{"id":169,"date":"2022-12-17T22:42:28","date_gmt":"2022-12-17T22:42:28","guid":{"rendered":"https:\/\/infosecjake.net\/?p=169"},"modified":"2025-01-06T17:10:34","modified_gmt":"2025-01-06T17:10:34","slug":"useful-links-to-help-your-journey","status":"publish","type":"post","link":"https:\/\/infosecjake.net\/?p=169","title":{"rendered":"Useful Links to Help Your Journey"},"content":{"rendered":"\n

The below links are a collection of useful tools and sites that you can use for various purposes within the InfoSec realm. Each link will drop you down to a group of links under that section title. Page may periodically be updated. As the web constantly changes, some links may not work.
<\/p>\n\n\n\n

Security Forums<\/a><\/p>\n\n\n\n

Tor Onion Links<\/a><\/p>\n\n\n\n

Security Methodologies<\/a><\/p>\n\n\n\n

Training\/Classes\/Video<\/a><\/p>\n\n\n\n

Pentest Tools<\/a><\/p>\n\n\n\n

Pentest Lab ISO-VMs<\/a><\/p>\n\n\n\n

Metasploit<\/a><\/p>\n\n\n\n

Net Scanners<\/a><\/p>\n\n\n\n

Man-in-the-middle attack<\/a><\/p>\n\n\n\n

Phase 1 – Reconnaissance: Information Gathering before the Attack<\/a><\/p>\n\n\n\n

Phase 1.1 – People and Orginizational<\/a><\/p>\n\n\n\n

Phase 1.2 – Infastructure<\/a><\/p>\n\n\n\n

OSINT Tools<\/a><\/p>\n\n\n\n

Phase 2 – Enumeration: Finding Attack Vectors<\/a><\/p>\n\n\n\n

Phase 3 – Exploitation: Verifying Security Weaknesses<\/a><\/p>\n\n\n\n

Dump Windows Password Hashes<\/a><\/p>\n\n\n\n

Windows Passhing The Hash<\/a><\/p>\n\n\n\n

Windows Privilege Escalation<\/a><\/p>\n\n\n\n

Linux Privilege Escalation<\/a><\/p>\n\n\n\n

Tunneling & Port Forwarding<\/a><\/p>\n\n\n\n

XSS Cheat Codes<\/a><\/p>\n\n\n\n

WebShells<\/a><\/p>\n\n\n\n

SQLi General Resources<\/a><\/p>\n\n\n\n

MySQLi Resources<\/a><\/p>\n\n\n\n

MSSQLi Resources<\/a><\/p>\n\n\n\n

Oracle SQLi Resources<\/a><\/p>\n\n\n\n

Postgres SQLi Resources<\/a><\/p>\n\n\n\n

SQLite Resources<\/a><\/p>\n\n\n\n

RFI\/LFI Tutorials<\/a><\/p>\n\n\n\n

NASM Tutorial<\/a><\/p>\n\n\n\n

Buffer Overflow Tutorial<\/a><\/p>\n\n\n\n

Exploit Development<\/a><\/p>\n\n\n\n

Exploits and Shellcodes<\/a><\/p>\n\n\n\n

Reverse Engineering<\/a><\/p>\n\n\n\n

OS Cheat Sheets and Script Syntax<\/a><\/p>\n\n\n\n

Password Wordlists, Hashes, Tools<\/a><\/p>\n\n\n\n


<\/p>\n\n\n\n

\n\n\n\n

General Education<\/p>\n\n\n\n

https:\/\/www.vpnmentor.com\/blog\/teachers-guide-to-cybersecurity<\/a><\/p>\n\n\n\n

Security Forums<\/p>\n\n\n\n

http:\/\/securityoverride.org\/forum\/index.php<\/a><\/p>\n\n\n\n

https:\/\/www.hackthissite.org\/forums\/index.php<\/a><\/p>\n\n\n\n

https:\/\/www.ethicalhacker.net\/forums\/index.php<\/a><\/p>\n\n\n\n

https:\/\/evilzone.org\/<\/a><\/p>\n\n\n\n

http:\/\/forum.antichat.ru\/<\/a><\/p>\n\n\n\n

https:\/\/forum.xeksec.com\/<\/a><\/p>\n\n\n\n

https:\/\/rdot.org\/forum\/<\/a><\/p>\n\n\n\n

https:\/\/forum.zloy.bz\/<\/a><\/p>\n\n\n\n

https:\/\/forum.reverse4you.org\/<\/a><\/p>\n\n\n\n

https:\/\/rstforums.com\/forum\/<\/a><\/p>\n\n\n\n

http:\/\/www.truehackers.ru\/forum\/index.php<\/a><\/p>\n\n\n\n

http:\/\/garage4hackers.com\/forum.php<\/a><\/p>\n\n\n\n

https:\/\/www.hellboundhackers.org\/<\/a><\/p>\n\n\n\n

http:\/\/www.lockpicking101.com\/<\/a><\/p>\n\n\n\n

https:\/\/www.xploitworld.com\/index.php<\/a><\/p>\n\n\n\n

Tor Onion Links<\/p>\n\n\n\n

http:\/\/www.hiddenwiki.info\/<\/a><\/p>\n\n\n\n

Security Methodologies<\/p>\n\n\n\n

http:\/\/www.vulnerabilityassessment.co.uk\/Penetration%20Test.html<\/a><\/p>\n\n\n\n

http:\/\/www.pentest-standard.org\/index.php\/Main_Page<\/a><\/p>\n\n\n\n

https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project<\/a><\/p>\n\n\n\n

http:\/\/yehg.net\/lab\/pr0js\/misc\/wasarg_owasp-tgv4_with_ref.php<\/a><\/p>\n\n\n\n

http:\/\/www.social-engineer.org\/<\/a><\/p>\n\n\n\n

http:\/\/projects.webappsec.org\/w\/page\/13246927\/FrontPage<\/a><\/p>\n\n\n\n

Training\/Classes\/Video<\/p>\n\n\n\n

http:\/\/www.irongeek.com\/i.php?page=videos\/aide-winter-2011<\/a><\/p>\n\n\n\n

https:\/\/lab.pentestit.ru\/pentestlabs\/3<\/a><\/p>\n\n\n\n

https:\/\/trailofbits.github.io\/ctf\/<\/a><\/p>\n\n\n\n

http:\/\/ctf.forgottensec.com\/wiki\/?title=Main_Page<\/a><\/p>\n\n\n\n

http:\/\/smashthestack.org\/<\/a><\/p>\n\n\n\n

http:\/\/ctf.hcesperer.org\/<\/a><\/p>\n\n\n\n

https:\/\/www.google.com\/calendar\/feeds\/noge7b1rg2dg4a8kcm1k68vbjg@group.calendar.google.com\/public\/basic<\/a><\/p>\n\n\n\n

https:\/\/www.google.com\/calendar\/embed?src=pe2ikdbe6b841od6e26ato0asc@group.calendar.google.com&gsessionid=OK<\/a><\/p>\n\n\n\n

https:\/\/crypto.stanford.edu\/cs155\/<\/a><\/p>\n\n\n\n

https:\/\/www.offensive-security.com\/metasploit-unleashed\/<\/a><\/p>\n\n\n\n

http:\/\/www.irongeek.com\/i.php?page=videos\/metasploit-class<\/a><\/p>\n\n\n\n

http:\/\/www.securitytube.net\/<\/a><\/p>\n\n\n\n

http:\/\/resources.infosecinstitute.com\/<\/a><\/p>\n\n\n\n

https:\/\/www.cs.fsu.edu\/~redwood\/OffensiveSecurity\/lectures.html<\/a><\/p>\n\n\n\n

