{"id":21400705,"url":"https://github.com/cybersecurityup/awesome-pentest-practice","last_synced_at":"2026-01-02T23:12:47.223Z","repository":{"id":45797605,"uuid":"293661648","full_name":"CyberSecurityUP/Awesome-PenTest-Practice","owner":"CyberSecurityUP","description":"Hackthebox, Vulnhub, TryHackMe and Real World PenTest","archived":false,"fork":false,"pushed_at":"2020-09-08T23:47:41.000Z","size":72,"stargazers_count":111,"open_issues_count":0,"forks_count":29,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-03-13T14:02:45.861Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CyberSecurityUP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-09-08T00:35:44.000Z","updated_at":"2025-02-11T06:13:52.000Z","dependencies_parsed_at":"2022-07-17T01:16:15.622Z","dependency_job_id":null,"html_url":"https://github.com/CyberSecurityUP/Awesome-PenTest-Practice","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-PenTest-Practice","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-PenTest-Practice/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-PenTest-Practice/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-PenTest-Practice/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CyberSecurityUP","download_url":"https://codeload.github.com/CyberSecurityUP/Awesome-PenTest-Practice/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243893905,"owners_count":20364916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T15:23:43.159Z","updated_at":"2026-01-02T23:12:47.160Z","avatar_url":"https://github.com/CyberSecurityUP.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Awesome-PenTest-Practice\n\n### Tips, Materials and commands that you can use in CTFs, RealPenTest and even Bug Bounty!\n#### My LinkedIn: https://www.linkedin.com/in/joas-antonio-dos-santos/ \u003e\u003e Contains more than 170 articles by Red and Blue Team\n----------------------------------------------------------------------------------------------\n#### Nmap Tricks:\nnmap -sV -Pn --top-ports 1000 --min-rate 200 --max-rate 400 -T5 192.168.0.1/24 = High Fast Nmap Scan \n\nnmap -v -sV -T5 --top-ports 1000 --min-rate 200 --max-rate 400 --scan-delay 2 --max-scan-delay 4 --min-rtt-timeout 2 --max-rtt-timeout 3 initial-rtt-timeout 1 192.168.0.1/24 = Ultra High Fast Nmap Scan\n\nnmap --top-ports 1000 -sV -v --ttl 10 --badsum TCP -f --mtu 16  192.168.0.1/24 = Evasion Firewall\n\nnmap --top-ports 1000 -sV -v --ttl 10 -f --mtu 16 192.168.0.1/24 = Evasion Firewall 2\n\nhttps://www.liquidweb.com/kb/using-nmap-pro-tips-and-tricks/\n\nhttps://blog.urfix.com/10-cool-nmap-tricks-techniques/\n\nhttps://medium.com/@iphelix/nmap-scanning-tips-and-tricks-5b4a3d2151b3\n\n----------------------------------------------------------------------------------------------\n\n#### Nmap Evasion Techniques: \n\nhttp://www.dimz-it.com/berkas/Nmap_Firewall_Evasion_Techniques.pdf\n\nhttps://nmap.org/book/firewall-subversion.html\n\nhttps://dzone.com/articles/firewall-bypassing-techniques-with-nmap-and-hping3\n\nhttps://www.youtube.com/watch?v=d5-wBkMRPQU (Hak5 Evade Firewall)\n\nhttps://www.youtube.com/watch?v=4t4kBkMsDbQ\u0026ab_channel=NetworkChuck (Network Chuck Nmap)\n\nhttps://github.com/jasonniebauer/Nmap-Cheatsheet \n\n----------------------------------------------------------------------------------------------\n\n#### Bug Bounty Tricks and Techniques:\n\nhttps://github.com/KingOfBugbounty/KingOfBugBountyTips\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nhttps://github.com/Muhammd/awesome-bug-bounty\n\nhttps://github.com/ngalongc/bug-bounty-reference\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nhttps://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters\n\nhttps://github.com/EdOverflow/bugbounty-cheatsheet\n\nhttps://github.com/EdOverflow/bugbountyguide\n\nhttps://github.com/devanshbatham/Awesome-Bugbounty-Writeups\n\nhttps://github.com/1hack0/Facebook-Bug-Bounty-Write-ups\n\nhttps://pentester.land/list-of-bug-bounty-writeups.html\n\nhttps://medium.com/bugbountywriteup\n\nCSRF Poc Generator (https://github.com/merttasci/csrf-poc-generator)\n\nSubOver (https://github.com/Ice3man543/SubOver)\n\nKnock SubDomain (https://github.com/guelfoweb/knock)\n\nXSS Payloads (https://gist.github.com/rvrsh3ll/09a8b933291f9f98e8ec)\n\nSQL Injection Payloads (https://github.com/payloadbox/sql-injection-payload-list)\n\nTrick Recon (https://www.linkedin.com/pulse/tricks-de-recon-ataide-junior/?trackingId=lo%2FwG4h%2FSemwGplcWrHIhA%3D%3D)\n\n----------------------------------------------------------------------------------------------\n\n#### Red Team - Tools and Techniques\n\nhttps://github.com/infosecn1nja/Red-Teaming-Toolkit\n\nhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming\n\nhttps://github.com/m0nad/awesome-privilege-escalation\n\nhttps://github.com/D35m0nd142/LFISuite\n\nhttps://github.com/P0cL4bs/kadimus.git\n\nhttps://github.com/MrPineMan/Awesome-Reverse-Shell\n\nhttps://github.com/xl7dev/WebShell\n\nhttps://portswigger.net/web-security\n\nhttps://github.com/alphaSeclab/awesome-burp-suite\n\nhttps://github.com/snoopysecurity/awesome-burp-extensions\n\nhttps://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_-_linux.html\n\nhttps://sushant747.gitbooks.io/total-oscp-guide/list_of_common_ports.html\n\nhttps://github.com/jakejarvis/awesome-shodan-queries\n\nhttps://github.com/danielmiessler/SecLists\n\nhttps://github.com/0x4D31/awesome-oscp\n\nhttps://github.com/Aadi-0110/awesome-oscp\n\nhttps://github.com/coolx28/Awesome-Oscp\n\nhttps://github.com/JoaoPauloF/OSCP/blob/master/OSCPnotes.md\n\nhttps://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources\n\nhttps://github.com/codeinthedark/awesome-power-mode/commits?author=ceh\n\nhttps://github.com/Optixal/CEHv10-Notes\n\nhttps://github.com/g0rbe/CEH\n\nhttps://github.com/CyberSecurityUP/Guide-CEH-Practical-Master\n\nhttps://docs.google.com/document/d/e/2PACX-1vTP5OvJToWToMOKyeMyPcIPJhqbnESgWY6dYje9seJY96-ezCEJbXsMkfMWhoqPRaCNRs6BOO7urQyF/pub?fbclid=IwAR3aWZoikOvDgfxxzdfjFsGS60Q9SE8ZL5ROqP6Bzvzuq-fIYbSGoxRjArY\n\nhttps://drive.google.com/drive/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU (e-books Joas)\n\nhttps://www.exploit-db.com/google-hacking-database\n\nhttps://iftm.edu.br/ERP/MPES/EVENTOS/arquivos/2015_10_16-09_20_01_anexo_resumo_expandido_bruno_rodrigo.pdf\n\nhttps://www.youtube.com/watch?v=LgBcFpusC7A\n\nhttps://www.blackhat.com/presentations/bh-europe-05/BH_EU_05-Long.pdf\n\nhttps://www.oakton.edu/user/2/rjtaylor/cis101/Google%20Hacking%20101.pdf\n\nhttps://www.a2hosting.com.br/kb/getting-started-guide/internet-and-networking/troubleshooting-dns-with-dig-and-nslookup\n\nhttps://ipok.com.br/blog/usando-dig-para-pesquisas-de-dns-parte-1/\n\nhttps://www.cloudns.net/blog/10-most-used-nslookup-commands/\n\nhttps://www.somosagility.com.br/como-solucionar-problemas-de-dns-com-dig-e-nslookup-2/\n\nhttps://www.youtube.com/watch?v=2KzpGjn7M9s\n\nhttps://github.com/rebootuser/LinEnum\n\nhttps://github.com/Arr0way/linux-local-enumeration-\n\nhttps://highon.coffee/blog/linux-local-enumeration-/\n\nhttps://github.com/Z3R0th-13/Enum\n\nhttps://github.com/411Hall/JAWS\n\nhttps://411hall.github.io/JAWS-Enumeration/\n\nhttps://hakin9.org/privesccheck-privilege-escalation-enumeration--for-windows/\n\nhttp://literacybasics.ca/strategic-planning/strategic-planning-assesssment/overview-and-information-gathering-tools/\n\nhttps://www.dlsweb.rmit.edu.au/Toolbox/knowmang/content/gathering_data/information_gathering_methods.htm\n\nhttps://www.youtube.com/watch?v=WW6myutKBYk\n\nhttps://www.youtube.com/watch?v=zemNLx0-LRw\n\nhttps://www.youtube.com/watch?v=xlxpfvlUZLA\n\nhttps://www.youtube.com/watch?v=Q8hAjEaAgE8\n\nhttps://www.youtube.com/watch?v=z2EUhV11QB4\n\nhttps://www.youtube.com/watch?v=Hk-21p2m8YY\n\nhttps://www.youtube.com/watch?v=GlVb44dD-dA\n\nhttps://www.youtube.com/watch?v=7XMIFTRiAGA\n\nhttps://null-byte.wonderhowto.com/how-to/hack-like-pro-advanced-nmap-for-reconnaissance-0151619/\n\nhttps://www.youtube.com/watch?v=krnpQWDkf_c\n\nhttps://hackertarget.com/nmap-tutorial/\n\nhttps://www.youtube.com/watch?v=VFJLMOk6daQ\n\nhttps://awesomeopensource.com/projects/information-gathering\n\nhttps://github.com/topics/information-gathering\n\nhttps://www.hindawi.com/journals/scn/2019/2627608/\n\nhttps://www.researchgate.net/publication/328430317_Approaches_for_Preventing_Honeypot_Detection_and_Compromise\n\nhttps://blog.rapid7.com/2016/12/06/introduction-to-honeypots/\n\nhttps://ccdcoe.org/uploads/2018/10/d3r2s4_haltas.pdf\n\nhttps://www.incibe-cert.es/en/blog/honeystation-en\n\nhttps://www.youtube.com/watch?v=fQqWe8br2Gw\n\nhttps://securityonline.info/adrecon-active-directory-gathering-information-tool/\n\nhttps://www.youtube.com/watch?v=ze1UcSLOypwMitre Attack Discoverys\n\nhttps://attack.mitre.org/techniques/T1010/\n\nhttps://attack.mitre.org/techniques/T1046/\n\nhttps://attack.mitre.org/techniques/T1007/\n\nhttps://attack.mitre.org/techniques/T1033/\n\nhttps://attack.mitre.org/techniques/T1049/\n\nhttps://attack.mitre.org/techniques/T1063/\n\nhttps://attack.mitre.org/techniques/T1018/\n\nhttps://attack.mitre.org/techniques/T1069/\n\nhttps://attack.mitre.org/techniques/T1201/\n\nhttps://attack.mitre.org/matrices/enterprise/linux/\n\nWsus Exploit: Realizar movimento lateral e manipular componentes do WSUS\n\nhttps://pentestit.com/wsuxploit-weaponized-wsus-exploit-/\n\nhttps://github.com/AlsidOfficial/WSUSpendu\n\nhttps://osiriansec.gitbooks.io/infosecuberwiki/chapter1/exploitation/internal/lan-attacks/attack-windows/attack-wsus.html\n\nhttps://github.com/infosecn1nja/AD-Attack-Defense/blob/master/README.md\n\nLinux Exploitation: Exploração avançadas, métodos de enumeração avançada, escalação de privilégio, pivoting e até exploração de serviços.\n\nhttps://attack.mitre.org/techniques/T1184/\n\nhttps://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/\n\nhttps://www.youtube.com/watch?v=dk2wsyFiosg\n\nhttps://tools.kali.org/tools-listing\n\nhttps://www.youtube.com/watch?v=SyE4y6qZPjM\n\nhttps://www.youtube.com/watch?v=B2xu0QXXx54\n\nhttps://www.youtube.com/watch?v=SjwjxQndOs8\n\nhttps://www.youtube.com/watch?v=_wdESwXdMYg\n\nhttps://www.youtube.com/watch?v=sZ_-KD5Dksw\n\nhttps://www.youtube.com/watch?v=gsEvrdcn-DI\n\nhttps://kalilinuxtutorials.com/infog-information-gathering-tool/\n\nhttps://www.hackingloops.com/information-gathering-using-kali-linux-for-penetration-testing/\n\nhttps://github.com/wwong99/pentest-notes/blob/master/oscp_resources/OSCP-Survival-Guide.md\n\nhttps://medium.com/@aptbughunter/my-oscp-experience-0xapt-4fff90a8d408\n\nhttps://www.offensivecon.org/trainings/2018/linux-kernel-exploitation-techniques-vitaly-nikolenko.html\n\nhttps://github.com/xairy/linux-kernel-exploitation/blob/master/README.md\n\nhttps://github.com/xairy/linux-kernel-exploitation\n\nhttps://www.youtube.com/watch?v=Hrlc3GZQ4bA\n\nhttps://artkond.com/2017/03/23/pivoting-guide/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Network%20Pivoting%20Techniques.md\n\nhttps://resources.infosecinstitute.com/pivoting-exploit-system-another-network/#gref\n\nhttps://gtfobins.github.io/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md\n\nhttps://payatu.com/guide-linux-privilege-escalation\n\nhttps://medium.com/@falconspy/oscp-approved-tools-b2b4e889e707\n\nhttps://null-byte.wonderhowto.com/how-to/use-ssh-local-port-forwarding-pivot-into-restricted-networks-0179711/\n\nhttps://www.cybrary.it/blog/0p3n/pivot-network-port-forwardingredirection-hands-look/\n\nhttps://0xdf.gitlab.io/2019/01/28/pwk-notes-tunneling-update1.html\n\nhttps://www.youtube.com/watch?v=mQ1hRS8scWM\n\nWindows Exploitation:Vulnerability scanning, pivoting and sideways movement, password cracking and privilege escalation\n\nhttps://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References\n\nhttps://hackersguru.in/windows-exploitation-and-hacking/\n\nhttps://pt.slideshare.net/utdcsg/advanced-windows-exploitation\n\nhttps://www.offensive-security.com/offsec/microsoft-dll-hijacking-exploit-in-action/\n\nhttps://www.youtube.com/watch?v=Pt9a6EQFs9s\n\nhttps://www.youtube.com/watch?v=XR1F467LTrs\n\nhttps://www.youtube.com/watch?v=2-kJ7Kh_5C4\n\nhttps://www.youtube.com/watch?v=FJhVoXwoX_w\n\nhttps://doublepulsar.com/rdp-hijacking-how-to-hijack-rds-and-remoteapp-sessions-transparently-to-move-through-an-da2a1e73a5f6\n\nhttps://www.youtube.com/watch?v=keFx6yYA_WY\n\nMitre Attack:\n\nhttps://attack.mitre.org/matrices/enterprise/windows/\n\nhttps://attack.mitre.org/techniques/T1077/\n\nhttps://attack.mitre.org/techniques/T1111/\n\nhttps://attack.mitre.org/techniques/T1174/\n\nhttps://attack.mitre.org/techniques/T1534/\n\nhttps://attack.mitre.org/techniques/T1175/\n\nhttps://attack.mitre.org/techniques/T1075/\n\nhttps://github.com/gentilkiwi/mimikatz\n\nhttps://www.varonis.com/blog/what-is-mimikatz/\n\nhttps://www.youtube.com/watch?v=bTYR_xYSDIk\n\nhttps://www.youtube.com/watch?v=0TBCzaBklcE\n\nhttps://www.youtube.com/watch?v=FfoQFKhWUr0\n\nhttps://blogs.jpcert.or.jp/en/2016/01/windows-commands-abused-by-attackers.html\n\nhttps://osandamalith.com/2019/08/26/converting-an-exe-to-a-dll/?fbclid=IwAR2LtVQnTJy-0M4cM9sEWTydKOSGIiGI9wiqKlD4V33Wtl6mWyd8hlNnBXo\n\nDesenvolvimento de exploits: Buffer Overflow, Bypass Software Protectors, Binary Exploitation, ROP, Shell codes, Fuzzing, Reverse Engineering, Egg Hunters, Debuggers and etc.\n\nhttps://www.youtube.com/watch?v=iyAyN3GFM7A\u0026list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN\n\nhttps://github.com/FabioBaroni/awesome-exploit-development\n\nhttps://github.com/mxamusic/awesome-exploit-development\n\nhttps://www.youtube.com/watch?v=1S0aBV-Waeo\u0026t=1s\n\nhttps://www.youtube.com/watch?v=1TNecxUBD1w\n\nhttps://www.youtube.com/watch?v=H2ZTTQX-ma4\n\nhttps://www.youtube.com/watch?v=59_gjX2HxyA\n\nhttps://www.youtube.com/watch?v=hrjdAv-aHCY\n\nhttps://www.youtube.com/watch?v=VX27nq6EcjI\u0026list=PLcKsaFvYl4l87C8_HhxkcFaoNhzC9bRw6\n\nhttps://www.youtube.com/channel/UCXHBFtUcbhIssuuXXud2WcQ\n\nhttps://www.youtube.com/watch?v=8Dcj19KGKWM\n\nhttps://www.youtube.com/watch?v=wDosab_Y4Hs\n\nhttps://www.youtube.com/watch?v=5FJxC59hMRY\n\nhttps://www.youtube.com/watch?v=gIJOtP1AC3A\u0026t=9s\n\nhttps://www.youtube.com/watch?v=4_xSGvD0GNk\n\nhttps://www.youtube.com/watch?v=6JBRXqT3USI\n\nhttps://www.youtube.com/watch?v=YgezGxzwD8A\n\nhttps://www.youtube.com/watch?v=7PMw9GIb8Zs\u0026list=PLBf0hzazHTGPoP8BjixXswrM01ttNkfnp\n\nhttps://github.com/secfigo/Awesome-Fuzzing\n\nhttps://github.com/wtsxdev/fuzzing-resources\n\nhttps://www.hackers-arise.com/post/2017/06/21/exploit-development-part-3-finding-vulnerabilities-by-fuzzing-with-spike\n\nhttps://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/babys-first-nxplusaslr-bypass/\n\nhttps://medium.com/@dontsmokejoints/bypass-nx-and-aslr-with-rop-38a0e46a62da\n\nhttps://intx0x80.blogspot.com/2018/04/bypass-aslrnx-part-1.html\n\nhttps://www.youtube.com/watch?v=mPbHroMVepM\n\nhttps://www.youtube.com/watch?v=BI_fO4gMW4Q\n\nhttps://awesomeopensource.com/projects/shellcode\n\nhttps://github.com/codeengn/awesome-korea-security-paper/blob/master/ReverseEngineering/Understanding%20Windows%20Shellcode%20%5Bskape%5D.pdf\n\nhttps://0x00sec.org/t/linux-shellcoding-part-1-0/289\n\nhttps://medium.com/@eaugusto/windows-ce-superh3-exploit-development-interlude-usable-null-free-risc-shellcode-and-ascii-3a4bbf3077bf\n\nhttps://www.exploit-db.com/papers/18273\n\nhttps://www.exploit-db.com/shellcodes\n\nhttps://www.offensive-security.com/metasploit-unleashed/payloads/\n\nhttps://www.offensive-security.com/metasploit-unleashed/payload-types/\n\nhttps://www.youtube.com/watch?v=a2EkORFcSZo\n\nhttps://www.youtube.com/watch?v=Ps3mZWQz01s\u0026list=PLIfZMtpPYFP4MaQhy_iR8uM0mJEs7P7s3\n\nhttps://www.youtube.com/watch?v=RF3-qDy-xMs\u0026list=PLIfZMtpPYFP6_YOrfX79YX79I5V6mS0ci\n\nhttps://medium.com/@rafaveira3/exploit-development-kolibri-v2-0-http-server-egg-hunter-example-1-5e435aa84879\n\nhttps://www.fuzzysecurity.com/tutorials/expDev/4.html\n\nhttps://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/\n\nhttps://www.securitysift.com/windows-exploit-development-part-5-locating-shellcode-egghunting/\n\nhttps://www.shogunlab.com/blog/2017/09/02/zdzg-windows-exploit-3.html\n\nhttps://securityimpact.net/2017/02/15/exploit-development-4-egg-hunting/\n\nhttps://connormcgarr.github.io/Exception-Handlers-and-Egg-Hunters/\n\nhttps://rastating.github.io/creating-a-custom-shellcode-encoder/\n\nhttps://medium.com/syscall59/writing-a-custom-shellcode-encoder-31816e767611\n\nhttps://medium.com/@habibiefaried/slae-0x4-combined-method-for-encoding-shellcode-x86-2f8637d87ed9\n\nhttps://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/\n\nhttps://www.youtube.com/watch?v=vpzpuzqhOCI\n\nhttps://www.youtube.com/watch?v=IMnKb3BaUvM\n\nhttp://www-inst.eecs.berkeley.edu/~cs161/fa08/papers/stack_smashing.pdf\n\nhttps://www.youtube.com/watch?v=Y-4WHf0of6Y\n\nhttps://pastebin.com/FvWQZmB7\n\nhttps://repo.zenk-security.com/Techniques%20d.attaques%20%20.%20%20Failles/Exploit%20writing%20tutorial%20part%201-Stack%20Based%20Overflows.pdf\n\nCommand and Control (C2): Command and control consists of techniques that opponents can use to communicate with systems under their control in a network of victims. Opponents usually try to mimic normal and expected traffic to avoid detection. There are many ways in which an adversary can establish command and control with varying levels of stealth, depending on the structure of the network and the victim's defenses.\n\nhttps://medium.com/@jeremy.trinka/five-pentesting-tools-and-techniques-that-sysadmins-should-know-about-4ceca1488bff\n\nhttps://attack.mitre.org/tactics/TA0011/\n\nhttps://pentestit.com/list-of-open-source-c2-post-exploitation-frameworks/\n\nhttps://pentestlab.blog/2017/11/14/command-and-control-website/\n\nhttps://pentester.land/\n\nhttps://www.youtube.com/watch?v=bUqu8fh7xUg\n\nhttps://www.youtube.com/watch?v=eTA7weRp2yk\n\nhttps://www.youtube.com/watch?v=cK16knLi1Vk\n\nhttps://www.youtube.com/watch?v=Wk6xobVsZf4\n\nhttps://www.youtube.com/watch?v=2G5B8uhku78\n\nhttps://www.youtube.com/watch?v=S_ejYRTM8J0\n\nhttps://www.youtube.com/watch?v=_L-VW_1tYHA\n\nhttps://www.trendmicro.com/vinfo/us/security/definition/command-and-control-server\n\nhttps://www.paloaltonetworks.com/cyberpedia/command-and-control-explained\n\nWeb Attacks: Ataques avançados de injeção de SQL, Comando de Sistema, Execução de código remoto, deserialization, XSS impactante, SQL to RCE, XSS to RCE, Bypass File Extensions, IDOR, Open redirect e etc. Ataques que tem grande impactos em aplicações web.