Learn Pentesting/Hacking - The Red Team

Created a Github page with useful materials for those who want to start to learn pentesting/hacking.

!!! Always do all work from VM or dedicated machine for that, remember that all tools that you install may have some malware(mostly not but the risk exists). 
So you should prevent access to your real machine. Also dont forget to use VPN, even when using training VM from hackthebox (because you will be sharing same network with many people)

BOOKS & ARTICLES

•  — Course for beginners
• Staring Point course from 
•  — How to pawn Juice Shop guide
•  — many tutorials and howtos
•  — exsploits & reverse engineering course
•  — buffer overflow for beginers
•  — buffer overflow, how to pass ASLR & PIE & NO-STACK-EXECUTION protection
•  — OWASP testing checklist. Help to not forget something
•  — OWASP testing guide for checklist above ^

TOOLS

•  — VM player to run Kali
•  — Kali linux for pentesters. Base Tool
•  — web site vulnerability scanner.
•  — wordpress vulnrability scanner.
•  — NMAP port, script, vulnerability scanner. Base tool
•  — Login cracker for different protocols
•  — Dir,Subdomains enumerator for websites
•  — Pentesting framework. Base Tool
•  — Privilege escalation for Win. Base Tool
•  — Privilege escalation for Linux. Base Tool
•  — console debugger
•  — edb debugger with ui

SERVICES

Data arvesting

•  — find emails on domain
•  — find if email was leaked
•  — subdomain search
•  — technology stack info
•  — servers search engine
•  — servers search engine

DATA LEAKS

•  — how passwords changes with time + 1.4B email:pass

TRAINING

•  — Platform with VMs that you can try to hack
•  — training site
•  — Training app for web pentesters
•  — excercices for hackers (not free)

EXPLOIT DBs

WORDLISTS

•  — many different
•  — SQL inj payloads
•  — web payloads