Awesome-Hacking-Resources

A collection of hacking / penetration testing resources to make you better!
https://github.com/vitalysim/Awesome-Hacking-Resources

Last synced: 11 days ago
JSON representation

Star History
- 📰 Online News Sources
  - ![Star History Chart - history.com/#vitalysim/Awesome-Hacking-Resources&Date)
Table of Contents
- 🤖 AI Security / AI Red Teaming
  - HTB AI Red Teamer Path - role path (built with Google). Modules on prompt injection, model privacy attacks, adversarial AI, supply chain, deployment threats. Hands-on labs against real systems.
  - OWASP Top 10 for LLM Applications - class taxonomy: prompt injection, sensitive info disclosure, supply chain, model poisoning, excessive agency, system prompt leakage, and more.
  - OWASP ML Security Top 10
  - MITRE ATLAS - world case studies). The ATT&CK for AI.
  - Garak - source LLM vulnerability scanner. Probes for prompt injection, jailbreaks, data leakage, hallucination, toxicity.
  - PyRIT - turn attack orchestration.
  - Promptfoo - team + eval framework with 100+ attack types.
  - DeepTeam - team framework mapped to OWASP LLM Top 10; 50+ vulnerabilities, 20+ adversarial methods.
  - LLMFuzzer
  - promptmap - injection vulnerability scanner.
  - Adversarial Robustness Toolbox (ART)
  - CleverHans
  - AI Exploits (Protect AI)
  - Gandalf (Lakera) - level prompt-injection challenge; the "OverTheWire" of LLM hacking.
  - HackAPrompt - injection CTF; dataset of 600k+ real jailbreak submissions.
  - 0DIN (Mozilla)
  - huntr
  - Embrace The Red - ups of real-world LLM and agent exploitation.
  - Simon Willison — prompt injection
  - 0DIN Blog - ups of real AI vulnerabilities from Mozilla's bug-bounty program.
  - Indirect Prompt Injection (Greshake et al.)
  - HackerOne x HTB AI Red Team CTF debrief
  - corca-ai/awesome-llm-security - starred LLM security awesome list.
  - PromptLabs/Prompt-Hacking-Resources
  - jiep/offensive-ai-compilation - oriented curation: AI-powered attacks, plus attacks against AI.
- Archived Security Conference Videos
  - InfoCon.org
  - Irongeek
  - infocondb.org - reference all hacker conferences.
- Exploits
- Forums
- 📚 Learning the Skills
  - Hopper's Roppers Security Training - paced courses on Computing Fundamentals, Security, Capture the Flags, and a Practical Skills Bootcamp that help beginners build a strong base of foundational knowledge. Designed to prepare for students for whatever they need to learn next.
- Learning the Skills
  - CS 642: Intro to Computer Security
  - Cybrary - contributed content, account required, content can be filtered by experience level
  - Free Cyber Security Training
  - Learning Exploitation with Offensive Computer Security 2.0 - style instruction, includes: slides, videos, homework, discussion. No login required.
  - Mind Maps
  - SecurityTube - styled content, "megaprimer" videos covering various topics, no readable content on site.
  - Seed Labs
  - TryHackMe
  - Hopper's Roppers Security Training - paced courses on Computing Fundamentals, Security, Capture the Flags, and a Practical Skills Bootcamp that help beginners build a strong base of foundational knowledge. Designed to prepare for students for whatever they need to learn next.
  - CyberSec WTF - ups
  - OffensiveComputerSecurity
  - CS 642: Intro to Computer Security
  - Learning Exploitation with Offensive Computer Security 2.0 - style instruction, includes: slides, videos, homework, discussion. No login required.
- Linux Penetration Testing OS
  - Android Tamer
  - BackBox
  - BlackArch
  - Bugtraq - testing technology
  - LionSec Linux
  - Parrot
  - Pentoo
  - Bugtraq - testing technology
  - Docker for pentest
  - BackBox
- Malware Analysis
  - Malware Analysis - CSCI 4976
- Network Scanning / Reconnaissance
- Online Communities
  - Hacktoday
  - Hack+
  - MPGH
  - MPGH
- 📰 Online News Sources
  - Hashes.com Hash Lookup
  - Infostealers by Hudson Rock - around hub with news and publications about Infostealers
- Online News Sources
- 🕵️ OSINT
  - theHarvester - mail, subdomain, host and people-name harvester using public sources
  - Maltego CE - based link-analysis platform for OSINT and forensics; Community Edition is free
  - Recon-ng - featured web reconnaissance framework written in Python
  - SpiderFoot
  - Intel Techniques Tools
  - Google Hacking Database - DB's curated Google dorks database for recon
  - github-dorks
  - metagoofil
  - Sherlock
  - Maigret - style username enumeration across 3000+ sites with profile-data extraction
  - Holehe - reset flows
  - GHunt
  - Blackbird
  - h8mail - credential hunting (HIBP, Snusbase, Leak-Lookup integrations)
  - PhoneInfoga
  - Photon
  - Amass - depth attack-surface mapping and external asset discovery
  - Subfinder
  - cloud_enum
  - reconFTW - to-end recon automation chaining 50+ tools for subdomains, vulns, and OSINT
  - IntelOwl
  - OSINT Framework - based directory of OSINT resources organised by data type
  - Have I Been Pwned
  - Hunter.io
  - Carbon14
- ⬆️ Privilege Escalation
  - Windows Local Privilege Escalation (HackTricks) - to-date checklist of Windows privilege escalation vectors
  - Linux Privilege Escalation (HackTricks)
- Privilege Escalation
- 🧬 Reverse Engineering, Buffer Overflow and Exploit Development
  - Reverse Engineering for Beginners (book site)
  - Shell storm
- Reverse Engineering, Buffer Overflow and Exploit Development

