/l/b/2010/08/10/constricting-the-web-the-gds-burp-api/ Http://sourceforge.net/projects/belch/files/ Http://www.securityninja.co.uk/application-security/burp-suite-tutorial-repeater-and-comparer-tools Http://blog.ombrepixel.com/ Http://andlabs.org/tools.html#dser Http://feoh.tistory.com/22 Http://www.sensepost.com/labs/tools/pentest/reduh http://www.owasp.org/index.php/OWASP_WebScarab_NG_Project Http://intrepidusgroup.com/insight/mallory/ Http://www.fiddler2.com/fiddler2/ http://websecuritytool.codeplex.com/documentation?referringTitle=Home http://translate.google.com/translate?hl=en&sl=es&u=http://xss.codeplex.com/releases/view/43170&prev=/search%3Fq%3Dhttp://www.hackingeek.com/2010/08/x5s-encuentra-fallos-xss-lfi-rfi-en-tus.html%26hl%3Den&rurl=translate.google.com&twu=1

SOCIAL ENGINEERING

Http://www.secmaniac.com/

PASSWORD

Http://nmap.org/ncrack/ Http://www.foofus.net/~jmk/medusa/medusa.html Http://www.openwall.com/john/ Http://ophcrack.sourceforge.net/ Http://blog.0x3f.net/tool/keimpx-in-action/ Http://code.google.com/p/keimpx/ Http://sourceforge.net/projects/hashkill/

METASPLOIT

Http://www.indepthdefense.com/2009/02/reverse-pivots-with-metasploit-how-not.html http://code.google.com/p/msf-hack/wiki/WmapNikto Http://www.indepthdefense.com/2009/01/metasploit-visual-basic-payloads-in.html Http://seclists.org/metasploit/ Http://pauldotcom.com/2010/03/nessus-scanning-through-a-meta.html Http://meterpreter.illegalguy.hostzi.com/ Http://blog.metasploit.com/2010/03/automating-metasploit-console.html Http://www.workrobot.com/sansfire2009/561.html Http://www.securitytube.net/video/711 http://en.wikibooks.org/wiki/Metasploit/MeterpreterClient#download Http://vimeo.com/16852783 Http://milo2012.wordpress.com/2009/09/27/xlsinjector/ Http://www.fastandeasyhacking.com/ Http://trac.happypacket.net/ http://www.blackhat.com/presentations/bh-dc-10/Ames_Colin/BlackHat-DC-2010-colin-david-neurosurgery-with-meterpreter-wp.pdf http://www.blackhat.com/presentations/bh-dc-10/Egypt/BlackHat-DC-2010-Egypt-UAV-slides.pdf http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training Http://www.irongeek.com/i.php?page=videos/metasploit-class Http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6158.0/ Http://vimeo.com/16925188 Http://www.ustream.tv/recorded/13396511 Http://www.ustream.tv/recorded/13397426 Http://www.ustream.tv/recorded/13398740

