Although there is a huge amount of useful resources out there easily accessed with just a Google Search, I believe that keeping a short personal favorite list is always handy.
So here is a list of my favorite holy-bible-grade InfoSec resources.
Useful repositories, cheatsheets, CTF stuff and much more!

Useful git repos:

[HUGE] A collection of various awesome lists for hackers, pentesters and security researchers
[HUGE] A collection of awesome penetration testing resources, tools and other shiny things
[HUGE] Gray-Hacker-Resources Useful for CTFs, wargames, pentesting. For fun or profit.

Various ways to do a reverse shell

SecLists – The security tester’s companion

Useful Online tools:

Tio.Run – family of online interpreters
morewords – Find dictionary words for crossword puzzles and word games
Textmechanic – Text manipulation tools
asciitohex – plain/binary/hex/base/decimal/rot13 all together
A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.

Linux Privilege Escalation Checklist:

PEASS – Privilege Escalation Awesome Scripts SUITE
Linux Privilege Escalation Checklist
A guide to Linux Privilege Escalation
CTF Privilege Escalation Checklist
Pentestmonkey unix privesc check
Linux Exploit Suggester
Linux Soft Exploit Suggester
Linux Smart Enumeration
Curated list of Unix binaries that can be exploited for LPE

Windows Privilege Escalation:

PEASS – Privilege Escalation Awesome Scripts SUITE
Windows Privilege Escalation Fundamentals
PayloadsAllTheThings / Methodology and Resources / Windows – Privilege Escalation
Windows Privilege Escalation Guide
OSCP Privilege Escalation Windows
—————————————— NOT ENOUGH? ——————————————
Windows Basic Priv Esc Notes
Windows Exploit Suggester
Windows Privilege Escalation Scripts and Techniques
JakobRPennington Windows Priv Esc
Living Off The Land Binaries and Scripts (and also Libraries)

CTF Stuff:

JohnHammond’s CTF KATANA
CTF Series : Vulnerable Machines
A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares
CTF Writeups 2013 to 2018 and continuing
A curated list of CTF frameworks, libraries, resources and softwares
A curated list of awesome platforms

Cryptography – Cryptanalysis resources

Stego resources

0xRick Steganography – A list of useful tools and resources

SQLi resources

Full SQL Injection Tutorial (MySQL)
SQL Injection Cheat Sheet
Beyond SQLi: Obfuscate and Bypass
Tutorial on SQLi labs


Kali Linux Cheatsheet
ExploitedBunker Pentesting Cheatsheet
Security Cheatsheets
HighOnCoffee Cheat-sheets
PentestMonkey Cheat-sheets
List of file signatures

Prepare for OSCP:
Cybrary OSCP Course
INE OSCP Security Technology Course
TJnullā€™s Preparation Guide for PWK/OSCP
Github OSCP Prep
OSCP survival guide
Github OSCP Prep 2
Total OSCP guide
OSCP Basic notes
OSCP Fun Guide
Guide for OSCP with chapters
Newbie to OSCP
How to Pass OSCP Like Boss.
Passing OSCP – scund00r
OSCP useful resources and tools
OSCP Human Guide
How to pass the OSCP
A curated list of awesome OSCP resources
A reconnaissance tool made for the OSCP labs
HackTheBox OSCP-like Machines

Book recommendations:

[HUGE] Free Programming Notes for every language [.pdf]

Kali Linux Revealed Book
Penetration Testing – A hands-on introduction to Hacking
Mastering Kali Linux for Advanced Penetration Testing
Metasploit – The Penetration Tester s Guide [outdated] RTFM – Red Team Field Manual
Blue Team Field Manual
The Hacker Playbook series
The Web Application Hacker’s Handbook
Serious Cryptography A Practical Introduction to Modern Encryption
Hacking The Art of Exploitation
Attacking Network Protocols by James Forshaw
Ghost in the Wires – My Adventures as the World’s Most Wanted Hacker
Social Engineering – The Art of Human Hacking
The Art of Intrusion

YouTube recommendations:



John Hammond


Null Byte



Motasem Hamdan