🏴‍☠️🛠 pentesting toolkit

👋🏻 hi, anon. i am bt3gl, and this repository contains resouces I used when I was a ctf player in 2014-2015.

🌚 some context of those good old days:

• 👾 my two teams in ctf times: snatch the root and hacking for soju.
• 👾 my former blog, "chmod a+x singularity.sh", with several ctf writeups.
• **👾 my coderwall page with several writeups on linux, security, python
• 👾 some entertaining: my DEF CON 23 talk on hacking quantum computing.
• 👾 a proof that this repo used to have 1.2k stars and 500 forks before 💩 happened.
• 👾 threat-intel, i project i led while working at the security team at yelp

---

directories

• CTFs and Wargames
• Cloud and K8s Hacking
• Cryptography
• Forensics
• Linux Hacking
• Mobile Hacking
• Network and 802.11
• Other Hackings
• Pentesting Scripts
• Reverse Engineering
• Steganography
• Vulnerabilities and Exploits
• Web Hacking

---

external resources

general hacking

• The Art of Intrusion.
• Krebs Series on how to be in InfoSec: Thomas Ptacek, Bruce Schneier, Charlie Miller.
• How to be a InfoSec Geek.
• Continuous security.
• How to not get hacked.
• Awesome Privilege Escalation.

post-exploitation

• Metasploit Post Exploitation Command List.
• Obscure Systems (AIX, Embeded, etc) Post-Exploit Command List.
• OSX Post-Exploitation.
• Windows Post-Exploitation Command List.
• Linux/Unix/BSD Post-Exploitation Command List.

books

• Bulletproof SSL and TLS.
• Reversing: Secrets of Reverse Engineering.
• The Art of Memory Forensics.
• The C Programming Language
• The Unix Programming Environment.
• UNIX Network Programming.
• Threat Modeling: Designing for Security.
• The Tangled Web.
• The Art of Exploitation.
• The Art of Software Security Assessment.
• Practical Packet Analysis.
• Gray Hat Python.
• Black Hat Python.
• Violent Python.
• Shellcoders Handbook.
• Practice Malware Analysis.
• This Machine Kills Secrets.