├── .travis.yml
├── .github
    └── CONTRIBUTING.md
└── README.md


/.travis.yml:
--------------------------------------------------------------------------------
1 | language: ruby
2 | rvm:
3 |   - 2.2
4 | before_script:
5 |   - gem install awesome_bot
6 | script:
7 |   - awesome_bot README.md --allow-redirect
8 | 


--------------------------------------------------------------------------------
/.github/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contribution Guidelines
 2 | 
 3 | ## Table of Contents
 4 | 
 5 | - [Adding to this list](#adding-to-this-list)
 6 | - [Updating your Pull Request](#updating-your-pull-request)
 7 | 
 8 | ## Adding to this list
 9 | 
10 | Please ensure your pull request adheres to the following guidelines:
11 | 
12 | - Search previous suggestions before making a new one, as yours may be a duplicate.
13 | - Make sure the submission is useful before submitting.
14 | - Make an individual pull request for each suggestion.
15 | - Use [title-casing](http://titlecapitalization.com) (AP style).
16 | - Use the following format: `[List Name](link) - Optional Description`.
17 | - Optional descriptions are useful when the name itself is not descriptive.
18 | - Link additions should be added to the bottom of the relevant category.
19 | - New categories or improvements to the existing categorization are welcome.
20 | - Check your spelling and grammar.
21 | - Make sure your text editor is set to remove trailing whitespace.
22 | - The pull request and commit should have a useful title.
23 | - The body of your commit message should contain a link to the repository.
24 | 
25 | ## Updating your Pull Request
26 | 
27 | Sometimes, a maintainer of an awesome list will ask you to edit your Pull Request before it is included. This is normally due to spelling errors or because your PR didn't make any useful addition.
28 | 
29 | [Here](https://github.com/RichardLitt/docs/blob/master/amending-a-commit-guide.md) is a write up on how to change a Pull Request, and the different ways you can do that.
30 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | ### **Awesome Penetration Testing** [![Links Check](https://travis-ci.org/enaqx/awesome-pentest.svg?branch=master)](https://travis-ci.org/enaqx/awesome-pentest)
  2 | 
  3 | 
  4 | A collection of awesome penetration testing resources
  5 | 
  6 | [This project is supported by Netsparker Web Application Security Scanner](https://www.netsparker.com/?utm_source=github.com&utm_content=awesome+penetration+testing&utm_medium=referral&utm_campaign=generic+advert)
  7 | 
  8 | 
  9 | - [Online Resources](#online-resources)
 10 |   - [Penetration Testing Resources](#penetration-testing-resources)
 11 |   - [Exploit development](#exploit-development)
 12 |   - [Social Engineering Resources](#social-engineering-resources)
 13 |   - [Lock Picking Resources](#lock-picking-resources)
 14 | - [Tools](#tools)
 15 |   - [Penetration Testing Distributions](#penetration-testing-distributions)
 16 |   - [Basic Penetration Testing Tools](#basic-penetration-testing-tools)
 17 |   - [Docker for Penetration Testing](#docker-for-penetration-testing)
 18 |   - [Vulnerability Scanners](#vulnerability-scanners)
 19 |   - [Network Tools](#network-tools)
 20 |   - [Wireless Network Tools](#wireless-network-tools)
 21 |   - [SSL Analysis Tools](#ssl-analysis-tools)
 22 |   - [Web exploitation](#web-exploitation)
 23 |   - [Hex Editors](#hex-editors)
 24 |   - [Crackers](#crackers)
 25 |   - [Windows Utils](#windows-utils)
 26 |   - [Linux Utils](#linux-utils)
 27 |   - [DDoS Tools](#ddos-tools)
 28 |   - [Social Engineering Tools](#social-engineering-tools)
 29 |   - [OSInt Tools](#osint-tools)
 30 |   - [Anonymity Tools](#anonymity-tools)
 31 |   - [Reverse Engineering Tools](#reverse-engineering-tools)
 32 |   - [CTF Tools](#ctf-tools)
 33 | - [Books](#books)
 34 |   - [Penetration Testing Books](#penetration-testing-books)
 35 |   - [Hackers Handbook Series](#hackers-handbook-series)
 36 |   - [Defensive Development](#defensive-development)
 37 |   - [Network Analysis Books](#network-analysis-books)
 38 |   - [Reverse Engineering Books](#reverse-engineering-books)
 39 |   - [Malware Analysis Books](#malware-analysis-books)
 40 |   - [Windows Books](#windows-books)
 41 |   - [Social Engineering Books](#social-engineering-books)
 42 |   - [Lock Picking Books](#lock-picking-books)
 43 |   - [Defcon Suggested Reading](#defcon-suggested-reading)
 44 | - [Vulnerability Databases](#vulnerability-databases)
 45 | - [Security Courses](#security-courses)
 46 | - [Information Security Conferences](#information-security-conferences)
 47 | - [Information Security Magazines](#information-security-magazines)
 48 | - [Awesome Lists](#awesome-lists)
 49 | - [Contribution](#contribution)
 50 | - [License](#license)
 51 | 
 52 | 
 53 | ### Online Resources
 54 | #### Penetration Testing Resources
 55 | * [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/) - Free Offensive Security Metasploit course
 56 | * [PTES](http://www.pentest-standard.org/) - Penetration Testing Execution Standard
 57 | * [OWASP](https://www.owasp.org/index.php/Main_Page) - Open Web Application Security Project
 58 | * [PENTEST-WIKI](https://github.com/nixawk/pentest-wiki) - A free online security knowledge library for pentesters / researchers.
 59 | * [Vulnerability Assessment Framework](http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html) - Penetration Testing Framework.
 60 | * [The Pentesters Framework](https://github.com/trustedsec/ptf) - PTF attempts to install all of your penetration testing tools (latest and greatest), compile them, build them, and make it so that you can install/update your distribution on any machine. Everything is organized in a fashion that is cohesive to the Penetration Testing Execution Standard (PTES) and eliminates a lot of things that are hardly used.
 61 | * [XSS-Payloads](http://www.xss-payloads.com) - Ultimate resource for all things cross-site including payloads, tools, games and documentation.
 62 | 
 63 | #### Exploit development
 64 | * [Shellcode Tutorial](http://www.vividmachines.com/shellcode/shellcode.html) - Tutorial on how to write shellcode
 65 | * [Shellcode Examples](http://shell-storm.org/shellcode/) - Shellcodes database
 66 | * [Exploit Writing Tutorials](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) - Tutorials on how to develop exploits
 67 | * [shellsploit](https://github.com/b3mb4m/shellsploit-framework) - New Generation Exploit Development Kit
 68 | * [Voltron](https://github.com/snare/voltron) - A hacky debugger UI for hackers
 69 | 
 70 | #### Social Engineering Resources
 71 | * [Social Engineering Framework](http://www.social-engineer.org/framework/general-discussion/) - An information resource for social engineers
 72 | 
 73 | #### Lock Picking Resources
 74 | * [Schuyler Towne channel](https://www.youtube.com/user/SchuylerTowne/) - Lockpicking videos and security talks
 75 | * [/r/lockpicking](https://www.reddit.com/r/lockpicking) - Resources for learning lockpicking, equipment recommendations.
 76 | 
 77 | ### Tools
 78 | #### Penetration Testing Distributions
 79 | * [Kali](https://www.kali.org/) - A Linux distribution designed for digital forensics and penetration testing
 80 | * [ArchStrike](https://archstrike.org/) - An Arch Linux repository for security professionals and enthusiasts
 81 | * [BlackArch](https://www.blackarch.org/) - Arch Linux-based distribution for penetration testers and security researchers
 82 | * [NST](http://networksecuritytoolkit.org/) - Network Security Toolkit distribution
 83 | * [Pentoo](http://www.pentoo.ch/) - Security-focused livecd based on Gentoo
 84 | * [BackBox](https://backbox.org/) - Ubuntu-based distribution for penetration tests and security assessments
 85 | * [Parrot](https://www.parrotsec.org/) - A distribution similar to Kali, with multiple architecture
 86 | * [Fedora Security Lab](https://labs.fedoraproject.org/en/security/) - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.
 87 | 
 88 | #### Basic Penetration Testing Tools
 89 | * [Metasploit Framework](https://www.metasploit.com/) - World's most used penetration testing software
 90 | * [Burp Suite](https://portswigger.net/burp/) - An integrated platform for performing security testing of web applications
 91 | * [ExploitPack](https://github.com/juansacco/exploitpack) - Graphical tool for penetration testing with a bunch of exploits
 92 | * [BeeF](https://github.com/beefproject/beef) - The Browser Exploitation Framework Project
 93 | * [faraday](https://github.com/infobyte/faraday) - Collaborative Penetration Test and Vulnerability Management Platform
 94 | * [evilgrade](https://github.com/infobyte/evilgrade) - The update explotation framework
 95 | * [commix](https://github.com/stasinopoulos/commix) - Automated All-in-One OS Command Injection and Exploitation Tool
 96 | * [routersploit](https://github.com/reverse-shell/routersploit) - Automated penetration testing software for router
 97 | * [redsnarf] (https://github.com/nccgroup/redsnarf) - Post-exploitation tool for grabbing credentials
 98 | 
 99 | #### Docker for Penetration Testing
100 | * `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/)
101 | * `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy)
102 | * `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/)
103 | * `docker pull pandrew/metasploit` - [docker-metasploit](https://hub.docker.com/r/pandrew/metasploit/)
104 | * `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/)
105 | * `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/)
106 | * `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/)
107 | * `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/)
108 | * `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/)
109 | * `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/)
110 | * `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/)
111 | * `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/danmx/docker-owasp-webgoat/)
112 | * `docker-compose build && docker-compose up` - [OWASP NodeGoat](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker)
113 | * `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/)
114 | * `docker pull bkimminich/juice-shop` - [OWASP Juice Shop](https://github.com/bkimminich/juice-shop#docker-container--)
115 | * `docker pull kalilinux/kali-linux-docker` - [Kali Linux Docker Image](https://www.kali.org/news/official-kali-linux-docker-images/)
116 | 
117 | #### Vulnerability Scanners
118 | * [Nexpose](https://www.rapid7.com/products/nexpose/) - Vulnerability Management & Risk Management Software
119 | * [Nessus](http://www.tenable.com/products/nessus-vulnerability-scanner) - Vulnerability, configuration, and compliance assessment
120 | * [Nikto](https://cirt.net/nikto2) - Web application vulnerability scanner
121 | * [OpenVAS](http://www.openvas.org/) - Open Source vulnerability scanner and manager
122 | * [OWASP Zed Attack Proxy](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) - Penetration testing tool for web applications
123 | * [Secapps](https://secapps.com/) - Integrated web application security testing environment
124 | * [w3af](https://github.com/andresriancho/w3af) - Web application attack and audit framework
125 | * [Wapiti](http://wapiti.sourceforge.net/) - Web application vulnerability scanner
126 | * [WebReaver](http://www.webreaver.com/) - Web application vulnerability scanner for Mac OS X
127 | * [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR
128 | * [arachni](https://github.com/Arachni/arachni) - Web Application Security Scanner Framework
129 | * [Vuls](https://github.com/future-architect/vuls) - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
130 | 
131 | #### Network Tools
132 | * [nmap](https://nmap.org/) - Free Security Scanner For Network Exploration & Security Audits
133 | * [pig](https://github.com/rafael-santiago/pig) - A Linux packet crafting tool
134 | * [tcpdump/libpcap](http://www.tcpdump.org/) - A common packet analyzer that runs under the command line
135 | * [Wireshark](https://www.wireshark.org/) - A network protocol analyzer for Unix and Windows
136 | * [Network Tools](http://network-tools.com/) - Different network tools: ping, lookup, whois, etc
137 | * [netsniff-ng](https://github.com/netsniff-ng/netsniff-ng) - A Swiss army knife for for network sniffing
138 | * [Intercepter-NG](http://sniff.su/) - a multifunctional network toolkit
139 | * [SPARTA](http://sparta.secforce.com/) - Network Infrastructure Penetration Testing Tool
140 | * [dnschef](http://thesprawl.org/projects/dnschef/) - A highly configurable DNS proxy for pentesters
141 | * [DNSDumpster](https://dnsdumpster.com/) - Online DNS recon and search service
142 | * [dnsenum](https://github.com/fwaeytens/dnsenum/) - Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results
143 | * [dnsmap](https://github.com/makefu/dnsmap/) - Passive DNS network mapper
144 | * [dnsrecon](https://github.com/darkoperator/dnsrecon/) - DNS Enumeration Script
145 | * [dnstracer](http://www.mavetju.org/unix/dnstracer.php) - Determines where a given DNS server gets its information from, and follows the chain of DNS servers
146 | * [passivedns-client](https://github.com/chrislee35/passivedns-client) - Provides a library and a query tool for querying several passive DNS providers
147 | * [passivedns](https://github.com/gamelinux/passivedns) - A network sniffer that logs all DNS server replies for use in a passive DNS setup
148 | * [Mass Scan](https://github.com/robertdavidgraham/masscan) - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
149 | * [Zarp](https://github.com/hatRiot/zarp) - Zarp is a network attack tool centered around the exploitation of local networks
150 | * [mitmproxy](https://github.com/mitmproxy/mitmproxy) - An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
151 | * [mallory](https://github.com/justmao945/mallory) - HTTP/HTTPS proxy over SSH
152 | * [Netzob](https://github.com/netzob/netzob) - Reverse engineering, traffic generation and fuzzing of communication protocols
153 | * [DET](https://github.com/sensepost/DET) - DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time
154 | * [pwnat](https://github.com/samyk/pwnat) - punches holes in firewalls and NATs
155 | * [dsniff](https://www.monkey.org/~dugsong/dsniff/) - a collection of tools for network auditing and pentesting
156 | * [tgcd](http://tgcd.sourceforge.net/) - a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls
157 | * [smbmap](https://github.com/ShawnDEvans/smbmap) - a handy SMB enumeration tool
158 | * [scapy](https://github.com/secdev/scapy) - a python-based interactive packet manipulation program & library
159 | * [Dshell](https://github.com/USArmyResearchLab/Dshell) - Network forensic analysis framework
