كيف تبدأ في مجال اختبار الاختراق :
[ Guides/Roadmaps/How to Start ] :
1. Ebrahim Hegazy = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/
2. Mohamed Abd Elbaset = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/
3. Youssef Mohamed = https://generaleg0x01.com/2019/06/27/websec-roadmap/
يتبع
[ Guides/Roadmaps/How to Start ] :
1. Ebrahim Hegazy = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/
2. Mohamed Abd Elbaset = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/
3. Youssef Mohamed = https://generaleg0x01.com/2019/06/27/websec-roadmap/
يتبع
4. Mohamed Gamal Cyber Security Posts = https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk
5. PentesterLab Bootcamp = https://pentesterlab.com/bootcamp
6. How to Learn Penetration Testing = https://www.explainhownow.com/2019/learn-penetration-testing/
7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/
5. PentesterLab Bootcamp = https://pentesterlab.com/bootcamp
6. How to Learn Penetration Testing = https://www.explainhownow.com/2019/learn-penetration-testing/
7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/
8. How to become a pentester = https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/
9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad
10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
11. Bug Bounty Hunting (Methodology, Toolkit ,Tips) = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
يتبع...
9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad
10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
11. Bug Bounty Hunting (Methodology, Toolkit ,Tips) = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
يتبع...
12. Web Application Penetration Testing Course = https://hackingresources.com/web-application-penetration-testing-course/
13. How to become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/
13. How to become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102
14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/
15. Khlaed Hassan = https://www.facebook.com/KhaledAzrail/posts/1990575721051240
16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher
17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html
18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher
17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html
18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
19. Infosec Newbie = https://www.sneakymonkey.net/2017/04/23/infosec-newbie/
20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/
21. How to start a career in Cyber Security =
20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/
21. How to start a career in Cyber Security =
[ Sites/Resources ] :
1.Owasp = https://www.owasp.org/index.php/Main_Page
2.Knowledge Base Entersoft = http://kb.entersoft.co.in
3.Hacker 101 = https://www.hacker101.com
4.Bigcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university
5. Web Security Academy = https://portswigger.net/web-security
1.Owasp = https://www.owasp.org/index.php/Main_Page
2.Knowledge Base Entersoft = http://kb.entersoft.co.in
3.Hacker 101 = https://www.hacker101.com
4.Bigcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university
5. Web Security Academy = https://portswigger.net/web-security
5. Web Security Academy = https://portswigger.net/web-security
6. infosec institute = https://resources.infosecinstitute.com
7. Hacksplaining = https://www.hacksplaining.com/lessons
8. Security Idiots = http://www.securityidiots.com
9. Metasploit Unleashed =
https://www.offensive-security.com/metasploit-unleashed
6. infosec institute = https://resources.infosecinstitute.com
7. Hacksplaining = https://www.hacksplaining.com/lessons
8. Security Idiots = http://www.securityidiots.com
9. Metasploit Unleashed =
https://www.offensive-security.com/metasploit-unleashed
10. OWASP Cheat sheet = https://cheatsheetseries.owasp.org
11. Ippsec = https://ippsec.rocks
12. Security Online = https://securityonline.info
13. Pentest Standard = http://www.pentest-standard.org/index.php/Main_Page
14. AppSecWiki = https://appsecwiki.com
http://15.Security Idiots = http://www.securityidiots.com
11. Ippsec = https://ippsec.rocks
12. Security Online = https://securityonline.info
13. Pentest Standard = http://www.pentest-standard.org/index.php/Main_Page
14. AppSecWiki = https://appsecwiki.com
http://15.Security Idiots = http://www.securityidiots.com
16. Red Teaming Experiments = https://ired.team
17. SANS Cyber Aces Online Tutorials = https://tutorials.cyberaces.org/tutorials.html
18. Web Application Penetration Testing Notes =
https://techvomit.net/web-application-penetration-testing-notes/
19. Web Application Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources/
17. SANS Cyber Aces Online Tutorials = https://tutorials.cyberaces.org/tutorials.html
18. Web Application Penetration Testing Notes =
https://techvomit.net/web-application-penetration-testing-notes/
19. Web Application Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources/
20. Phrack Magazine = http://phrack.org/issues/1/1.html
21. Hack The Box Discord = https://discordapp.com/channels/473760315293696010/588029217376043023
21. Hack The Box Discord = https://discordapp.com/channels/473760315293696010/588029217376043023
[ Reconnaissance ] :
1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
2. My Guide to Basic Recon? = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
3. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21
1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
2. My Guide to Basic Recon? = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
3. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21
4. Pentester Land Recon resources = https://pentester.land/cheatsheets/2019/04/15/recon-resources.html
5. Compilation of recon workflows = https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
6. Ultimate Dirty Recon Methods = https://bugbountytuts.files.wordpress.com/2019/01/dirty-recon-1.pdf
7. The Power of Automatiton And Recon (Mohammed Eldeeb) = https://drive.google.com/file/d/1-63Y2qdW3PcddrwKwcTEz7Qrj8kFxOYE/view?fbclid=IwAR3SXnT4adhT4VFjzoDzkIV1o_IuR04zhYNaOq7CbHRdIKL5kvTusBGW2os8
5. Compilation of recon workflows = https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html
6. Ultimate Dirty Recon Methods = https://bugbountytuts.files.wordpress.com/2019/01/dirty-recon-1.pdf
7. The Power of Automatiton And Recon (Mohammed Eldeeb) = https://drive.google.com/file/d/1-63Y2qdW3PcddrwKwcTEz7Qrj8kFxOYE/view?fbclid=IwAR3SXnT4adhT4VFjzoDzkIV1o_IuR04zhYNaOq7CbHRdIKL5kvTusBGW2os8
[ Writeups ] :
1. the unofficial HackerOne disclosure timeline = http://h1.nobbd.de/
2. BugReader = https://bugreader.com/
3. Bug Bounty Reference = https://github.com/ngalongc/bug-bounty-reference
4. Bugbountynotes = https://www.bugbountynotes.com/writeups
5. Pentester Land = https://pentester.land/list-of-bug-bounty-writeups.html
1. the unofficial HackerOne disclosure timeline = http://h1.nobbd.de/
2. BugReader = https://bugreader.com/
3. Bug Bounty Reference = https://github.com/ngalongc/bug-bounty-reference
4. Bugbountynotes = https://www.bugbountynotes.com/writeups
5. Pentester Land = https://pentester.land/list-of-bug-bounty-writeups.html
6. BugCrowd Write-ups = https://forum.bugcrowd.com/t/researcher-resources-bounty-bug-write-ups/1137
7. Reddit Netsec = https://www.reddit.com/r/netsec/
8. Bug Bounty World Slack Archive = https://bugbountyworld.com/slack-archives/
9. Infosec Write-ups = https://medium.com/bugbountywriteup
7. Reddit Netsec = https://www.reddit.com/r/netsec/
8. Bug Bounty World Slack Archive = https://bugbountyworld.com/slack-archives/
9. Infosec Write-ups = https://medium.com/bugbountywriteup
[ Bug Bounty Platforms ] :
1. Hacker1 = https://www.hackerone.com
2. BugCrowd = https://www.bugcrowd.com
3. Synack = https://www.synack.com
4. Zerocopter = https://www.zerocopter.com
5. Cobalt = https://cobalt.io
6. Hackenproof = https://www.hackenproof.com
1. Hacker1 = https://www.hackerone.com
2. BugCrowd = https://www.bugcrowd.com
3. Synack = https://www.synack.com
4. Zerocopter = https://www.zerocopter.com
5. Cobalt = https://cobalt.io
6. Hackenproof = https://www.hackenproof.com
7.Yeswehack = https://www.yeswehack.com
8. AntiHack = https://www.antihack.me/programs
9. Japan Bug bounty = https://bugbounty.jp
10. intigriti = https://www.intigriti.com/public
8. AntiHack = https://www.antihack.me/programs
9. Japan Bug bounty = https://bugbounty.jp
10. intigriti = https://www.intigriti.com/public
[ Books ] :
1. Breaking into Information Security
2. Black Hat Python
3. Bug Hunter's Diary
4. Web Application Hacker's Handbook 2
5. Ghost in the Wires
6. The Hacker Playbook (1,2,3)
7. Gray Hat Hacking (5th Edition)
8. Hacking Exposed 7 Network Security
1. Breaking into Information Security
2. Black Hat Python
3. Bug Hunter's Diary
4. Web Application Hacker's Handbook 2
5. Ghost in the Wires
6. The Hacker Playbook (1,2,3)
7. Gray Hat Hacking (5th Edition)
8. Hacking Exposed 7 Network Security
9. Hacking Exposed Web Application (1,2,3)
10. Hacking for Dummies (6th Edition)
11. Hacking The Art of Exploitation
12. Mastering Modern Web Penetration Testing
13. Metasploit The Penetration Tester's Guide
14. OWASP Testing Guide 4.0
15. OWASP Top 10 (2010 - 2013 - 2017)
10. Hacking for Dummies (6th Edition)
11. Hacking The Art of Exploitation
12. Mastering Modern Web Penetration Testing
13. Metasploit The Penetration Tester's Guide
14. OWASP Testing Guide 4.0
15. OWASP Top 10 (2010 - 2013 - 2017)
15. OWASP Top 10 (2010 - 2013 - 2017)
16. Penetration Testing: A Hands-On Introduction to Hacking
17. Red Team Field Manual
18. The Basics of Hacking and Penetration Testing by Patrick Engebreston
19. The Tangled Web
20. Violent Python
21. Web Hacking 101
16. Penetration Testing: A Hands-On Introduction to Hacking
17. Red Team Field Manual
18. The Basics of Hacking and Penetration Testing by Patrick Engebreston
19. The Tangled Web
20. Violent Python
21. Web Hacking 101
22. Real World Bug Hunting by Peter Yaworski
23. Ethical Hacking and Penetration Test by Rafy Baloch
24. Google Hacking for Penetration Testers (3rd Edition)
25. Practical Malware Analysis
26. The Browser Hacker’s Handbook
27. Reversing Secrets to reverse Engineering
23. Ethical Hacking and Penetration Test by Rafy Baloch
24. Google Hacking for Penetration Testers (3rd Edition)
25. Practical Malware Analysis
26. The Browser Hacker’s Handbook
27. Reversing Secrets to reverse Engineering
[ Youtube Channels ] :
1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos
2. Adrian Cresho =
https://www.youtube.com/user/irongeek/playlists
3. Ben Grewell =
https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ
4. Bugcrowd =
https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww
5. Ebrahim Hegazy =
https://www.youtube.com/user/Zigoo0/playlists
6. GynvaelEN=
https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg
1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos
2. Adrian Cresho =
https://www.youtube.com/user/irongeek/playlists
3. Ben Grewell =
https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ
4. Bugcrowd =
https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww
5. Ebrahim Hegazy =
https://www.youtube.com/user/Zigoo0/playlists
6. GynvaelEN=
https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg
7. HackerSploit=
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
8. IppSec =
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
9. John Hammond =
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
10. LiveOverflow =
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
11. Murmus CTF =
https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A
12. STÖK =
https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
8. IppSec =
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
9. John Hammond =
https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
10. LiveOverflow =
https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
11. Murmus CTF =
https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A
12. STÖK =
https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
13. Null Byte =
https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
14. Devil Killer =
https://www.youtube.com/channel/UCwfYw-C2xqemqrXq0IKF_Mg/videos
15. zseano =
https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos
16. Web Development Tutorials (Yaworski) =
https://www.youtube.com/user/yaworsk1/videos
17. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
14. Devil Killer =
https://www.youtube.com/channel/UCwfYw-C2xqemqrXq0IKF_Mg/videos
15. zseano =
https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos
16. Web Development Tutorials (Yaworski) =
https://www.youtube.com/user/yaworsk1/videos
17. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
18. Cyber Defenders =
https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists
19. Nakerah Network =
https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists
20. SANS Pen Test Training =
https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos
21. SecurityScope = https://www.youtube.com/channel/UCCL_vo2ZoeDleibXikT9efQ/playlists
22. Ahmed Abdalazeem = https://www.youtube.com/channel/UCyynqIEDQXktIXLVSZYe6tg
https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists
19. Nakerah Network =
https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists
20. SANS Pen Test Training =
https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos
21. SecurityScope = https://www.youtube.com/channel/UCCL_vo2ZoeDleibXikT9efQ/playlists
22. Ahmed Abdalazeem = https://www.youtube.com/channel/UCyynqIEDQXktIXLVSZYe6tg
23. Ammon Henderson = https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists
24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists
25. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA
26. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A
27. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured
24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists
25. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA
26. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A
27. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured