(Technical) Pen-Testing Resources
(Technical) Pen-Testing Resources
Sites/Blogs/Forums/Report Platform
• Multi-func sites
• https://www.t00ls.net/
• FreeBuf
• Security guest
• 91ri.org
• Vulnerability bank
• mottoin
• seebug
• sec-wiki
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Sec-News
• hi 0 x 0
• Principal Online
• https://www.hellboundhackers.org/
• https://www.hackerone.com/
• https://navisec.it/
• myhack58
• Red-black alliance
• Evil hex
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• nullsecurity
Blogs
• The road to Principal
• Kotowicz
• Twosecurity
• https://null-byte.wonderhowto.com/
• Ethan
• https://www.n0tr00t.com/
• https://paper.seebug.org/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• https://github.com/evilcos/papers
• bestwing.me
• MDSec
• evi1m0 (Evil-say)
• hackfun.org
• xsec.io
• Cosine
• Zhihu
• Dark thread
• noob.ninja
• riusksk
• hackdog
• Qimingyu
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• drop
• bluescreenofje
• 04z.net
• dhb133
• neeao
• pkav
• virink
• error
• 5alt
• Ghost’s Blog
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• x2know
• seay
• wing
• sky
• Ha1g0
• SecuritySite
• pentest-bookmarks
Report Platform
• http://0day5.com/
• https://www.exploit-db.com/
• w0rms.com
• https://x.threatbook.cn
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• The latest vulnerability — not safe
• WooYun
• https://wooyun.shuimugan.com/
• http://www.milw0rm.com/
Forums
• Prophet Security Technology Community
• Watching snow
• 8th man
• Evil octal
• My love crack
• China UNIX
• ichunqiu BBS
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Hack Forums
• https://security.stackexchange.com/
• https://reverseengineering.stackexchange.com/
• https://crypto.stackexchange.com/
Mailing Lists
• http://seclists.org/bugtraq/
• http://seclists.org/oss-sec/
• http://seclists.org/fulldisclosure/
• BlackArch Linux
• Parrot Security OS
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• BackBox — Based on Ubuntu
• docker_msf
• Vulhub
• VulApps
Tools — Encode/Decode
• XSS’OR
• evilcos/xssor
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• XSSEE
• oschina tools
• chinaz tools
Tools — Crypto
• Frequency/subsitition/…
• Frequency Counter
• quipqiup
• The_Black_Chamber
• Visualized monogram-bigram-and-trigram-frequency-counts
Steganography
• stegdetect
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
hash
• Hash-Buster
• Hash (MD5, NTLM, LM, SHA) password online crack website list
MD5
• http://www.cmd5.com/
• MD5Decrypter(uk)
• Plain-Text
• Crackfoo -NNC
• Hashcrack
• Gdata
• MD5this
• MD5crack
• Hazelnut
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Joomlaaa
• Igrkio
• MD5decrypter
• Shell
• NetMD5crack
• XMD5
• TheKaine
• InsidePro
• MD5pass
• Generate
• AuthSecu
• MD5decryption
• Schwett
• Crackfor.me
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• MD5-piece
• Drasen
• Gromweb
• MD5hood
• MD5.my-addr
• MD5online
• Macrosoftware
• Bokehman
• MD5-decrypter
• Thoran
• C0llision
• Rednoize
• web-security-services
• MD5-lookup
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• CMD5
• Tmto
• Shalla
• Hash-Database
• Bokehman
• Benramsey
• Digitalsun
• Calculator
• StringFunction
• Toolz
• Fox21
• Gat3way
• Without
• Appspot
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• HashCracking.ru
• Anqel
• O ensive-Security
• Altervista
• Xanadrel
• Beeeer
• Kinginfet
• AskCheck
• hash-cracker.com
• agilobable.pl
• MD5 nder
• Wordd
• MD5Rainbow
• overclock
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• plain-text.info (irc.Plain-Text.info #rainbowcrack — irc.rizon.net
#rainbowcrack)
NTLM
• MD5decrypter(uk)
• Plain-Text
• NiceNameCrew
• HashCrack
• Tmto
• Fox21
• LMCrack
• hash-cracker.com
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
LM
• Plain-Text
• NiceNameCrew
• HashCrack
• C0llision
• Tmto
• Fox21
• LMCrack
• O ensive-Security
SHA1
• MD5Decrypter(uk)
• Rednoize
• Web-Security-Services
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• SHA1-Lookup
• CMD5
• Tmto
• Hash-Database
• Toolz
• Without
• HashCracking.ru
• AskCheck
• stringfunction
• hash-cracker.com
SHA 256–512
• Shalla
• Hash-Database
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• AskCheck
MySQL
• HashCrack
• CMD5
• HashCracking.ru
WPA-PSK)
• MD5Decrypter(uk)
• WPA2Crack.com
• WPACracker
• Question-Defense
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Ip check the domain name
• dns.aizhan.com
• Subdomain enumeration
• A domain scanner
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Subdomain name enumeration based on dns query
• 710Kit
• Subdomain query
• Gobuster
• Tools for collecting website URIs and DNS subdomains written in the Go
language
Tools — XSS
• XSStrike
• XSStrike is a program which can crawl, fuzz and bruteforce parameters for
XSS. It can also detect and bypass WAFs.