160 | * [Debookee (MAC OS X)](http://www.iwaxx.com/debookee/) - Intercept traffic from any device on your network
161 | * [Dripcap](https://github.com/dripcap/dripcap) - Caffeinated packet analyzer
162 | * [PRET](https://github.com/RUB-NDS/PRET) - Printer Exploitation Toolkit offers commands useful for printer attacks and fuzzing
163 | 
164 | #### Wireless Network Tools
165 | * [Aircrack-ng](http://www.aircrack-ng.org/) - a set of tools for auditing wireless network
166 | * [Kismet](https://kismetwireless.net/) - Wireless network detector, sniffer, and IDS
167 | * [Reaver](https://code.google.com/archive/p/reaver-wps) - Brute force attack against Wifi Protected Setup
168 | * [Wifite](https://github.com/derv82/wifite) - Automated wireless attack tool
169 | * [wifiphisher](https://github.com/sophron/wifiphisher) - Automated phishing attacks against Wi-Fi networks
170 | 
171 | #### SSL Analysis Tools
172 | * [SSLyze](https://github.com/nabla-c0d3/sslyze) - SSL configuration scanner
173 | * [sslstrip](https://www.thoughtcrime.org/software/sslstrip/) - a demonstration of the HTTPS stripping attacks
174 | * [sslstrip2](https://github.com/LeonardoNve/sslstrip2) - SSLStrip version to defeat HSTS
175 | * [tls_prober](https://github.com/WestpointLtd/tls_prober) - fingerprint a server's SSL/TLS implementation
176 | 
177 | #### Web exploitation
178 | * [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner
179 | * [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
180 | * [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell
181 | * [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites
182 | * [cms-explorer](https://code.google.com/archive/p/cms-explorer/) - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
183 | * [joomscan](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project) - Joomla CMS scanner
184 | * [WhatWeb](https://github.com/urbanadventurer/WhatWeb) - Website Fingerprinter
185 | * [BlindElephant](http://blindelephant.sourceforge.net/) - Web Application Fingerprinter
186 | * [fimap](https://github.com/kurobeats/fimap) - Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs
187 | * [Kadabra](https://github.com/D35m0nd142/Kadabra) - Automatic LFI exploiter and scanner
188 | * [Kadimus](https://github.com/P0cL4bs/Kadimus) - LFI scan and exploit tool
189 | * [liffy](https://github.com/hvqzao/liffy) - LFI exploitation tool
190 | 
191 | #### Hex Editors
192 | * [HexEdit.js](https://hexed.it) - Browser-based hex editing
193 | * [Hexinator](https://hexinator.com/) (commercial) - World's finest Hex Editor
194 | 
195 | #### Crackers
196 | * [John the Ripper](http://www.openwall.com/john/) - Fast password cracker
197 | * [Hashcat](http://hashcat.net/hashcat/) - The more fast hash cracker
198 | 
199 | #### Windows Utils
200 | * [Sysinternals Suite](https://technet.microsoft.com/en-us/sysinternals/bb842062) - The Sysinternals Troubleshooting Utilities
201 | * [Windows Credentials Editor](http://www.ampliasecurity.com/research/windows-credentials-editor/) - security tool to list logon sessions and add, change, list and delete associated credentials
202 | * [mimikatz](http://blog.gentilkiwi.com/mimikatz) - Credentials extraction tool for Windows OS
203 | * [PowerSploit](https://github.com/PowerShellMafia/PowerSploit) - A PowerShell Post-Exploitation Framework
204 | * [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) - Detects potential missing patches on the target
205 | * [Responder](https://github.com/SpiderLabs/Responder) - A LLMNR, NBT-NS and MDNS poisoner
206 | * [Bloodhound](https://github.com/adaptivethreat/Bloodhound/wiki) - A graphical Active Directory trust relationship explorer
207 | * [Empire](https://github.com/PowerShellEmpire/Empire) - Empire is a pure PowerShell post-exploitation agent
208 | * [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration and tracing of the Windows kernel
209 | 
210 | #### Linux Utils
211 | * [Linux Exploit Suggester](https://github.com/PenturaLabs/Linux_Exploit_Suggester) - Linux Exploit Suggester; based on operating system release number.
212 | 
213 | #### DDoS Tools
214 | * [LOIC](https://github.com/NewEraCracker/LOIC/) - An open source network stress tool for Windows
215 | * [JS LOIC](http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html) - JavaScript in-browser version of LOIC
216 | * [T50](https://sourceforge.net/projects/t50/) - The more fast network stress tool
217 | 
218 | #### Social Engineering Tools
219 | * [SET](https://github.com/trustedsec/social-engineer-toolkit) - The Social-Engineer Toolkit from TrustedSec
220 | 
221 | #### OSInt Tools
222 | * [Maltego](http://www.paterva.com/web7/) - Proprietary software for open source intelligence and forensics, from Paterva.
