Getting Started in Programming, IT, Hacking, and Networking Guide
Links and Resources to look at to teach you more about Programming, Hardware,Hacking, and Networking
-
https://www.guru99.com/ site with tutorials on programming machine learning cyber security and much more
-
Helpful sites to learn programming
-
http://code.google.com/edu/languages/google-python-class/index.html
-
http://www.catonmat.net/blog/learning-python-programming-language-through-video-lectures/
-
https://cs50.harvard.edu/college/2020/fall/ well known free course for introduction to programming
- https://www.linuxtrainingacademy.com/linux-commands-cheat-sheet/ cheatsheet which shows the commands to many everyday useful command line tools
- https://tryhackme.com/ website for beginners and advanced users to teach about linux plus much more
- https://linuxjourney.com/ website which takes you through a hands on step by step process about how to use linux
- https://computefreely.org/
- https://linuxnewbieguide.org/overview-of-chapters/
- https://www.makeuseof.com/tag/linux-beginners-guide/ just a basic guide about linux
- https://null-byte.wonderhowto.com/how-to/linux-basics/ a series of free linux basic tutorials you dont have to sign up for. Nullbytes website is full of in depth tutorials and explanations of many things in the IT and cybersecurity industries . A must have bookmark.
- https://www.ubuntupit.com/best-linux-commands-to-run-in-the-terminal/ List of 50 very Useful Linux Commands
Mostly free Pdfs legally obtained about programming, networking ,IT , Cyber Security, and Penetration Testing
-
https://github.com/Hack-with-Github/Free-Security-eBooks
-
https://github.com/EbookFoundation/free-programming-books/blob/master/free-programming-books.md
-
https://github.com/getify/You-Dont-Know-JS/blob/1st-ed/README.md Javascript course
-
https://www.springboard.com/resources/learning-paths/cybersecurity-foundations/
-
https://www.cybrary.it/course/introduction-to-it-and-cybersecurity/
-
https://www.futurelearn.com/courses/introduction-to-cyber-security
-
http://www.irongeek.com/i.php?page=videos/network-sniffers-class
-
https://training.linuxfoundation.org/resources/?_sft_content_type=free-course
Youtubers
- Hak5 https://www.youtube.com/channel/UC3s0BtrBJpwNDaflRSoiieQ
- The cyber mentor https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw hardware tutorials , tech reviewer
- Jackktutorials https://www.youtube.com/channel/UC64x_rKHxY113KMWmprLBPA hacking tutorials ctfs ,linux
- Webpwnized https://www.youtube.com/channel/UCPeJcqbi8v46Adk59plaaXg hacking tutorials ctfs ,linux
- Sstec https://www.youtube.com/c/SSTecTutorials/playlists hacking tutorials ctfs and projects
- Hackhappy https://www.youtube.com/channel/UCVakgfsqxUDo2uTmv9MV_cA hacking tutorials and ctfs ,linux
- Derek rook https://www.youtube.com/c/DerekRook/videos ctfs (capture the flags)
- John hammond https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw programming, hacking tutorials ,ctfs ,linux
- Nullbyte https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g hacking tutorials
- Computerphile https://www.youtube.com/user/Computerphile/videos
programming, programming concepts ,tech concepts, networking, programming and hacking ,linux - Hackersploit https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
lots of hacking tutorials , linux , malware analysis - Barnacules nerdgasm https://www.youtube.com/channel/UC1MwJy1R0nGQkXxRD9p-zTQ tech reviewer hardware tutorials
- Thenewboston https://www.youtube.com/user/thenewboston
programming tutorials (web development -front end and back end, python , ruby - Linus tech tips https://www.youtube.com/user/LinusTechTips hardware tutorials , tech reviewer , pc building
- Elithecomputerguy https://www.youtube.com/c/Elithecomputerguypage/playlists hardware tutorials , network tutorials , hardware reviewer, hacking tutorials , linux tutorials , website development
- Derek banas https://www.youtube.com/c/derekbanas/playlists tutorials on almost every kind of programming you can imagine
Switched to linux https://www.youtube.com/channel/UCoryWpk4QVYKFCJul9KBdyw linux tutorials and stuff linux related
