2014-08-04 22:38:17 +03:00

109 lines
7.0 KiB

## Awesome Penetration Testing
A collection of awesome penetration testing resources, tools, confs, books, magazines and other shiny things.
### Resources
#### Penetration Testing
* [Metasploit Unleashed]( - Free Offensive Security metasploit course.
#### Social Engineering
* [Social Engineering Framework]( - An information resource for social engineers.
### Tools
#### Penetration Testing
* [Kali]( - A Linux distribution designed for digital forensics and penetration testing.
* [Metasploit]( - World's most used penetration testing software.
#### Social Engineering
* [SET]( - The Social-Engineer Toolkit from TrustedSec
#### Anonimity
* [Tor]( - The free software for enabling onion routing online anonymity.
* [I2P]( - The Invisible Internet Project
#### Networks tools
* [nmap]( - Free Security Scanner For Network Exploration & Security Audits.
* [tcpdump/libpcap]( - A common packet analyzer that runs under the command line.
* [Wireshark]( - A network protocol analyzer for Unix and Windows.
* [Network Tools]( - Different network tools: pink, lookup, whois, etc.
#### Reverse Engineering
* [IDA Pro]( - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger.
* [WDK/WinDbg]( - Windows Driver Kit and WinDbg.
* [OllyDbg]( - An x86 debugger that emphasizes binary code analysis
#### Hex editors
* [HexEdit.js]( - Browser-based hex editing.
#### Windows utils
* [Sysinternals Suite]( - The Sysinternals Troubleshooting Utilities
### Conferences
* [DEF CON]( - An annual hacker convention in Las Vegas.
* [Black Hat]( - An annual security conference in Las Vegas.
* [BSides]( - A framework for organising and holding security conferences.
* [CCC]( - An annual meeting of the international hacker scene in Germany.
* [DerbyCon]( - An annual hacker conference based in Louisville.
* [PhreakNIC]( - A technology conference held annually in middle Tennessee.
* [ShmooCon]( - An annual US east coast hacker convention.
* [CarolinaCon]( - An infosec conference, held annually in North Carolina.
* [HOPE]( - A conference series sponsored by the hacker magazine 2600.
* [SummerCon]( - One of the oldest hacker conventions, held during Summer.
* []( - An annual conference held in Luxembourg.
* [HITB]( - Deep-knowledge security conference held in Malaysia and The Netherlands.
* [Troopers]( - Annual international IT Security event with workshops held in Heidelberg, Germany.
* [Hack3rCon]( - An annual US hacker conference.
* [ThotCon]( - An annual US hacker conference held in Chicago.
* [LayerOne]( - An annual US security conerence held every spring in Los Angeles.
* [DeepSec]( - Security Conference in Vienna, Austria.
* [SkyDogCon]( - A technology conference in Nashville.
### Books
#### Penetration Testing
* [The Art of Exploitation by Jon Erickson, 2008](
* [Metasploit: The Penetration Tester's Guide by David Kennedy and others, 2011](
* [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](
* [Rtfm: Red Team Field Manual by Ben Clark, 2014](
* [The Hacker Playbook by Peter Kim, 2014](
* [Violent Python by TJ O'Connor, 2012](
#### Hackers Handbook series
* [The Shellcoder's Handbook by Chris Anley and others, 2007](
* [The Web Application Hacker's Handbook by D. Stuttard, M. Pinto, 2011](
* [iOS Hacker's Handbook by Charlie Miller and others, 2012](
* [Android Hacker's Handbook by Joshua J. Drake and others, 2014](
* [The Browser Hacker's Handbook by Wade Alcorn and others, 2014](
#### Network Analysis
* [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](
* [Practical Packet Analysis by Chris Sanders, 2011](
* [Wireshark Network Analysis by by Laura Chappell, Gerald Combs, 2012](
#### Reverse Engineering
* [The IDA Pro Book by Chris Eagle, 2011](
* [Practical Reverse Engineering by Bruce Dang and others, 2014](
#### Malware Analysis
* [Practical Malware Analysis by Michael Sikorski, Andrew Honig, 2012](
* [The Art of Memory Forensics by Michael Hale Ligh and others, 2014](
#### Windows
* [Windows Internals by Mark Russinovich, David Solomon, Alex Ionescu](
#### Social Engineering
* [The Art of Deception by Kevin D. Mitnick, William L. Simon, 2002](
* [The Art of Intrusion by Kevin D. Mitnick, William L. Simon, 2005](
* [Ghost in the Wires by Kevin D. Mitnick, William L. Simon, 2011](
* [No Tech Hacking by Johnny Long, Jack Wiles, 2008](
* [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](
* [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](
### Magazines
* [2600: The Hacker Quarterly]( - An American publication about technology and computer "underground".
* [Hakin9]( - A Polish online, weekly publication on IT Security.