Thread by @J0rd4nian, #ثريد :مصادر لتعلم اختراق الاختبار ، من قنوات يوتيوب و كتب ومقالات [...]

#ثريد :
مصادر لتعلم اختراق الاختبار ، من قنوات يوتيوب و كتب ومقالات ..الخ
سأقوم بتجزئتها كل على حدى

كيف تبدأ في مجال اختبار الاختراق :

[ Guides/Roadmaps/How to Start ] :

1. Ebrahim Hegazy = http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/

2. Mohamed Abd Elbaset = https://seekurity.com/blog/discuss/your-start-guide-to-web-application-security-101/

3. Youssef Mohamed = https://generaleg0x01.com/2019/06/27/websec-roadmap/

يتبع

١٠١ - دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب

"101 دليلك فى البرمجة ومجال امن وحماية واختبار اختراق تطبيقات الويب" "ازاى ابدأ فى مجال اختبار اختراق تطبيقات...

http://security4arabs.com/2015/04/03/how-to-start-in-webapps-security/

4. Mohamed Gamal Cyber Security Posts = https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk

5. PentesterLab Bootcamp = https://pentesterlab.com/bootcamp

6. How to Learn Penetration Testing = https://www.explainhownow.com/2019/learn-penetration-testing/

7. How to Build a Cybersecurity Career = https://danielmiessler.com/blog/build-successful-infosec-career/

Cyber Security Posts Parts - Pastebin.com

https://pastebin.com/cj9FEuEB?fbclid=IwAR28ScEmklgX47XenXrgTcsvEfbA93doEhvLYtOdVeq7rnzRmCnlUT4giWk

8. How to become a pentester = https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/

9. Hacker to Security Pro! = https://hackernoon.com/how-to-become-a-hacker-e0530a355cad

10. Getting started in Bug Bounty = https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a

11. Bug Bounty Hunting (Methodology, Toolkit ,Tips) = https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65

يتبع...

How to become a pentester | Corelan Team

https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/

12. Web Application Penetration Testing Course = https://hackingresources.com/web-application-penetration-testing-course/

13. How to become a Bug Bounty Hunter = https://forum.bugcrowd.com/t/researcher-resources-how-to-become-a-bug-bounty-hunter/1102

14. So You Want To Be a Pentester? = https://jhalon.github.io/becoming-a-pentester/

Web Application Penetration Testing Course - CyberSecurity

Penetration Testing and Web Security Testing (WST) is the Security testing systems for vulnerabilities or security openings in corporate sites and web applications.

https://hackingresources.com/web-application-penetration-testing-course/

15. Khlaed Hassan = https://www.facebook.com/KhaledAzrail/posts/1990575721051240

16. So you want to be a web security researcher? = https://portswigger.net/blog/so-you-want-to-be-a-web-security-researcher

17. Bug Hunting Guide = https://cybertheta.blogspot.com/2018/08/bug-hunting-guide.html

18. Getting Started in Bug Bounty Hunting = https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/

So you want to be a web security researcher?

Interested in pushing hacking techniques beyond the current state of the art? Read James Kettle's guide on how to become a web security researcher.

https://www.facebook.com/KhaledAzrail/posts/1990575721051240

19. Infosec Newbie = https://www.sneakymonkey.net/2017/04/23/infosec-newbie/

20. How to Learn Penetration Testing: A Beginners Tutorial = https://learningactors.com/how-to-learn-penetration-testing-a-beginners-tutorial/

21. How to start a career in Cyber Security =

Infosec Newbie

[Updated 20/07/2018] I have recently started a career in Cyber Security / Information Security. My path, somewhat recent might be useful for those just starting out. A few of these guides have...

https://www.sneakymonkey.net/2017/04/23/infosec-newbie/

[ Sites/Resources ] :

1.Owasp = https://www.owasp.org/index.php/Main_Page

2.Knowledge Base Entersoft = http://kb.entersoft.co.in

3.Hacker 101 = https://www.hacker101.com

4.Bigcrowd Universty = https://www.bugcrowd.com/hackers/bugcrowd-university

5. Web Security Academy = https://portswigger.net/web-security

Bugcrowd University | Bugcrowd

Security, education, and training for the whitehat hacker community. Advance your bug hunting skills through Bugcrowd University webinars and modules.

https://www.owasp.org/index.php/Main_Page

5. Web Security Academy = https://portswigger.net/web-security

6. infosec institute = https://resources.infosecinstitute.com

7. Hacksplaining = https://www.hacksplaining.com/lessons

8. Security Idiots = http://www.securityidiots.com

9. Metasploit Unleashed =

https://www.offensive-security.com/metasploit-unleashed

Web Security Academy: Free Online Training from PortSwigger

The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.

https://portswigger.net/web-security

10. OWASP Cheat sheet = https://cheatsheetseries.owasp.org

11. Ippsec = https://ippsec.rocks
12. Security Online = https://securityonline.info

13. Pentest Standard = http://www.pentest-standard.org/index.php/Main_Page

14. AppSecWiki = https://appsecwiki.com

http://15.Security Idiots = http://www.securityidiots.com

Penetration Testing • Security Training Share

Securityonline is a huge security community. It is committed to the sharing of high-quality technical articles and safety reports, focusing on high-quality security and security incidents in the...

https://cheatsheetseries.owasp.org

16. Red Teaming Experiments = https://ired.team

17. SANS Cyber Aces Online Tutorials = https://tutorials.cyberaces.org/tutorials.html

18. Web Application Penetration Testing Notes =

https://techvomit.net/web-application-penetration-testing-notes/

19. Web Application Security Testing Resources = https://danielmiessler.com/projects/webappsec_testing_resources/

About /?

https://ired.team

20. Phrack Magazine = http://phrack.org/issues/1/1.html

21. Hack The Box Discord = https://discordapp.com/channels/473760315293696010/588029217376043023

[ Reconnaissance ] :

1. How To Do Your Reconnaissance = https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115

2. My Guide to Basic Recon? = https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/

3. Recon — my way = https://medium.com/@ehsahil/recon-my-way-82b7e5f62e21

How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty

Today I am writing about the love story between bug bounties & reconnaissance, but before I do I should say that i’m not much of an expert…

https://medium.com/bugbountywriteup/guide-to-basic-recon-bug-bounties-recon-728c5242a115

4. Pentester Land Recon resources = https://pentester.land/cheatsheets/2019/04/15/recon-resources.html

5. Compilation of recon workflows = https://pentester.land/cheatsheets/2019/03/25/compilation-of-recon-workflows.html

6. Ultimate Dirty Recon Methods = https://bugbountytuts.files.wordpress.com/2019/01/dirty-recon-1.pdf

7. The Power of Automatiton And Recon (Mohammed Eldeeb) = https://drive.google.com/file/d/1-63Y2qdW3PcddrwKwcTEz7Qrj8kFxOYE/view?fbclid=IwAR3SXnT4adhT4VFjzoDzkIV1o_IuR04zhYNaOq7CbHRdIKL5kvTusBGW2os8

Recon resources

Tips & Tricks to make your life easier as a pentester & bug bounty hunter

https://pentester.land/cheatsheets/2019/04/15/recon-resources.html

[ Writeups ] :

1. the unofficial HackerOne disclosure timeline = http://h1.nobbd.de/

2. BugReader = https://bugreader.com/

3. Bug Bounty Reference = https://github.com/ngalongc/bug-bounty-reference

4. Bugbountynotes = https://www.bugbountynotes.com/writeups

5. Pentester Land = https://pentester.land/list-of-bug-bounty-writeups.html

ngalongc/bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature - ngalongc/bug-bounty-reference

http://h1.nobbd.de/

6. BugCrowd Write-ups = https://forum.bugcrowd.com/t/researcher-resources-bounty-bug-write-ups/1137

7. Reddit Netsec = https://www.reddit.com/r/netsec/

8. Bug Bounty World Slack Archive = https://bugbountyworld.com/slack-archives/

9. Infosec Write-ups = https://medium.com/bugbountywriteup

Researcher Resources - Bounty Bug Write-ups

This is a collection of bug bounty reports that were submitted by security researchers in the infosec community. These write-ups are a great way to learn from fellow hackers. Web Hacking Uber Bug...

https://forum.bugcrowd.com/t/researcher-resources-bounty-bug-write-ups/1137

[ Bug Bounty Platforms ] :

1. Hacker1 = https://www.hackerone.com

2. BugCrowd = https://www.bugcrowd.com

3. Synack = https://www.synack.com

4. Zerocopter = https://www.zerocopter.com

5. Cobalt = https://cobalt.io

6. Hackenproof = https://www.hackenproof.com

#1 Crowdsourced Cybersecurity Platform | Bugcrowd

With a powerful platform and team of experts, Bugcrowd connects organizations to a global crowd of trusted security researchers.

https://www.hackerone.com

7.Yeswehack = https://www.yeswehack.com

8. AntiHack = https://www.antihack.me/programs

9. Japan Bug bounty = https://bugbounty.jp

10. intigriti = https://www.intigriti.com/public

Home - YesWeHack #1 Bug Bounty Platform in Europe

Bug Bounty secures applications the agile way with a global community of white hackers through private and public programs. Create an effective vulnerability disclosure strategy for security resear...

https://www.yeswehack.com

[ Books ] :

1. Breaking into Information Security

2. Black Hat Python

3. Bug Hunter's Diary

4. Web Application Hacker's Handbook 2

5. Ghost in the Wires

6. The Hacker Playbook (1,2,3)

7. Gray Hat Hacking (5th Edition)

8. Hacking Exposed 7 Network Security

9. Hacking Exposed Web Application (1,2,3)

10. Hacking for Dummies (6th Edition)

11. Hacking The Art of Exploitation

12. Mastering Modern Web Penetration Testing

13. Metasploit The Penetration Tester's Guide

14. OWASP Testing Guide 4.0

15. OWASP Top 10 (2010 - 2013 - 2017)

15. OWASP Top 10 (2010 - 2013 - 2017)

16. Penetration Testing: A Hands-On Introduction to Hacking

17. Red Team Field Manual

18. The Basics of Hacking and Penetration Testing by Patrick Engebreston

19. The Tangled Web

20. Violent Python

21. Web Hacking 101

22. Real World Bug Hunting by Peter Yaworski

23. Ethical Hacking and Penetration Test by Rafy Baloch

24. Google Hacking for Penetration Testers (3rd Edition)

25. Practical Malware Analysis

26. The Browser Hacker’s Handbook

27. Reversing Secrets to reverse Engineering

[ Youtube Channels ] :

1. Nahamsec = https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos

2. Adrian Cresho =

https://www.youtube.com/user/irongeek/playlists

3. Ben Grewell =

https://www.youtube.com/channel/UC2Xz7OF80Ae3SU6uk4ERjZQ

4. Bugcrowd =

https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww

5. Ebrahim Hegazy =

https://www.youtube.com/user/Zigoo0/playlists

6. GynvaelEN=

https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg

Nahamsec

Nahamsec creates educational hacking videos for anyone with an interest in web application hacking with a focus on bug bounties.

https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos

7. HackerSploit=

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q

8. IppSec =

https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

9. John Hammond =

https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw

10. LiveOverflow =

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

11. Murmus CTF =

https://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A

12. STÖK =

https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg

HackerSploit

About HackerSploit HackerSploit is a Cybersecurity training and consulting company that specializes in: Cybersecurity & Infosec Training Corporate Cybersec...

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q

13. Null Byte =

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g

14. Devil Killer =

https://www.youtube.com/channel/UCwfYw-C2xqemqrXq0IKF_Mg/videos

15. zseano =

https://www.youtube.com/channel/UCCUFgj-52_ryvpQUacylRpg/videos

16. Web Development Tutorials (Yaworski) =

https://www.youtube.com/user/yaworsk1/videos

17. HackerOne = https://www.youtube.com/channel/UCsgzmECky2Q9lQMWzDwMhYw

Null Byte

The official Null Byte channel for video content! We focus on creating videos for aspiring ethical hackers, computer scientists, and the infosec community.

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g

18. Cyber Defenders =

https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists

19. Nakerah Network =

https://www.youtube.com/channel/UCvgMmTPBM7xRyxU07-cBpbg/playlists

20. SANS Pen Test Training =

https://www.youtube.com/channel/UCP28F4uf9s2V1_SQwnJST_A/videos

21. SecurityScope = https://www.youtube.com/channel/UCCL_vo2ZoeDleibXikT9efQ/playlists

22. Ahmed Abdalazeem = https://www.youtube.com/channel/UCyynqIEDQXktIXLVSZYe6tg

Cyber Defenders

CyberDefence Certifications, Training and Services.

https://www.youtube.com/channel/UCI6UPRiq8G0svT8NyrknNnA/playlists

23. Ammon Henderson = https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists

24. Motasem Hamdan = https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/playlists

25. Grant Collins = https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA

26. PwnFunction = https://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A

27. Injection = https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/featured

Ammon Henderson

My Favourite Videos Thank you for visiting my channel, I am new at this and is a work in progress as far as what exactly I want my channel to be as an end re...

https://www.youtube.com/channel/UCdrzJS1bfg9_utyJFQ_T35Q/playlists

Latest Threads Unrolled: