Misc links

• CVSS calculator https://www.first.org/cvss/calculator/3.0

Lock picking

• https://www.lockpickworld.com/pages/lockpicking-guides-types-of-locks-and-how-to-pick-them
• https://covertinstruments.com/

Reverse engineering

• https://beginners.re/
• https://www.amazon.com/dp/1593272901/
• https://www.amazon.com/dp/B007032XZK/
• https://www.amazon.com/dp/B007032XZK/
• https://www.amazon.com/dp/0735648735/
• https://www.amazon.com/dp/0735665877/
• https://www.pelock.com/articles/reverse-engineering-tools-review
• https://opensecuritytraining.info/Training.html
• https://www.youtube.com/channel/UCLDnEn-TxejaDB8qm2AUhHQ
• https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
• https://github.com/dnSpy/dnSpy
• https://www.jetbrains.com/decompiler/

Fuzzing

• https://github.com/AFLplusplus/AFLplusplus
• https://resources.infosecinstitute.com/topic/intro-to-fuzzing/
• https://www.f-secure.com/en/consulting/our-thinking/15-minute-guide-to-fuzzing
• https://null-byte.wonderhowto.com/how-to/hack-like-pro-build-your-own-exploits-part-3-fuzzing-with-spike-find-overflows-0162789/
• https://github.com/wcventure/FuzzingPaper

Exploit development

• https://github.com/0xricksanchez/paper_collection
• https://www.offensive-security.com/metasploit-unleashed/exploit-development/
• https://www.crowdstrike.com/blog/state-of-exploit-development-part-1/
• https://www.corelan.be/
• https://www.fuzzysecurity.com/
• http://www.securitysift.com/windows-exploit-development-part-2-intro-stack-overflow/
• https://exploit.education/
• https://github.com/r0hi7/BinExp
• http://www.securitytube.net/groups?operation=view&groupId=7
• https://workflowy.com/s/awesome-exploit-list/WOA5PZgYpFeJSkZT
• https://github.com/shellphish/how2heap
• https://www.ired.team/offensive-security/code-injection-process-injection/writing-custom-shellcode-encoders-and-decoders
• http://pinvoke.net/

Finnih security events:

• https://citysec.fi/
• https://disobey.fi/
• https://t2.fi/

Devices

• https://hak5.org/
• https://lab401.com/
• https://eleshop.eu/ts80.html
• https://eleshop.eu/ts100.html
• https://www.raspberrypi.org/

SOC

• https://blueteamblog.com/tips-to-improve-your-siem
• https://infosecwriteups.com/building-a-siem-combining-elk-wazuh-hids-and-elastalert-for-optimal-performance-f1706c2b73c6
• https://blog.shiftleft.io/detecting-sensitive-data-leaks-that-matter-42f7530f5f6d
• https://cyberblueteam.medium.com/blue-team-tips-linux-os-finding-evil-running-process-3f12b17c3b8e
• https://github.com/infosecn1nja/AD-Attack-Defense
• https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

Pentesting / Red Teaming

• https://payatu.com/redteaming-from-zero-to-one-part-1
• https://github.com/hmaverickadams/External-Pentest-Checklist
• https://github.com/bats3c/shad0w
• https://github.com/mdecrevoisier/Windows-auditing-mindmap
• https://github.com/OlivierLaflamme/Cheatsheet-God
• https://github.com/drk1wi/Modlishka
• https://github.com/byt3bl33d3r/CrackMapExec
• https://outflank.nl/blog/2020/03/11/red-team-tactics-advanced-process-monitoring-techniques-in-offensive-operations/
• https://github.com/outflanknl/RedELK/
• https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
• https://0xsp.com/offensive/red-teaming-toolkit-collection
• https://hausec.com/2019/03/05/penetration-testing-active-directory-part-i/
• https://hausec.com/2019/03/12/penetration-testing-active-directory-part-ii/
• https://hausec.com/2017/10/26/using-bloodhound-to-map-the-user-network/
• https://github.com/guardicore/monkey
• https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
• https://github.com/shenril/owasp-asvs-checklist
• https://github.com/Ignitetechnologies/Credential-Dumping
• https://gitlab.com/invuls/pentest-projects/pcf
• https://kwcsec.gitbook.io/the-red-team-handbook/
• https://www.kitploit.com/2021/08/pantagrule-large-hashcat-rulesets.html
• https://blog.ropnop.com/docker-for-pentesters/

---