🖇️Links

A list of usefull links for pentesting.

GTFOBins

GTFOBins is a website that provides a collection of Unix binaries that can be exploited to gain root privileges in a Unix system. The website provides detailed instructions on how to exploit each binary, making it a valuable resource for penetration testers and cybersecurity professionals.

GTFOBinsgtfobins.github.io

CyberChef

CyberChef is an online tool that allows users to manipulate and analyze data in a variety of ways. It includes a wide range of data conversion and analysis tools, making it a useful resource for anyone working with data.

CyberChefgchq.github.io

Kali Linux Tools

Kali Linux is a popular operating system used by cybersecurity professionals for penetration testing and ethical hacking. It includes a variety of tools for network and vulnerability analysis, password cracking, and more.

Kali Tools | Kali Linux ToolsKali Linux

OWASP

OWASP (Open Web Application Security Project) is a non-profit organization dedicated to improving the security of software. Their website provides a range of resources, including security guidelines, testing tools, and best practices for developing secure software.

OWASP Top Ten Web Application Security Risks | OWASP Foundationowasp.org

Exploit Database

The Exploit Database is a repository of exploits and vulnerability information for a variety of software and hardware products. It includes a wide range of exploits, including web-based exploits, local exploits, and remote exploits.

OffSec’s Exploit Database Archivewww.exploit-db.com

OSINT Framework

The OSINT Framework is a collection of tools and resources for conducting open-source intelligence (OSINT) investigations. It includes a range of tools for gathering information about individuals and organizations, including social media profiles, email addresses, and more.

OSINT Frameworkosintframework.com

LOLBAS

The goal of the LOLBAS project is to document every binary, script, and library that can be used for Living Off The Land techniques.

LOLBASlolbas-project.github.io

Metasploit

Metasploit is a popular penetration testing framework that includes a range of tools for testing and exploiting vulnerabilities in software and hardware. It includes a wide range of exploits and payloads, making it a valuable tool for cybersecurity professionals.

Metasploit | Penetration Testing Software, Pen Testing Security | MetasploitMetasploit

DNSdumpster

DNSdumpster is an online tool for performing DNS reconnaissance. It can be used to gather information about a target's domain names, IP addresses, and other related information.

DNSDumpster - Find & lookup dns records for recon & researchDNSDumpster.com

Epieos

An OSINT search engine that allows you to perform reverse email search, find related google reviews, use Holehe online, and many other things.

https://epieos.com/epieos.com

Hak5

industry leading hacker tools & award winning hacking shows for red teams, pentesters, cyber security students and IT professionals. Creators of the WiFi Pineapple, USB Rubber Ducky & more. Home to an inclusive information security community. Established in 2005.

Pentest Tools & Media | Hak5 Official SiteHak5

OffSec Tools

A vast collection of security tools for bug bounty, pentest and red teaming Featured tools 10 result s newest first Featured VBad VBA obfuscation tools combined with an MS Office document generator .

offsec.tools - A vast collection of security toolsoffsec.tools

LOLDrivers

Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats · © 2023 With ♥️ from Magicsword

LOLDriverswww.loldrivers.io

HackTricks

Welcome to the page where you will find each hacking trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Page not found - HackTricksbook.hacktricks.xyz

Hacker's Grimoire

...

Hacker's Grimoirevulp3cula.gitbook.io

Payloads All The Things

Payloads All The Things, a list of useful payloads and bypasses for Web Application Security

Payloads All The Thingsswisskyrepo.github.io

Hardware All The Things

Our goal is to foster a community-driven platform where individuals can share, learn, and enhance their skills in hardware and IoT security. Whether you are a seasoned security expert or just starting, this repository is designed to provide you with a wealth of knowledge and practical insights.

Hardware All The Thingsswisskyrepo.github.io

Internal All The Things

Active Directory and Internal Pentest Cheatsheets ·

Internal All The Thingsswisskyrepo.github.io

Fonty-S

Hacking guide | Hacking Guidefonty-s.gitbook.io

The Hacker Recipes

I work at Capgemini and thank them for allocating some time to develop and maintain The Hacker Recipes! Visit Capgemini website at https://www.capgemini.com/.

The Hacker Recipeswww.thehacker.recipes

CVExploit

A database for CVEs exploit that collects the exploits automatically from around the internet.

HomeCVExploits

FlipC

Unofficial Flipper Zero app catalog and builder

FlipC.orgflipc.org

Web-Check

All-in-one OSINT tool, for quickly checking a websites data.

https://web-check.xyz/web-check.xyz

DEHASHED

DeHashed provides free deep-web scans and protection against credential leaks. A modern personal asset search engine created for security analysts, journalists, security companies, and everyday people to help secure accounts and provide insight on compromised assets.

DeHashed — #FreeThePasswordwww.dehashed.com

Intelligence X

Intelligence X is a search engine and data archive. Search Tor, I2P, data leaks and the public web by email, domain, IP, CIDR, Bitcoin address and more.

Intelligence Xintelx.io