223 | * [theHarvester](https://github.com/laramies/theHarvester) - E-mail, subdomain and people names harvester
224 | * [creepy](https://github.com/ilektrojohn/creepy) - A geolocation OSINT tool
225 | * [metagoofil](https://github.com/laramies/metagoofil) - Metadata harvester
226 | * [Google Hacking Database](https://www.exploit-db.com/google-hacking-database/) - a database of Google dorks; can be used for recon
227 | * [Censys](https://www.censys.io/) - Collects data on hosts and websites through daily ZMap and ZGrab scans
228 | * [Shodan](https://www.shodan.io/) - Shodan is the world's first search engine for Internet-connected devices
229 | * [recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - A full-featured Web Reconnaissance framework written in Python
230 | * [github-dorks](https://github.com/techgaun/github-dorks) - CLI tool to scan github repos/organizations for potential sensitive information leak
231 | * [vcsmap](https://github.com/melvinsh/vcsmap) - A plugin-based tool to scan public version control systems for sensitive information
232 | * [Spiderfoot](http://www.spiderfoot.net/) - multi-source OSINT automation tool with a Web UI and report visualizations
233 | * [BinGoo](https://github.com/Hood3dRob1n/BinGoo) - A Linux bash based Bing and Google Dorking Tool
234 | * [dork-cli](https://github.com/jgor/dork-cli) - Command-line Google dork tool.
235 | * [fast-recon](https://github.com/DanMcInerney/fast-recon) - Does some google dorks against a domain
236 | * [Google-dorks](https://github.com/JohnTroony/Google-dorks) - Common google dorks and others you prolly don't know
237 | * [snitch](https://github.com/Smaash/snitch) - information gathering via dorks
238 | * [GooDork](https://github.com/k3170makan/GooDork) - Command line go0gle dorking tool
239 | 
240 | #### Anonymity Tools
241 | * [Tor](https://www.torproject.org/) - The free software for enabling onion routing online anonymity
242 | * [I2P](https://geti2p.net/en/) - The Invisible Internet Project
243 | * [Nipe](https://github.com/GouveaHeitor/nipe) - Script to redirect all traffic from the machine to the Tor network.
244 | 
245 | #### Reverse Engineering Tools
246 | * [IDA Pro](https://www.hex-rays.com/products/ida/) - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
247 | * [IDA Free](https://www.hex-rays.com/products/ida/support/download_freeware.shtml) - The freeware version of IDA v5.0
248 | * [WDK/WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx) - Windows Driver Kit and WinDbg
249 | * [OllyDbg](http://www.ollydbg.de/) - An x86 debugger that emphasizes binary code analysis
250 | * [Radare2](http://rada.re/r/index.html) - Opensource, crossplatform reverse engineering framework
251 | * [x64_dbg](http://x64dbg.com/) - An open-source x64/x32 debugger for windows
252 | * [Immunity Debugger](http://debugger.immunityinc.com/) - A powerful new way to write exploits and analyze malware
253 | * [Evan's Debugger](http://www.codef00.com/projects#debugger) - OllyDbg-like debugger for Linux
254 | * [Medusa disassembler](https://github.com/wisk/medusa) - An open source interactive disassembler
255 | * [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code
256 | * [peda](https://github.com/longld/peda) - Python Exploit Development Assistance for GDB
257 | * [dnSpy](https://github.com/0xd4d/dnSpy) - dnSpy is a tool to reverse engineer .NET assemblies
258 | 
259 | #### CTF Tools
260 | * [Pwntools](https://github.com/Gallopsled/pwntools) - CTF framework for use in CTFs
261 | 
262 | ### Books
263 | #### Penetration Testing Books
264 | * [The Art of Exploitation by Jon Erickson, 2008](https://www.nostarch.com/hacking2.htm)
265 | * [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011](https://www.nostarch.com/metasploit)
266 | * [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014](https://www.nostarch.com/pentesting)
267 | * [Rtfm: Red Team Field Manual by Ben Clark, 2014](http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/)
268 | * [The Hacker Playbook by Peter Kim, 2014](http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/)
269 | * [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013](https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1)
270 | * [Professional Penetration Testing by Thomas Wilhelm, 2013](https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4)
271 | * [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012](http://www.packtpub.com/networking-and-servers/advanced-penetration-testing-highly-secured-environments-ultimate-security-gu)
272 | * [Violent Python by TJ O'Connor, 2012](https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6)
273 | * [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007](http://www.fuzzing.org/)
274 | * [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014](http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900)
275 | * [Penetration Testing: Procedures & Methodologies by EC-Council, 2010](http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677)
