All kinds of infosec related stuff to read goes here.

We have

• Tutorials
• Cool blogs
• Nice articles
• … and more…

Contributing

If you have any cool content, please link to it via a PR. Original repo

The actual stuff

Yet to organize

• 2000 cuts with Binary Ninja
• Knowing your Binary! – blog by Akash Trehan
• Writing your own shellcode – blog by Paras Chetal
• Cache Attacks Enable Bulk Key Recovery on the Cloud
• Diving into r2
• CMU Binary Bomb – r2 and angr
• Sour Pickles – Python pickle problems
• Sonic Hacking Utilities
• GDB Example ncurses
• Websec Learning
• Exploring Python using GDB
• Exploiting PHP File Inclusion
• Address Sanitizer
• Roposaurusrex – a primer on return oriented programming
• XSSed - some practically done xss attacks
• BinTut - BinTut is a set of tutorials, as well as exercises.
• lcamtuf’s blog - lcamtuf is the creator of AFL (american fuzzy lop) and writes a lot of great stuff
• OWASP Top 10 - Presentatioin on Top 10 Web Application Vulnerabilities and how to avoid them.
• hacksplaining - Good set of challenges
• Vudo malloc tricks
• Once upon a free()
• RSA Attacks - Explanation of various RSA attacks
• How the heck do we get to main()?
• Malloc Internals - glibc wiki
• 10 things InfoSec professionals need to know about networking
• ELF executable reconstruction from a core image
• Reflections on Trusting Trust by Ken Thompson
• Manual SQL Injection Discovery Tips
• CTF pwn Tips

Must Reads

• The Conscience of a Hacker by the Mentor
• How To Become A Hacker by Eric Steven Raymond
• A Magnetized Needle and a Steady Hand – elf structures with a nice storyline.
• x86 Assembly Guide

Tutorials

• GDB Basics
• Format String Exploitation
• Exploiting Format String Vulnerabilities
• Pentester’s Lab – specifically try the Web For Pentester 1 and 2
• How 2 Heap – a repository for learning various heap exploitation techniques
• AFL fuzzing primer – BSidesSF. Fuzz smarter, not harder. Craig Young.
• Advanced SQL Injection in SQL Server Applications – great sqli primer
• GCC-Inline-Assembly-HOWTO
• A Crash Course in x86 Assembly for Reverse Engineers
• Fuzzy Security Tutorials – bunch of good reads
• Intro to r2

Cheat Sheets

• PHP Security Cheat Sheet
• Local File Inclusion
• Libheap Heap Flowchart
• Calling Conventions - Detailed description of calling conventions across different compilers and operating systems. Maintained by Agner Fog.
• Penetration testing tools cheat sheet
• Enumeration cheat sheet

Other Lists

• How to start in Infosec
• Awesome Hacking Resources list
• Awesome reverse engineering resources

Pastebins

• Crypto challenges list 2017
• Crypto challenges list 2016
• Crypto challenges list 2015
• Pwn challenges list
• Rev challenges list
• Web challenges list 2016

Youtube

• Conferences
  • USENIX Enigma Conference
  • DEFCON Conference
  • BlackHat
• Tutorials
  • LiveOverflow
  • JackkTutorials
  • GynvaelEN
  • MurmusCTF
  • CyberspaceCamp
• Videos
  • x86 Assembly Crash Course

Practice/Wargames/etc

• ROP Emporium