\n\nhttps://owasp.org/www-project-top-ten/\n\nhttps://github.com/infoslack/awesome-web-hacking\n\nhttps://github.com/latestalexey/awesome-web-hacking\n\nhttps://libraries.io/github/infoslack/awesome-web-hacking\n\nhttps://www.exploit-db.com/papers/13646\n\nhttps://null-byte.wonderhowto.com/how-to/advanced-techniques-bypass-defeat-xss-filters-part-1-0190257/\n\nhttps://www.youtube.com/watch?v=zs30qw4CF2U\n\nhttp://devfuria.com.br/seguranca-da-informacao/owasp-topten-2010/a02-cross-site-ing/\n\nhttps://www.youtube.com/watch?v=T-EQfydIxu4\n\nhttps://www.youtube.com/watch?v=O3hb6HV1ZQo\u0026t\n\nhttps://www.youtube.com/watch?v=FTeE3OrTNoA\u0026t=1s\n\nhttps://www.youtube.com/watch?v=0dgmeTy7X3I\n\nhttps://www.youtube.com/watch?v=L5l9lSnNMxg\n\nhttps://www.youtube.com/watch?v=eDfGpu3iE4Q\n\nhttps://github.com/pwntester/ysoserial.net\n\nhttps://www.youtube.com/watch?v=nkTBwbnfesQ\n\nhttps://medium.com/@notsoshant/a-not-so-blind-rce-with-sql-injection-13838026331e\n\nhttps://medium.com/bugbountywriteup/sql-injection-to-lfi-to-rce-536bed29a862\n\nhttps://pwnrules.com/flickr-from-sql-injection-to-rce/\n\nhttps://medium.com/@knownsec404team/the-analysis-of-mybb-18-20-from-stored-xss-to-rce-7234d7cc0e72\n\nhttps://github.com/xapax/xss-to-rce\n\nhttps://blog.ripstech.com/2019/mybb-stored-xss-to-rce/\n\nhttps://github.com/timip/OSWE\n\nhttps://github.com/nicolauns/hunter-php-java-obfuscator\n\nhttps://github.com/tholu/php-packer\n\nhttps://obfuscator.io/\n\nhttps://medium.com/nodesimplified/obfuscation-what-is-obfuscation-in-java-why-obfuscation-is-used-f6a5f5bcf022\n\nhttps://github.com/java-obfuscator/java-obfuscator\n\nhttps://owasp.org/www-pdf-archive/XML_Based_Attacks_-_OWASP.pdf\n\nhttps://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing\n\nhttps://gist.github.com/mgeeky/4f726d3b374f0a34267d4f19c9004870\n\nhttps://www.acunetix.com/blog/articles/xml-external-entity-xxe-vulnerabilities/\n\nhttps://www.netsparker.com/blog/web-security/xxe-xml-external-entity-attacks/\n\nhttps://www.exploit-db.com/docs/english/45074-file-upload-restrictions-bypass.pdf\n\nhttps://pentestlab.blog/2012/11/29/bypassing-file-upload-restrictions/\n\nhttps://www.youtube.com/watch?v=Ue3wtxR9s0E\n\nhttps://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload\n\nhttps://github.com/attackercan/REGEXP-SECURITY-CHEATSHEET\n\nhttps://nvisium.com/blog/2015/06/11/regex-regularly-exploitable.html\n\nhttps://medium.com/@somdevsangwan/exploiting-regular-expressions-2192dbbd6936\n\nhttps://portswigger.net/support/sql-injection-bypassing-common-filters\n\nhttps://owasp.org/www-community/attacks/Session_hijacking_attack\n\nhttps://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html\n\nhttps://www.youtube.com/watch?v=fxrCJNQ96Kg\n\nhttps://www.youtube.com/watch?v=OtlaTf9065w\n\nhttps://www.youtube.com/watch?v=jYcx7WtbB0A\n\nhttps://www.geeksforgeeks.org/session-hijacking/\n\nhttps://www.venafi.com/blog/what-session-hijacking\n\nhttps://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf\n\nhttps://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html\n\nhttps://www.youtube.com/watch?v=iUbqJy_MOiE\n\nhttps://www.youtube.com/watch?v=DkKUDbEt46A\n\nhttps://www.youtube.com/watch?v=Bdpc-LjmKLc\n\nhttps://portswigger.net/kb/issues/00100500_ldap-injection\n\nhttps://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/\n\nhttps://websec.files.wordpress.com/2010/11/sqli2.pdf\n\nhttps://medium.com/@Pentestit_ru/bypassing-waf-4cfa1aad16bf\n\nhttps://owasp.org/www-pdf-archive/OWASP_Stammtisch_Frankfurt_-_Web_Application_Firewall_Bypassing_-_how_to_defeat_the_blue_team_-_2015.10.29.pdf\n\nhttps://www.youtube.com/watch?v=iQqwQXHwQk0\n\nhttps://www.youtube.com/watch?v=Z8K_13jzITk\n\nhttps://www.youtube.com/watch?v=tSf_IXfuzXk\n\nhttps://www.youtube.com/watch?v=3K1-a7dnA60\u0026t\n\nhttps://www.youtube.com/watch?v=rloqMGcPMkI\n\nhttps://www.youtube.com/watch?v=4Jk_I-cw4WE\n\nhttps://www.youtube.com/watch?v=-nOih7rolX8\n\nhttps://www.youtube.com/watch?v=HZaYmeOGCmI\u0026list=PLy8t3TIwSh3tMEAjyldNNbjtTmm5G7kFl\n\nhttps://www.linkedin.com/pulse/t%C3%A9cnica-anti-forenses-para-pentesters-1-b%C3%A1sicas-dos-santos/\n\nhttps://pentester.land/list-of-bug-bounty-writeups.html\n\nhttps://www.facebook.com/ExWareLabs/\n\nhttps://twitter.com/hashtag/bugbountywriteup\n\nhttps://medium.com/search?q=bug%20bounty\n\nhttps://github.com/infoslack/awesome-web-hacking\n\nhttps://github.com/latestalexey/awesome-web-hacking\n\nhttps://awesomeopensource.com/project/infoslack/awesome-web-hacking\n\nhttps://owasp.org/www-project-top-ten/\n\nhttps://owasp.org/www-project-mobile-top-10/\n\nhttps://github.com/vaib25vicky/awesome-mobile-security\n\nhttps://www.youtube.com/results?search_query=mobile+hacking\n\nhttps://www.linkedin.com/search/results