https:\/\/www.youtube.com\/watch?v=kPxavpgos2I<\/a><\/p>\n\n\n\n

http:\/\/www.securitytube.net\/video\/7640<\/a><\/p>\n\n\n\n

http:\/\/www.securitytube.net\/video\/7735<\/a><\/p>\n\n\n\n

Pentest Tools<\/p>\n\n\n\n

https:\/\/github.com\/pwnwiki\/pwnwiki.github.io<\/a><\/p>\n\n\n\n

https:\/\/github.com\/sbilly\/awesome-security<\/a><\/p>\n\n\n\n

https:\/\/github.com\/paragonie\/awesome-appsec<\/a><\/p>\n\n\n\n

https:\/\/github.com\/enaqx\/awesome-pentest<\/a><\/p>\n\n\n\n

https:\/\/github.com\/kahun\/awesome-sysadmin#security<\/a><\/p>\n\n\n\n

http:\/\/beefproject.com\/<\/a><\/p>\n\n\n\n

https:\/\/xsser.03c8.net\/<\/a><\/p>\n\n\n\n

https:\/\/code.google.com\/p\/fuzzdb\/<\/a><\/p>\n\n\n\n

https:\/\/www.owasp.org\/index.php\/Category:OWASP_Fuzzing_Code_Database#tab=Statements<\/a><\/p>\n\n\n\n

http:\/\/w3af.org\/<\/a><\/p>\n\n\n\n

https:\/\/code.google.com\/p\/skipfish\/<\/a><\/p>\n\n\n\n

https:\/\/www.sans.org\/reading-room\/whitepapers\/testing\/fuzzing-approach-credentials-discovery-burp-intruder-33214<\/a><\/p>\n\n\n\n

https:\/\/www.securityninja.co.uk\/hacking\/burp-suite-tutorial-the-intruder-tool\/<\/a><\/p>\n\n\n\n

http:\/\/www.justanotherhacker.com\/projects\/graudit.html<\/a><\/p>\n\n\n\n

https:\/\/packetstormsecurity.com\/files\/tags\/tool<\/a><\/p>\n\n\n\n

Pentest Lab ISO-VMs<\/p>\n\n\n\n

http:\/\/www.amanhardikar.com\/mindmaps\/PracticeUrls.html<\/a><\/p>\n\n\n\n

https:\/\/www.kali.org\/<\/a><\/p>\n\n\n\n

https:\/\/www.owasp.org\/index.php\/OWASP_Web_Testing_Environment_Project<\/a><\/p>\n\n\n\n

http:\/\/blackarch.org\/<\/a><\/p>\n\n\n\n

https:\/\/code.google.com\/p\/owaspbwa\/<\/a><\/p>\n\n\n\n

https:\/\/www.mavensecurity.com\/web_security_dojo\/<\/a><\/p>\n\n\n\n

http:\/\/hackingdojo.com\/dojo-media\/<\/a><\/p>\n\n\n\n

http:\/\/informatica.uv.es\/~carlos\/docencia\/netinvm\/<\/a><\/p>\n\n\n\n

http:\/\/www.bonsai-sec.com\/en\/research\/moth.php<\/a><\/p>\n\n\n\n

http:\/\/sourceforge.net\/projects\/metasploitable\/files\/Metasploitable2\/<\/a><\/p>\n\n\n\n

http:\/\/sourceforge.net\/projects\/lampsecurity\/?source=navbar<\/a><\/p>\n\n\n\n

https:\/\/www.hacking-lab.com\/index.html<\/a><\/p>\n\n\n\n

http:\/\/sourceforge.net\/projects\/virtualhacking\/files\/<\/a><\/p>\n\n\n\n

http:\/\/www.irongeek.com\/i.php?page=mutillidae\/mutillidae-deliberately-vulnerable-php-owasp-top-10<\/a><\/p>\n\n\n\n

http:\/\/www.dvwa.co.uk\/<\/a><\/p>\n\n\n\n

http:\/\/sourceforge.net\/projects\/thebutterflytmp\/<\/a><\/p>\n\n\n\n

http:\/\/magikh0e.ihtb.org\/pubPapers\/<\/a><\/p>\n\n\n\n

Metasploit<\/p>\n\n\n\n

http:\/\/resources.metasploit.com\/<\/a><\/p>\n\n\n\n

http:\/\/netsec.ws\/?p=262<\/a><\/p>\n\n\n\n

http:\/\/seclists.org\/metasploit\/<\/a><\/p>\n\n\n\n

https:\/\/www.offensive-security.com\/metasploit-unleashed\/Introduction\/<\/a><\/p>\n\n\n\n

http:\/\/www.offensive-security.com\/metasploit-unleashed\/Msfvenom<\/a><\/p>\n\n\n\n

https:\/\/community.rapid7.com\/community\/metasploit\/<\/a><\/p>\n\n\n\n

http:\/\/www.securitytube.net\/video\/711?q=METASPLOIT<\/a><\/p>\n\n\n\n

https:\/\/en.wikibooks.org\/wiki\/Metasploit<\/a><\/p>\n\n\n\n

https:\/\/www.sans.org\/security-resources\/sec560\/misc_tools_sheet_v1.pdf<\/a><\/p>\n\n\n\n

http:\/\/rmccurdy.com\/scripts\/Metasploit%20meterpreter%20cheat%20sheet%20reference.html<\/a><\/p>\n\n\n\n

https:\/\/github.com\/rapid7\/metasploit-framework\/wiki\/Meterpreter<\/a><\/p>\n\n\n\n

https:\/\/www.blackhat.com\/presentations\/bh-dc-10\/Egypt\/BlackHat-DC-2010-Egypt-UAV-slides.pdf<\/a><\/p>\n\n\n\n

Net Scanners<\/p>\n\n\n\n

https:\/\/nmap.org\/<\/a><\/p>\n\n\n\n

https:\/\/nmap.org\/nsedoc\/<\/a><\/p>\n\n\n\n

http:\/\/www.securitytube.net\/video\/931<\/a><\/p>\n\n\n\n

https:\/\/nmap.org\/nsedoc\/<\/a><\/p>\n\n\n\n

http:\/\/www.openvas.org\/<\/a><\/p>\n\n\n\n

http:\/\/www.tenable.com\/products\/nessus-vulnerability-scanner<\/a><\/p>\n\n\n\n

https:\/\/www.rapid7.com\/products\/nexpose\/compare-downloads.jsp<\/a><\/p>\n\n\n\n

http:\/\/www.inguardians.com\/research\/docs\/Skoudis_pentestsecrets.pdf<\/a><\/p>\n\n\n\n

Man-in-the-middle attack<\/p>\n\n\n\n

http:\/\/www.linuxsecurity.com\/docs\/PDF\/dsniff-n-mirror.pdf<\/a><\/p>\n\n\n\n

http:\/\/media.techtarget.com\/searchUnifiedCommunications\/downloads\/Seven_Deadliest_UC_Attacks_Ch3.pdf<\/a><\/p>\n\n\n\n

https:\/\/packetstormsecurity.com\/papers\/wireless\/cracking-air.pdf<\/a><\/p>\n\n\n\n

https:\/\/www.blackhat.com\/presentations\/bh-europe-03\/bh-europe-03-valleri.pdf<\/a><\/p>\n\n\n\n

https:\/\/www.defcon.org\/images\/defcon-17\/dc-17-presentations\/defcon-17-sam_bowne-hijacking_web_2.0.pdf<\/a><\/p>\n\n\n\n

http:\/\/www.leetupload.com\/database\/Misc\/Papers\/Asta%20la%20Vista\/18.Ettercap_Spoof.pdf<\/a><\/p>\n\n\n\n

http:\/\/bandwidthco.com\/nf.html<\/a><\/p>\n\n\n\n

http:\/\/articles.manugarg.com\/arp_spoofing.pdf<\/a><\/p>\n\n\n\n

http:\/\/academy.delmar.edu\/Courses\/ITSY2430\/eBooks\/Ettercap(ManInTheMiddleAttack-tool).pdf<\/a><\/p>\n\n\n\n

http:\/\/www.ucci.it\/docs\/ICTSecurity-2004-26.pdf_<\/a><\/p>\n\n\n\n

Phase 1 – Reconnaissance: Information Gathering before the Attack<\/p>\n\n\n\n

https:\/\/en.wikipedia.org\/wiki\/Open-sourceintelligence<\/a><\/p>\n\n\n\n

http:\/\/www.spylogic.net\/2009\/10\/enterprise-open-source-intelligence-gathering-part-1-social-networks\/<\/a><\/p>\n\n\n\n

http:\/\/www.spylogic.net\/2009\/10\/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata\/<\/a><\/p>\n\n\n\n

http:\/\/www.spylogic.net\/2009\/10\/enterprise-open-source-intelligence-gathering-part-3-monitoring\/<\/a><\/p>\n\n\n\n

http:\/\/www.slideshare.net\/Laramies\/tactical-information-gathering<\/a><\/p>\n\n\n\n

http:\/\/www.infond.fr\/2010\/05\/toturial-footprinting.html<\/a><\/p>\n\n\n\n

Phase 1.1 – People and Orginizational<\/p>\n\n\n\n

http:\/\/www.spokeo.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.spoke.com\/<\/a><\/p>\n\n\n\n

https:\/\/www.xing.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.zoominfo.com\/<\/a><\/p>\n\n\n\n

https:\/\/pipl.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.zabasearch.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.searchbug.com\/<\/a><\/p>\n\n\n\n

http:\/\/skipease.com\/<\/a><\/p>\n\n\n\n

http:\/\/addictomatic.com\/<\/a><\/p>\n\n\n\n

http:\/\/socialmention.com\/<\/a><\/p>\n\n\n\n

http:\/\/entitycube.research.microsoft.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.yasni.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.glassdoor.com\/index.htm<\/a><\/p>\n\n\n\n

https:\/\/connect.data.com\/<\/a><\/p>\n\n\n\n

https:\/\/searchwww.sec.gov\/EDGARFSClient\/jsp\/EDGAR_MainAccess.jsp<\/a><\/p>\n\n\n\n

https:\/\/www.tineye.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.peekyou.com\/_<\/a><\/p>\n\n\n\n

Phase 1.2 – Infastructure<\/p>\n\n\n\n

http:\/\/uptime.netcraft.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.shodanhq.com\/<\/a><\/p>\n\n\n\n

http:\/\/www.domaintools.com\/<\/a><\/p>\n\n\n\n

http:\/\/centralops.net\/co\/<\/a><\/p>\n\n\n\n

http:\/\/whois.webhosting.info\/<\/a><\/p>\n\n\n\n

https:\/\/www.ssllabs.com\/ssltest\/analyze.html<\/a><\/p>\n\n\n\n

https:\/\/www.exploit-db.com\/google-hacking-database\/<\/a><\/p>\n\n\n\n

http:\/\/www.my-ip-neighbors.com\/<\/a><\/p>\n\n\n\n

Phase 1.2 – Tools<\/p>\n\n\n\n

OSINT Tools<\/p>\n\n\n\n

http:\/\/www.edge-security.com\/theharvester.php<\/a><\/p>\n\n\n\n

http:\/\/www.edge-security.com\/metagoofil.php<\/a><\/p>\n\n\n\n

http:\/\/www.paterva.com\/web6\/<\/a><\/p>\n\n\n\n

https:\/\/www.sans.org\/reading-room\/whitepapers\/privacy\/document-metadata-silent-killer-32974<\/a><\/p>\n\n\n\n

http:\/\/www.sno.phy.queensu.ca\/~phil\/exiftool\/<\/a><\/p>\n\n\n\n

http:\/\/www.darkoperator.com\/blog\/2009\/4\/24\/metadata-enumeration-with-foca.html<\/a><\/p>\n\n\n\n

Phase 2 – Enumeration: Finding Attack Vectors<\/p>\n\n\n\n

http:\/\/securitysynapse.blogspot.be\/201308_01_archive.html<\/a><\/p>\n\n\n\n

https:\/\/hackertarget.com\/attacking-wordpress\/<\/a><\/p>\n\n\n\n

https:\/\/code.google.com\/p\/pentest-bookmarks\/wiki\/BookmarksList<\/a><\/p>\n\n\n\n

http:\/\/www.0daysecurity.com\/penetration-testing\/enumeration.html<\/a><\/p>\n\n\n\n

https:\/\/github.com\/n3ko1\/WrapMap<\/a><\/p>\n\n\n\n

https:\/\/cirt.net\/Nikto2<\/a><\/p>\n\n\n\n

http:\/\/www.unixmen.com\/install-nikto-web-scanner-check-vulnerabilities\/<\/a><\/p>\n\n\n\n

http:\/\/seclist.us\/autoenum-nmap-enumeration-and-script-scan-automation-script.html<\/a><\/p>\n\n\n\n

http:\/\/code.stephenmorley.org\/articles\/xampp-version-history-apache-mysql-php\/<\/a><\/p>\n\n\n\n

http:\/\/carnal0wnage.attackresearch.com\/2007\/07\/over-in-lso-chat-we-were-talking-about.html<\/a><\/p>\n\n\n\n

http:\/\/www.iodigitalsec.com\/windows-null-session-enumeration\/<\/a><\/p>\n\n\n\n

https:\/\/pen-testing.sans.org\/blog\/2013\/07\/24\/plundering-windows-account-info-via-authenticated-smb-sessions<\/a><\/p>\n\n\n\n

http:\/\/carnal0wnage.attackresearch.com\/2007\/07\/enumerating-user-accounts-on-linux-and.html<\/a><\/p>\n\n\n\n

https:\/\/github.com\/isaudits\/autoenum<\/a><\/p>\n\n\n\n

http:\/\/www.webpronews.com\/snmp-enumeration-and-hacking-2003-09<\/a><\/p>\n\n\n\n

http:\/\/carnal0wnage.attackresearch.com\/2007\/07\/over-in-lso-chat-we-were-talking-about.html<\/a><\/p>\n\n\n\n

http:\/\/www.iodigitalsec.com\/windows-null-session-enumeration\/<\/a><\/p>\n\n\n\n

http:\/\/pen-testing.sans.org\/blog\/2013\/07\/24\/plundering-windows-account-info-via-authenticated-smb-sessions<\/a><\/p>\n\n\n\n

http:\/\/carnal0wnage.attackresearch.com\/2007\/07\/enumerating-user-accounts-on-linux-and.html<\/a><\/p>\n\n\n\n

http:\/\/www.madirish.net\/59<\/a><\/p>\n\n\n\n

http:\/\/www.enye-sec.org\/en\/papers\/web_vuln-en.txt_<\/a><\/p>\n\n\n\n

Phase 3 – Exploitation: Verifying Security Weaknesses<\/p>\n\n\n\n

http:\/\/pwnwiki.io<\/a><\/p>\n\n\n\n

http:\/\/download.vulnhub.com\/pentesterlab\/phpinclude_and_post_exploitation.pdf<\/a><\/p>\n\n\n\n

http:\/\/ru.scribd.com\/doc\/245679444\/hak5-org-OSXPost-Exploitation-copy-20130228-pdf#scribd<\/a><\/p>\n\n\n\n

https:\/\/cyberwar.nl\/d\/hak5.org_LinuxUnixBSDPost-ExploitationCommandList_copy-20130228.pdf<\/a><\/p>\n\n\n\n

https:\/\/www.yumpu.com\/en\/document\/view\/14963680\/from-sqli-to-shell_<\/a><\/p>\n\n\n\n

