├── Awesome-list.md ├── README.md ├── Privacy.md ├── gpg-cheatsheet.md ├── Crypto.md ├── openssl-cheatsheet.md ├── OSINT.md └── Security.md /Awesome-list.md: -------------------------------------------------------------------------------- 1 | # List Of Awesome-XXX list 2 | 3 | * Car Security : https://github.com/jaredthecoder/awesome-vehicle-security/blob/master/README.md 4 | * Multiple domains : https://github.com/sindresorhus/awesome 5 | * Security : https://github.com/sbilly/awesome-security 6 | * Pentest : https://github.com/enaqx/awesome-pentest 7 | * Malware : https://github.com/rshipp/awesome-malware-analysis 8 | * Threat Intelligence : https://github.com/hslatman/awesome-threat-intelligence 9 | * OSINT : https://github.com/jivoi/awesome-osint 10 | * DevOps : https://github.com/AcalephStorage/awesome-devops 11 | * K8S : https://github.com/ramitsurana/awesome-kubernetes 12 | * Docker : https://github.com/veggiemonk/awesome-docker 13 | * Flask : https://github.com/humiaozuzu/awesome-flask 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # WARNING! This repo is no longer maintained. Go here for an updated version: https://gitlab.com/tzkuat/Ressources 2 | 3 | # A list of several resources on different areas such as security, OSINT, DevOps, etc. 4 | 5 | This list is composed of tools that I use or have used and is not intended to become an "Awesome-xxx" type list. 6 | 7 | ## Disponible resources : 8 | 9 | * [OSINT](https://github.com/tzkuat/Ressources/blob/master/OSINT.md) 10 | * [Security](https://github.com/tzkuat/Ressources/blob/master/Security.md) 11 | * [Privacy](https://github.com/tzkuat/Ressources/blob/master/Privacy.md) 12 | * [Awesome List](https://github.com/tzkuat/Ressources/blob/master/Awesome-list.md) 13 | * [Cryptography](https://github.com/tzkuat/Ressources/blob/master/Crypto.md) 14 | 15 | ## Cheat Sheet : 16 | 17 | * [GnuPG](https://github.com/tzkuat/Ressources/blob/master/gpg-cheatsheet.md) 18 | * [OpenSSL](https://github.com/tzkuat/Ressources/blob/master/openssl-cheatsheet.md) 19 | -------------------------------------------------------------------------------- /Privacy.md: -------------------------------------------------------------------------------- 1 | +++ 2 | title = "Privacy" 3 | date = "2019-12-13" 4 | menu = "main" 5 | +++ 6 | 7 | # Privacy Resources 8 | 9 | ## Search Engine 10 | * Qwant : https://qwant.com 11 | * DuckDuckGo : https://duckduckgo.com 12 | * Startpage : https://www.startpage.com/ 13 | 14 | ## Tools / OS 15 | * Tor Network : https://www.torproject.org/ 16 | * Tails OS : https://tails.boum.org/ 17 | * QubeOS : https://www.qubes-os.org/ 18 | * ProtonVPN : https://protonvpn.com/ 19 | * AdBlockPlus : https://adblockplus.org/ 20 | * Ublock Origin : https://ublock.org/ 21 | * Privacy Badger : https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/ 22 | * NoScript : https://noscript.net/ 23 | * Kalitorify : https://net-security.fr/security/proxy-tor-sur-kali-linux/ 24 | * Pi Hole : https://pi-hole.net/ 25 | * GPG : https://gnupg.orgg 26 | 27 | And almost all Linux distributions are to be preferred to Windows (Debian, Ubuntu, Mint, Kali, etc.). 