** Fundamentals of Malicious Word Macros
In this post I am going to be discussing how to create a Word document with a malicious macro that will connect back to a Cobalt Strike Teamserver, WITHOUT using Cobalt Strike's automated generation of the macro.
Source : https://blog.hunniccyber.com/word-macro-to-connect-back-to-cobalt-strike-teamserver-via-a-staging-server-basic/
#redteam #macro #office
In this post I am going to be discussing how to create a Word document with a malicious macro that will connect back to a Cobalt Strike Teamserver, WITHOUT using Cobalt Strike's automated generation of the macro.
Source : https://blog.hunniccyber.com/word-macro-to-connect-back-to-cobalt-strike-teamserver-via-a-staging-server-basic/
#redteam #macro #office
**HOW TO FAKE YOUR PHONE NUMBER: MAKE IT LOOK LIKE SOMEONE ELSE IS CALLING
◾️ Video : https://www.youtube.com/ watch?v=LYilP-1TwMg
What did she use to steal CNN reporter information?
She collects his information by using OSINT like search engines and social media, his posts in social media
She uses Spoof Caller ID Service from spoofcard :
Here the list of spoof caller id
- https://www.spoofcard.com/
- https://myphonerobot.com/
- https://www.crazycall.com/
- https://www.itellas.com/
- https://www.spooftel.com
- https://www.covertcalling.com
- https://www.spoofmyphone.com/
- https://freecalleridspoofing.com/
- https://bluffmycall.com/
#spoof #SE #redteam
◾️ Video : https://www.youtube.com/ watch?v=LYilP-1TwMg
What did she use to steal CNN reporter information?
She collects his information by using OSINT like search engines and social media, his posts in social media
She uses Spoof Caller ID Service from spoofcard :
Here the list of spoof caller id
- https://www.spoofcard.com/
- https://myphonerobot.com/
- https://www.crazycall.com/
- https://www.itellas.com/
- https://www.spooftel.com
- https://www.covertcalling.com
- https://www.spoofmyphone.com/
- https://freecalleridspoofing.com/
- https://bluffmycall.com/
#spoof #SE #redteam
Youtube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
# Pentesting & Bug Hunting Resources :
[ How to Start ? ] :
0. Do you Want to Know The step-by-step Path to Learn Hacking? = " There is No step-by-step Path To Learn Hacking & it Take Years! ". adapted from [LiveOverflow]
1. Ebrahim Hegazy Guide = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/
2. Mohamed Abd El-Baset Guide = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/
3. Youssef Mohamed Guide = https://generaleg0x01.com/2019/06/27/websec-roadmap/
4. Khaled Hassan Guide = https://www.facebook.com/KhaledAzrail/posts/2366367626805379
5. Mohamed Gamal Posts = https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk
6. How to start a career in Cyber Security = https://www.youtube.com/watch?v=PJ_NzML1poU
7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/
8. How to Become a Pentester = https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/
9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad
10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
11. Bug Bounty Hunting (Methodology, Toolkit ,Tips & Tricks) V 1.0 = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
12. Bug Bounty Methodology (Tactics,Techniques and Procedures) V 2.0 = https://cyberzombie.in/bug-bounty-methodology-techniques-tools-procedures/
13. How to Become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/
15. Pentesterlab Bootcamp = https://pentesterlab.com/bootcamp
16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher
17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html
18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
19. Infosec Newbie = https://www.sneakymonkey.net/2017/04/23/infosec-newbie/
20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/
21. How to Become a Security Specialist = https://www.youtube.com/playlist?list=PLkpG3YKjv6p7vb5suZY3mhBCJDSbflmhT
22. Web Application Penetration Testing Course = https://hackingresources.com/web-application-penetration-testing-course/
23. So you Want to be a Security Engineer?
https://medium.com/@niruragu/so-you-want-to-be-a-security-engineer-d8775976afb7
[ Learning Resources ] :
1. Owasp = https://www.owasp.org/
2. Knowledge Base Entersoft = http://kb.entersoft.co.in
3. Hacker 101 = https://www.hacker101.com
4. Bugcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university
5. Portswigger Academy = https://portswigger.net/web-security
6. Red Teaming Experiments = https://ired.team
7. Hacksplaining = https://www.hacksplaining.com/lessons
8. Security Idiots = http://www.securityidiots.com
9. Web App Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources
10. OWASP Cheat sheet = https://cheatsheetseries.owasp.org
11. Ippsec = https://ippsec.rocks
12. Security Online = https://securityonline.info
13. Phrack Magazine = http://phrack.org/issues/1/1.html
14. AppSecWiki = https://appsecwiki.com
15. Web Application Pentesting Notes =
https://techvomit.net/web-application-penetration-testing-notes
16. Sans Cyber Aces Tutorial = https://tutorials.cyberaces.org/tutorials.html
17. Metasploit Unleashed =
https://www.offensive-security.com/metasploit-unleashed
18. Pentesterland Newsletter = https://pentester.land/newsletter
19. Vincent Red Team Tips = https://vincentyiu.com/
20. ZeroDaySecurity Pentesting Methodology = http://www.0daysecurity.com/pentest.html
[ Books ] :
1. Breaking into Information Security = Andy Gill
[ How to Start ? ] :
0. Do you Want to Know The step-by-step Path to Learn Hacking? = " There is No step-by-step Path To Learn Hacking & it Take Years! ". adapted from [LiveOverflow]
1. Ebrahim Hegazy Guide = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/
2. Mohamed Abd El-Baset Guide = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/
3. Youssef Mohamed Guide = https://generaleg0x01.com/2019/06/27/websec-roadmap/
4. Khaled Hassan Guide = https://www.facebook.com/KhaledAzrail/posts/2366367626805379
5. Mohamed Gamal Posts = https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk
6. How to start a career in Cyber Security = https://www.youtube.com/watch?v=PJ_NzML1poU
7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/
8. How to Become a Pentester = https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/
9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad
10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
11. Bug Bounty Hunting (Methodology, Toolkit ,Tips & Tricks) V 1.0 = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
12. Bug Bounty Methodology (Tactics,Techniques and Procedures) V 2.0 = https://cyberzombie.in/bug-bounty-methodology-techniques-tools-procedures/
13. How to Become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/
15. Pentesterlab Bootcamp = https://pentesterlab.com/bootcamp
16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher
17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html
18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
19. Infosec Newbie = https://www.sneakymonkey.net/2017/04/23/infosec-newbie/
20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/
21. How to Become a Security Specialist = https://www.youtube.com/playlist?list=PLkpG3YKjv6p7vb5suZY3mhBCJDSbflmhT
22. Web Application Penetration Testing Course = https://hackingresources.com/web-application-penetration-testing-course/
23. So you Want to be a Security Engineer?
https://medium.com/@niruragu/so-you-want-to-be-a-security-engineer-d8775976afb7
[ Learning Resources ] :
1. Owasp = https://www.owasp.org/
2. Knowledge Base Entersoft = http://kb.entersoft.co.in
3. Hacker 101 = https://www.hacker101.com
4. Bugcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university
5. Portswigger Academy = https://portswigger.net/web-security
6. Red Teaming Experiments = https://ired.team
7. Hacksplaining = https://www.hacksplaining.com/lessons
8. Security Idiots = http://www.securityidiots.com
9. Web App Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources
10. OWASP Cheat sheet = https://cheatsheetseries.owasp.org
11. Ippsec = https://ippsec.rocks
12. Security Online = https://securityonline.info
13. Phrack Magazine = http://phrack.org/issues/1/1.html
14. AppSecWiki = https://appsecwiki.com
15. Web Application Pentesting Notes =
https://techvomit.net/web-application-penetration-testing-notes
16. Sans Cyber Aces Tutorial = https://tutorials.cyberaces.org/tutorials.html
17. Metasploit Unleashed =
https://www.offensive-security.com/metasploit-unleashed
18. Pentesterland Newsletter = https://pentester.land/newsletter
19. Vincent Red Team Tips = https://vincentyiu.com/
20. ZeroDaySecurity Pentesting Methodology = http://www.0daysecurity.com/pentest.html
[ Books ] :
1. Breaking into Information Security = Andy Gill
Seekurity
١٠١ - دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب
"101 دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب"
"ازاى ابدأ فى مجال اختبار اختراق تطبيقات...
"ازاى ابدأ فى مجال اختبار اختراق تطبيقات...