/content/?keywords=web%20attacks%20joas\u0026origin=SWITCH_SEARCH_VERTICAL\n\nhttps://www.linkedin.com/pulse/bug-bounty-como-se-tornar-um-especialista-em-ataques-web-dos-santos/\n\nhttps://www.linkedin.com/pulse/advanced-web-attacks-joas-antonio-dos-santos/\n\nhttps://www.linkedin.com/pulse/overview-da-certifica%C3%A7%C3%A3o-ewpt-elearning-web-tester-dos-santos/\n\nhttps://www.linkedin.com/pulse/overview-da-certifica%C3%A7%C3%A3o-offensive-security-web-oswe-dos-santos/\n\nhttps://www.linkedin.com/pulse/como-se-tornar-um-elliot-alderson-do-ctf-pt2-joas-antonio-dos-santos/\n\nhttps://github.com/b1n4ry4rms/RedTeam-Pentest-Cheatsheets/tree/master/OSCE\n\nhttps://tulpa-security.com/2017/07/18/288/\n\nhttps://jhalon.github.io/OSCE-Review/\n\nhttps://drive.google.com/drive/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU (My Ebooks)\n\nhttps://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/\n\nhttps://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440\n\nhttps://www.offensive-security.com/offsec/my-philosophical-approach-to-oscp/\n\nhttps://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection\n\nhttps://github.com/payloadbox/xss-payload-list\n\nhttps://medium.com/@pravinponnusamy/xss-payloads-7079c53c8559\n\nhttps://owasp.org/www-community/xss-filter-evasion-cheatsheet\n\nhttps://twitter.com/xsspayloads\n\nhttp://www.xss-payloads.com/\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n----------------------------------------------------------------------------\n\n#### Social Engineering\n\nhttps://support.rackspace.com/how-to/email-spoofing-best-practices/\n\nhttp://hackwithbrain.blogspot.com/2016/01/email-spoofing-tutorial.html\n\nhttps://www.trustzone.com/how-to-produce-a-phishing-email-in-5-minutes/\n\nhttps://www.youtube.com/watch?v=iPfL6n9TzOE (Email Spoofing)\n\nhttps://www.youtube.com/watch?v=FH3sxFl-4is (Email Intercept)\n\nhttps://dminc.com/blog/social-engineering-in-advanced-persistent-threat/\n\nhttps://www.kaspersky.com/resource-center/definitions/advanced-persistent-threats\n\nhttps://www.darkreading.com/vulnerabilities-and-threats/social-engineering-leads-apt-attack-vectors/d/d-id/1100142\n\nhttps://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack\n\nhttps://www.proofpoint.com/us/threat-reference/advanced-persistent-threat\n\nhttps://www.computerweekly.com/feature/How-to-combat-advanced-persistent-threats-APT-strategies-to-protect-your-organisation\n\n----------------------------------------------------------------------------\n\n#### Hardware Hacking\n\nhttps://www.youtube.com/watch?v=YjQhS_95t7s\n\nhttps://null-byte.wonderhowto.com/how-to/make-your-own-bad-usb-0165419/\n\nhttps://devcraze.com/tutorials/cyber-security/create-a-rubber-ducky-using-arduino/\n\nhttps://hackaday.com/tag/badusb/\n\nhttps://medium.com/@rokolabrovic/bad-arduino-leonardo-16a712faebcb\n\n----------------------------------------------------------------------------\n\n#### Labs \n\nhttps://pentesterlab.com/\n\nhttps://owasp.org/projects/\n\nhttps://www.hackthebox.eu/\n\nhttps://www.vulnhub.com/\n\nhttps://tryhackme.com/\n\nhttps://www.offensive-security.com/labs/\n\n----------------------------------------------------------------------------\n\n#### Course Platforms \n\nhttps://www.elearnsecurity.com/\n\nhttps://www.pentesteracademy.com/\n\nhttps://www.offensive-security.com/\n\nhttps://cybrary.it/\n\nhttps://www.udemy.com/\n\nhttps://www.pluralsight.com/\n\nhttps://www.udemy.com/\n\nhttps://cybrary.it/\n\n----------------------------------------------------------------------------\n\n#### Youtube Channels\n\nhttps://www.youtube.com/channel/UCxHzA-Z97sjfK3OISjkbMCQ (RoadSec)\n\nhttps://www.youtube.com/channel/UC2QgCedRNj_tLDrGWSM3GsQ (Mindthesec)\n\nhttps://www.youtube.com/channel/UCz1PsqIhim7PUqQfuXmD-Bw (Hackaflag)\n\nhttps://www.youtube.com/user/BlackHatOfficialYT (Blackhat)\n\nhttps://www.youtube.com/channel/UCqGONXW1ORgz5Y4qK-0JdkQ (Joe Grand)\n\nhttps://www.youtube.com/user/DEFCONConference (Defcon)\n\nhttps://www.youtube.com/channel/UC4dxXZQq-ofAadUWbqhoceQ (DeviantOllam)\n\nhttps://www.youtube.com/channel/UC3s0BtrBJpwNDaflRSoiieQ (Hak5)\n\nhttps://www.youtube.com/channel/UCimS6P854cQ23j6c_xst7EQ (Hacker Warehouse)\n\nhttps://www.youtube.com/channel/UCe8j61ABYDuPTdtjItD2veA (OWASP)\n\nhttps://www.youtube.com/channel/UC42VsoDtra5hMiXZSsD6eGg/featured (The Modern Rogue)\n\nhttps://www.youtube.com/channel/UC3S8vxwRfqLBdIhgRlDRVzw (Stack Mashing)\n\nhttps://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w (Live Overflow)\n\nhttps://www.youtube.com/channel/UCW6MNdOsqv2E9AjQkv9we7A (PwnFunction)\n\nhttps://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA (IppSec)\n\nhttps://www.youtube.com/channel/UCUB9vOGEUpw7IKJRoR4PK-A (Murmus CTF)\n\nhttps://www.youtube.com/channel/UCND1KVdVt8A580SjdaS4cZg (Colin Hardy)\n\nhttps://www.youtube.com/user/GynvaelEN (GynvaelEN)\n\nhttps://www.youtube.com/channel/UCBcljXmuXPok9kT_VGA3adg (Robert Baruch)\n\nhttps://www.youtube.com/channel/UCGISJ8ZHkmIv1CaoHovK-Xw (/DEV/NULL)\n\nhttps://www.youtube.com/user/RootOfTheNull (John Hammond)\n\nhttps://www.youtube.com/channel/UCDbNNYUME_pgocqarSjfNGw (Kacper)\n\nhttps://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw (The Cyber Mentor)\n\nhttps://www.youtube.com/channel/UCdNLW93OyL4lTav1pbKbyaQ (Mentorable)\n\nhttps://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA (Derek Rook)\n\nhttps://www.youtube.com/channel/UCFvueUEWRfQ9qT9UmHCw_og (Prof. Joas Antonio)\n\nhttps://www.youtube.com/user/ricardolongatto (Ricardo Longatto)\n\nhttps://www.youtube.com/user/daybsonbruno (XTREME Security)\n\nhttps://www.youtube.com/user/eduardoamaral07 (Facil Tech)\n\nhttps://www.youtube.com/channel/UC70YG2WHVxlOJRng4v-CIFQ (Gabriel Pato)\n\nhttps://www.youtube.com/user/Diolinux (Diolinux)\n\nhttps://www.youtube.com/user/greatscottlab (Great Scott!)\n\nhttps://www.youtube.com/user/esecuritytv (eSecurity)\n\nhttps://www.youtube.com/channel/UCzWPaANpPISEE_xvJm8lqHA (Cybrary)\n\nhttps://www.youtube.com/user/DanielDonda (Daniel Donda)\n\nhttps://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg (STOK)\n\nhttps://www.youtube.com/user/ZetaTwo (Calle Svensson)\n\nhttps://www.youtube.com/channel/UCNKUSu4TPk979JzMeKDXiwQ (Georgia Wedman)\n\nhttps://www.youtube.com/channel/UCqDLY9WFoJWqrhycW8cbv1Q (Manoel T)\n\nhttps://www.youtube.com/channel/UCNRM4GH-SD85WCSqeSb4xUA (Bug Bounty Public Disclousere)\n\nhttps://www.youtube.com/channel/UCwTH3RkRCIE35RJ16Nh8V8Q (Kindred)\n\nhttps://www.youtube.com/channel/UCySphP8k4rv7Jf-7v3baWIA(Vinicius Vieira)\n\nhttps://www.youtube.com/channel/UCVImyGhRATNFGPmJfxaq1dw (Bsides)\n\nhttps://www.youtube.com/user/Wraiith75 (Wraiith)\n\nhttps://www.youtube.com/user/genxweb (Michael LaSalvia)\n\nhttps://www.youtube.com/channel/UCi8P9S-PW7AF71g8Pi0W6Jw (AcadiTI)\n\nhttps://www.youtube.com/channel/UCuQ8zW9VmVyml7KytSqJDzg (Mente Binária)\n\nhttps://www.youtube.com/channel/UC_JW_5_3XnGR6IdqKmZD7Rg (Cryptoroot)\n\nhttps://www.youtube.com/user/adsecf (Guia Anônima)\n\nhttps://www.youtube.com/channel/UCXHBFtUcbhIssuuXXud2WcQ (Helvio Junior)\n\nhttps://www.youtube.com/user/securitycast (Security Cast)\n\nhttps://www.youtube.com/channel/UCcYYP7JizTd24W9Mr7FIhxw (Hack N' Roll Academy)\n\n----------------------------------------------------------------------------\n\n#### Blogs and Notices\n\nhttps://thehackernews.com/\n\nhttps://www.hackread.com/\n\nhttps://blog.eccouncil.org/\n\nhttps://acaditi.com.br/blog/\n\nhttps://www.cisoadvisor.com.br/\n\nhttps://mundohacker.net.br/\n\nhttps://olhardigital.com.br/\n\nhttps://www.digitalhealth.net/\n\nhttps://www.tecmundo.com.br/\n\nhttps://www.forbes.com/\n\nhttps://www.bbc.com/\n\nhttps://www.cisomag.com/\n\nhttps://cio.economictimes.indiatimes.com/\n\nhttps://www.kaspersky.com.br/blog/\n\nhttps://www.tripwire.com/\n\nhttps://blog.trendmicro.com.br/\n\nhttps://www.bleepingcomputer.com/\n\nhttps://thehack.com.br/\n\nhttps://cyware.com/cyber-security-news-articles\n\nhttps://threatpost.com/\n\nhttps://exchange.xforce.ibmcloud.com/\n\nhttps://www.scmagazine.com/home/security-news/\n\nhttps://www.infosecurity-magazine.com/news/\n\nhttps://www.securitymagazine.com/topics/2236-cyber-security-news\n\nhttps://www.darkreading.com/\n\nhttp://hakin9.org/\n\n----------------------------------------------------------------------------\n\n#### My Articles\n\nhttps://www.linkedin.com/pulse/base-para-ingressar-mercado-de-seguran%C3%A7a-da-joas-antonio-dos-santos/ (A base para ingressar no mercado de segurança da informação)\n\nhttps://www.linkedin.com/pulse/iniciando-e-aprimorando-sua-carreira-na-%C3%A1rea-de-soc-dos-santos/ - Iniciando e aprimorando sua carreira na área de SOC (Security Operation Center)\n\nhttps://www.linkedin.com/pulse/sou-iniciante-na-%C3%A1rea-de-seguran%C3%A7a-da-informa%C3%A7%C3%A3o-por-onde-dos-santos/ (Sou iniciante na área de segurança da informação, por onde eu devo começar?)\n\nhttps://www.linkedin.com/pulse/o-colapso-do-mercado-de-seguran%C3%A7a-da-informa%C3%A7%C3%A3o-dos-santos/ (O Colapso do Mercado de Segurança da Informação?)\n\nhttps://www.linkedin.com/pulse/como-se-qualificar-para-novas-vagas-de-seguran%C3%A7a-da-que-dos-santos/ (Como se qualificar para as novas vagas de segurança da informação que estão abrindo?)\n\nhttps://www.linkedin.com/pulse/os-requisitos-para-trabalhar-mercado-de-seguran%C3%A7a-da-dos-santos/ (Os requisitos para trabalhar no mercado de segurança da informação)\n\nhttps://www.linkedin.com/pulse/aprimorando-seu-conhecimento-para-se-tornar-um-em-da-dos-santos/ (Aprimorando seu conhecimento para se tornar um Especialista em Segurança da Informação)\n\nhttps://www.linkedin.com/pulse/forma%C3%A7%C3%A3o-completa-para-se-tornar-um-cyber-security-dos-santos/ (Formação completa para se tornar um Cyber Security Analyst)\n\nhttps://www.linkedin.com/pulse/se-tornando-um-offensive-defensive-security-joas-antonio-dos-santos/ (Se tornando um Engenheiro de Segurança Defensiva e Ofensiva)\n\nhttps://www.linkedin.com/pulse/aprimore-agora-suas-habilidades-t%C3%A9cnicas-na-%C3%A1rea-de-da-dos-santos/ (Aprimore agora suas habilidades tecnicas na área de segurança da informaçãl)\n\nhttps://www.linkedin.com/pulse/como-se-tornar-um-mestre-jedi-ctf-joas-antonio-dos-santos/ (Como se tornar um Mestre Jedi no CTF)\n\nhttps://www.linkedin.com/pulse/ser%C3%A1-que-realmente-vale-pena-gastar-dinheiro-com-na-%C3%A1rea-dos-santos/ (Vale a pena gastar dinheiro com certificação?)\n\nhttps://www.linkedin.com/pulse/qual-caminho-trilhar-na-%C3%A1rea-de-seguran%C3%A7a-da-joas-antonio-dos-santos/ (Qual caminho trilhar na área de segurança?)\n\nhttps://www.linkedin.com/pulse/aonde-eu-posso-estudar-seguran%C3%A7a-da-informa%C3%A7%C3%A3o-nessa-dos-santos/ (Aonde eu posso estudar segurança da informação?)\n\nhttps://www.linkedin.com/pulse/como-estudar-e-desenvolver-suas-habilidades-em-pt2-dos-santos/ (Como estudar e desenvolver suas habilidades em segurança da informação PT2)\n\nhttps://www.linkedin.com/pulse/como-ser-um-%C3%B3timo-profissional-de-ti-joas-antonio-dos-santos/ (Como ser um ótimo profissional de TI)\n\nhttps://www.linkedin.com/pulse/desenvolvendo-o-autodidatismo-na-%C3%A1rea-de-seguran%C3%A7a-da-dos-santos/ (Desenvolvendo o autodidatismo na área de segurança da informação)\n\nhttps://www.linkedin.com/pulse/qualquer-um-pode-trabalhar-com-seguran%C3%A7a-da-joas-antonio-dos-santos/ (Qualquer um pode trabalhar com segurança da informação)\n\nhttps://www.linkedin.com/pulse/guia-b%C3%A1sico-sobre-soc-security-operation-center-dos-santos/ (Guia básico sobre SOC - Security Operation Center)\n\nhttps://www.linkedin.com/pulse/como-estudar-para-certifica%C3%A7%C3%B5es-sem-dinheiro-pt1-dos-santos/ (Como estudar para certificações sem dinheiro PT1)\n\nhttps://www.linkedin.com/pulse/construa-seu-laborat%C3%B3rio-de-seguran%C3%A7a-da-informa%C3%A7%C3%A3o-e-dos-santos/ (Construa seu laboratorio de segurança da informação)\n\nhttps://www.linkedin.com/pulse/fundamentos-qual-real-necessidade-de-aprender-joas-antonio-dos-santos/ (Fundamentos qual a real necessidade de aprender?)\n\nhttps://www.linkedin.com/pulse/como-ingressar-mercado-de-seguran%C3%A7a-da-informa%C3%A7%C3%A3o-dos-santos/ (Como ingressar no mercado de segurança da informação?)\n\nhttps://www.linkedin.com/pulse/se-tornando-um-pentester-ou-hacker-n%C3%ADvel-elliot-dos-santos/ (Se tornando um Hacker ou PenTest nivel Elliot)\n\nhttps://www.linkedin.com/pulse/desenvolvendo-suas-habilidades-em-seguran%C3%A7a-da-dos-santos/ (Desenvolvendo suas habilidades em segurança da informação)\n\nhttps://www.linkedin.com/pulse/expandindo-sua-mente-para-se-tornar-um-mestre-na-arte-dos-santos/ (Expandindo sua mente para se tornar um mestre na arte de PenTest)\n\nhttps://www.linkedin.com/pulse/como-ser-um-mestre-jedi-na-%C3%A1rea-de-seguran%C3%A7a-da-dos-santos/ (Como ser um mestre jedi na área de segurança da informação)\n\nhttps://www.linkedin.com/pulse/como-aproveitar-o-hack-box-para-seu-desenvolvimento-dos-santos/ (Como aproveitar o Hack the Box para seu desenvolvimento pessoal?)\n\nhttps://www.linkedin.com/pulse/estou-perdido-por-onde-come%C3%A7ar-na-%C3%A1rea-de-seguran%C3%A7a-da-dos-santos/ (Estou perdido! Por onde começar na área de segurança)\n\nhttps://www.linkedin.com/pulse/pentest-z3r0-h3r0-1-joas-antonio-dos-santos/ (PenTest Z3R0 TO H3R0)\n\nhttps://www.linkedin.com/pulse/como-se-tornar-um-elliot-alderson-ctf-joas-antonio-dos-santos/ (Como se tornar um elliot alderson no CTF\n\nhttps://www.linkedin.com/pulse/entenda-o-ataque-do-primeiro-epis%C3%B3dio-de-mr-robot-dos-santos-/ (Entenda o primeiro ataque da série Mr. Robot - Bônus)\n\nhttps://www.linkedin.com/pulse/tudo-sobre-profiss%C3%A3o-analista-de-seguran%C3%A7a-da-dos-santos-/ (Tudo sobre a profissão de analista de segurança da informação)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fawesome-pentest-practice","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcybersecurityup%2Fawesome-pentest-practice","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fawesome-pentest-practice/lists"}