└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # Practical Cyber Security Resources 🌟 2 | 3 | This repository contains a curated list of resources I suggest on LinkedIn and Twitter.πŸ“πŸŒ I hope you find it useful.🌸😌 4 | 5 | In addition, other platforms where you can connect with me for articles, repositories, and more that I will publish in the new year; 6 | 7 | - https://www.linkedin.com/in/brcyrr/ 8 | 9 | - https://twitter.com/brcyrr 10 | 11 | - https://medium.com/@brcyrr 12 | 13 | ### Contents 14 | 15 | - [Pentest General Resources](https://github.com/brcyrr/PracticalCyberSecurityResources#pentest-general-resources-) 16 | - [Web Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#web-pentest-) 17 | - [Mobile Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#mobile-pentest-) 18 | - [Cloud Security & Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#cloud-security--pentest-) 19 | - [Bug Bounty](https://github.com/brcyrr/PracticalCyberSecurityResources#bug-bounty-) 20 | - [OSINT & Google Dorks](https://github.com/brcyrr/PracticalCyberSecurityResources#osint--google-dorks-) 21 | - [API Security & Pentest](https://github.com/brcyrr/PracticalCyberSecurityResources#api-security--pentest-) 22 | - [Active Directory](https://github.com/brcyrr/PracticalCyberSecurityResources#active-directory-) 23 | - [Red Teaming](https://github.com/brcyrr/PracticalCyberSecurityResources#red-teaming-) 24 | - [Exploit Development](https://github.com/brcyrr/PracticalCyberSecurityResources#exploit-development-) 25 | - [AppSec & Code Review](https://github.com/brcyrr/PracticalCyberSecurityResources#appsec--code-review-) 26 | - [DevSecOps](https://github.com/brcyrr/PracticalCyberSecurityResources#devsecops-) 27 | - [CTFs & Writeups](https://github.com/brcyrr/PracticalCyberSecurityResources#ctfs--writeups-) 28 | - [Social Engineering](https://github.com/brcyrr/PracticalCyberSecurityResources#social-engineering-) 29 | - [Certifications](https://github.com/brcyrr/PracticalCyberSecurityResources#certifications-) 30 | - [Roadmaps](https://github.com/brcyrr/PracticalCyberSecurityResources#roadmaps-) 31 | - [Security Architecture](https://github.com/brcyrr/PracticalCyberSecurityResources#security-architecture-) 32 | - [IoT Security](https://github.com/brcyrr/PracticalCyberSecurityResources#iot-security-) 33 | - [Container Security](https://github.com/brcyrr/PracticalCyberSecurityResources#container-security-) 34 | - [Blockchain Security](https://github.com/brcyrr/PracticalCyberSecurityResources#blockchain-security-) 35 | - [Threat Modelling](https://github.com/brcyrr/PracticalCyberSecurityResources#threat-modelling-) 36 | - [General Resources](https://github.com/brcyrr/PracticalCyberSecurityResources#general-resources-) 37 | 38 | 39 | Happy huntingβ—οΈπŸ‘» 40 | 41 | 42 | ## Pentest General Resources πŸ“ 43 | 44 | - [https://github.com/enaqx/awesome-pentest](https://github.com/enaqx/awesome-pentest) 45 | 46 | - [https://blog.compass-security.com/2019/10/hacking-tools-cheat-sheet/](https://blog.compass-security.com/2019/10/hacking-tools-cheat-sheet/) 47 | 48 | - [https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets](https://www.ired.team/offensive-security-experiments/offensive-security-cheetsheets) 49 | 50 | - [https://github.com/Hack-with-Github/Awesome-Hacking](https://github.com/Hack-with-Github/Awesome-Hacking) 51 | 52 | - [https://github.com/juliocesarfort/public-pentesting-reports](https://github.com/juliocesarfort/public-pentesting-reports) 53 | 54 | - [https://github.com/vlakhani28/Cyber-Security-Resources](https://github.com/vlakhani28/Cyber-Security-Resources) 55 | 56 | - [https://github.com/wtsxDev/Penetration-Testing](https://github.com/wtsxDev/Penetration-Testing) 57 | 58 | - [https://github.com/wwong99/pentest-notes](https://github.com/wwong99/pentest-notes) 59 | 60 | - [https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets](https://github.com/Kitsun3Sec/Pentest-Cheat-Sheets) 61 | 62 | - [https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources](https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources) 63 | 64 | - [https://github.com/Samsar4/Ethical-Hacking-Labs](https://github.com/Samsar4/Ethical-Hacking-Labs) 65 | 66 | - [https://github.com/swisskyrepo/PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) 67 | 68 | - [https://github.com/netbiosX/Checklists](https://github.com/netbiosX/Checklists) 69 | 70 | - [https://hariprasaanth.notion.site/hariprasaanth/THICK-CLIENT-PENTESTING-CHECKLIST-35c6803f26eb4c9d89ba7f5fdc901fb0](https://www.notion.so/35c6803f26eb4c9d89ba7f5fdc901fb0) 71 | 72 | - [https://github.com/SubediBibek-cmd/awesome-network-security](https://github.com/SubediBibek-cmd/awesome-network-security) 73 | 74 | - [https://github.com/carpedm20/awesome-hacking](https://github.com/carpedm20/awesome-hacking) 75 | 76 | - [https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE](https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE) 77 | 78 | - [https://www.lifars.com/knowledge-center/python-penetration-testing-cheat-sheet/](https://www.lifars.com/knowledge-center/python-penetration-testing-cheat-sheet/) 79 | 80 | - [https://github.com/purabparihar/Infrastructure-Pentesting-Checklist](https://github.com/purabparihar/Infrastructure-Pentesting-Checklist) 81 | 82 | - [https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap](https://github.com/Orange-Cyberdefense/arsenal/tree/master/mindmap) 83 | 84 | - [https://github.com/RafaelFunchal/wordpress-security-checklist/blob/master/items.md](https://github.com/RafaelFunchal/wordpress-security-checklist/blob/master/items.md) 85 | 86 | - https://viperone.gitbook.io/pentest-everything/ 87 | 88 | - https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 89 | 90 | 91 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 92 | 93 | 94 | ## Web Pentest πŸ“ 95 | 96 | - [https://pentestbook.six2dez.com/others/web-checklist](https://pentestbook.six2dez.com/others/web-checklist) 97 | 98 | - [https://github.com/Ignitetechnologies/Web-Application-Cheatsheet](https://github.com/Ignitetechnologies/Web-Application-Cheatsheet) 99 | 100 | - [https://infosecwriteups.com/serialization-deserialization-attacks-on-php-d5fb02e29248](https://infosecwriteups.com/serialization-deserialization-attacks-on-php-d5fb02e29248) 101 | 102 | - [https://github.com/infoslack/awesome-web-hacking](https://github.com/infoslack/awesome-web-hacking) 103 | 104 | - [https://github.com/qazbnm456/awesome-web-security](https://github.com/qazbnm456/awesome-web-security) 105 | 106 | - [https://github.com/5bhuv4n35h/pentestmindmap/blob/master/web_application_penetration_testing.png](https://github.com/5bhuv4n35h/pentestmindmap/blob/master/web_application_penetration_testing.png) 107 | 108 | - [https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/](https://guidesmiths.github.io/cybersecurity-handbook/attacks_explained/) 109 | 110 | - [https://github.com/dhaval17/awsome-security-write-ups-and-POCs](https://github.com/dhaval17/awsome-security-write-ups-and-POCs) 111 | 112 | - [https://hariprasaanth.notion.site/hariprasaanth/WEB-APPLICATION-PENTESTING-CHECKLIST-0f02d8074b9d4af7b12b8da2d46ac998](https://www.notion.so/0f02d8074b9d4af7b12b8da2d46ac998) 113 | 114 | - https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6 115 | 116 | 117 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 118 | 119 | 120 | ## Mobile Pentest πŸ“ 121 | 122 | - [https://0xn3va.gitbook.io/cheat-sheets/](https://0xn3va.gitbook.io/cheat-sheets/) 123 | 124 | - [https://github.com/muellerberndt/android_app_security_checklist](https://github.com/muellerberndt/android_app_security_checklist) 125 | 126 | - [https://medium.com/vakifbank-teknoloji/android-application-security-penetration-tests-1-2da29240093d](https://medium.com/vakifbank-teknoloji/android-application-security-penetration-tests-1-2da29240093d) 127 | 128 | - [https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet](https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet) 129 | 130 | - [https://github.com/vaib25vicky/awesome-mobile-security](https://github.com/vaib25vicky/awesome-mobile-security) 131 | 132 | 133 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 134 | 135 | 136 | ## Cloud Security & Pentest πŸ“ 137 | 138 | - [https://github.com/dafthack/CloudPentestCheatsheets](https://github.com/dafthack/CloudPentestCheatsheets) 139 | 140 | - [https://github.com/TROUBLE-1/Cloud-Pentesting/blob/main/Note %26 Mind Map/Cloud Pentesting/Attacking Cloud.pdf](https://github.com/TROUBLE-1/Cloud-Pentesting/blob/main/Note%20%26%20Mind%20Map/Cloud%20Pentesting/Attacking%20Cloud.pdf) 141 | 142 | - [https://raw.githubusercontent.com/5bhuv4n35h/pentestmindmap/master/cloud_penetration_testing.png](https://raw.githubusercontent.com/5bhuv4n35h/pentestmindmap/master/cloud_penetration_testing.png) 143 | 144 | - [https://github.com/six2dez/pentest-book/tree/master/enumeration/cloud](https://github.com/six2dez/pentest-book/tree/master/enumeration/cloud) 145 | 146 | - [https://github.com/Funkmyster/awesome-cloud-security](https://github.com/Funkmyster/awesome-cloud-security) 147 | 148 | - [https://github.com/4ndersonLin/awesome-cloud-security](https://github.com/4ndersonLin/awesome-cloud-security) 149 | 150 | - [https://github.com/aquasecurity/cloud-security-remediation-guides](https://github.com/aquasecurity/cloud-security-remediation-guides) 151 | 152 | 153 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 154 | 155 | 156 | ## Bug Bounty πŸ“ 157 | 158 | - [https://bugbountyforum.com/tools/recon/](https://bugbountyforum.com/tools/recon/) 159 | 160 | - [https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65](https://infosecwriteups.com/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65) 161 | 162 | - [https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2](https://infosecsanyam.medium.com/bug-bounty-methodology-ttp-tactics-techniques-and-procedures-v-2-0-2ccd9d7eb2e2) 163 | 164 | - [https://github.com/djadmin/awesome-bug-bounty#write-ups--authors](https://github.com/djadmin/awesome-bug-bounty#write-ups--authors) 165 | 166 | - [https://github.com/bobby-lin/study-bug-bounty](https://github.com/bobby-lin/study-bug-bounty) 167 | 168 | - [https://github.com/hahwul/WebHackersWeapons](https://github.com/hahwul/WebHackersWeapons) 169 | 170 | - [https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md](https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md) 171 | 172 | - [https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters) 173 | 174 | - [https://bughacking.com/best-bug-bounty-platforms/](https://bughacking.com/best-bug-bounty-platforms/) 175 | 176 | - [https://github.com/tuhin1729/Bug-Bounty-Methodology](https://github.com/tuhin1729/Bug-Bounty-Methodology) 177 | 178 | - [https://github.com/daffainfo/AllAboutBugBounty](https://github.com/daffainfo/AllAboutBugBounty) 179 | 180 | - [https://www.infosecmatter.com/bug-bounty-tips-1/](https://www.infosecmatter.com/bug-bounty-tips-1/) 181 | 182 | - [https://www.infosecmatter.com/bug-bounty-tips-2-jun-30/](https://www.infosecmatter.com/bug-bounty-tips-2-jun-30/) 183 | 184 | - [https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md](https://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md) 185 | 186 | - [https://gowsundar.gitbook.io/book-of-bugbounty-tips/](https://gowsundar.gitbook.io/book-of-bugbounty-tips/) 187 | 188 | - [https://github.com/Neelakandan-A/BugBounty_CheatSheet](https://github.com/Neelakandan-A/BugBounty_CheatSheet) 189 | 190 | - [https://github.com/vavkamil/awesome-bugbounty-tools](https://github.com/vavkamil/awesome-bugbounty-tools) 191 | 192 | - [https://github.com/ngalongc/bug-bounty-reference](https://github.com/ngalongc/bug-bounty-reference) 193 | 194 | - [https://github.com/YaS5in3/Bug-Bounty-Wordlists](https://github.com/YaS5in3/Bug-Bounty-Wordlists) 195 | 196 | - [https://mokhansec.medium.com/what-would-i-do-if-i-start-bug-hunting-from-0-again-79c7fa78b789](https://mokhansec.medium.com/what-would-i-do-if-i-start-bug-hunting-from-0-again-79c7fa78b789) 197 | 198 | - [https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248](https://bbinfosec.medium.com/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248) 199 | 200 | - https://github.com/imran-parray/Mind-Maps/blob/master/Recon%20-%20Imran%20parray/My-recon.png 201 | 202 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 203 | 204 | 205 | ## OSINT & Google Dorks πŸ“ 206 | 207 | - [https://github.com/jivoi/awesome-osint](https://github.com/jivoi/awesome-osint) 208 | 209 | - [https://github.com/TheBurnsy/Vehicle-OSINT-Collection](https://github.com/TheBurnsy/Vehicle-OSINT-Collection) 210 | 211 | - [https://blog.blockmagnates.com/open-source-intelligence-osint-996c8d2db362](https://blog.blockmagnates.com/open-source-intelligence-osint-996c8d2db362) 212 | 213 | - [https://cyb3r.gitbook.io/pentest-journey/open-source-intelligence-osint-fundamentals/osint-flowcharts](https://cyb3r.gitbook.io/pentest-journey/open-source-intelligence-osint-fundamentals/osint-flowcharts) 214 | 215 | - [https://www.bruceclay.com/blog/bing-google-advanced-search-operators/](https://www.bruceclay.com/blog/bing-google-advanced-search-operators/) 216 | 217 | - [https://www.hackthebox.com/blog/What-Is-Google-Dorking](https://www.hackthebox.com/blog/What-Is-Google-Dorking) 218 | 219 | - [https://dnsdumpster.com/footprinting-reconnaissance/](https://dnsdumpster.com/footprinting-reconnaissance/) 220 | 221 | - [https://github.com/redhuntlabs/Awesome-Asset-Discovery](https://github.com/redhuntlabs/Awesome-Asset-Discovery) 222 | 223 | - [https://github.com/Proviesec/google-dorks](https://github.com/Proviesec/google-dorks) 224 | 225 | 226 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 227 | 228 | 229 | ## API Security & Pentest πŸ“ 230 | 231 | - [https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API Pentesting Mindmap.png](https://raw.githubusercontent.com/cyprosecurity/API-SecurityEmpire/main/assets/API%20Pentesting%20Mindmap.png) 232 | 233 | - [https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API Pentesting Mindmap ATTACK.pdf](https://github.com/cyprosecurity/API-SecurityEmpire/blob/main/assets/API%20Pentesting%20Mindmap%20ATTACK.pdf) 234 | 235 | - [https://github.com/shieldfy/API-Security-Checklist](https://github.com/shieldfy/API-Security-Checklist) 236 | 237 | - [https://github.com/erev0s/VAmPI](https://github.com/erev0s/VAmPI) 238 | 239 | - [https://github.com/roottusk/vapi](https://github.com/roottusk/vapi) 240 | 241 | - [https://danaepp.com/beginners-guide-to-api-hacking](https://danaepp.com/beginners-guide-to-api-hacking) 242 | 243 | - [https://bughunters.google.com/learn/presentations/5783688075542528/android-app-hacking-workshop](https://bughunters.google.com/learn/presentations/5783688075542528/android-app-hacking-workshop) 244 | 245 | - [https://www.virtuesecurity.com/api-penetration-testing/](https://www.virtuesecurity.com/api-penetration-testing/) 246 | 247 | - [https://university.apisec.ai/](https://university.apisec.ai/) 248 | 249 | 250 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 251 | 252 | 253 | ## Active Directory πŸ“ 254 | 255 | - [https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/](https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/) 256 | 257 | - [https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet](https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet) 258 | 259 | - [https://blog.spookysec.net/ad-lab-1/](https://blog.spookysec.net/ad-lab-1/) 260 | 261 | - [https://blog.spookysec.net/ad-lab-2/](https://blog.spookysec.net/ad-lab-2/) 262 | 263 | - [https://github.com/WazeHell/vulnerable-AD](https://github.com/WazeHell/vulnerable-AD) 264 | 265 | 266 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 267 | 268 | 269 | ## Red Teaming πŸ“ 270 | 271 | - [https://github.com/yeyintminthuhtut/Awesome-Red-Teaming](https://github.com/yeyintminthuhtut/Awesome-Red-Teaming) 272 | 273 | - [https://github.com/infosecn1nja/Red-Teaming-Toolkit](https://github.com/infosecn1nja/Red-Teaming-Toolkit) 274 | 275 | - [https://github.com/0xJs/RedTeaming_CheatSheet](https://github.com/0xJs/RedTeaming_CheatSheet) 276 | 277 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 278 | 279 | 280 | 281 | ## Exploit Development πŸ“ 282 | 283 | - [https://github.com/FabioBaroni/awesome-exploit-development](https://github.com/FabioBaroni/awesome-exploit-development) 284 | 285 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 286 | 287 | 288 | ## AppSec & Code Review πŸ“ 289 | 290 | - [https://wehackpurple.com/blogs/page/2/](https://wehackpurple.com/blogs/page/2/) 291 | 292 | - [https://wehackpurple.com/blogs/page/3/](https://wehackpurple.com/blogs/page/3/) 293 | 294 | - [https://wehackpurple.com/blogs/page/4/](https://wehackpurple.com/blogs/page/4/) 295 | 296 | - [https://google.github.io/eng-practices/review/](https://google.github.io/eng-practices/review/) 297 | 298 | - [https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist](https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist) 299 | 300 | - [https://github.com/paragonie/awesome-appsec](https://github.com/paragonie/awesome-appsec) 301 | 302 | - [https://erdemstar08.medium.com/source-code-scan-7448df9a1358](https://erdemstar08.medium.com/source-code-scan-7448df9a1358) 303 | 304 | - [https://erdemstar08.medium.com/java-source-code-scanning-with-maven-fortify-4514b61696b6](https://erdemstar08.medium.com/java-source-code-scanning-with-maven-fortify-4514b61696b6) 305 | 306 | - [https://erdemstar08.medium.com/ios-source-code-scanning-fortify-b0cca71ab519](https://erdemstar08.medium.com/ios-source-code-scanning-fortify-b0cca71ab519) 307 | 308 | - [https://erdemstar08.medium.com/android-source-code-scanning-fortify-f218df889eeb](https://erdemstar08.medium.com/android-source-code-scanning-fortify-f218df889eeb) 309 | 310 | - [https://erdemstar08.medium.com/code-scan-with-sast-net-framework-4-8-876d42673c72](https://erdemstar08.medium.com/code-scan-with-sast-net-framework-4-8-876d42673c72) 311 | 312 | - [https://erdemstar08.medium.com/code-scan-with-sast-net-core-3-49cb8c742ecc](https://erdemstar08.medium.com/code-scan-with-sast-net-core-3-49cb8c742ecc) 313 | 314 | 315 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 316 | 317 | 318 | ## DevSecOps πŸ“ 319 | 320 | - [https://github.com/sottlmarek/DevSecOps](https://github.com/sottlmarek/DevSecOps) 321 | 322 | - [https://github.com/hahwul/DevSecOps](https://github.com/hahwul/DevSecOps) 323 | 324 | - [https://github.com/magnologan/awesome-k8s-security](https://github.com/magnologan/awesome-k8s-security) 325 | 326 | - [https://github.com/TaptuIT/awesome-devsecops](https://github.com/TaptuIT/awesome-devsecops) 327 | 328 | - https://github.com/We5ter/Awesome-DevSecOps-Platforms 329 | 330 | 331 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 332 | 333 | 334 | ## CTFs & Writeups πŸ“ 335 | 336 | - [https://bitvijays.github.io/LFC-VulnerableMachines.html#ctf-series-vulnerable-machines](https://bitvijays.github.io/LFC-VulnerableMachines.html#ctf-series-vulnerable-machines) 337 | 338 | - [https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/](https://uppusaikiran.github.io/hacking/Capture-the-Flag-CheatSheet/) 339 | 340 | - [https://htbmachines.github.io/](https://htbmachines.github.io/) 341 | 342 | - [https://github.com/Crypto-Cat/CTF](https://github.com/Crypto-Cat/CTF) 343 | 344 | 345 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 346 | 347 | 348 | ## Social Engineering πŸ“ 349 | 350 | - [https://github.com/v2-dev/awesome-social-engineering](https://github.com/v2-dev/awesome-social-engineering) 351 | 352 | 353 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 354 | 355 | 356 | ## Certifications πŸ“ 357 | 358 | - [https://brcyrr.medium.com/recommendations-of-oscp-433a08c86f27](https://brcyrr.medium.com/recommendations-of-oscp-433a08c86f27) 359 | 360 | - [https://areyou1or0.it/index.php/2021/02/10/finally-oscp-may-the-force-be-with-you/](https://areyou1or0.it/index.php/2021/02/10/finally-oscp-may-the-force-be-with-you/) 361 | 362 | - [https://brcyrr.medium.com/recommendations-review-of-emapt-819e72a27f06](https://brcyrr.medium.com/recommendations-review-of-emapt-819e72a27f06) 