Coleção de favoritos de segurança.

My security bookmarks collection.

All that things I need to pass OSCP, i think =)

CONTENTS

• Security Blogs
• Security Forums
• Tor Onion Links
• Security Methodologies
• Training/Classes/Video
• Pentest Tools
• Pentest Lab ISO-VMs
• Metasploit
• Net Scanners
• Man-in-the-middle attack
• Phase 1 - Reconnaissance: Information Gathering before the Attack
  • Phase 1.1 - People and Orginizational
  • Phase 1.2 - Infastructure
  • Phase 1.2 - Tools
• Phase 2 - Enumeration: Finding Attack Vectors
• Phase 3 - Exploitation: Verifying Security Weaknesses
  • Dump Windows Password Hashes
  • Windows Passhing The Hash
  • Windows Previlige Escalation
  • Linux Previlige Escalation
  • Tunneling & Port Forwarding
  • XSS Cheat Codes
  • WebShells
  • SQLi General Resources
  • MySQLi Resources
  • MSSQLi Resources
  • Oracle SQLi Resources
  • Postgres SQLi Resources
  • SQLite Resources
  • RFI/LFI Tutorials
  • NASM Tutorial
  • Buffer Overflow Tutorial
  • Exploit Development
  • Exploits and Shellcodes
  • Reverse Engineering
  • OS Cheat Sheets and Script Syntax
  • Passwords Wordlists, Hashes, Tools
  • InfoSec Hiring
  • IT Certifications
  • Links Collections
  • Books

Security Blogs

• My Security OPML

Security Forums

• http://securityoverride.org/forum/index.php
• https://www.hackthissite.org/forums/index.php
• https://www.ethicalhacker.net/forums/index.php
• https://evilzone.org/
• http://forum.antichat.ru/
• https://forum.xeksec.com/
• https://rdot.org/forum/
• https://forum.zloy.bz/
• https://forum.reverse4you.org/
• https://rstforums.com/forum/
• http://www.truehackers.ru/forum/index.php
• http://garage4hackers.com/forum.php
• https://www.hellboundhackers.org/
• http://www.lockpicking101.com/
• https://www.xploitworld.com/index.php

Tor Onion Links

• http://www.hiddenwiki.info/

Security Methodologies

• http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
• http://www.pentest-standard.org/index.php/Main_Page
• https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
• http://yehg.net/lab/pr0js/misc/wasarg_owasp-tgv4_with_ref.php
• http://www.social-engineer.org/
• http://projects.webappsec.org/w/page/13246927/FrontPage

Training/Classes/Video

• https://exploit-exercises.com
• https://www.cybrary.it/cyber-security/
• http://www.irongeek.com/i.php?page=videos/aide-winter-2011
• https://lab.pentestit.ru/pentestlabs/3
• https://trailofbits.github.io/ctf/
• http://ctf.forgottensec.com/wiki/?title=Main_Page
• http://smashthestack.org/
• http://ctf.hcesperer.org/
• https://www.google.com/calendar/feeds/noge7b1rg2dg4a8kcm1k68vbjg@group.calendar.google.com/public/basic
• https://www.google.com/calendar/embed?src=pe2ikdbe6b841od6e26ato0asc@group.calendar.google.com&gsessionid=OK
• https://crypto.stanford.edu/cs155/
• https://www.offensive-security.com/metasploit-unleashed/
• http://www.irongeek.com/i.php?page=videos/metasploit-class
• http://www.securitytube.net/
• http://resources.infosecinstitute.com/
• https://www.cs.fsu.edu/~redwood/OffensiveSecurity/lectures.html
• https://www.youtube.com/watch?v=ANlROJNWtCs&list=PLM0IiVYClP2vC3A6Uz_ESV86kBVYei5qx
• https://www.youtube.com/watch?v=Sye3mu-EoTI
• https://www.youtube.com/watch?v=GPjcSxyIIUc
• https://www.youtube.com/watch?v=kPxavpgos2I
• https://www.youtube.com/watch?v=pnqcHU2qFiA
• http://www.securitytube.net/video/7640
• https://www.youtube.com/watch?v=y2zrEAwmdws
• http://www.securitytube.net/video/7735

