Cybrary Pro Day is here!
Ready to Start Your Career?

All In One Study Guide For Pentesters And Forensics. 1

Author's profile image

January 1, 2016

Hello, **LAST UPDATED : Monday, 22/06/2015 , 3:20 PM Indian Standard Time**If you are reading this post then you are probably searching for the Guide Materials ( such as CEH Instructor Slides, Links to other websites for testing your Pentesting skills etc ). So i've compiled a list of all the Study Guide i found and so i've uploaded them to Media Fire for download by you all ;) ( Kind eh xD? ) PLEASE NOTE : There are whole lot more guides available, and i'll update this topic everytime i find new guides. ;) All files are 100% Virus Free and i'd suggest you to scan for viruses yourself too just in case. If you find any virus with any guide, please reply below and i'll upload a new Virus Free version. So without any further ado lets go ! ***1. CEH Tools :***1.1. ***[CEH v7 Instructor Slide](https://www.mediafire.com/download/2oakgu1q5m0axqy/CEH+v7+Instructor+Slides+www.thehackinguniverse.com.rar)s*** CEH v7 Instructor Slides are 11 PDF Files for you to learn Complete Ethical Hacking or, refer it side by side when learning it from Cybrary. Each file has more than 100 Slides and they also include link to specific tools and softwares for you to use. Size : 170 MB 1.2. ***[CEH v8 Toolkit ( ISO )](http://iclass.eccouncil.org/?p=5372)***This is the Disk version of CEH v8 Toolkit. You can find all the tools here. ***2. Pentesting OS :***2.1. ***[Kali Linux](https://www.kali.org/)***Kali Linux, The most powerfull and advanced Pentesting System. Most of you might be familar with else, just visit the link above ;) 2.2. ***[Parrot Security OS](http://www.parrotsec.org/)***Parrot Security OS is one of the known Pentesting OS available. Little has been known about this OS ( to me ) so i'd like your review on this ;) 2.3. ***[Cyborg Hawk Linux](http://cyborg.ztrela.com/)***Cyborg Hawk Linux runs on Ubuntu ( unlike Kali which run on Debain ) and has more features and tools and a sexy little OS. Give it a try ! 2.4. ***[Black Arch Linux](http://blackarch.org/)***For those who liked the BlackTrack much, Black Arch Linux offers a similar GUI but with more than 1288 Tools. 2.5. ***[Arch Assault](https://archassault.org/)***Arch Assault is nice and i havent tried this a long time ;) 2.6. ***[Back Box Linux](http://www.backbox.org/)***This OS similar to Cyborg runs on Ubuntu. 2.7. ***[Pentoo Linux](http://www.pentoo.ch/)***Pentoo is a security-focused livecd based on Gentoo It's basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included: Hardened Kernel with aufs patches, Backported Wifi stack from latest stable kernel release, Module loading support ala slax, Changes saving on usb stick, XFCE4 wm and Cuda/OPENCL cracking support with development tools. Pentoo is Gentoo with the pentoo overlay. This overlay is available in layman so all you have to do is layman -L and layman -a pentoo. We have a pentoo/pentoo meta ebuild and multiple pentoo profiles, which will install all the pentoo tools based on USE flags. 2.8. ***[Caine Linux](http://www.caine-live.net/)***Similar to BackBox, this is also an Italian based distro led NanniBassetti by @NanniBassetti CAINE stands for (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE has a specific focus on digital forensics, so if this is your area the this distro is highly recommended. CAINE is configured to help the security expert (digital forensics expert) to exercise the various phases of a digital investigation. A great feature of CAINE is that it includes a semi-automated compilation of a final report, i.e. an audit. Since most security professionals hate doing audit reports this is really a great feature! CAINE is completely open source and even has a Windows version called Wintaylor. 2.9. ***[Matriux Linux](http://www.matriux.com/index.php?language=en)***Matriux is a fully featured security distribution, based on Ubuntu. It consists of powerful, free and open source computer forensics and data recovery tools which can be used for forensics analysis and investigation purposes. Apart from forensics usages Matriux also provides a wide platform to let security professionals utilize the power of open source to perform day-to-day web application penetration testing and server hardening tasks. Matriux is lite and designed to run from a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps in no time. Special Note : Its origin is from India 2.10. ***[Weak Net Linux](http://www.weaknetlabs.com/)***Weakerth4n has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools. Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells. 2.11. ***[DEFT](http://www.deftlinux.net/)***For all the Computer Forensics Expert out there. This is the tool you need. 2.12. ***[Node Zero](http://www.nodezero-linux.org/)***Node Zero, another great OS. ***3. Cheat Sheets :***3.1. ***[Cheat Sheet](http://averagesecurityguy.info/cheat-sheet/)***This cheat sheet gives you all the commands you need for any part of Computer Forensic or Pentesting to Hacking. 