Although there is a huge amount of useful resources out there easily accessed with just a Google Search, I believe that keeping a short personal favorite list is always handy.
So here is a list of my favorite holy-bible-grade InfoSec resources.
Useful repositories, cheatsheets, CTF stuff and much more!
Useful git repos:
[HUGE] A collection of various awesome lists for hackers, pentesters and security researchers
[HUGE] A collection of awesome penetration testing resources, tools and other shiny things
[HUGE] Gray-Hacker-Resources Useful for CTFs, wargames, pentesting. For fun or profit.
Various ways to do a reverse shell
SecLists – The security tester’s companion
Useful Online tools:
CyberChef
Tio.Run – family of online interpreters
morewords – Find dictionary words for crossword puzzles and word games
Textmechanic – Text manipulation tools
asciitohex – plain/binary/hex/base/decimal/rot13 all together
A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
Linux Privilege Escalation Checklist:
PEASS – Privilege Escalation Awesome Scripts SUITE
Linux Privilege Escalation Checklist
A guide to Linux Privilege Escalation
CTF Privilege Escalation Checklist
Pentestmonkey unix privesc check
Linux Exploit Suggester
Linux Soft Exploit Suggester
Linux Smart Enumeration
Curated list of Unix binaries that can be exploited for LPE
SecWiki/linux-kernel-exploits
Windows Privilege Escalation:
PEASS – Privilege Escalation Awesome Scripts SUITE
Windows Privilege Escalation Fundamentals
PayloadsAllTheThings / Methodology and Resources / Windows – Privilege Escalation
Windows Privilege Escalation Guide
OSCP Privilege Escalation Windows
https://lolbas-project.github.io/
https://github.com/egre55/windows-kernel-exploits
https://github.com/SecWiki/windows-kernel-exploits
—————————————— NOT ENOUGH? ——————————————
Windows Basic Priv Esc Notes
Windows Exploit Suggester
Windows Privilege Escalation Scripts and Techniques
JakobRPennington Windows Priv Esc
Living Off The Land Binaries and Scripts (and also Libraries)
CTF Stuff:
JohnHammond’s CTF KATANA
CTF Series : Vulnerable Machines
A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares
CTF Writeups 2013 to 2018 and continuing
A curated list of CTF frameworks, libraries, resources and softwares
A curated list of awesome platforms
JohnHammond
Cryptography – Cryptanalysis resources
https://www.dcode.fr/tools-list
https://cryptii.com/
http://rumkin.com/tools/cipher/
http://practicalcryptography.com/
Stego resources
0xRick Steganography – A list of useful tools and resources
SQLi resources
Full SQL Injection Tutorial (MySQL)
SQL Injection Cheat Sheet
Beyond SQLi: Obfuscate and Bypass
Tutorial on SQLi labs
Cheatsheets
[HUGE] https://github.com/detailyang/awesome-cheatsheet
Kali Linux Cheatsheet
ExploitedBunker Pentesting Cheatsheet
Security Cheatsheets
HighOnCoffee Cheat-sheets
PentestMonkey Cheat-sheets
List of file signatures
Prepare for OSCP:
Cybrary OSCP Course
INE OSCP Security Technology Course
OSCP-Survival-Guide
TJnullās Preparation Guide for PWK/OSCP
Github OSCP Prep
OSCP survival guide
Github OSCP Prep 2
Total OSCP guide
OSCP Basic notes
OSCP Fun Guide
Guide for OSCP with chapters
Newbie to OSCP
How to Pass OSCP Like Boss.
Passing OSCP – scund00r
OSCP useful resources and tools
OSCP Human Guide
How to pass the OSCP
A curated list of awesome OSCP resources
A reconnaissance tool made for the OSCP labs
HackTheBox OSCP-like Machines
Book recommendations:
[HUGE] https://github.com/EbookFoundation/free-programming-books
[HUGE] Free Programming Notes for every language [.pdf]
Kali Linux Revealed Book
Penetration Testing – A hands-on introduction to Hacking
Mastering Kali Linux for Advanced Penetration Testing
Metasploit – The Penetration Tester s Guide [outdated]
RTFM – Red Team Field Manual
Blue Team Field Manual
The Hacker Playbook series
The Web Application Hacker’s Handbook
Serious Cryptography A Practical Introduction to Modern Encryption
Hacking The Art of Exploitation
Attacking Network Protocols by James Forshaw
Ghost in the Wires – My Adventures as the World’s Most Wanted Hacker
Social Engineering – The Art of Human Hacking
The Art of Intrusion
YouTube recommendations:
IppSec
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
LiveOverflow
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
John Hammond
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
JackkTutorials
https://www.youtube.com/channel/UC64x_rKHxY113KMWmprLBPA
Null Byte
https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
HackerSploit
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
Computerphile
https://www.youtube.com/channel/UC9-y-6csu5WGm29I7JiwpnA
Motasem Hamdan
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