276 | * [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010](http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE)
277 | * [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014](http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362)
278 | * [Bug Hunter's Diary by Tobias Klein, 2011](https://www.nostarch.com/bughunter)
279 | 
280 | #### Hackers Handbook Series
281 | * [The Database Hacker's Handbook, David Litchfield et al., 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html)
282 | * [The Shellcoders Handbook by Chris Anley et al., 2007](http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html)
283 | * [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html)
284 | * [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html)
285 | * [iOS Hackers Handbook by Charlie Miller et al., 2012](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html)
286 | * [Android Hackers Handbook by Joshua J. Drake et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html)
287 | * [The Browser Hackers Handbook by Wade Alcorn et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html)
288 | * [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html)
289 | * [Car Hacker's Handbook by Craig Smith, 2016](https://www.nostarch.com/carhacking)
290 | 
291 | #### Defensive Development
292 | 
293 | * [Holistic Info-Sec for Web Developers (Fascicle 0)](https://leanpub.com/holistic-infosec-for-web-developers)
294 | * [Holistic Info-Sec for Web Developers (Fascicle 1)](https://leanpub.com/holistic-infosec-for-web-developers-fascicle1-vps-network-cloud-webapplications)
295 | 
296 | #### Network Analysis Books
297 | * [Nmap Network Scanning by Gordon Fyodor Lyon, 2009](https://nmap.org/book/)
298 | * [Practical Packet Analysis by Chris Sanders, 2011](https://www.nostarch.com/packet2.htm)
299 | * [Wireshark Network Analysis by by Laura Chappell & Gerald Combs, 2012](https://www.amazon.com/Wireshark-Network-Analysis-Second-Certified/dp/1893939944)
300 | * [Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham, 2012](http://www.amazon.com/Network-Forensics-Tracking-Hackers-Cyberspace-ebook/dp/B008CG8CYU/)
301 | 
302 | #### Reverse Engineering Books
303 | * [Reverse Engineering for Beginners by Dennis Yurichev](http://beginners.re/)
304 | * [Hacking the Xbox by Andrew Huang, 2003](https://www.nostarch.com/xbox.htm)
305 | * [The IDA Pro Book by Chris Eagle, 2011](https://www.nostarch.com/idapro2.htm)
306 | * [Practical Reverse Engineering by Bruce Dang et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118787315.html)
307 | * [Gray Hat Hacking The Ethical Hacker's Handbook by Daniel Regalado et al., 2015](http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071832386)
308 | 
309 | #### Malware Analysis Books
310 | * [Practical Malware Analysis by Michael Sikorski & Andrew Honig, 2012](https://www.nostarch.com/malware)
311 | * [The Art of Memory Forensics by Michael Hale Ligh et al., 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118825098.html)
312 | * [Malware Analyst's Cookbook and DVD by Michael Hale Ligh et al., 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470613033.html)
313 | 
314 | #### Windows Books
315 | * [Windows Internals by Mark Russinovich et al., 2012](http://www.amazon.com/Windows-Internals-Part-Developer-Reference/dp/0735648735/)
316 | 
317 | #### Social Engineering Books
318 | * [The Art of Deception by Kevin D. Mitnick & William L. Simon, 2002](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0471237124.html)
319 | * [The Art of Intrusion by Kevin D. Mitnick & William L. Simon, 2005](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764569597.html)
320 | * [Ghost in the Wires by Kevin D. Mitnick & William L. Simon, 2011](http://www.hachettebookgroup.com/titles/kevin-mitnick/ghost-in-the-wires/9780316134477/)
321 | * [No Tech Hacking by Johnny Long & Jack Wiles, 2008](https://www.elsevier.com/books/no-tech-hacking/mitnick/978-1-59749-215-7)
322 | * [Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010](http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470639539.html)
323 | * [Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014](http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118608577.html)
324 | * [Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014](https://www.mhprofessional.com/product.php?isbn=0071818464)
325 | 
326 | #### Lock Picking Books
327 | * [Practical Lock Picking by Deviant Ollam, 2012](https://www.elsevier.com/books/practical-lock-picking/ollam/978-1-59749-989-7)
328 | * [Keys to the Kingdom by Deviant Ollam, 2012](https://www.elsevier.com/books/keys-to-the-kingdom/ollam/978-1-59749-983-5)
329 | * [CIA Lock Picking Field Operative Training Manual](https://www.scribd.com/doc/7207/CIA-Lock-Picking-Field-Operative-Training-Manual)
330 | * [Lock Picking: Detail Overkill by Solomon](https://www.dropbox.com/s/y39ix9u9qpqffct/Lockpicking%20Detail%20Overkill.pdf?dl=0)
331 | * [Eddie the Wire books](https://www.dropbox.com/sh/k3z4dm4vyyojp3o/AAAIXQuwMmNuCch_StLPUYm-a?dl=0)
332 | 
333 | #### Defcon Suggested Reading
334 | * [Defcon Suggested Reading](https://www.defcon.org/html/links/book-list.html)
335 | 
336 | ### Vulnerability Databases
337 | * [NVD](https://nvd.nist.gov/) - US National Vulnerability Database
338 | * [CERT](https://www.us-cert.gov/) - US Computer Emergency Readiness Team
339 | * [OSVDB](https://blog.osvdb.org/) - Open Sourced Vulnerability Database
340 | * [Bugtraq](http://www.securityfocus.com/) - Symantec SecurityFocus
341 | * [Exploit-DB](https://www.exploit-db.com/) - Offensive Security Exploit Database
342 | * [Fulldisclosure](http://seclists.org/fulldisclosure/) - Full Disclosure Mailing List
343 | * [MS Bulletin](https://technet.microsoft.com/en-us/security/bulletins) - Microsoft Security Bulletin
344 | * [MS Advisory](https://technet.microsoft.com/en-us/security/advisories) - Microsoft Security Advisories
345 | * [Inj3ct0r](http://www.1337day.com/) - Inj3ct0r Exploit Database
346 | * [Packet Storm](https://packetstormsecurity.com/) - Packet Storm Global Security Resource
347 | * [SecuriTeam](http://www.securiteam.com/) - Securiteam Vulnerability Information
348 | * [CXSecurity](http://cxsecurity.com/) - CSSecurity Bugtraq List
349 | * [Vulnerability Laboratory](http://www.vulnerability-lab.com/) - Vulnerability Research Laboratory
350 | * [ZDI](http://www.zerodayinitiative.com/) - Zero Day Initiative
351 | * [Vulners](https://vulners.com) - Security database of software vulnerabilities
352 | 
353 | ### Security Courses
354 | * [Offensive Security Training](https://www.offensive-security.com/information-security-training/) - Training from BackTrack/Kali developers
355 | * [SANS Security Training](http://www.sans.org/) - Computer Security Training & Certification
356 | * [Open Security Training](http://opensecuritytraining.info/) - Training material for computer security classes
357 | * [CTF Field Guide](https://trailofbits.github.io/ctf/) - everything you need to win your next CTF competition
358 | * [ARIZONA CYBER WARFARE RANGE](http://azcwr.org/) - 24x7 live fire exercises for beginners through real world operations; capability for upward progression into the real world of cyber warfare.
359 | * [Cybrary](http://cybrary.it) - Free courses in ethical hacking and advanced penetration testing.  Advanced penetration testing courses are based on the book 'Penetration Testing for Highly Secured Enviroments'.
360 | * [Computer Security Student](http://computersecuritystudent.com) - Many free tutorials, great for beginners, $10/mo membership unlocks all content
361 | * [European Union Agency for Network and Information Security](https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material) - ENISA Cyber Security Training material
362 | 
363 | ### Information Security Conferences
364 | * [DEF CON](https://www.defcon.org/) - An annual hacker convention in Las Vegas
365 | * [Black Hat](http://www.blackhat.com/) - An annual security conference in Las Vegas
366 | * [BSides](http://www.securitybsides.com/) - A framework for organising and holding security conferences
367 | * [CCC](https://events.ccc.de/congress/) - An annual meeting of the international hacker scene in Germany
368 | * [DerbyCon](https://www.derbycon.com/) - An annual hacker conference based in Louisville
369 | * [PhreakNIC](http://phreaknic.info/) - A technology conference held annually in middle Tennessee
370 | * [ShmooCon](http://shmoocon.org/) - An annual US east coast hacker convention
371 | * [CarolinaCon](http://www.carolinacon.org/) - An infosec conference, held annually in North Carolina
372 | * [CHCon](https://chcon.nz) - Christchurch Hacker Con, Only South Island of New Zealand hacker con
373 | * [SummerCon](http://www.summercon.org/) - One of the oldest hacker conventions, held during Summer
374 | * [Hack.lu](https://2016.hack.lu/) - An annual conference held in Luxembourg
375 | * [HITB](https://conference.hitb.org/) - Deep-knowledge security conference held in Malaysia and The Netherlands
376 | * [Troopers](https://www.troopers.de) - Annual international IT Security event with workshops held in Heidelberg, Germany
377 | * [Hack3rCon](http://hack3rcon.org/) - An annual US hacker conference
378 | * [ThotCon](http://thotcon.org/) - An annual US hacker conference held in Chicago
379 | * [LayerOne](http://www.layerone.org/) - An annual US security conference held every spring in Los Angeles
380 | * [DeepSec](https://deepsec.net/) - Security Conference in Vienna, Austria
381 | * [SkyDogCon](http://www.skydogcon.com/) - A technology conference in Nashville
382 | * [SECUINSIDE](http://secuinside.com) - Security Conference in [Seoul](https://en.wikipedia.org/wiki/Seoul)
383 | * [DefCamp](http://def.camp/) - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania
384 | * [AppSecUSA](https://appsecusa.org/) - An annual conference organised by OWASP