Pentest Tools

• https://github.com/pwnwiki/pwnwiki.github.io
• https://github.com/sbilly/awesome-security
• https://github.com/paragonie/awesome-appsec
• https://github.com/enaqx/awesome-pentest
• https://github.com/kahun/awesome-sysadmin#security
• http://beefproject.com/
• https://xsser.03c8.net/
• https://code.google.com/p/fuzzdb/
• https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database#tab=Statements
• http://w3af.org/
• https://code.google.com/p/skipfish/
• https://www.sans.org/reading-room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder-33214
• https://www.securityninja.co.uk/hacking/burp-suite-tutorial-the-intruder-tool/
• http://www.justanotherhacker.com/projects/graudit.html
• https://packetstormsecurity.com/files/tags/tool

Pentest Lab ISO-VMs

• http://www.amanhardikar.com/mindmaps/PracticeUrls.html
• https://www.kali.org/
• https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project
• http://blackarch.org/
• https://code.google.com/p/owaspbwa/
• https://www.mavensecurity.com/web_security_dojo/
• http://hackingdojo.com/dojo-media/
• http://informatica.uv.es/~carlos/docencia/netinvm/
• http://www.bonsai-sec.com/en/research/moth.php
• http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
• http://sourceforge.net/projects/lampsecurity/?source=navbar
• https://www.hacking-lab.com/index.html
• http://sourceforge.net/projects/virtualhacking/files/
• http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10
• http://www.dvwa.co.uk/
• http://sourceforge.net/projects/thebutterflytmp/
• http://magikh0e.ihtb.org/pubPapers/

Metasploit

• http://resources.metasploit.com/
• http://netsec.ws/?p=262
• http://seclists.org/metasploit/
• https://www.offensive-security.com/metasploit-unleashed/Introduction/
• http://www.offensive-security.com/metasploit-unleashed/Msfvenom
• https://community.rapid7.com/community/metasploit/
• http://www.securitytube.net/video/711?q=METASPLOIT
• https://en.wikibooks.org/wiki/Metasploit
• https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
• http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html
• https://github.com/rapid7/metasploit-framework/wiki/Meterpreter
• https://www.blackhat.com/presentations/bh-dc-10/Egypt/BlackHat-DC-2010-Egypt-UAV-slides.pdf

Net Scanners

• https://nmap.org/
• https://nmap.org/nsedoc/
• http://www.securitytube.net/video/931
• https://nmap.org/nsedoc/
• http://www.openvas.org/
• http://www.tenable.com/products/nessus-vulnerability-scanner
• https://www.rapid7.com/products/nexpose/compare-downloads.jsp
• http://www.inguardians.com/research/docs/Skoudis_pentestsecrets.pdf

Man-in-the-middle attack

• http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf
• http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf
• https://packetstormsecurity.com/papers/wireless/cracking-air.pdf
• https://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf
• https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf
• http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf
• http://bandwidthco.com/nf.html
• http://articles.manugarg.com/arp_spoofing.pdf
• http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf
• http://www.ucci.it/docs/ICTSecurity-2004-26.pdf

Phase 1 - Reconnaissance: Information Gathering before the Attack

• https://en.wikipedia.org/wiki/Open-source_intelligence
• http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-1-social-networks/
• http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata/
• http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-3-monitoring/
• http://www.slideshare.net/Laramies/tactical-information-gathering
• http://www.infond.fr/2010/05/toturial-footprinting.html

Phase 1.1 - People and Orginizational

• http://www.spokeo.com/
• http://www.spoke.com/
• https://www.xing.com/
• http://www.zoominfo.com/
• https://pipl.com/
• http://www.zabasearch.com/
• http://www.searchbug.com/
• http://skipease.com/
• http://addictomatic.com/
• http://socialmention.com/
• http://entitycube.research.microsoft.com/
• http://www.yasni.com/
• http://www.glassdoor.com/index.htm
• https://connect.data.com/
• https://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp
• https://www.tineye.com/
• http://www.peekyou.com/

Phase 1.2 - Infastructure

• http://uptime.netcraft.com/
• http://www.shodanhq.com/
• http://www.domaintools.com/
• http://centralops.net/co/
• http://whois.webhosting.info/
• https://www.ssllabs.com/ssltest/analyze.html
• https://www.exploit-db.com/google-hacking-database/
• http://www.my-ip-neighbors.com/

Phase 1.2 - Tools

• OSINT Tools
• http://www.edge-security.com/theharvester.php
• http://www.edge-security.com/metagoofil.php
• http://www.paterva.com/web6/
• https://www.sans.org/reading-room/whitepapers/privacy/document-metadata-silent-killer-32974
• http://www.sno.phy.queensu.ca/~phil/exiftool/
• http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html

Phase 2 - Enumeration: Finding Attack Vectors

• https://bitvijays.github.io/blog/2015/04/09/learning-from-the-field-intelligence-gathering/
• http://securitysynapse.blogspot.be/2013_08_01_archive.html
• https://hackertarget.com/attacking-wordpress/
• https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
• http://www.0daysecurity.com/penetration-testing/enumeration.html
• https://github.com/n3ko1/WrapMap
• https://cirt.net/Nikto2
• http://www.unixmen.com/install-nikto-web-scanner-check-vulnerabilities/
• http://seclist.us/autoenum-nmap-enumeration-and-script-scan-automation-script.html
• http://code.stephenmorley.org/articles/xampp-version-history-apache-mysql-php/
• http://carnal0wnage.attackresearch.com/2007/07/over-in-lso-chat-we-were-talking-about.html
• http://www.iodigitalsec.com/windows-null-session-enumeration/
• https://pen-testing.sans.org/blog/2013/07/24/plundering-windows-account-info-via-authenticated-smb-sessions
• http://carnal0wnage.attackresearch.com/2007/07/enumerating-user-accounts-on-linux-and.html
• https://github.com/isaudits/autoenum
• http://www.webpronews.com/snmp-enumeration-and-hacking-2003-09
• http://carnal0wnage.attackresearch.com/2007/07/over-in-lso-chat-we-were-talking-about.html
• http://www.iodigitalsec.com/windows-null-session-enumeration/
• http://pen-testing.sans.org/blog/2013/07/24/plundering-windows-account-info-via-authenticated-smb-sessions
• http://carnal0wnage.attackresearch.com/2007/07/enumerating-user-accounts-on-linux-and.html
• http://www.madirish.net/59
• http://www.enye-sec.org/en/papers/web_vuln-en.txt

Phase 3 - Exploitation: Verifying Security Weaknesses

• http://pwnwiki.io
• http://download.vulnhub.com/pentesterlab/php_include_and_post_exploitation.pdf
• http://ru.scribd.com/doc/245679444/hak5-org-OSXPost-Exploitation-copy-20130228-pdf#scribd
• https://cyberwar.nl/d/hak5.org_LinuxUnixBSDPost-ExploitationCommandList_copy-20130228.pdf
• https://www.yumpu.com/en/document/view/14963680/from-sqli-to-shell

Dump Windows Password Hashes

• http://bernardodamele.blogspot.com/2011/12/dump-windows-password-hashes.html

Windows Passhing The Hash

• https://www.kali.org/penetration-testing/passing-hash-remote-desktop/
• https://www.kali.org/kali-monday/pass-the-hash-toolkit-winexe-updates/

Windows Previlige Escalation

• http://toshellandback.com/2015/11/24/ms-priv-esc/
• [https://labs.mwrinfosecurity.com/system/assets/760/original/Windows_Services_-All_roads_lead_to_SYSTEM.pdf](https://labs.mwrinfosecurity.com/system/assets/760/original/Windows_Services-_All_roads_lead_to_SYSTEM.pdf)
• http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/
• https://github.com/0xdeafbeef/PSSecSnapshot
• http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.html
• http://www.fuzzysecurity.com/tutorials/16.html
• http://www.youtube.com/watch?v=kMG8IsCohHA
• http://www.youtube.com/watch?v=_8xJaaQlpBo
• http://www.greyhathacker.net/?p=738
• http://bernardodamele.blogspot.ru/2011/12/dump-windows-password-hashes.html

Linux Previlige Escalation

• http://incolumitas.com/wp-content/uploads/2012/12/blackhats_view.pdf
• http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation.html
• http://pentestmonkey.net/tools/audit/unix-privesc-check
• http://www.rebootuser.com/?page_id=1721
• http://www.rebootuser.com/?p=1758
• http://www.rebootuser.com/?p=1623
• http://insidetrust.blogspot.nl/2011/04/quick-guide-to-linux-privilege.html

Tunneling & Port Forwarding

• https://www.sans.org/reading-room/whitepapers/testing/tunneling-pivoting-web-application-penetration-testing-36117
• https://highon.coffee/blog/reverse-shell-cheat-sheet/
• https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
• http://staff.washington.edu/corey/fw/ssh-port-forwarding.html
• http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
• http://magikh0e.ihtb.org/pubPapers/ssh_gymnastics_tunneling.html
• http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html
• http://www.danscourses.com/Network-Penetration-Testing/metasploit-pivoting.html
• http://carnal0wnage.attackresearch.com/2007/09/using-metasploit-to-pivot-through_06.html
• http://www.offensive-security.com/metasploit-unleashed/Portfwd
• http://www.offensive-security.com/metasploit-unleashed/Pivoting
• http://www.howtoforge.com/reverse-ssh-tunneling
• http://ftp.acc.umu.se/pub/putty/putty-0.57/htmldoc/Chapter7.htmla

XSS Cheat Codes

• http://www.xenuser.org/xss-cheat-sheet/
• https://gist.github.com/sseffa/11031135
• https://html5sec.org/

WebShells

• http://www.r57shell.net/
• https://github.com/b374k/b374k
• https://github.com/epinna/weevely3

SQLi General Resources

• http://www.w3schools.com/sql/sql_injection.asp
• http://sqlzoo.net/hack/
• https://information.rapid7.com/rs/rapid7/images/R7%20SQL_Injection_Cheat_Sheet.v1.pdf
• http://websec.ca/kb/sql_injection
• http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
• http://www.unixwiz.net/techtips/sql-injection.html
• http://www.sqlinjectionwiki.com/
• http://sqlmap.org/
• https://packetstorm.sigterm.no/papers/cheatsheets/sqlmap-cheatsheet-1.0-SDB.pdf
• https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet
• http://bobby-tables.com/

MySQLi Resources

• http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
• https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/
• http://resources.infosecinstitute.com/backdoor-sql-injection/

MSSQLi Resources

• http://evilsql.com/main/page2.php
• http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet

Oracle SQLi Resources

• http://pentestmonkey.net/cheat-sheet/sql-injection/oracle-sql-injection-cheat-sheet

Postgres SQLi Resources

• http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet

SQLite Resources

• https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet

RFI/LFI Tutorials

• https://evilzone.org/tutorials/remote-file-inclusion%28rfi%29/
• http://www.hackersonlineclub.com/lfi-rfi
• https://0xzoidberg.wordpress.com/category/security/lfi-rfi/

NASM Tutorial

• http://ccm.net/faq/1559-compiling-an-assembly-program-with-nasm

Buffer Overflow Tutorial

• http://www.madirish.net/142
• http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v1-90-buffer-overflow
• http://resources.infosecinstitute.com/author/nikhil-kumar/
• http://www.frequency.com/video/athcon-hack-in-paris-demo-1/40181156
• http://www.savevid.com/video/athcon-hack-in-paris-demo-2.html
• http://www.frequency.com/video/athcon-hack-in-paris-demo-3/11306148
• https://tehaurum.wordpress.com/2015/06/22/exploit-development-stack-buffer-overflow/
• http://proactivedefender.blogspot.ru/2013/05/understanding-buffer-overflows.html
• https://forum.reverse4you.org/showthread.php?t=1371
• http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.html
• http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html
• http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html
• http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html
• http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html
• http://thepcn3rd.blogspot.ru/2015/07/freeftpd-108-seh-stack-based-overflow.html