- Thelinuxgamer https://www.youtube.com/user/TheLinuxgamer linux gaming, linux tutorials , photo editing , music editing, programming , some hacking tutorials
- Liveoverflow https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w lots of hacking tutorials , ctfs , hackthebox, web programming
- The Net Ninja https://www.youtube.com/c/TheNetNinja/playlists
Front end web development tutorials (html,css, javascript, json)
Back end web development (firebase, json server, react ,redux , mongodb) - https://www.youtube.com/c/TraversyMedia/playlists
- https://www.youtube.com/channel/UCSJbGtTlrDami-tDGPUV9-w
- https://www.youtube.com/c/Freecodecamp Extensive web dev Videos
- SecurityTube Security and hacking tutorials
- Network Chuck Networking tutorials
- https://tryhackme.com/
- https://www.hackthissite.org/
- https://www.hackthebox.eu/
- https://juice-shop.herokuapp.com/#/
- https://www.vulnhub.com/
- https://www.cyberseclabs.co.uk/
- http://www.webscantest.com/
- http://crackme.cenzic.com/Kelev/view/home.php
- http://zero.webappsecurity.com/banklogin.asp?serviceName=FreebankCaastAccess&templateName=prod_sel.forte&source=Freebank&AD_REFERRING_URL=http://www.Freebank.com
- http://testaspnet.vulnweb.com/
- http://testasp.vulnweb.com/
- http://testphp.vulnweb.com/
- http://demo.testfire.net/
- http://hackme.ntobjectives.com/
- http://intruded.net/
- http://smashthestack.org/
- http://flack.hkpco.kr/
- http://ctf.hcesperer.org/
- http://ictf.cs.ucsb.edu/
- https://tryhackme.com/
- https://ctftime.org/
- http://capture.thefl.ag/calendar/
-
http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
-
http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
-
http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
-
http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
-
[Kali linux] https://www.kali.org most commonly used for ethical hacking. made for beginners
Best for all levels has the most tutorials and support and largest community -
Parrot Security OS a kali linux ripoff. easy to use not as much support as kali
-
BlackArch Linux very customizable version of linux , very steep learning curve but still very powerful
ISOS
-
[windows 10 iso image for virtual machines] https://www.microsoft.com/en-us/software-download/windows10
-
[windows 8 iso image ] https://www.microsoft.com/en-us/software-download/windows8ISO
-
[windows 7 iso image] https://www.microsoft.com/en-us/software-download/windows7 Virtual machine software and virtualization
-
[VirtualBox ] https://www.virtualbox.org/ windows mac and linux
-
[Vmware] https://www.vmware.com/ Vmware workstation windows mac and linux
-
[Wine ]https://www.winehq.org/ emulator for running windows applications on Linux, macOS, & BSD (not a virtual machine) Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing you to cleanly integrate Windows applications into your desktop.
- http://en.wikipedia.org/wiki/IPv4_subnetting_reference
- http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/
- http://shelldorado.com/shelltips/beginner.html
- http://www.linuxsurvival.com/
- http://mywiki.wooledge.org/BashPitfalls
- http://rubular.com/
- http://www.iana.org/assignments/port-numbers
- http://www.robvanderwoude.com/ntadmincommands.php
- http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/
- McGrew Security
- GNUCITIZEN
- Darknet - The Darkside - rss
- spylogic - rss
- TaoSecurity - atom
- Room362
- SIPVicious - rss
- portswigger
- pentestmonkeyblog
- jeremiahgrossman
- i8jesus
- c22
- Skull Security - rss
- metasploit
- darkoperator
- skeptikal
- preachsecurity
- tssci-security
- gdssecurityl
- websec
- bernardodamele
- laramies
- andlabs
- xs-sniperblog
- commonexploits
- sensepostblog
- wepma
- Exploit KB - rss
- securityreliks
- Mad Irish - rss
- sirdarckcat
- reusablesec
- myne-us
- notsosecure
- spiderlabs
- corelan
- DigiNinja - rss
- pauldotcom
- attackvector
- deviating
- alphaonelabs
- smashingpasswords
- wirewatcher
- gynvael
- nullthreat
- question-defense
- archangelamael
- memset
- sickness
- punter-infosec
- securityninja
- securityandrisk
- pentestit
Carnal 0wnage - atom
Created for forums that will help in both tool usage, syntax, attack techniques, and collection of scripts and tools.
- EH-Net Forums
- Hak5 Forums
- Kali Linux Forums
- Hack Forums
- Hackthissite Forums
- Security Override Forums
- Government Security
- Penetration Testing Framework
- The Penetration Testing Execution Standard
- The WASC Threat Classification
- OWASP Top Ten Project
- The Social Engineering Framework
OSINT (Open Source intelligence) -The practice of collecting information from published or otherwise publicly available sources
- http://www.spokeo.com/
- http://www.123people.com/
- http://www.xing.com/
- http://www.zoominfo.com/search
- http://pipl.com/
- http://www.zabasearch.com/
- http://www.searchbug.com/default.aspx
- http://theultimates.com/
- http://skipease.com/
- http://addictomatic.com/
- http://socialmention.com/
- http://entitycube.research.microsoft.com/
- http://www.yasni.com/
- http://tweepz.com/
- http://tweepsearch.com/
- http://www.glassdoor.com/index.htm
- http://www.jigsaw.com/
- http://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp
- http://www.tineye.com/
- http://www.peekyou.com/
- http://picfog.com/
- http://twapperkeeper.com/index.php
- http://uptime.netcraft.com/
- http://www.serversniff.net/
- http://www.domaintools.com/
- http://centralops.net/co/
- http://hackerfantastic.com/
- http://whois.webhosting.info/
- https://www.ssllabs.com/ssldb/analyze.html
- http://www.clez.net/
- http://www.my-ip-neighbors.com/
- https://www.shodan.io/
- http://www.exploit-db.com/google-dorks/
- http://www.hackersforcharity.org/ghdb/
- http://cirt.net/ports_dl.php?export=services
- http://www.cheat-sheets.org/
- http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
- http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/
- http://blog.commandlinekungfu.com/
- http://www.securityaegis.com/simple-yet-effective-directory-bruteforcing/
- http://isc.sans.edu/diary.html?storyid=2376
- http://isc.sans.edu/diary.html?storyid=1229
- http://ss64.com/nt/
- http://pauldotcom.com/2010/02/running-a-command-on-every-mac.html
- http://synjunkie.blogspot.com/2008/03/command-line-ninjitsu.html
- http://www.zonbi.org/2010/06/09/wmic-the-other-other-white-meat/
- http://rstcenter.com/forum/22324-hacking-without-tools-windows.rst
- http://www.coresecurity.com/files/attachments/Core_Define_and_Win_Cmd_Line.pdf
- http://www.scribd.com/Penetration-Testing-Ninjitsu2-Infrastructure-and-Netcat-without-Netcat/d/3064507
- http://www.pentesterscripting.com/
- http://www.sans.org/reading_room/whitepapers/hackers/windows-script-host-hack-windows_33583
- http://www.blackhat.com/presentations/bh-dc-10/Bannedit/BlackHat-DC-2010-Bannedit-Advanced-Command-Injection-Exploitation-1-wp.pdf
- http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
- http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf
- http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf
- http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf
- http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
- http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html
- http://h.ackack.net/cheat-sheets/netcat
- http://myne-us.blogspot.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
- http://www.mgraziano.info/docs/stsi2010.pdf
- http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/
- http://www.ethicalhacker.net/content/view/122/2/
- http://code.google.com/p/it-sec-catalog/wiki/Exploitation
- http://x9090.blogspot.com/2010/03/tutorial-exploit-writting-tutorial-from.html
- http://ref.x86asm.net/index.html
- http://www.woodmann.com/TiGa/idaseries.html
- http://www.binary-auditing.com/
- http://visi.kenshoto.com/
- http://www.radare.org/y/
- http://www.offensivecomputing.net/
- http://www.irongeek.com/i.php?page=videos/password-exploitation-class
- http://cirt.net/passwords
- http://sinbadsecurity.blogspot.com/2008/10/ms-sql-server-password-recovery.html
- http://www.foofus.net/~jmk/medusa/medusa-smbnt.html
- http://www.foofus.net/?page_id=63
- http://hashcrack.blogspot.com/
- http://www.nirsoft.net/articles/saved_password_location.html
- http://www.onlinehashcrack.com/
- http://www.md5this.com/list.php?