28 | 29 | ## Messaging / Mail 30 | * Signal App : https://signal.org/fr/ 31 | * Telegram : https://telegram.org/ 32 | * Wire : https://app.wire.com/ 33 | * ProtonMail : https://protonmail.com/ 34 | * Mattermost : https://mattermost.com/ 35 | * Tutanota : https://tutanota.com 36 | 37 | ## Navigator 38 | * Firefox : https://www.mozilla.org/fr/firefox/ 39 | * Brave : https://brave.com/fr/ 40 | * Tor Browser : https://www.torproject.org/download/ 41 | 42 | ## Resources 43 | * De-google-ify Internet : https://degooglisons-internet.org/en/ 44 | * EFF : https://www.eff.org/ 45 | * SSD EDD : https://ssd.eff.org/ 46 | 47 | -------------------------------------------------------------------------------- /gpg-cheatsheet.md: -------------------------------------------------------------------------------- 1 | # GPG Cheat Sheet 2 | 3 | More information : 4 | * [Net-Security GPG Cheat-Sheet](https://net-security.fr/security/gnupg-introduction-cheat-sheet/) 5 | * [The GNU Privacy Guard](https://gnupg.org/) 6 | 7 | ## Summary 8 | * [GPG Linux config file](#Config-file) 9 | * [GPG Linux commands list](#Commands) 10 | 11 | ## Config file 12 | 13 | #### Create gpg.conf 14 | ``` 15 | touch ~/.gnupg/gpg.conf 16 | ``` 17 | 18 | #### Add content 19 | ``` 20 | default-key ID_KEY 21 | 22 | personal-cipher-preferences AES256 AES 3DES 23 | 24 | personal-digest-preferences SHA512 SHA384 SHA256 25 | 26 | personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed 27 | 28 | default-preference-list SHA512 SHA384 SHA256 AES256 AES 3DES ZLIB BZIP2 ZIP Uncompressed 29 | ``` 30 | 31 | ## Commands 32 | 33 | #### Generate GPG key pair with full option 34 | ``` 35 | gpg --full-gen-key 36 | ``` 37 | 38 | #### Generate GPG key pair 39 | ``` 40 | gpg --gen-key 41 | ``` 42 | 43 | #### List key pair 44 | ``` 45 | gpg --list-keys 46 | ``` 47 | 48 | #### List public keys 49 | ``` 50 | gpg -k 51 | ``` 52 | 53 | #### List private keys 54 | ``` 55 | gpg -K 56 | ``` 57 | 58 | #### Find fingerprint 59 | ``` 60 | gpg --fingerprint ID_KEY 61 | ``` 62 | 63 | #### Export public key in a file 64 | ``` 65 | gpg --export --armor ID_KEY > out.key 66 | ``` 67 | 68 | #### Import public key from a file 69 | ``` 70 | gpg --import file.key 71 | ``` 72 | 73 | #### List key pair 74 | ``` 75 | gpg --list-keys 76 | ``` 77 | 78 | #### Export private key in a file 79 | ``` 80 | gpg --export-secret-key -a > out.key 81 | ``` 82 | 83 | #### Import private key from a file 84 | ``` 85 | gpg --import --allow-secret-key-import fichier_cle.key 86 | ``` 87 | 88 | #### Sign a file 89 | ``` 90 | gpg -s -u ID_KEY file 91 | gpg -s file (with default key) 92 | ``` 93 | 94 | #### Encrypt a file 95 | ``` 96 | gpg -r ID_KEY -e -a file 97 | ``` 98 | 99 | #### Encrypt and sign a file 100 | ``` 101 | gpg -s -a -e -u ID_KEY file 102 | ``` 103 | 104 | #### Decrypt a file 105 | ``` 106 | gpg -r ID_KEY -d file 107 | ``` 108 | 109 | #### Verify external signature 110 | ``` 111 | gpg --verify file file_sign 112 | ``` 113 | 114 | #### Verify Signature 115 | ``` 116 | gpg --verify file 117 | ``` 118 | 119 | #### Delete key (public & private) 120 | ``` 121 | gpg --delete-secret-keys ID_KEY 122 | gpg --delete-key ID_KEY 123 | ``` 124 | 125 | #### Find technical information 126 | ``` 127 | gpg --edit-key ID_KEY 128 | ``` 129 | * Verify signature of a key 130 | ``` 131 | > check 132 | ``` 133 | * List preferences 134 | ``` 135 | > pref 136 | > showpref 137 | ``` 138 | 139 | #### Change passphrase of private key 140 | ``` 141 | gpg --edit-key ID_KEY 142 | > passwd 143 | > save 144 | ``` 145 | 146 | #### Sign a public key 147 | ``` 148 | gpg --sign-key ID_KEY_TO_SIGN 149 | ``` 150 | 151 | #### Verify key signature 152 | ``` 153 | gpg --edit-key ID_KEY_ 154 | > check 155 | ``` 156 | -------------------------------------------------------------------------------- /Crypto.md: -------------------------------------------------------------------------------- 1 | +++ 2 | title = "Crypto" 3 | date = "2020-01-29" 4 | menu = "main" 