sec-pentesting toolkit

some of bt3gl's work from the last decade+

• ⬛️ her two teams in ctf times: snatch the root and hacking for soju
• ⬛️ former blog, "chmod a+x singularity.sh", with ctf writeups
• ⬛️ 2014's coderwall page with several writeups on linux, security, python
• ⬛️ def con 23 talk on hacking quantum computing
• ⬛️ threat-intel, project she led while at the security team at yelp

---

chapters

• ctfs and wargames
• cloud and k8s hacking
• cryptography
• forensics
• linux hacking
• mobile hacking
• network and 802.11
• other hackings
• pentesting scripts
• reverse engineering
• steganography
• vulnerabilities and exploits
• web hacking

---

cool resources

general hacking

• the art of intrusion
• krebs series on how to be in infosec: t. ptacek, b. schneier, c. ,iller
• how to be a infosec geek
• continuous security
• how to not get hacked
• awesome privilege escalation

hardening

• awesome security hardening
• mac-monitor (and objective-see's tools)

post-exploitation

• metasploit command List
• obscure systems post-exploit command list
• osx post-exploitation
• windows post-exploitation command list
• linux/unix/bsd post-exploitation command List

books

• bulletproof SSL and TLS
• reversing: secrets of reverse engineering
• the art of memory forensics
• the C programming language
• the unix programming environment
• unix network programming
• threat modeling: designing for security
• the tangled web
• the art of exploitation
• the art of software security assessment
• practical packet analysis
• gray hat python
• black hat python
• violent python
• shellcoders handbook
• practice malware analysis
• this machine kills secrets