- http://www.virus.org/default-password
- http://www.phenoelit-us.org/dpl/dpl.html
- http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html
- http://www.sans.org/reading_room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation_33283
- http://www.sans.org/reading_room/whitepapers/testing/crack-pass-hash_33219
- http://carnal0wnage.blogspot.com/2008/03/using-pash-hash-toolkit.html
- http://www.giac.org/certified_professionals/practicals/gsec/0810.php
- http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf
- http://www.cs.uiuc.edu/class/sp08/cs498sh/slides/dsniff.pdf
- http://www.techvibes.com/blog/a-hackers-story-let-me-tell-you-just-how-easily-i-can-steal-your-personal-data
- http://www.mindcenter.net/uploads/ECCE101.pdf
- http://toorcon.org/pres12/3.pdf
- http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf
- http://packetstormsecurity.org/papers/wireless/cracking-air.pdf
- http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf
- http://www.oact.inaf.it/ws-ssri/Costa.pdf
- http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf
- http://mcafeeseminar.com/focus/downloads/Live_Hacking.pdf
- http://www.seanobriain.com/docs/PasstheParcel-MITMGuide.pdf
- http://www.more.net/sites/default/files/2010JohnStrandKeynote.pdf
- http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf
- http://bandwidthco.com/whitepapers/netforensics/arp/EtterCap%20ARP%20Spoofing%20&%20Beyond.pdf
- http://bandwidthco.com/whitepapers/netforensics/arp/Fun%20With%20EtterCap%20Filters.pdf
- http://www.iac.iastate.edu/iasg/libarchive/0910/The_Magic_of_Ettercap/The_Magic_of_Ettercap.pdf
- http://articles.manugarg.com/arp_spoofing.pdf
- http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf
- http://www.ucci.it/docs/ICTSecurity-2004-26.pdf
- http://web.mac.com/opticrealm/iWeb/asurobot/My%20Cyber%20Attack%20Papers/My%20Cyber%20Attack%20Papers_files/ettercap_Nov_6_2005-1.pdf
- http://blog.spiderlabs.com/2010/12/thicknet.html
- http://www.hackyeah.com/2010/10/ettercap-filters-with-metasploit-browser_autopwn/
- http://www.go4expert.com/forums/showthread.php?t=11842
- http://www.irongeek.com/i.php?page=security/ettercapfilter
- http://openmaniak.com/ettercap_filter.php
- http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming
- http://www.irongeek.com/i.php?page=videos/ettercap-plugins-find-ip-gw-discover-isolate
- http://www.irongeek.com/i.php?page=videos/ettercapfiltervid1
- http://spareclockcycles.org/2010/06/10/sergio-proxy-released/
- http://www.edge-security.com/theHarvester.php
- http://www.mavetju.org/unix/dnstracer-man.php
- http://www.paterva.com/web5/
- http://www.sans.org/reading_room/whitepapers/privacy/document-metadata-silent-killer_32974
- http://lcamtuf.coredump.cx/strikeout/
- http://www.sno.phy.queensu.ca/~phil/exiftool/
- http://www.edge-security.com/metagoofil.php
- http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html
- http://www.stachliu.com/index.php/resources/tools/google-hacking-diggity-project/
- http://midnightresearch.com/projects/search-engine-assessment-tool/#downloads
- http://sqid.rubyforge.org/#next
- http://voidnetwork.org/5ynL0rd/darkc0de/python_script/dorkScan.html
- http://www.bindshell.net/tools/beef
- http://blindelephant.sourceforge.net/
- http://xsser.sourceforge.net/
- http://sourceforge.net/projects/rips-scanner/
- http://www.divineinvasion.net/authforce/
- http://andlabs.org/tools.html#sotf
- http://www.taddong.com/docs/Browser_Exploitation_for_Fun&Profit_Taddong-RaulSiles_Nov2010_v1.1.pdf
