Skip to content

Latest commit

 

History

History
390 lines (299 loc) · 13.4 KB

Old-Learning-Resources.md

File metadata and controls

390 lines (299 loc) · 13.4 KB

CLI Practice:

  1. https://overthewire.org/wargames/
  2. https://underthewire.tech/

Linux Distro/Software downloads:

  1. https://www.kali.org/downloads/
  2. https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/
  3. http://releases.ubuntu.com/
  4. https://www.turnkeylinux.org/
  5. https://distrowatch.com/
  6. http://www.getdeb.net/
  7. http://www.playdeb.net/
  8. https://digital-forensics.sans.org/community/downloads
  9. http://distrowatch.org/search.php?ostype=All&category=Forensics&origin=All&basedon=All&notbasedon=None&desktop=All&architecture=All&package=All&rolling=All&isosize=All&netinstall=All&language=All&defaultinit=All&status=Active#simple
  10. http://distrowatch.org/search.php?ostype=All&category=Security&origin=All&basedon=All&notbasedon=None&desktop=All&architecture=All&package=All&rolling=All&isosize=All&netinstall=All&language=All&defaultinit=All&status=Active#simple

Understanding Linux:

  1. https://www.contextis.com/en/blog/logging-like-a-lumberjack
  2. http://linuxcommand.org/lc3_lts0040.php
  3. https://explainshell.com/
  4. https://www.linuxtechi.com/20-sed-command-examples-linux-users/
  5. https://linuxconfig.org/learning-linux-commands-awk
  6. https://www.geeksforgeeks.org/awk-command-unixlinux-examples/
  7. https://en.wikipedia.org/wiki/Cron
  8. https://crontab.guru/
  9. https://www.cyberciti.biz/faq/understanding-etcshadow-file/
  10. https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
  11. https://www.cyberciti.biz/tips/linux-iptables-examples.html
  12. https://www.booleanworld.com/depth-guide-iptables-linux-firewall/
  13. https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server
  14. https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands
  15. https://www.thirtythreeforty.net/posts/2019/12/my-business-card-runs-linux/?fbclid=IwAR0HvdZmiZA8MLJUdRHN_bs-MGGMaDyJOTFFgL42zrNbvvOciv-XValTn90
  16. http://ipset.netfilter.org/iptables.man.html
  17. https://labex.io/courses/linux-for-noobs

Bash:

  1. https://ryanstutorials.net/bash-scripting-tutorial/bash-input.php
  2. https://www.lifewire.com/pass-arguments-to-bash-script-2200571
  3. https://www.sdstate.edu/information-technology/linux-command-line-documentation
  4. https://kapeli.com/cheat_sheets/Bash_Test_Operators.docset/Contents/Resources/Documents/index

Linux hacking:

  1. https://gtfobins.github.io/
  2. https://gtfobins.github.io/#+suid
  3. https://guif.re/linuxeop
  4. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md

reverse shells:

  1. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
  2. https://gtfobins.github.io/#+reverse%20shell

Hardware:

  1. https://hackerwarehouse.com
  2. https://system76.com
  3. https://www.pine64.org
  4. https://www.raspberrypi.org
  5. https://shop.hak5.org
  6. https://wiki.wifipineapple.com/#!videos.md
  7. https://www.tindie.com/products/aprbrother/cactus-whid-wifi-hid-injector-usb-rubberducky/
  8. https://www.tindie.com/products/aprbrother/evil-crow-cable/
  9. https://www.tindie.com/products/aprbrother/esp-rfid-tool/
  10. https://www.amazon.com/gp/product/B07FCHFB85
  11. https://puri.sm/products/librem-14/
  12. https://frame.work/

Burp Training:

  1. https://portswigger.net/web-security

Check Credentials:

  1. https://haveibeenpwned.com
  2. https://howsecureismypassword.net

Training:

