I'm a bit of a hacker fanatic and know a fair bit about that industry and cyber crime and cyber warfare.
Indonesia, Tangerang

Awesome Pentest

Awesome Penetration Testing

A collection of awesome penetration testing resources

Online Resources

#### Penetration Testing Resources * Metasploit Unleashed - Free Offensive Security metasploit course * PTES - Penetration Testing Execution Standard * OWASP - Open Web Application Security Project

Shellcode development

Social Engineering Resources

Lock Picking Resources


#### Penetration Testing Distributions * Kali - A Linux distribution designed for digital forensics and penetration testing * BlackArch - Arch Linux-based distribution for penetration testers and security researchers * NST - Network Security Toolkit distribution * Pentoo - security-focused livecd based on Gentoo * BackBox - Ubuntu-based distribution for penetration tests and security assessments

Basic Penetration Testing Tools

  • Metasploit Framework - World’s most used penetration testing software
  • Burp Suite - An integrated platform for performing security testing of web applications
  • ExploitPack - Graphical tool for penetration testing with a bunch of exploits

Vulnerability Scanners

  • Netsparker - Web Application Security Scanner
  • Nexpose - Vulnerability Management & Risk Management Software
  • Nessus - Vulnerability, configuration, and compliance assessment
  • Nikto - Web application vulnerability scanner
  • OpenVAS - Open Source vulnerability scanner and manager
  • OWASP Zed Attack Proxy - Penetration testing tool for web applications
  • Secapps - Integrated web application security testing environment
  • w3af - Web application attack and audit framework
  • Wapiti - Web application vulnerability scanner
  • WebReaver - Web application vulnerability scanner for Mac OS X

Network Tools

  • nmap - Free Security Scanner For Network Exploration & Security Audits
  • tcpdump/libpcap - A common packet analyzer that runs under the command line
  • Wireshark - A network protocol analyzer for Unix and Windows
  • Network Tools - Different network tools: ping, lookup, whois, etc
  • netsniff-ng - A Swiss army knife for for network sniffing
  • Intercepter-NG - a multifunctional network toolkit
  • SPARTA - Network Infrastructure Penetration Testing Tool

Wireless Network Tools

  • Aircrack-ng - a set of tools for auditing wireless network
  • Kismet - Wireless network detector, sniffer, and IDS
  • Reaver - Brute force attack against Wifi Protected Setup

SSL Analysis Tools

  • SSLyze - SSL configuration scanner
  • sslstrip - a demonstration of the HTTPS stripping attacks

Hex Editors


Windows Utils

DDoS Tools

  • LOIC - An open source network stress tool for Windows
  • JS LOIC - JavaScript in-browser version of LOIC

Social Engineering Tools

  • SET - The Social-Engineer Toolkit from TrustedSec

OSInt Tools

  • Maltego - Proprietary software for open source intelligence and forensics, from Paterva.

Anonimity Tools

  • Tor - The free software for enabling onion routing online anonymity
  • I2P - The Invisible Internet Project

Reverse Engineering Tools

  • IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
  • IDA Free - The freeware version of IDA v5.0
  • WDK/WinDbg - Windows Driver Kit and WinDbg
  • OllyDbg - An x86 debugger that emphasizes binary code analysis
  • Radare2 - Opensource, crossplatform reverse engineering framework.
  • x64_dbg - An open-source x64/x32 debugger for windows.
  • Pyew - A Python tool for static malware analysis.
  • Bokken - GUI for Pyew Radare2.
  • Immunity Debugger - A powerful new way to write exploits and analyze malware
  • Evan’s Debugger - OllyDbg-like debugger for Linux


#### Penetration Testing Books * The Art of Exploitation by Jon Erickson, 2008 * Metasploit: The Penetration Tester’s Guide by David Kennedy and others, 2011 * Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014 * Rtfm: Red Team Field Manual by Ben Clark, 2014 * The Hacker Playbook by Peter Kim, 2014 * The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013 * Professional Penetration Testing by Thomas Wilhelm, 2013 * Advanced Penetration Testing for Highly-Secured Environments by Lee Allen,2012 * Violent Python by TJ O’Connor, 2012 * Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini, 2007 * Black Hat Python: Python Programming for Hackers and Pentesters, 2014 * Penetration Testing: Procedures & Methodologies (EC-Council Press),2010

Hackers Handbook Series

Network Analysis Books

Reverse Engineering Books

Malware Analysis Books

Windows Books

Social Engineering Books

Lock Picking Books

Vulnerability Databases

Security Courses

Information Security Conferences

  • DEF CON - An annual hacker convention in Las Vegas
  • Black Hat - An annual security conference in Las Vegas
  • BSides - A framework for organising and holding security conferences
  • CCC - An annual meeting of the international hacker scene in Germany
  • DerbyCon - An annual hacker conference based in Louisville
  • PhreakNIC - A technology conference held annually in middle Tennessee
  • ShmooCon - An annual US east coast hacker convention
  • CarolinaCon - An infosec conference, held annually in North Carolina
  • HOPE - A conference series sponsored by the hacker magazine 2600
  • SummerCon - One of the oldest hacker conventions, held during Summer
  • Hack.lu - An annual conference held in Luxembourg
  • HITB - Deep-knowledge security conference held in Malaysia and The Netherlands
  • Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany
  • Hack3rCon - An annual US hacker conference
  • ThotCon - An annual US hacker conference held in Chicago
  • LayerOne - An annual US security conerence held every spring in Los Angeles
  • DeepSec - Security Conference in Vienna, Austria
  • SkyDogCon - A technology conference in Nashville
  • SECUINSIDE - Security Conference in Seoul
  • DefCamp - Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania

Information Security Magazines

Awesome Lists


Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕)


Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License