MSF Exploits or Easy

Http://www.nessus.org/plugins/index.php?view=single&id=12204 Http://www.nessus.org/plugins/index.php?view=single&id=11413 Http://www.nessus.org/plugins/index.php?view=single&id=18021 Http://www.nessus.org/plugins/index.php?view=single&id=26918 Http://www.nessus.org/plugins/index.php?view=single&id=34821 Http://www.nessus.org/plugins/index.php?view=single&id=22194 Http://www.nessus.org/plugins/index.php?view=single&id=34476 Http://www.nessus.org/plugins/index.php?view=single&id=25168 Http://www.nessus.org/plugins/index.php?view=single&id=19408 Http://www.nessus.org/plugins/index.php?view=single&id=21564 Http://www.nessus.org/plugins/index.php?view=single&id=10862 Http://www.nessus.org/plugins/index.php?view=single&id=26925 Http://www.nessus.org/plugins/index.php?view=single&id=29314 Http://www.nessus.org/plugins/index.php?view=single&id=23643 Http://www.nessus.org/plugins/index.php?view=single&id=12052 Http://www.nessus.org/plugins/index.php?view=single&id=12052 Http://www.nessus.org/plugins/index.php?view=single&id=34477 Http://www.nessus.org/plugins/index.php?view=single&id=15962 Http://www.nessus.org/plugins/index.php?view=single&id=42106 Http://www.nessus.org/plugins/index.php?view=single&id=15456 Http://www.nessus.org/plugins/index.php?view=single&id=21689 Http://www.nessus.org/plugins/index.php?view=single&id=12205 Http://www.nessus.org/plugins/index.php?view=single&id=22182 Http://www.nessus.org/plugins/index.php?view=single&id=26919 Http://www.nessus.org/plugins/index.php?view=single&id=26921 Http://www.nessus.org/plugins/index.php?view=single&id=21696 Http://www.nessus.org/plugins/index.php?view=single&id=40887 Http://www.nessus.org/plugins/index.php?view=single&id=10404 Http://www.nessus.org/plugins/index.php?view=single&id=18027 Http://www.nessus.org/plugins/index.php?view=single&id=19402 Http://www.nessus.org/plugins/index.php?view=single&id=11790 Http://www.nessus.org/plugins/index.php?view=single&id=12209 Http://www.nessus.org/plugins/index.php?view=single&id=10673

NSE

Http://www.securitytube.net/video/931 Http://nmap.org/nsedoc/

NET SCANNERS AND SCRIPTS

Http://nmap.org/ Http://asturio.gmxhome.de/software/sambascan2/i.html Http://www.softperfect.com/products/networkscanner/ Http://www.openvas.org/ Http://tenable.com/products/nessus Http://www.rapid7.com/vulnerability-scanner.jsp Http://www.eeye.com/products/retina/community

POST EXPLOITATION

Http://www.awarenetwork.org/home/rattle/source/python/exe2bat.py Http://www.phx2600.org/archive/2008/08/29/metacab/ Http://www.room362.com/blog/2011/9/6/post-exploitation-command-lists.html

NETCAT

Http://readlist.com/lists/insecure.org/nmap-dev/1/7779.html Http://www.radarhack.com/tutorial/ads.pdf http://www.infosecwriters.com/text_resources/pdf/Netcat_for_the_Masses_DDebeer.pdf Http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf Http://www.dest-unreach.org/socat/ Http://www.antionline.com/archive/index.php/t-230603.html Http://technotales.wordpress.com/2009/06/14/netcat-tricks/ Http://seclists.org/nmap-dev/2009/q1/581 Http://www.terminally-incoherent.com/blog/2007/08/07/few-useful-netcat-tricks/ http://www.inguardians.com/research/docs/Skoudis_pentestsecrets.pdf Http://gse-compliance.blogspot.com/2008/07/netcat.html

SOURCE INSPECTION

Http://www.justanotherhacker.com/projects/graudit.html Http://code.google.com/p/javasnoop/

FIREFOX ADDONS

Https://addons.mozilla.org/id/firefox/collections/byrned/pentesting/?page=8 https://addons.mozilla.org/en-US/firefox/addon/osvdb/ https://addons.mozilla.org/en-US/firefox/addon/packet-storm-search-plugin/ https://addons.mozilla.org/en-US/firefox/addon/default-passwords-cirtne-58786/ https://addons.mozilla.org/en-US/firefox/addon/offsec-exploit-db-search/ https://addons.mozilla.org/en-US/firefox/addon/oval-repository-search-plugin/ https://addons.mozilla.org/en-US/firefox/addon/cve-dictionary-search-plugin/ https://addons.mozilla.org/en-US/firefox/addon/hackbar/

TOOL LISTINGS

Http://packetstormsecurity.org/files/tags/tool http://tools.securitytube.net/index.php?title=Main_Page