- http://carnal0wnage.blogspot.com/2007/07/using-sqid-sql-injection-digger-to-look.html
- http://code.google.com/p/pinata-csrf-tool/
- http://xsser.sourceforge.net/#intro
- http://www.contextis.co.uk/resources/tools/clickjacking-tool/
- http://packetstormsecurity.org/files/view/69896/unicode-fun.txt
- http://sourceforge.net/projects/ws-attacker/files/
- https://github.com/koto/squid-imposter
- http://code.google.com/p/fuzzdb/
- http://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database#tab=Statements
- http://w3af.sourceforge.net/
- http://code.google.com/p/skipfish/
- http://sqlmap.sourceforge.net/
- http://sqid.rubyforge.org/#next
- http://packetstormsecurity.org/UNIX/scanners/XSSscan.py.txt
- http://code.google.com/p/fimap/wiki/WindowsAttack
- http://code.google.com/p/fm-fsf/
- http://www.sans.org/reading_room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder_33214
- http://www.gdssecurity.com/l/b/2010/08/10/constricting-the-web-the-gds-burp-api/
- http://sourceforge.net/projects/belch/files/
- http://www.securityninja.co.uk/application-security/burp-suite-tutorial-repeater-and-comparer-tools
- http://blog.ombrepixel.com/
- http://andlabs.org/tools.html#dser
- http://feoh.tistory.com/22
- http://www.sensepost.com/labs/tools/pentest/reduh
- http://www.owasp.org/index.php/OWASP_WebScarab_NG_Project
- http://intrepidusgroup.com/insight/mallory/
- http://www.fiddler2.com/fiddler2/
- http://websecuritytool.codeplex.com/documentation?referringTitle=Home
- http://translate.google.com/translate?hl=en&sl=es&u=http://xss.codeplex.com/releases/view/43170&prev=/search%3Fq%3Dhttp://www.hackingeek.com/2010/08/x5s-encuentra-fallos-xss-lfi-rfi-en-tus.html%26hl%3Den&rurl=translate.google.com&twu=1
- http://nmap.org/ncrack/
- http://www.foofus.net/~jmk/medusa/medusa.html
- http://www.openwall.com/john/
- http://ophcrack.sourceforge.net/
- http://blog.0x3f.net/tool/keimpx-in-action/
- http://code.google.com/p/keimpx/
- http://sourceforge.net/projects/hashkill/
- http://www.indepthdefense.com/2009/02/reverse-pivots-with-metasploit-how-not.html
- http://code.google.com/p/msf-hack/wiki/WmapNikto
- http://www.indepthdefense.com/2009/01/metasploit-visual-basic-payloads-in.html
- http://seclists.org/metasploit/
- http://pauldotcom.com/2010/03/nessus-scanning-through-a-meta.html
- http://meterpreter.illegalguy.hostzi.com/
- http://blog.metasploit.com/2010/03/automating-metasploit-console.html
- http://www.workrobot.com/sansfire2009/561.html
- http://www.securitytube.net/video/711
- http://en.wikibooks.org/wiki/Metasploit/MeterpreterClient#download
- http://vimeo.com/16852783
- http://milo2012.wordpress.com/2009/09/27/xlsinjector/
- http://www.fastandeasyhacking.com/
- http://trac.happypacket.net/
- http://www.blackhat.com/presentations/bh-dc-10/Ames_Colin/BlackHat-DC-2010-colin-david-neurosurgery-with-meterpreter-wp.pdf
- http://www.blackhat.com/presentations/bh-dc-10/Egypt/BlackHat-DC-2010-Egypt-UAV-slides.pdf
- http://nmap.org/
- http://asturio.gmxhome.de/software/sambascan2/i.html
- http://www.softperfect.com/products/networkscanner/
- http://www.openvas.org/
- http://tenable.com/products/nessus
- http://www.rapid7.com/vulnerability-scanner.jsp
- http://www.eeye.com/products/retina/community
- http://www.awarenetwork.org/home/rattle/source/python/exe2bat.py
- http://www.phx2600.org/archive/2008/08/29/metacab/
- http://www.room362.com/blog/2011/9/6/post-exploitation-command-lists.html