2. Web Application Hacker's Handbook 2 = Dafydd Stuttard and Marcus Pinto
3. Mastering Modern Web Penetration Testing = Prakhar Prasad
4. Real World Bug Hunting = Peter Yaworski
5. The Tangled Web = Michał Zalewski
6. The Hacker Playbook (1,2,3) = Peter Kim
7. OWASP Testing Guide 4
8. OWASP Top 10 (2010 - 2013 - 2017)
9. Hacking Exposed Web Application (1,2,3)
10. Web Hacking 101 = Peter Yaworski
11. Bug Bounty Hunting Essentials = Lozano and Amir
12. Bug Bounty Hunting For Web Security = Sanjib Sinha
13. Hands-On Bug Hunting For Pentesters = Joseph Marshall
14. The Basics of Hacking and Penetration Testing by Patrick Engebreston
15. Ethical Hacking and Penetration Test by Rafy Baloch
16. Hacking Exposed 7 Network Security
17. The Browser Hacker’s Handbook
18. Metasploit The Penetration Tester's Guide = David Kennedy
19. Penetration Testing: A Hands-On Introduction to Hacking = Georgia Weidman
20. Red Team Field Manual
21. Black Hat Python = Justin Seitz
22. Violent Python = TJ O'Connor
23. Hacking The Art of Exploitation = Jon Erickson
24. Google Hacking for Penetration Testers 3
25. Reversing: Secrets to reverse Engineering = Eldad Eilam
26. Bug Hunter's Diary = Tobias Klein
27. Gray Hat Hacking 5
28. Burp Suite Cookbook = Sunny Wear
29. Kali Linux Revealed
30. Nmap Essentials = David Shaw
[ Youtube Channels ] :
1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos
2. Ebrahim Hegazy =
https://www.youtube.com/user/Zigoo0/playlists
3. Ben Grewell =
https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ/playlists
4. Bugcrowd =
https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww/playlists
5. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
6. GynvaelEN =
https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg
7. HackerSploit =
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
8. IppSec =
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
9. John Hammond =
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
10. LiveOverflow =
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
11. Murmus CTF =
https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A
12. STÖK =
https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
13. Null Byte =
https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
14. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA
15. zseano =
https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos
16. Peter Yaworski =
https://www.youtube.com/user/yaworsk1/videos
17. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured
18. Cyber Defenders =
https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists
19. Nakerah Network =
https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists
20. SANS Pentest Training =
https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos
21. Security Scope = https://www.youtube.com/watch?v=SP5MYNb4f38&list=PLVBPh7Xyv8CBNsrFNVTwSyBa3wx34C2k5
22. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A
23. Ammon Henderson = https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists
24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists
25. John Haddix = https://www.youtube.com/channel/UCk0f0svao7AKeK3RfiWxXEA/videos
[ Reconnaissance ] :
1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
2. My Guide to Basic Recon = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
3. Shankar Bug Hunting Methodology (part 1) =
https://blog.usejournal.com/bug-hunting-methodology-part-1-91295b2d2066
4. Shankar Bug Hunting Methodology (part 2) =
https://blog.usejournal.com/bug-hunting-methodology-part-2-5579dac06150
5. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21
6. Holdswarth Penetration Testing Methodology (part 1) =
https://medium.com/dvlpr/penetration-testing-methodology-part-1-6-recon-9296c4d07c8a
7. Holdswarth Penetration Testing Methodology (part 2) =
3. Mastering Modern Web Penetration Testing = Prakhar Prasad
4. Real World Bug Hunting = Peter Yaworski
5. The Tangled Web = Michał Zalewski
6. The Hacker Playbook (1,2,3) = Peter Kim
7. OWASP Testing Guide 4
8. OWASP Top 10 (2010 - 2013 - 2017)
9. Hacking Exposed Web Application (1,2,3)
10. Web Hacking 101 = Peter Yaworski
11. Bug Bounty Hunting Essentials = Lozano and Amir
12. Bug Bounty Hunting For Web Security = Sanjib Sinha
13. Hands-On Bug Hunting For Pentesters = Joseph Marshall
14. The Basics of Hacking and Penetration Testing by Patrick Engebreston
15. Ethical Hacking and Penetration Test by Rafy Baloch
16. Hacking Exposed 7 Network Security
17. The Browser Hacker’s Handbook
18. Metasploit The Penetration Tester's Guide = David Kennedy
19. Penetration Testing: A Hands-On Introduction to Hacking = Georgia Weidman
20. Red Team Field Manual
21. Black Hat Python = Justin Seitz
22. Violent Python = TJ O'Connor
23. Hacking The Art of Exploitation = Jon Erickson
24. Google Hacking for Penetration Testers 3
25. Reversing: Secrets to reverse Engineering = Eldad Eilam
26. Bug Hunter's Diary = Tobias Klein
27. Gray Hat Hacking 5
28. Burp Suite Cookbook = Sunny Wear
29. Kali Linux Revealed
30. Nmap Essentials = David Shaw
[ Youtube Channels ] :
1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos
2. Ebrahim Hegazy =
https://www.youtube.com/user/Zigoo0/playlists
3. Ben Grewell =
https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ/playlists
4. Bugcrowd =
https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww/playlists
5. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
6. GynvaelEN =
https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg
7. HackerSploit =
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
8. IppSec =
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
9. John Hammond =
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
10. LiveOverflow =
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
11. Murmus CTF =
https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A
12. STÖK =
https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
13. Null Byte =
https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
14. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA
15. zseano =
https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos
16. Peter Yaworski =
https://www.youtube.com/user/yaworsk1/videos
17. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured
18. Cyber Defenders =
https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists
19. Nakerah Network =
https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists
20. SANS Pentest Training =
https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos
21. Security Scope = https://www.youtube.com/watch?v=SP5MYNb4f38&list=PLVBPh7Xyv8CBNsrFNVTwSyBa3wx34C2k5
22. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A
23. Ammon Henderson = https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists
24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists
25. John Haddix = https://www.youtube.com/channel/UCk0f0svao7AKeK3RfiWxXEA/videos
[ Reconnaissance ] :
1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
2. My Guide to Basic Recon = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
3. Shankar Bug Hunting Methodology (part 1) =
https://blog.usejournal.com/bug-hunting-methodology-part-1-91295b2d2066
4. Shankar Bug Hunting Methodology (part 2) =
https://blog.usejournal.com/bug-hunting-methodology-part-2-5579dac06150
5. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21
6. Holdswarth Penetration Testing Methodology (part 1) =
https://medium.com/dvlpr/penetration-testing-methodology-part-1-6-recon-9296c4d07c8a
7. Holdswarth Penetration Testing Methodology (part 2) =
YouTube
NahamSec
HACK THE PLANET!!
Hi! I'm NahamSec. I think everyone can be a hacker and I'm on a mission to prove that!
Hi! I'm NahamSec. I think everyone can be a hacker and I'm on a mission to prove that!
8. Wired = https://www.wired.com/category/threatlevel
9. Zdnet = https://www.zdnet.com/blog/security
10. Brain Kerbs = https://krebsonsecurity.com
11. Bruce Schneier = https://www.schneier.com
[ Conferences ] :
1. Black Hat = https://www.youtube.com/user/BlackHatOfficialYT
2. DEFCON = https://www.youtube.com/user/DEFCONConference
3. Adrian Crenshaw = https://www.youtube.com/user/irongeek
4. infocon (Hacking Conference Archive) = https://infocon.org/cons/
[ Github Repositories ] :
1. Book of Secret Knowledge = https://github.com/trimstray/the-book-of-secret-knowledge
2. Awesome Hacking = https://github.com/Hack-with-Github/Awesome-Hacking
3. Awesome Bug Bounty = https://github.com/djadmin/awesome-bug-bounty
4. Awesome Penetration Testing = https://github.com/wtsxDev/Penetration-Testing
5. Awesome Web Hacking = https://github.com/infoslack/awesome-web-hacking
6. Awesome Hacking Resources = https://github.com/vitalysim/Awesome-Hacking-Resources
7. Awesome Pentest = https://github.com/enaqx/awesome-pentest
8. Awesome Red Teaming = https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
9. Awesome Web Security = https://github.com/qazbnm456/awesome-web-security
10. Penetration Test Guide based on OWASP = https://github.com/Voorivex/pentest-guide
11. Pentest Compilation = https://github.com/adon90/pentest_compilation
12. Infosec Reference = https://github.com/rmusser01/Infosec_Reference
[ Cheat Sheets ] :
1. Pentest Cheat Sheets = https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
2. Linux Commands Cheat Sheet = https://highon.coffee/blog/linux-commands-cheat-sheet/
3. Nmap Cheat Sheet = https://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692
9. Zdnet = https://www.zdnet.com/blog/security
10. Brain Kerbs = https://krebsonsecurity.com
11. Bruce Schneier = https://www.schneier.com
[ Conferences ] :
1. Black Hat = https://www.youtube.com/user/BlackHatOfficialYT
2. DEFCON = https://www.youtube.com/user/DEFCONConference
3. Adrian Crenshaw = https://www.youtube.com/user/irongeek
4. infocon (Hacking Conference Archive) = https://infocon.org/cons/
[ Github Repositories ] :
1. Book of Secret Knowledge = https://github.com/trimstray/the-book-of-secret-knowledge
2. Awesome Hacking = https://github.com/Hack-with-Github/Awesome-Hacking
3. Awesome Bug Bounty = https://github.com/djadmin/awesome-bug-bounty
4. Awesome Penetration Testing = https://github.com/wtsxDev/Penetration-Testing
5. Awesome Web Hacking = https://github.com/infoslack/awesome-web-hacking
6. Awesome Hacking Resources = https://github.com/vitalysim/Awesome-Hacking-Resources
7. Awesome Pentest = https://github.com/enaqx/awesome-pentest
8. Awesome Red Teaming = https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
9. Awesome Web Security = https://github.com/qazbnm456/awesome-web-security
10. Penetration Test Guide based on OWASP = https://github.com/Voorivex/pentest-guide
11. Pentest Compilation = https://github.com/adon90/pentest_compilation
12. Infosec Reference = https://github.com/rmusser01/Infosec_Reference
[ Cheat Sheets ] :
1. Pentest Cheat Sheets = https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets
2. Linux Commands Cheat Sheet = https://highon.coffee/blog/linux-commands-cheat-sheet/
3. Nmap Cheat Sheet = https://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692
ZDNET
Security
ZDNET news and advice keep professionals prepared to embrace innovation and ready to build a better future.
2. OWASP WebGoat Project = https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
3. OWASP Juice Shop Project = https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
4. Vulnhub = https://www.vulnhub.com
5. bWAAP = http://www.itsecgames.com
6. Metasploitable 2 = https://metasploit.help.rapid7.com/docs/metasploitable-2
7. HackTheBox = https://www.hackthebox.eu
8. AttackDefence = https://attackdefense.com
9. HackThisSite= https://www.hackthissite.org
10. Rootme = https://www.root-me.org/?lang=en
11. Enigmagroup Challenges = https://www.enigmagroup.org/pages/challenges
12. Hackxor = https://hackxor.net
13. Natas = http://overthewire.org/wargames/natas/
14. HackMe = https://hack.me/explore/
[ Talks (Bug Bounty) ] :
1. Bug Bounty Field Manual (Adam Bacchus) =
https://www.youtube.com/watch?v=aNyK1yVLLRI
2. Tales of a Bug Bounty Hunter (Arne Swinnen) =
https://www.youtube.com/watch?v=Ehq6ofUbslI
3. Doing Recon Like a Boss (Ben Sadeghipour) : https://www.youtube.com/watch?v=1Kg0_53ZEq8
4. Bug Bounty Hunters Lessons From Darth Vader = https://www.youtube.com/watch?v=DB42tvvJhHw
5. Attacking Modern Web Technologies (Frans Rosén) = https://www.youtube.com/watch?v=vRqcUS4CPFs
6. How to Win Over Security Teams and Gain Influence (Frans Rosén) = https://www.youtube.com/watch?v=Uyjkgsu-mrU
7. Bug Bounty Hunting Methodology V3 (Jason Haddix) = https://www.youtube.com/watch?v=Qw1nNPiH_Go
8. Bug Bounty Hunting Methodology V2 (Jason Haddix) =
https://www.youtube.com/watch?v=C4ZHAdI8o1w
9. How to Shot Web V2 (Jason Haddix) = https://www.youtube.com/watch?v=-FAjxUOKbdI
10. How to Differentiate Yourself as a Bug Hunter (Mathias Karlsson) = https://www.youtube.com/watch?v=WTH6f0R7uzo
11. Screw Becoming A Pentester I Want To Be A Bug Bounty Hunter! = https://www.youtube.com/watch?v=ceJG4k27dcQ
12. Hunting for Top Bounties (Nicolas Grégoire) = https://www.youtube.com/watch?v=mQjTgDuLsp4
[ Twitter ] :
1. # Tag's you should Follow :
#bugbounty #bugbountytip #bugbountytips #infosec
#togetherwehitharder
2. Security Researches List (Bugcrowd) = https://twitter.com/bugcrowd/lists/security-researchers
3. 5 Tips to Make the Most of Twitter as a Pentester or Bug Hunter = https://pentester.land/tips-n-tricks/2018/10/23/5-tips-to-make-the-most-of-twitter-as-a-pentester-or-bug-bounty-hunter.html
[ Courses/Certifications ($) ] :
1. SANS = https://www.sans.org/courses
2. Offensive Security = https://www.offensive-security.com/information-security-certifications/
3. ElearnSecurity = https://www.elearnsecurity.com/course/
4. Pentester Academy = https://www.pentesteracademy.com/topics
5. Hakin9 = https://hakin9.org/online-courses-2/
[ Linux Distributions ] :
1. Kali Linux = https://www.kali.org
2. Parrot = https://www.parrotsec.org
3. Blackarch = https://blackarch.org
[ Tools ] :
1. Research Tools (Bugcrowd) = https://forum.bugcrowd.com/t/researcher-resources-tools/167
2. Red Teaming Toolkit = https://github.com/infosecn1nja/Red-Teaming-Toolkit
3. 40 Best Penetration Testing Tools = https://www.guru99.com/top-5-penetration-testing-tools.html
4. Penetration Testing Tools Cheat Sheet = https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
5. A Good Pentesting Tools List = https://www.reddit.com/r/Pentesting/comments/9ondj5/a_good_pentesting_tools_list/
6. Awesome Hacking Tools = https://github.com/m4ll0k/Awesome-Hacking-Tools
7. Bugbountyforum Suggested tools= https://bugbountyforum.com/tools/
8. Web Penetration Testing Arsenal = https://pastebin.com/5mBudvMt
[ Bug Bounty Platforms ] :
1. Hacker1 = https://www.hackerone.com
2. Bugcrowd = https://www.bugcrowd.com
3. Synack = https://www.synack.com
4. Cobalt = https://cobalt.io
5. intigriti = https://www.intigriti.com
[ News Sites] :
1. The Hacker News = https://thehackernews.com
2. HackRead = https://www.hackread.com
3. Naked Security = https://nakedsecurity.sophos.com
4. bleepingcomputer = https://www.bleepingcomputer.com
5. CSO = https://www.csoonline.com
6. Threat Post = https://threatpost.com
7. Dark Reading = https://www.darkreading.com
3. OWASP Juice Shop Project = https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
4. Vulnhub = https://www.vulnhub.com
5. bWAAP = http://www.itsecgames.com
6. Metasploitable 2 = https://metasploit.help.rapid7.com/docs/metasploitable-2
7. HackTheBox = https://www.hackthebox.eu
8. AttackDefence = https://attackdefense.com
9. HackThisSite= https://www.hackthissite.org
10. Rootme = https://www.root-me.org/?lang=en
11. Enigmagroup Challenges = https://www.enigmagroup.org/pages/challenges
12. Hackxor = https://hackxor.net
13. Natas = http://overthewire.org/wargames/natas/
14. HackMe = https://hack.me/explore/
[ Talks (Bug Bounty) ] :
1. Bug Bounty Field Manual (Adam Bacchus) =
https://www.youtube.com/watch?v=aNyK1yVLLRI
2. Tales of a Bug Bounty Hunter (Arne Swinnen) =
https://www.youtube.com/watch?v=Ehq6ofUbslI
3. Doing Recon Like a Boss (Ben Sadeghipour) : https://www.youtube.com/watch?v=1Kg0_53ZEq8
4. Bug Bounty Hunters Lessons From Darth Vader = https://www.youtube.com/watch?v=DB42tvvJhHw
5. Attacking Modern Web Technologies (Frans Rosén) = https://www.youtube.com/watch?v=vRqcUS4CPFs
6. How to Win Over Security Teams and Gain Influence (Frans Rosén) = https://www.youtube.com/watch?v=Uyjkgsu-mrU
7. Bug Bounty Hunting Methodology V3 (Jason Haddix) = https://www.youtube.com/watch?v=Qw1nNPiH_Go
8. Bug Bounty Hunting Methodology V2 (Jason Haddix) =
https://www.youtube.com/watch?v=C4ZHAdI8o1w
9. How to Shot Web V2 (Jason Haddix) = https://www.youtube.com/watch?v=-FAjxUOKbdI
10. How to Differentiate Yourself as a Bug Hunter (Mathias Karlsson) = https://www.youtube.com/watch?v=WTH6f0R7uzo
11. Screw Becoming A Pentester I Want To Be A Bug Bounty Hunter! = https://www.youtube.com/watch?v=ceJG4k27dcQ
12. Hunting for Top Bounties (Nicolas Grégoire) = https://www.youtube.com/watch?v=mQjTgDuLsp4
[ Twitter ] :
1. # Tag's you should Follow :
#bugbounty #bugbountytip #bugbountytips #infosec
#togetherwehitharder
2. Security Researches List (Bugcrowd) = https://twitter.com/bugcrowd/lists/security-researchers
3. 5 Tips to Make the Most of Twitter as a Pentester or Bug Hunter = https://pentester.land/tips-n-tricks/2018/10/23/5-tips-to-make-the-most-of-twitter-as-a-pentester-or-bug-bounty-hunter.html
[ Courses/Certifications ($) ] :
1. SANS = https://www.sans.org/courses
2. Offensive Security = https://www.offensive-security.com/information-security-certifications/
3. ElearnSecurity = https://www.elearnsecurity.com/course/
4. Pentester Academy = https://www.pentesteracademy.com/topics
5. Hakin9 = https://hakin9.org/online-courses-2/
[ Linux Distributions ] :
1. Kali Linux = https://www.kali.org
2. Parrot = https://www.parrotsec.org
3. Blackarch = https://blackarch.org
[ Tools ] :
1. Research Tools (Bugcrowd) = https://forum.bugcrowd.com/t/researcher-resources-tools/167
2. Red Teaming Toolkit = https://github.com/infosecn1nja/Red-Teaming-Toolkit
3. 40 Best Penetration Testing Tools = https://www.guru99.com/top-5-penetration-testing-tools.html
4. Penetration Testing Tools Cheat Sheet = https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
5. A Good Pentesting Tools List = https://www.reddit.com/r/Pentesting/comments/9ondj5/a_good_pentesting_tools_list/
6. Awesome Hacking Tools = https://github.com/m4ll0k/Awesome-Hacking-Tools
7. Bugbountyforum Suggested tools= https://bugbountyforum.com/tools/
8. Web Penetration Testing Arsenal = https://pastebin.com/5mBudvMt
[ Bug Bounty Platforms ] :
1. Hacker1 = https://www.hackerone.com
2. Bugcrowd = https://www.bugcrowd.com
3. Synack = https://www.synack.com
4. Cobalt = https://cobalt.io
5. intigriti = https://www.intigriti.com
[ News Sites] :
1. The Hacker News = https://thehackernews.com
2. HackRead = https://www.hackread.com
3. Naked Security = https://nakedsecurity.sophos.com
4. bleepingcomputer = https://www.bleepingcomputer.com
5. CSO = https://www.csoonline.com
6. Threat Post = https://threatpost.com
7. Dark Reading = https://www.darkreading.com
Vulnhub
Vulnerable By Design ~ VulnHub
VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Web Application Penetration Testing Course:
https://docs.google.com/document/d/101EsKlu41ICdeE7mEv189SS8wMtcdXfRtua0ClYjP1M/mobilebasic
https://docs.google.com/document/d/101EsKlu41ICdeE7mEv189SS8wMtcdXfRtua0ClYjP1M/mobilebasic
Forwarded from ExploitHub [VIP]
How to bypass SMS verification of any website / service
