http://www.osvdb.org/ The Open Source Vulnerability
http://www.securityfocus.com/ Public vulnerabilities, mailing lists, and
http://www.packetstormsecurity.org/ Exploits, advisories, tools, and
http://www.vupen.com/ Security advisories, PoCs, mailing lists,
http://www.secunia.com/ Advisories, whitepapers, security
http://www.exploit-db.com/ Exploits database, Google Hacking
http://web.nvd.nist.gov/view/vuln/
search
https://access.redhat.com/security/
updates/advisory/
http://lists.centos.org/pipermail/
centos-announce/
http://www.us-cert.gov/ncas/alerts DHS US-CERT reports security issues,
http://xforce.iss.net ISS X-Force offers security threat alerts,
http://www.debian.org/security/ Debian security advisories and
http://www.mandriva.com/en/support/
security/
https://www.suse.com/support/update/ SUSE Linux Enterprise security
http://technet.microsoft.com/en-us/
security/advisory
Database
security tools
whitepapers
and research publications
factsheets, and research papers
Database (GHDB), and papers
NVD is a U.S. government repository for
a vulnerability database based on CVE
RedHat errata notification and security
advisories
CentOS security and general
announcement mailing list
vulnerabilities, and exploits techical
alerts
advisories, vulnerability database, and
whitepapers.
mailing lists
Mandriva Linux security advisories.
advisories.
Microsoft security advisories.
URL Description
http://technet.microsoft.com/en-us/
security/bulletin
http://www.ubuntu.com/usn Ubuntu security notices.
http://www.first.org/cvss/ First Common Vulnerability Scoring
http://tools.cisco.com/security/
center/publicationListing.x
http://www.security-database.com Security alerts and dashboard and
http://www.securitytracker.com/ Security vulnerabilities information.
http://www.auscert.org.au/ Australian CERT publishes
http://en.securitylab.ru/ Advisories, vulnerability database,
http://corelabs.coresecurity.com/ Vulnerability research, publications,
https://www.htbridge.com/ Security advisories and security
http://www.offensivecomputing.net/ Malware sample repository.
http://measurablesecurity.mitre.
org/
Microsoft security bulletins.
System (CVSS-SIG).
Cisco security advisories, responses,
and notices.
CVSS calculator.
security bulletins, advisories, alerts,
presentations, and papers.
PoC, and virus reports.
advisories, and tools.
publications.
MITRE offers standardized protocols
for the communication of security data
related to vulnerability management,
intrusion detection, asset security
assessment, asset management,
configuration guidance, patch
management, malware response,
incident management, and threat
analysis. Common Vulnerabilities and
Exposures (CVE), Common Weakness
Enumeration (CWE), Common
Attack Pattern Enumeration and
Classification (CAPEC), and Common
Configuration Enumeration (CCE) are
a few of them.
Key Resources
Paid incentive programs
The following table lists several companies that will give incentives to researchers
who inform them about zero-day exploits:
URL Description
http://www.zerodayinitiative.com/ Zero-Day Initiative (3Com /
http://www.netragard.com/zero-day-
exploit-acquisition-program
https://gvp.isightpartners.com/ iSIGHT partners offers the Global
https://exploithub.com ExploitHub is a marketplace for
http://www.beyondsecurity.com/ssd.
html
TippingPoint division) offers paid
programs for security researchers
Netragard offers to buy zero-day
exploits
Vulnerability Partnership (GVP)
program
vulnerability testing
The SecuriTeam Secure Disclosure
program offers researchers to get paid
for discovering vulnerabilities
Reverse engineering resources
The following table contains several websites that can help you learn about
reverse engineering:
URL Description
http://www.woodmann.com/forum/
index.php
http://www.binary-auditing.com/ Free IDA Pro binary auditing training
http://www.openrce.org/ Open reverse code engineering
http://reversingproject.info/ This provides tools, documents, and
http://www.reteam.org/ Reverse engineering team with various
http://www.exetools.com/ Tutorials, file analyzers, compressors, hex
Reverse code engineering forums,
collaborative knowledge, and tools library.
material.
community.
exercises to learn software reverse
engineering.
projects, papers, challenges, and tools.
editors, protectors, unpackers, debuggers,
disassemblers, and patchers.
URL Description
http://tuts4you.com/ Tutorials and tools for reverse code
http://crackmes.de/ Here, you can test and improve your
http://fumalwareanalysis.
blogspot.com/p/malware-analysis-
tutorials-reverse.html
http://quequero.org/ The UIC R.E. academy is aimed at teaching
engineering.
reversing skills by solving the tasks
(usually called crackmes).
This site contains malware analysis
tutorials. The analysis is done using a
reverse engineering approach.
reverse engineering for free to anybody
willing to learn. It contains malware
analysis articles and several reverse
engineering tools.
Penetration testing learning resources
The following table lists several websites that you can refer to in order to deepen
your knowledge in the penetration testing field:
URL Description
http://www.kali.org/blog/ Kali Linux blog.
http://pen-testing.sans.org SANS penetration testing resources: blogs,
http://resources.
infosecinstitute.com/
http://www.securitytube.net/ This contains various videos on information
http://www.concise-courses.
com/
http://opensecuritytraining.
info/Training.html
white papers, webcasts, cheatsheets, and
links useful for penetration testing.
This contains articles on various topics
in information security, such as hacking,
reverse engineering, forensics, application
security, and so on.
security. Out of these, the ones that are
especially useful for learning are the
megaprimer videos such as Metasploit
framework expert, Wi-Fi security expert,
exploit research, and so on.
This provides web shows and an online
course related to information security. The
course may not be free.
This provides training material for computer
security classes on any topic that are at least
one day long.
Key Resources
URL Description
https://pentesterlab.com/
bootcamp/
http://www.pentesteracademy.
com/
http://www.pentest-standard.
org
http://www.ethicalhacker.net/ Free online magazine for security
https://community.rapid7.com/
community/metasploit/blog
http://www.blackhatlibrary.
net/Main_Page
http://www.offensive-security.
com/metasploit-unleashed/Main_
Page
http://www.codecademy.com/
learn
http://www.social-engineer.
org/framework/Computer_
Based_Social_Engineering_
Tools:_Social_Engineer_
Toolkit_%28SET%29
http://technet.microsoft.
com/en-us/library/
cc754340%28WS.10%29.aspx
http://www.elearnsecurity.com/ eLearnSecurity is a provider of IT security
http://www.offensive-security.
com/
http://www.dirk-loss.de/
python-tools.htm
This provides information on how to become
a pentester. The material is divided into a
15-week bootcamp session. It contains the
reading list and hands-on practice.
This provides online information security
training. It covers several topics such as web
application pentesting, network pentesting,
and so on. Some of the videos can be
downloaded for free, while for the others,
you need to become a member to access
them.
This is a new standard designed to provide
both businesses and security service
providers with a common language and
scope for performing penetration testing.
professionals.
Metasploit Blog.
This contains security tutorials and tools.
This website provides free training for the
Metasploit framework.
This website provides various tutorials to
learn the programming language.
Social engineering toolkit tutorial
Windows Server command-line reference.
and penetration testing courses for IT
professionals.
The developer of Kali Linux and provider
of information security training and
certification.
Python tools for penetration testing.
Exploit development learning resources
The following table lists several websites that you can use to learn about software
exploit development:
URL Description
https://www.corelan.be/index.php/
articles/
http://fuzzysecurity.com/
tutorials.html
http://www.thegreycorner.com/ It provides exploit tutorials and a
This contains various articles on
information security. It is famous for
providing detailed exploit writing
tutorials.
It contains exploit development tutorials
for Windows and Linux users.
vulnerable server application to practice.
Penetration testing on a vulnerable
environment
The following sections list online web application challenges and virtual machine
and ISO images that contain vulnerable applications. These resources can be used to
learn penetration testing in your own system environment.
Online web application challenges
The following table lists several websites that provide several challenges, which you
can use to learn penetration testing:
URL Description
https://pentesteracademylab.
appspot.com/
https://hack.me/ Hack.me is a free, community-based project
https://www.hacking-lab.com/
caselist/
It contains four free challenges in the web
application area such as form bruteforcing and
HTTP basic authentication attack.
powered by eLearnSecurity. The community
can build, host, and share vulnerable web
application code for educational and research
purposes.
Hacking-Lab provides a security lab with
various security challenges that you can try.
They even provide a Live CD that will enable
access into the 'Hacking-Lab's remote
security lab.
Key Resources
URL Description
https://google-gruyere.
appspot.com/
http://www.enigmagroup.org/ Enigma Group provides its members with a
https://www.owasp.org/
index.php/OWASP_Hackademic_
Challenges_Project
https://www.hackthissite.org/ Hack This Site is a free, safe, and legal training
This codelab shows how web application
vulnerabilities can be exploited and how to
defend against these attacks.
legal and safe security resource where they
can develop their pen-testing skills on the
various challenges provided by this site.
These challenges cover the exploits listed in
the OWASP (The Open Web Application
Security Project) top 10 projects and teach
members many other types of exploits that are
found in today's applications, thus helping
them to become better programmers in the
meantime.
The OWASP Hackademic Challenges Project
is an open source project that helps you to
test your knowledge on web application
security. You can use it to actually attack web
applications in a realistic but controllable and
safe environment.
ground for hackers to test and expand their
hacking skills. It also has a vast selection of
hacking articles and a huge forum where users
can discuss hacking, network security, and just
about everything.
Virtual machines and ISO images
The following table lists several virtual machines and ISO images that can be
installed on your machine as targets to learn penetration testing:
URL Description
http://vulnhub.com/ It contains various VMs to allow anyone to gain a
http://exploit-
exercises.com/
practical hands-on experience in digital security,
computer application, and network administration.
This provides a variety of virtual machines,
documentation, and challenges that can be used to
learn about a variety of computer security issues, such
as privilege escalation, vulnerability analysis, exploit
development, debugging, reverse engineering, and
general cyber security issues.
URL Description
https://www.
pentesterlab.com/
exercises/
http://hackxor.
sourceforge.net
https://www.
mavensecurity.com/web_
security_dojo/
http://www.bonsai-sec.
com/en/research/moth.php
http://exploit.co.il/
projects/vuln-web-app/
http://sourceforge.net/
projects/lampsecurity/
https://bechtsoudis.com/
work-stuff/challenges/
drunk-admin-web-hacking-
challenge/
https://code.google.
com/p/owaspbwa/
http://sourceforge.net/
projects/bwapp/files/
bee-box/
This provides various web application security exercise
materials, such as SQL injection, Axis2 and Tomcat
manager, and MoinMoin code execution. In each
exercise, you will have an explanation tutorial and also
the vulnerable application in the ISO image.
Hackxor is a webapp hacking game where players
must locate and exploit vulnerabilities to progress
through the story. It contains XSS, CSRF, SQLi, ReDoS,
DOR, command injection, and so on.
A free open-source, self-contained training
environment for web application security and
penetration testing.
Moth is a VMware image with a set of vulnerable web
applications and scripts, which you may use for:
• Testing web application security scanners
• Testing Static Code Analysis (SCA) tools
• Giving an introductory course on web
application security
The exploit.co.il vulnerable web app is designed
as a learning platform to test various SQL injection
techniques, and it is a fully functional website with a
content management system based on fckeditor.
LAMPSecurity training is designed to be a series
of vulnerable virtual machine images along with
complementary documentation designed to teach
Linux, Apache, PHP, and MySQL security.
The challenge includes an image hosting web service
that has various design vulnerabilities. You must
enumerate the various web service features and find
an exploitable vulnerability in order to read system-
hidden files.
OWASP Broken Web Applications Project, a collection
of vulnerable web applications, is distributed on a
virtual machine in VMware compatible format.
bee-box is a custom Linux VMware virtual machine
preinstalled with bWAPP. bee-box gives you several
ways to hack and deface the bWAPP website. It's even
possible to hack bee-box to get root access. With bee-
box, you have the opportunity to explore all bWAPP
vulnerabilities!
Key Resources
URL Description
http://information.
rapid7.com/download-
metasploitable.
html?LS=1631875&CS=web
The Metasploitable 2 virtual machine is an
intentionally vulnerable version of Ubuntu Linux
designed for testing security tools and demonstrating
html - http://www.w3schools.com/html/default.asp
mysql - http://elias.praciano.com/2013/02/mysql-comandos-basicos/
cmd commands *.* - http://ss64.com/nt/
common vulnerabilities.
pastebin.comhttps://cryptbin.comhttps://www.torproject.org/https://www.facebook.com/profile.php?id=100009448345515
thank you !