TRAINING/CLASSES SEC/HACKING

Http://pentest.cryptocity.net/ Http://www.irongeek.com/i.php?page=videos/network-sniffers-class http://samsclass.info/124/124_Sum09.shtml Http://www.cs.ucsb.edu/~vigna/courses/cs279/ Http://crypto.stanford.edu/cs142/ Http://crypto.stanford.edu/cs155/ Http://cseweb.ucsd.edu/classes/wi09/cse227/ Http://www-inst.eecs.berkeley.edu/~cs161/sp11/ http://security.ucla.edu/pages/Security_Talks Http://www.cs.rpi.edu/academics/courses/spring10/csci4971/ Http://cr.yp.to/2004-494.html Http://www.ece.cmu.edu/~dbrumley/courses/18732-f09/ Https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot Http://stuff.mit.edu/iap/2009/#websecurity

PROGRAMMING Python

Http://code.google.com/edu/languages/google-python-class/index.html http://www.swaroopch.com/notes/Python_en: Table_of_Contents http://www.thenewboston.com/?cat=40&pOpen=tutorial Http://showmedo.com/videotutorials/python Http://www.catonmat.net/blog/learning-python-programming-language-through-video-lectures/

PROGRAMMING Ruby

Http://www.tekniqal.com/

OTHER MISC

Http://www.cs.sjtu.edu.cn/~kzhu/cs490/ Https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot/ http://i-web.iu-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/ Http://resources.infosecinstitute.com/ Http://vimeo.com/user2720399

WEB VECTORS SQLI

Http://pentestmonkey.net/blog/mssql-sql-injection-cheat-sheet/ Http://isc.sans.edu/diary.html?storyid=9397 Http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ Http://www.evilsql.com/main/index.php Http://xd-blog.com.ar/descargas/manuales/bugs/full-mssql-injection-pwnage.html http://securityoverride.com/articles.php?article_id=1&article=The_Complete_Guide_to_SQL_Injections Http://websec.wordpress.com/2010/03/19/exploiting-hard-filtered-sql-injections/ Http://sqlzoo.net/hack/ Http://www.sqlteam.com/article/sql-server-versions Http://www.krazl.com/blog/?p=3 http://www.owasp.org/index.php/Testing_for_MS_Access http://web.archive.org/web/20101112061524/http://seclists.org/pen-test/2003/May/0074.html http://web.archive.org/web/20080822123152/http://www.webapptest.org/ms-access-sql-injection-cheat-sheet-EN.html http://www.youtube.com/watch?v=WkHkryIoLD0 http://layerone.info/archives/2009/Joe%20McCray%20-%20Advanced%20SQL%20Injection%20-%20L1%202009.pdf Http://vimeo.com/3418947 Http://sla.ckers.org/forum/read.php?24,33903 Http://websec.files.wordpress.com/2010/11/sqli2.pdf Http://old.justinshattuck.com/2007/01/18/mysql-injection-cheat-sheet/ Http://ha.ckers.org/sqlinjection/ http://lab.mediaservice.net/notes_more.php?id=MSSQL

WEB VECTORS UPLOAD TRICKS

Http://www.google.com/#hl=en&q=bypassing+upload+file+type&start=40&sa=N&fp=a2bb30ecf4f91972 Http://blog.skeptikal.org/2009/11/adobe-responds-sort-of.html Http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/ Http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/ Http://ex.ploit.net/f20/tricks-tips-bypassing-image-uploaders-t3hmadhatt3r-38/ Http://www.ravenphpscripts.com/article2974.html Http://www.acunetix.com/cross-site-scripting/scanner.htm Http://www.vupen.com/english/advisories/2009/3634 Http://msdn.microsoft.com/en-us/library/aa478971.aspx Http://dev.tangocms.org/issues/237 http://seclists.org/fulldisclosure/2006/Jun/508 Http://www.gnucitizen.org/blog/cross-site-file-upload-attacks/ http://www.ipolicynetworks.com/technology/files/TikiWiki_jhot.php_Script_File_Upload_Security_Bypass_Vulnerability.html http://shsc.info/FileUploadSecurity