363 | 364 | - [http://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab.html](http://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab.html) 365 | 366 | - [https://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab-part-2.html](https://www.mannulinux.org/2022/07/covenant-c2-for-oscp-ad-lab-part-2.html) 367 | 368 | - [https://brcyrr.medium.com/recommendations-review-of-ewptxv2-66a114e450db](https://brcyrr.medium.com/recommendations-review-of-ewptxv2-66a114e450db) 369 | 370 | - [https://brcyrr.medium.com/recommendations-of-oswp-c14ab45ae491](https://brcyrr.medium.com/recommendations-of-oswp-c14ab45ae491) 371 | 372 | - [https://github.com/brcyrr/OSWP](https://github.com/brcyrr/OSWP) 373 | 374 | - [https://twitter.com/Shubham_pen/status/1537657538795085824](https://twitter.com/Shubham_pen/status/1537657538795085824) 375 | 376 | 377 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 378 | 379 | 380 | ## Roadmaps πŸ“ 381 | 382 | - [https://medium.com/@rezaduty/web-penetration-testing-roadmap-4e7bb9edf23b](https://medium.com/@rezaduty/web-penetration-testing-roadmap-4e7bb9edf23b) 383 | 384 | - [https://medium.com/@rezaduty/mobile-penetration-tester-roadmap-f2ec9bd68dcf](https://medium.com/@rezaduty/mobile-penetration-tester-roadmap-f2ec9bd68dcf) 385 | 386 | - [https://github.com/rezaduty/cybersecurity-career-path](https://github.com/rezaduty/cybersecurity-career-path) 387 | 388 | - [https://github.com/CyberSecurityUP/PenTest-Certifications-Roadmap](https://github.com/CyberSecurityUP/PenTest-Certifications-Roadmap) 389 | 390 | 391 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 392 | 393 | 394 | ## Security Architecture πŸ“ 395 | 396 | - [https://zeltser.com/security-architecture-cheat-sheet/](https://zeltser.com/security-architecture-cheat-sheet/) 397 | 398 | 399 | 400 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 401 | 402 | 403 | ## IoT Security πŸ“ 404 | 405 | - [https://github.com/V33RU/IoTSecurity101](https://github.com/V33RU/IoTSecurity101) 406 | 407 | - https://github.com/nebgnahz/awesome-iot-hacks 408 | 409 | 410 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 411 | 412 | 413 | ## Container Security πŸ“ 414 | 415 | - https://github.com/krol3/container-security-checklist 416 | 417 | 418 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 419 | 420 | 421 | ## Blockchain Security πŸ“ 422 | 423 | - https://github.com/xxxeyJ/Awesome-Blockchain-Security 424 | 425 | 426 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 427 | 428 | 429 | ## Threat Modelling πŸ“ 430 | 431 | - https://github.com/hysnsec/awesome-threat-modelling 432 | 433 | 434 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 435 | 436 | 437 | ## General Resources πŸ“ 438 | 439 | - [https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/](https://danielmiessler.com/blog/the-difference-between-a-penetration-test-and-a-red-team-engagement/) 440 | 441 | - [https://kalitut.com/](https://kalitut.com/) 442 | 443 | - [https://hackermovie.club/](https://hackermovie.club/) 444 | 445 | - [https://github.com/PaulSec/awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) 446 | 447 | - [https://zeltser.com/information-security/](https://zeltser.com/information-security/) 448 | 449 | - [https://infosecwriteups.com/finding-of-directory-path-in-linux-820be9ae759b](https://infosecwriteups.com/finding-of-directory-path-in-linux-820be9ae759b) 450 | 451 | - [https://cybersecuritybase.mooc.fi/](https://cybersecuritybase.mooc.fi/) 452 | 453 | - [https://www.cyberseek.org/pathway.html](https://www.cyberseek.org/pathway.html) 454 | 455 | - [http://dfir.org/?q=node/8](http://dfir.org/?q=node/8) 456 | 457 | 458 | 459 | 460 | 461 | 462 | 463 | 464 | 465 | 466 | 467 | 468 | 469 | 470 | 471 | 472 | 473 | 474 | 475 | 476 | 477 | 478 | 479 | 480 | 481 | 482 | 483 | 484 | 485 | 486 | 487 | 488 | 489 | 490 | 491 | 492 | 493 | 494 | 495 | 496 | 497 | 498 | 499 | 500 | 501 | 502 | 503 | --------------------------------------------------------------------------------