Resources

There is a lot of resources available about hacking and security, here are my favorites.

Some blogs I frequently visit from bounty hunters themself. They explain their findings, why it occurs, how they were able to exploit and sometimes how much they win. I visit them once a week and I also follow their writer on Twitter to not miss the bugs they don’t review.

In my opinion the best way to learn hacking and security is to read public disclosure. It’s a great resources of tips and tools to use to make your life easier. Some of my favorites issues, the ones I like to read again and again to understand the vulnerability and try to discern the state of mind of the hacker who found it. It’s also a good way to improve your report skill and see the way hackers communicates with security teams to keep good feelings.

Each Time I learn a new kind of issue, I try to reproduce it on on my local lab, then I try it on security programs I’m currently working on. Sometime it works, sometimes not but bug bounty is also about patience. Happy reading !

Official

OWASP: The Open Web Application Security Project
PTES Technical Guidelines: penetration testing guidelines

Companies / Organizations

PortSwigger Web Security Blog
Sucuri Blog
InfoSec Institute: a lot of great articles about security and hacking
Cybrary proposes many courses from beginner to advanced
Security Weekly: penetration testing tips & tricks
Detectify Labs

Communities

Hackademics (fr): french forums about hacking techniques
Zenk-Security (fr): online challenges and tutoriels repository
Hacker Web Directory: security resources list (many broken links unfortunately)
BlackHat Library: nice wiki with vulneabilities explanations (seems to be down)

Training (and learning!)

Hacksplaining: learn to hack, learn to protect yourself
Root Me (fr): challenges and CTF
Exploit Exercises: challenges and virtual machines
Zenk-Security: challenges and tutoriels repository
W3Challs: challenges
Newbie Contest (fr): french challenges

WebGoat: vulnerable web application
VulnHub: vulnerable virtual machines
DVWA: vulnerable web application

Personal blogs

Vulnerabilities list by me

–2017

Agarri: awesome pentester I met at a bug bounty convention
Philippe Harewood: bunch of public disclosure by phwd
Stephen Sclafani: this guy shares many of his findings on Facebook
netbiosX: great blog about pentest techniques
Arr0way: penetration testing && security research blog
Nikhil SamratAshok Mittal: lab of a tenetration tester
Cyber arms: cyber war news and business computer tips
David Dworken: the famous “18-year-old hacker honored at Pentagon”
ZeroSec: write-ups, projects, adventures & other bits & bobs
FoxGlove Security Team: write-ups, projects, adventures & other bits & bobs
Nick Raienko: collection of awesome penetration testing resources, tools and other things
Orange: another white hacker performing bug bounty
Brett Buerhaus: he litteraly killed Airbnb

–2016

Filedescriptor: I don’t know who is this guy but his profil on HackerOne is truely awesome
Sean Melia wings between the first and the second place on HackerOne
Jack Whitton: true XSS jedi
Pentest Geek: another nice blog with nice archives
Corelan Team: group of IT Security researchers/enthusiasts/professionals/hobbyists
Josip Franjković: Facebook’s top 10 whitehat reporters since 2013
Patrik Fehrenbach: it-securityguard blog
Jordan Milne: web security, programming, reverse-engineering, and everything related
Ruben Boonen: bunch of tutorials covring many topics

–before

Ben Sadeghipour plays with many various vulns
pentestmonkey: taking the monkey work out of pentesting
Gentil Kiwi (fr): author of mimikatz
Les Tutos de Nico (fr): french blog about security
5m4ru (pl): polish hacking articles with few videos
Nir Goldshlager: CEO of Break Security
g0t mi1k: the guy that broke the high level of DVWA

Specific articles that should be bookmarked

The Bug Hunters Methodology by Jason Haddix
The Open Penetration Testing Bookmarks Collection by Jason Haddix and friends
Linux privilege escalation by g0t mi1k
Windows privilege escalation by Ruben Boonen
HTML5 Security Cheatsheet (XSS payloads)
Documentation of Sqlmap
XXE cheatsheet
A-Z Index of the Windows CMD command line
Google advanced operators
IP Tables reminder
Pentest Tips and Tricks #1 by EK / jiboi
Pentest Tips and Tricks #2 second part
Github Enterprise owned using SAML auth by Ioannis Kakavas

Reports

The unofficial HackerOne disclosure timeline
XSS on OAuth authorize/authenticate endpoint
Remote Code Execution on Shopify
DNS Misconfiguration
XSS in the all widgets of shopifyapps.com
Private program activity timeline information disclosure
AWS S3 bucket writeable for authenticated aws users
uber.com may RCE by Flask Jinja2 Template Injection
CSV Injection in business.uber.com
Reflected XSS on developer.uber.com via Angular template injection
Pixel flood attack
Stored XSS in archive.uber.com Due to Injection of Javascript:alert(0)
XSS In archive.uber.com Due to Mime Sniffing in IE
CRLF Injection in developer.uber.com
Reflected XSS via Unvalidated / Open Redirect in uber.com
Reflected XSS via Livefyre Media Wall in newsroom.uber.com

Videos

SecurityTube: incredible pool of hacking videos, security courses and certifications
DEF CON: annual meeting with the best hackers and security experts in the world
Yaworsk channel: hacking tutorials and interview of white hackers

Tools

SecTools: pool of network security tools
Kali Linux Tools Listing
Web Hacker’s Favorites: collection of Firefox add-ons
soldierx.com: tools organized by category

Vulnerability assessment tools by me
Post exploitation tools by me
Information gathering tools by me
Exploitation tools by me

Books

Les bases du hacking (fr): introduction to basic hacking techniques. You don’t need any experience to understand the steps presented in this book.

The Web Application Hackers Handbook (2nd): “This fully updated edition contains the very lastest attack techniques and coutermeasures, showing you how to break into today’s complex and highly functional applications.

Metasploit: The Penetration Tester’s Guide: Metasploit is probably the most popular framework used by professional pentester.

Ethical Hacking and Penetration Testing Guide: introduction and guidelines to understand offensive security.

Penetration Testing: A Hands-On Introduction to Hacking: In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs.

Google Hacking for Penetration Testers: This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker’s search.

Stealing the Network: These groundbreaking books created a fictional world of hacker superheroes and villains based on real world technology, tools, and tactics.

Web Hacking 101: If you’re reading this, you also have the curiosity needed to be a hacker and bug hunter.

to be continued…

My way to go

## Project* Find Amazon s3 buckets: `s3-buckets-bruteforce /opt/SecLists/mine/s3-buckets.txt -` if found: `s3-buckets-extractor ` * Ex...… Continue reading

« Null Byte Injection

Published on January 10, 2015

Vulnerable by Design »

Published on December 22, 2014