#ثريد :
مصادر لتعلم اختراق الاختبار ، من قنوات يوتيوب و كتب ومقالات ..الخ
سأقوم بتجزئتها كل على حدى
كيف تبدأ في مجال اختبار الاختراق :

[ Guides/Roadmaps/How to Start ] :

1. Ebrahim Hegazy = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/

2. Mohamed Abd Elbaset = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/

3. Youssef Mohamed = https://generaleg0x01.com/2019/06/27/websec-roadmap/

يتبع
١٠١ - دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب

"101 دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب" "ازاى ابدأ فى مجال اختبار اختراق تطبيقات...

http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/
4. Mohamed Gamal Cyber Security Posts = https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk

5. PentesterLab Bootcamp = https://pentesterlab.com/bootcamp 

6. How to Learn Penetration Testing = https://www.explainhownow.com/2019/learn-penetration-testing/

7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/
Cyber Security Posts Parts - Pastebin.com

https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk
8. How to become a pentester = https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/

9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad

10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a

11. Bug Bounty Hunting (Methodology, Toolkit ,Tips) = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65

يتبع...
How to become a pentester | Corelan Team

https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/
12. Web Application Penetration Testing Course = https://hackingresources.com/web-application-penetration-testing-course/

13. How to become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102

14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/
Web Application Penetration Testing Course - CyberSecurity

Penetration Testing and Web Security Testing (WST) is the Security testing systems for vulnerabilities or security openings in corporate sites and web applications.

https://hackingresources.com/web-application-penetration-testing-course/
15. Khlaed Hassan = https://www.facebook.com/KhaledAzrail/posts/1990575721051240

16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher

17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html

18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/
So you want to be a web security researcher?

Interested in pushing hacking techniques beyond the current state of the art? Read James Kettle's guide on how to become a web security researcher.

https://www.facebook.com/KhaledAzrail/posts/1990575721051240
19. Infosec Newbie = https://www.sneakymonkey.net/2017/04/23/infosec-newbie/

20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/

21. How to start a career in Cyber Security =
Infosec Newbie

[Updated 20/07/2018] I have recently started a career in Cyber Security / Information Security. My path, somewhat recent might be useful for those just starting out. A few of these guides have...

https://www.sneakymonkey.net/2017/04/23/infosec-newbie/
[ Sites/Resources ] :

1.Owasp = https://www.owasp.org/index.php/Main_Page

2.Knowledge Base Entersoft = http://kb.entersoft.co.in 

3.Hacker 101 = https://www.hacker101.com 

4.Bigcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university

5. Web Security Academy = https://portswigger.net/web-security 
Bugcrowd University | Bugcrowd

Security, education, and training for the whitehat hacker community. Advance your bug hunting skills through Bugcrowd University webinars and modules.

https://www.owasp.org/index.php/Main_Page
5. Web Security Academy = https://portswigger.net/web-security 

6. infosec institute = https://resources.infosecinstitute.com 

7. Hacksplaining = https://www.hacksplaining.com/lessons 

8. Security Idiots = http://www.securityidiots.com 

9. Metasploit Unleashed =

https://www.offensive-security.com/metasploit-unleashed
Web Security Academy: Free Online Training from PortSwigger

The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.

https://portswigger.net/web-security
10. OWASP Cheat sheet = https://cheatsheetseries.owasp.org 

11. Ippsec = https://ippsec.rocks 
12. Security Online = https://securityonline.info 

13. Pentest Standard = http://www.pentest-standard.org/index.php/Main_Page

14. AppSecWiki = https://appsecwiki.com 

http://15.Security  Idiots = http://www.securityidiots.com 
Penetration Testing • Security Training Share

Securityonline is a huge security community. It is committed to the sharing of high-quality technical articles and safety reports, focusing on high-quality security and security incidents in the...

https://cheatsheetseries.owasp.org
16. Red Teaming Experiments = https://ired.team 

17. SANS Cyber Aces Online Tutorials = https://tutorials.cyberaces.org/tutorials.html 

18. Web Application Penetration Testing Notes =

https://techvomit.net/web-application-penetration-testing-notes/

19. Web Application Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources/
About /?

https://ired.team
20. Phrack Magazine = http://phrack.org/issues/1/1.html 

21. Hack The Box Discord = https://discordapp.com/channels/473760315293696010/588029217376043023
[ Reconnaissance ] :

1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115

2. My Guide to Basic Recon? = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/

3. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21
How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty

Today I am writing about the love story between bug bounties & reconnaissance, but before I do I should say that i’m not much of an expert…

https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115
4. Pentester Land Recon resources = https://pentester.land/cheatsheets/2019/04/15/recon-resources.html

5. Compilation of recon workflows = https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html

6. Ultimate Dirty Recon Methods = https://bugbountytuts.files.wordpress.com/2019/01/dirty-recon-1.pdf

7. The Power of Automatiton And Recon (Mohammed Eldeeb) = https://drive.google.com/file/d/1-63Y2qdW3PcddrwKwcTEz7Qrj8kFxOYE/view?fbclid=IwAR3SXnT4adhT4VFjzoDzkIV1o_IuR04zhYNaOq7CbHRdIKL5kvTusBGW2os8
Recon resources

Tips & Tricks to make your life easier as a pentester & bug bounty hunter

https://pentester.land/cheatsheets/2019/04/15/recon-resources.html
[ Writeups ] :

1. the unofficial HackerOne disclosure timeline = http://h1.nobbd.de/ 

2. BugReader = https://bugreader.com/ 

3. Bug Bounty Reference = https://github.com/ngalongc/bug-bounty-reference

4. Bugbountynotes = https://www.bugbountynotes.com/writeups 

5. Pentester Land = https://pentester.land/list-of-bug-bounty-writeups.html
ngalongc/bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature - ngalongc/bug-bounty-reference

http://h1.nobbd.de/
6. BugCrowd Write-ups = https://forum.bugcrowd.com/t/researcher-resources-bounty-bug-write-ups/1137

7. Reddit Netsec = https://www.reddit.com/r/netsec/ 

8. Bug Bounty World Slack Archive = https://bugbountyworld.com/slack-archives/ 

9. Infosec Write-ups = https://medium.com/bugbountywriteup
Researcher Resources - Bounty Bug Write-ups

This is a collection of bug bounty reports that were submitted by security researchers in the infosec community. These write-ups are a great way to learn from fellow hackers. Web Hacking Uber Bug...

https://forum.bugcrowd.com/t/researcher-resources-bounty-bug-write-ups/1137
[ Bug Bounty Platforms ] :

1. Hacker1 = https://www.hackerone.com 

2. BugCrowd = https://www.bugcrowd.com 

3. Synack = https://www.synack.com 

4. Zerocopter = https://www.zerocopter.com 

5. Cobalt = https://cobalt.io 

6. Hackenproof = https://www.hackenproof.com 
#1 Crowdsourced Cybersecurity Platform | Bugcrowd

With a powerful platform and team of experts, Bugcrowd connects organizations to a global crowd of trusted security researchers.

https://www.hackerone.com
7.Yeswehack = https://www.yeswehack.com 

8. AntiHack = https://www.antihack.me/programs 

9. Japan Bug bounty = https://bugbounty.jp 

10. intigriti = https://www.intigriti.com/public 
Home - YesWeHack #1 Bug Bounty Platform in Europe

Bug Bounty secures applications the agile way with a global community of white hackers through private and public programs. Create an effective vulnerability disclosure strategy for security resear...

https://www.yeswehack.com
[ Books ] :

1. Breaking into Information Security

2. Black Hat Python

3. Bug Hunter's Diary

4. Web Application Hacker's Handbook 2

5. Ghost in the Wires

6. The Hacker Playbook (1,2,3)

7. Gray Hat Hacking (5th Edition)

8. Hacking Exposed 7 Network Security
9. Hacking Exposed Web Application (1,2,3)

10. Hacking for Dummies (6th Edition)

11. Hacking The Art of Exploitation

12. Mastering Modern Web Penetration Testing

13. Metasploit The Penetration Tester's Guide

14. OWASP Testing Guide 4.0

15. OWASP Top 10 (2010 - 2013 - 2017)
15. OWASP Top 10 (2010 - 2013 - 2017)

16. Penetration Testing: A Hands-On Introduction to Hacking

17. Red Team Field Manual

18. The Basics of Hacking and Penetration Testing by Patrick Engebreston

19. The Tangled Web

20. Violent Python

21. Web Hacking 101
22. Real World Bug Hunting by Peter Yaworski

23. Ethical Hacking and Penetration Test by Rafy Baloch

24. Google Hacking for Penetration Testers (3rd Edition)

25. Practical Malware Analysis

26. The Browser Hacker’s Handbook

27. Reversing Secrets to reverse Engineering
[ Youtube Channels ] :

1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos

2. Adrian Cresho =

https://www.youtube.com/user/irongeek/playlists

3. Ben Grewell =

https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ

4. Bugcrowd =

https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww

5. Ebrahim Hegazy =

https://www.youtube.com/user/Zigoo0/playlists

6. GynvaelEN=

https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg
Nahamsec

Nahamsec creates educational hacking videos for anyone with an interest in web application hacking with a focus on bug bounties.

https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos
7. HackerSploit=

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q

8. IppSec =

https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

9. John Hammond =

https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw

10. LiveOverflow =

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

11. Murmus CTF =

https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A

12. STÖK =

https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg
HackerSploit

About HackerSploit HackerSploit is a Cybersecurity training and consulting company that specializes in: ​ Cybersecurity & Infosec Training Corporate Cybersec...

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
13. Null Byte =

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g

14. Devil Killer =

https://www.youtube.com/channel/UCwfYw-C2xqemqrXq0IKF_Mg/videos

15. zseano =

https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos

16. Web Development Tutorials (Yaworski) =

https://www.youtube.com/user/yaworsk1/videos

17. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw
Null Byte

The official Null Byte channel for video content! We focus on creating videos for aspiring ethical hackers, computer scientists, and the infosec community.

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g
18. Cyber Defenders =

https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists

19. Nakerah Network =

https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists

20. SANS Pen Test Training =

https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos

21. SecurityScope = https://www.youtube.com/channel/UCCL_vo2ZoeDleibXikT9efQ/playlists

22. Ahmed Abdalazeem = https://www.youtube.com/channel/UCyynqIEDQXktIXLVSZYe6tg
Cyber Defenders

CyberDefence Certifications, Training and Services.

https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists
23. Ammon Henderson = https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists

24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists

25. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA

26. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A

27. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured
Ammon Henderson

My Favourite Videos Thank you for visiting my channel, I am new at this and is a work in progress as far as what exactly I want my channel to be as an end re...

https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists
You can follow @J0rd4nian.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more