• PHISHING TOOLS
• OSINT
• Awesome List
• APTS
• SSRF
• Reverse Engineering
• MALWARE
• Machine Learning
• MALWARE SAMPLES
• CHEATSHEETS
• Machine learning & hacking
• SCANNERS
• Kali Linux
• Linux Guide
• Fuzzing
• PowerShell
• Vulnerable VMs
• Bug Bounty
• WEB
• NEWS SITES
• BLUE-TEAM
• XSS
• SQL Injection
• CSRF
• Google Hacking
• Python
• Ruby
• Honey Pots
• CTF
• CTF Tools
• Cryptocurrency
• Tor
• Deep Learning
• Threat Maps
• Encryption
• Red Team
• Networking
• random-reports
• Interview-cheatsheets
• Search Engines
• Bash
• Html-Smuggling
• Core
• FTP
• ravencoin
• ssrf
• Bash
• Mysql
• VMs

VMs

• https://manjaro.site/how-to-enable-full-screen-mode-on-ubuntu-19-10-on-vmware-workstation-15-5/

Mysql

• https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04
• https://codingsight.com/top-5-mysql-create-table-syntax-for-t-sql-developers
• https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql

Bash

• https://stackoverflow.com/questions/18568706/check-number-of-arguments-passed-to-a-bash-script
• https://linuxize.com/post/bash-functions
• https://devhints.io/bash
• https://www.cyberciti.biz/faq/unix-howto-read-line-by-line-from-file
• https://stackoverflow.com/questions/918886/how-do-i-split-a-string-on-a-delimiter-in-bash
• https://www.journaldev.com/41511/execute-command-shell-script
• https://kapeli.com/cheat_sheets/Bash_Test_Operators.docset/Contents/Resources/Documents/index
• https://www.shellcheck.net

SSRF

• https://www.vaadata.com/blog/exploiting-the-ssrf-vulnerability

ravencoin

• https://tronblack.medium.com/ravencoin-tags-and-restricted-assets-84fe3070a226
• https://tronblack.medium.com/ravencoin-a-securities-token-roadmap-47ae1d9dac26
• https://github.com/RavenProject/Ravencoin/tree/master/roadmap/rewards

FTP

• https://serverfault.com/questions/450651/500-illegal-port-command-using-command-line-ftp
• https://tecadmin.net/download-upload-files-using-ftp-command-line/
• https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/site/ftpserver/security/authentication/anonymousauthentication
• https://kb.iu.edu/d/aenq
• https://book.hacktricks.xyz/pentesting/pentesting-ftp
• https://steflan-security.com/ftp-enumeration-guide

random-reports

• https://labs.sentinelone.com/thundercats-hack-the-fsb-your-taxes-didnt-pay-for-this-op
• https://www.guardicore.com/labs/the-nansh0u-campaign-hackers-arsenal-grows-stronger
• https://graphika.com/reports/posing-as-patriots
• https://blogs.jpcert.or.jp/en/2021/06/php_malware.html
• https://www.vice.com/en/article/epnv8z/nypds-sprawling-facial-recognition-system-now-has-more-than-15000-cameras
• https://blog.heckel.io/2013/07/01/how-to-use-mitmproxy-to-read-and-modify-https-traffic-of-your-phone
• https://cluster25.io/2021/06/03/a-not-so-fancy-game-apt28-skinnyboy
• https://www.proofpoint.com/us/blog/threat-insight/badblood-ta453-targets-us-and-israeli-medical-research-personnel-credential
• https://threatpost.com/tools-used-by-lamberts-apt-found-in-vault-7-dumps/124900
• https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust
• https://hackaday.com/2017/04/26/hack-your-own-samsung-tv-with-the-cias-weeping-angel-exploit
• https://www.uptycs.com/blog/discovery-of-simps-botnet-leads-ties-to-keksec-group
• https://www.pentestpartners.com/security-blog/getting-a-persistent-shell-on-a-747-ife
• https://news.sophos.com/en-us/2021/06/11/relentless-revil-revealed
• https://www.vice.com/en/article/7kvkqb/how-ea-games-was-hacked-slack
• https://www.rtcsec.com/post/2021/06/abusing-sip-for-cross-site-scripting-most-definitely
• https://labs.sentinelone.com/thundercats-hack-the-fsb-your-taxes-didnt-pay-for-this-op

core

• https://github.com/nickcapurso/CORE-Worm-Keylogger-CSCI-6531
• https://www.nrl.navy.mil/Our-Work/Areas-of-Research/Information-Technology/NCS/CORE
• https://github.com/coreemu/core
• https://github.com/peppelinux/Common-Open-Research-Emulator-CORE-Tutorials
• http://coreemu.github.io/core

html-smuggling

• https://blog.assetnote.io/2021/03/18/h2c-smuggling
• https://github.com/BishopFox/h2csmuggler
• https://infosecwriteups.com/behind-the-scene-http-parameter-pollution-534b4fa2449c

