OWASP WrongSecrets
A game packed with real-life examples of how not to store secrets in software, with 46 challenges to solve.
This SQL injection cheat sheet provides examples of useful syntax for performing various tasks during SQL injection attacks, including string concatenation, substring extraction, comments, database version querying, database contents listing, conditional errors, extracting data via visible error messages, batched queries, time delays, conditional time delays, and DNS lookups. The cheat sheet covers various database management systems, including Oracle, Microsoft, PostgreSQL, and MySQL, and provides examples of syntax for each system. The topics covered include: * String concatenation * Substring extraction * Comments * Database version querying * Database contents listing * Conditional errors * Extracting data via visible error messages * Batched queries * Time delays * Conditional time delays * DNS lookups The cheat sheet is a valuable resource for penetration testers and security professionals who need to perform SQL injection attacks as part of their work.
A game packed with real-life examples of how not to store secrets in software, with 46 challenges to solve.
A comprehensive guide to using Hashcat for password cracking
A comprehensive guide to using Metasploit, including searching for modules, specifying exploits and payloads, and using auxiliary modules.
Hacker wargames site with forums and tutorials, fostering a learning community.
A documentation template library for implementing industrial information security management systems.
Learn how hackers find security vulnerabilities, exploit web applications, and how to defend against these attacks.