Receive an SMS: https://receive-a-sms.com
SMS Receive free: https://smsreceivefree.com
Online SMS: https://sms-online.co
Receive SMS online: https://smsreceiveonline.com
Get a free SMS number: https://getfreesmsnumber.com
Receive SMS: http://sms-receive.net
Receive SMS Online.NET: https://www.receivesmsonline.net
Free SMS checks: www.freesmsverifications.com
7 SIM.NET: http://7sim.net
HS3X: http://hs3x.com
Receive free SMS: http://receivefreesms.com
Receive free SMS.NET: http://receivefreesms.net
Receive SMS Online.IN: http://receivesmsonline.in
Receive SMS online: https://receive-sms-online.com
See SMS: https://www.smsver.com
Groovl: https://www.groovl.com
SMS.SELLAITE: http://sms.sellaite.com
Send SMS now: http://www.sendsmsnow.com
Receive SMS online.EU: http://receivesmsonline.eu
Proovl: https://www.proovl.com/numbers
Anon SMS: https://anon-sms.com
Hide my numbers: http://hidemynumbers.com
Pinger: https://www.pinger.com
Free online phone: https://www.freeonlinephone.org
5SIM: https://5sim.net
SkyCallbd free virtual number: http://www.freevirtu...r.skycallbd.com
Capture SMS: https://catchsms.com
SMS Get: http://smsget.net
1S2U: https://1s2u.com
Receive SMS: http://getsms.org
Vritty: https://virtty.com
Text anywhere: http://www.textanywhere.net
Receive SMS online.ME: http://receivesmsonline.me
Temporary emails: https://www.temp-mails.com
Purchase virtual number: http://www.virtualnumberbuy.com
Free Receive SMS online: http://freereceivesmsonline.com
NDTAN SMS: https://sms.ndtan.net
SMS Listen: https://smslisten.com
Free virtual SMS number: https://freevirtualsmsnumber.com
SMS Tibo: https://smstibo.com
Receive SMS number: https://receivesmsnumber.com
Free SMS code: https://freesmscode.com
Online SMS numbers: https://smsnumbersonline.com
SMS reception: https://smsreceiving.com
Trash Mobile https://es.mytrashmobile.com/numeros
Receive an SMS: https://receive-a-sms.com
SMS Receive free: https://smsreceivefree.com
Online SMS: https://sms-online.co
Receive SMS online: https://smsreceiveonline.com
Get a free SMS number: https://getfreesmsnumber.com
Receive SMS: http://sms-receive.net
Receive SMS Online.NET: https://www.receivesmsonline.net
Free SMS checks: www.freesmsverifications.com
7 SIM.NET: http://7sim.net
HS3X: http://hs3x.com
Receive free SMS: http://receivefreesms.com
Receive free SMS.NET: http://receivefreesms.net
Receive SMS Online.IN: http://receivesmsonline.in
Receive SMS online: https://receive-sms-online.com
See SMS: https://www.smsver.com
Groovl: https://www.groovl.com
SMS.SELLAITE: http://sms.sellaite.com
Send SMS now: http://www.sendsmsnow.com
Receive SMS online.EU: http://receivesmsonline.eu
Proovl: https://www.proovl.com/numbers
Anon SMS: https://anon-sms.com
Hide my numbers: http://hidemynumbers.com
Pinger: https://www.pinger.com
Free online phone: https://www.freeonlinephone.org
5SIM: https://5sim.net
SkyCallbd free virtual number: http://www.freevirtu...r.skycallbd.com
Capture SMS: https://catchsms.com
SMS Get: http://smsget.net
1S2U: https://1s2u.com
Receive SMS: http://getsms.org
Vritty: https://virtty.com
Text anywhere: http://www.textanywhere.net
Receive SMS online.ME: http://receivesmsonline.me
Temporary emails: https://www.temp-mails.com
Purchase virtual number: http://www.virtualnumberbuy.com
Free Receive SMS online: http://freereceivesmsonline.com
NDTAN SMS: https://sms.ndtan.net
SMS Listen: https://smslisten.com
Free virtual SMS number: https://freevirtualsmsnumber.com
SMS Tibo: https://smstibo.com
Receive SMS number: https://receivesmsnumber.com
Free SMS code: https://freesmscode.com
Online SMS numbers: https://smsnumbersonline.com
SMS reception: https://smsreceiving.com
Trash Mobile https://es.mytrashmobile.com/numeros
Receiveasms
Receive SMS Online
* { margin: 0; padding: 0; } ul { margin: 0 auto; text-align: center; list-style-type: none; } .li { display: inline-block; vertical-align: top; margin: 10...