Um acervo de incríveis plataformas, blogs, documentos, livros, recursos e coisas legais sobre cibersegurança!
Embora este repositório ainda seja um trabalho em andamento, o objetivo é construir uma coleção categorizada de recursos bem conhecidos, dirigida pela comunidade.
Honestamente, antes de acessar qualquer conteúdo mencionado aqui, é útil se familiarizar com estes atalhos: https://www.shortcutfoo.com/
- Range force
- HTB
- Tryhackme
- Blue team academy
- Kali revealed
- Metasploit Unleashed
- https://platform.mosse-institute.com/#/dashboard
- https://infosec4tc.teachable.com/p/cism2020
- https://riptutorial.com/bash
- https://www.hackerrank.com/domains/shell
- https://pentesterlab.com/
- https://www.pentesteracademy.com/
- https://www.offensive-security.com/labs/individual/
- https://www.vulnhub.com/
- Google doc : vulnhub oscp like vm's list
- Wordpress boxes on vulnhub
- Vulnhub CTF writeups
- Linux Privilige escalation Cheatsheet
- Privilige escalation
- https://hacking-lab.com/
- https://scs.hacking-lab.com/
- Malware Noob2Ninja course
- n3t2.3c
- Hacking-cisco
- Open security training
- Pentest standard
- Security-tube
- Web Security Academy
- https://owasp.org/www-project-juice-shop/
- https://www.bugbountyhunter.com/
- https://www.hacker101.com/
- https://www.hacksplaining.com/
- awesome-web-hacking
-
Open Source Bug Bounty Guide - Methodology, Tools, Resources
-
Aprender como vários stacks funcionam parece ser um aspecto importante do bug bounty, então você precisa aprender pelo menos uma de MERN ou LAMP ou o que quer que seja. Você pode aprender o MERN Stack construindo seu próprio site de revisão de restaurantes do tipo Yelp. MERN significa MongoDB + Express + React + Node.js. Então, na segunda metade do curso, você aprenderá como trocar seu Node.js/Express back end em favor da Arquitetura sem Servidor. (3 horas de curso no YouTube): https://www.freecodecamp.org/news/create-a-mern-stack-app-with-a-serverless-backend/
Como começar com hacking e bug bounties? Reunimos alguns recursos úteis para começar sua jornada de Bug Bounty!
- Guide to learn hacking
- Finding your first bug
- Port Swigger Web Security Academy
- Nahamsec's Twitch
- Nahamsec interviews with top bug bounty hunters
- Nahamsec's beginner repo
- Stök
- InsiderPhD
- Series for new bug hunters
- Jhaddix
- zonduu
- p4nda
- also a blog on subdomain takeovers
- clos2100 on getting started without a technical background -
- al-madjus from 0 to bug hunter
- dee-see's resources for Android Hacking
- hacker101 videos
-
Pwncat é uma plataforma pos-exploração(post-exploitation) para alvos Linux. Ela começou como um invólucro(wrapper) em torno de cascas básicas(basic bind) de encadernação e inversão(reverse shells) e tem crescido a partir daí. Ela simplifica as operações comuns do Red Team enquanto encena o código da sua máquina atacante, não o alvo.
-
Writehat : A pentest reporting tool written in Python. Free yourself from Microsoft Word.
-
Shadrak : Shadrak is a script to generate decompression bomb in various formats.
-
Owasp Zap, uma alternativa gratuita e open source ao burpsuite
- https://ctftime.org/
- https://ctf.hackthebox.eu/ctfs
- https://www.hackthissite.org/
- Hack.me
- Try2Hackme
- Hackthissite
- https://overthewire.org/wargames/
- https://underthewire.tech/wargames
- Pwnable.tw
- Pwnable.kr
- Root-me
- Smash the stack
- Cryptohack.org
- PicoCTF
- CMDchallenge
- Defend the web
- ChaosVPN
- PentestIT
- Overthewire-Warzone
- CTF Difficulty cheatsheet (Vulnhub)
- Malware Analysis Course
- Malware-IR-TH-TI-Resources
- Red Team tactics and techniques
- Red Teaming toolkit
- Red Team
- awesome red teaming
- Powershell red team
- Red Teaming
- Red-team
- Red team diaries
- awesome-web-hacking
- awesome-security
- infosec-resources
- https://github.com/archanchoudhury/Davy-Jones-Locker
- Everything about web application firewalls (WAFs)
- awesome-hacking
- BARF: Binary analysis and reverse engineering framework
- Automatic Linux privesc via exploitation of low-hanging fruit
- CTF-KATANA
- Active-directory-exploitation-cheatsheet
- The book of secret knowledge : A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
- PyWhat : identify anything
- OSEE prep resources
- https://blog.tryhackme.com/free_path/
- From zero to hero in your first pentest
- So you want to be a hacker in 2021
- netsecfocus
- https://nosecurity.blog/cptc2020
- https://null-byte.wonderhowto.com/
- https://portswigger.net/blog/flying-high-in-the-web-security-academy
- https://www.simplycyber.io/free-cyber-resources
- https://blog.g0tmi1k.com/
- https://www.hackingarticles.in/
- https://www.hackingtutorials.org/
- https://www.hacking-tutorial.com/
- The Journey to Try Harder- TJnull's Preparation Guide for PEN-200 PWK OSCP 2.0
- https://hacklido.com/
- What is a block cypher
- freecodecamp blog
- Redhuntlabs blog
- Hackthebox blog
- Tryhackme blog
- Start in infosec
- Ethical Hacking With Hack The Box :A free book for getting started in Ethical Hacking
- Blog Cysource PT-BR
- cybersec labs
- Virtyal Hacking Labs
- https://academy.tcm-sec.com/courses
- INE
- https://hackersacademy.com/
- Cysource PT-BR
- https://startupstash.com/cybersecurity-resources/
- https://threatexpress.com/redteaming/resources/
- Reverse enginering
- https://ippsec.rocks/?#
- https://liveoverflow.com/
- Learn vim or Emacs eu não ligo, não quero começar uma guerra
- Python Cybersecurity - Build your own tools
- Osint framework
- Getting started with OSINT
- Vulnhub resources
Flight rules for Git
https://ohmygit.org/
https://www.freecodecamp.org/news/what-is-git-learn-git-version-control/
Comprehensive Guide to Learn CS Online
Get Started With TypeScript the Easy Way
Machine Learning with Introduction
Fullstackopen : Deep Dive Into Modern Web Development
Learn {Python,Java,C,JavaScript,PHP,Shell,C#}
A beginner’s guide to data visualization with Python
Nice Guide on Modern Python Packages
Intro to Python and Programming for non-CS majors
https://www.gormanalysis.com/blog/python-pandas-for-your-grandpa/
The Modern JavaScript Tutorial
JavaScript 101 - Variables & Primitives
Guide To Javascript Array Functions: Why you should pick the least powerful tool for the job
Learn and practice modern JavaScript
A Hitchhiker's Guide to Containerizing (Spring Boot) Java Apps
A beginner’s guide to CDC (Change Data Capture)
Java 15 Programmer's Guide To Text Blocks
Modern Web Development in Java - The (Never) Complete Guide
The Definitive C++ Book Guide and List
Daniel Donda PT-BR
Guia Anônima PT-BR
Você é bem-vindo para contribuir! Você pode contribuir ao:
- Traduzir esse repositório para outras linguagens
- Adicionar mais ferramentas e recursos
- Adicionando uma estrela nesse repositório :)
👉 Se você tem alguma ideia nova para esse repositório, issue, feedback ou encontrou alguma ferramenta valiosa, sinta-se à vontade para abrir uma issue ou me manda uma mensagem no Discord: @thelastmethbender#4823