3.2. ***[Cheat Sheet #2](http://pentestmonkey.net/category/cheat-sheet)***This cheat sheet by pentesting monkey , organizes very well so that you can find out what you are looking for easily. Please note that since all these cheat sheets are old, there is a small possibility that some might not work but always try ;) 3.3. ***[Metasploit Cheat Sheet](http://www.cybrary.it/forums/topic/metasploit-cheat-sheet/)***This cheat sheet, posted by me in this very own forum will help you with Metasploit. ***4. Programming Help :***4.1. ***[Tutorials Point](http://www.tutorialspoint.com/tutorialslibrary.htm)***Tutorials Point can help you learning Programming Languages. But i highly recommend you to visit other Links before this as they just explain with single example with a single sentence. So not worth it. 4.2. ***[W3 Schools](http://www.w3schools.com/)***W3Schools.com can help you learn Programming Language easily and hey, they have their own free online IDE to try it out your self ;) 4.3. ***[Online IDE](http://www.tutorialspoint.com/codingground.htm)***This link will help you with your programming , as they provide free Online IDE to try your programs. They provide IDE Free for most if not, all of the courses. ***5. Misc. Tools :***5.1. ***[Ethical Hacking Books List](http://www.cybrary.it/forums/topic/ethical-hacking-book-lists/)***Thanks to ZeroSuiteSnake for posting about this Ethical Hacking Book. 5.2. ***[Hackers Dictionary](http://www.outpost9.com/reference/jargon/jargon_toc.html)***This is the Hackers Dictionary ( as the name says ) and will help you understand a lot of new tersm you will come to know when hacking. Really usefull ;) 5.3. ***[Advanced Pentesting Lab - Guide](http://wiki.cybrary.it/index.php/Advanced_Pentesting_Lab)***Thanks to Cybrary.it , this will help you to set up your very own advanced pentesting lab ! 5.4. ***[Pentest Tools](http://wiki.cybrary.it/index.php/Tools:_Hacking_and_Pentesting)***Thanks to Cybrary for this list of Pentesting and Hacking tools and how to use them. 5.5. ***[HackThisSite](http://www.hackthissite.org/pages/index/index.php)***HackThisSite is a place where you put your learning and knowledge into test by undertaking various missions. 5.6. ***[WonderHowTo](http://null-byte.wonderhowto.com/how-to/)***Null-Byte of WonderHowTo is an amazing place to learn more about Cyber Security, Hacking, Cracking and Post Exploitation Methods and Tutorials. Im C1BR0X btw , if you are going to put my name if they ask referred by xD. ***6. Pentesting Labs***6.1 [VMWare Workstation](https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_workstation/11_0)This Virtualization Lab, will provide you with easy GUI and setup. Its a paid one so buy it if you have $$$. 6.2 [Virtual Box](https://www.virtualbox.org/wiki/Downloads)Virtual Box was designed by Oracle and is completely open source and free. The best Virtual Host to have. ***7. Vulnerable Distributions***7.1 ***[Metasploitable](https://www.offensive-security.com/metasploit-unleashed/requirements/)***Its a vulnerable VMware virtual machine based on Ubuntu that is released by the Metasploit team in order to solve your problem in learning the Metasploit framework. It focuses on network-layer vulnerabilities because it contains vulnerable services for you to penetrate. 7.2 [Hackxor](http://sourceforge.net/projects/hackxor/files/hackxor1.7z/download)a web application hacking game built by albino. Players must locate and exploit vulnerabilities to progress through the story wherein you play as a blackhat hacker hired to track down another hacker by any means possible. It contains scripts that are vulnerable to Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Structured Query Language Injection (SQLi), Remote Command Injection (RCE), and many more. This VMware machine runs on Fedora 14. SIZE : around 600 MB 7.3 [Kioptrix](http://www.kioptrix.com/blog/test-page/)Kioptrix have three VMware images and challenges which require the attacker to have a root access using any technique in order to pawn the image. 7.4 [NETinVM](http://informatica.uv.es/~carlos/docencia/netinvm/#id7)A Virtualbox or VMware image that runs a series of a series of User-mode Linux (UML) virtual machines which can be used for learning about systems, networks and security and is developed by Carlos Perez and David Perez. 7.5 [Lamp Security](http://sourceforge.net/projects/lampsecurity/)A series of vulnerable virtual machine images that are used for teaching and training an individual about the security configurations of a LAMP server. It is also a hacking dojo where you can play CTF’s and contains pages that are vulnerable to SQL Injection and other known web vulnerabilities. 7.6 [Multilidae](http://sourceforge.net/projects/mutillidae/)A free and open source web application for website penetration testing and hacking which was developed by Adrian “Irongeek” Crenshaw and Jeremy “webpwnized” Druin. It is designed to be exploitable and vulnerable and ideal for practicing your Web Fu skills like SQL injection, cross site scripting, HTML injection, Javascript injection, clickjacking, local file inclusion, authentication bypass methods, remote code execution and many more based on OWASP (Open Web Application Security) Top 10 Web Vulnerabilties. 7.7 [Webgoat](https://code.google.com/p/webgoat/)An OWASP project and a deliberately insecure J2EE web application designed to teach web application security lessons and concepts. What’s cool about this web application is that it lets users demonstrate their understanding of a security issue by exploiting a real vulnerability in the application in each lesson. 7.8 [DVWA](http://www.dvwa.co.uk/)(Dam Vulnerable Web Application) – This vulnerable PHP/MySQL web application is one of the famous web applications used for testing your skills in web penetration testing and your knowledge in manual SQL Injection, XSS, Blind SQL Injection, etc. DVWA is developed by Ryan Dewhurst a.k.a ethicalhack3r and is part of RandomStorm OpenSource project 7.9 [SQLol](https://github.com/SpiderLabs/SQLol)Is a configurable SQL injection testbed which allows you to exploit SQLI (Structured Query Language Injection) flaws, but furthermore allows a large amount of control over the manifestation of the flaw. This application was released at Austin Hackers Association meeting 0x3f by Daniel “unicornFurnace” Crowley of Trustwave Holdings, Inc. – Spider Labs. 7.10 [Bodgeit](https://code.google.com/p/bodgeit/) Is an open source and vulnerable web application which is currently aimed at people who are new to web penetration testing. It is easy to install and requires java and a servlet engine, e.g. Tomcat. It includes vulnerabilities like Cross Site Scripting, SQL injection, Hidden (but unprotected) content, Debug Code, Cross Site Request Forgery, Insecure Object References, and Application logic vulnerabilities. 