Cyber Security Resources

The following are the resources which i use and like the most.

This will be regularly updated.

Web Penetration Testing :

Online Resources

1. Hacker101: https://www.hacker101.com
2. Bugcrowd University: https://www.bugcrowd.com/hackers/bugcrowd-university/
3. Hacking Articles: https://www.hackingarticles.in
4. Portswiggers Research Academy: https://portswigger.net/web-security
5. Bugcrowd's Github: https://github.com/bugcrowd/bugcrowd_university
6. Nahamsec's resources: https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
7. Its Little Things by Nahamsec: https://docs.google.com/presentation/d/1xgvEScGZ_ukNY0rmfKz1JN0sn-CgZY_rTp2B_SZvijk/edit#slide=id.g4052c4692d_0_0
8. ZSeano's Barker : https://bugbountyhunter.com
9. The Cyber Mentor: https://www.youtube.com/c/TheCyberMentor/videos
10. Offensive Security Labs: https://portal.offensive-security.com/sign-in
11. INE Pentesting Prerequisites https://my.ine.com/CyberSecurity/courses/309de2a5/penetration-testing-prerequisites
12. INE Pentesting Basics https://my.ine.com/CyberSecurity/courses/6f986ca5/penetration-testing-basics
13. https://gowthams.gitbook.io/bughunter-handbook/
14. The Bug Hunter's Methodology by Jhaddix: https://github.com/jhaddix/tbhm

Youtuber's to follow

1. Nahamsec : https://www.youtube.com/c/Nahamsec
2. STOK: https://www.youtube.com/c/STOKfredrik/videos
3. Hacktify: https://www.youtube.com/channel/UCS82DNnKOhXHcGKxGzQvNSQ
4. HackerSploit: https://youtube.com/c/HackerSploit
5. Tib3rius: https://www.youtube.com/channel/UCs6dtu4e0JL-N4hVszsFpBw

Books to be read

1. Real World Bug Hunting by Peter Yaworski
2. The Web Applications Hackers Handbook 2nd edition
3. Web Hacking 101
4. Bug Bounty Playbook
5. Zseano's Methodology

Some Courses:

1. Hacktify: https://learn.hacktify.in
2. Ethical Hacking by Joseph Delgadillo : https://www.udemy.com/share/101qF6BEQdeFpQQHQ=/
3. The Cyber Mentor's Course: https://www.udemy.com/course/practical-ethical-hacking/
4. Tib3rius’s Privilege Escalation Courses for Win/Linux https://www.udemy.com/user/tib3rius/

Practice Web Penetration Testing

1. OWASP BWA: https://owasp.org/www-project-broken-web-applications/
2. Portswinger's Labs: https://portswigger.net/web-security
3. Metasploitable: https://information.rapid7.com/download-metasploitable-2017.html

Tools to start your bug hunting with

1. Nahamsec's Script: https://github.com/nahamsec/bbht.git
2. Awesome BBHT: https://github.com/0xApt/awesome-bbht
3. Portswinger's Burpsuite: https://portswigger.net/burp
4. OWASP Zap: https://owasp.org/www-project-zap/

Mind Maps

1. https://github.com/imran-parray/Mind-Maps
2. https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
3. https://hacktify.in/mindmap.png
4. https://twitter.com/ITSecurityguard/status/1306278129531486208/photo/1
5. https://twitter.com/Musab1995/status/1317071523946127361

One Liner Collections

1. https://github.com/dwisiswant0/awesome-oneliner-bugbounty
2. https://github.com/OfJAAH/KingOfBugBountyTips

Awesome Bug Bounty Writeups

1. Business Logic Vulns : https://medium.com/bugbountywriteup/all-about-business-logic-flaws-in-web-applications-577d9d80bc33
2. SSRF Automation : https://notifybugme.medium.com/finding-ssrf-by-full-automation-7d2680091d68
3. JavaScript Recon : https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff
4. Github For Bug Bounty Hunters : https://gist.github.com/EdOverflow/922549f610b258f459b219a32f92d10b
5. Windows/Linux Privilege Escaltion : https://github.com/sagishahar/lpeworkshop

CTF's

1. CTFLearn : https://ctflearn.com
2. CTFTime : https://ctftime.org (All About CTF's)

Machine Solving

Online Resources

1. Hack The Box: https://www.hackthebox.eu/
2. TryHackMe: https://tryhackme.com
3. Hacking Articles: https://www.hackingarticles.in
4. Pentester's Labs: https://pentesterlab.com
5. VulnHub: https://www.vulnhub.com
6. Over the Wire: https://overthewire.org/wargames/
7. Reverse Shell Cheat Sheet: http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

Youtuber's to follow

1. Ippsec: https://www.youtube.com/c/ippsec/videos

Learn Linux

Online Resources

1. Linux Journey: https://linuxjourney.com

Courses

1. Introduction to Linux: https://www.edx.org/course/introduction-to-linux
2. Linux for Network Engineers: https://www.udemy.com/course/linux-for-network-engineers-practical-linux-with-gns3/learn/lecture/8124916?start=0#overview

Learn Operating Systems

1. Prof. Messer CompTIA A+ playlist: https://www.youtube.com/watch?v=ChQ18B1hofI&list=PLG49S3nxzAnmwkCAdWUgCFvVK4IxMBTmb

Learn Networking & Security

Books

1. CompTIA Network + Study Guide: https://www.amazon.co.uk/CompTIA-Network-Study-Guide-Authorized/dp/1119432251

Courses

1. CBT Nuggets CompTIA Network: https://www.cbtnuggets.com/it-training/comptia/network-plus
2. INE Free Starter Pass: https://my.ine.com/area/e73fd5a8-2ead-4159-9a25-38b50ad4ab20
3. Professor Messer Network + Playlist: https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/
4. Intro to Cybersecurity by FutureLearn: https://www.futurelearn.com/courses/introduction-to-cyber-security
5. Lectures: MIT Computer Systems Security http://css.csail.mit.edu/6.858/2020/general.html
6. MITRE ATT&CK Course: https://attack.mitre.org/resources/training/cti/
7. Khan Academy Cybersecurity 101: https://www.khanacademy.org/partner-content/nova/nova-labs-topic/cyber/v/cybersecurity-101

OSINT Resources

Online Resources

1. https://www.osintdojo.com/resources/
2. https://gowsundar.gitbook.io/book-of-bugbounty-tips/elastic-search

OSCP Resource

Online Resources

1. OSCP Repo: https://github.com/rewardone/OSCPRepo
2. TJnull’s OSCP Prep Guide https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html#conclusion

Contributors

1. Vaibhav Lakhani: https://github.com/vlakhani28/
2. Denish Vaghasia: https://github.com/D-e-n-i-s-h
3. Akshay Kerkar: https://github.com/Akshaykerkar
4. Zulfikar Bhanji: https://github.com/techforGod