Red-teaming

• https://chaah.awankloud.my/redteaming-tips-creating-a-hidden-user

machine-learning-and-hacking

• https://github.com/delvelabs/batea
• https://github.com/PacktPublishing/Hands-On-Artificial-Intelligence-for-Cybersecurity
• https://apps.dtic.mil/dtic/tr/fulltext/u2/a618584.pdf - Automated Cyber Red Teaming - Cyber and Electronic Warfare Division - defence Science and Technology Organisation
• https://github.com/gyoisamurai/GyoiThon
• https://github.com/Kayzaks/HackingNeuralNetworks
• http://taochen.github.io/publications/papers/issta20.pdf

ssrf

• https://www.mcafee.com/blogs/other-blogs/mcafee-labs/server-side-request-forgery-takes-advantage-vulnerable-app-servers

Networking

• https://opensource.com/article/17/4/build-your-own-name-server
• https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-18-04
• https://ubuntu.com/server/docs/service-domain-name-service-dns

Fedora

• https://www.digitalocean.com/community/tutorials/initial-setup-of-a-fedora-21-server
• https://manjaro.site/linux-ultimate-guide/fedora-tutorial
• https://www.tecmint.com/things-to-do-after-fedora-26-installation
• https://fedora.fandom.com/wiki/Basic_Commands

Awesome List

• https://github.com/igorbarinov/awesome-bitcoin
• https://apsdehal.in/awesome-ctf
• https://www.github.com/josephmisiti/awesome-machine-learning
• https://www.github.com/alebcay/awesome-shell
• https://www.github.com/k4m4/movies-for-hackers
• https://www.github.com/keon/awesome-nlp
• https://www.github.com/kjw0612/awesome-rnn
• https://www.github.com/tayllan/awesome-algorithms
• https://www.github.com/carpedm20/awesome-hacking
• https://www.github.com/thibmaek/awesome-raspberry-pi
• https://www.github.com/coinpride/CryptoList
• https://www.github.com/ritchieng/the-incredible-pytorch
• https://www.github.com/meirwah/awesome-incident-response
• https://www.github.com/onlurking/awesome-infosec
• https://www.github.com/secfigo/Awesome-Fuzzing
• https://github.com/jklepatch/awesome-monero
• https://github.com/decalage2/awesome-security-hardening
• https://github.com/fabacab/awesome-lockpicking
• https://github.com/DopplerHQ/awesome-interview-questions
• https://github.com/fffaraz/awesome-cpp
• https://github.com/luong-komorebi/Awesome-Linux-Software
• https://github.com/enaqx/awesome-pentest
• https://github.com/keon/awesome-nlp
• https://github.com/n1trux/awesome-sysadmin
• https://github.com/qazbnm456/awesome-web-security
• https://github.com/jivoi/awesome-ml-for-cybersecurity
• https://github.com/pluja/awesome-privacy
• https://github.com/0xInfection/Awesome-WAF
• https://github.com/sobolevn/awesome-cryptography
• https://github.com/fcambus/nginx-resources
• https://github.com/janikvonrotz/awesome-powershell
• https://github.com/Xel/Blockchain-stuff
• https://github.com/inputsh/awesome-c

search-engines

• https://buckets.grayhatwarfare.com
• https://www.shodan.io
• https://censys.io
• https://ivre.rocks

interview-cheatsheets

• https://www.guru99.com/linux-interview-questions-answers.html
• https://github.com/DopplerHQ/awesome-interview-questions
• https://github.com/pbnj/infosec-interview-questions

red-Team

• https://www.ired.team
• https://artkond.com/2017/03/23/pivoting-guide

blue team

• https://securethelogs.com/hacking-with-powershell-blue-team
• https://web.mit.edu/kerberos/
• https://wiki.sans.blue
• https://github.com/maldevel/blue-team
• https://www.sneakymonkey.net/2018/06/25/blue-team-tips
• https://devblogs.microsoft.com/powershell/powershell-the-blue-team
• https://github.com/tobor88/PowerShell-Blue-Team
• https://securethelogs.com/hacking-with-powershell-blue-team
• https://www.blackhillsinfosec.com/powershell-logging-blue-team/

PowerShell

• https://channel9.msdn.com/Series/Getting-Started-with-Microsoft-PowerShell
• https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7
• https://www.comparitech.com/net-admin/powershell-cheat-sheet
• https://docs.microsoft.com/en-us/power-platform/admin/wp-task-automation-powershell
• https://www.guru99.com/powershell-tutorial.html
• https://securethelogs.com/hacking-with-powershell-blue-team

Vulnerable VMs

• https://github.com/cliffe/SecGen

Linux Guide

• https://github.com/UticaCollegeCyberSecurityClub/LinuxGuide

Kali Linux

• https://ourcodeworld.com/articles/read/961/how-to-solve-kali-linux-apt-get-install-e-unable-to-locate-package-checkinstall

Fuzzing

• https://rhinosecuritylabs.com/research/fuzzing-left4dead-2-with-fuzzing-framework

SSH

• https://ma.ttias.be/socks-proxy-linux-ssh-bypass-content-filters
• https://unix.stackexchange.com/questions/46235/how-does-reverse-ssh-tunneling-work
• https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
• https://www.debian.org/devel/passwordlessssh
• https://linuxhandbook.com/add-ssh-public-key-to-server/
• https://serverpilot.io/docs/how-to-use-ssh-public-key-authentication/

Deep Learning

• https://deej-ai.online/
• https://deepdreamgenerator.com/
• https://github.com/arunponnusamy/object-detection-opencv
• https://github.com/curiousily/Deep-Learning-For-Hackers
• http://news.mit.edu/2017/explained-neural-networks-deep-learning-0414
• https://playground.tensorflow.org/
• https://towardsdatascience.com/understanding-neural-networks-19020b758230
• http://deeplearning.net/tutorial/gettingstarted.html
• https://github.com/ChristosChristofidis/awesome-deep-learning
• https://hackernoon.com/deep-learning-chatbot-everything-you-need-to-know-r11jm30bc
• https://medium.com/@ageitgey/deepfaking-the-news-with-nlp-and-transformer-models-5e057ebd697d
• https://towardsdatascience.com/cryptocurrency-price-prediction-using-deep-learning-70cfca50dd3a
• https://towardsdatascience.com/deep-learning-and-momentum-investing-2273e8db5b86
• https://towardsdatascience.com/machine-learning-for-sports-betting-not-a-basic-classification-problem-b42ae4900782
• https://towardsdatascience.com/creating-bitcoin-trading-bots-that-dont-lose-money-2e7165fb0b29
• https://towardsdatascience.com/detailed-tutorial-build-your-custom-real-time-object-detector-5ade1017fd2d
• https://medium.com/data-folks-indonesia/build-your-own-quotes-generator-3a23e9cbcff3
• https://hackernoon.com/dont-be-fooled-deceptive-cryptocurrency-price-predictions-using-deep-learning-bf27e4837151
• https://github.com/firmai/awesome-google-colab
• https://github.com/alpv95/MemeProject
• https://ai-mrkogao.github.io/reinforcement%20learning/pygta5/
• https://pytorch.org/tutorials/beginner/deep_learning_60min_blitz.html

Reverse_Engineering

• https://www.refirmlabs.com/reverse-engineering-my-routers-firmware-with-binwalk
• https://www.geeksforgeeks.org/working-with-magic-numbers-in-linux
• https://medium.com/@vignesh4303/reverse-engineering-resources-beginners-to-intermediate-guide-links-f64c207505ed
• https://hackaday.io/project/172292-introduction-to-reverse-engineering-with-ghidra
• https://towardsdatascience.com/building-a-quotebot-with-machine-learning-eca39272e3b7
• https://www.kitploit.com/2017/01/repy2exe-reverse-engineering-tool-for.html
• https://malwareunicorn.org/workshops/re101.html
• https://malwareanalysis.tools/
• https://medium.com/@vignesh4303/reverse-engineering-resources-beginners-to-intermediate-guide-links-f64c207505ed
• https://medium.com/free-code-camp/how-i-solved-a-simple-crackme-challenge-with-the-nsas-ghidra-d7e793c5acd2

Machine-Learning

• https://towardsdatascience.com/how-to-build-a-simple-song-recommender-296fcbc8c85
• https://github.com/PierreGe/RL-movie-recommender
• https://medium.com/analytics-vidhya/create-a-rapping-ai-using-deep-learning-part-1-collecting-the-data-634bbfa51ff5
• https://becominghuman.ai/how-netflix-uses-ai-and-machine-learning-a087614630fe
• https://github.com/josephmisiti/awesome-machine-learning
• https://aryamccarthy.github.io/malmi2016dopelearning
• https://towardsdatascience.com/introduction-to-neural-networks-advantages-and-applications-96851bd1a207
• https://genius.com/posts/63-Introducing-rapmetricstm-the-birth-of-statistical-analysis-of-rap-lyrics
• https://medium.com/swlh/build-spotify-playlist-using-machine-learning-45352975d2ee
• https://towardsdatascience.com/trolls-and-bots-are-disrupting-social-media-heres-how-ai-can-stop-them-d9b969336a06
• http://sitn.hms.harvard.edu/flash/2016/how-tay-machine-learned-her-way-to-become-a-twitter-troll/
• https://medium.com/@ageitgey/how-to-break-a-captcha-system-in-15-minutes-with-machine-learning-dbebb035a710
• https://medium.com/@ageitgey/machine-learning-is-fun-part-4-modern-face-recognition-with-deep-learning-c3cffc121d78
• https://medium.com/@ageitgey/abusing-generative-adversarial-nehttps://realpython.com/k-means-clustering-python rks-to-make-8-bit-pixel-art-e45d9b96cee7
• https://towardsdatascience.com/using-reinforcement-learning-to-trade-bitcoin-for-massive-profit-b69d0e8f583b
• https://towardsdatascience.com/naive-bayes-explained-108c095241eb
• https://towardsdatascience.com/basic-nlp-on-the-texts-of-harry-potter-sentiment-analysis-1b474b13651d
• https://machinelearningmastery.com/what-are-generative-adversarial-networks-gans
• https://realpython.com/k-means-clustering-python
• https://medium.com/dataseries/k-means-clustering-explained-visually-in-5-minutes-b900cc69d175
• https://joshualoong.com/2018/07/03/Topic-Modelling-Song-Lyrics-An-Exploration-in-Unsupervised-Text-Analytics/
• https://opencv-python-tutroals.readthedocs.io/en/latest/py_tutorials/py_tutorials.html
• https://towardsdatascience.com/using-nlp-to-identify-redditors-who-control-multiple-accounts-837483c8b782