• xsschef
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• mosquito
• xssfork
• ezXSS
• scanning
• BruteXSS
• XSSTracer
• fuzzXssPHP
• xss_scan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Batch scan xss python script
• autoFindXssAndCsrf
• xss
• NoSQLMap
• SQLiScanner
• DSSS
• Feigong
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• MySQL injection scripts that change freely for various situations
• NoSQLAttack
• bbqsql
• PowerUpSQL
• whitewidow
• mongoaudit
• commix
• Cr3dOv3r
• x-crack
• htpwdScan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• A simple HTTP brute force attack, collision library attack script
• BBScan
• GitHack
• BScanner
• Fenghuangscanner_v3
• F-Scrack
• cupp
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• genpAss
• crack_ssh
• Comfortable
• GitPrey
• gitscan
• tru eHog
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• GitHub sensitive information scanning tools, including detection commits,
etc.
• GitHarvester
• gitleaks
• x-patrol
• pydictor
• Blasting_dictionary
• Password dictionary
• xxe-recursive-download
• xlog
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Web log scanning tool
• anoNmap
• wyportmap
• weak lescan
• getcms
• wafw00f
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• WAF product ngerprint recognition
• wa d
• sslscan
• whatweb
• Web ngerprinting
• FingerPrint
• Scan-T
• Nscan
• F-NAScan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Network asset information scanning, ICMP survivability detection, port
scanning, port ngerprint service identi cation
• F-MiddlewareScan
• Middleware scanning
• dirsearch
• bannerscan
• RASscan
• bypass_waf
• WAFNinja
• xcdn
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Try to nd out the real ip behind cdn
• BingC
• DirBrute
• httpscan
• doom
• grab.js
• Fast TCP ngerprint capture parsing tool like zgrab, support more
protocols
• whichCDN
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• bcrpscan
• Breacher
• DirBrute
• VulScritp
• network_backdoor_scanner
• mimikatz
• PowerSploit
• PowerShell
• Powershell tools 合集
• p0wnedShell
• hunter
• LaZagne
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• mimipenguin
• johnny
• LaZagne
• icebreaker
• Powershell-RAT
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• The weblogic exploit command of the java deserialization vulnerability
echoes exp
• cmsPoc
• hackUtils
• ysoserial
• Jenkins
• dzscan
• CMS-Exploit-Framework
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• CMS attack framework
• IIS_shortname_Scanner
• Flash scanner
• Flashxss scan
• SSTIF
• tplmap
• dockerscan
• break-fast-serial
• dirtycow.github.io
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Dirty cattle empowerment vulnerability exp
• a2sv
• msdat
• xxegen
• DSXS
• php-static-analysis-tools
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Php static scan toolset
• phpstan
• cobra
• phpvulhunter
• php-malware- nder
• phptrace
• hNodeJsScan
• BadCode
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• pyvulhunter
• dawnscanner
• brakeman
• Mobile-Security-Framework-MobSF/
• iOSSecAudit
• Found
• angr
• honggfuzz-rs
• wina
• NodeFuzz
• us-fuzz
• halphafuzzer/
• LibFuzzer
• wfuzz
• htpwdScan
• XSS-Radar
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Tools for fast XSS Fuzz testing, currently only supports Chrome browser
extensions
• OSS Fuzz
• kDriver-Fuzzer
• metasploitHelper
• OWASP-Nettacker
• pocscan
• Pocsuite
• Beehive
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Bugscan
• BugScan-Doc
• getsploit
• One-Lin3r
• POC-T
• Adding to Nmap
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• vulners-scanner
• V3n0M-Scanner
• BlackWidow
• w8scan
• whitewidow
• CMSmap
• AngelSword
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Luna
• Zeus-Scanner
• passive_scan
• S7scan
• Striker
• Xunfeng
• The patrol is a rapid emergency response and cruise scanning system for
enterprise intranets.
• ZeroExploit
• ark
• ReconDog
• http://www.arachni-scanner.com
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• http://github.com/Arachni/arachni
• AZScanner
• lalascan
• BkScanner
• GourdScanV2
• pentestdb
• passive_scan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Http proxy based web vulnerability scanner
• Sn1per
• pentestEr_Fully-automatic-scanner
• 3xp10it
• lcyscan
• POC-T
• V3n0M-Scanner
• leakScan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Online vulnerability scanning on the web
• AnyScan
• In development…
• Hscan-Win-Gui
• DorkNet
• AutoSploit
• w9scan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Scanners-Box
• HUNT
Tools — Shell
• webshell
• Cknife
• antSword
• antSword-shells
• PyShell
• Python backdoor
• PyCmd
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Python+php+jsp WebShell (a sentence Trojan)
• hackUtils
• phpsploit
• hack_tools_for_me
• p0wnedShell
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Tools —Wireless wi / IoT
• Wireless network penetration, scanning
• fern-wi -cracker
• PytheM
• WiFi-Pumpkin
• wi -arsenal
• wi test
• Wireless-Router-Vulnerability
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• IoTSeeker
• iotdb
• Routerhunter-2.0
• routersploit
• telnet-scanner
• PRICE
• LocalNetworkScanner
• Xunfeng
• theHarvester
• Multisearch-v2
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Binary EXP authoring tool
• pwntools
• uncle
• frida
• Inject JavaScript to explore native apps on Windows, Mac, Linux, iOS and
Android
• Sickle
• radare2
• CHAOS
• https://github.com/secretsquirrel/the-backdoor-factory
• https://github.com/secretsquirrel/BDFProxy
• https://github.com/byt3bl33d3r/MITMf
• mallory
• LANs.py
• wi phisher
• Wi shing
• PhishLulz
• mitmproxy
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• An interactive TLS-capable intercepting HTTP proxy for penetration testers
and software developers.
Tools — Defense
• Malware analysts and reverse-engineering env
• Find_webshell
• Php backdoor detection, script is simple, so there are problems with high
false positives and low e ciency
• ScanBackdoor
• BackdoorMan
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• ndWebshell
• HaboMalHunter
• PlagueScanner
• php-malware- nder
• PHP-Shell-Detector
• malwarecage
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• x-waf
• binwalk
• binmap
• System scanner for nding programs and libraries and then collecting
their dependencies, links, etc.
• rp
• badger
• peda
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Python Exploit Development Assistance for GDB
• billgates-botnet-tracker
• RATDecoders
• angr
• pysonar2
• shellcheck
• andcsufbo
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• x-waf
• tx_lua_waf
• owasp-modsecurity-crs
• waf-research
• phpwaf
• DDOS protection
• Dshield
• Database rewall
• DBShield/
• Yulong-hids
Tools — Mining
• xmrig
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• coin-hive
Tools — Miscellaneous
• SocialEngineeringPayloads
• github_arsenal
• Github arsenal
• SecLists
• fuzzdb
• malwares
• ExploitKit
• nullsecurity
• BlueLotus_XSSReceiver
• XSS platform
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• CTF tool
• scanner
• BB2 scanner
• AWVS
• Vulnerability scanning
• OwaspZAP
• Vulnerability scanning
• Burp suite
• Vulnerability scanning
• [Artifact] Burp Suite Pro Loader & Keygen By surferxyz (with v1.7.31
original)
• Solve the full version of the Burp time expiration problem — h4ck0ne.docx
• backslash-powered-scanner
• ActiveScan++
• JSON Beauti e
• HUNT
• Metadata
• payloads
• Nessus
• udfhack
• Science online
• XX-Net
• xsocks
• v2ray-core
• TangScan
• Beebeeto-framework
• httpie
• The http command line client can send various http requests from the
command line construct (similar to Curl)
• BeEF
• Vtools
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• webscanner
• phpaudit
• frida
• pwn
• Firefox-Security-Toolkit
• al-khaser
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Public malware techniques used in the wild: Virtual Machine, Emulation,
Debuggers, Sandbox detection.
• pcap-analyzer
• awesome-spider
• pentest_tools\
• pwndocker
• vFuckingTools
• ctf-tools
• Attacks
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Bettercap — Framework to perform MITM (Man in the Middle) attacks.
• Crypto
• Bruteforcers
NULL) call
• Forensics
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• PDF Streams In ater — Find and extract zlib les compressed in PDF les
• Networking
• Nmap — open source utility for network discovery and security auditing
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Reversing
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• IDA Pro — Most used Reversing software
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• RABCDAsm — Collection of utilities including an ActionScript 3
assembler/disassembler.
• Services
• Steganography
• Web
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• XSSer — Automated XSS testor
• WhatWaf
• Usage of
• Burp
• nikto
• Openvas
• SQLMap
• Netcat
• Dirbuster/ wfuzz
• Hydra
• Kewl
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Wp-scan
• dig
• Knowledge of
• HTTP protocol and HTTP Methods (GET, POST, OPTIONS, PUT, TRACE)
• DNS
• CGI
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
sites
• Security
• Web-Security-Learning
• Software-Security-Learning
• webgoat-Injection
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• WAF-Bypass
• Audit-Learning
• PHP-code-audit
• XSS-Filter-Evasion-Cheat-Sheet-CN
• EN address
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Web Hacking 101 Chinese version
• awesome#security
• awesome-infosec
• What are the places where you can learn about information security and
network security?
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• How to learn hacking techniques across industries? Is the profession not
correct?
• Hacker Manifesto
• https://support.portswigger.net/customer/portal/topics/792273-burp-
testing-methodologies/articles
• https://digi.ninja/blog/when_all_you_can_do_is_read.php
• https://www.exploit-db.com/docs/12389.pdf
• http://www.slideshare.net/SOURCEConference/wfuzz-para-penetration-
testers
• https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
• http://www.tutorialspoint.com/http/http_methods.htm
• http://www.elated.com/articles/your- rst-cgi-script/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• http://www.enigmagroup.org/articles/view/Linux%20Hacking/115-LFI-
Apache-log-poisoning
• http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-
cheat-sheet
• https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_
Contents
• http://resources.infosecinstitute.com/ le-upload-vulnerabilities/
• http://excess-xss.com/
• https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
• http://www.vsecurity.com/download/papers/XMLDTDEntityAttacks.pdf
• ttp://resources.infosecinstitute.com/practical-shellshock-exploitation-
part-1/
• http://resources.infosecinstitute.com/practical-shellshock-exploitation-
part-2/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• sqlmap wiki
• API-Security-Checklist
• Books
• node-sec-roadmap
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Usage of
• Edb, OllyDBG
• Knowledge of
• Program execution ow
• Registers
• sites
• awesome-malware-analysis
• Reverseng
• 《reverse-engineering-for-beginners》
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• RE-for-beginners
• http://insecure.org/stf/smashstack.html
• http://www.intelligentexploit.com/articles/Linux-Stack-Based-Bu er-
Over ows.pdf
• http://beej.us/guide/bggdb/
• http://protostar-solutions.googlecode.com/hg/Stack%206/ret2libc.pdf
• https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-
part-1-stack-based-over ows/
• http://www.slideshare.net/saumilshah/dive-into-rop-a-quick-
introduction-to-return-oriented-programming
• https://speakerdeck.com/barrebas/rop-primer
• https://crypto.stanford.edu/cs155/papers/formatstring-1.2.pdf
• https://www.defcon.org/images/defcon-18/dc-18-
presentations/Haas/DEFCON-18-Haas-Adv-Format-String-Attacks.pdf
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• http://codearcana.com/posts/2013/05/02/introduction-to-format-
string-exploits.html
• http://blog.knapsy.com/blog/2015/11/25/easy- le-sharing-web-server-
v7-dot-2-remote-seh-bu er-over ow-dep-bypass-with-rop/
• secure-ios-app-dev
• browser-security-whitepaper-2017
• Usage of
• Metasploit
• Scalpel / Autopsy
• dd
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Knowledge of
• Binary le structure
• sites
• Linux
• http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
• http://www.0daysecurity.com/penetration-testing/enumeration.html
• http://incolumitas.com/wp-
content/uploads/2012/12/blackhats_view.pdf
• https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
• Windows
• Empowerment skills
• http://www.fuzzysecurity.com/tutorials/16.html
• http://it-ovid.blogspot.com.au/2012/02/windows-privilege-
escalation.html
• http://www.r00tsec.com/2012/11/howto-manual-pentest-windows-
cheatsheet.html
• http://www.windowsecurity.com/articles-
tutorials/misc_network_security/Dissecting-Pass-Hash-Attack.html
• http://www.windowsecurity.com/articles-
tutorials/misc_network_security/PsExec-Nasty-Things-It-Can-Do.html
• Steganography
• http://domnit.org/stepic/doc/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• http://www.sonicvisualiser.org/index.html
• General Forensics
• http://www.g .com/blog/top-20-free-digital-forensic-investigation-tools-
for-sysadmins/
• https://speakerdeck.com/knaps/escape-from-shellcatraz-breaking-out-of-
restricted-unix-shells
Learning — Miscellaneous
• Vulnerability POC & EXP
• 100php
• 1000 PHP code audit cases (before 2016.7 black cloud open vulnerability)
• Some-PoC-oR-ExP
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• exploits
• awesome-cve-poc
• windows-kernel-exploits
• linux-kernel-exploits
• o ce-exploits
• O ce vulnerability collection
• POC-Collect
• CVE-2015–7547 POC
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• JAVA deserialization EXP
• JavaDeserH2HC
• marshalsec
• Use docker to show web attack (php local le contains a demo with
phpinfo getshell and ssrf combined with curl)
• does
• secbook
• hacker101
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Hacker101 is a free class for web security
• collection-document awesome
• ctf-wiki
• ctf-wiki
• CTF-notes
• ctf-write-ups
• Vulnerability bank
• sec-jobs
• OSG-TranslationTeam
• Hack-with-Github/Awesome-Hacking
• carpedm20/awesome-hacking
• chinese version
• sbilly/awesome-security
• awesome-threat-detection
• Mind-Map
• bugbounty-cheatsheet
• paragonie/awesome-appsec
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• awesome-application-security
• Awesome-Fuzzing
• exploit-database
• exploit-database-bin-sploits
• wooyun_public
• python_sec
• Python security and code audit related data collection resource collection
of python security and code review
• Data_hacking collection
• mobile-security-wiki
• Kcon information
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Code-Audit-Challenges
• Vulnerability era
• awesome-incident-response
• Awesome-Red-Teaming
• bugbounty-cheatsheet
• awesome-bug-bounty
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• bug-bounty-reference
• Backup
• 2017-Security-ppt
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Pydictor blasting dictionary generation guide
• Syn-Flood attack
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Intranet host discovery skills supplement
Wargrames/CTFs/VulEnvApp
• Ichunqiu
• google CTF
• facebook CTF
• hackercup
• picoctf
• picoctf 2017
• picoctf.com
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• comp for middle and high school students. 31 Mar — 14 Apr
• picoctf.com/past
• past competitions
• CySCA
• csaw
• ctf.projectdu.org
• ctf for beginners from Deakin uni. Already over but challenges are always
available
• pentesterlab
• metasploitable
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• WebGoat
• mutilidae
• https://sourceforge.net/projects/mutillidae
• OWASP DVWA
• OWASP Bricks
• bwapp
• root-me
• hackthis
• hackthissite
• workshop.chaurocks.com/hackgame/
• overthewire.org
• overthewire.org/wargames/bandit/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• gameofhacks
• ctf.infosecinstitute.com
• vulnhub
• wargame.cs.nctu.edu.tw
• Pwnable.tw
• try2hack.nl
• ctftime.org
• hackgame.chaurocks.com
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Hack This Site — Training ground for hackers.
• http://c .cnmstl.net/
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• geekpwn
• https://infosec.rocks/
• testenv
• n0js Challenges
• ZVulDrill
• VAuditDemo
• ctf-challenges
• Code-Audit-Challenges
• 34c3ctf
• Exploit-Challenges
• ctf-web-prob
• FOS:RASP-PHP
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
WriteUps
• ctfs
• picoctf_2017_writeup
• CTFTime Scrapper — Scraps all writeup from ctf time and organize which
to read rst
• ctf
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Awesome-CTF-Book
• repo
• gitbook
• python-challenge
• My_CTF_Challenges
• p4-team/ctf
• bl4de/ctf
• 2018-QWB-CTF
Miscellaneous
• https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
• https://www.metasploit.com/
• https://www.coursera.org/specializations/cyber-security
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• https://cwe.mitre.org/top25/
• CySCA
• 2014
• 2015
• https://www.cybrary.it/
• course
• https://www.cyberciti.biz/faq/grep-regular-expressions/
course
• http://smashthestack.org/
• http://pwnable.kr/
• https://w3challs.com/
• bugcrowd bug-bounty-list
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
• Chrome Reward
• Vulnerability box
47 claps
Follow
Red C0de
Responses
Write a response…
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD