Following the blogposts that identified entry & mid-level resources for the penetration testing professional we will end this series with a list of advanced resources. If you haven’t read the two previous posts, we highly recommend to do so in order to get a more holistic view on the subject. For the rest of you, enjoy.
Windows Active Directory (AD) and various post exploitation
https://hunter2.gitbook.io/darthsidious/getting-started/getting-started
This blog discusses Active Directory security, provides guidelines on how to specifically set-up an AD lab and how to attack it in practice, and how to evade security controls, using various tools.
This blog is one of the wealthier resources in Active Directory security. It provides guidelines for both attacking and defending Active Directory environments.
This blog discusses Windows post-exploitation, Active Directory lateral movement and more. Also, home of many post-exploitation scripts that used for lateral movement in an AD environment.
This blog discusses Windows post-exploitation and Active Directory &cloud security.
https://lolbas-project.github.io/
The goal of LOLBAS is to “document every binary, script, and library that can be used for Living Off The Land techniques”. It is the definitive resource for using various Windows (Microsoft-signed) binaries for phishing, post-exploitation, and Application WhiteListing bypasses.
This blog focuses on offensive and defensive security, mostly related to the Windows OS. It hosts exploitation & post-exploitation tactics, AppLocker bypasses, and more.
Malware related and coding
https://objective-see.com/index.html
This site wants to provide simple and effective macOS tools. Also provides a wealth of information regarding macOS malware and macOS malware sources.
Romanian forum that discusses various reverse-engineering topics such as programming, reverse engineering and exploitation.
http://www.rohitab.com/discuss/
Forum that discusses OS internals and Windows C/C++ programming, Unix/Linux system programming, Web programming, and more.
Web security
One of the best blogs about vulnerability research, exploitation, and CTF write-ups; mainly regarding Web applications.
The blog of our favourite tool, Burpsuite. It discusses all kinds of Web application security, such as research of new attacks, web application penetration testing, automation, and more.
https://github.com/swisskyrepo/PayloadsAllTheThings
This github has payloads for many attacks and it is one of the best resources that can work as a cheat sheet, not only for web applications, but also for system-level attacks and payloads.
Resource of vulnerability exploitation for various platforms and technologies including Windows, Linux, Web, Android, and iOS.
Code review
https://wiki.sei.cmu.edu/confluence/collector/pages.action?key=c
The definitive resource for secure coding guidelines, code review for C/C++, Java, Perl, and Android devices.
Tools
https://defuse.ca/online-x86-assembler.htm
Online x86 and x64 assembler to opcode and vice versa. Also has a tweet bot.
https://gchq.github.io/CyberChef/#recipe=To_Hex(‘Space’)&input=Li4vLi4vZXRjL3Bhc3N3ZA
Convert from, to anything really. Or, bake anything.
Exploitation and reverse engineering
Resource of vulnerability exploitation for various platforms and technologies including Windows, Linux, Web, Android and iOS.
Resource for vulnerability exploitation, reverse engineering, malware analysis and CTF write-ups.
CTF write-ups, exploitation, coding and reversing blog.
https://forum.reverse4you.org/
As its authors say, “a community of people who are interested in topics related to reverse engineering, exploit development, malware research, and pentest”.
General information security website that includes exploitation, vulnerability researching, attack & defense methodologies, mobile security, and more.
https://www.kernelmode.info/forum/
A forum for reverse engineering, OS internals and malware analysis
Blog that discusses vulnerability research, Windows exploitation, Windows Kernel exploitation, Windows internals, reverse engineering and other low-level stuff.
https://www.vergiliusproject.com/
This website is a goldmine of information regarding most (if not all) Windows internal undocumented structures for both x86 and x64 architectures, from Windows XP to Windows 10, for every release.
https://googleprojectzero.blogspot.com/
Google’s blog for vulnerability research and exploitation for various platforms and architectures
https://gynvael.coldwind.pl/?blog=1&lang=en
Gynwael’s blog for exploitation, reversing and programming regarding various architectures.
Windows Binary exploitation blog.
French and English blog for vulnerability exploitation ranging from Web to binary.
This forum has posts about reverse engineering, malware, and coding.
https://www.real0day.com/resources
The one, definitive resource for everything on Linux internals, ELF files, packers, obfuscation, encryption, coding, rootkits and exploitation.
Conclusion
That’s all for now folks. We will try to update all the lists in the future in order to remain relevant. But until that time comes. we hope that you will find our current resource list helpful.
Good-bye for now