WEB VECTORS LFI/RFI

Http://pastie.org/840199 Http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/ Http://www.notsosecure.com/folder2/2010/08/20/lfi-code-exec-remote-root/?utm_source=twitterfeed&utm_medium=twitter Http://labs.neohapsis.com/2008/07/21/local-file-inclusion-%E2%80%93-tricks-of-the-trade/ Http://www.digininja.org/blog/when_all_you_can_do_is_read.php

WEB VECTORS XSS

Http://www.infosecwriters.com/hhworld/hh8/csstut.htm http://www.technicalinfo.net/papers/CSS.html Http://msmvps.com/blogs/alunj/archive/2010/07/07/1773441.aspx Http://forum.intern0t.net/web-hacking-war-games/112-cross-site-scripting-attack-defense-guide.html https://media.blackhat.com/bh-eu-10/presentations/Lindsay_Nava/BlackHat-EU-2010-Lindsay-Nava-IE8-XSS-Filters-slides.pdf Http://sirdarckcat.blogspot.com/2009/08/our-favorite-xss-filters-and-how-to.html Http://www.securityaegis.com/filter-evasion-houdini-on-the-wire/ Http://heideri.ch/jso/#javascript Http://www.reddit.com/r/xss/ Http://sla.ckers.org/forum/list.php?2

COLDFUSION

Http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/ http://zastita.com/02114/Attacking_ColdFusion..html Http://www.nosec.org/2010/0809/629.html http://h30507.www3.hp.com/t5/Following-the-White-Rabbit-A/Adobe-ColdFusion-s-Directory-Traversal-Disaster/ba-p/81964 http://cfunited.com/2009/files/presentations/254_ShlomyGantz_August2009_HackProofingColdFusion.pdf

SHAREPOINT

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6131.msg32678/#msg32678

LOTUS

http://blog.ombrepixel.com/post/2009/05/06/Lotus-Notes/Domino-Security http://seclists.org/pen-test/2002/Nov/43 Http://www.sectechno.com/2010/07/12/hacking-lotus-domino/?

JBOSS

http://www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf Http://blog.mindedsecurity.com/2010/04/good-bye-critical-jboss-0day.html

VMWARE WEB

Http://www.metasploit.com/modules/auxiliary/scanner/http/vmware_server_dir_trav

ORACLE APP SERVERS

Http://www.hideaway.net/2007/07/hacking-oracle-application-servers.html http://www.owasp.org/index.php/Testing_for_Oracle Http://www.ngssoftware.com/services/software-products/internet-security/orascan.aspx http://www.ngssoftware.com/services/software-products/Database-Security/NGSSQuirreLOracle.aspx Http://www.ngssoftware.com/papers/hpoas.pdf

SAP

Http://www.onapsis.com/research.html#bizploit Http://marc.info/?l=john-users&m=121444075820309&w=2 http://www.phenoelit-us.org/whatSAP/index.html

WIRELESS

Http://code.google.com/p/pyrit/

CAPTURE THE FLAG/WARGAMES

Http://intruded.net/ Http://smashthestack.org/ Http://flack.hkpco.kr/ Http://ctf.hcesperer.org/ Http://ictf.cs.ucsb.edu/ Http://capture.thefl.ag/calendar/

MISC/UNSORTED

http://www.ikkisoft.com/stuff/SMH_XSS.txt Http://securestate.blogspot.com/2010/08/xfs-101-cross-frame-scripting-explained.html?utm_source=twitterfeed&utm_medium=twitter Http://whatthefuckismyinformationsecuritystrategy.com/ Http://video.google.com/videoplay?docid=4379894308228900017&q=owasp# http://video.google.com/videoplay?docid=4994651985041179755&ei=_1k4TKj-PI-cqAPioJnKDA&q=deepsec# Http://www.sensepost.com/blog/4552.html Http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html Http://threatpost.com/en_us/blogs/hd-moore-metasploit-exploitation-and-art-pen-testing-040210 Http://carnal0wnage.attackresearch.com/node/410 Http://www.cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf http://www.spy-hunter.com/Database_Pen_Testing_ISSA_March_25_V2.pdf Http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/

Recommend

About Joyk

Aggregate valuable and interesting links.
Joyk means Joy of geeK