Difference between revisions of "Bookmarks"

(Access & Escalation)
m
 
(20 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
== OSCP Prep ==
 
== OSCP Prep ==
  
== Vulnerable by Design ==
+
== CTF / Boot-to-Root VMs ==
 
* [https://www.vulnhub.com/ VulnHub]
 
* [https://www.vulnhub.com/ VulnHub]
* [https://exploit-exercises.com/ Exploit Exercises]
+
* [https://www.owasp.org/index.php/OWASP_Security_Shepherd OWASP Security Shepherd]
 +
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Application Project]
 +
* [https://information.rapid7.com/metasploitable-download.html Metasploitable - VM to test your Metasploit skills]
 +
* [https://challenge.synacor.com/ challenge.synacor.com: a text adventure game. Lots of programming chals, ASM especially]
 +
 
 +
== Shellcoding / Exploits / Reverse Engineering ==
 +
* [https://paraschetal.in/writing-your-own-shellcode paraschetal.in / Writing your own shellcode]
 +
* [https://www.youtube.com/watch?v=1S0aBV-Waeo A great primer on Buffer Overflow]
 +
* [https://exploit-exercises.com/ Exploit-Exercises.com]
 +
* [http://overthewire.org/wargames/ Overthewire.org / Shell-based CTF-style games]
 +
* [http://shell-storm.org/shellcode/ Shell-Storm.org - a huge Shellcodes database!]
  
 
== Courses / Training ==
 
== Courses / Training ==
Line 23: Line 33:
  
 
== Access & Escalation ==
 
== Access & Escalation ==
* [https://github.com/D35m0nd142/LFISuite LFISuite]
+
* [https://github.com/D35m0nd142/LFISuite LFISuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner]
  
 
== Data Exfiltration ==
 
== Data Exfiltration ==
Line 33: Line 43:
 
=== Python ===
 
=== Python ===
 
* [http://pygments.org/: Pygments - python syntax highlighter]
 
* [http://pygments.org/: Pygments - python syntax highlighter]
 +
 +
== Lists / Payloads / Fuzzers ==
 +
* [https://github.com/danielmiessler/SecLists danielmiessler/SecLists]
 +
 +
== Platform-specific Topics
 +
=== Node.js ===
 +
* [https://resources.infosecinstitute.com/penetration-testing-node-js-applications-part-1/ Pentesting Node.js Applications]

Latest revision as of 09:06, 18 July 2018