Resources for Penetration Testing

A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.

SecTemplates provides free security program templates, runbooks, and documentation resources for information security professionals and engineering teams.

A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.

An educational cheatsheet that provides privilege escalation fundamentals and examples for CTF players and cybersecurity beginners.

A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.

A centralized reference resource containing default credentials for various devices and systems to assist security professionals in both offensive and defensive operations.

HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

A collection of CTF writeups from various competitions including picoCTF, GLUG, TUCTF, and HackTheBox challenges, providing detailed solutions and explanations for cybersecurity competition problems.

A comprehensive SQL injection cheat sheet covering various database management systems and techniques.

Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.

A collection of command reference cheatsheets for penetration testing tools and security utilities, designed to help security professionals quickly recall important but infrequently used commands.

Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.

A pocket reference guide providing various options for navigating and pivoting through different environments and situations.

A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries.

The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.

A comprehensive cheat sheet providing SQLite-specific SQL injection techniques, payloads, and enumeration methods for security testing and penetration testing activities.

A standard for conducting penetration tests, covering seven main sections from planning to reporting.

INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.

A comprehensive PowerShell cheat sheet covering various tasks and techniques for file management, process management, network operations, and system administration.

A comprehensive reference guide providing practical examples and commands for using Hashcat to crack various types of password hashes.

A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.

Hack Night is a thirteen-week educational program by NYU Tandon's OSIRIS Lab that provides an accelerated introduction to offensive security concepts, techniques, and practical applications.