  1. https://www.sans.org/free
  2. https://tutorials.cyberaces.org/tutorials.html
  3. https://www.splunk.com/en_us/training/courses/splunk-fundamentals-1.html
  4. https://education.splunk.com/catalog?category=splunk-fundamentals-part-1
  5. https://udemy.com
  6. https://cybrary.it
  7. https://cbtnuggets.com
  8. https://itpro.tv
  9. https://linuxacademy.com
  10. https://www.blackhillsinfosec.com/services
  11. https://www.professormesser.com/

Tools:

  1. https://www.stationx.net/canarytokens/
  2. https://github.com/samyk/evercookie

Social Engineering:

  1. https://www.youtube.com/watch?v=lc7scxvKQOo

Hashing:

  1. https://www.thedigitalcatonline.com/blog/2018/04/06/introduction-to-hashing/

Programming:

  1. https://cryptopals.com
  2. https://www.firsttimersonly.com/

Python:

  1. https://docs.python.org/3/library/string.html
  2. https://docs.python.org/3/library/random.html
  3. https://docs.python.org/3/library/hashlib.html
  4. https://null-byte.wonderhowto.com/how-to/generate-word-lists-with-python-for-dictionary-attacks-0132761/

Crypto:

  1. https://www.efa.org.au/Issues/Crypto/crypto3.html
  2. https://cryptopals.com/
  3. https://en.wikipedia.org/wiki/Web_of_trust#Operation_of_a_web_of_trust
  4. https://docs.microsoft.com/en-us/windows/win32/seccertenroll/about-certificate-hierarchy
  5. https://www.reddit.com/r/GPGpractice/
  6. https://www.lifewire.com/rainbow-tables-your-passwords-worst-nightmare-2487288
  7. http://project-rainbowcrack.com/table.htm
  8. https://hashcat.net/wiki/doku.php?id=example_hashes
  9. https://simplicable.com/new/salt-vs-pepper

Bug Bounty:

  1. https://hackerone.com/bug-bounty-programs
  2. https://bugcrowd.com/bug-bounty-list

Forensics:

  1. https://en.wikipedia.org/wiki/Chain_of_custody
  2. https://github.com/volatilityfoundation/volatility/blob/master/README.txt
  3. https://www.malwaretech.com/2017/11/creating-a-simple-free-malware-analysis-environment.html
  4. https://study.com/academy/lesson/linux-directories-shell-commands-for-digital-forensics.html

Incident Response:

  1. http://incidentresponse.com/playbooks/

CVEs (Common Vulnerabilities and Exposures):

  1. https://nvd.nist.gov/vuln
  2. https://www.exploit-db.com/google-hacking-database
  3. https://cve.mitre.org/
  4. https://www.redhat.com/en/topics/security/what-is-cve
  5. https://www.cvedetails.com/
  6. https://www.virustotal.com/gui/home/search
  7. https://www.malware-traffic-analysis.net/

Networking/Wireshark:

  1. https://www.shodan.io/
  2. https://www.wireshark.org/download.html
  3. https://en.m.wikiversity.org/wiki/Wireshark/HTTP
  4. https://unit42.paloaltonetworks.com/unit42-customizing-wireshark-changing-column-display/
  5. http://malware-traffic-analysis.net/
  6. https://www.cloudshark.org/captures
  7. https://aruljohn.com/mac.pl
  8. https://www.sans.org/security-resources/tcpip.pdf
  9. https://www.keycdn.com/support/tcp-flags
  10. https://www.malware-traffic-analysis.net/

Metasploitable:

  1. https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
  2. https://github.com/brimstone/metasploitable3/releases/download/0.1.4/Metasploitable3-0.1.4.ova
  3. https://github.com/brimstone/metasploitable3
  4. https://github.com/rapid7/metasploitable3

Practice Forensics Images:

  1. https://www.cfreds.nist.gov/
  2. https://digitalcorpora.org/corpora/scenarios
  3. https://www.shadowinfosec.io/2018/06/installing-autopsy-460-on-linux.html

Reverse Engineering Software:

  1. https://crackmes.one
  2. https://www.youtube.com/watch?v=fTGTnrgjuGA
  3. https://blog.malwaremustdie.org/
  4. https://github.com/tylerha97/awesome-reversing
  5. https://malwareunicorn.org/workshops/re101.html#0

CTF:

  1. https://tryhackme.com/
  2. https://webhook.site/
  3. https://sourceforge.net/projects/metasploitable/
  4. https://downloads.sourceforge.net/project/metasploitable/Metasploitable2/metasploitable-linux-2.0.0.zip?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fmetasploitable%2Ffiles%2Flatest%2Fdownload&ts=1580264529
  5. http://xss-game.appspot.com/
  6. https://www.offensive-security.com/metasploit-unleashed/
  7. https://metasploit.help.rapid7.com/docs/metasploitable-2
  8. http://www.dvwa.co.uk/
  9. https://google-gruyere.appspot.com/
  10. https://overthewire.org/wargames/
  11. https://underthewire.tech/
  12. https://www.db-fiddle.com
  13. https://sqlinject.me/inject
  14. https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
  15. https://trailofbits.github.io/ctf/
  16. https://2019.kringlecon.com/invite
  17. https://picoctf.com/
  18. https://ctftime.org/ctfs
  19. https://ctf.hacker101.com/
  20. https://www.hackthebox.eu/
  21. https://github.com/enaqx/awesome-pentest
  22. https://www.defcon.org/html/links/dc-ctf.html
  23. https://academy.hoppersroppers.org/course/view.php?id=7
  24. https://www.hoppersroppers.org/ctf/
  25. https://www.hackthebox.eu/
  26. https://www.root-me.org/?lang=en
  27. http://hack-yourself-first.com/
  28. https://www.peerlyst.com/posts/resource-a-compendium-of-sites-that-you-can-practice-on-you-can-legally-hack-these-sites-karl-m-1
  29. https://www.vulnhub.com/

VM:

  1. http://www.samurai-wtf.org/#
  2. Raven: https://drive.google.com/file/d/1Eq_SY5focVH2tlxTtiRsMIU04wlRX7mu/view

SQL:

  1. https://drive.google.com/file/d/1ysqEPVo58OhX8lyHo4vTpIdi7JuDsBe7/view

Email:

  1. https://mxtoolbox.com/EmailHeaders.aspx

Sample Pentest Reports:

  1. https://tbgsecurity.com/wordpress/wp-content/uploads/2016/11/Sample-Penetration-Test-Report.pdf
  2. https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf
  3. https://github.com/juliocesarfort/public-pentesting-reports

Cheat Sheets:

  1. https://packetlife.net/library/cheat-sheets/

Router hacking:

  1. http://routerpwn.com/

Tools:

  1. https://www.offensive-security.com/metasploit-unleashed/msfvenom/
  2. https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom
  3. https://securityonion.net/
  4. https://www.snort.org/
  5. https://www.zeek.org/
  6. https://cybersecurity.att.com/products/ossim

References:

  1. https://www.kitploit.com/
  2. https://in-addr.nl/security-links.php
  3. https://www.trustedsec.com/resources/

Entertainment:

  1. https://lifehacker.com/watch-star-wars-in-text-via-telnet-373571
telnet towel.blinkenlights.nl
  1. https://www.businessinsider.com/laptop-infected-malware-sold-art-for-1-35-million-auction-2019-5

Hackers Manifesto:

http://phrack.org/issues/7/3.html

Videos:

http://www.securitytube.net/

Stuxnet Movie:

https://watchdocumentaries.com/zero-days/

Hacking Voting Machines:

  1. Hacking Democracy (2006)
  2. Kill Chain: The Cyber War on America's Elections (2020)
  3. https://www.youtube.com/watch?v=ImgaEqOQlSQ
  4. https://www.youtube.com/watch?v=4K0YZcbbzhc

YouTube:

  1. https://www.youtube.com/user/DEFCONConference
  2. https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
  3. https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
  4. https://www.youtube.com/user/ThePCSecurity
  5. https://www.youtube.com/watch?v=Xw536W7kbDQ
  6. https://tutorials.cyberaces.org/tutorials.html

Audio Book download:

  1. “Little Brother” by Cory Doctorow (https://craphound.com): Hacker Peiter 'Mudge' Zatko stated that the book is now used as training material for new NSA recruits in order to give them a different point of view. https://www.youtube.com/watch?v=h9wXq6oRBnI&t=2117 https://transactions.sendowl.com/orders/17527413/download/232670b37b27b08fa20bf218b72b5ab6
  2. “Homeland” by Cory Doctorow: https://transactions.sendowl.com/orders/17527209/download/de492618387b62eb4fd2d9cd2bb6bc7c

Books:

  1. https://nostarch.com/
  2. http://shop.oreilly.com/

Security podcasts:

  1. Sans stormcast : https://isc.sans.edu/podcast.html
  2. Risky Biz : https://www.risky.biz/
  3. Security now : https://www.grc.com/SecurityNow.htm
  4. Krebs on security : https://krebsonsecurity.com/
  5. Red hat podcast : https://www.redhat.com/en/command-line-heroes
  6. Darknet Diaries: https://podcasts.apple.com/us/podcast/darknet-diaries/id1296350485
  7. Hackable: https://hackablepodcast.com/

Games:

  1. https://nps.edu/web/c3o/cyberciege
  2. https://nps.edu/web/c3o/labtainers

Kids:

  1. https://cyber.org/news/cyber-home
  2. https://projects.raspberrypi.org/en
  3. http://www.cultureofcybersecurity.com/kids/kids-activities/
  4. https://codehs.com/info/curriculum/cybersecurity
  5. https://cyber.org/news/cyber-home
  6. https://www.raspberrypi.org/education/

packet tracer 6.2 (old version):

  1. Cisco Packet Tracer 6.2 for Windows Student Version https://drive.google.com/file/d/0B-6uGcPYOvSZT2hoT29yaV9LOEE/view?usp=sharing

  2. Cisco Packet Tracer 6.2 for Windows Student Tutorial add-ons https://drive.google.com/file/d/0B-6uGcPYOvSZdFdoOUo5aFNYWjg/view?usp=sharing

  3. Cisco Packet Tracer 6.2 for Linux https://drive.google.com/file/d/0B-6uGcPYOvSZMkREbU9lMDJMYU0/view?usp=sharing

  4. Cisco Packet Tracer 6.2 for Linux with tutorials https://drive.google.com/file/d/0B-6uGcPYOvSZSVlRTXVjeUV3a1U/view?usp=sharing

  5. Cisco Packet Tracer 6.2 for Linux with no tutorials https://drive.google.com/file/d/0B-6uGcPYOvSZbC1XeVE0WDVsTTg/view?usp=sharing

Twitter

hacker adjacent:

  1. https://twitter.com/deviantollam
  2. https://twitter.com/JackRhysider

Computer humor:

  1. https://twitter.com/xkcdComic
  2. https://xkcd.com/

Kubernetes:

  1. https://twitter.com/IanColdwater

Mentoring Mondays:

  1. https://twitter.com/shehackspurple

Blue/Red team:

  1. https://twitter.com/wehackpurple

Women of InfoSec:

  1. https://twitter.com/WoSECtweets

Favorite Pentest Trainer:

  1. https://twitter.com/thecybermentor

Security researchers:

  1. https://twitter.com/MalwareJake
  2. https://twitter.com/malwareunicorn
  3. https://twitter.com/GossiTheDog
  4. https://twitter.com/HackingDave
  5. https://twitter.com/tarah
  6. https://twitter.com/DfirDiva
  7. https://twitter.com/TheDFIRReport

Bug Hunters/Pentester/Hackers:

  1. https://twitter.com/TinkerSec
  2. https://twitter.com/th3j35t3r
  3. https://twitter.com/Jhaddix
  4. https://twitter.com/NahamSec
  5. https://twitter.com/stokfredrik
  6. https://twitter.com/_JohnHammond
  7. https://twitter.com/huntrdev
  8. https://twitter.com/ippsec
  9. https://twitter.com/AlyssaM_InfoSec

Tools:

  1. https://twitter.com/PortSwigger
  2. https://twitter.com/KitPloit