Cheatsheets

• https://cheatography.com/albertx/cheat-sheets/openssl/
• https://devhints.io/curl
• http://cs.lewisu.edu/~klumpra/camssem2015/nmapcheatsheet1.pdf
• https://highon.coffee/blog/nmap-cheat-sheet/
• https://www.cyberciti.biz/howto/question/general/compress-file-unix-linux-cheat-sheet.php
• https://tmuxcheatsheet.com/
• http://web.mit.edu/hackl/www/lab/turkshop/slides/regex-cheatsheet.pdf
• http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
• https://www.aelius.com/njh/subnet_sheet.html
• https://medium.com/hacker-toolbelt/wireshark-filters-cheat-sheet-eacdc438969c
• https://packetlife.net/media/library/13/Wireshark_Display_Filters.pdf
• https://pequalsnp-team.github.io/cheatsheet/steganography-101
• https://codeyarns.com/2016/01/22/wget-cheatsheet/
• https://cheatsheet.dennyzhang.com/cheatsheet-ssh-a4
• https://gto76.github.io/linux-cheatsheet/
• https://digital-forensics.sans.org/media/reverse-engineering-malicious-code-tips.pdf
• https://cheatsheetseries.owasp.org/assets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet_SSRF_Bible.pdf

Encryption & Cryptography

• https://www.openpgp.org/
• https://digitalguardian.com/blog/what-pgp-encryption-defining-and-outlining-uses-pgp-encryption
• https://cs.nju.edu.cn/daihp/ns_course/04HaipengDai_SymmetricCrypto_2.pdf
• https://www.educause.edu/focus-areas-and-initiatives/policy-and-security/cybersecurity-program/resources/information-security-guide/toolkits/encryption-101
• https://idafchev.github.io/crypto/2017/04/13/crypto_part1.html
• https://simpleaswater.com/cryptography/
• http://pi.math.cornell.edu/~morris/135/Bacon.pdf
• http://practicalcryptography.com/ciphers/caesar-cipher
• https://www.boxentriq.com/code-breaking/caesar-cipher
• https://www.boxentriq.com/code-breaking/vigenere-cipher
• https://pages.mtu.edu/~shene/NSF-4/Tutorial/VIG/Vig-Base.html
• http://practicalcryptography.com/ciphers/simple-substitution-cipher
• https://blog.finjan.com/substitution-ciphers-a-look-at-the-origins-and-applications-of-cryptography
• https://blog.logsign.com/how-does-xor-cipher-work
• https://stackoverflow.com/questions/2029426/what-is-xor-encryption
• https://ctf101.org/cryptography/what-is-xor
• https://idafchev.github.io/crypto/2017/04/13/crypto_part1.html
• https://math.stackexchange.com/questions/28955/how-to-break-xor-cipher-with-repeating-key
• https://carterbancroft.com/breaking-repeating-key-xor-programmatically/
• https://stackoverflow.com/questions/4078902/cracking-short-rsa-keys
• https://gist.github.com/Neo23x0/6af876ee72b51676c82a2db8d2cd3639
• https://www.techrepublic.com/article/how-to-sign-a-file-on-linux-with-gpg
• https://web.mit.edu/kerberos
• https://asecuritysite.com/encryption/rsa12_2

Apts

• https://resources.malwarebytes.com/files/2020/04/200407-MWB-COVID-White-Paper_Final.pdf
• https://threatconnect.com/blog/using-fancy-bear-ssl-certificate-information-to-identify-their-infrastructure
• https://www.crowdstrike.com/blog/who-is-fancy-bear
• https://content.fireeye.com/apt-41/rpt-apt41
• https://threatpost.com/equation-apt-group-attack-platform-a-study-in-stealth/111550
• https://securelist.com/equation-the-death-star-of-malware-galaxy/68750
• https://us-cert.cisa.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf
• http://www.robertmlee.org/critiques-of-the-dhsfbis-grizzly-steppe-report
• https://unit42.paloaltonetworks.com/ironnetinjector
• https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-sunburst-sending-data
• https://research.nccgroup.com/2020/11/18/ta505-a-brief-history-of-their-time