385 | * [BruCON](http://brucon.org) - An annual security conference in Belgium
386 | * [Infosecurity Europe](http://www.infosecurityeurope.com/) - Europe's number one information security event, held in London, UK
387 | * [Nullcon](http://nullcon.net/website/) - An annual conference in Delhi and Goa, India
388 | * [RSA Conference USA](https://www.rsaconference.com/) - An annual security conference in San Francisco, California, USA
389 | * [Swiss Cyber Storm](https://www.swisscyberstorm.com/) - An annual security conference in Lucerne, Switzerland
390 | * [Virus Bulletin Conference](https://www.virusbulletin.com/conference/index) - An annual conference going to be held in Denver, USA for 2016
391 | * [Ekoparty](http://www.ekoparty.org) - Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina
392 | * [44Con](https://44con.com/) - Annual Security Conference held in London
393 | * [BalCCon](https://www.balccon.org) - Balkan Computer Congress, annualy held in Novi Sad, Serbia
394 | * [FSec](http://fsec.foi.hr) - FSec - Croatian Information Security Gathering in Varaždin, Croatia
395 | 
396 | ### Information Security Magazines
397 | * [2600: The Hacker Quarterly](https://www.2600.com/Magazine/DigitalEditions) - An American publication about technology and computer "underground"
398 | * [Phrack Magazine](http://www.phrack.org/) - By far the longest running hacker zine
399 | 
400 | ### Awesome Lists
401 | * [Kali Linux Tools](http://tools.kali.org/tools-listing) - List of tools present in Kali Linux
402 | * [SecTools](http://sectools.org/) - Top 125 Network Security Tools
403 | * [C/C++ Programming](https://github.com/fffaraz/awesome-cpp) - One of the main language for open source security tools
404 | * [.NET Programming](https://github.com/quozd/awesome-dotnet) - A software framework for Microsoft Windows platform development
405 | * [Shell Scripting](https://github.com/alebcay/awesome-shell) - Command-line frameworks, toolkits, guides and gizmos
406 | * [Ruby Programming by @dreikanter](https://github.com/dreikanter/ruby-bookmarks) - The de-facto language for writing exploits
407 | * [Ruby Programming by @markets](https://github.com/markets/awesome-ruby) - The de-facto language for writing exploits
408 | * [Ruby Programming by @Sdogruyol](https://github.com/Sdogruyol/awesome-ruby) - The de-facto language for writing exploits
409 | * [JavaScript Programming](https://github.com/sorrycc/awesome-javascript) - In-browser development and scripting
410 | * [Node.js Programming by @sindresorhus](https://github.com/sindresorhus/awesome-nodejs) - A curated list of delightful Node.js packages and resources
411 | * [Python tools for penetration testers](https://github.com/dloss/python-pentest-tools) - Lots of pentesting tools are written in Python
412 | * [Python Programming by @svaksha](https://github.com/svaksha/pythonidae) - General Python programming
413 | * [Python Programming by @vinta](https://github.com/vinta/awesome-python) - General Python programming
414 | * [Android Security](https://github.com/ashishb/android-security-awesome) - A collection of android security related resources
415 | * [Awesome Awesomness](https://github.com/bayandin/awesome-awesomeness) - The List of the Lists
416 | * [AppSec](https://github.com/paragonie/awesome-appsec) - Resources for learning about application security
417 | * [CTFs](https://github.com/apsdehal/awesome-ctf) - Capture The Flag frameworks, libraries, etc
418 | * [Hacking](https://github.com/carpedm20/awesome-hacking) - Tutorials, tools, and resources
419 | * [Honeypots](https://github.com/paralax/awesome-honeypots) - Honeypots, tools, components, and more
420 | * [Infosec](https://github.com/onlurking/awesome-infosec) - Information security resources for pentesting, forensics, and more
421 | * [Malware Analysis](https://github.com/rshipp/awesome-malware-analysis) - Tools and resources for analysts
422 | * [PCAP Tools](https://github.com/caesar0301/awesome-pcaptools) - Tools for processing network traffic
423 | * [Security](https://github.com/sbilly/awesome-security) - Software, libraries, documents, and other resources
424 | * [Awesome List](https://github.com/sindresorhus/awesome) - A curated list of awesome lists
425 | * [SecLists](https://github.com/danielmiessler/SecLists) - Collection of multiple types of lists used during security assessments
426 | * [Security Talks](https://github.com/PaulSec/awesome-sec-talks) - A curated list of security conferences
427 | 
428 | ### Contribution
429 | Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕). Please check the [Contributing Guidelines](.github/CONTRIBUTING.md) for more details.
430 | 
431 | ### License
432 | 
433 | [![Creative Commons License](http://i.creativecommons.org/l/by/4.0/88x31.png)](https://creativecommons.org/licenses/by/4.0/)
434 | 
435 | This work is licensed under a [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/)
436 | 


--------------------------------------------------------------------------------