Blogs, Feeds, Guides + Links

*This wasn't meant to be live just yet!*

I scheduled all draft posts. I became ill and wasn't available to stop it from posting.

I was cleaning out my bookmarks, de-cluttering twitter favourites and closing a few tabs. Re-saw a few 'hidden gems' as well as repeating finding links for people, so I thought I would try and 'dump' them all in one place.

These are roughly sorted, if you're wanting something better - I highly recommend having a look at the pentest-bookmarks.

This list will be updated from time to time!

Programming & Coding

[Bash] Advanced Bash-Scripting Guide -

[Bash] Bash shell scripting tutorial -

[Bash] Bourne Shell Reference -

[CheatSheet] Scripting Languages: PHP, Perl, Python, Ruby -

[Tip] Forcing Scripts to Run as root -

[Tip] HTML5 Security Cheat Sheet -

[Regex] Learn Regex The Hard Way (ALPHA) -

Programs & Scripts

[Program] HTML5 (plugin-free) web-based terminal emulator and SSH client -

[Tips] Exploiting Powershell's Features (Not Flaws) -

[Tip] Shellcode in Powershell -

[Program] easy-creds -

[Program] ghost-phisher -

[Book] Network Security Tools -

[Program] Password Security Scanner -

[Collection] Security Tools -

Tunnelling & Pivoting

[Linux] SSH gymnastics with proxychains -

[Windows] Nessus Through SOCKS Through Meterpreter -

[Shell] Reverse Shell Techniques for Linux -

[Shell] Python One Line Shellcode -

[Shell] Reverse Shell with Bash -

[Shell] Reverse shells one-liners -

[Shell] Creating a 13 line backdoor worry free of A/V -

[Meteterpreter] Get a meterpreter reverse shell through SSH tunnel -

[Shell] Reverse Shell Cheat Sheet -


[OS] A Sysadmin's Unixersal Translator -

[WiFi]'s Wireless Penetration Testing Framework -

[Programming] The Ultimate Anti-Debugging Reference -

File Include (Local & Remote)

[LFI] When All You Can Do Is Read -

[LFI] Local File Inclusion – Tricks of the Trade -

[LFI] LFI with phpinfo Assistance-

[LFI] Exploiting PHP File Inclusion Overview -,3768

WarGames / CTF / Challenges

[Challenges] The Ksplice Pointer Challenge -

[Forensics] iAWACS 2011 Forensics challenge -

[CTF] Index Of / -

[Forensics] Test Images and Forensic Challenges -

[WarGames] Pentest lab vulnerable servers-applications list -

[WarGames] Practices for a Hacker (WarGames) - (English)

[Challenges] OWASP iGoat Project -

[Challenges] Can you crack it? - hxxp://

[WarGames] Vanilla Dome Wargame - hxxps://

[CTF] Index Of / -

[Boot2Root] Exploit-Exercises -

[WarGames] try2hack -

[Fuzzing] Resources -

[Web] Web Application Vulnerability Scanner Evaluation Project -

[Web] SQL Injection and Filter Evasion Challenge -

[Walkthrough] preCON CTF Walkthrough -

[Walkthough] Rooting Kioptrix Level 1 in an Organized Fashion -

[Forensics] Forensic Challenge 8 - "Malware Reverse Engineering" -

[Collection] List of CTFs -

Exploit Development (Programs)

[Download] Old Version Downloads -

[Download] Oldversions of Windows, Mac, Linux Software & Abandonware Games -

[Download] Exploit Database Search -


[Linux] Index of Documentation for People Interested in Writing and/orUnderstanding the Linux Kernel. -

[PDF] From Browser To Kernel Exploitation -

[PDF] Introduction to Linux Kernel 2.6. How to write a Rootkit -

Offensive Security's Pentesting With BackTrack (PWB) Course

[Pre-course] Corelan Team -

[Pre-course] The Penetration Testing Execution Standard -

[Hash] NTLM Decrypter -

[Hash] reverse hash search and calculator -

[Tip] Ash's mental thoughts going into the OSCP exam -


[RSS] Open Penetration Testing Bookmarks Collection -

[ExploitDev] Data mining Backtrack 4 for buffer overflow return addresses -

[DIY] Repair a Broken Ethernet Plug -

[Desktop] Ubuntu Security -

[PDF] GPG Guide for Secure Communications -

Advanced DLL Injection -

A pure python web based disassembler -

[Guide] Extracting Malicious Flash Objects from PDFs Using SWF Mastah -

Tech Humour

[TechHumor] Title -


[Program] A malware identification and classification tool -

[Samples] Base of malware packages -

[Samples] A Collection of Web Backdoors & Shells -

[BootKit] Bootkit Threat Evolution in 2011 -

[Analysis] Deconstructing the Black Hole Exploit Kit -

[OSX] Inside a Modern Mac Trojan -

[Analysis] Deobfuscating malicious code layer

[Collection] Debuggers Anti-Attaching Techniques - Part 1 -


[Program] easy-creds

[Series] Social Engineering Toolkit Megaprimer Part 1 -

[Program] BeEF & Intranet Footprinting -

[Program] Demonstrating BeEF's Metasploit Plugin -

Embedded Devies

[Router] RouterPwn -

[Router] Database of private SSL/SSH keys for embedded devices -

[Geo] mapping MAC addresses -

[BIOS] BIOS Password Backdoors in Laptops -

[Protection] Cisco Router Hardening Step-by-Step -

[iPhone] iPhone Tracker -

Exploit Development

[Guides] Corelan Team -

[Guide] From 0x90 to 0x4c454554, a journey into exploitation. -

[Guide] An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities -

[Video] TiGa's Video Tutorial Series on IDA Pro -

[Guide] Advanced Windows Buffer Overflows -

[Guide] Stack Based Windows Buffer Overflow Tutorial -

[Guide] SEH Stack Based Windows Buffer Overflow Tutorial -

[Guide] Windows Buffer Overflow Tutorial: Dealing with Character Translation -

[Guide] Heap Spray Exploit Tutorial: Internet Explorer Use After Free Aurora Vulnerability -

[Guide] Windows Buffer Overflow Tutorial: An Egghunter and a Conditional Jump -

[Collection] Linux exploit development part 1 – Stack overflow. -

[Video] Athcon / Hack In Paris Demo 2 -

[Mona] Exploit Development with -

[Theory] Stack frame layout on x86-64 -

[Challenge] Helping Developers Understand Security - hxxp://

[Guides] Exploit Writing Tutorials -

[Guide] Breaking MailEnable 2.34: A lesson in security featuring Metasploit, Immunity Debugger, and -

[Web] Finding 0days in Web Applications -

[Windows] Offensive Security Exploit Weekend -

[Windows] From vulnerability to exploit under 5 min -

[Windows] Remote control manager FAIL -

[Guide] Heap Overflows For Humans 102.5 -

[Guide] Analyzing CVE-2011-2462 - Part Three -

[Guide] A Textbook Buffer Overflow: A Look at the FreeBSD telnetd Code -

[Guide] Egghunter Exploitation Tutorial -

Exploit Development (Patch Analysis)

[Windows] A deeper look at MS11-058 -

[Windows] Patch Analysis for MS11-058 -

[Windows] CVE-2011-1281: A story of a Windows CSRSS Privilege Escalation vulnerability -

[Mobile] Analyzing and dissecting Android applications for security defects and vulnerabilities -

Exploit Development (Reserve Energising)

[Guide] Exploiting Adobe Flash Player on Windows 7 -

[Guide] Heap Spraying Adobe: exploiting collab.collectemailinfo() -

[Guide] Intro. To Reversing - W32Pinkslipbot -

[Guide] Decrypting iPhone Apps -


[Exploits] SHODAN Exploits -

Executing commands in MySQL with it's running privilege -

Basic Linux

[Tip] Linux 101: Useful Commands -

[Tip] Linux Directory Structure Explained -

[Remote] Tips for Remote Unix Work (SSH, screen, And VNC)

Exploit Development (Metasploit Wishlist)

[ExplotDev] Metasploit Exploits Wishlist ! -

[Guide] Porting Exploits To Metasploit Part 1 -

[Guide] Want to get your feet wet? Start here. -

[Guide] MonaSploit -

[WishList] Top 50 Exploits -

[WishList] Metasploit Framework Wishlist -

Passwords & Rainbow Tables (WPA) & Wordlists

[RSS] Title -

[RSS] Title -

[RSS] Title -

[WPA] Offensive Security: WPA Rainbow Tables - hxxp:// (

[Wiki] The Password Project -

[Tool] Ultra High Security Password Generator -

[Tool] John the Ripper config generator -

[Guide] Creating effective dictionaries for password attacks -

[Leaked] Diccionarios con Passwords de Sitios Expuestos -

[Download] Index of / - hxxp://

[Guide] Using Wikipedia as brute forcing dictionary -

[Tool] CeWL - Custom Word List generator -

[Download] Title -

[Leaked] Passwords -

[Tools] password analysis and cracking kit -

[Tools] crunch -


[Metasploit] Facts and myths about antivirus evasion with Metasploit -

[Terms] Methods of bypassing Anti-Virus (AV) Detection - NetCat -

Web Based Attacks

[Burp] Hacking Web Authentication – Part 1 -

[Guide] Liferay Portlet Shell -

SQL Injection

[Tip] Best damn quick tips for a total SQL injection newbie (period) -


[Presentation] Clickjacking For Shells -

Privilege Escalation

[Linux] Hacking Linux Part I: Privilege Escalation -

[Windows] Windows 7 UAC whitelist -

[Windows] Windows Privilege Escalation Part 1: Local Administrator Privileges -

[TTY] Post-Exploitation Without A TTY -

[UAC] Windows 7 UAC whitelist:Proof-of-concept source code -

[UAC] Bypass Windows 7 x86/x64 UAC Fully Patched – Meterpreter Module -

[Program] windows-privesc-check -

Local Security

[Hashs] Recovering Hashes from Domain Controller -

[Hashs] Get Domain Admins (GDA) -

[Windows] Step-by-step guide to installing TrueCrypt and encrypting Windows XP system partition -

[OSX] Inside Mac OS X 10.7 Lion: File Vault full disk encryption and cloud key storage -

[Linux] Home directory and full disk encryption in Ubuntu 11.04 -

[BackUp] Unison File Synchronizer:Liberation through Data Replication -


[Guide] fxsst.dll persistence: the evil fax machine -

[Guide] Bypassing DEP/ASLR in browser exploits with McAfee and Symantec -

[Guides] Metasploit Unleashed -

[Guides] Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1 -

[Downloads] Metasploit Password Modules -

[Guide] Process Injection Outside of Metasploit -

[Guide] Path of Least Resistance -

[Plugin] New Meterpreter Extension Released: MSFMap Beta -

[Tip] Metasploit and PTES -

[Tip] Running MultiplePost Modules -

Default Generators

[WEP] mac2wepkey - Huawei default WEP generator -

[WEP] Generator: Attacking SKY default router password -

[WEP] Default key algorithm in Thomson and BT Home Hub routers -


[Defacements] Zone-H -

[ExploitKits] CVE Exploit Kit list -


[Web Shells] Analysis of compromised websites - hacked PHP scripts -

Cross Site Scripting (XSS)

[Guide] vbSEO – From XSS to Reverse PHP Shell -

[XSS] XSS Rays -

[XSS] How I Almost Won Pwn2Own via XSS -

[XSS] JS-less XSS Using HTML Injection to hijack accounts without JavaScript. -

[XSS] XSS Illustrated (for masses) -

[XSS] Cookie Grabbing using XSS -


[Podcast] PaulDotCom -

[Podcast] Social-Engineer -

[Magazine] ClubHACK Magazine -

[Magazine] The hacker News Magazine -

Blogs & RSS

[RSS] SecManiac -

[Guides] Carnal0wnage & Attack Research -

[RSS] Contagio -

[News] THN : The Hacker News -

[News] Packet Storm: Full Disclosure Information Security -

[Guides] pentestmonkey | Taking the monkey work out of pentesting -

[RSS] Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security -

[RSS] Irongeek -

[Metasploit] Room 363 -

[Guides] Question Defense: Technology Answers For Technology Questions -

[Guides] stratmofo's blog -

[Guides] TheInterW3bs -

[Guides] consolecowboys -

[Guides] A day with Tape -

[Guides] Cybexin's Blog - Network Security Blog -

[RSS] BackTrack Linux - Penetration Testing Distribution -

[RSS] Offensive Security -

[News] Title - hxxp://

[RSS] Title -

[RSS] Title - hxxp://

[RSS] Title -

[RSS] Title -

[RSS] Title - hxxp://

[RSS] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

[ExploitDB] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

[RSS] Title -

...Not enough? Try twitter and/or IRC!


[WarGames] Title -

[WarGames] Title -