7.11 [Exploit KB](http://exploit.co.il/projects/vuln-web-app/)Vulnerable Web App – is one of the most famous vulnerable web app designed as a learning platform to test various SQL injection Techniques and it is a functional web site with a content management system based on fckeditor. This web application is also included in the BackTrack Linux 5r2-PenTesting Edition lab. 7.12 [Wacko Picko](https://github.com/adamdoupe/WackoPicko)Is a vulnerable web application written by Adam Doupé. It contains known and common vulnerabilities for you to harness your web penetration skills and knowledge like XSS vulnerabilities, SQL injections, command-line injections, sessionID vulnerabilities, file inclusions, parameters manipulation, Reflected XSS Behind JavaScript, Logic Flaw, Reflected XSS Behind a Flash Form, and Weak usernames or passwords. **Please note that, this topic will be constantly updated once a week. All the above links are not used for advertising but rather a guide as i've been struggling to find a topic that can help me find what i need.**If you have any queries or complaints please reply below ;) --xMidnightSnowx Feel free to suggest anything you find interesting out there that you want me to add in this topic. -- xMidnightSnowx Hello, If you are reading this post then you are probably searching for the Guide Materials ( such as CEH Instructor Slides, Links to other websites for testing your Pentesting skills etc ). So i've compiled a list of all the Study Guide i found and so i've uploaded them to Media Fire for download by you all ;) ( Kind eh xD? ) PLEASE NOTE : There are whole lot more guides available, and i'll update this topic everytime i find new guides. ;) All files are 100% Virus Free and i'd suggest you to scan for viruses yourself too just in case. If you find any virus with any guide, please reply below and i'll upload a new Virus Free version. So without any further ado lets go ! 1. ***[CEH v7 Instructor Slide](http://www.mediafire.com/download/2oakgu1q5m0axqy/CEH+v7+Instructor+Slides+www.thehackinguniverse.com.rar)s*** CEH v7 Instructor Slides are 11 PDF Files for you to learn Complete Ethical Hacking or, refer it side by side when learning it from Cybrary. Each file has more than 100 Slides and they also include link to specific tools and softwares for you to use. Size : 170 MB 2. ***[Ethical Hacking Books List](http://www.cybrary.it/forums/topic/ethical-hacking-book-lists/)***Thanks to ZeroSuiteSnake for posting about this Ethical Hacking Book. 3. ***[Cheat Sheet](http://averagesecurityguy.info/cheat-sheet/)***This cheat sheet gives you all the commands you need for any part of Computer Forensic or Pentesting to Hacking. 4. ***[Hackers Dictionary](http://www.outpost9.com/reference/jargon/jargon_toc.html)***This is the Hackers Dictionary ( as the name says ) and will help you understand a lot of new tersm you will come to know when hacking. Really usefull ;) 5. ***[Advanced Pentesting Lab - Guide](http://wiki.cybrary.it/index.php/Advanced_Pentesting_Lab)***Thanks to Cybrary.it , this will help you to set up your very own advanced pentesting lab ! 6. ***[Cheat Sheet #2](http://pentestmonkey.net/category/cheat-sheet)***This cheat sheet by pentesting monkey , organizes very well so that you can find out what you are looking for easily. Please note that since all these cheat sheets are old, there is a small possibility that some might not work but always try ;) 7. ***[Pentest Tools](http://wiki.cybrary.it/index.php/Tools:_Hacking_and_Pentesting)***Thanks to Cybrary for this list of Pentesting and Hacking tools and how to use them. 8. ***[WonderHowTo](http://null-byte.wonderhowto.com/how-to/)***Null-Byte of WonderHowTo is an amazing place to learn more about Cyber Security, Hacking, Cracking and Post Exploitation Methods and Tutorials. Im C1BR0X btw , if you are going to put my name if they ask referred by xD. 9. ***[HackThisSite](http://www.hackthissite.org/pages/index/index.php)***HackThisSite is a place where you put your learning and knowledge into test by undertaking various missions. 10. ***[Kali Linux](https://www.kali.org/)***Last but not the least, Kali Linux. The most powerfull and advanced Pentesting System. Most of you might be familar with else, just visit the link above ;) 11. ***[CEH v8 Toolkit ( ISO )](http://iclass.eccouncil.org/?p=5372)***This is the Disk version of CEH v8 Toolkit. You can find all the tools here ( i guess ). **Please note that, this topic will be constantly updated when-ever i find new tools or links or guides. All the above links are not used for advertising but rather a guide as i've been struggling to find a topic that can help me find what i need.**If you have any queries or complaints please reply below ;) I hope Cybrary accepts my Topic ;) **LAST EDITED : Monday, 08/06/2015 , 3:20 PM Indian Standard Time**--xMidnightSnowx 13\. ***[Pwn Wiki](http://pwnwiki.io/#!index.md)***Thanks to m0wgli for this share, PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained. /RESERVED FOR FURTHER UPDATES ! -- xMidnightSnowx /RESERVED ***UPDATE!***Thanks to Will , there is also another Pentesting Linux Distro called : Cyborg. [Cyborg Linux Distro](http://cyborg.ztrela.com/)For its reference : [Cyborg Linux Distro Reference](https://www.linux.com/community/blogs/130-distributions/798938-cyborg-hawk-linux)-- xMidnightSnowx Thank you. damn dude thanks for this To everyone : Your welcome ;) --xMidnightSnowx Let's not forget about the blackarch distro Wow! Thanks xMidnightSnowx for all the info! @glariful Sure, I'll add that sorry for late response ;) --xMidnightSnowx Wow, another great post by Midnight, thanks very much :) Thanks for the updations! lots of info thanks Midnight One of the great learning assets of this site is its forums Along with Cyborg hawk ( great distro ) May i recommend Parrot OS from ParrotSEC, Reminds me of Kali on steroids with a more elaborate GUI http://www.parrotsec.org/ Yea I saw Parrot OS , I din't want to put it in this list before I tried so that's y xD. -- xMidnightSnowx Thanks for share all with us! Next update will be done in few hours with more links and study materials. All the topics I have posted so far will be updated once in a week. -- xMidnightSnowx This is exact;y what i have been looking for for the last 3 months. Thanks for the share Thanks for the info ! Hello, **LAST EDITED : Monday, 15/06/2015 , 3:20 PM Indian Standard Time**If you are reading this post then you are probably searching for the Guide Materials ( such as CEH Instructor Slides, Links to other websites for testing your Pentesting skills etc ). So i've compiled a list of all the Study Guide i found and so i've uploaded them to Media Fire for download by you all ;) ( Kind eh xD? ) PLEASE NOTE : There are whole lot more guides available, and i'll update this topic everytime i find new guides. ;) All files are 100% Virus Free and i'd suggest you to scan for viruses yourself too just in case. If you find any virus with any guide, please reply below and i'll upload a new Virus Free version. So without any further ado lets go ! ***1. CEH Tools :***1.1. ***[CEH v7 Instructor Slide](http://www.mediafire.com/download/2oakgu1q5m0axqy/CEH+v7+Instructor+Slides+www.thehackinguniverse.com.rar)s*** CEH v7 Instructor Slides are 11 PDF Files for you to learn Complete Ethical Hacking or, refer it side by side when learning it from Cybrary. Each file has more than 100 Slides and they also include link to specific tools and softwares for you to use. Size : 170 MB 1.2. ***[CEH v8 Toolkit ( ISO )](http://iclass.eccouncil.org/?p=5372)***This is the Disk version of CEH v8 Toolkit. You can find all the tools here. ***2. Pentesting OS :***2.1. ***[Kali Linux](https://www.kali.org/)***Kali Linux, The most powerfull and advanced Pentesting System. Most of you might be familar with else, just visit the link above ;) 2.2. ***[Parrot Security OS](http://www.parrotsec.org/)***Parrot Security OS is one of the known Pentesting OS available. Little has been known about this OS ( to me ) so i'd like your review on this ;) 2.3. ***[Cyborg Hawk Linux](http://cyborg.ztrela.com/)***Cyborg Hawk Linux runs on Ubuntu ( unlike Kali which run on Debain ) and has more features and tools and a sexy little OS. Give it a try ! 2.4. ***[Black Arch Linux](http://blackarch.org/)***For those who liked the BlackTrack much, Black Arch Linux offers a similar GUI but with more than 1288 Tools. 2.5. ***[Arch Assault](https://archassault.org/)***Arch Assault is nice and i havent tried this a long time ;) 2.6. ***[Back Box Linux](http://www.backbox.org/)***This OS similar to Cyborg runs on Ubuntu. 2.7. ***[Pentoo Linux](http://www.pentoo.ch/)***Pentoo is a security-focused livecd based on Gentoo It's basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included: Hardened Kernel with aufs patches, Backported Wifi stack from latest stable kernel release, Module loading support ala slax, Changes saving on usb stick, XFCE4 wm and Cuda/OPENCL cracking support with development tools. Pentoo is Gentoo with the pentoo overlay. This overlay is available in layman so all you have to do is layman -L and layman -a pentoo. We have a pentoo/pentoo meta ebuild and multiple pentoo profiles, which will install all the pentoo tools based on USE flags. 2.8. ***[Caine Linux](http://www.caine-live.net/)***Similar to BackBox, this is also an Italian based distro led NanniBassetti by @NanniBassetti CAINE stands for (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE has a specific focus on digital forensics, so if this is your area the this distro is highly recommended. CAINE is configured to help the security expert (digital forensics expert) to exercise the various phases of a digital investigation. A great feature of CAINE is that it includes a semi-automated compilation of a final report, i.e. an audit. Since most security professionals hate doing audit reports this is really a great feature! CAINE is completely open source and even has a Windows version called Wintaylor. 2.9. ***[Matriux Linux](http://www.matriux.com/index.php?language=en)***Matriux is a fully featured security distribution, based on Ubuntu. It consists of powerful, free and open source computer forensics and data recovery tools which can be used for forensics analysis and investigation purposes. Apart from forensics usages Matriux also provides a wide platform to let security professionals utilize the power of open source to perform day-to-day web application penetration testing and server hardening tasks. Matriux is lite and designed to run from a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps in no time. Special Note : Its origin is from India 2.10. ***[Weak Net Linux](http://www.weaknetlabs.com/)***Weakerth4n has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools. Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells. 2.11. ***[DEFT](http://www.deftlinux.net/)***For all the Computer Forensics Expert out there. This is the tool you need. 2.12. ***[Node Zero](http://www.nodezero-linux.org/)***Node Zero, another great OS. ***3. Cheat Sheets :***3.1. ***[Cheat Sheet](http://averagesecurityguy.info/cheat-sheet/)***This cheat sheet gives you all the commands you need for any part of Computer Forensic or Pentesting to Hacking. 3.2. ***[Cheat Sheet #2](http://pentestmonkey.net/category/cheat-sheet)***This cheat sheet by pentesting monkey , organizes very well so that you can find out what you are looking for easily. Please note that since all these cheat sheets are old, there is a small possibility that some might not work but always try ;) 3.3. ***[Metasploit Cheat Sheet](http://www.cybrary.it/forums/topic/metasploit-cheat-sheet/)***This cheat sheet, posted by me in this very own forum will help you with Metasploit. ***4. Programming Help :***4.1. ***[Tutorials Point](http://www.tutorialspoint.com/tutorialslibrary.htm)***Tutorials Point can help you learning Programming Languages. But i highly recommend you to visit other Links before this as they just explain with single example with a single sentence. So not worth it. 4.2. ***[W3 Schools](http://www.w3schools.com/)***W3Schools.com can help you learn Programming Language easily and hey, they have their own free online IDE to try it out your self ;) 4.3. ***[Online IDE](http://www.tutorialspoint.com/codingground.htm)***This link will help you with your programming , as they provide free Online IDE to try your programs. They provide IDE Free for most if not, all of the courses. ***5. Misc. Tools :***5.1. ***[Ethical Hacking Books List](http://www.cybrary.it/forums/topic/ethical-hacking-book-lists/)***Thanks to ZeroSuiteSnake for posting about this Ethical Hacking Book. 5.2. ***[Hackers Dictionary](http://www.outpost9.com/reference/jargon/jargon_toc.html)***This is the Hackers Dictionary ( as the name says ) and will help you understand a lot of new tersm you will come to know when hacking. Really usefull ;) 5.3. ***[Advanced Pentesting Lab - Guide](http://wiki.cybrary.it/index.php/Advanced_Pentesting_Lab)***Thanks to Cybrary.it , this will help you to set up your very own advanced pentesting lab ! 5.4. ***[Pentest Tools](http://wiki.cybrary.it/index.php/Tools:_Hacking_and_Pentesting)***Thanks to Cybrary for this list of Pentesting and Hacking tools and how to use them. 5.5. ***[HackThisSite](http://www.hackthissite.org/pages/index/index.php)***HackThisSite is a place where you put your learning and knowledge into test by undertaking various missions. 5.6. ***[WonderHowTo](http://null-byte.wonderhowto.com/how-to/)***Null-Byte of WonderHowTo is an amazing place to learn more about Cyber Security, Hacking, Cracking and Post Exploitation Methods and Tutorials. Im C1BR0X btw , if you are going to put my name if they ask referred by xD. **Please note that, this topic will be constantly updated once a week. All the above links are not used for advertising but rather a guide as i've been struggling to find a topic that can help me find what i need.**If you have any queries or complaints please reply below ;) --xMidnightSnowx **UPDATED**Edit Log : Indexed the content, so its easy to search what you are looking for Added Pentesting OS section Added Programming Help section Added more guides and links Weekly Update #1 -- xMidnightSnowx Thank you so much for these almost all of them helped me thank you ! WOW you are amazing!! Hello, **LAST UPDATED : Monday, 22/06/2015 , 3:20 PM Indian Standard Time**If you are reading this post then you are probably searching for the Guide Materials ( such as CEH Instructor Slides, Links to other websites for testing your Pentesting skills etc ). So i've compiled a list of all the Study Guide i found and so i've uploaded them to Media Fire for download by you all ;) ( Kind eh xD? ) PLEASE NOTE : There are whole lot more guides available, and i'll update this topic everytime i find new guides. ;) All files are 100% Virus Free and i'd suggest you to scan for viruses yourself too just in case. If you find any virus with any guide, please reply below and i'll upload a new Virus Free version. So without any further ado lets go ! ***1. CEH Tools :***1.1. ***[CEH v7 Instructor Slide](http://www.mediafire.com/download/2oakgu1q5m0axqy/CEH+v7+Instructor+Slides+www.thehackinguniverse.com.rar)s*** CEH v7 Instructor Slides are 11 PDF Files for you to learn Complete Ethical Hacking or, refer it side by side when learning it from Cybrary. Each file has more than 100 Slides and they also include link to specific tools and softwares for you to use. Size : 170 MB 1.2. ***[CEH v8 Toolkit ( ISO )](http://iclass.eccouncil.org/?p=5372)***This is the Disk version of CEH v8 Toolkit. You can find all the tools here. ***2. Pentesting OS :***2.1. ***[Kali Linux](https://www.kali.org/)***Kali Linux, The most powerfull and advanced Pentesting System. Most of you might be familar with else, just visit the link above ;) 2.2. ***[Parrot Security OS](http://www.parrotsec.org/)***Parrot Security OS is one of the known Pentesting OS available. Little has been known about this OS ( to me ) so i'd like your review on this ;) 2.3. ***[Cyborg Hawk Linux](http://cyborg.ztrela.com/)***Cyborg Hawk Linux runs on Ubuntu ( unlike Kali which run on Debain ) and has more features and tools and a sexy little OS. Give it a try ! 2.4. ***[Black Arch Linux](http://blackarch.org/)***For those who liked the BlackTrack much, Black Arch Linux offers a similar GUI but with more than 1288 Tools. 2.5. ***[Arch Assault](https://archassault.org/)***Arch Assault is nice and i havent tried this a long time ;) 2.6. ***[Back Box Linux](http://www.backbox.org/)***This OS similar to Cyborg runs on Ubuntu. 2.7. ***[Pentoo Linux](http://www.pentoo.ch/)***Pentoo is a security-focused livecd based on Gentoo It's basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included: Hardened Kernel with aufs patches, Backported Wifi stack from latest stable kernel release, Module loading support ala slax, Changes saving on usb stick, XFCE4 wm and Cuda/OPENCL cracking support with development tools. Pentoo is Gentoo with the pentoo overlay. This overlay is available in layman so all you have to do is layman -L and layman -a pentoo. We have a pentoo/pentoo meta ebuild and multiple pentoo profiles, which will install all the pentoo tools based on USE flags. 2.8. ***[Caine Linux](http://www.caine-live.net/)***Similar to BackBox, this is also an Italian based distro led NanniBassetti by @NanniBassetti CAINE stands for (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE has a specific focus on digital forensics, so if this is your area the this distro is highly recommended. CAINE is configured to help the security expert (digital forensics expert) to exercise the various phases of a digital investigation. A great feature of CAINE is that it includes a semi-automated compilation of a final report, i.e. an audit. Since most security professionals hate doing audit reports this is really a great feature! CAINE is completely open source and even has a Windows version called Wintaylor. 2.9. ***[Matriux Linux](http://www.matriux.com/index.php?language=en)***Matriux is a fully featured security distribution, based on Ubuntu. It consists of powerful, free and open source computer forensics and data recovery tools which can be used for forensics analysis and investigation purposes. Apart from forensics usages Matriux also provides a wide platform to let security professionals utilize the power of open source to perform day-to-day web application penetration testing and server hardening tasks. Matriux is lite and designed to run from a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps in no time. Special Note : Its origin is from India 2.10. ***[Weak Net Linux](http://www.weaknetlabs.com/)***Weakerth4n has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools. Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells. 2.11. ***[DEFT](http://www.deftlinux.net/)***For all the Computer Forensics Expert out there. This is the tool you need. 2.12. ***[Node Zero](http://www.nodezero-linux.org/)***Node Zero, another great OS. ***3. Cheat Sheets :***3.1. ***[Cheat Sheet](http://averagesecurityguy.info/cheat-sheet/)***This cheat sheet gives you all the commands you need for any part of Computer Forensic or Pentesting to Hacking. 3.2. ***[Cheat Sheet #2](http://pentestmonkey.net/category/cheat-sheet)***This cheat sheet by pentesting monkey , organizes very well so that you can find out what you are looking for easily. Please note that since all these cheat sheets are old, there is a small possibility that some might not work but always try ;) 3.3. ***[Metasploit Cheat Sheet](http://www.cybrary.it/forums/topic/metasploit-cheat-sheet/)***This cheat sheet, posted by me in this very own forum will help you with Metasploit. ***4. Programming Help :***4.1. ***[Tutorials Point](http://www.tutorialspoint.com/tutorialslibrary.htm)***Tutorials Point can help you learning Programming Languages. But i highly recommend you to visit other Links before this as they just explain with single example with a single sentence. So not worth it. 4.2. ***[W3 Schools](http://www.w3schools.com/)***W3Schools.com can help you learn Programming Language easily and hey, they have their own free online IDE to try it out your self ;) 4.3. ***[Online IDE](http://www.tutorialspoint.com/codingground.htm)***This link will help you with your programming , as they provide free Online IDE to try your programs. They provide IDE Free for most if not, all of the courses. ***5. Misc. Tools :***5.1. ***[Ethical Hacking Books List](http://www.cybrary.it/forums/topic/ethical-hacking-book-lists/)***Thanks to ZeroSuiteSnake for posting about this Ethical Hacking Book. 5.2. ***[Hackers Dictionary](http://www.outpost9.com/reference/jargon/jargon_toc.html)***This is the Hackers Dictionary ( as the name says ) and will help you understand a lot of new tersm you will come to know when hacking. Really usefull ;) 5.3. ***[Advanced Pentesting Lab - Guide](http://wiki.cybrary.it/index.php/Advanced_Pentesting_Lab)***Thanks to Cybrary.it , this will help you to set up your very own advanced pentesting lab ! 5.4. ***[Pentest Tools](http://wiki.cybrary.it/index.php/Tools:_Hacking_and_Pentesting)***Thanks to Cybrary for this list of Pentesting and Hacking tools and how to use them. 5.5. ***[HackThisSite](http://www.hackthissite.org/pages/index/index.php)***HackThisSite is a place where you put your learning and knowledge into test by undertaking various missions. 5.6. ***[WonderHowTo](http://null-byte.wonderhowto.com/how-to/)***Null-Byte of WonderHowTo is an amazing place to learn more about Cyber Security, Hacking, Cracking and Post Exploitation Methods and Tutorials. Im C1BR0X btw , if you are going to put my name if they ask referred by xD. 6. Pentesting Labs 6.1 [VMWare Workstation](https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_workstation/11_0)This Virtualization Lab, will provide you with easy GUI and setup. Its a paid one so buy it if you have $$$. 6.2 [Virtual Box](https://www.virtualbox.org/wiki/Downloads)Virtual Box was designed by Oracle and is completely open source and free. The best Virtual Host to have. 7. Vulnerable Distributions 7.1 ***[Metasploitable](https://www.offensive-security.com/metasploit-unleashed/requirements/)***Its a vulnerable VMware virtual machine based on Ubuntu that is released by the Metasploit team in order to solve your problem in learning the Metasploit framework. It focuses on network-layer vulnerabilities because it contains vulnerable services for you to penetrate. 7.2 [Hackxor](http://sourceforge.net/projects/hackxor/files/hackxor1.7z/download)a web application hacking game built by albino. Players must locate and exploit vulnerabilities to progress through the story wherein you play as a blackhat hacker hired to track down another hacker by any means possible. It contains scripts that are vulnerable to Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Structured Query Language Injection (SQLi), Remote Command Injection (RCE), and many more. This VMware machine runs on Fedora 14. SIZE : around 600 MB 7.3 [Kioptrix](http://www.kioptrix.com/blog/test-page/)Kioptrix have three VMware images and challenges which require the attacker to have a root access using any technique in order to pawn the image. 7.4 [NETinVM](http://informatica.uv.es/~carlos/docencia/netinvm/#id7)A Virtualbox or VMware image that runs a series of a series of User-mode Linux (UML) virtual machines which can be used for learning about systems, networks and security and is developed by Carlos Perez and David Perez. 7.5 [Lamp Security](http://sourceforge.net/projects/lampsecurity/)A series of vulnerable virtual machine images that are used for teaching and training an individual about the security configurations of a LAMP server. It is also a hacking dojo where you can play CTF’s and contains pages that are vulnerable to SQL Injection and other known web vulnerabilities. 