Recursos y URls (WIP)
Fundamentos
https://github.com/gvm92/Ejercicios-comandos-linux?authuser=0 https://cmdchallenge.com/?authuser=0 https://bellard.org/jslinux/?authuser=0
Python
https://www.freecodecamp.org/espanol/news/aprende-python-cursos-de-python-gratis-para-principiantes/?authuser=0#manual-python https://aprendeconalf.es/docencia/python/ejercicios/bucles/?authuser=0 https://code.visualstudio.com/docs/setup/linux https://docs.python.org/3/contents.html https://www.online-python.com/ /
Redes
https://www.calculadora-redes.com/?authuser=0 https://aprendaredes.com/cgi-bin/ipcalc/ipcalc_cgi1?host=192.168.1.15&mask1=17&mask2= https://macvendors.com/?authuser=0 https://wiki.wireshark.org/SampleCaptures?authuser=0
Criptografia
https://hashes.com/en/decrypt/hash https://www.dcode.fr/tools-list#cryptography https://github.com/danielmiessler/SecLists https://onlinetools.com/ascii#tools https://cryptii.com/ https://crt.sh/ https://github.com/s0md3v/Decodify https://www.genbeta.com/desarrollo/tipos-de-criptografia-simetrica-asimetrica-e-hibrida?authuser=2 https://www.base64encode.org/?authuser=2 https://linuxconfig.org/using-openssl-to-encrypt-messages-and-files-on-linux?authuser=2 https://gist.github.com/Soarez/9688998?authuser=2 https://thecybersecurityman.com/2017/11/22/how-does-https-work/?authuser=2 https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/?authuser=2 https://onlinetools.com/ascii?authuser=2 https://www.urldecoder.org/es/?authuser=2 https://es.planetcalc.com/1434/?authuser=2 https://www.prepostseo.com/tool/es/hex-to-decimal?authuser=2 https://magictool.ai/tool/text-to-hex-converter/es/?authuser=2 https://gchq.github.io/CyberChef/ Pentest https://attack.mitre.org/?authuser=0 https://nvd.nist.gov/?authuser=0 https://cve.mitre.org/?authuser=0 https://www.first.org/cvss/?authuser=0 https://www.exploit-db.com/?authuser=0 https://pentestreports.com/templates https://underdefense.com/blog/penetration-testing-report-free-template-and-guide/ https://github.com/just-frame/Pen-Test-Report-Template-Markdown https://www.reddit.com/r/oscp/comments/n2m66y/offensive_security_exam_report_template_in/ https://www.hackthebox.com/blog/penetration-testing-reports-template-and-guide https://github.com/the-root-user/PenTest-Report-Samples https://www.reddit.com/r/hacking/comments/zgvsj7/writing_a_report_with_pwndoc/ https://www.zaproxy.org/ https://github.com/GhostManager/Ghostwriter https://dradis.com/ https://faradaysec.com/penetration-testing-reporting/ https://github.com/SerpicoProject/Serpico https://defectdojo.com/ https://support.attackforge.com/attackforge-enterprise/getting-started/reporting
OSINT y Reconocimiento
https://keepcoding.io/blog/analisis-pasivo-de-objetivos-en-ciberseguridad/?authuser=0 https://derechodelared.com/osint/?authuser=0 https://www.lisainstitute.com/blogs/blog/osint-inteligencia-fuentes-abiertas?authuser=0 https://www.a2secure.com/blog/diferencias-entre-surface-web-deep-web-y-dark-web/?authuser=0 https://whois.domaintools.com/?authuser=0 https://github.com/aboul3la/Sublist3r?authuser=0 https://esgeeks.com/sublist3r-herramienta-enumeracion-subdominios/ https://www.robtex.com/?authuser=0 https://www.nslookup.io/ https://domsignal.com/dns-lookup https://dnsdumpster.com/?authuser=0 https://web-check.xyz/ https://github.com/Lissy93/web-check https://mxtoolbox.com/ https://www.dnswatch.info/ https://www.welivesecurity.com/la-es/2015/06/17/trata-ataque-transferencia-zona-dns/ https://web.archive.org/?authuser=0 https://www.wappalyzer.com/ https://builtwith.com/ https://librebor.me/en/ https://www.boe.es/ https://www.recordedfuture.com/threat-intelligence-101/threat-analysis-techniques/google-dorks https://www.exploit-db.com/google-hacking-database?authuser=0 https://gist.github.com/sundowndev/283efaddbcf896ab405488330d1bbc06 https://yandex.com/images/?authuser=0 https://www.shodan.io/?authuser=0https://github.com/jakejarvis/awesome-shodan-queries?authuser=0 https://censys.com/ https://www.ssllabs.com/ https://sitereport.netcraft.com/ https://securityheaders.com/ https://owasp.org/www-project-amass/ https://ciberpatrulla.com/maltego/ https://www.maltego.com/categories/getting-started-with-maltego/ https://pentest-tools.com/?authuser=0 https://github.com/laramies/theHarvester?authuser=0 https://null-byte.wonderhowto.com/how-to/scrape-target-email-addresses-with-theharvester-0176307/ https://haveibeenpwned.com/ https://pastebin.com/ https://odint.net/sock-puppets-osint/?authuser=0 https://es.fakenamegenerator.com/?authuser=0 https://temp-mail.org/es/?authuser=0 https://testingdatagenerator.com/ https://generadordni.es/#home https://www.xataka.com/basics/red-tor-que-como-funciona-como-se-usa?authuser=0 https://www.genbeta.com/seguridad/como-funciona-la-red-tor?authuser=0 https://www.torproject.org/es/download/?authuser=0 https://nordvpn.com/es/blog/vpn-proxy-diferencias/?authuser=0 https://www.xataka.com/basics/que-es-un-proxy-y-como-puedes-utilizarlo-para-navegar-de-forma-mas-anonima?authuser=0 https://es.wikipedia.org/wiki/Proxychains-ng?authuser=0 https://www.redeszone.net/tutoriales/seguridad/proxychains-tor-linux-ocultar-identidad-internet/ https://www.unfantasmaenelsistema.com/2020/06/proxychains-encadenando-proxys/ https://lacriptadelhacker.wordpress.com/2022/07/15/proxys-vpns-y-tor-que-debes-saber-para-ser-realmente-anonimo/ https://www.kali.org/tools/metagoofil/ https://exiftool.org/ https://github.com/ElevenPaths/FOCA https://www.xataka.com/basics/api-que-sirve https://intelx.io/tools?tab=facebook https://www.heavy.ai/demos/tweetmap https://instaloader.github.io/ https://github.com/GONZOsint/gitrecon https://github.com/un1k0n/GitStalk https://www.tecnogados.com/2019/07/30/scrapinglinkedin/ https://github.com/m8sec/CrossLinked https://github.com/mxrch/GHunt https://epieos.com/ https://systemweakness.com/google-mail-hacking-ghunt-v2-gmail-osint-6c76ce78ad35 https://github.com/megadose/holehe https://github.com/sherlock-project/sherlock
Scanners de redes e infraestructura
https://www.redeszone.net/tutoriales/configuracion-puertos/puertos-tcp-udp/ https://ciberseguridadbidaidea.com/fases-del-pentesting/ https://norfipc.com/redes/usar-comando-ping.html https://www.eduardocollado.com/2020/03/13/flags-de-tcp/ https://nmap.org/ https://www.kali.org/tools/nmap/ https://github.com/CodeMaxx/Awesome-Terminal-Commands/blob/master/nmap.md https://nmap.org/book/man-nse.html https://www.vulnhub.com/entry/damn-vulnerable-linux-dvl-15-infectious-disease,1/ https://sourceforge.net/projects/metasploitable/files/Metasploitable2/ https://ostec.blog/es/aprendizaje-descubrimiento/que-es-el-analisis-de-vulnerabilidades/ https://nvd.nist.gov/ https://github.com/scipag/vulscan https://github.com/vulnersCom/nmap-vulners Vulnerability search
https://ciberseguridad.com/servicios/analisis-vulnerabilidades/?authuser=0#%C2%BFQue_son_las_vulnerabilidades https://ostec.blog/es/aprendizaje-descubrimiento/que-es-el-analisis-de-vulnerabilidades/ https://www.manageengine.com/latam/vulnerability-management/analisis-de-vulnerabilidades.html https://www.redeszone.net/tutoriales/seguridad/mejores-escaner-vulnerabilidades-gratis-hacker/ https://openvas.org/ https://www.kali.org/blog/openvas-vulnerability-scanning/ https://www.tenable.com/ https://www.blackmantisecurity.com/vulnerability-scanning-con-nessus-y-nmap/
Man In The Middle
https://ayudaleyprotecciondatos.es/2021/07/15/ataque-man-in-the-middle/#Que_es_un_ataque_man_in_the_middle
https://www.redeszone.net/tutoriales/seguridad/tipos-ataques-man-in-the-middle/
https://www.welivesecurity.com/la-es/2021/12/28/que-es-ataque-man-in-the-middle-como-funciona/
https://es.bebee.com/producer/ataque-de-arp-spoofing-que-es-y-como-podemos-defendernos
https://github.com/europa502/shARP
https://arpon.sourceforge.io/
https://www.h3c.com/en/d_202001/1262581_294551_0.htm
https://www.linkedin.com/pulse/ccna-dynamic-arp-inspection-mark-pinchen/
https://www.redeszone.net/tutoriales/redes-cable/ataques-arp-spoofing-evitar/
https://www.ionos.es/digitalguide/servidores/know-how/en-que-consiste-el-neighbor-discovery-protocol/#:~:text=El%20Neighbor%20Discovery%20Protocol%20(%E2%80%9Cprotocolo,hardware%20propias%20de%20cada%20dispositivo.
https://www.xataka.com/ordenadores/como-proteger-tu-wifi-por-completo
https://www.ettercap-project.org/
https://www.wireshark.org/
https://medium.com/hacker-toolbelt/wireshark-filters-cheat-sheet-eacdc438969c
Web Attacks
https://mail.google.com/mail/u/0/#inbox http://16.171.200.168:3000/s/general/p/the-bridge-uF0KQ2RTkW https://campusvirtual.thebridge.tech/mod/page/view.php?id=27203 https://concepto.de/http/ https://developer.mozilla.org/es/docs/Web/HTTP/Guides/Messages https://developer.mozilla.org/es/docs/Web/HTTP/Reference/Methods https://gavilanch.wordpress.com/2019/01/03/anatomia-de-una-peticion-http/#::text=Resumen,de%20estatus%2C%20cabecera%20y%20cuerpo https://www.ionos.es/digitalguide/paginas-web/desarrollo-web/que-es-una-web-app-y-que-clases-hay/ https://www.irekisoft.net/servicios/paginas-web-dinamicas-y-estaticas/#::text=En%20las%20p%C3%A1ginas%20web%20est%C3%A1ticas,es%20f%C3%A1cilmente%20y%20frecuentemente%20modificado https://geekflare.com/es/lamp-lemp-mean-xampp-stack-intro/ https://support.google.com/campaignmanager/answer/2828688?hl=es#:~:text=Acceder%20a%20herramientas%20de%20desarrollo,alt%2Bcomando%2Bi%22 https://developer.mozilla.org/es/docs/Learn_web_development/Howto/Tools_and_setup/What_are_browser_developer_tools https://www.websiterating.com/es/blog/online-security/most-common-website-attacks-how-to-defend-against-them/ https://github.com/payloadbox https://www.kali.org/tools/dirbuster/ https://www.kali.org/tools/dirb/ https://www.kali.org/tools/nikto/ https://www.zaproxy.org/ https://www.kali.org/tools/burpsuite/ https://fwhibbit.es/burp-suite-i-la-navaja-suiza-del-pentester https://jaimelightfoot.com/blog/burp-suite-for-beginners-setup-and-target-proxy-tools/ https://jaimelightfoot.com/blog/burp-suite-for-beginners-part-2-spider-intruder-and-repeater/ https://backtrackacademy.com/articulo/burp-suite-potente-herramienta-para-pentesting-web https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html https://www.redeszone.net/tutoriales/seguridad/diferencias-autenticacion-autorizacion/ https://blog.risingstack.com/web-authentication-methods-explained/ https://a3sec.com/blog/autenticaci%C3%B3n-de-acceso-b%C3%A1sica-http https://diego.com.es/autenticacion-http https://www.developerro.com/2019/03/12/jwt-api-authentication/ https://www.tarlogic.com/es/glosario-ciberseguridad/ataque-de-fuerza-bruta/?authuser=0 https://www.kaspersky.es/resource-center/definitions/brute-force-attack https://www.passwortcheck.ch/en/ https://github.com/kaonashi-passwords/Kaonashi https://sniferl4bs.com/2020/02/adios-rockyou.txt-bienvenido-kaonashi.txt/ https://www.hackingarticles.in/5-ways-create-dictionary-bruteforcing/ https://portswigger.net/burp/documentation/desktop/tools/intruder https://securityonline.info/ https://www.kali.org/tools/hydra/ https://www.blackploit.com/2010/10/thc-hydra-tutorial-explicacion-modo-de.html https://www.redeszone.net/tutoriales/seguridad/hydra-programa-romper-contrasenas/ https://blog.hackmetrix.com/command-injection/ https://cristianthous.com/metodos-de-ataque-command-injection https://owasp.org/www-community/attacks/Command_Injection https://portswigger.net/web-security/os-command-injection https://www.redeszone.net/2015/07/20/commix-una-completa-herramienta-para-auditar-y-explotar-paginas-web/ https://github.com/commixproject/commix https://www.kali.org/tools/commix/ https://www.hackingarticles.in/commix-command-injection-exploiter-beginners-guide/ https://github.com/alphaSeclab/awesome-webshell/blob/master/Readme_en.md https://github.com/TheBinitGhimire/Web-Shells https://github.com/tennc/webshell/tree/master/php/PHPshell/c99 https://github.com/payloadbox/command-injection-payload-list https://kinsta.com/es/blog/ataque-csrf/ https://disenowebakus.net/creando-bases-de-datos.php https://disenowebakus.net/tipos-de-datos-mysql.php https://nachocabanes.com/sql/curso/index.php https://byte-mind.net/sql-injection-tipos-ejemplos-y-contramedidas/ https://portswigger.net/web-security/sql-injection/cheat-sheet https://portswigger.net/support/using-burp-to-exploit-sql-injection-vulnerabilities-the-union-operator https://pressroom.hostalia.com/white-papers/ataques-inyeccion-sql/ https://github.com/payloadbox/sql-injection-payload-list https://diego.com.es/ataques-xss-cross-site-scripting-en-php https://www.welivesecurity.com/la-es/2021/09/28/que-es-ataque-xss-cross-site-scripting/ https://developer.mozilla.org/es/docs/Web/HTML/Reference/Elements/a https://www.h1rd.com/hacking/Ataques-xss https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XSS%20Injection#xss-in-htmlapplications https://github.com/payloadbox/xss-payload-list https://portswigger.net/web-security/cross-site-scripting/cheat-sheet https://xss-game.appspot.com/ https://null-byte.wonderhowto.com/how-to/discover-xss-security-flaws-by-fuzzing-with-burp-suite-wfuzz-xsstrike-0189971/ https://github.com/s0md3v/XSStrike https://github.com/capture0x/XSS-LOADER https://beefproject.com/ https://github.com/beefproject/beef https://www.stationx.net/beef-hacking-tool/ https://drive.google.com/file/d/1UBRaLoU9_Yc6s1cw-RqzlKiuvp2uIox9/view https://drive.google.com/file/d/1GMFGFVto7sSmBQRwZTXfQEsAg3IEFKA1/view https://drive.google.com/file/d/1-X-mMzCyvctrBIYOVVezotQEsfZAhn7Y/view https://drive.google.com/file/d/1nNW8Nr7uAZG3Rfwl-NNhRgZFTNxc_5Q9/view https://drive.google.com/file/d/13vIgmtcfdPl2wOUYjzt15QCHj96lkhS8/view https://drive.google.com/file/d/1EVAx8joCgW5n3lMQ2EDocCRposzMG-xD/view https://drive.google.com/file/d/1YUpD0SHyP_0QtRX3b9Eb916D2XmXqNzE/view https://drive.google.com/file/d/1L88DJlIGh8kkiWjYuQtqZMu6bge2KXfQ/view https://drive.google.com/file/d/1JCZngOf_bVGzRy4ZvYsmlD3Jxa5FW_j8/view https://superuser.com/questions/117754/how-can-one-copy-urls-from-all-open-tabs-in-a-google-chrome-or-other-browser-w
Last updated