5 | +++ 6 | 7 | # Crypto Resources 8 | 9 | ## Chat (Discord, Slack, etc.) or community (association, group, etc.) 10 | 11 | * Subreddit Crypto : https://www.reddit.com/r/crypto/ 12 | * Subreddit Cryptography : https://www.reddit.com/r/cryptography/ 13 | 14 | ## Introduction 15 | 16 | * Usage of cryptography : https://www.cnil.fr/fr/infographie-les-usages-de-la-cryptographie 17 | * ANSSI : https://www.ssi.gouv.fr/particulier/bonnes-pratiques/crypto-le-webdoc/cryptologie-art-ou-science-du-secret/ 18 | * Diffie-Hellman, RSA, DSA, ECC and ECDSA – Asymmetric Key Algorithms : https://www.ssl2buy.com/wiki/diffie-hellman-rsa-dsa-ecc-and-ecdsa-asymmetric-key-algorithms 19 | * CryptoSensu : https://www.ssi.gouv.fr/particulier/bonnes-pratiques/crypto-le-webdoc/crypto-sensu/ 20 | 21 | ## Tools 22 | 23 | * Cryptool : https://www.cryptool.org/en/ 24 | * SSLLabs : https://www.ssllabs.com/ 25 | * Kleopatra : https://www.openpgp.org/software/kleopatra/ 26 | * OpenSSL : https://www.openssl.org/ 27 | * GnuPG : https://gnupg.org/ 28 | * TestSSL : https://testssl.sh/ 29 | * Cryptcheck : https://tls.imirhil.fr/ 30 | * Dcode : https://www.dcode.fr/ 31 | * Open Source Projet : https://awesomeopensource.com/projects/cryptography 32 | 33 | ## PKI 34 | 35 | * Lemur by Netflix : https://github.com/Netflix/lemur 36 | * EJBCA by PrimeKey : https://www.ejbca.org/ 37 | 38 | ## Resources 39 | 40 | ### SSL/TLS 41 | 42 | * TLS 1.3 Illustration : https://tls13.ulfheim.net/ 43 | * The privacy of the TLS 1.3 protocol : https://eprint.iacr.org/2019/749.pdf 44 | * A study of the TLS ecosystem : https://tel.archives-ouvertes.fr/tel-01454976/document 45 | 46 | ### Algorithm 47 | 48 | * SHA-1 is a Shambles : https://eprint.iacr.org/2020/014.pdf 49 | * From Collisions to Chosen-Prefix CollisionsApplication to Full SHA-1 : https://eprint.iacr.org/2019/459.pdf 50 | * Diffie Hellman : https://medium.com/@antoine.ansel/l-algorithme-d-%C3%A9change-de-cl%C3%A9s-diffie-hellman-6f9681d1418c 51 | * ECC for dummies 1 : https://www.smalsresearch.be/elliptic-curve-cryptography-tutoriel1/ 52 | * ECC for dummies 2 : https://www.smalsresearch.be/elliptic-curve-cryptography-tutoriel2/ 53 | * Elliptic Curve Cryptography OpenSSL Wiki : https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography 54 | * Introduction to Cryptography by Christof Paar : https://www.youtube.com/channel/UC1usFRN4LCMcfIV7UjHNuQg 55 | * RSA Cryptography 1 : https://repo.rm-it.fr/documentation/cryptography/La%20cryptographie%20asymetrique%20-RSA.pdf 56 | * RSA Cryptography 2 : https://repo.rm-it.fr/documentation/cryptography/La%20cryptographie%20asym%c3%a9trique%20avec%20RSA.pdf 57 | 58 | ## Recommendation 59 | 60 | * RGS - ANSSI : https://www.ssi.gouv.fr/uploads/2015/01/RGS_v-2-0_B1.pdf 61 | * Key Recomandation - NIST : https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-57pt1r4.pdf 62 | 63 | ## Other 64 | 65 | * Links Crypto : https://links.rm-it.fr/?searchterm=&searchtags=crypto 66 | 67 | ## Quantum 68 | 69 | * Comprendre informatique quantique : https://repo.rm-it.fr/book/quantum/Comprendre%20Informatique%20Quantique%20Olivier%20Ezratty(2).pdf 70 | * Post-Quantum Authentication in TLS 1.3:A Performance Study : https://eprint.iacr.org/2020/071.pdf 71 | * Tout comprendre en partant de zéro : https://www.institut-pandore.com/physique-quantique/informatique-ordinateur-quantique/ 72 | * Le grand défi du post-quantique : https://connect.ed-diamond.com/MISC/MISCHS-013/Le-grand-defi-du-post-quantique 73 | 74 | 75 | -------------------------------------------------------------------------------- /openssl-cheatsheet.md: -------------------------------------------------------------------------------- 1 | # OpenSSL Cheat Sheet 2 | 3 | More information : 4 | * [Net-Security OpenSSL Cheat-Sheet](https://net-security.fr/security/openssl-formats-cheat-sheet/) 5 | * [Net-Security OpenSSL ECC](https://net-security.fr/security/openssl-ecc/) 6 | * [OpenSSL](https://www.openssl.org/) 7 | 8 | ## Summary 9 | * [Classic Commands](#Classic-Commands) 10 | * [ECC Commands](#ECC-Commands) 11 | 12 | ## Classic Commands 13 | 14 | #### Create RSA private key 15 | ``` 16 | openssl genrsa -out www.example.com.key 2048 17 | ``` 18 | 19 | #### Generate CSR whith new private key 20 | ``` 21 | openssl req -sha256 -nodes -newkey rsa:2048 -keyout www.example.com.key -out www.exempla.com.csr 22 | ``` 23 | 24 | #### Generate CSR whith existent private key 25 | ``` 26 | openssl req -new -sha256 -key www.example.com.key -out www.example.com.csr 27 | ``` 28 | 29 | #### Generate CSR with existant certificate and private key 30 | ``` 31 | openssl x509 -x509toreq -in www.example.com.crt -out www.example.com.csr -signkey www.example.com.key 32 | ``` 33 | 34 | #### Generate sign-auto certificate for 1 year 35 | ``` 36 | openssl req -x509 -newkey rsa:2048 -nodes -keyout www.example.com.key -out www.example.com.crt -days 365 37 | ``` 38 | 39 | #### Print certificate information 40 | ``` 41 | openssl x509 -in certificate.crt -text -noout 42 | ``` 43 | 44 | #### Print CSR information 45 | ``` 46 | openssl req -text -noout -verify -in CSR.csr 47 | ``` 48 | 49 | #### Print private key information 50 | ``` 51 | openssl rsa -noout -text -check -in www.example.com.key 52 | ``` 53 | 54 | #### Print P12 certificate information 55 | ``` 56 | openssl pkcs12 -info -in KEYSTORE.p12 57 | ``` 58 | 59 | #### Print and test certificate in a server 60 | ``` 61 | openssl s_client -connect www.example.com:443 62 | ``` 63 | 64 | #### Print and verify modulus of private key, CSR & certificate with hash of modulus 65 | ``` 66 | openssl x509 -noout -modulus -in www.example.com.crt | openssl sha256 67 | openssl req -noout -modulus -in www.example.com.csr | openssl sha256 68 | openssl rsa -noout -modulus -in www.example.com.key | openssl sha256 69 | ``` 70 | 71 | #### PEM format to P12 format 72 | ``` 73 | openssl pkcs12 -export -inkey private.key -in certificate.crt -certfile chain.pem -out keystore.pfx 74 | ``` 75 | 76 | #### Certifiate and private key in same file (PEM) 77 | ``` 78 | cat cert.crt key.key > pem.pem 79 | ``` 80 | 81 | #### Extract certificate and private key from a P12/PFX 82 | ``` 83 | openssl pkcs12 -in keystore.pfx -out certificate.crt –nokeys 84 | openssl pkcs12 –in keystore.pfx -out key.key -nocerts –nodes 85 | ``` 86 | 87 | #### PKCS8 private key to PKCS1 88 | ``` 89 | openssl rsa -in key.key -out key2.key 90 | ``` 91 | 92 | #### PKCS1 private key to PKCS8 93 | ``` 94 | openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in pkcs1.key -out pkcs8.key 95 | ``` 96 | 97 | #### DER (binary) private key to PEM 98 | ``` 99 | openssl rsa -inform der -in der_key.der -out pem_key.key 100 | ``` 101 | 102 | #### PEM private key to DER 103 | ``` 104 | openssl rsa -inform PEM -outform der -in pem_key.key -out der_key.der 105 | ``` 106 | 107 | #### DER certificate to PEM 108 | ``` 109 | openssl x509 -inform der -in certificateder.cer -out certificatepem.crt 110 | ``` 111 | 112 | #### PEM certificate to DER 113 | ``` 114 | openssl x509 -outform der -in certificatepem.crt -out certificateder.cer 115 | ``` 116 | 117 | ## ECC Commands 118 | 119 | #### List curves 120 | ``` 121 | openssl ecparam -list_curves 122 | ``` 123 | 124 | #### Generate private key 125 | ``` 126 | openssl ecparam -genkey -name prime256v1 -out key.key 127 | ``` 128 | 129 | #### Add passphrase to private key 130 | ``` 131 | openssl ec -in example.key -des3 -out example.key 132 | ``` 133 | 134 | #### Generate CSR 135 | ``` 136 | openssl req -new -sha256 -key example.key -nodes -out example.csr 137 | ``` 138 | 139 | #### Generate certificate 140 | ``` 141 | openssl req -x509 -sha256 -days 365 -key key.pem -in csr.csr -out certificate.pem 142 | ``` 143 | 144 | #### Print public key of private key 145 | ``` 146 | openssl ec -in example.key -pubout 147 | ``` 148 | 149 | #### Print public key of CSR 150 | ``` 151 | openssl req -in example.csr -pubkey -noout 152 | ``` 153 | 154 | #### Print public key of certificate 155 | ``` 156 | openssl x509 -in example.crt -pubkey -noout 157 | ``` 158 | -------------------------------------------------------------------------------- /OSINT.md: -------------------------------------------------------------------------------- 1 | +++ 2 | title = "OSINT" 3 | date = "2019-12-13" 4 | menu = "main" 5 | +++ 6 | 7 | # OSINT Resources 8 | 9 | ## Chat (Discord, Slack, etc.) or community (association, group, etc.) 10 | 11 | * Discord OSINT-FR : https://discordapp.com/invite/E2XDKNc 12 | * Subreddit OSINT : https://www.reddit.com/r/OSINT/ 13 | * Bellingcat : https://www.bellingcat.com/ 14 | * OSINT Curious : https://osintcurio.us/ 15 | * GIJN : https://gijn.org/ 16 | 17 | ## Workflows/Illustrations 18 | 19 | * Email: https://inteltechniques.com/data/Email.png 20 | * Domain: https://inteltechniques.com/data/Domain.png 21 | * Real Name: https://inteltechniques.com/data/Real%20Name.png 22 | * Telephone: https://inteltechniques.com/data/Telephone.png 23 | * Location: https://inteltechniques.com/data/Location.png 24 | * Username: https://inteltechniques.com/data/Username.png 25 | * Image Search Comparison : https://pbs.twimg.com/media/EETsDtaUEAA2H9b.jpg:large 26 | 27 | ## Tools 28 | 29 | * Pipl : https://pipl.com/ 30 | * Check Username : https://checkusernames.com/ 31 | * Been Verified : https://www.beenverified.com/ 32 | * DNS Dumpster : https://dnsdumpster.com/ 33 | * Shodan : https://shodan.io 34 | * ZoomEye : https://www.zoomeye.org.cn/ 35 | * Onyphe : https://onyphe.io 36 | * Censys : https://censys.io/ 37 | * Build With : https://builtwith.com/ 38 | * The Harvester : https://tools.kali.org/information-gathering/theharvester 39 | * Spiderfoot : https://www.spiderfoot.net 40 | * Citadel : https://citadel.pw/ 41 | * Hashes : https://hashes.org/ 42 | * Lookyloo : https://github.com/CIRCL/lookyloo 43 | * Wigle : https://wigle.net/ 44 | * SnapDex : https://www.snapdex.com/ 45 | * Attack Surface Mapper : https://github.com/superhedgy/AttackSurfaceMapper 46 | * Lets Enhance : https://letsenhance.io/ 47 | * Find Subdomain : https://findsubdomains.com/ 48 | * Cross Linked : https://www.kitploit.com/2019/05/crosslinked-linkedin-enumeration-tool.html 49 | * Satellite Data List : https://gisgeography.com/free-satellite-imagery-data-list/ 50 | * Gephi : https://gephi.org/ 51 | * Maltego : https://www.paterva.com/buy/maltego-clients/maltego-ce.php 52 | * People Finder : https://www.peoplefinder.com/ 53 | * Tinfoleak : https://tinfoleak.com/ 54 | * H8mail : https://github.com/khast3x/h8mail 55 | * Tweets Analyzer : https://github.com/x0rz/tweets_analyzer 56 | * Raven : https://github.com/0x09AL/raven 57 | * Public www : https://publicwww.com/ 58 | * Harpoon : https://github.com/Te-k/harpoon 59 | * PhoneInfoga : https://github.com/sundowndev/PhoneInfoga 60 | * Way Back Machine : https://archive.org/web/ 61 | * OSINT Facebook Dump : https://github.com/TheCyberViking/Facebook_OSINT_Dump 62 | * SunCalc : https://suncalc.org/ 63 | * TinEye Reverse Image Search : https://addons.mozilla.org/fr/firefox/addon/tineye-reverse-image-search/ 64 | * Social Blade : https://socialblade.com/ 65 | * Recon : https://secapps.com/market/recon 66 | * Have I Been Pwned ? : https://haveibeenpwned.com/ 67 | * Google Certificate Transparency : https://transparencyreport.google.com/https/certificates 68 | * Entrust Certificate Transparency : https://www.entrust.com/ct-search/ 69 | * Crt.sh (Sectigo) : https://crt.sh/ 70 | * Meta Presses : https://www.meta-press.es/ 71 | * RIPE : https://www.ripe.net/ 72 | 73 | ## OS 74 | 75 | * Tsuguri Linux : https://tsurugi-linux.org/ 76 | 77 | ## Ressources 78 | 79 | * Goole Search Operators, Complete List : https://ahrefs.com/blog/google-advanced-search-operators/ 80 | * Extension OSINT Firefox : https://openfacto.fr/2019/08/11/firefox-ii-interlude-extensions/ 81 | * Shodan Queries : https://github.com/jakejarvis/awesome-shodan-queries 82 | * Bellingcat's Online Investigation Toolkit : https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/mobilebasic 83 | * Telegram API OSINT : https://fabledowlblog.wordpress.com/2017/07/10/telegram-api-for-osint-part-1-users/ 84 | * I Intelligence Handbook : https://www.i-intelligence.eu/wp-content/uploads/2018/06/OSINT_Handbook_June-2018_Final.pdf 85 | * Open Source Intelligence Gathering 201 : https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544 86 | * iaca-darkweb-tools : https://iaca-darkweb-tools.com/ 87 | 88 | 89 | ## List of tools/ressources 90 | 91 | * OSINT Framework : https://osintframework.com/ 92 | * Awesome OSINT : https://github.com/jivoi/awesome-osint 93 | * OSINT Sources : https://github.com/imuledx/OSINT_sources 94 | * Technisette OSINT resources : https://start.me/p/m6XQ08/osint 95 | -------------------------------------------------------------------------------- /Security.md: -------------------------------------------------------------------------------- 1 | +++ 2 | title = "Security" 3 | date = "2019-12-13" 4 | menu = "main" 5 | +++ 6 | 7 | # Security Ressources 8 | 9 | ## Chat (Discord, Slack, etc.) 10 | 11 | * Discord RTFM : https://discord.gg/yJYc7zp 12 | * Discord ODays.Rocks : https://discord.gg/4N7nWWd 13 | * Subreddit How to Hack : https://www.reddit.com/r/HowToHack/ 14 | * Subreddit AskNetSec : https://www.reddit.com/r/AskNetsec/ 15 | * Subreddit BlackHat : https://www.reddit.com/r/blackhat/ 16 | * Subreddit NetSec : https://www.reddit.com/r/netsec/ 17 | * Subreddit Security : https://www.reddit.com/r/security 18 | 19 | ## CTF/Challenge/Bug Bounty 20 | 21 | * Root-me : https://www.root-me.org/ 22 | * Hackthebox : https://www.hackthebox.eu/ 23 | * Newbie Contest : https://www.newbiecontest.org/ 24 | * Pentester Lab : https://pentesterlab.com/ 25 | * Open Bug Bounty : https://www.openbugbounty.org/ 26 | * Yes We Hack : https://www.yeswehack.com/ 27 | * HackerOne : https://www.hackerone.com/ 28 | * Intigriti : https://www.intigriti.com/public/ 29 | * BugCrowd : https://www.bugcrowd.com/products/platform/ 30 | 31 | ## VM/Training 32 | 33 | * DVWA : http://www.dvwa.co.uk/ 34 | * OWASP Mutillidae : https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project 35 | * Metasploitable 1 : https://www.vulnhub.com/entry/metasploitable-1,28/ 36 | * Metasploitable 2 : https://metasploit.help.rapid7.com/docs/metasploitable-2 37 | * Metasploitable 3 : https://github.com/rapid7/metasploitable3 38 | * Fristileaks : https://www.vulnhub.com/entry/fristileaks-13,133/ 39 | * Kioptrix : https://www.vulnhub.com/series/kioptrix,8/ 40 | * Vuln OS 2 : https://www.vulnhub.com/entry/vulnos-2,147/ 41 | * PwnOS : https://www.vulnhub.com/series/pwnos,3/ 42 | * Sky Tower : https://www.vulnhub.com/entry/skytower-1,96/ 43 | * LampSecurity : https://www.vulnhub.com/series/lampsecurity,43/ 44 | 45 | ## Ressources 46 | 47 | * The Hacker News : https://thehackernews.com/ 48 | * Net-Security : https://net-security.fr 49 | * Web Security Academy : https://portswigger.net/web-security 50 | * Kali Linux Docs : https://docs.kali.org/ 51 | * OWASP : https://www.owasp.org/index.php/Main_Page 52 | * Kitploit : https://www.kitploit.com/ 53 | * Sploitus : https://sploitus.com/ 54 | * Exploit DB : https://www.exploit-db.com/ 55 | * SecTools : https://sectools.org/ 56 | * Burp for Beginners : https://www.youtube.com/watch?v=Ezs19sj04DU 57 | 58 | ## Tools 59 | 60 | * Spyse : https://spyse.com/ 61 | * Intelx : https://intelx.io/ 62 | * Sublister : https://github.com/aboul3la/Sublist3r 63 | * SQLMap : http://sqlmap.org/ 64 | * BurpSuite : https://portswigger.net/burp 65 | * ZAP Proxy : https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project 66 | * XSS Strike : https://github.com/s0md3v/XSStrike 67 | * Metasploit : https://www.metasploit.com/ 68 | * Nessus : https://fr.tenable.com/products/nessus 69 | * OpenVAS : http://www.openvas.org/ 70 | * NMap : https://nmap.org/ 71 | * Nikto : https://github.com/sullo/nikto 72 | * Wireshark : https://www.wireshark.org/ 73 | * Air Crack NG : https://www.aircrack-ng.org/ 74 | * HashCat : https://hashcat.net/hashcat/ 75 | * Scapy : https://scapy.net/ 76 | * PWNagotchi : https://github.com/evilsocket/pwnagotchi 77 | * Responder : https://github.com/SpiderLabs/Responder 78 | * Bloodhound : https://github.com/BloodHoundAD/BloodHound 79 | * Bettercap : https://github.com/bettercap/bettercap 80 | * Saucs Vuln Management : https://saucs.com 81 | 82 | ## OS 83 | 84 | * Kali Linux : https://www.kali.org/ 85 | * BackBox : https://www.backbox.org/ 86 | * ParrotOS : https://parrotlinux.org/ 87 | 88 | ## OSCP Ressources 89 | 90 | * OSCP Survival Guide : https://github.com/Sturmrufer/OSCP-Survival-Guide_ 91 | * Pentest Compilation : https://github.com/adon90/pentest_compilation 92 | * OSCP Cheat Sheet : https://github.com/mikaelkall/OSCP-cheat-sheet 93 | * OSCP Tools : https://github.com/cokebottle/oscp-tools 94 | * OSCP Notes : https://github.com/kyawthiha7/oscp_notes 95 | * OSCP5 : https://github.com/sojamo/oscp5 96 | * OSCP Prep : https://github.com/burntmybagel/OSCP-Prep 97 | * Cheatsheets : https://github.com/slyth11907/Cheatsheets 98 | * Cheatsheet-God : https://github.com/OlivierLaflamme/Cheatsheet-God 99 | * OSCP Exam Report Template : https://github.com/noraj/OSCP-Exam-Report-Template-Markdown 100 | 101 | ## List of tools/ressources 102 | 103 | * Awesome Hacking : https://github.com/carpedm20/awesome-hacking 104 | * Awesome Security : https://github.com/sbilly/awesome-security 105 | * Windows Hacking/Red teaming Ressources : https://docs.google.com/document/d/1HYPX0MMn2Qc0TNYRRIaaYU2GIbuTMXHm-JBhRR2vNMU/mobilebasic 106 | * Pentesting Bible : https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE 107 | 108 | ## Others 109 | 110 | * Movie for Hackers : https://app.getpocket.com/read/2114213410 111 | --------------------------------------------------------------------------------