PHISHING TOOLS

• Modlishka. Reverse Proxy - https://github.com/drk1wi/Modlishka
• Evilginx2 MITM phishing - https://github.com/kgretzky/evilginx2
• HiddenEye - https://github.com/DarkSecDevelopers/HiddenEye

OSINT

• Mitaka A Browser Extension For OSINT Search - https://github.com/ninoseki/mitaka
• DarkScrape OSINT Tool For Scraping Dark Websites - https://github.com/itsmehacker/DarkScrape
• Sherlock Find Usernames Across Social Networks - https://github.com/sherlock-project/sherlock
• OSINT-SPY Search using OSINT - https://github.com/SharadKumar97/OSINT-SPY
• SpiderFoot OSINT Tool - https://github.com/smicallef/spiderfoot
• KillShot A Penetration Framework - https://github.com/bahaabdelwahed/killshot
• Ethereum recon and exploitation tool - https://github.com/cleanunicorn/theo
• Find breached emails, databases, pastes - https://github.com/Ekultek/WhatBreach
• Xray - A Tool For Recon, Mapping And OSINT Gathering - https://github.com/evilsocket/xray
• OSINT framework - https://osintframework.com/
• Discover - https://github.com/leebaird/discover
• ReconCobra - https://github.com/haroonawanofficial/ReconCobra
• plot a Twitter user’s activity onto a map - http://geosocialfootprint.com/
• View DNS - https://viewdns.info/
• Twitter trend map - https://www.trendsmap.com/

Windows SubSystem

• https://docs.microsoft.com/en-us/windows/wsl/install-win10
• https://docs.microsoft.com/en-us/windows/wsl/faq
• https://blogs.windows.com/windowsdeveloper/2016/07/22/fun-with-the-windows-subsystem-for-linux/
• https://wiki.ubuntu.com/WSL
• https://github.com/sirredbeard/Awesome-WSL

MALWARE

• fireELF - Fileless Linux Malware Framework - https://github.com/rek7/fireELF
• Ustealer - Ubuntu Stealer, Steal Ubuntu Information - https://github.com/atmoner/Ustealer
• BYOB (Build Your Own Botnet) - https://github.com/malwaredllc/byob
• UBoat - HTTP Botnet Project - https://github.com/Souhardya/Uboat

Hardware

• Posion tap - https://samy.pl/poisontap/
• Rubber ducky on steroids - https://github.com/whid-injector/WHID
• PI hole - https://github.com/pi-hole/pi-hole
• Homemade LAN turtle - https://github.com/CuPcakeN1njA/Int3rcept0r
• Rasp pi AI Security camera - https://medium.com/berrynet/diy-your-ai-home-security-camera-with-raspberry-pi-and-open-source-software-10d4364df20f
• https://hakin9.org/pi-sniffer-is-a-wi-fi-sniffer-built-on-the-raspberry-pi-zero-w

Cryptocurrency & Blockchains & Tokens

• Bitcoin - https://www.bitcoin.com/
• Monero - https://www.getmonero.org/
• Zcash - https://z.cash/
• Ethereum - https://ethereum.org
• RavenCoin - https://ravencoin.org
• DogeCoin - https://dogecoin.com
• TurtleCoin - https://turtlecoin.lol
• LiteCoin - https://litecoin.org
• BitcoinCash - https://bitcoincash.org
• Dash - https://www.dash.org
• Stellar - https://www.stellar.org
• Mining - https://www.investopedia.com/tech/how-does-bitcoin-mining-work/
• 51% attack - https://github.com/cburchert/shitcoin\
• Play with blockchain - https://github.com/DutchGraa/crackcoin
• Monero Info - https://www.monero.how/monero-infographic
• Simulated Blockchains for Machine Learning Traceability and Transaction Values in the Monero - https://arxiv.org/abs/2001.03937
• How Blockchain works - http://blockchain.mit.edu/how-blockchain-works
• http://list.zju.edu.cn/kaibu/netsec/lec04-blockchain.ppt
• https://www.exablue.de/en/blog/2020-06-11-malware-on-the-blockchain.html
• https://cryptofacilities.zendesk.com/hc/en-us/articles/115002807834-Calculation-of-profit-and-loss
• https://github.com/citp/BlockSci
• https://bitcointalk.org/index.php?topic=5141594.0
• https://medium.com/@philipshen13/monero-part-1-key-concepts-3671186016c6
• https://blockchain.unica.it/projects/blockchain-analytics
• https://youtu.be/cjbHqvr4ffo - How Does Monero Work?
• https://bitcoin.stackexchange.com/questions/59955/how-do-i-calculate-the-profit-of-the-value-of-my-bitcoin
• https://reserve.org
• https://foam.space
• https://dad.one
• https://getravencoin.org/ravencoin-asset-token
• https://hackernoon.com/what-are-stellar-assets-79b3145b5c7f
• https://tronblack.medium.com/ravencoin-proof-of-authenticity-4a0d325d5347

Offline wallet

• https://moneroaddress.org
• https://bitcoinpaperwallet.com
• https://turtlecoin.lol/wallet
• https://stellarpaperwallet.com
• https://walletgenerator.net

Govt

• https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
• https://csrc.nist.gov/publications/detail/sp/800-82/rev-2/final
• https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final
• https://csrc.nist.gov/publications/detail/sp/800-94/final
• https://www.nist.gov/risk-management

Tor

• Tor's web site - https://www.torproject.org
• Dark web sites - https://dark.fail/#Philosophy
• How tor works - https://jordan-wright.com/blog/2015/02/28/how-tor-works-part-one

BlockChain Analysis

• Wallet Explorer - https://www.walletexplorer.com
• C-Hound - https://www.c-hound.ai
• BlockChain - https://www.blockchain.com
• BlockChair - https://blockchair.com
• Blockchain Analysis - https://Blockstream.info
• https://oxt.me
• https://matbea.net
• https://sochain.com

Centos

• https://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation
• https://doc.lagout.org/operating%20system%20/linux/Foundations%20of%20CentOS%20Linux.pdf

Malware Samples

NOTE: The ones with * after the links are ones that are vetted. If you use your uc email and tell them your a cyber student, they wil mostly likely give you access.

• Hybrid analysis - https://www.hybrid-analysis.com
• VirusShare - https://virusshare.com*
• VirusTotal - https://www.virustotal.com

Threat Maps

• https://threatmap.checkpoint.com
• https://cybermap.kaspersky.com
• https://www.fireeye.com/cyber-map/threat-map.html
• https://threatmap.fortiguard.com
• https://map.lookingglasscyber.com

SCANNERS

• shuffleDNS is a wrapper around massdns - https://github.com/projectdiscovery/shuffledns
• Fast web fuzzer written in Go - https://github.com/ffuf/ffuf
• bruteforce for AWS s3 buckets - https://github.com/nahamsec/lazys3
• MassDNS subdomain enumeration - https://github.com/blechschmidt/massdns
• Fenrir Simple Bash IOC Scanner - https://github.com/Neo23x0/Fenrir
• Slurp S3 Bucket Enumerator - https://github.com/hehnope/slurp
• RapidScan Web Scanner - https://github.com/skavngr/rapidscan
• black box WordPress security - https://github.com/wpscanteam/wpscan
• ALT DNS - DNS recon - https://github.com/infosec-au/altdns
• Sn1per automated scanner - https://github.com/1N3/Sn1per
• Httpgrep - Scans HTTP Servers To Find Given Strings In URIs - https://github.com/noptrix/httpgrep
• https://github.com/aboul3la/Sublist3r
• https://github.com/maurosoria/dirsearch
• https://github.com/guelfoweb/knock
• https://github.com/nahamsec/lazyrecon
• https://cirt.net/Nikto2
• https://github.com/yanxiu0614/subdomain3
• https://github.com/swisskyrepo/SSRFmap

WEB

• Trasxss automated XSS - https://github.com/M4cs/traxss
• XSpear Powerfull XSS Scanning And Parameter Analysis Tool - https://github.com/hahwul/XSpear
• XSSCon: Simple XSS Scanner tool - https://github.com/menkrep1337/XSSCon
• Corsy - CORS Misconfiguration Scanner - https://github.com/s0md3v/Corsy
• https://fsec404.github.io/blog/HTTP-parameter-pollution/
• https://telekomsecurity.github.io/2020/05/smuggling-http-headers-through-reverse-proxies.html
• https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
• https://www.rapid7.com/fundamentals/web-application-vulnerabilities

Bug Bounty

• https://shkspr.mobi/blog/2018/12/twitter-bug-bounty
• https://www.reddit.com/r/bugbounty/comments/983odf/how_to_become_a_bug_bounty_hunter
• https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-march-2020
• https://medium.com/@muff1n/how-to-become-a-bug-bounty-hunter-dffce2bb333c
• https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts
• https://0xsha.gitbook.io/bug-bounties-five-weeks-to-your-first-bug
• https://medium.com/@secureITmania/how-i-exploit-the-json-csrf-with-method-override-technique-71c0a9a7f3b0
• https://bugs.xdavidhu.me/google/2020/03/08/the-unexpected-google-wide-domain-check-bypass
• https://blog.intigriti.com/2020/02/24/twitter-recap-1-bug-bounty-tips-by-the-intigriti-community/#tools_5
• https://bugbountyguide.com/
• https://www.hackerone.com/blog/100-hacking-tools-and-resources
• https://hackerone.com/reports/867952
• https://keenlab.tencent.com/en/2020/01/02/exploiting-wifi-stack-on-tesla-model-s
• https://research.securitum.com/xss-in-amp4email-dom-clobbering
• https://medium.com/@vignesh4303/collection-of-bug-bounty-tip-will-be-updated-daily-605911cfa248
• https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
• https://pentester.land/list-of-bug-bounty-writeups.html
• https://github.com/devanshbatham/Awesome-Bugbounty-Writeups
• https://www.bugcrowd.com/blog/how-to-find-idor-insecure-direct-object-reference-vulnerabilities-for-large-bounty-rewards
• https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204
• https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple
• https://medium.com/@zonduu/idor-in-session-cookie-leading-to-mass-account-takeover-d815ff3732d5
• https://www.bad5ect0r.sh/index.php/2020/05/17/stored-xss-password-disclosure
• https://github.com/pry0cc/axiom
• https://challenge.intigriti.io/
• https://opnsec.com/2020/05/dom-xss-in-gmail-with-a-little-help-from-chrome
• https://hethical.io/stealing-the-trello-token-by-abusing-a-cross-iframe-xss-on-the-butler-plugin
• https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts
• http://blog.oath.ninja/basic-bug-bounty-faq
• https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
• https://0xsha.gitbook.io/bug-bounties-five-weeks-to-your-first-bug
• https://portswigger.net/research/bypassing-csp-with-policy-injection
• https://www.bugcrowd.com/resources/webinars/api-security-testing-for-hackers
• https://samcurry.net/hacking-starbucks
• https://exploitway.com/github-dorks-for-penetration-testing
• https://medium.com/@sainttobs/csrf-token-bypasss-a-tale-of-my-2k-bug-ff7f51166ea1
• https://shahmeeramir.com/methods-to-bypass-csrf-protection-on-a-web-application-3198093f6599
• https://research.securitum.com/what-is-the-csrf-cross-site-request-forgery-vulnerability
• https://www.errno.fr/Attacking_source_repositories
• https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF
• https://secapps.com/tutorials/security-testing-beyond-the-edge
• https://medium.com/bugbountywriteup/the-1-000-worth-cookie-6cf48af08e08
• https://www.bugcrowd.com/blog/how-to-find-idor-insecure-direct-object-reference-vulnerabilities-for-large-bounty-rewards
• https://medium.com/@the.bilal.rizwan/graphql-common-vulnerabilities-how-to-exploit-them-464f9fdce696
• https://medium.com/@nyomanpradipta120/ssti-in-flask-jinja2-20b068fdaeee
• https://hackernoon.com/how-to-find-internal-subdomains-yql-yahoo-and-bug-bounty-d7730b374d77

NEWS SITES

• BleepingComputer - https://bleepingcomputers.com
• The Hacker News - https://thehackernews.com
• ThreatPost - https://threatpost.com
• SecureList - https://securelist.com
• DarkReading - https://www.darkreading.com
• Krebs On Security - https://krebsonsecurity.com
• Sucuri - https://blog.sucuri.net
• Unit42 - https://unit42.paloaltonetworks.com
• Zdnet - https://www.zdnet.com
• HackRead - https://www.hackread.com
• CSO - https://www.csoonline.com
• BitDefender - https://labs.bitdefender.com
• Malwarebytes - https://blog.malwarebytes.com
• Netsec - https://reddit.com/r/netsec
• CheckPoint - https://research.checkpoint.com

XSS

• https://www.google.com/about/appsecurity/learning/xss
• https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
• https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
• https://xsses.rocks/sample-page
• https://github.com/wish-i-was/femida

SQL Injection Tools

• SQLMap - https://github.com/sqlmapproject/sqlmap
• jSQL Injection is a Java application - https://github.com/ron190/jsql-injection
• Blisqy - Exploit Time-based blind-SQL - https://github.com/JohnTroony/Blisqy

SQL Injection

• https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet
• http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
• https://www.exploit-db.com/papers/13650
• https://trustfoundry.net/bypassing-wafs-with-json-unicode-escape-sequences
• https://realpython.com/prevent-python-sql-injection
• https://bobby-tables.com
• http://www.securityidiots.com/Web-Pentest/SQL-Injection/bypass-login-using-sql-injection.html
• https://portswigger.net/web-security/sql-injection
• https://www.rapid7.com/fundamentals/sql-injection-attacks/

CSRF

• https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
• https://trustfoundry.net/cross-site-request-forgery-cheat-sheet

Google Hacking

• https://www.exploit-db.com/google-hacking-database
• https://securitytrails.com/blog/google-hacking-techniques
• https://medium.com/infosec-adventures/google-hacking-39599373be7d

