Top 5 sites for penetration testing
Top 5 sites for penetration testing
Selection criteria: 1) Openness and gratuitous receipt of information 2) The resource is well structured 3) The resource has more practical value than informative (i.e., magazines, boards, forums, preference are not considered given to databases, knowledge bases, databases of vulnerabilities, etc.) 4) Popularity (the resource should be the most famous among similar ones) https://www.exploit-db.com/ The largest database of known vulnerabilities of all that is possible: holes in platforms , engines, plug-ins, operating s systems, programs, devices of different versions, exploits in various programming languages and more.
This knowledge base is the integral companion of many pentesters. The most interesting thing is that the resource is a repository of
exploits and vulnerabilities, not recommendations, which underlines its importance - this fact is emphasized by the developers of this
resource themselves . Recommend.
http://malwareanalysis.tools
A collection of links to utilities and programs designed to analyze malware. Structuredness and intuitive
clarity of the resource, a large number of tools - these are the main advantages of the resource. Encoding and decoding, analysis of
pdf and word files, online scanners, utilities for working with memory, programs for decompiling. I learned about it myself recently, but
I think the resource will be useful.
http://www.xss-payloads.com
This resource is dedicated to xss vulnerabilities and their exploitation. A large number of scripts with a payload, utilities
for searching and exploiting xss, xss botnet, tools for embedding js code in pictures and a lot of interesting things. Recommend.
https://attack.mitre.org/
A kind of database that stores the methods and methods of cyber attacks actually used by cybercriminals.
On this resource you can learn about hacker groups, where and when certain attacks were used.
Information on the resource is structured both by attack methods and by cyber groupings. A must to study.
http://www.vulnerabilityassessment.co.uk
An incredibly useful resource for those who decided to do pentesting seriously. A huge database of attack methods,
manuals for working with pentesting utilities, a catalog of links to other useful resources for penetration tests and
much more can be found here. Recommended.
A small addition: the list of resources that did not make it to the top for various reasons, nevertheless, will be useful for familiarization.
https://resources.infosecinstitute.com/
https://github.com/nixawk/pentest-wiki
https://www.owasp.org/index.php/Main_Page
http://www.pentest-standard.org/ index.php / Main_Page
https://www.offensive-security.com/
http://shell-storm.org/
https://osintframework.com/
https://inteltechniques.com/menu.html
https://wigle.net/
https://www.social-engineer.org/
http://bdu.fstec.ru/threat
https://www.rapid7.com
https://nvd.nist.gov/
https://www.cvedetails.com/
https://vuldb.com/
https://www.hackthis.co.uk/
https://www.root-me.org/
http://www.try2hack.nl/
https://hack.me/
Selection criteria: 1) Openness and gratuitous receipt of information 2) The resource is well structured 3) The resource has more practical value than informative (i.e., magazines, boards, forums, preference are not considered given to databases, knowledge bases, databases of vulnerabilities, etc.) 4) Popularity (the resource should be the most famous among similar ones) https://www.exploit-db.com/ The largest database of known vulnerabilities of all that is possible: holes in platforms , engines, plug-ins, operating s systems, programs, devices of different versions, exploits in various programming languages and more.
This knowledge base is the integral companion of many pentesters. The most interesting thing is that the resource is a repository of
exploits and vulnerabilities, not recommendations, which underlines its importance - this fact is emphasized by the developers of this
resource themselves . Recommend.
http://malwareanalysis.tools
A collection of links to utilities and programs designed to analyze malware. Structuredness and intuitive
clarity of the resource, a large number of tools - these are the main advantages of the resource. Encoding and decoding, analysis of
pdf and word files, online scanners, utilities for working with memory, programs for decompiling. I learned about it myself recently, but
I think the resource will be useful.
http://www.xss-payloads.com
This resource is dedicated to xss vulnerabilities and their exploitation. A large number of scripts with a payload, utilities
for searching and exploiting xss, xss botnet, tools for embedding js code in pictures and a lot of interesting things. Recommend.
https://attack.mitre.org/
A kind of database that stores the methods and methods of cyber attacks actually used by cybercriminals.
On this resource you can learn about hacker groups, where and when certain attacks were used.
Information on the resource is structured both by attack methods and by cyber groupings. A must to study.
http://www.vulnerabilityassessment.co.uk
An incredibly useful resource for those who decided to do pentesting seriously. A huge database of attack methods,
manuals for working with pentesting utilities, a catalog of links to other useful resources for penetration tests and
much more can be found here. Recommended.
A small addition: the list of resources that did not make it to the top for various reasons, nevertheless, will be useful for familiarization.
https://resources.infosecinstitute.com/
https://github.com/nixawk/pentest-wiki
https://www.owasp.org/index.php/Main_Page
http://www.pentest-standard.org/ index.php / Main_Page
https://www.offensive-security.com/
http://shell-storm.org/
https://osintframework.com/
https://inteltechniques.com/menu.html
https://wigle.net/
https://www.social-engineer.org/
http://bdu.fstec.ru/threat
https://www.rapid7.com
https://nvd.nist.gov/
https://www.cvedetails.com/
https://vuldb.com/
https://www.hackthis.co.uk/
https://www.root-me.org/
http://www.try2hack.nl/
https://hack.me/
Commentaires