Further Reading #

Books #

• The Hacker Playbook Series
• Hacking- The Art of Exploitation

Online Pentesting Platforms #

• https://www.hackthebox.eu/ - Hack The Box
• https://www.vulnhub.com/ - VulnHub
• https://www.hackthissite.org/ - HackThisSite
• https://tryhackme.com/ - TryHackMe
• https://cryptohack.org/ - CryptoHack
• https://pentesterlab.com/ - PentesterLab
• https://portswigger.net/web-security - PortSwigger Web Security Academy
• https://ctflearn.com/ - CTFlearn
• https://picoctf.com/ - picoCTF
• https://pwn.college/ - pwn.college
• https://pwnable.tw/ - pwnable.tw
• https://247ctf.com/ - 247/CTF
• https://ctf101.org/ - CTF 101
• https://ctftime.org/ - CTFtime
• https://microcorruption.com/ - Embedded Security CTF

Vulnerable Apps #

• https://github.com/digininja/DVWA - Damn Vulnerable Web Application
• https://github.com/snoopysecurity/dvws - Damn Vulnerable Web Services
• https://github.com/vavkamil/dvwp - Damn Vulnerable WordPress
• https://github.com/stamparm/DSVW - Damn Small Vulnerable Web
• https://sourceforge.net/projects/bwapp/files/bWAPP/ - Buggy Web Application
• https://owasp.org/www-project-juice-shop/ - OWASP JuiceShop
• https://github.com/webpwnized/mutillidae - OWASP Mutillidae II
• https://github.com/WebGoat/WebGoat - WebGoat
• https://github.com/RhinoSecurityLabs/cloudgoat - CloudGoat
• https://github.com/madhuakula/kubernetes-goat - Kubernetes Goat
• https://github.com/owasp/nodegoat - NodeGoat
• https://github.com/OWASP/railsgoat - RailsGoat

Bug Bounty Platforms #

• https://www.yeswehack.com/ - YesWeHack
• https://www.intigriti.com - Intigriti
• https://bugcrowd.com/ - Bugcrowd
• https://www.hackerone.com/ - HackerOne
• https://cobalt.io/ - Cobalt
• https://www.bountysource.com/ - BountySource
• https://hackenproof.com/ - HackenProof
• https://cs.detectify.com/ - Detectify
• https://bugbounty.jp/ - BugBounty.jp
• https://safehats.com/ - SafeHats
• https://hacktrophy.com/ - HackTrophy
• https://www.cesppa.com/ - Cesppa
• https://www.antihack.me/ - AntiHack

Bug Bounty Programs #

• https://bounty.github.com/ - Github
• https://www.google.com/about/appsecurity/reward-program/ - Google
• http://hp.com/go/printersthatprotect - HP
• https://www.intel.com/content/www/us/en/security-center/default.html - Intel
• https://www.facebook.com/whitehat - Facebook
• https://www.microsoft.com/en-us/msrc/bounty?rtc=1 - Microsoft
• https://www.mozilla.org/en-US/security/bug-bounty/ - Mozilla
• http://zerodium.com/program.html - Zerodium

YouTube Channels #

• Adrian Crenshaw
• Ben Eater
• IppSec
• MalwareAnalysisForHedgehogs
• Open Security Training
• Red Team Village
• Researcher Tips and Tricks from JackkTutorials