Python

• https://codecademy.com/learn/learn-python
• https://docs.python-guide.org/intro/learning
• https://medium.com/swlh/5-free-python-courses-for-beginners-to-learn-online-e1ca90687caf
• https://docs.microsoft.com/en-us/learn/modules/intro-to-python
• https://refactoring.guru/design-patterns
• https://alysivji.github.io/simple-plugin-system.html
• https://eli.thegreenplace.net/2012/08/07/fundamental-concepts-of-plugin-infrastructures
• https://www.abhishekshukla.com/python/adventures-in-cryptography-with-python-xor-cipher
• https://docs.python.org/3/tutorial/datastructures.html
• https://docs.python.org/2/tutorial/classes.html
• https://en.ogunal.com/data-collection-with-python-on-linux-system
• https://wiki.python.org/moin/ForLoop
• https://www.digitalocean.com/community/tutorials/how-to-construct-for-loops-in-python-3
• https://www.digitalocean.com/community/tutorials/understanding-lists-in-python-3
• https://www.pitt.edu/~naraehan/python3/split_join.html
• https://medium.com/swlh/list-comprehensions-in-python-3-for-beginners-8c2b18966d93
• https://www.guidodiepen.nl/2019/02/implementing-a-simple-plugin-framework-in-python
• https://python-reference.readthedocs.io/en/latest/docs/functions/__import__.html
• https://dev.to/serhatteker/how-to-upgrade-to-python-3-7-on-ubuntu-18-04-18-10-5hab
• https://archive.org/details/comp3321 ( requested from NSA by Freedom of Information Act- python courses)
• https://www.digitalocean.com/community/tutorials/understanding-dictionaries-in-python-3
• https://www.digitalocean.com/community/tutorials/how-to-index-and-slice-strings-in-python-3
• https://realpython.com/python-data-classes
• https://realpython.com/python-f-strings
• https://deepsource.io/blog/python-walrus-operator
• https://dabeaz-course.github.io/practical-python/Notes/Contents.html

Ruby

• http://rubylearning.com
• https://www.ruby-lang.org/en/documentation/quickstart
• https://ruby-doc.com/docs/ProgrammingRuby
• https://www.codecademy.com/learn/learn-ruby
• https://refactoring.guru/design-patterns
• https://github.com/arbox/machine-learning-with-ruby
• https://ruby.github.io/rake/doc/rakefile_rdoc.html
• https://medium.com/@jaeger.rob/a-simple-ruby-rakefile-for-tests-149a7b783c52
• http://sinatrarb.com
• https://thoughtbot.com/blog/lets-build-a-sinatra
• https://linuxize.com/post/how-to-install-ruby-on-ubuntu-18-04
• https://ankane.org/more-ml-gems
• https://dev.to/daviducolo/machinelearning-with-ruby-3m75

C++

• https://www.cplusplus.com
• https://docs.microsoft.com/en-us/cpp/cpp/for-statement-cpp?view=vs-2019
• https://www.cs.bu.edu/teaching/cpp/writing-makefiles
• https://www.cs.fsu.edu/~myers/howto/g++compiling.txt
• https://en.cppreference.com/w/cpp/language/main_function
• https://www.cplusplus.com/doc/tutorial/program_structure
• https://www.guru99.com/cpp-file-read-write-open.html
• https://www.programiz.com/cpp-programming/inheritance
• https://docs.microsoft.com/en-us/cpp/cpp/main-function-command-line-args?view=msvc-160
• https://www.geeksforgeeks.org/command-line-arguments-in-c-cpp

Honey Pots

• https://github.com/wish-i-was/femida
• https://github.com/cowrie/cowrie
• https://github.com/foospidy/HoneyPy
• https://github.com/magisterquis/sshhipot
• https://github.com/desaster/kippo
• https://github.com/andrewmichaelsmith/bluepot
• https://github.com/mushorg/conpot
• https://lwn.net/Articles/240120
• https://github.com/mhils/HoneyProxy
• https://github.com/amv42/sshd-honeypot

CTF

• https://github.com/gabemarshall/microctfs
• FaceBook CTF - https://github.com/facebook/fbctf
• https://laconicwolf.com/2018/06/11/cryptopals-challenge-5-repeating-key-xor-encryption
• https://truedigitalsecurity.com/blog/csaw-2015-crypto-500-bricks-of-gold-writeup
• https://www.tunnelsup.com/helpful-linux-commands-for-ctfs
• https://www.tildeho.me/ritsec-ctf-writeup-recover-aes-cbc-iv
• https://mikehacksthings.com/2019/11/07/my-favorite-challenge-of-the-fall-2019-hackathon
• https://mikehacksthings.com/2018/11/19/cny-hackathon-ctf-walkthrough-fall-2018-edition
• https://medium.com/@thereallulz/write-up-some-random-ctf-challenges-stego-part-1-be6e0c17fd4e
• https://underthewire.tech/
• https://gist.github.com/Neo23x0/6af876ee72b51676c82a2db8d2cd3639
• https://blog.sqreen.com/local-file-inclusions-explained/
• https://ctftime.org/writeup/19017

CTF Tools

• https://github.com/lockedbyte/cryptovenom
• https://github.com/hellman/xortool
• https://github.com/DominicBreuker/stego-toolkit
• https://github.com/Acceis/crypto_identifier