Julien
3 juin 20228 Min
Mis à jour : 8 juil. 2023
Please note that this article will be updated regularly. Put it in your favorites!
Want to upgrade your reporting skills?
A good report is beneficial for your customer. That’s why you need good writing skills!
You need to be able to explain complex concepts in a simple way for the executive summary.
For the vulnerability report, you have to explain your steps clearly.
Also, do not forget to keep a base of templates so that you can reuse them and adapt them to your new context without having to rewrite the whole thing.
Check out my article about this here:
https://csbygb.gitbook.io/pentips/reporting/pentest-report
BONUS: Want to take efficient notes on the go, you can use cherry tree: https://www.giuspen.com/cherrytree/
Check my comment below for other great resources for reporting! 👇
Check out this report, because reading other people's reports is really helpful to make yours better.
Radically Open security report: https://www.ushahidi.com/uploads/post-images/REP-20170303-vv1-pen-otf-ushahidi-pentest_Redacted.pdf
Check out this other tools for notekeeping:
Want to specialize?
There are many options!
After mastering the fundamentals, basics, and sophisticated attacks, you can go further and find one or two specializations to give you more prospects in the job market.
Today I will share resources for those who wish to learn more about OSINT and maybe specialize in it!
OSINT is often part of a pentest, but you could also become an OSINT specialist!
Check out The Ultimate OSINT collection by Hatless1der: https://start.me/p/DPYPMz/the-ultimate-osint-collection
BONUS: A 5 hours free course by TCM
More resources in comment
COMMENT: Follow OsintCurio.us! They share tons of articles about OSINT: https://osintcurio.us/
Want to specialize?
There are many options!
After mastering the fundamentals, basics, and sophisticated attacks, you can go further and find one or two specializations to give you more prospects in the job market.
Today I will share resources for those who wish to learn more about 𝐌𝐨𝐛𝐢𝐥𝐞 𝐀𝐩𝐩 𝐏𝐞𝐧𝐭𝐞𝐬𝐭 and maybe specialize in it! 📱📱
[𝐓𝐇𝐄𝐎𝐑𝐘] Check out this great blog post on Hackthebox
https://www.hackthebox.com/blog/intro-to-mobile-pentesting
[𝐏𝐑𝐀𝐂𝐓𝐈𝐂𝐄]
IOS with https://github.com/prateek147/DVIA-v2 by prateek147
Android with this list of intentionally vulnerable apps from The Dark Source: https://thedarksource.com/vulnerable-android-apps/
[𝐁𝐎𝐍𝐔𝐒] Check out Nahamsec resources for beginner bug bounty hunters on mobile App
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/mobile.md
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other good resources on mobile app pentest? Share them in the comment
COMMENT: Check out this course by ASecurity with Abraham Aranguren and John Hammond
Want to specialize?
There are many options!
After mastering the fundamentals, basics, and sophisticated attacks, you can go further and find one or two specializations to give you more prospects in the job market.
Today I will share resources for those who wish to learn more about 𝗖𝗟𝗢𝗨𝗗 Pentest and maybe specialize in it! ☁️☁️
Check out these methodologies on PayloadAllTheThings
[𝐁𝐎𝐍𝐔𝐒]
Checkout this Cloud Pentest CheatsSheets by dafthack
https://github.com/dafthack/CloudPentestCheatsheets
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other good resources on Cloud pentest? Share them in the comment
Comment
Check out this great blog post on Hackthebox
Want to specialize?
There are many options!
After mastering the fundamentals, basics, and sophisticated attacks, you can go further and find one or two specializations to give you more prospects in the job market.
Today I will share resources for those who wish to learn more about 𝗜𝗖𝗦 (Industrial Control System) and maybe specialize in it!
Check out Robert M Lee’s Collection of Resources for Getting Started in ICS/SCADA Cybersecurity
https://www.robertmlee.org/a-collection-of-resources-for-getting-started-in-icsscada-cybersecurity/
[𝐁𝐎𝐍𝐔𝐒]
Check out John Hammond’s video on Attacking ICS Devices:
https://www.youtube.com/watch?v=1txnyN_3_zk&ab_channel=JohnHammond
Comment
Check out this comprehensive guide on Mission Secure
https://www.missionsecure.com/ot-cybersecurity
👉 𝗥𝗲𝘃𝗲𝗿𝘀𝗲 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝗶𝗻𝗴
🌟 Reverse Engineering for Beginners by Ophir Harpaz
🌟 Reverse Engineering for Everyone by Kevin Thomas My Technotalent
🌟 Reverse Engineering for beginners by Dennis Yurichev (available in many languages)
🌟 Reverse Engineering 101 by 0x00 (with exercises)
👉 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗔𝗻𝗮𝗹𝘆𝘀𝗶𝘀
🌟 Malware Analysis In 5+ Hours - Full Course - Learn Practical Malware Analysis! by HuskyHacks
🌟 Malware Analysis – Mind Map by Thatintel
🌟 Malware Analysis Tutorials: a Reverse Engineering Approach by Dr Xiang Fu
👉 𝗔𝗺𝗮𝘇𝗶𝗻𝗴 𝗕𝗼𝗻𝘂𝘀
Malware Analysis and Reverse Engineering courses by DFIR Diva
Pentesting can be at the intersection of several areas.
In this Series I will suggest some of these areas where having an understanding of pentesting can help you in your practice.
Check out this amazing study on Enterprise Purple Teaming by Xena Olsen, Ch33r10 https://github.com/ch33r10/EnterprisePurpleTeaming
Get the book Purple Teaming for dummies by Jonathan Relber Ben Opel Carl Wright for free here:
https://attackiq.com/lp/purple-teaming-for-dummies/
Check out this article by Scythe on why and how you can go purple https://www.scythe.io/library/actionable-purple-teaming-why-and-how-you-can-and-should-go-purple
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other good resources on Purple Team? Share them in the comment
Comment
Have look at Scythe Exercise framework https://github.com/scythe-io/purple-team-exercise-framework/blob/master/PTEFv2.md
Check out these courses on Attack.IQ https://academy.attackiq.com/learning-paths/purple-teaming
A good way to have a more holistic approach to Cybersecurity is to listen to podcasts or to read blogs.
It is an entertaining way to learn and you get to hear about people in the industry from wherever you are!
Check out Phillip Wylie’s Podcast on ITSP Magazine “The Hacker Factory” here: https://www.itspmagazine.com/the-hacker-factory-podcast
And if you enjoyed why not voting for it for the European Cybersecurity Awards here: https://docs.google.com/forms/d/e/1FAIpQLSdNDzjvToMSq36YkIHQWwhma90SR0E9rLndflZ3Cu_gVI2Axw/viewform
Check out Christophe Foulon’s podcast here: https://podcasts.apple.com/us/podcast/breaking-into-cybersecurity/id1463136698
You are more of a reader? 🤓 I’ve got your back! Check this great blog Security Queens
And guess what! You can also vote for them for the European Cybersecurity Awards!
Have a look at Daniel Miessler’s Blog: https://danielmiessler.com/
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other good blogs or podcast? Please share them in the comment!
Comment
Check out the Focal Point Podcast by Angela Marafino and Chantel Sims on ITSP Magazine here: https://www.itspmagazine.com/focal-point-podcast
Have a look at Your Cyber Path podcast: https://www.yourcyberpath.com/podcasts/
Check out the different shows on Hacker Valley: https://hackervalley.com/
Pentesting can be at the intersection of several areas.
In this series I will suggest some of these areas where having an understanding of pentesting can help you in your practice.
Lately, we see more and more Threat modeling integrated with pentest processes.
Check out this session about threat modeling on Hackerone: https://www.hacker101.com/sessions/threat_modeling.html
Stay in track with this Threat modeling cheat sheet on OWASP: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Threat_Modeling_Cheat_Sheet.md
[BONUS] Check out this list of Threat modeling resources on Infosec reference by Robert musser: https://rmusser.net/git/admin-2/Infosec_Reference/src/commit/d44538cb60d7d3ad64880feb45e05362382e550a/Draft/Threat%20Modeling.md
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other resources about Threat Modeling? Please share them in the comment!
Comment
Check out the Threat modeling manifesto here: https://www.threatmodelingmanifesto.org/
Want to specialize?
There are many options!
After mastering the fundamentals, basics, and sophisticated attacks, you can go further and find one or two specializations to give you more prospects in the job market.
Moreover, for white box pentest engagements you will have to do code review.
Check out this free introduction to Secure Code Review on Pentesterlab: https://pentesterlab.com/exercises/codereview/course
Check out this security training platform for devs: https://www.hacksplaining.com/
BONUS: Want to make a vulnerable PHP App? Check out this video by Wesley (The XSS Rat) Thijs https://youtu.be/e_dLSVpQy40
𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment
Comment
Check out Tanya Janca’s book Alice and Bob learn Application Security https://www.amazon.ca/Alice-Bob-Learn-Application-Security/dp/1119687357
Finding a new position can be tricky.
Here are a few resources to help you out.
Check out this article by Jay Jay Davey on “How to use Linkedin”: https://www.linkedin.com/pulse/how-use-linkedin-jay-jay-davey-/
Get Advice on writing a Cyber Resume with Joe Hudson here: https://www.youtube.com/watch?v=5T_u7l-t56g&list=PL4Q-ttyNIRArEf_K0V418lc6tjYEdJn4A&index=4
Get ready for your interview with these questions
https://www.springboard.com/blog/cybersecurity/25-cybersecurity-job-interview-questions-and-answers/
BONUS: Optimize your resume here https://www.jobscan.co/ to get past the applicant tracking systems (ATS)
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment
Comment
Check out this article on how to hack into a cyberse
curity career:
APIs are a significant attack vector.
API attacks increased 𝟲𝟴𝟭% in the last 12 months, according* to Security Magazine
Want to sharpen your skills in API? Now is the time!
Check out MindAPI by David Sopas
Check out Hacking mHealth Apps and APIs on KnightTV with Alissa Valentina Knight
Check out this episode of OWASP DevSlop with Katie Paxton-Fear about API hacking for the Actually Pretty Inexperienced hacker
Want some practice?
Check out VAmPI
And here is vAPI
More resources in comment 👇👇
𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment
𝗪𝗛𝗬 𝗚𝗢 𝗧𝗢 𝗖𝗢𝗡𝗙𝗘𝗥𝗘𝗡𝗖𝗘𝗦?
These last days on LinkedIn's feeds, most of you read many posts about the RSA Conference.
Why is it so popular?
- Conferences are part of lifelong learning in Cybersecurity
- They keep you up to date and give you the latest trends in the industry
- You learn about the latest solutions
- You can hear about advanced topics
- It is an opportunity to do business or look for your next job opportunity
…
You do not need to spend a lot of money on it.
Indeed you can go to conferences near you like the chapters conference of Wicys, OWASP, BSides, Isaca, …
𝐂𝐡𝐞𝐜𝐤 𝐨𝐮𝐭 𝐭𝐡𝐞𝐬𝐞 𝐥𝐢𝐧𝐤𝐬 𝐭𝐨 𝐟𝐢𝐧𝐝 𝐲𝐨𝐮𝐫 𝐧𝐞𝐱𝐭 𝐜𝐨𝐧𝐟𝐞𝐫𝐞𝐧𝐜𝐞:
Do you master a topic? Give a talk about it, another way to attend a conference.
𝐂𝐡𝐞𝐜𝐤 𝐨𝐮𝐭 𝐭𝐡𝐞𝐬𝐞 𝐥𝐢𝐧𝐤𝐬 𝐭𝐨 𝐟𝐢𝐧𝐝 𝐭𝐡𝐞 𝐥𝐚𝐬𝐭 𝐨𝐩𝐞𝐧 𝐜𝐚𝐥𝐥 𝐟𝐨𝐫 𝐩𝐚𝐩𝐞𝐫𝐬:
Finally, Conferences are a great way to network and have fun.
In 2021 50% of corporate data where stored in the cloud according* to Statista
Want to learn on Cloud pentest?
See below
Familiarize yourself with the different technologies with this great list of free trainings: “Awesome Cloud Native Trainings” by Jose Adan Ortiz:
Check out this list of cloud pentesting resources from reconshell:
Check out Awesome Cloud Pentest by Joas Antonio https://lnkd.in/eqWe3KGn
See these Cloud Pentest Cheatsheet by Dafthack: https://lnkd.in/eKDGvzgx
Want some practice?
Check out TerraformGoat: https://lnkd.in/eHQagQJF by Selefra
BONUS: See the Google Cloud Platform chapter of my gitbook: https://lnkd.in/edanr38C
Want to learn about Web pentesting? Check out these links
👉 Web Security Academy by PortSwigger: https://lnkd.in/eK7SmN6J
Couple it with Rana Khalil’s videos on Youtube where she explains plenty of labs step by step: https://lnkd.in/eggVnD9C
👉 Wesley Thijs XSSrat’s youtube channel where he has plenty of videos on web vulnerabilities: https://lnkd.in/eKaWezND
👉 The Pentesting Web Checklist on Pentest Book by six2dez
👉 And of course stay close to the standards with OWASP® Foundation Top 10: https://lnkd.in/eNy6kQ3f
🤫Psst! Did you know they have a list of Vulnerable Web Applications to practice on?
Yes! It’s here: https://lnkd.in/eyhmGJAr
Want to get into Bug Bounty? Here is a list of resources
👉 A great introduction on how to get into bug bounty by Wesley Thijs xssrat
👉 A list of bug bounty platforms by Bughacking
👉 A list of bug bounty programs by vpnmentor:
👉 Want to apply to the Synack Red Team Artemis program?
An exclusive community open to security professionals who identify as women, trans and nonbinary people, and others who identify as a gender minority. See this link:
👉 Farah Hawa has a great video about bug bounty resources:
👉 The Bug Hunter Handbook by Gowthams
👉 A repo “AllAboutBugBounty” by daffainfo
👉 𝗦𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗼𝗳 𝗮 𝗽𝗲𝗻𝘁𝗲𝘀𝘁 𝗿𝗲𝗽𝗼𝗿𝘁
🌟My article on how to write a pentest report:
https://lnkd.in/eH92fT8Q
👉 𝗛𝗼𝘄 𝘁𝗼 𝘁𝗮𝗸𝗲 𝗻𝗼𝘁𝗲𝘀
🌟 Cherry Tree
https://lnkd.in/eqTjHYKi
🌟 Joplin
https://joplinapp.org/
🌟 Keepnote
http://keepnote.org/
👉 𝗧𝗶𝗽𝘀 𝗳𝗿𝗼𝗺 𝗘𝘅𝗽𝗲𝗿𝘁𝘀
🌟 Writing Tips for IT Professionals by Lenny Zeltser
https://lnkd.in/eMSiEpeZ
🌟 How to write a Penetration Testing Report by HackerSploit
https://lnkd.in/ekSu5vAp
👉 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗼𝗻
🌟 Blackstone project by micro-joan
https://lnkd.in/eBSy58Ur
🌟 Pentext by Radically Open Security
https://lnkd.in/eNPhHHdx
👉 𝗘𝘅𝗮𝗺𝗽𝗹𝗲𝘀 𝗼𝗳 𝗿𝗲𝗽𝗼𝗿𝘁𝘀
🌟 A list of public pentest reports by juliocesarfort
https://lnkd.in/ebeJwVXQ
🌟 A list of bug bounty writeup on Pentester Land
There are many different tools for each phase of a pentest. But how to choose?
These resources can help you:
👉 See Rajneesh Gupta’s post about some of the Practical web Pentesting tools. He even share them according to the pentest steps:
https://lnkd.in/ei7R8gsx
🚨 Follow Rajneesh he offers amazing content 🚨
👉 You know the Nmap project? Well they have a list of the top 125 Network Security Tools:
https://sectools.org/
👉 You want Open Source?
✴️Julien Maury shared a Top 10 on eSecurity Planet:
https://lnkd.in/ezNgTvfF
✴️And SANS has a list of tools including plenty of pentest tools: https://lnkd.in/eHmusQYg
👉 Finally arch3rPro has an amazing amount of tools listed on github:
👉 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗚𝗥𝗖?
🌟 Introduction to GRC on Cyber Judo
🌟 What is GRC in Cybersecurity by 👉🏼 Gerald Auger, Ph.D.
👉 𝗟𝗲𝗮𝗿𝗻 𝗚𝗥𝗖
🌟 Course: GRC Analyst class by Gerald Auger on Simply Cyber
🌟 Course: The GRC approach to Managing Cybersecurity by Herbert J. Mattord on Coursera
🌟 Resources: Free resources that will help you break into GRC by Aron Lange
🌟 Resources: Awesome Security GRC by Arudjreis
👉 𝗦𝘁𝗮𝘆 𝗶𝗻𝗳𝗼𝗿𝗺𝗲𝗱
🌟 Newsletter: Security Decrypted by Aron Lange
👉 𝗪𝗢𝗥𝗞 𝗢𝗡 𝗧𝗛𝗘 𝗙𝗨𝗡𝗗𝗔𝗠𝗘𝗡𝗧𝗔𝗟𝗦
🌟 Architecture 1001: x86-64 Assembly on OpenSecurityTraining2 by Xeno Kovah
🌟 Learn C
🌟 Malware Analysis Fundamentals by MalwareAficionado
👉 𝗠𝗔𝗟𝗪𝗔𝗥𝗘 𝗔𝗡𝗔𝗟𝗬𝗦𝗜𝗦 𝟭𝟬𝟭&𝟮𝟬𝟭
🌟 How can you start learning Malware Analysis by Lenny Zeltser
🌟 Malware Analysis and Reverse Engineering Study Plan for Beginners by Alex Perotti
🌟 Malware Noob2Ninja Course by Neil Fox
🌟 Malware Analysis in 5+ Hours - Full Course - Learn Practical Malware Analysis by HuskyHacks
🌟 Malware Analysis Bootcamp by HackerSploit
👉 𝗧𝗢𝗢𝗟𝗦
🌟 5 steps to building a malware analysis toolkit using free tools by Lenny Zeltser
🌟 Malware Analysis Home-Lab v1.0 by Rajneesh Gupta
👉 𝗣𝗥𝗔𝗖𝗧𝗜𝗖𝗘
🌟 Malware Traffic Analysis by the community
🌟 Reverse Engineering for Beginners by Ophir Harpaz
🌟 BlueYard - BlueTeam Challenges
👉 𝗥𝗘𝗦𝗢𝗨𝗥𝗖𝗘𝗦
🌟 Awesome Malware and Reverse Engineering by Joas A Santos
🌟 Awesome Malware Analysis by rshipp
🌟 Cheat Sheet for Analyzing malicious software by Lenny Zeltser
🌟 Analyzing Malicious Documents Cheat Sheet by Lenny Zeltser
👉 𝗕𝗢𝗡𝗨𝗦: 𝗠𝗔𝗟𝗪𝗔𝗥𝗘 𝗗𝗘𝗩𝗘𝗟𝗢𝗣𝗠𝗘𝗡𝗧
🌟 Awesome Malware Development by rootkit-io
🌟 Malware Development par 1 of 9 by 0xPat