7.6 [Multilidae](http://sourceforge.net/projects/mutillidae/)A free and open source web application for website penetration testing and hacking which was developed by Adrian “Irongeek” Crenshaw and Jeremy “webpwnized” Druin. It is designed to be exploitable and vulnerable and ideal for practicing your Web Fu skills like SQL injection, cross site scripting, HTML injection, Javascript injection, clickjacking, local file inclusion, authentication bypass methods, remote code execution and many more based on OWASP (Open Web Application Security) Top 10 Web Vulnerabilties. 7.7 [Webgoat](https://code.google.com/p/webgoat/)An OWASP project and a deliberately insecure J2EE web application designed to teach web application security lessons and concepts. What’s cool about this web application is that it lets users demonstrate their understanding of a security issue by exploiting a real vulnerability in the application in each lesson. 7.8 [DVWA](http://www.dvwa.co.uk/)(Dam Vulnerable Web Application) – This vulnerable PHP/MySQL web application is one of the famous web applications used for testing your skills in web penetration testing and your knowledge in manual SQL Injection, XSS, Blind SQL Injection, etc. DVWA is developed by Ryan Dewhurst a.k.a ethicalhack3r and is part of RandomStorm OpenSource project 7.9 [SQLol](https://github.com/SpiderLabs/SQLol)Is a configurable SQL injection testbed which allows you to exploit SQLI (Structured Query Language Injection) flaws, but furthermore allows a large amount of control over the manifestation of the flaw. This application was released at Austin Hackers Association meeting 0x3f by Daniel “unicornFurnace” Crowley of Trustwave Holdings, Inc. – Spider Labs. 7.10 [Bodgeit](https://code.google.com/p/bodgeit/) Is an open source and vulnerable web application which is currently aimed at people who are new to web penetration testing. It is easy to install and requires java and a servlet engine, e.g. Tomcat. It includes vulnerabilities like Cross Site Scripting, SQL injection, Hidden (but unprotected) content, Debug Code, Cross Site Request Forgery, Insecure Object References, and Application logic vulnerabilities. 7.11 [Exploit KB](http://exploit.co.il/projects/vuln-web-app/)Vulnerable Web App – is one of the most famous vulnerable web app designed as a learning platform to test various SQL injection Techniques and it is a functional web site with a content management system based on fckeditor. This web application is also included in the BackTrack Linux 5r2-PenTesting Edition lab. 7.12 [Wacko Picko](https://github.com/adamdoupe/WackoPicko)Is a vulnerable web application written by Adam Doupé. It contains known and common vulnerabilities for you to harness your web penetration skills and knowledge like XSS vulnerabilities, SQL injections, command-line injections, sessionID vulnerabilities, file inclusions, parameters manipulation, Reflected XSS Behind JavaScript, Logic Flaw, Reflected XSS Behind a Flash Form, and Weak usernames or passwords. **Please note that, this topic will be constantly updated once a week. All the above links are not used for advertising but rather a guide as i've been struggling to find a topic that can help me find what i need.**If you have any queries or complaints please reply below ;) --xMidnightSnowx Hello, **LAST UPDATED : Monday, 22/06/2015 , 3:20 PM Indian Standard Time**If you are reading this post then you are probably searching for the Guide Materials ( such as CEH Instructor Slides, Links to other websites for testing your Pentesting skills etc ). So i've compiled a list of all the Study Guide i found and so i've uploaded them to Media Fire for download by you all ;) ( Kind eh xD? ) PLEASE NOTE : There are whole lot more guides available, and i'll update this topic everytime i find new guides. ;) All files are 100% Virus Free and i'd suggest you to scan for viruses yourself too just in case. If you find any virus with any guide, please reply below and i'll upload a new Virus Free version. So without any further ado lets go ! ***1. CEH Tools :***1.1. ***[CEH v7 Instructor Slide](http://www.mediafire.com/download/2oakgu1q5m0axqy/CEH+v7+Instructor+Slides+www.thehackinguniverse.com.rar)s*** CEH v7 Instructor Slides are 11 PDF Files for you to learn Complete Ethical Hacking or, refer it side by side when learning it from Cybrary. Each file has more than 100 Slides and they also include link to specific tools and softwares for you to use. Size : 170 MB 1.2. ***[CEH v8 Toolkit ( ISO )](http://iclass.eccouncil.org/?p=5372)***This is the Disk version of CEH v8 Toolkit. You can find all the tools here. ***2. Pentesting OS :***2.1. ***[Kali Linux](https://www.kali.org/)***Kali Linux, The most powerfull and advanced Pentesting System. Most of you might be familar with else, just visit the link above ;) 2.2. ***[Parrot Security OS](http://www.parrotsec.org/)***Parrot Security OS is one of the known Pentesting OS available. Little has been known about this OS ( to me ) so i'd like your review on this ;) 2.3. ***[Cyborg Hawk Linux](http://cyborg.ztrela.com/)***Cyborg Hawk Linux runs on Ubuntu ( unlike Kali which run on Debain ) and has more features and tools and a sexy little OS. Give it a try ! 2.4. ***[Black Arch Linux](http://blackarch.org/)***For those who liked the BlackTrack much, Black Arch Linux offers a similar GUI but with more than 1288 Tools. 2.5. ***[Arch Assault](https://archassault.org/)***Arch Assault is nice and i havent tried this a long time ;) 2.6. ***[Back Box Linux](http://www.backbox.org/)***This OS similar to Cyborg runs on Ubuntu. 2.7. ***[Pentoo Linux](http://www.pentoo.ch/)***Pentoo is a security-focused livecd based on Gentoo It's basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included: Hardened Kernel with aufs patches, Backported Wifi stack from latest stable kernel release, Module loading support ala slax, Changes saving on usb stick, XFCE4 wm and Cuda/OPENCL cracking support with development tools. Pentoo is Gentoo with the pentoo overlay. This overlay is available in layman so all you have to do is layman -L and layman -a pentoo. We have a pentoo/pentoo meta ebuild and multiple pentoo profiles, which will install all the pentoo tools based on USE flags. 2.8. ***[Caine Linux](http://www.caine-live.net/)***Similar to BackBox, this is also an Italian based distro led NanniBassetti by @NanniBassetti CAINE stands for (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE has a specific focus on digital forensics, so if this is your area the this distro is highly recommended. CAINE is configured to help the security expert (digital forensics expert) to exercise the various phases of a digital investigation. A great feature of CAINE is that it includes a semi-automated compilation of a final report, i.e. an audit. Since most security professionals hate doing audit reports this is really a great feature! CAINE is completely open source and even has a Windows version called Wintaylor. 2.9. ***[Matriux Linux](http://www.matriux.com/index.php?language=en)***Matriux is a fully featured security distribution, based on Ubuntu. It consists of powerful, free and open source computer forensics and data recovery tools which can be used for forensics analysis and investigation purposes. Apart from forensics usages Matriux also provides a wide platform to let security professionals utilize the power of open source to perform day-to-day web application penetration testing and server hardening tasks. Matriux is lite and designed to run from a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps in no time. Special Note : Its origin is from India 2.10. ***[Weak Net Linux](http://www.weaknetlabs.com/)***Weakerth4n has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools. Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells. 2.11. ***[DEFT](http://www.deftlinux.net/)***For all the Computer Forensics Expert out there. This is the tool you need. 2.12. ***[Node Zero](http://www.nodezero-linux.org/)***Node Zero, another great OS. ***3. Cheat Sheets :***3.1. ***[Cheat Sheet](http://averagesecurityguy.info/cheat-sheet/)***This cheat sheet gives you all the commands you need for any part of Computer Forensic or Pentesting to Hacking. 3.2. ***[Cheat Sheet #2](http://pentestmonkey.net/category/cheat-sheet)***This cheat sheet by pentesting monkey , organizes very well so that you can find out what you are looking for easily. Please note that since all these cheat sheets are old, there is a small possibility that some might not work but always try ;) 3.3. ***[Metasploit Cheat Sheet](http://www.cybrary.it/forums/topic/metasploit-cheat-sheet/)***This cheat sheet, posted by me in this very own forum will help you with Metasploit. ***4. Programming Help :***4.1. ***[Tutorials Point](http://www.tutorialspoint.com/tutorialslibrary.htm)***Tutorials Point can help you learning Programming Languages. But i highly recommend you to visit other Links before this as they just explain with single example with a single sentence. So not worth it. 4.2. ***[W3 Schools](http://www.w3schools.com/)***W3Schools.com can help you learn Programming Language easily and hey, they have their own free online IDE to try it out your self ;) 4.3. ***[Online IDE](http://www.tutorialspoint.com/codingground.htm)***This link will help you with your programming , as they provide free Online IDE to try your programs. They provide IDE Free for most if not, all of the courses. ***5. Misc. Tools :***5.1. ***[Ethical Hacking Books List](http://www.cybrary.it/forums/topic/ethical-hacking-book-lists/)***Thanks to ZeroSuiteSnake for posting about this Ethical Hacking Book. 5.2. ***[Hackers Dictionary](http://www.outpost9.com/reference/jargon/jargon_toc.html)***This is the Hackers Dictionary ( as the name says ) and will help you understand a lot of new tersm you will come to know when hacking. Really usefull ;) 5.3. ***[Advanced Pentesting Lab - Guide](http://wiki.cybrary.it/index.php/Advanced_Pentesting_Lab)***Thanks to Cybrary.it , this will help you to set up your very own advanced pentesting lab ! 5.4. ***[Pentest Tools](http://wiki.cybrary.it/index.php/Tools:_Hacking_and_Pentesting)***Thanks to Cybrary for this list of Pentesting and Hacking tools and how to use them. 5.5. ***[HackThisSite](http://www.hackthissite.org/pages/index/index.php)***HackThisSite is a place where you put your learning and knowledge into test by undertaking various missions. 5.6. ***[WonderHowTo](http://null-byte.wonderhowto.com/how-to/)***Null-Byte of WonderHowTo is an amazing place to learn more about Cyber Security, Hacking, Cracking and Post Exploitation Methods and Tutorials. Im C1BR0X btw , if you are going to put my name if they ask referred by xD. ***6. Pentesting Labs***6.1 [VMWare Workstation](https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_workstation/11_0)This Virtualization Lab, will provide you with easy GUI and setup. Its a paid one so buy it if you have $$$. 6.2 [Virtual Box](https://www.virtualbox.org/wiki/Downloads)Virtual Box was designed by Oracle and is completely open source and free. The best Virtual Host to have. ***7. Vulnerable Distributions***7.1 ***[Metasploitable](https://www.offensive-security.com/metasploit-unleashed/requirements/)***Its a vulnerable VMware virtual machine based on Ubuntu that is released by the Metasploit team in order to solve your problem in learning the Metasploit framework. It focuses on network-layer vulnerabilities because it contains vulnerable services for you to penetrate. 7.2 [Hackxor](http://sourceforge.net/projects/hackxor/files/hackxor1.7z/download)a web application hacking game built by albino. Players must locate and exploit vulnerabilities
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry