Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/x0x8x/awesome-pentester
Awestome list of pentesting resources.
https://github.com/x0x8x/awesome-pentester
List: awesome-pentester
Last synced: 16 days ago
JSON representation
Awestome list of pentesting resources.
- Host: GitHub
- URL: https://github.com/x0x8x/awesome-pentester
- Owner: x0x8x
- License: cc0-1.0
- Created: 2016-11-25T00:55:57.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2023-10-19T17:54:32.000Z (about 1 year ago)
- Last Synced: 2024-05-21T17:08:23.104Z (7 months ago)
- Homepage: https://projects.miguelpiedrafita.com/awesome-pentester/
- Size: 85.9 KB
- Stars: 113
- Watchers: 7
- Forks: 29
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Contributing: contributing.md
- License: LICENSE
- Code of conduct: code-of-conduct.md
Awesome Lists containing this project
- ultimate-awesome - awesome-pentester - Awestome list of pentesting resources. (Other Lists / Monkey C Lists)
README
# Awesome Pentest [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
[](https://projects.miguelpiedrafita.com/awesome-pentester/)
> A collection of awesome penetration testing resources
## Contents:
* Online Resources
* Penetration Testing Resources
* Tools
* Penetration Testing Distributions
* Basic Penetration Testing Tools
* Vulnerability Scanners
* Network Tools
* Wireless Network Tools
* SSL Analysis Tools
* Web exploitation
* Social Engineering Tools
* OSInt Tools
* Anonymity Tools
* Reverse Engineering Tools
* CTF Tools
* Books
* Penetration Testing Books
* Hackers Handbook Series
* Network Analysis Books
* Reverse Engineering Books
* Malware Analysis Books
* Windows Books
* Social Engineering Books
* Lock Picking Books
* Vulnerability Databases
* Security Courses
* Information Security Conferences
* Awesome Lists## Online resources:
* **Penetration Testing Resources**
* [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/) \- Free Offensive Security metasploit course
* [PTES](http://www.pentest-standard.org/index.php/Main_Page) \- Penetration Testing Execution Standard
* [OWASP](https://www.owasp.org/index.php/Main_Page) \- Open Web Application Security Project## Tools:
* **Penetration Testing Distributions**
* [Kali](https://www.kali.org/) \- A Linux distribution designed for digital forensics and penetration testing
* [ArchStrike](https://archstrike.org/) \- An Arch Linux repository for security professionals and enthusiasts
* [BlackArch](http://www.blackarch.org/) \- Arch Linux-based distribution for penetration testers and security researchers
* [NST](http://networksecuritytoolkit.org/nst/index.html) \- Network Security Toolkit distribution
* [Pentoo](http://www.pentoo.ch/) \- Security-focused livecd based on Gentoo
* [BackBox](https://backbox.org/) \- Ubuntu-based distribution for penetration tests and security assessments
* [Parrot](https://www.parrotsec.org/) \- A distribution similar to Kali, with multiple architecture* **Basic Penetration Testing Tools**
* [Metasploit Framework](https://www.metasploit.com/) \- World's most used penetration testing software
* [Burp Suite](https://portswigger.net/burp/) \- An integrated platform for performing security testing of web applications
* [ExploitPack](http://exploitpack.com/) \- Graphical tool for penetration testing with a bunch of exploits
* [BeeF](https://github.com/beefproject/beef) \- The Browser Exploitation Framework Project
* [faraday](https://github.com/infobyte/faraday) \- Collaborative Penetration Test and Vulnerability Management Platform
* [evilgrade](https://github.com/infobyte/evilgrade) \- The update explotation framework
* [commix](https://github.com/commixproject/commix) \- Automated All-in-One OS Command Injection and Exploitation Tool
* [routersploit](https://github.com/reverse-shell/routersploit) \- Automated penetration testing software for router* **Vulnerability Scanners**
* [Netsparker](https://www.netsparker.com/) \- Web Application Security Scanner
* [Nexpose](https://www.rapid7.com/products/nexpose/) \- Vulnerability Management & Risk Management Software
* [Nessus](http://www.tenable.com/products/nessus-vulnerability-scanner) \- Vulnerability, configuration, and compliance assessment
* [Nikto](https://cirt.net/nikto2) \- Web application vulnerability scanner
* [OpenVAS](http://www.openvas.org/) \- Open Source vulnerability scanner and manager
* [OWASP Zed Attack Proxy](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) \- Penetration testing tool for web applications
* [Secapps](https://secapps.com/) \- Integrated web application security testing environment
* [w3af](https://github.com/andresriancho/w3af) \- Web application attack and audit framework
* [Wapiti](http://wapiti.sourceforge.net/) \- Web application vulnerability scanner
* [WebReaver](http://www.webreaver.com/) \- Web application vulnerability scanner for Mac OS X
* [DVCS Ripper](https://github.com/kost/dvcs-ripper) \- Rip web accessible (distributed) version control systems: SVN/GIT/HG/BZR
* [arachni](https://github.com/Arachni/arachni) \- Web Application Security Scanner Framework* **Network Tools**
* [nmap][32] \- Free Security Scanner For Network Exploration & Security Audits
* [pig][33] \- A Linux packet crafting tool
* [tcpdump/libpcap][34] \- A common packet analyzer that runs under the command line
* [Wireshark][35] \- A network protocol analyzer for Unix and Windows
* [Network Tools][36] \- Different network tools: ping, lookup, whois, etc
* [netsniff-ng][37] \- A Swiss army knife for for network sniffing
* [Intercepter-NG][38] \- a multifunctional network toolkit
* [SPARTA][39] \- Network Infrastructure Penetration Testing Tool
* [dnschef][40] \- A highly configurable DNS proxy for pentesters
* [DNSDumpster][41] \- Online DNS recon and search service
* [dnsenum][42] \- Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results
* [dnsmap][43] \- Passive DNS network mapper
* [dnsrecon][44] \- DNS Enumeration Script
* [dnstracer][45] \- Determines where a given DNS server gets its information from, and follows the chain of DNS servers
* [passivedns-client][46] \- Provides a library and a query tool for querying several passive DNS providers
* [passivedns][47] \- A network sniffer that logs all DNS server replies for use in a passive DNS setup
* [Mass Scan][48] \- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
* [Zarp][49] \- Zarp is a network attack tool centered around the exploitation of local networks
* [mitmproxy][50] \- An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
* [mallory][51] \- HTTP/HTTPS proxy over SSH
* [Netzob][52] \- Reverse engineering, traffic generation and fuzzing of communication protocols
* [DET][53] \- DET is a proof of concept to perform Data Exfiltration using either single or multiple channel(s) at the same time
* [pwnat][54] \- punches holes in firewalls and NATs
* [dsniff][55] \- a collection of tools for network auditing and pentesting
* [tgcd][56] \- a simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls
* [smbmap][57] \- a handy SMB enumeration tool
* [scapy][58] \- a python-based interactive packet manipulation program & library* **Wireless Network Tools**
* [Aircrack-ng][59] \- a set of tools for auditing wireless network
* [Fluxion][193] \- proffessional wifi cracker that combines traditional wifi hacking and social engineering
* [Kismet][60] \- Wireless network detector, sniffer, and IDS
* [Reaver][61] \- Brute force attack against Wifi Protected Setup
* [Wifite][62] \- Automated wireless attack tool
* [wifiphisher][63] \- Automated phishing attacks against Wi-Fi networks* **SSL Analysis Tools**
* [SSLyze][64] \- SSL configuration scanner
* [sslstrip][65] \- a demonstration of the HTTPS stripping attacks
* [sslstrip2][66] \- SSLStrip version to defeat HSTS
* [tls_prober][67] \- fingerprint a server's SSL/TLS implementation* **Web exploitation**
* [WPScan][68] \- Black box WordPress vulnerability scanner
* [SQLmap][69] \- Automatic SQL injection and database takeover tool
* [weevely3][70] \- Weaponized web shell
* [Wappalyzer][71] \- Wappalyzer uncovers the technologies used on websites
* [cms-explorer][72] \- CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
* [joomscan][73] \- Joomla CMS scanner
* [WhatWeb][74] \- Website Fingerprinter
* [BlindElephant][75] \- Web Application Fingerprinter
* [fimap][76] \- Find, prepare, audit, exploit and even google automatically for LFI/RFI bugs
* [Kadabra][77] \- Automatic LFI exploiter and scanner
* [Kadimus][78] \- LFI scan and exploit tool
* [liffy][79] \- LFI exploitation tool* [LOIC][80] \- An open source network stress tool for Windows
* [JS LOIC][81] \- JavaScript in-browser version of LOIC
* [T50][82] \- The more fast network stress tool* **Social Engineering Tools**
* [SET][83] \- The Social-Engineer Toolkit from TrustedSec* **OSInt Tools**
* [Maltego][84] \- Proprietary software for open source intelligence and forensics, from Paterva.
