h4md153v63n/ComputerScience_CyberSec_Ethical-Hack_InfoSec_ITSec_Pentest_Resources

Computer Science, Cyber Security, Ethical Hacking, InfoSec, ITSec, Pentest, so on and so forth resources

CS_CyberSec_Ethical-Hack_InfoSec_ITSec_Pentest_Resources

This repository contains a curated list of resources on Computer Science, Cyber Security, Ethical Hacking, InfoSec, ITSec, Pentest, so on and so forth resources:

About Job's Future:

• Private Life Is a Better Life (how to stop telling people everything): https://youtu.be/pPkXoMS7STo
  • private life is a better life + the reality of achieving your delulu life: https://youtu.be/9NNaLxscivY
• Cybersecurity Does Not Have a Skill Shortage Gap (It's a Hiring Gap): https://youtu.be/uFNqXgjwVyI
  • Is there really an information security jobs crisis?: https://brothke.medium.com/is-there-really-an-information-security-jobs-crisis-a492665f6823
• SIZAMAMA TESTİ UZMANI OLMAK!!! 🤗: https://youtu.be/9IQok-B-HeA
  • I’m Not A Pentester (And You Might Not Want To Be One Either): https://assume-breach.medium.com/im-not-a-pentester-and-you-might-not-want-to-be-one-either-8b5701808dfc
  • I’m Not A Pentester (And You Might Not Want To Be One Either) Part 2 : The Response: https://assume-breach.medium.com/im-not-a-pentester-and-you-might-not-want-to-be-one-either-part-2-the-response-ab838cca3519
• İş Hayatı: https://hamdisevben.medium.com/vulnversity-f99e38ebea35
  • Bizim neyimiz eksik bu adamlardan?: https://youtu.be/vSv9RqRE3OU
  • İŞİNİZİ SEÇERKEN BUNA DİKKAT EDİN!: https://www.youtube.com/shorts/UNsNrYkRpYk
  • BIR IS ICIN IMZA ATMADAN ONCE MUTLAKA AKLINIZDA OLSUN...: https://www.youtube.com/shorts/V3h484Nj-gY
  • Bunu İzlemeden Meslek Seçimi Yapma: https://www.youtube.com/watch?v=-HYwyNfTpX8
  • HAYAT İLE OKUL ARASINDAKİ FARK: https://www.youtube.com/shorts/eoK1FIesCsI
  • HİÇBİRŞEY İÇİN GEÇ KALMADIN: https://www.youtube.com/shorts/ntz_2X0-MGw
  • MOTİVASYON VE DİSİPLİN BAAAAASSSS!!!: https://www.youtube.com/shorts/Jt1rZXxR9iM
  • ISTE 2024 MAASLARI...: https://youtu.be/N1Ti-zP93ho

CTFs & Writeups:

• CTFs
• CTF-Repos
• https://bitvijays.github.io/LFC-VulnerableMachines.html#ctf-series-vulnerable-machines
• https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/
• https://htbmachines.github.io/
• https://github.com/Crypto-Cat/CTF

Collection of Github Repositories for 𝗛𝗮𝗰𝗸𝗶𝗻𝗴 / 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 / 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆.

1. Book of Secret Knowledge = https://github.com/trimstray/the-book-of-secret-knowledge
2. Awesome Hacking = https://github.com/Hack-with-Github/Awesome-Hacking
3. Awesome Bug Bounty = https://github.com/djadmin/awesome-bug-bounty
4. Awesome Penetration Testing = https://github.com/wtsxDev/Penetration-Testing
5. Awesome Web Hacking = https://github.com/infoslack/awesome-web-hacking
6. Awesome Hacking Resources = https://github.com/vitalysim/Awesome-Hacking-Resources
7. Awesome Pentest = https://github.com/enaqx/awesome-pentest
8. Awesome Red Teaming = https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
9. Awesome Web Security = https://github.com/qazbnm456/awesome-web-security
10. Penetration Test Guide based on OWASP = https://github.com/Voorivex/pentest-guide
11. Pentest Compilation = https://github.com/adon90/pentest_compilation
12. Infosec Reference = https://github.com/rmusser01/Infosec_Reference

Blackhat:

• https://drive.google.com/drive/folders/17bPejkJDzMU4w4ikZmG8Aa15KbMZtShH

Notes:

• https://github.com/six2dez/pentest-book
• https://exploit-notes.hdks.org/
• https://github.com/lanjelot/kb
• https://ed4m4s.blog/
• https://ihsansencan.github.io/tools-tips-tricks/msfvenom.html
• https://ihsansencan.github.io/tools-tips-tricks/metasploit.html

Cheatsheets:

• https://f4d3.io/tags/
• https://github.com/brcyrr/PracticalCyberSecurityResources
• https://guide.offsecnewbie.com/
• https://cheatsheet.haax.fr/
• https://github.com/0xDigimon/Awesome-Hacking
• https://github.com/0xDigimon/Awesome-Hacking-Resources

Cybersecurity & Ethical Hacking & Pentest Tricks and Tips:

• https://guif.re/
• https://www.hasanbaskin.com/notes/
• https://x0rb3l.github.io/Cyber-Bookmarks/bookmarks.html
• https://www.hooperlabs.xyz/cheatsheets.php
• https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/

Tools Collection:

• https://arttoolkit.github.io/
• https://prune2000.github.io/tools/pentest/ (X)
• https://securitycipher.com/security-tools/
• https://kondukto.io/integrations
• https://seckrd.com/tools
• https://inventory.raw.pm/tools.html
• https://tr.rakko.tools/
• https://offsec.tools/
• https://en.kali.tools/
• https://pentesttools.net/
• https://tools.tldr.run/
• https://www.kitploit.com/

OSINT & Google Dorks:

• https://github.com/jivoi/awesome-osint
• https://github.com/TheBurnsy/Vehicle-OSINT-Collection
• https://blog.blockmagnates.com/open-source-intelligence-osint-996c8d2db362
• https://cyb3r.gitbook.io/pentest-journey/open-source-intelligence-osint-fundamentals/osint-flowcharts
• https://www.bruceclay.com/blog/bing-google-advanced-search-operators/
• https://www.hackthebox.com/blog/What-Is-Google-Dorking
• https://dnsdumpster.com/footprinting-reconnaissance/
• https://github.com/redhuntlabs/Awesome-Asset-Discovery
• https://github.com/Proviesec/google-dorks

Application Security & Code Review:

• https://0xn3va.gitbook.io/cheat-sheets/
• https://wehackpurple.com/blogs/page/2/
• https://wehackpurple.com/blogs/page/3/
• https://wehackpurple.com/blogs/page/4/
• https://google.github.io/eng-practices/review/
• https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist
• https://github.com/paragonie/awesome-appsec
• https://erdemstar08.medium.com/source-code-scan-7448df9a1358
• https://erdemstar08.medium.com/java-source-code-scanning-with-maven-fortify-4514b61696b6
• https://erdemstar08.medium.com/ios-source-code-scanning-fortify-b0cca71ab519
• https://erdemstar08.medium.com/android-source-code-scanning-fortify-f218df889eeb
• https://erdemstar08.medium.com/code-scan-with-sast-net-framework-4-8-876d42673c72
• https://erdemstar08.medium.com/code-scan-with-sast-net-core-3-49cb8c742ecc

DevSecOps:

• https://github.com/sottlmarek/DevSecOps
• https://github.com/hahwul/DevSecOps
• https://github.com/magnologan/awesome-k8s-security
• https://github.com/TaptuIT/awesome-devsecops
• https://github.com/We5ter/Awesome-DevSecOps-Platforms
• https://www.productsecurity.ai/course/devsecops-training

Pentest General Resources:

• https://github.com/enaqx/awesome-pentest
• https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets
• https://github.com/Hack-with-Github/Awesome-Hacking
• https://github.com/juliocesarfort/public-pentesting-reports
• https://github.com/vlakhani28/Cyber-Security-Resources
• https://github.com/wtsxDev/Penetration-Testing
• https://github.com/wwong99/pentest-notes
• https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
• https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources
• https://github.com/Samsar4/Ethical-Hacking-Labs
• https://github.com/swisskyrepo/PayloadsAllTheThings
• https://github.com/netbiosX/Checklists
• https://hariprasaanth.notion.site/hariprasaanth/THICK-CLIENT-PENTESTING-CHECKLIST-35c6803f26eb4c9d89ba7f5fdc901fb0
• https://github.com/SubediBibek-cmd/awesome-network-security
• https://github.com/carpedm20/awesome-hacking
• https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
• https://www.lifars.com/knowledge-center/python-penetration-testing-cheat-sheet/
• https://github.com/purabparihar/Infrastructure-Pentesting-Checklist
• https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap
• https://github.com/RafaelFunchal/wordpress-security-checklist/blob/master/items.md
• https://viperone.gitbook.io/pentest-everything/
• https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/

Web:

• https://www.w3schools.com
• https://developers.cloudflare.com/support/troubleshooting/http-status-codes/
• https://github.com/drakyanerlanggarizkiwardhana/awesome-web-hacking
• https://www.webhackingtips.com/
• https://skf.gitbook.io/asvs-write-ups/

Web Pentest:

• https://www.vulnhub.com/entry/xtreme-vulnerable-web-application-xvwa-1,209/
• https://pentestbook.six2dez.com/others/web-checklist
• https://github.com/Ignitetechnologies/Web-Application-Cheatsheet
• https://infosecwriteups.com/serialization-deserialization-attacks-on-php-d5fb02e29248
• https://github.com/infoslack/awesome-web-hacking
• https://github.com/qazbnm456/awesome-web-security
• https://github.com/5bhuv4n35h/pentestmindmap/blob/master/web_application_penetration_testing.png
• https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/
• https://github.com/dhaval17/awsome-security-write-ups-and-POCs
• https://hariprasaanth.notion.site/hariprasaanth/WEB-APPLICATION-PENTESTING-CHECKLIST-0f02d8074b9d4af7b12b8da2d46ac998
• https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6

API Security & Pentest:

• https://github.com/Erdemstar/VulnerableApp4APISecurity
• https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API Pentesting Mindmap.png
• https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API Pentesting Mindmap ATTACK.pdf
• https://github.com/shieldfy/API-Security-Checklist
• https://github.com/erev0s/VAmPI
• https://github.com/roottusk/vapi
• https://danaepp.com/beginners-guide-to-api-hacking
• https://bughunters.google.com/learn/presentations/5783688075542528/android-app-hacking-workshop
• https://www.virtuesecurity.com/api-penetration-testing/
• https://university.apisec.ai/
• https://www.productsecurity.ai/course/api-security-training

Bug Bounty:

• https://bugbountyforum.com/tools/recon/
• https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
• https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2
• https://github.com/djadmin/awesome-bug-bounty#write-ups--authors
• https://github.com/bobby-lin/study-bug-bounty
• https://github.com/hahwul/WebHackersWeapons
• https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md
• https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
• https://bughacking.com/best-bug-bounty-platforms/
• https://github.com/tuhin1729/Bug-Bounty-Methodology
• https://github.com/daffainfo/AllAboutBugBounty
• https://www.infosecmatter.com/bug-bounty-tips-1/
• https://www.infosecmatter.com/bug-bounty-tips-2-jun-30/
• https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md
• https://gowsundar.gitbook.io/book-of-bugbounty-tips/
• https://github.com/Neelakandan-A/BugBounty_CheatSheet
• https://github.com/vavkamil/awesome-bugbounty-tools
• https://github.com/ngalongc/bug-bounty-reference
• https://github.com/YaS5in3/Bug-Bounty-Wordlists
• https://mokhansec.medium.com/what-would-i-do-if-i-start-bug-hunting-from-0-again-79c7fa78b789
• https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248
• https://github.com/imran-parray/Mind-Maps/blob/master/Recon%20-%20Imran%20parray/My-recon.png

Mobile Pentest:

• https://0xn3va.gitbook.io/cheat-sheets/
• https://github.com/muellerberndt/android_app_security_checklist
• https://medium.com/vakifbank-teknoloji/android-application-security-penetration-tests-1-2da29240093d
• https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
• https://github.com/vaib25vicky/awesome-mobile-security

Cloud Security & Pentest:

• https://github.com/dafthack/CloudPentestCheatsheets
• https://github.com/TROUBLE-1/Cloud-Pentesting/blob/main/Note %26 Mind Map/Cloud Pentesting/Attacking Cloud.pdf
• https://raw.githubusercontent.com/5bhuv4n35h/pentestmindmap/master/cloud_penetration_testing.png
• https://github.com/six2dez/pentest-book/tree/master/enumeration/cloud
• https://github.com/Funkmyster/awesome-cloud-security
• https://github.com/4ndersonLin/awesome-cloud-security
• https://github.com/aquasecurity/cloud-security-remediation-guides

Container Security:

• https://github.com/krol3/container-security-checklist
• https://www.productsecurity.ai/course/container-security-course

Kubernetes Security:

• https://www.productsecurity.ai/course/kubernetes-security-course

IoT Security:

• https://github.com/V33RU/IoTSecurity101
• https://github.com/V33RU/IoTSecurity101#vulnerable-iot-and-hardware-applications
• https://github.com/nebgnahz/awesome-iot-hacks

Active Directory:

• https://github.com/safebuffer/vulnerable-AD
• https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/
• https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
• https://blog.spookysec.net/ad-lab-1/
• https://blog.spookysec.net/ad-lab-2/
• https://github.com/WazeHell/vulnerable-AD

Exploit Development:

• https://github.com/FabioBaroni/awesome-exploit-development

Red Teaming:

• https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
• https://github.com/infosecn1nja/Red-Teaming-Toolkit
• https://github.com/0xJs/RedTeaming_CheatSheet

Social Engineering:

• https://github.com/v2-dev/awesome-social-engineering

Blockchain Security:

• https://github.com/xxxeyJ/Awesome-Blockchain-Security

Threat Modelling:

• https://github.com/hysnsec/awesome-threat-modelling
• https://www.productsecurity.ai/course/threat-modeling-training

Security Architecture:

• https://zeltser.com/security-architecture-cheat-sheet/

Roadmaps:

• https://medium.com/@rezaduty/web-penetration-testing-roadmap-4e7bb9edf23b
• https://medium.com/@rezaduty/mobile-penetration-tester-roadmap-f2ec9bd68dcf
• https://github.com/rezaduty/cybersecurity-career-path
• https://github.com/CyberSecurityUP/PenTest-Certifications-Roadmap

General Resources:

• https://www.siberportal.org/red-team/network-penetration-tests/sizma-testlerinde-ve-denetimlerde-en-cok-karsilasilan-servisleri-degerlendirme-smtp-pop3-ve-imap/
• https://webs3c.com/
• https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/
• https://kalitut.com/
• https://hackermovie.club/
• https://github.com/PaulSec/awesome-sec-talks
• https://zeltser.com/information-security/
• https://infosecwriteups.com/finding-of-directory-path-in-linux-820be9ae759b
• https://cybersecuritybase.mooc.fi/
• https://www.cyberseek.org/pathway.html
• http://dfir.org/?q=node/8