Skip to content

Latest commit

 

History

History
144 lines (114 loc) · 7.01 KB

README.md

File metadata and controls

144 lines (114 loc) · 7.01 KB
Raw

MLSC BSIOTR : Cyber security resources

Cyber Security Resources

The following are the resources which i use and like the most.

This will be regularly updated.

Web Penetration Testing :

Online Resources

  1. Hacker101: https://www.hacker101.com
  2. Bugcrowd University: https://www.bugcrowd.com/hackers/bugcrowd-university/
  3. Hacking Articles: https://www.hackingarticles.in
  4. Portswiggers Research Academy: https://portswigger.net/web-security
  5. Bugcrowd's Github: https://github.com/bugcrowd/bugcrowd_university
  6. Nahamsec's resources: https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
  7. Its Little Things by Nahamsec: https://docs.google.com/presentation/d/1xgvEScGZ_ukNY0rmfKz1JN0sn-CgZY_rTp2B_SZvijk/edit#slide=id.g4052c4692d_0_0
  8. ZSeano's Barker : https://bugbountyhunter.com
  9. The Cyber Mentor: https://www.youtube.com/c/TheCyberMentor/videos
  10. Offensive Security Labs: https://portal.offensive-security.com/sign-in
  11. INE Pentesting Prerequisites https://my.ine.com/CyberSecurity/courses/309de2a5/penetration-testing-prerequisites
  12. INE Pentesting Basics https://my.ine.com/CyberSecurity/courses/6f986ca5/penetration-testing-basics
  13. https://gowthams.gitbook.io/bughunter-handbook/
  14. The Bug Hunter's Methodology by Jhaddix: https://github.com/jhaddix/tbhm

Youtuber's to follow

  1. Nahamsec : https://www.youtube.com/c/Nahamsec
  2. STOK: https://www.youtube.com/c/STOKfredrik/videos
  3. Hacktify: https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ
  4. HackerSploit: https://youtube.com/c/HackerSploit
  5. Tib3rius: https://www.youtube.com/channel/UCs6dtu4e0JL-N4hVszsFpBw

Books to be read

  1. Real World Bug Hunting by Peter Yaworski
  2. The Web Applications Hackers Handbook 2nd edition
  3. Web Hacking 101
  4. Bug Bounty Playbook
  5. Zseano's Methodology

Some Courses:

  1. Hacktify: https://learn.hacktify.in
  2. Ethical Hacking by Joseph Delgadillo : https://www.udemy.com/share/101qF6BEQdeFpQQHQ=/
  3. The Cyber Mentor's Course: https://www.udemy.com/course/practical-ethical-hacking/
  4. Tib3rius’s Privilege Escalation Courses for Win/Linux https://www.udemy.com/user/tib3rius/
  5. Information Gathering Fundamental Course : https://academy.virtualcyberlabs.com/s/store/courses/description/Information-Gathering-Fundamentals
  6. Exploring Wide-Scope of MITRE ATT&CK: https://academy.virtualcyberlabs.com/s/store/courses/description/MITRE-ATTCK-For-Effective-Purple-Teaming
  7. Intrusion Detection System Setup: https://academy.virtualcyberlabs.com/s/store/courses/description/Intrusion-Detection-System-vcl
  8. Basics of Incident Response (Theory): https://academy.virtualcyberlabs.com/s/store/courses/description/Basics-of-Incident-Response
  9. Course on Session Management Vulnerability: https://academy.virtualcyberlabs.com/s/store/courses/description/Session-Management-Vulnerability
  10. Digital Forensic Fundamentals: https://academy.virtualcyberlabs.com/s/store/courses/description/Digital-Forensics-Fundamentals

Practice Web Penetration Testing

  1. OWASP BWA: https://owasp.org/www-project-broken-web-applications/
  2. Portswinger's Labs: https://portswigger.net/web-security
  3. Metasploitable: https://information.rapid7.com/download-metasploitable-2017.html

Tools to start your bug hunting with

  1. Nahamsec's Script: https://github.com/nahamsec/bbht.git
  2. Awesome BBHT: https://github.com/0xApt/awesome-bbht
  3. Portswinger's Burpsuite: https://portswigger.net/burp
  4. OWASP Zap: https://owasp.org/www-project-zap/

Mind Maps

  1. https://github.com/imran-parray/Mind-Maps
  2. https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
  3. https://hacktify.in/mindmap.png
  4. https://twitter.com/ITSecurityguard/status/1306278129531486208/photo/1
  5. https://twitter.com/Musab1995/status/1317071523946127361

One Liner Collections

  1. https://github.com/dwisiswant0/awesome-oneliner-bugbounty
  2. https://github.com/OfJAAH/KingOfBugBountyTips
  3. https://github.com/meirwah/awesome-incident-response

Awesome Bug Bounty Writeups

  1. Business Logic Vulns : https://medium.com/bugbountywriteup/all-about-business-logic-flaws-in-web-applications-577d9d80bc33
  2. SSRF Automation : https://notifybugme.medium.com/finding-ssrf-by-full-automation-7d2680091d68
  3. JavaScript Recon : https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff
  4. Github For Bug Bounty Hunters : https://gist.github.com/EdOverflow/922549f610b258f459b219a32f92d10b
  5. Windows/Linux Privilege Escaltion : https://github.com/sagishahar/lpeworkshop

CTF's

  1. CTFLearn : https://ctflearn.com
  2. CTFTime : https://ctftime.org (All About CTF's)

Machine Solving

Online Resources

  1. Hack The Box: https://www.hackthebox.eu/
  2. TryHackMe: https://tryhackme.com
  3. Hacking Articles: https://www.hackingarticles.in
  4. Pentester's Labs: https://pentesterlab.com
  5. VulnHub: https://www.vulnhub.com
  6. Over the Wire: https://overthewire.org/wargames/
  7. Reverse Shell Cheat Sheet: http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

Youtuber's to follow

  1. Ippsec: https://www.youtube.com/c/ippsec/videos
  2. BlackPerl: https://www.youtube.com/c/BlackPerl
  3. OpenSecure: https://www.youtube.com/channel/UC4EUQtTxeC8wGrKRafI6pZg
  4. BittenTech (For Hindi Content): https://www.youtube.com/c/BittenTech/videos
  5. NetworkChuck: https://www.youtube.com/c/NetworkChuck
  6. Farah Hawa: https://www.youtube.com/c/FarahHawa

Learn Linux

Online Resources

  1. Linux Journey: https://linuxjourney.com

Courses

  1. Introduction to Linux: https://www.edx.org/course/introduction-to-linux
  2. Linux for Network Engineers: https://www.udemy.com/course/linux-for-network-engineers-practical-linux-with-gns3/learn/lecture/8124916?start=0#overview

Learn Operating Systems

  1. Prof. Messer CompTIA A+ playlist: https://www.youtube.com/watch?v=ChQ18B1hofI&list=PLG49S3nxzAnmwkCAdWUgCFvVK4IxMBTmb

Learn Networking & Security

Books

  1. CompTIA Network + Study Guide: https://www.amazon.co.uk/CompTIA-Network-Study-Guide-Authorized/dp/1119432251

Courses

  1. CBT Nuggets CompTIA Network: https://www.cbtnuggets.com/it-training/comptia/network-plus
  2. INE Free Starter Pass: https://my.ine.com/area/e73fd5a8-2ead-4159-9a25-38b50ad4ab20
  3. Professor Messer Network + Playlist: https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/
  4. Intro to Cybersecurity by FutureLearn: https://www.futurelearn.com/courses/introduction-to-cyber-security
  5. Lectures: MIT Computer Systems Security http://css.csail.mit.edu/6.858/2020/general.html
  6. MITRE ATT&CK Course: https://attack.mitre.org/resources/training/cti/
  7. Khan Academy Cybersecurity 101: https://www.khanacademy.org/partner-content/nova/nova-labs-topic/cyber/v/cybersecurity-101

OSINT Resources

Online Resources

  1. https://www.osintdojo.com/resources/
  2. https://gowsundar.gitbook.io/book-of-bugbounty-tips/elastic-search

OSCP Resource

Online Resources

  1. OSCP Repo: https://github.com/rewardone/OSCPRepo
  2. TJnull’s OSCP Prep Guide https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html#conclusion