* [theHarvester][85] \- E-mail, subdomain and people names harvester
* [creepy][86] \- A geolocation OSINT tool
* [metagoofil][87] \- Metadata harvester
* [Google Hacking Database][88] \- a database of Google dorks; can be used for recon
* [Censys][89] \- Collects data on hosts and websites through daily ZMap and ZGrab scans
* [Shodan][90] \- Shodan is the world's first search engine for Internet-connected devices
* [ZoomEye][91] \- A cyberspace search engine for Internet-connected devices and websites using Xmap and Wmap
* [recon-ng][92] \- A full-featured Web Reconnaissance framework written in Python
* [github-dorks][93] \- CLI tool to scan github repos/organizations for potential sensitive information leak* **Anonymity Tools**
* [Tor][94] \- The free software for enabling onion routing online anonymity
* [I2P][95] \- The Invisible Internet Project
* [Nipe][96] \- Script to redirect all traffic from the machine to the Tor network.* **Reverse Engineering Tools**
* [IDA Pro][97] \- A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
* [IDA Free][98] \- The freeware version of IDA v5.0
* [WDK/WinDbg][99] \- Windows Driver Kit and WinDbg
* [OllyDbg][100] \- An x86 debugger that emphasizes binary code analysis
* [Radare2][101] \- Opensource, crossplatform reverse engineering framework.
* [x64_dbg][102] \- An open-source x64/x32 debugger for windows.
* [Pyew][103] \- A Python tool for static malware analysis.
* [Bokken][104] \- GUI for Pyew Radare2.
* [Immunity Debugger][105] \- A powerful new way to write exploits and analyze malware
* [Evan's Debugger][106] \- OllyDbg-like debugger for Linux
* [Medusa disassembler][107] \- An open source interactive disassembler
* [plasma][108] \- Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.* **CTF Tools**
* [Pwntools][109] \- CTF framework for use in CTFs## Books:
* **Penetration Testing Books**
* [The Art of Exploitation by Jon Erickson, 2008][110]
* [Metasploit: The Penetration Tester's Guide by David Kennedy et al., 2011][111]
* [Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014][112]
* [Rtfm: Red Team Field Manual by Ben Clark, 2014][113]
* [The Hacker Playbook by Peter Kim, 2014][114]
* [The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013][115]
* [Professional Penetration Testing by Thomas Wilhelm, 2013][116]
* [Advanced Penetration Testing for Highly-Secured Environments by Lee Allen, 2012][117]
* [Violent Python by TJ O'Connor, 2012][118]
* [Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton et al., 2007][119]
* [Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz, 2014][120]
* [Penetration Testing: Procedures & Methodologies by EC-Council, 2010][121]
* [Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp, 2010][122]
* [Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization by Tyler Wrightson, 2014][123]
* [Bug Hunter's Diary by Tobias Klein, 2011][124]* **Hackers Handbook Series**
* [The Database Hacker's Handbook, David Litchfield et al., 2005][125]
* [The Shellcoders Handbook by Chris Anley et al., 2007][126]
* [The Mac Hacker's Handbook by Charlie Miller & Dino Dai Zovi, 2009][127]
* [The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011][128]
* [iOS Hackers Handbook by Charlie Miller et al., 2012][129]
* [Android Hackers Handbook by Joshua J. Drake et al., 2014][130]
* [The Browser Hackers Handbook by Wade Alcorn et al., 2014][131]
* [The Mobile Application Hackers Handbook by Dominic Chell et al., 2015][132]
* [Car Hacker's Handbook by Craig Smith, 2016][133]## Information Security Conferences:
* [DEF CON][134] \- An annual hacker convention in Las Vegas
* [Black Hat][135] \- An annual security conference in Las Vegas
* [BSides][136] \- A framework for organising and holding security conferences
* [CCC][137] \- An annual meeting of the international hacker scene in Germany
* [DerbyCon][138] \- An annual hacker conference based in Louisville
* [PhreakNIC][139] \- A technology conference held annually in middle Tennessee
* [ShmooCon][140] \- An annual US east coast hacker convention
* [CarolinaCon][141] \- An infosec conference, held annually in North Carolina
* [HOPE][142] \- A conference series sponsored by the hacker magazine 2600
* [SummerCon][143] \- One of the oldest hacker conventions, held during Summer
* [Hack.lu][144] \- An annual conference held in Luxembourg
* [HITB][145] \- Deep-knowledge security conference held in Malaysia and The Netherlands
* [Hack3rCon][147] \- An annual US hacker conference
* [ThotCon][148] \- An annual US hacker conference held in Chicago
* [LayerOne][149] \- An annual US security conference held every spring in Los Angeles
* [DeepSec][150] \- Security Conference in Vienna, Austria
* [SkyDogCon][151] \- A technology conference in Nashville
* [SECUINSIDE][152] \- Security Conference in [Seoul][153]
* [DefCamp][154] \- Largest Security Conference in Eastern Europe, held anually in Bucharest, Romania
* [AppSecUSA][155] \- An annual conference organised by OWASP
* [BruCON][156] \- An annual security conference in Belgium
* [Infosecurity Europe][157] \- Europe's number one information security event, held in London, UK
* [Nullcon][158] \- An annual conference in Delhi and Goa, India
* [RSA Conference USA][159] \- An annual security conference in San Francisco, California, USA
* [Swiss Cyber Storm][160] \- An annual security conference in Lucerne, Switzerland
* [Virus Bulletin Conference][161] \- An annual conference going to be held in Denver, USA for 2016
* [Ekoparty][162] \- Largest Security Conference in Latin America, held annually in Buenos Aires, Argentina
* [44Con][163] \- Annual Security Conference held in London
* [BalCCon][164] \- Balkan Computer Congress, annualy held in Novi Sad, Serbia
* [FSec][165] \- FSec - Croatian Information Security Gathering in Varaždin, Croatia## Awesome lists:
* [Kali Linux Tools][166] \- List of tools present in Kali Linux
* [SecTools][167] \- Top 125 Network Security Tools
* [C/C++ Programming][168] \- One of the main language for open source security tools
* [.NET Programming][169] \- A software framework for Microsoft Windows platform development
* [Shell Scripting][170] \- Command-line frameworks, toolkits, guides and gizmos
* [Ruby Programming by @dreikanter][171] \- The de-facto language for writing exploits
* [Ruby Programming by @markets][172] \- The de-facto language for writing exploits
* [Ruby Programming by @Sdogruyol][173] \- The de-facto language for writing exploits
* [JavaScript Programming][174] \- In-browser development and scripting
* [Node.js Programming by @sindresorhus][175] \- JavaScript in command-line
* [Node.js Programming by @vndmtrx][176] \- JavaScript in command-line
* [Python tools for penetration testers][177] \- Lots of pentesting tools are written in Python
* [Python Programming by @svaksha][178] \- General Python programming
* [Python Programming by @vinta][179] \- General Python programming
* [Android Security][180] \- A collection of android security related resources
* [Awesome Awesomness][181] \- The List of the Lists
* [AppSec][182] \- Resources for learning about application security
* [CTFs][183] \- Capture The Flag frameworks, libraries, etc
* [Hacking][184] \- Tutorials, tools, and resources
* [Honeypots][185] \- Honeypots, tools, components, and more
* [Infosec][186] \- Information security resources for pentesting, forensics, and more
* [Malware Analysis][187] \- Tools and resources for analysts
* [PCAP Tools][188] \- Tools for processing network traffic
* [Security][189] \- Software, libraries, documents, and other resources
* [Awesome List][190] \- A curated list of awesome lists
* [SecLists][191] \- Collection of multiple types of lists used during security assessments
* [Security Talks][192] \- A curated list of security conferences[20]: https://www.netsparker.com/
[21]: https://www.rapid7.com/products/nexpose/
[22]: http://www.tenable.com/products/nessus-vulnerability-scanner
[23]: https://cirt.net/nikto2
[24]: http://www.openvas.org/
[25]: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
[26]: https://secapps.com/
[27]: https://github.com/andresriancho/w3af
[28]: http://wapiti.sourceforge.net/
[29]: http://www.webreaver.com/
[30]: https://github.com/kost/dvcs-ripper
[31]: https://github.com/Arachni/arachni
[32]: https://nmap.org/
[33]: https://github.com/rafael-santiago/pig
[34]: http://www.tcpdump.org/
[35]: https://www.wireshark.org/
[36]: http://network-tools.com/
[37]: https://github.com/netsniff-ng/netsniff-ng
[38]: https://github.com/intercepter-ng/mirror
[39]: http://sparta.secforce.com/
[40]: http://thesprawl.org/projects/dnschef/
[41]: https://dnsdumpster.com/
[42]: https://github.com/fwaeytens/dnsenum/
[43]: https://github.com/makefu/dnsmap/
[44]: https://github.com/darkoperator/dnsrecon/
[45]: http://www.mavetju.org/unix/dnstracer.php
[46]: https://github.com/chrislee35/passivedns-client
[47]: https://github.com/gamelinux/passivedns
[48]: https://github.com/robertdavidgraham/masscan
[49]: https://github.com/hatRiot/zarp
[50]: https://github.com/mitmproxy/mitmproxy
[51]: https://github.com/justmao945/mallory
[52]: https://github.com/netzob/netzob
[53]: https://github.com/sensepost/DET
[54]: https://github.com/samyk/pwnat
[55]: https://www.monkey.org/~dugsong/dsniff/
[56]: http://tgcd.sourceforge.net/
[57]: https://github.com/ShawnDEvans/smbmap
[58]: https://github.com/secdev/scapy
[59]: http://www.aircrack-ng.org/
[60]: https://kismetwireless.net/
[61]: https://code.google.com/archive/p/reaver-wps
[62]: https://github.com/derv82/wifite
[63]: https://github.com/sophron/wifiphisher
[64]: https://github.com/nabla-c0d3/sslyze
[65]: https://moxie.org/software/sslstrip/
[66]: https://github.com/LeonardoNve/sslstrip2
[67]: https://github.com/WestpointLtd/tls_prober
[68]: https://wpscan.org/
[69]: http://sqlmap.org/
[70]: https://github.com/epinna/weevely3
[71]: https://wappalyzer.com/
[72]: https://code.google.com/archive/p/cms-explorer/
[73]: https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project
[74]: https://github.com/urbanadventurer/WhatWeb
[75]: http://blindelephant.sourceforge.net/
[76]: https://github.com/kurobeats/fimap
[77]: https://github.com/D35m0nd142/Kadabra
[78]: https://github.com/P0cL4bs/Kadimus
[79]: https://github.com/hvqzao/liffy
[80]: https://github.com/NewEraCracker/LOIC/
[81]: http://metacortexsecurity.com/tools/anon/LOIC/LOICv1.html
[82]: https://sourceforge.net/projects/t50/
[83]: https://github.com/trustedsec/social-engineer-toolkit
[84]: https://www.paterva.com/web7/
[85]: https://github.com/laramies/theHarvester
[86]: https://github.com/ilektrojohn/creepy
[87]: https://github.com/laramies/metagoofil
[88]: https://www.exploit-db.com/google-hacking-database/
[89]: https://www.censys.io/
[90]: https://www.shodan.io/
[91]: https://www.zoomeye.org
[92]: https://bitbucket.org/LaNMaSteR53/recon-ng
[93]: https://github.com/techgaun/github-dorks
[94]: https://www.torproject.org/
[95]: https://geti2p.net/en/
[96]: https://github.com/GouveaHeitor/nipe
[97]: https://www.hex-rays.com/products/ida/
[98]: https://www.hex-rays.com/products/ida/support/download_freeware.shtml
[99]: https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit
[100]: http://www.ollydbg.de/
[101]: http://rada.re/r/index.html
[102]: http://x64dbg.com/
[103]: https://github.com/joxeankoret/pyew
[104]: https://github.com/inguma/bokken
[105]: http://debugger.immunityinc.com/
[106]: http://www.codef00.com/projects#debugger
[107]: https://github.com/wisk/medusa
[108]: https://github.com/joelpx/plasma
[109]: https://github.com/Gallopsled/pwntools
[110]: https://www.nostarch.com/hacking2.htm
[111]: https://www.nostarch.com/metasploit
[112]: https://www.nostarch.com/pentesting
[113]: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/
[114]: https://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1494932636/
[115]: https://www.elsevier.com/books/the-basics-of-hacking-and-penetration-testing/engebretson/978-1-59749-655-1
[116]: https://www.elsevier.com/books/professional-penetration-testing/wilhelm/978-1-59749-993-4
[117]: https://www.packtpub.com/networking-and-servers/advanced-penetration-testing-highly-secured-environments-ultimate-security-gu
[118]: https://www.elsevier.com/books/violent-python/unknown/978-1-59749-957-6
[119]: http://www.fuzzing.org/
[120]: http://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900
[121]: http://www.amazon.com/Penetration-Testing-Procedures-Methodologies-EC-Council/dp/1435483677
[122]: http://www.amazon.com/Unauthorised-Access-Physical-Penetration-Security-ebook/dp/B005DIAPKE
[123]: http://www.amazon.com/Advanced-Persistent-Threat-Hacking-Organization/dp/0071828362
[124]: https://www.nostarch.com/bughunter
[125]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-0764578014.html
[126]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-047008023X.html
[127]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-0470395362.html
[128]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118026470.html
[129]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118204123.html
[130]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-111860864X.html
[131]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118662091.html
[132]: http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118958500.html
[133]: https://www.nostarch.com/carhacking
[134]: https://www.defcon.org/
[135]: http://www.blackhat.com/
[136]: http://www.securitybsides.com/w/page/12194156/FrontPage
[137]: https://events.ccc.de/congress/
[138]: https://www.derbycon.com/
[139]: http://phreaknic.info/
[140]: http://shmoocon.org/
[141]: http://www.carolinacon.org/
[142]: https://hope.net/
[143]: http://www.summercon.org/
[144]: https://2016.hack.lu/
[145]: https://conference.hitb.org/
[146]: https://www.troopers.de/troopers17/
[147]: http://hack3rcon.org/
[148]: http://thotcon.org/
[149]: http://www.layerone.org/
[150]: https://deepsec.net/
[151]: http://www.skydogcon.com/
[152]: http://secuinside.com/
[153]: https://en.wikipedia.org/wiki/Seoul
[154]: https://def.camp/
[155]: https://appsecusa.org/
[156]: http://2016.brucon.org/index.php/Main_Page
[157]: http://www.infosecurityeurope.com/
[158]: http://nullcon.net/website/
[159]: https://www.rsaconference.com/
[160]: https://www.swisscyberstorm.com/
[161]: https://www.virusbulletin.com/conference/vb2017/
[162]: http://www.ekoparty.org/
[163]: https://44con.com/
[164]: https://2k16.balccon.org/index.php?title=Main_Page
[165]: http://fsec.foi.hr/
[166]: http://tools.kali.org/tools-listing
[167]: http://sectools.org/
[168]: https://github.com/fffaraz/awesome-cpp
[169]: https://github.com/quozd/awesome-dotnet
[170]: https://github.com/alebcay/awesome-shell
[171]: https://github.com/dreikanter/ruby-bookmarks
[172]: https://github.com/markets/awesome-ruby
[173]: https://github.com/Sdogruyol/awesome-ruby
[174]: https://github.com/sorrycc/awesome-javascript
[175]: https://github.com/sindresorhus/awesome-nodejs
[176]: https://github.com/vndmtrx/awesome-nodejs
[177]: https://github.com/dloss/python-pentest-tools
[178]: https://github.com/svaksha/pythonidae
[179]: https://github.com/vinta/awesome-python
[180]: https://github.com/ashishb/android-security-awesome
[181]: https://github.com/bayandin/awesome-awesomeness
[182]: https://github.com/paragonie/awesome-appsec
[183]: https://github.com/apsdehal/awesome-ctf
[184]: https://github.com/carpedm20/awesome-hacking
[185]: https://github.com/paralax/awesome-honeypots
[186]: https://github.com/onlurking/awesome-infosec
[187]: https://github.com/rshipp/awesome-malware-analysis
[188]: https://github.com/caesar0301/awesome-pcaptools
[189]: https://github.com/sbilly/awesome-security
[190]: https://github.com/sindresorhus/awesome
[191]: https://github.com/danielmiessler/SecLists
[192]: https://github.com/PaulSec/awesome-sec-talks
[193]: https://github.com/deltaxflux/fluxion