Resources

Although there is a huge amount of useful resources out there easily accessed with just a Google Search, I believe that keeping a short personal favorite list is always handy.
So here is a list of my favorite holy-bible-grade InfoSec resources.
Useful repositories, cheatsheets, CTF stuff and much more!

Useful git repos:

[HUGE] A collection of various awesome lists for hackers, pentesters and security researchers
[HUGE] A collection of awesome penetration testing resources, tools and other shiny things

Various ways to do a reverse shell

SecLists – The security tester’s companion

Useful Online tools:

CyberChef
Tio.Run – family of online interpreters
morewords – Find dictionary words for crossword puzzles and word games
Textmechanic – Text manipulation tools
asciitohex – plain/binary/hex/base/decimal/rot13 all together

Linux Privilege Escalation Checklist:

PEASS – Privilege Escalation Awesome Scripts SUITE
Linux Privilege Escalation Checklist
A guide to Linux Privilege Escalation
CTF Privilege Escalation Checklist
Pentestmonkey unix privesc check
Linux Exploit Suggester
Linux Soft Exploit Suggester
Linux Smart Enumeration
Curated list of Unix binaries that can be exploited for LPE
SecWiki/linux-kernel-exploits

Windows Privilege Escalation:

PEASS – Privilege Escalation Awesome Scripts SUITE
Windows Privilege Escalation Fundamentals
PayloadsAllTheThings / Methodology and Resources / Windows – Privilege Escalation
Windows Privilege Escalation Guide
OSCP Privilege Escalation Windows
https://lolbas-project.github.io/
https://github.com/egre55/windows-kernel-exploits
https://github.com/SecWiki/windows-kernel-exploits
Windows Basic Priv Esc Notes
Windows Exploit Suggester
Windows Privilege Escalation Scripts and Techniques
JakobRPennington Windows Priv Esc
Living Off The Land Binaries and Scripts (and also Libraries)

CTF Stuff:

JohnHammond’s CTF KATANA
CTF Series : Vulnerable Machines
A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares
A curated list of CTF frameworks, libraries, resources and softwares

Cryptography – Cryptanalysis resources

https://www.dcode.fr/tools-list
https://cryptii.com/
http://rumkin.com/tools/cipher/
http://practicalcryptography.com/

Stego resources

0xRick Steganography – A list of useful tools and resources

SQLi resources

Full SQL Injection Tutorial (MySQL)
SQL Injection Cheat Sheet
Beyond SQLi: Obfuscate and Bypass
Tutorial on SQLi labs
noobsec.net sqli

Cheatsheets

[HUGE] https://github.com/detailyang/awesome-cheatsheet
Kali Linux Cheatsheet
ExploitedBunker Pentesting Cheatsheet
Security Cheatsheets
HighOnCoffee Cheat-sheets
PentestMonkey Cheat-sheets
List of file signatures

Prepare for OSCP:

OSCP cheatsheet
Cybrary OSCP Course
INE OSCP Security Technology Course
OSCP-Survival-Guide
TJnullā€™s Preparation Guide for PWK/OSCP
Github OSCP Prep
OSCP survival guide
Github OSCP Prep 2
Total OSCP guide
OSCP Basic notes
OSCP Fun Guide
Guide for OSCP with chapters
Newbie to OSCP
How to Pass OSCP Like Boss.
Passing OSCP – scund00r
OSCP useful resources and tools
OSCP Human Guide
How to pass the OSCP
A curated list of awesome OSCP resources
A reconnaissance tool made for the OSCP labs
HackTheBox OSCP-like Machines
noobsec.net OSCP

Book recommendations:

Secrets and Lies – Digital Security in a Networked World
Ghost in the Wires – My Adventures as the World’s Most Wanted Hacker
Social Engineering – The Art of Human Hacking
The Art of Intrusion
The Hacker Playbook series
Hacking The Art of Exploitation
Serious Cryptography A Practical Introduction to Modern Encryption
Kali Linux Revealed Book
Kali Linux Web Penetration Testing Cookbook
Mastering Kali Linux for Advanced Penetration Testing
Metasploit – The Penetration Testers Guide
Mastering Metasploit
Mastering Modern Web Penetration Testing
The Web Application Hacker’s Handbook
Ethical Hacking and Penetration Testing Guide
The Hacker Playbook Practical Guide To Penetration Testing
Penetration Testing – A hands-on introduction to Hacking
RTFM – Red Team Field Manual
Blue Team Field Manual
Professional Red Teaming
Practical Malware Analysis