└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # Practical Cyber Security Resources 🌟 2 | 3 | This repository contains a curated list of resources I suggest on LinkedIn and Twitter.πŸ“πŸŒ I hope you find it useful.🌸😌 4 | 5 | In addition, other platforms where you can connect with me for articles, repositories, and more that I will publish in the new year; 6 | 7 | - https://www.linkedin.com/in/brcyrr/ 8 | 9 | - https://twitter.com/brcyrr 10 | 11 | - https://medium.com/@brcyrr 12 | 13 | ### Contents 14 | 15 | - [Pentest General Resources](https://github.com/brcyrr/PracticalCyberSecurityResources#pentest-general-resources-) 16 | - [Web Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#web-pentest-) 17 | - [Mobile Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#mobile-pentest-) 18 | - [Cloud Security & Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#cloud-security--pentest-) 19 | - [Bug Bounty](https://github.com/brcyrr/PracticalCyberSecurityResources#bug-bounty-) 20 | - [OSINT & Google Dorks](https://github.com/brcyrr/PracticalCyberSecurityResources#osint--google-dorks-) 21 | - [API Security & Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#api-security--pentest-) 22 | - [Active Directory](https://github.com/brcyrr/PracticalCyberSecurityResources#active-directory-) 23 | - [Red Teaming](https://github.com/brcyrr/PracticalCyberSecurityResources#red-teaming-) 24 | - [Exploit Development](https://github.com/brcyrr/PracticalCyberSecurityResources#exploit-development-) 25 | - [AppSec & Code Review](https://github.com/brcyrr/PracticalCyberSecurityResources#appsec--code-review-) 26 | - [DevSecOps](https://github.com/brcyrr/PracticalCyberSecurityResources#devsecops-) 27 | - [CTFs & Writeups](https://github.com/brcyrr/PracticalCyberSecurityResources#ctfs--writeups-) 28 | - [Social Engineering](https://github.com/brcyrr/PracticalCyberSecurityResources#social-engineering-) 29 | - [Certifications](https://github.com/brcyrr/PracticalCyberSecurityResources#certifications-) 30 | - [Roadmaps](https://github.com/brcyrr/PracticalCyberSecurityResources#roadmaps-) 31 | - [Security Architecture](https://github.com/brcyrr/PracticalCyberSecurityResources#security-architecture-) 32 | - [IoT Security](https://github.com/brcyrr/PracticalCyberSecurityResources#iot-security-) 33 | - [Container Security](https://github.com/brcyrr/PracticalCyberSecurityResources#container-security-) 34 | - [Blockchain Security](https://github.com/brcyrr/PracticalCyberSecurityResources#blockchain-security-) 35 | - [Threat Modelling](https://github.com/brcyrr/PracticalCyberSecurityResources#threat-modelling-) 36 | - [Kubernetes Security](https://github.com/brcyrr/PracticalCyberSecurityResources#kubernetes-security-) 37 | - [General Resources](https://github.com/brcyrr/PracticalCyberSecurityResources#general-resources-) 38 | 39 | 40 | Happy huntingβ—οΈπŸ‘» 41 | 42 | 43 | ## Pentest General Resources πŸ“ 44 | 45 | - [https://github.com/enaqx/awesome-pentest](https://github.com/enaqx/awesome-pentest) 46 | 47 | - [https://blog.compass-security.com/2019/10/hacking-tools-cheat-sheet/](https://blog.compass-security.com/2019/10/hacking-tools-cheat-sheet/) 48 | 49 | - [https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets](https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets) 50 | 51 | - [https://github.com/Hack-with-Github/Awesome-Hacking](https://github.com/Hack-with-Github/Awesome-Hacking) 52 | 53 | - [https://github.com/juliocesarfort/public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) 54 | 55 | - [https://github.com/vlakhani28/Cyber-Security-Resources](https://github.com/vlakhani28/Cyber-Security-Resources) 56 | 57 | - [https://github.com/wtsxDev/Penetration-Testing](https://github.com/wtsxDev/Penetration-Testing) 58 | 59 | - [https://github.com/wwong99/pentest-notes](https://github.com/wwong99/pentest-notes) 60 | 61 | - [https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets) 62 | 63 | - [https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources](https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources) 64 | 65 | - [https://github.com/Samsar4/Ethical-Hacking-Labs](https://github.com/Samsar4/Ethical-Hacking-Labs) 66 | 67 | - [https://github.com/swisskyrepo/PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) 68 | 69 | - [https://github.com/netbiosX/Checklists](https://github.com/netbiosX/Checklists) 70 | 71 | - [https://hariprasaanth.notion.site/hariprasaanth/THICK-CLIENT-PENTESTING-CHECKLIST-35c6803f26eb4c9d89ba7f5fdc901fb0](https://www.notion.so/35c6803f26eb4c9d89ba7f5fdc901fb0) 72 | 73 | - [https://github.com/SubediBibek-cmd/awesome-network-security](https://github.com/SubediBibek-cmd/awesome-network-security) 74 | 75 | - [https://github.com/carpedm20/awesome-hacking](https://github.com/carpedm20/awesome-hacking) 76 | 77 | - [https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE](https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE) 78 | 79 | - [https://www.lifars.com/knowledge-center/python-penetration-testing-cheat-sheet/](https://www.lifars.com/knowledge-center/python-penetration-testing-cheat-sheet/) 80 | 81 | - [https://github.com/purabparihar/Infrastructure-Pentesting-Checklist](https://github.com/purabparihar/Infrastructure-Pentesting-Checklist) 82 | 83 | - [https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap](https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap) 84 | 85 | - [https://github.com/RafaelFunchal/wordpress-security-checklist/blob/master/items.md](https://github.com/RafaelFunchal/wordpress-security-checklist/blob/master/items.md) 86 | 87 | - https://viperone.gitbook.io/pentest-everything/ 88 | 89 | - https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 90 | 91 | 92 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 93 | 94 | 95 | ## Web Pentest πŸ“ 96 | 97 | - [https://pentestbook.six2dez.com/others/web-checklist](https://pentestbook.six2dez.com/others/web-checklist) 98 | 99 | - [https://github.com/Ignitetechnologies/Web-Application-Cheatsheet](https://github.com/Ignitetechnologies/Web-Application-Cheatsheet) 100 | 101 | - [https://infosecwriteups.com/serialization-deserialization-attacks-on-php-d5fb02e29248](https://infosecwriteups.com/serialization-deserialization-attacks-on-php-d5fb02e29248) 102 | 103 | - [https://github.com/infoslack/awesome-web-hacking](https://github.com/infoslack/awesome-web-hacking) 104 | 105 | - [https://github.com/qazbnm456/awesome-web-security](https://github.com/qazbnm456/awesome-web-security) 106 | 107 | - [https://github.com/5bhuv4n35h/pentestmindmap/blob/master/web_application_penetration_testing.png](https://github.com/5bhuv4n35h/pentestmindmap/blob/master/web_application_penetration_testing.png) 108 | 109 | - [https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/](https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/) 110 | 111 | - [https://github.com/dhaval17/awsome-security-write-ups-and-POCs](https://github.com/dhaval17/awsome-security-write-ups-and-POCs) 112 | 113 | - [https://hariprasaanth.notion.site/hariprasaanth/WEB-APPLICATION-PENTESTING-CHECKLIST-0f02d8074b9d4af7b12b8da2d46ac998](https://www.notion.so/0f02d8074b9d4af7b12b8da2d46ac998) 114 | 115 | - https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6 116 | 117 | 118 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 119 | 120 | 121 | ## Mobile Pentest πŸ“ 122 | 123 | - [https://0xn3va.gitbook.io/cheat-sheets/](https://0xn3va.gitbook.io/cheat-sheets/) 124 | 125 | - [https://github.com/muellerberndt/android_app_security_checklist](https://github.com/muellerberndt/android_app_security_checklist) 126 | 127 | - [https://medium.com/vakifbank-teknoloji/android-application-security-penetration-tests-1-2da29240093d](https://medium.com/vakifbank-teknoloji/android-application-security-penetration-tests-1-2da29240093d) 128 | 129 | - [https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet](https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet) 130 | 131 | - [https://github.com/vaib25vicky/awesome-mobile-security](https://github.com/vaib25vicky/awesome-mobile-security) 132 | 133 | 134 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 135 | 136 | 137 | ## Cloud Security & Pentest πŸ“ 138 | 139 | - [https://github.com/dafthack/CloudPentestCheatsheets](https://github.com/dafthack/CloudPentestCheatsheets) 140 | 141 | - [https://github.com/TROUBLE-1/Cloud-Pentesting/blob/main/Note %26 Mind Map/Cloud Pentesting/Attacking Cloud.pdf](https://github.com/TROUBLE-1/Cloud-Pentesting/blob/main/Note%20%26%20Mind%20Map/Cloud%20Pentesting/Attacking%20Cloud.pdf) 142 | 143 | - [https://raw.githubusercontent.com/5bhuv4n35h/pentestmindmap/master/cloud_penetration_testing.png](https://raw.githubusercontent.com/5bhuv4n35h/pentestmindmap/master/cloud_penetration_testing.png) 144 | 145 | - [https://github.com/six2dez/pentest-book/tree/master/enumeration/cloud](https://github.com/six2dez/pentest-book/tree/master/enumeration/cloud) 146 | 147 | - [https://github.com/Funkmyster/awesome-cloud-security](https://github.com/Funkmyster/awesome-cloud-security) 148 | 149 | - [https://github.com/4ndersonLin/awesome-cloud-security](https://github.com/4ndersonLin/awesome-cloud-security) 150 | 151 | - [https://github.com/aquasecurity/cloud-security-remediation-guides](https://github.com/aquasecurity/cloud-security-remediation-guides) 152 | 153 | 154 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 155 | 156 | 157 | ## Bug Bounty πŸ“ 158 | 159 | - [https://bugbountyforum.com/tools/recon/](https://bugbountyforum.com/tools/recon/) 160 | 161 | - [https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65](https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65) 162 | 163 | - [https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2](https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2) 164 | 165 | - [https://github.com/djadmin/awesome-bug-bounty#write-ups--authors](https://github.com/djadmin/awesome-bug-bounty#write-ups--authors) 166 | 167 | - [https://github.com/bobby-lin/study-bug-bounty](https://github.com/bobby-lin/study-bug-bounty) 168 | 169 | - [https://github.com/hahwul/WebHackersWeapons](https://github.com/hahwul/WebHackersWeapons) 170 | 171 | - [https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md](https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md) 172 | 173 | - [https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters) 174 | 175 | - [https://bughacking.com/best-bug-bounty-platforms/](https://bughacking.com/best-bug-bounty-platforms/) 176 | 177 | - [https://github.com/tuhin1729/Bug-Bounty-Methodology](https://github.com/tuhin1729/Bug-Bounty-Methodology) 178 | 179 | - [https://github.com/daffainfo/AllAboutBugBounty](https://github.com/daffainfo/AllAboutBugBounty) 180 | 181 | - [https://www.infosecmatter.com/bug-bounty-tips-1/](https://www.infosecmatter.com/bug-bounty-tips-1/) 182 | 183 | - [https://www.infosecmatter.com/bug-bounty-tips-2-jun-30/](https://www.infosecmatter.com/bug-bounty-tips-2-jun-30/) 184 | 185 | - [https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md](https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md) 186 | 187 | - [https://gowsundar.gitbook.io/book-of-bugbounty-tips/](https://gowsundar.gitbook.io/book-of-bugbounty-tips/) 188 | 189 | - [https://github.com/Neelakandan-A/BugBounty_CheatSheet](https://github.com/Neelakandan-A/BugBounty_CheatSheet) 190 | 191 | - [https://github.com/vavkamil/awesome-bugbounty-tools](https://github.com/vavkamil/awesome-bugbounty-tools) 192 | 193 | - [https://github.com/ngalongc/bug-bounty-reference](https://github.com/ngalongc/bug-bounty-reference) 194 | 195 | - [https://github.com/YaS5in3/Bug-Bounty-Wordlists](https://github.com/YaS5in3/Bug-Bounty-Wordlists) 196 | 197 | - [https://mokhansec.medium.com/what-would-i-do-if-i-start-bug-hunting-from-0-again-79c7fa78b789](https://mokhansec.medium.com/what-would-i-do-if-i-start-bug-hunting-from-0-again-79c7fa78b789) 198 | 199 | - [https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248](https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248) 200 | 201 | - https://github.com/imran-parray/Mind-Maps/blob/master/Recon%20-%20Imran%20parray/My-recon.png 202 | 203 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 204 | 205 | 206 | ## OSINT & Google Dorks πŸ“ 207 | 208 | - [https://github.com/jivoi/awesome-osint](https://github.com/jivoi/awesome-osint) 209 | 210 | - [https://github.com/TheBurnsy/Vehicle-OSINT-Collection](https://github.com/TheBurnsy/Vehicle-OSINT-Collection) 211 | 212 | - [https://blog.blockmagnates.com/open-source-intelligence-osint-996c8d2db362](https://blog.blockmagnates.com/open-source-intelligence-osint-996c8d2db362) 213 | 214 | - [https://cyb3r.gitbook.io/pentest-journey/open-source-intelligence-osint-fundamentals/osint-flowcharts](https://cyb3r.gitbook.io/pentest-journey/open-source-intelligence-osint-fundamentals/osint-flowcharts) 215 | 216 | - [https://www.bruceclay.com/blog/bing-google-advanced-search-operators/](https://www.bruceclay.com/blog/bing-google-advanced-search-operators/) 217 | 218 | - [https://www.hackthebox.com/blog/What-Is-Google-Dorking](https://www.hackthebox.com/blog/What-Is-Google-Dorking) 219 | 220 | - [https://dnsdumpster.com/footprinting-reconnaissance/](https://dnsdumpster.com/footprinting-reconnaissance/) 221 | 222 | - [https://github.com/redhuntlabs/Awesome-Asset-Discovery](https://github.com/redhuntlabs/Awesome-Asset-Discovery) 223 | 224 | - [https://github.com/Proviesec/google-dorks](https://github.com/Proviesec/google-dorks) 225 | 226 | 227 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 228 | 229 | 230 | ## API Security & Pentest πŸ“ 231 | 232 | - [https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API Pentesting Mindmap.png](https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API%20Pentesting%20Mindmap.png) 233 | 234 | - [https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API Pentesting Mindmap ATTACK.pdf](https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20ATTACK.pdf) 235 | 236 | - [https://github.com/shieldfy/API-Security-Checklist](https://github.com/shieldfy/API-Security-Checklist) 237 | 238 | - [https://github.com/erev0s/VAmPI](https://github.com/erev0s/VAmPI) 239 | 240 | - [https://github.com/roottusk/vapi](https://github.com/roottusk/vapi) 241 | 242 | - [https://danaepp.com/beginners-guide-to-api-hacking](https://danaepp.com/beginners-guide-to-api-hacking) 243 | 244 | - [https://bughunters.google.com/learn/presentations/5783688075542528/android-app-hacking-workshop](https://bughunters.google.com/learn/presentations/5783688075542528/android-app-hacking-workshop) 245 | 246 | - [https://www.virtuesecurity.com/api-penetration-testing/](https://www.virtuesecurity.com/api-penetration-testing/) 247 | 248 | - [https://university.apisec.ai/](https://university.apisec.ai/) 249 | 250 | - [https://www.productsecurity.ai/course/api-security-training](https://www.productsecurity.ai/course/api-security-training) 251 | 252 | 253 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 254 | 255 | 256 | ## Active Directory πŸ“ 257 | 258 | - [https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/](https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/) 259 | 260 | - [https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet](https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet) 261 | 262 | - [https://blog.spookysec.net/ad-lab-1/](https://blog.spookysec.net/ad-lab-1/) 263 | 264 | - [https://blog.spookysec.net/ad-lab-2/](https://blog.spookysec.net/ad-lab-2/) 265 | 266 | - [https://github.com/WazeHell/vulnerable-AD](https://github.com/WazeHell/vulnerable-AD) 267 | 268 | 269 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 270 | 271 | 272 | ## Red Teaming πŸ“ 273 | 274 | - [https://github.com/yeyintminthuhtut/Awesome-Red-Teaming](https://github.com/yeyintminthuhtut/Awesome-Red-Teaming) 275 | 276 | - [https://github.com/infosecn1nja/Red-Teaming-Toolkit](https://github.com/infosecn1nja/Red-Teaming-Toolkit) 277 | 278 | - [https://github.com/0xJs/RedTeaming_CheatSheet](https://github.com/0xJs/RedTeaming_CheatSheet) 279 | 280 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 281 | 282 | 283 | 284 | ## Exploit Development πŸ“ 285 | 286 | - [https://github.com/FabioBaroni/awesome-exploit-development](https://github.com/FabioBaroni/awesome-exploit-development) 287 | 288 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 289 | 290 | 291 | ## AppSec & Code Review πŸ“ 292 | 293 | - [https://wehackpurple.com/blogs/page/2/](https://wehackpurple.com/blogs/page/2/) 294 | 295 | - [https://wehackpurple.com/blogs/page/3/](https://wehackpurple.com/blogs/page/3/) 296 | 297 | - [https://wehackpurple.com/blogs/page/4/](https://wehackpurple.com/blogs/page/4/) 298 | 299 | - [https://google.github.io/eng-practices/review/](https://google.github.io/eng-practices/review/) 300 | 301 | - [https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist](https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist) 302 | 303 | - [https://github.com/paragonie/awesome-appsec](https://github.com/paragonie/awesome-appsec) 304 | 305 | - [https://erdemstar08.medium.com/source-code-scan-7448df9a1358](https://erdemstar08.medium.com/source-code-scan-7448df9a1358) 306 | 307 | - [https://erdemstar08.medium.com/java-source-code-scanning-with-maven-fortify-4514b61696b6](https://erdemstar08.medium.com/java-source-code-scanning-with-maven-fortify-4514b61696b6) 308 | 309 | - [https://erdemstar08.medium.com/ios-source-code-scanning-fortify-b0cca71ab519](https://erdemstar08.medium.com/ios-source-code-scanning-fortify-b0cca71ab519) 310 | 311 | - [https://erdemstar08.medium.com/android-source-code-scanning-fortify-f218df889eeb](https://erdemstar08.medium.com/android-source-code-scanning-fortify-f218df889eeb) 312 | 313 | - [https://erdemstar08.medium.com/code-scan-with-sast-net-framework-4-8-876d42673c72](https://erdemstar08.medium.com/code-scan-with-sast-net-framework-4-8-876d42673c72) 314 | 315 | - [https://erdemstar08.medium.com/code-scan-with-sast-net-core-3-49cb8c742ecc](https://erdemstar08.medium.com/code-scan-with-sast-net-core-3-49cb8c742ecc) 316 | 317 | 318 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 319 | 320 | 321 | ## DevSecOps πŸ“ 322 | 323 | - [https://github.com/sottlmarek/DevSecOps](https://github.com/sottlmarek/DevSecOps) 324 | 325 | - [https://github.com/hahwul/DevSecOps](https://github.com/hahwul/DevSecOps) 326 | 327 | - [https://github.com/magnologan/awesome-k8s-security](https://github.com/magnologan/awesome-k8s-security) 328 | 329 | - [https://github.com/TaptuIT/awesome-devsecops](https://github.com/TaptuIT/awesome-devsecops) 330 | 331 | - https://github.com/We5ter/Awesome-DevSecOps-Platforms 332 | 333 | - [https://www.productsecurity.ai/course/devsecops-training](https://www.productsecurity.ai/course/devsecops-training) 334 | 335 | 336 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 337 | 338 | 339 | ## CTFs & Writeups πŸ“ 340 | 341 | - [https://bitvijays.github.io/LFC-VulnerableMachines.html#ctf-series-vulnerable-machines](https://bitvijays.github.io/LFC-VulnerableMachines.html#ctf-series-vulnerable-machines) 342 | 343 | - [https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/](https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/) 344 | 345 | - [https://htbmachines.github.io/](https://htbmachines.github.io/) 346 | 347 | - [https://github.com/Crypto-Cat/CTF](https://github.com/Crypto-Cat/CTF) 348 | 349 | 350 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 351 | 352 | 353 | ## Social Engineering πŸ“ 354 | 355 | - [https://github.com/v2-dev/awesome-social-engineering](https://github.com/v2-dev/awesome-social-engineering) 356 | 357 | 358 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 359 | 360 | 361 | ## Certifications πŸ“ 362 | 363 | - [https://brcyrr.medium.com/recommendations-of-oscp-433a08c86f27](https://brcyrr.medium.com/recommendations-of-oscp-433a08c86f27) 364 | 365 | - [https://areyou1or0.it/index.php/2021/02/10/finally-oscp-may-the-force-be-with-you/](https://areyou1or0.it/index.php/2021/02/10/finally-oscp-may-the-force-be-with-you/) 366 | 367 | - [https://brcyrr.medium.com/recommendations-review-of-emapt-819e72a27f06](https://brcyrr.medium.com/recommendations-review-of-emapt-819e72a27f06) 368 | 369 | - [http://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab.html](http://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab.html) 370 | 371 | - [https://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab-part-2.html](https://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab-part-2.html) 372 | 373 | - [https://brcyrr.medium.com/recommendations-review-of-ewptxv2-66a114e450db](https://brcyrr.medium.com/recommendations-review-of-ewptxv2-66a114e450db) 374 | 375 | - [https://brcyrr.medium.com/recommendations-of-oswp-c14ab45ae491](https://brcyrr.medium.com/recommendations-of-oswp-c14ab45ae491) 376 | 377 | - [https://github.com/brcyrr/OSWP](https://github.com/brcyrr/OSWP) 378 | 379 | - [https://twitter.com/Shubham_pen/status/1537657538795085824](https://twitter.com/Shubham_pen/status/1537657538795085824) 380 | 381 | 382 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 383 | 384 | 385 | ## Roadmaps πŸ“ 386 | 387 | - [https://medium.com/@rezaduty/web-penetration-testing-roadmap-4e7bb9edf23b](https://medium.com/@rezaduty/web-penetration-testing-roadmap-4e7bb9edf23b) 388 | 389 | - [https://medium.com/@rezaduty/mobile-penetration-tester-roadmap-f2ec9bd68dcf](https://medium.com/@rezaduty/mobile-penetration-tester-roadmap-f2ec9bd68dcf) 390 | 391 | - [https://github.com/rezaduty/cybersecurity-career-path](https://github.com/rezaduty/cybersecurity-career-path) 392 | 393 | - [https://github.com/CyberSecurityUP/PenTest-Certifications-Roadmap](https://github.com/CyberSecurityUP/PenTest-Certifications-Roadmap) 394 | 395 | 396 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 397 | 398 | 399 | ## Security Architecture πŸ“ 400 | 401 | - [https://zeltser.com/security-architecture-cheat-sheet/](https://zeltser.com/security-architecture-cheat-sheet/) 402 | 403 | 404 | 405 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 406 | 407 | 408 | ## IoT Security πŸ“ 409 | 410 | - [https://github.com/V33RU/IoTSecurity101](https://github.com/V33RU/IoTSecurity101) 411 | 412 | - https://github.com/nebgnahz/awesome-iot-hacks 413 | 414 | 415 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 416 | 417 | 418 | ## Container Security πŸ“ 419 | 420 | - https://github.com/krol3/container-security-checklist 421 | 422 | - [https://www.productsecurity.ai/course/container-security-course](https://www.productsecurity.ai/course/container-security-course) 423 | 424 | 425 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 426 | 427 | 428 | ## Blockchain Security πŸ“ 429 | 430 | - [https://github.com/xxxeyJ/Awesome-Blockchain-Security](https://github.com/xxxeyJ/Awesome-Blockchain-Security) 431 | 432 | 433 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 434 | 435 | 436 | ## Threat Modelling πŸ“ 437 | 438 | - [https://github.com/hysnsec/awesome-threat-modelling](https://github.com/hysnsec/awesome-threat-modelling) 439 | 440 | - [https://www.productsecurity.ai/course/threat-modeling-training](https://www.productsecurity.ai/course/threat-modeling-training) 441 | 442 | 443 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 444 | 445 | 446 | ## Kubernetes Security πŸ“ 447 | 448 | - [https://www.productsecurity.ai/course/kubernetes-security-course](https://www.productsecurity.ai/course/kubernetes-security-course) 449 | 450 | 451 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 452 | 453 | 454 | ## General Resources πŸ“ 455 | 456 | - [https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/](https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/) 457 | 458 | - [https://kalitut.com/](https://kalitut.com/) 459 | 460 | - [https://hackermovie.club/](https://hackermovie.club/) 461 | 462 | - [https://github.com/PaulSec/awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) 463 | 464 | - [https://zeltser.com/information-security/](https://zeltser.com/information-security/) 465 | 466 | - [https://infosecwriteups.com/finding-of-directory-path-in-linux-820be9ae759b](https://infosecwriteups.com/finding-of-directory-path-in-linux-820be9ae759b) 467 | 468 | - [https://cybersecuritybase.mooc.fi/](https://cybersecuritybase.mooc.fi/) 469 | 470 | - [https://www.cyberseek.org/pathway.html](https://www.cyberseek.org/pathway.html) 471 | 472 | - [http://dfir.org/?q=node/8](http://dfir.org/?q=node/8) 473 | 474 | 475 | 476 | 477 | 478 | 479 | 480 | 481 | 482 | 483 | 484 | 485 | 486 | 487 | 488 | 489 | 490 | 491 | 492 | 493 | 494 | 495 | 496 | 497 | 498 | 499 | 500 | 501 | 502 | 503 | 504 | 505 | 506 | 507 | 508 | 509 | 510 | 511 | 512 | 513 | 514 | 515 | 516 | 517 | 518 | 519 | 520 | --------------------------------------------------------------------------------