Bookmarks
Contents
OSCP Prep
CTF / Boot-to-Root VMs
- VulnHub
- OWASP Security Shepherd
- OWASP Broken Web Application Project
- Metasploitable - VM to test your Metasploit skills
- challenge.synacor.com: a text adventure game. Lots of programming chals, ASM especially
Shellcoding / Exploits / Reverse Engineering
- paraschetal.in / Writing your own shellcode
- A great primer on Buffer Overflow
- Exploit-Exercises.com
- Overthewire.org / Shell-based CTF-style games
- Shell-Storm.org - a huge Shellcodes database!
Courses / Training
Website Reconnaissance Tools & Techniques
- BuiltWith
- Joomla Security Scanner
- Check Joomla version without hacking
- BlindElephant Web Application Fingerprinter
- ChromeSniffer Plus
Scanning
SQL Injection
Access & Escalation
Data Exfiltration
Assault
Obfuscation
Programming
Python
Lists / Payloads / Fuzzers
== Platform-specific Topics
Node.js
- [ https://resources.infosecinstitute.com/penetration-testing-node-js-applications-part-1/ Pentesting Node.js Applications ]