Pentesting Resources

All information and software available on this site are for educational purposes only. Use these at your own discretion, the site owners cannot be held responsible for any damages caused. The views expressed on this site are our own and do not necessarily reflect those of our employers.

Usage of all tools on this site for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. We assume no liability and are not responsible for any misuse or damage caused by this site.

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

• Cloud and K8s Hacking
• Cryptography
• CTFs and Wargames
• Forensics
• Linux Hacking
• Mobile Hacking
• Network and 802.11
• Other Hackings
• Pentesting Scripts
• Reverse Engineering
• Steganography
• Vulnerabilities and Exploits
• Web Hacking

Articles

General Hacking

• The Art of Intrusion.
• Krebs Series on how to be in InfoSec: Thomas Ptacek, Bruce Schneier, Charlie Miller.
• How to be a InfoSec Geek.
• Continuous security.
• How to not get hacked.

Post-Exploitation

• Metasploit Post Exploitation Command List.
• Obscure Systems (AIX, Embeded, etc) Post-Exploit Command List.
• OSX Post-Exploitation.
• Windows Post-Exploitation Command List.
• Linux/Unix/BSD Post-Exploitation Command List.

Books

• Bulletproof SSL and TLS.
• Reversing: Secrets of Reverse Engineering.
• The Art of Memory Forensics.
• The C Programming Language
• The Unix Programming Environment.
• UNIX Network Programming.
• Threat Modeling: Designing for Security.
• The Tangled Web.
• The Art of Exploitation.
• The Art of Software Security Assessment.
• Practical Packet Analysis.
• Gray Hat Python.
• Black Hat Python.
• Violent Python.
• Shellcoders Handbook.
• Practice Malware Analysis.
• This Machine Kills Secrets.