- Phrack. The oldest hacker zine still running - http://phrack.org/
- Some notes on exploitation I wrote last year for the society. Missing stuff, but probably a good base: https://gist.github.com/bahorn/0df2d3dc5dbfd36d15a36044456e06f8
- Great article on chaining bugs: http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html
- https://cturt.github.io/compat-info-leaks.html
- http://phrack.org/issues/64/15.html
- RFP's article where he introduced SQL injections: http://phrack.org/issues/54/8.html
- https://media.ccc.de/
- https://media.defcon.org/
- IppSec's videos: https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/videos
- https://www.hackthebox.eu/
- https://ropemporium.com/
- http://overthewire.org/wargames/
- http://smashthestack.org/
- https://cryptopals.com/
- https://microcorruption.com/
- Kali Linux, a Linux distro for pen testing. has most of the tools pre-installed or in the package manager: https://www.kali.org/
- Library to make it easy to write binary exploits: https://docs.pwntools.com/en/stable/
- Collection of exploits and tooling: https://www.metasploit.com/
- Radare2 - Command line tool to do reverse engineering: http://rada.re/r/
- GUI for Radare2 :): https://github.com/radareorg/cutter
- Standard linux utils that'll you end up using: https://www.gnu.org/software/binutils/
- A plugin for GDB to make it much nicer to use: https://gef.readthedocs.io/en/latest/
- Burp suite. All in one web hacking tool: https://portswigger.net/burp
- Revese Shell Cheat sheet, useful to go from the ability to execute commands to a full prompt: http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
- List of Linux common linux tools that can be useful during CTFs: https://gtfobins.github.io/
- Same, but for Windows: https://lolbas-project.github.io/