Dump Windows Password Hashes<\/p>\n\n\n\n

http:\/\/bernardodamele.blogspot.com\/2011\/12\/dump-windows-password-hashes.html<\/a><\/p>\n\n\n\n

Windows Passhing The Hash<\/p>\n\n\n\n

https:\/\/www.kali.org\/penetration-testing\/passing-hash-remote-desktop\/<\/a><\/p>\n\n\n\n

https:\/\/www.kali.org\/kali-monday\/pass-the-hash-toolkit-winexe-updates\/<\/a><\/p>\n\n\n\n

Windows Privilege Escalation<\/p>\n\n\n\n

https:\/\/labs.mwrinfosecurity.com\/system\/assets\/760\/original\/Windows_Services_-All_roads_lead_to_SYSTEM.pdf(https:\/\/labs.mwrinfosecurity.com\/system\/assets\/760\/original\/WindowsServices-_All_roads_lead_to_SYSTEM.pdf)_<\/a><\/p>\n\n\n\n

http:\/\/travisaltman.com\/windows-privilege-escalation-via-weak-service-permissions\/<\/a><\/p>\n\n\n\n

https:\/\/github.com\/0xdeafbeef\/PSSecSnapshot<\/a><\/p>\n\n\n\n

http:\/\/it-ovid.blogspot.com\/2012\/02\/windows-privilege-escalation.html<\/a><\/p>\n\n\n\n

http:\/\/www.fuzzysecurity.com\/tutorials\/16.html<\/a><\/p>\n\n\n\n

http:\/\/www.youtube.com\/watch?v=kMG8IsCohHA<\/a><\/p>\n\n\n\n

http:\/\/www.youtube.com\/watch?v=8xJaaQlpBo<\/a><\/p>\n\n\n\n

http:\/\/www.greyhathacker.net\/?p=738<\/a><\/p>\n\n\n\n

http:\/\/bernardodamele.blogspot.ru\/2011\/12\/dump-windows-password-hashes.html<\/a><\/p>\n\n\n\n

Linux Privilege Escalation<\/p>\n\n\n\n

http:\/\/incolumitas.com\/wp-content\/uploads\/2012\/12\/blackhats_view.pdf<\/a><\/p>\n\n\n\n

http:\/\/blog.g0tmi1k.com\/2011\/08\/basic-linux-privilege-escalation.html<\/a><\/p>\n\n\n\n

http:\/\/pentestmonkey.net\/tools\/audit\/unix-privesc-check<\/a><\/p>\n\n\n\n

http:\/\/www.rebootuser.com\/?page_id=1721<\/a><\/p>\n\n\n\n

http:\/\/www.rebootuser.com\/?p=1758<\/a><\/p>\n\n\n\n

http:\/\/www.rebootuser.com\/?p=1623<\/a><\/p>\n\n\n\n

http:\/\/insidetrust.blogspot.nl\/2011\/04\/quick-guide-to-linux-privilege.html<\/a><\/p>\n\n\n\n

Tunneling & Port Forwarding<\/p>\n\n\n\n

https:\/\/www.sans.org\/reading-room\/whitepapers\/testing\/tunneling-pivoting-web-application-penetration-testing-36117<\/a><\/p>\n\n\n\n

https:\/\/highon.coffee\/blog\/reverse-shell-cheat-sheet\/<\/a><\/p>\n\n\n\n

https:\/\/highon.coffee\/blog\/ssh-meterpreter-pivoting-techniques\/<\/a><\/p>\n\n\n\n

http:\/\/staff.washington.edu\/corey\/fw\/ssh-port-forwarding.html<\/a><\/p>\n\n\n\n

http:\/\/pentestmonkey.net\/cheat-sheet\/shells\/reverse-shell-cheat-sheet<\/a><\/p>\n\n\n\n

http:\/\/magikh0e.ihtb.org\/pubPapers\/ssh_gymnastics_tunneling.html<\/a><\/p>\n\n\n\n

http:\/\/www.debianadmin.com\/howto-use-ssh-local-and-remote-port-forwarding.html<\/a><\/p>\n\n\n\n

http:\/\/www.danscourses.com\/Network-Penetration-Testing\/metasploit-pivoting.html<\/a><\/p>\n\n\n\n

http:\/\/carnal0wnage.attackresearch.com\/2007\/09\/using-metasploit-to-pivot-through_06.html<\/a><\/p>\n\n\n\n

http:\/\/www.offensive-security.com\/metasploit-unleashed\/Portfwd<\/a><\/p>\n\n\n\n

http:\/\/www.offensive-security.com\/metasploit-unleashed\/Pivoting<\/a><\/p>\n\n\n\n

http:\/\/www.howtoforge.com\/reverse-ssh-tunneling<\/a><\/p>\n\n\n\n

http:\/\/ftp.acc.umu.se\/pub\/putty\/putty-0.57\/htmldoc\/Chapter7.htmla_<\/a><\/p>\n\n\n\n

XSS Cheat Codes<\/p>\n\n\n\n

http:\/\/www.xenuser.org\/xss-cheat-sheet\/<\/a><\/p>\n\n\n\n

https:\/\/gist.github.com\/sseffa\/11031135<\/a><\/p>\n\n\n\n

https:\/\/html5sec.org\/<\/a><\/p>\n\n\n\n

WebShells<\/p>\n\n\n\n

http:\/\/www.r57shell.net\/<\/a><\/p>\n\n\n\n

https:\/\/github.com\/b374k\/b374k<\/a><\/p>\n\n\n\n

https:\/\/github.com\/epinna\/weevely3<\/a><\/p>\n\n\n\n

SQLi General Resources<\/p>\n\n\n\n

http:\/\/www.w3schools.com\/sql\/sqlinjection.asp<\/a><\/p>\n\n\n\n

http:\/\/sqlzoo.net\/hack\/<\/a><\/p>\n\n\n\n

https:\/\/information.rapid7.com\/rs\/rapid7\/images\/R7%20SQL_Injection_Cheat_Sheet.v1.pdf<\/a><\/p>\n\n\n\n

http:\/\/websec.ca\/kb\/sql_injection<\/a><\/p>\n\n\n\n

http:\/\/ferruh.mavituna.com\/sql-injection-cheatsheet-oku\/<\/a><\/p>\n\n\n\n

http:\/\/www.unixwiz.net\/techtips\/sql-injection.html<\/a><\/p>\n\n\n\n

http:\/\/www.sqlinjectionwiki.com\/<\/a><\/p>\n\n\n\n

http:\/\/sqlmap.org\/<\/a><\/p>\n\n\n\n

https:\/\/packetstorm.sigterm.no\/papers\/cheatsheets\/sqlmap-cheatsheet-1.0-SDB.pdf<\/a><\/p>\n\n\n\n

https:\/\/www.owasp.org\/index.php\/SQL_Injection_Prevention_Cheat_Sheet<\/a><\/p>\n\n\n\n

http:\/\/bobby-tables.com\/<\/a><\/p>\n\n\n\n

MySQLi Resources<\/p>\n\n\n\n

http:\/\/pentestmonkey.net\/cheat-sheet\/sql-injection\/mysql-sql-injection-cheat-sheet<\/a><\/p>\n\n\n\n

\n
SQLi filter evasion cheat sheet (MySQL)<\/a><\/blockquote>