Programming Languages

Python 26 Shell 3 Go 3 HTML 2 Jupyter Notebook 2 TypeScript 2 C 1 Batchfile 1 JavaScript 1

Categories

Table of Contents 384 Star History 1

Sub Categories

YouTube Channels 88 Sharpening Your Skills 51 Privilege Escalation 47 Forums 44 Reverse Engineering, Buffer Overflow and Exploit Development 27 🤖 AI Security / AI Red Teaming 25 🕵️ OSINT 25 Learning the Skills 13 Linux Penetration Testing OS 10 Vulnerable Web Application 10 🎯 Sharpening Your Skills 9 Online News Sources 5 Vulnerable OS 5 Exploits 4 Online Communities 4 Network Scanning / Reconnaissance 3 📰 Online News Sources 3 Archived Security Conference Videos 3 🎥 YouTube Channels 2 🧬 Reverse Engineering, Buffer Overflow and Exploit Development 2 ⬆️ Privilege Escalation 2 Malware Analysis 1 📚 Learning the Skills 1 🌐 Vulnerable Web Application 1

Keywords

osint 15 python 9 information-gathering 7 pentesting 7 hacking 6 cybersecurity 6 security 6 recon 5 reconnaissance 5 llm 4 ctf 3 security-tools 3 osint-python 3 redteam 3 dns 2 ai-security 2 google 2 bugbounty 2 prompt-engineering 2 subdomain-enumeration 2 penetration-testing 2 adversarial-machine-learning 2 artificial-intelligence 2 social-network 2 ai 2 blueteam 2 owasp 2 machine-learning 2 email 2 investigation 2 open-source-intelligence 2 osint-reconnaissance 2 threat-intelligence 2 cti 2 subdomain 2 infosec 2 linux 2 python3 2 sherlock 2 threatintel 2 emails 2 enumeration 2 osint-framework 2 adversarial-examples 1 crawler 1 adversarial-attacks 1 spider 1 ioc 1 intel-owl 1 incident-response 1

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

Awesome-Hacking-Resources

Star History

📰 Online News Sources

Table of Contents

🤖 AI Security / AI Red Teaming

Archived Security Conference Videos

Exploits

Forums

📚 Learning the Skills

Learning the Skills

Linux Penetration Testing OS

Malware Analysis

Network Scanning / Reconnaissance

Online Communities

📰 Online News Sources

Online News Sources

🕵️ OSINT

⬆️ Privilege Escalation

Privilege Escalation

🧬 Reverse Engineering, Buffer Overflow and Exploit Development

Reverse Engineering, Buffer Overflow and Exploit Development