- https://addons.mozilla.org/id/firefox/collections/byrned/pentesting/?page=8
- https://addons.mozilla.org/en-US/firefox/addon/osvdb/
- https://addons.mozilla.org/en-US/firefox/addon/packet-storm-search-plugin/
- https://addons.mozilla.org/en-US/firefox/addon/default-passwords-cirtne-58786/
- https://addons.mozilla.org/en-US/firefox/addon/offsec-exploit-db-search/
- https://addons.mozilla.org/en-US/firefox/addon/oval-repository-search-plugin/
- https://addons.mozilla.org/en-US/firefox/addon/cve-dictionary-search-plugin/
- https://addons.mozilla.org/en-US/firefox/addon/hackbar/
- http://packetstormsecurity.org/files/tags/tool
- http://tools.securitytube.net/index.php?title=Main_Page
- http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
- http://www.irongeek.com/i.php?page=videos/metasploit-class
- http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6158.0/
- http://vimeo.com/16925188
- http://www.ustream.tv/recorded/13396511
- http://www.ustream.tv/recorded/13397426
- http://www.ustream.tv/recorded/13398740
- http://www.cs.sjtu.edu.cn/~kzhu/cs490/
- https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot/
- http://i-web.i.u-tokyo.ac.jp/edu/training/ss/lecture/new-documents/Lectures/
- http://resources.infosecinstitute.com/
- http://vimeo.com/user2720399
- http://pentestmonkey.net/blog/mssql-sql-injection-cheat-sheet/
- http://isc.sans.edu/diary.html?storyid=9397
- http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
- http://www.evilsql.com/main/index.php
- http://xd-blog.com.ar/descargas/manuales/bugs/full-mssql-injection-pwnage.html
- http://securityoverride.com/articles.php?article_id=1&article=The_Complete_Guide_to_SQL_Injections
- http://websec.wordpress.com/2010/03/19/exploiting-hard-filtered-sql-injections/
- http://sqlzoo.net/hack/
- http://www.sqlteam.com/article/sql-server-versions
- http://www.krazl.com/blog/?p=3
- http://www.owasp.org/index.php/Testing_for_MS_Access
- http://web.archive.org/web/20101112061524/http://seclists.org/pen-test/2003/May/0074.html
- http://web.archive.org/web/20080822123152/http://www.webapptest.org/ms-access-sql-injection-cheat-sheet-EN.html
- http://www.youtube.com/watch?v=WkHkryIoLD0
- http://layerone.info/archives/2009/Joe%20McCray%20-%20Advanced%20SQL%20Injection%20-%20L1%202009.pdf
- http://vimeo.com/3418947
- http://sla.ckers.org/forum/read.php?24,33903
- http://websec.files.wordpress.com/2010/11/sqli2.pdf
- http://old.justinshattuck.com/2007/01/18/mysql-injection-cheat-sheet/
- http://ha.ckers.org/sqlinjection/
- http://lab.mediaservice.net/notes_more.php?id=MSSQL
- http://www.google.com/#hl=en&q=bypassing+upload+file+type&start=40&sa=N&fp=a2bb30ecf4f91972
- http://blog.skeptikal.org/2009/11/adobe-responds-sort-of.html
- http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/
- http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/
- http://ex.ploit.net/f20/tricks-tips-bypassing-image-uploaders-t3hmadhatt3r-38/
- http://www.ravenphpscripts.com/article2974.html
- http://www.acunetix.com/cross-site-scripting/scanner.htm
- http://www.vupen.com/english/advisories/2009/3634
- http://msdn.microsoft.com/en-us/library/aa478971.aspx
- http://dev.tangocms.org/issues/237
- http://seclists.org/fulldisclosure/2006/Jun/508
- http://www.gnucitizen.org/blog/cross-site-file-upload-attacks/
- http://www.ipolicynetworks.com/technology/files/TikiWiki_jhot.php_Script_File_Upload_Security_Bypass_Vulnerability.html
- http://shsc.info/FileUploadSecurity
- http://pastie.org/840199
- http://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
- http://www.notsosecure.com/folder2/2010/08/20/lfi-code-exec-remote-root/?utm_source=twitterfeed&utm_medium=twitter
- http://labs.neohapsis.com/2008/07/21/local-file-inclusion-%E2%80%93-tricks-of-the-trade/
- http://www.digininja.org/blog/when_all_you_can_do_is_read.php
- http://www.infosecwriters.com/hhworld/hh8/csstut.htm
- http://www.technicalinfo.net/papers/CSS.html
- http://msmvps.com/blogs/alunj/archive/2010/07/07/1773441.aspx
- http://forum.intern0t.net/web-hacking-war-games/112-cross-site-scripting-attack-defense-guide.html
- https://media.blackhat.com/bh-eu-10/presentations/Lindsay_Nava/BlackHat-EU-2010-Lindsay-Nava-IE8-XSS-Filters-slides.pdf
- http://sirdarckcat.blogspot.com/2009/08/our-favorite-xss-filters-and-how-to.html
- http://www.securityaegis.com/filter-evasion-houdini-on-the-wire/
- http://heideri.ch/jso/#javascript
- http://www.reddit.com/r/xss/
- http://sla.ckers.org/forum/list.php?2
- http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/
- http://zastita.com/02114/Attacking_ColdFusion..html
- http://www.nosec.org/2010/0809/629.html
- http://h30507.www3.hp.com/t5/Following-the-White-Rabbit-A/Adobe-ColdFusion-s-Directory-Traversal-Disaster/ba-p/81964
- http://cfunited.com/2009/files/presentations/254_ShlomyGantz_August2009_HackProofingColdFusion.pdf
- http://blog.ombrepixel.com/post/2009/05/06/Lotus-Notes/Domino-Security
- http://seclists.org/pen-test/2002/Nov/43
- http://www.sectechno.com/2010/07/12/hacking-lotus-domino/?
- http://www.nruns.com/_downloads/Whitepaper-Hacking-jBoss-using-a-Browser.pdf
- http://blog.mindedsecurity.com/2010/04/good-bye-critical-jboss-0day.html
- http://www.hideaway.net/2007/07/hacking-oracle-application-servers.html
- http://www.owasp.org/index.php/Testing_for_Oracle
- http://www.ngssoftware.com/services/software-products/internet-security/orascan.aspx
- http://www.ngssoftware.com/services/software-products/Database-Security/NGSSQuirreLOracle.aspx
- http://www.ngssoftware.com/papers/hpoas.pdf
- http://www.onapsis.com/research.html#bizploit
- http://marc.info/?l=john-users&m=121444075820309&w=2
- http://www.phenoelit-us.org/whatSAP/index.html
-
[Defcon] https://www.defcon.org/ one of the largest worldwide Hacking conferences in the world
-
[Blackhat] https://blackhat.com/ large worldwide conference all over the globe
-
[ RSA Conference ] https://www.rsaconference.com/ The RSA Conference is an annual event focused on helping improve cybersecurity awareness and cybersecurity culture in companies, and similarly expanding this knowledge in individuals across the globe.
- http://www.ikkisoft.com/stuff/SMH_XSS.txt
- http://securestate.blogspot.com/2010/08/xfs-101-cross-frame-scripting-explained.html?utm_source=twitterfeed&utm_medium=twitter
- http://whatthefuckismyinformationsecuritystrategy.com/
- http://video.google.com/videoplay?docid=4379894308228900017&q=owasp#
- http://video.google.com/videoplay?docid=4994651985041179755&ei=_1k4TKj-PI-cqAPioJnKDA&q=deepsec#
- http://www.sensepost.com/blog/4552.html
- http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html
- http://threatpost.com/en_us/blogs/hd-moore-metasploit-exploitation-and-art-pen-testing-040210
- http://carnal0wnage.attackresearch.com/node/410
- http://www.cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf
- http://www.spy-hunter.com/Database_Pen_Testing_ISSA_March_25_V2.pdf
- http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks/