Pentesting Resources and Links
Collections of links I have found useful during pentesting, CTFs, or red teaming exercise.
| Name | Description | URL |
|---|---|---|
| NetSec - How and where to start preparing for OSCP | Describes how to prepare for OSCP. | https://netosec.com/start-preparing-for-oscp/ |
| How To Pass the OSCP – a Beginner Friendly Guide | Another How-To prepare for OSCP. | https://kentosec.com/2019/10/09/how-to-pass-the-oscp-a-beginner-friendly-guide/ |
| tech.bitvijays.com - The Magic of Learning | A guide on how to go from novice to pentester. | https://tech.bitvijays.com/ |
| Offensive Security’s PWK syllabus | The official Offensive Security PWK syllabus. | https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf |
| OSCP Exam Guide | Official guide for the OSCP exam. | https://www.offensive-security.com/pwk-online/PWK-Exam-Guide.pdf |
| OSCP Reviews | Compilation of reviews from those who took the OSCP. | https://jhalon.github.io/becoming-a-pentester/ |
| TJ_Null’s OSCP Preparation Guide | A comprehensive guide and list of resources for OSCP preparation. | https://www.netsecfocus.com/oscp/2019/03/29/OSCP-Prep.html |
| HTB - Hack The Box | An online platform to test and advance your skills in penetration testing and cyber security. | https://www.hackthebox.eu/ |
| VulnHub | Provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks. | https://www.vulnhub.com/ |
| TryHackMe | Another online platform for learning and teaching cyber security, all through your browser. | https://tryhackme.com/ |
| PortSwigger Web Security Academy | Free online training for the next generation of cybersecurity professionals. | https://portswigger.net/web-security |
| OverTheWire | A site to learn and practice security concepts in the form of fun-filled games. | https://overthewire.org/wargames/ |
| PentesterLab | Provides a set of vulnerable systems that can be used to learn about penetration testing and web security. | https://pentesterlab.com/ |
| Cyber Mentor’s Practical Ethical Hacking course | A practical course on ethical hacking. | https://www.udemy.com/course/practical-ethical-hacking/ |
| IppSec’s YouTube channel | Detailed walkthroughs of how to tackle various hacking challenges. | https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA |
| Avi7611 / Oscp-Cheat-Sheet | OSCP Cheat Sheet | https://github.com/avi7611/Oscp-Cheat-Sheet/tree/master/oscp |
| ffuf/ffuf | Fast web fuzzer written in Go | https://github.com/ffuf/ffuf |
| Tib3rius / AutoRecon | AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. | https://github.com/Tib3rius/AutoRecon |
| xChockax/Buffer-Overflow | Buffer Overflow Cheat sheet | https://github.com/xChockax/Buffer-Overflow/blob/master/Buffer%20Overflow%20Cheatsheet.pdf |
| Awesome Burp Extensions | A curated list of amazingly awesome Burp Extensions | https://github.com/snoopysecurity/awesome-burp-extensions |