Pentesting-Recources: A repository from k0zyX

Free-recources to learn Pentesting
Note: This Repo will be Frequently Updated
linux

https://linuxjourney.com/
https://linuxsurvival.com/linux-tutorial-introduction/
https://training.linuxfoundation.org/resources/?_sft_content_type=free-course
https://opensource.com/resources/linux
https://www.youtube.com/watch?v=ZtqBQ68cfJc
https://www.youtube.com/watch?v=HbgzrKJvDRw
https://www.youtube.com/watch?v=A3G-3hp88mo
https://www.youtube.com/watch?v=42iQKuQodW4
https://tryhackme.com/room/linuxfundamentalspart1
https://tryhackme.com/room/linuxfundamentalspart2
https://tryhackme.com/room/linuxfundamentalspart3
https://www.youtube.com/watch?v=rrB13utjYV4
https://www.youtube.com/watch?v=gd7BXuUQ91w
https://www.youtube.com/watch?v=ROjZy1WbCIA
https://www.youtube.com/watch?v=lZAoFs75_cs&t=15s


Scripting
https://cs50.harvard.edu/college/2022/spring/weeks/0/

Bash
https://www.youtube.com/watch?v=oxuRxtrO2Ag
https://tryhackme.com/room/bashscripting
https://learn-bash.org/
https://devhints.io/bash
https://learn-bash.org/
https://www.khanacademy.org/computing/computer-programming/programming
https://www.learnshell.org/
https://www.freecodecamp.org/news/search/?query=bash



Cryptography & Stegnography

https://www.youtube.com/watch?v=6_Cxj5WKpIw
https://www.youtube.com/watch?v=NuyzuNBFWxQ&t=102s
https://www.youtube.com/watch?v=b4b8ktEV4Bg
https://www.youtube.com/watch?v=GSIDS_lvRv4
https://www.youtube.com/watch?v=NmM9HA2MQGI
https://cyberchef.org/
https://hashes.com/en/tools/hash_identifier
https://www.dcode.fr/cipher-identifier
https://crackstation.net/


Networking

https://tryhackme.com/room/introtonetworking
https://tryhackme.com/room/whatisnetworking
https://tryhackme.com/room/introtolan
https://www.youtube.com/watch?v=vv4y_uOneC0
https://www.youtube.com/watch?v=0TLDTodL7Lc
https://www.youtube.com/watch?v=PG9oKZdFb7w
https://www.youtube.com/watch?v=AAssk2N_oPk
https://www.youtube.com/watch?v=iGPXkxeOfdk
https://www.youtube.com/watch?v=L6bDA5FK6gs
https://www.youtube.com/watch?v=5WfiTHiU4x8
https://www.youtube.com/watch?v=s_Ntt6eTn94
https://www.youtube.com/watch?v=86cQJ0MMses


Docker

https://www.youtube.com/watch?v=eGz9DS-aIeY
https://www.youtube.com/watch?v=Gjnup-PuquQ
https://www.youtube.com/watch?v=pTFZFxd4hOI


General

https://www.youtube.com/watch?v=vvKbMueRzrI
https://www.youtube.com/watch?v=keo0dglCj7I
https://www.youtube.com/watch?v=E_wX40fQwEA
https://tryhackme.com/room/historyofmalware
https://tryhackme.com/room/securityawarenessintro
https://www.youtube.com/watch?v=7U-RbOKanYs
https://www.youtube.com/watch?v=lVcbq_a5N9I
https://www.youtube.com/watch?v=8ZtInClXe1Q



Youtube Channels

Computer phile :https://www.youtube.com/@Computerphile ( One of my fav)
Cyber Mentor : https://www.youtube.com/@TCMSecurityAcademy
Network Chuck: https://www.youtube.com/@NetworkChuck
Ippsec       : https://www.youtube.com/@ippsec
John hammond : https://www.youtube.com/@_JohnHammond
Nullbyte     : https://www.youtube.com/@NullByteWHT
David bombal : https://www.youtube.com/@davidbombal
Oxdf         : https://www.youtube.com/@0xdf
Insider phd  : https://www.youtube.com/@InsiderPhD
pwn Function : https://www.youtube.com/@PwnFunction
LiveOverflow : https://www.youtube.com/@LiveOverflow
Malfind Labs : https://www.youtube.com/@MalfindLabs
Conda        : https://www.youtube.com/@c0nd4
Hacker/splain: https://www.youtube.com/@Hacksplained
Pwn Collage  :https://www.youtube.com/@pwncollege
Ymir Vigfusson:https://www.youtube.com/@YmirVigfussonPresents
Atck/detct/dfnd : https://www.youtube.com/@rot169
CwInfosec    :https://www.youtube.com/@cwinfosec


Newsletters

API security news.
Blockchain Threat Intelligence: Tools & threats.
We Live Security: News, views and insights.
SecPro: Analysis of threats, attacks and tutorials.
Gov Info Security: Governmental news.
Threatpost: Vulnerabilities and cybersecurity.
AWS Security Digest: AWS security updates.
Krebs On Security: Investigative journalism.
Risky Biz: Analysis of big cyber stories.
Schneier on Security: Cybersecurity news.
CyberSecNewsWeekly: News, articles and tools.
RTCSec: News around VOIP and WebRTC security.
This Week in 4n6: DFIR updates.
Hive Five Newsletter: Curated cybersecurity news.
Shift Security Left: Security and incidents.
TripWire’s State of Security: Corporate news.
Graham Cluley: Cybersecurity news and opinions.
Zero Day: Hackers, spies and cybercrime.
The Hacker News: Cybersecurity news.
CSO Online: Security and risk management.
Naked Security: Protect yourself from attacks.
AdvisoryWeek: Advisory roundups by vendors.
tl;dr sec Newsletter: Tools, blog posts & research.


Search-Engines

shodan.io
wigle.net
grep.app
app.binaryedge.io
onyphe.io
viz.greynoise.io
censys.io
hunter.io
fofa.so
zoomeye.org
leakix.net
intelx.io
app.netlas.io
searchcode.com
urlscan.io
publicwww.com



Google-Dorking

https://www.youtube.com/watch?v=u_gOnwWEXiA
https://www.youtube.com/watch?v=hrVa_dhD-iA
https://the-dark-web.com/google-dorking-commands-101/
https://www.youtube.com/watch?v=cEBkvm0-rg0&t=93s
https://www.youtube.com/watch?v=lESeJ3EViCo



EXPLOITS

https://www.exploit-db.com/
https://exploit.education/phoenix/
https://www.rapid7.com/
https://github.com/




WEBATTACKS

ZAP — https://www.owasp.org/index.php/OWASP...
DIRB — https://tools.kali.org/web-applicatio...
NIKTO — https://hackertarget.com/nikto-websit...
https://portswigger.net/web-security/learning-path



STABLE SHELLS (AKA TTY)

https://highon.coffee/blog/penetratio...


Privilage-Escalation

https://github.com/pentestmonkey/wind...
http://www.securitysift.com/download/...




Capture the Flags

https://pwnable.kr/play.php
https://www.osint.games/
https://portal.offensive-security.com/labs/play
Hack the Box — https://www.hackthebox.eu/
Vulnhub — https://www.vulnhub.com/
https://www.abatchy.com/2017/02/oscp-...
https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms
https://overthewire.org/wargames/
https://www.picoctf.org/
https://pentesterlab.com/
https://evilzone.org/
https://ctftime.org/```




Api Hacking

https://university.apisec.ai/products/apisec-certified-expert/categories/2150251348/posts/2157505637





Blogs

https://www.seytonic.com/
https://null-byte.wonderhowto.com/
https://www.null-byte.org/blog/
https://nmap.org/book/firewall-subversion.html ( by passing firewall with Nmap)
https://firewallsdontstopdragons.com/



Forums

https://pirates-forum.org/Forum-Hardware-Networking


Roadmaps

1. Basics — https://wiki.bi0s.in/basics/intro/
2. Reverse Engineering — https://wiki.bi0s.in/reversing/roadmap/
3. Pwning — https://wiki.bi0s.in/pwning/roadmap/
4. Forensics — https://wiki.bi0s.in/forensics/roadmap/
5. Crypto — https://wiki.bi0s.in/crypto/roadmap/
7. Web — https://wiki.bi0s.in/web/roadmap/





Handy tools & Github-repos

https://www.androidauthority.com/how-to-create-an-sms-app-721438/
https://demo.grammarly.com/
https://www.toolsley.com/
https://tio.run
https://www.decompiler.com)
https://github.com/intrigueio/intrigue-core
https://github.com/koalaman/shellcheck#installing
https://github.com/LasCC/Hack-Tools
https://github.com/vanhoefm/macstealer
https://addons.mozilla.org/en-US/firefox/addon/hacktools/
https://github.com/cytopia/fuzza
https://github.com/kleosdc/dns-exfil-infil
https://github.com/the-c0d3r/buffer-overflow



Active-Directory

https://www.youtube.com/watch?v=cTe5GsyhKUk
https://www.youtube.com/watch?v=Q4I2lKHboDw
https://adsecurity.org/?p=2293
https://posts.specterops.io/kerberoasting-revisited-d434351bd4d1 https://www.redsiege.com/wp-content/uploads/2020/04/20200430-
https://www.crowdstrike.com/cybersecurity-101/golden-ticket-attack/




Binary Exploitation

Linux : https://gtfobins.github.io
Window : https://lolbas-project.github.io/#
Active-directory : https://wadcoms.github.io


ETC . . .

Cheap Servers Vps : https://www.vultr.com/
https://guyinatuxedo.github.io
https://cugu.github.io/awesome-forensics
https://github.com/CompassSecurity/security_resource
https://www.begin.re
https://exploit.education
https://github.com/shellphish/how2heap

Ufw ( linux uncomplicated firewall) : https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands

The only cheat sheet you need Unified access to the best community driven documentation repositories of the world : https://cht.sh/

Information about any port: https://www.speedguide.net/port.php?port=
A nice site to Learn basic Consepts: https://www.hacksplaining.com/lessons
Favicon database Owasp : https://wiki.owasp.org/index.php/OWASP_favicon_database
List of file Signatures: https://en.wikipedia.org/wiki/List_of_file_signatures

malware-development : https://0xpat.github.io/Malware_development_part_1/
k0zyX/Pentesting-Recources
