# 🏴‍☠️🛠 pentesting toolkit 

<br>

#### 👾 hi, anon. i am bt3gl, and this repository contains resources I used when I was a ctf player in 2014-2015. 

#### 👾 some context of those *good old days*:
  - **👉🏽 my two teams in ctf times: [snatch the root](https://ctftime.org/team/7016) and [hacking for soju](https://ctftime.org/team/3208)**
  - **[👉🏽 my former blog, "chmod a+x singularity.sh", with several ctf writeups](https://singularity-sh.vercel.app/)**
  - **[👉🏽 my 2014's coderwall page with several writeups on linux, security, python](https://coderwall.com/bt3gl)**
  - **[👉🏽 some entertaining: my DEF CON 23 talk on hacking quantum computing](https://www.youtube.com/watch?v=1Fp6ibfOQ4Y)**
  - **[👉🏽 a proof that this repo used to have 1.2k stars and 500 forks before I had to make it private](FML.png)**
  - **[👉🏽 threat-intel, i project i led while working at the security team at yelp](https://github.com/Yelp/threat_intel)**

<br>


-------

## directories

<br>

* **[CTFs and Wargames](CTFs_and_WarGames)**
* **[Cloud and K8s Hacking](Cloud_and_K8s_Hacking)**
* **[Cryptography](Cryptography)**
* **[Forensics](Forensics)**
* **[Linux Hacking](Linux_Hacking)**
* **[Mobile Hacking](Mobile_Hacking)**
* **[Network and 802.11](Network_and_802.11)**
* **[Other Hackings](Other_Hackings)**
* **[Pentesting Scripts](Pentesting_Scripts)**
* **[Reverse Engineering](Reverse_Engineering)**
* **[Steganography](Steganography)**
* **[Vulnerabilities and Exploits](Vulnerabilities_and_Exploits)**
* **[Web Hacking](Web_Hacking)**


<br>

------

## external resources

<br>

### general hacking

<br>

* **[The Art of Intrusion](http://www.amazon.com/The-Art-Intrusion-Intruders-Deceivers/dp/0471782661http://www.amazon.com/The-Art-Intrusion-Intruders-Deceivers/dp/0471782661)**
* **Krebs Series on how to be in InfoSec: [Thomas Ptacek](http://krebsonsecurity.com/2012/06/how-to-break-into-security-ptacek-edition/#more-15594), [Bruce Schneier](http://krebsonsecurity.com/2012/07/how-to-break-into-security-schneier-edition/#more-15592), [Charlie Miller](http://krebsonsecurity.com/category/how-to-break-into-security/)**
* **[How to be a InfoSec Geek](http://www.primalsecurity.net/how-to-be-an-infosec-geek/)**
* **[Continuous security](https://www.infoq.com/news/2019/08/continuous-security/)**
* **[How to not get hacked](https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/)**
* **[Awesome Privilege Escalation](https://github.com/m0nad/awesome-privilege-escalation)**


<br>

### post-exploitation

<br>

* **[Metasploit Post Exploitation Command List](https://docs.google.com/document/d/1ZrDJMQkrp_YbU_9Ni9wMNF2m3nIPEA_kekqqqA2Ywto/edit)**
* **[Obscure Systems (AIX, Embedded, etc) Post-Exploit Command List](https://docs.google.com/document/d/1CIs6O1kMR-bXAT80U6Jficsqm0yR5dKUfUQgwiIKzgc/edit)**
* **[OSX Post-Exploitation](https://docs.google.com/document/d/10AUm_zUdAQGgoHNo_eS0SO1K-24VVYnulUD2x3rJD3k/edit?hl=en_US)**
* **[Windows Post-Exploitation Command List](https://docs.google.com/document/d/1U10isynOpQtrIK6ChuReu-K1WHTJm4fgG3joiuz43rw/edit?hl=en_US)**
* **[Linux/Unix/BSD Post-Exploitation Command List](https://docs.google.com/document/d/1ObQB6hmVvRPCgPTRZM5NMH034VDM-1N-EWPRz2770K4/edit?hl=en_US)**

<br>

### books

<br>

* **[Bulletproof SSL and TLS](http://www.amazon.com/gp/product/1907117040?psc=1&redirect=true&ref_=oh_aui_detailpage_o06_s00)**
* **[Reversing: Secrets of Reverse Engineering](http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817)**
* **[The Art of Memory Forensics](http://www.amazon.com/gp/product/1118825098?psc=1&redirect=true&ref_=oh_aui_search_detailpage)**
* **[The C Programming Language](http://www.amazon.com/gp/product/0131103628?psc=1&redirect=true&ref_=oh_aui_search_detailpage)**
* **[The Unix Programming Environment](http://www.amazon.com/gp/product/013937681X?psc=1&redirect=true&ref_=oh_aui_search_detailpage)**
* **[UNIX Network Programming](http://www.amazon.com/gp/product/0139498761?psc=1&redirect=true&ref_=oh_aui_search_detailpage)**
* **[Threat Modeling: Designing for Security](http://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998)**
* **[The Tangled Web](http://www.amazon.com/The-Tangled-Web-Securing-Applications/dp/1593273886)**
* **[The Art of Exploitation](http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441)**
* **[The Art of Software Security Assessment](http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426)**
* **[Practical Packet Analysis](http://www.nostarch.com/packet2.htm)**
* **[Gray Hat Python](http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921)**
* **[Black Hat Python](http://www.nostarch.com/blackhatpython)**
* **[Violent Python](http://www.amazon.com/Violent-Python-Cookbook-Penetration-Engineers/dp/1597499579)**
* **[Shellcoders Handbook](http://www.amazon.com/The-Shellcoders-Handbook-Discovering-Exploiting/dp/047008023X)**
* **[Practice Malware Analysis](https://www.nostarch.com/malware)**
* **[This Machine Kills Secrets](http://www.amazon.com/This-Machine-Kills-Secrets-Whistleblowers/dp/0142180491/ref=sr_1_1?s=books&ie=UTF8&qid=1436039456&sr=1-1&keywords=this+Machine+Kills+Secrets)**