Exploit Development

• https://www.corelan.be/index.php/articles/
• http://www.fuzzysecurity.com/tutorials.html
• https://code.google.com/p/it-sec-catalog/wiki/Exploitation
• http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
• https://www.ethicalhacker.net/columns/heffner/smashing-the-modern-stack-for-fun-and-profit
• http://x9090.blogspot.ru/2010/03/tutorial-exploit-writting-tutorial-from.html
• http://ref.x86asm.net/index.html
• https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
• https://forum.reverse4you.org/showthread.php?t=1371

Exploits and Shellcodes

• https://www.exploit-db.com/
• https://packetstormsecurity.com/
• http://www.securityfocus.com/bid
• https://nvd.nist.gov/
• http://osvdb.org/
• http://www.secdocs.org/
• http://www.cvedetails.com/
• https://cve.mitre.org/
• http://www.windowsexploits.com/
• http://farlight.org/index.html?type=shellcode
• http://shell-storm.org/shellcode/

Reverse Engineering

• https://www.cyberguerrilla.org/blog/what-the-blackhats-dont-want-you-to-know-series/
• http://fumalwareanalysis.blogspot.ru/p/malware-analysis-tutorials-reverse.html
• http://www.woodmann.com/TiGa/idaseries.html
• http://visi.kenshoto.com/viki/MainPage
• http://www.radare.org/r/
• http://www.offensivecomputing.net/
• http://www.oldapps.com/
• http://www.oldversion.com/
• https://www.exploit-db.com/webapps/
• http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
• http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
• http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
• http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx

OS Cheat Sheets and Script Syntax

• https://www.owasp.org/index.php/Cheat_Sheets
• http://www.cheat-sheets.org/
• http://ss64.com/nt/
• https://rstforums.com/forum/22324-hacking-tools-windows.rst
• https://en.wikipedia.org/wiki/IPv4_subnetting_reference
• http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/
• http://shelldorado.com/shelltips/beginner.html
• http://mywiki.wooledge.org/BashPitfalls
• https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
• http://www.robvanderwoude.com/ntadmincommands.php
• https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
• https://countuponsecurity.files.wordpress.com/2015/06/jtr-cheatsheetimg.png
• https://danielmiessler.com/study/tcpdump/
• http://www.infosecwriters.com/Papers/nessusNMAPcheatSheet.pdf

Passwords Wordlists, Hashes, Tools

• http://www.irongeek.com/i.php?page=videos/password-exploitation-class
• https://cirt.net/passwords
• http://h.foofus.net/?page_id=51
• http://h.foofus.net/?page_id=55
• http://foofus.net/?page_id=63
• http://hashcrack.blogspot.ru/
• http://www.onlinehashcrack.com/
• http://www.md5this.com/
• http://contest-2010.korelogic.com/wordlists.html
• https://packetstormsecurity.com/Crackers/wordlists/
• http://hqsoftwarecollection.blogspot.in/p/36gn-wordlist.html
• https://wiki.skullsecurity.org/Passwords
• https://www.sans.org/reading-room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation-33283
• https://www.sans.org/reading-room/whitepapers/testing/crack-pass-hash-33219
• https://nmap.org/ncrack/
• http://www.openwall.com/john/
• http://ophcrack.sourceforge.net/
• https://inquisb.github.io/keimpx/
• http://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-3-using-hashcat-0156543/

InfoSec Hiring

• Reddit Thread Q3 2015
• Reddit Thread Q2 2015
• ShmooCon Hiring List 2015
• SANS
• Careers Stackoverflow
• PenTester Salary
• San Francisco InfoSec Jobs
• Infosecinstitute.com
• Inspiredcareers.org/

IT Certifications

• http://certs.infosecinstitute.com/

Links Collections

• http://in-addr.nl/security-links.php
• http://ser-storchak.blogspot.ru/p/blog-page_16.html
• Reddit NetsecStudents Wiki
• https://www.vulnhub.com/resources/

Books

• Security Books at Amazon
• A Bug Hunter’s Reading List
• An Application Security Reading List