Huge List of Pentesting links.. Nice, makes me want to create a huge links database now

Blogs Worth It:

What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.


Created for forums that will help in both tool usage, syntax, attack techniques, and collection of scripts and tools. Needs some help. I don’t really frequent too many underground forums but i actually find nice one-off scripts and info i can roll into my own code in these places. Would like to add more.






People and Organizational:


Exploits and Advisories:

Cheatsheets and Syntax:

Agile Hacking:

OS and Scripts:




ISOs and VMs:



Vulnerable Software:



Test Sites:



Exploitation Intro:

If you’d like to get into exploit dev, these are really the guides and docs that will start you off in the right direction. Since Exploit dev is not my primary occupation this section could always use help.

Reverse Engineering & Malware:

Passwords and Hashes:


Pass the Hash:





Google Hacking:


Attack Strings:





Social Engineering:



MSF Exploits or Easy:


Net Scanners and Scripts:

Post Exploitation:


Source Inspection:

Firefox Addons:

Tool Listings:







Other Misc:

Web Vectors


Upload Tricks:







VMWare Web:

Oracle App Servers:



Capture the Flag/Wargames:



Comment by okoe…, Jun 17, 2011

The link “” was a temporary arranged facility to distribute the live streams during the last CCC.

The link “” is permanent and has more gems.

Comment by juanccor…, Jul 8, 2011

Did a search for this but it wasnt in the list. Got this from my twitter feed via: @mubix & @emiliengirault :

Comment by samthedo…, Jul 18, 2011 --

Comment by bayba…, Jul 26, 2011 - a collection or file of documents containing information about a particular person or topic.

Comment by…, Aug 1, 2011

happy to help out with the collection as a contributor.

Comment by rssat…, Aug 2, 2011

Comment by thehacke…, Aug 16, 2011

Best Hacking News site : Truth is the Most Powerful weapon against Injustice

Comment by anago…, Aug 22, 2011

Comment by michaels…, Aug 24, 2011

I’d be more than willing to help sort links, etc for the project. Please let me know how I can help.

Comment by DHANANJA…, Sep 13, 2011 Computer hacks

Comment by swierckx…, Oct 11, 2011 -> contains a series of 4 articles on how to set up a software hacking lab with virtual machines, also contains articles on tools and how to use them (sometimes in unexpected ways) -> in the resources section there are a number of open source tools that can be used in for example the information gathering phase …

Comment by getabhij…, Oct 16, 2011

Magazines: ClubHack? Magazine -

Comment by rvdj…, Nov 8, 2011 –> I found this website. It is a dutch hacking blog with al lot of hacking stuff!!

Comment by jage…, Nov 26, 2011

I also like the Post-Exploitation cheat sheets:

Comment by hugocarn…, Nov 30, 2011

If you think it’s enought relevent… – XSS CheatSheet? -

Comment by psii…, Dec 30, 2011

Comment by rustymemory, Jan 3, 2012

Add my Website

One Stop Security Site:

Comment by potentia…, Feb 28, 2012,20207,c2l0ZTphcmNoaXZlbmljLmNvbV8xNzguMTc3LjE2Ni4xOTA%3D,00.html?skystart=0&skyadpage=1×4?

Comment by bayba…, Feb 28, 2012

Hello, you can add Web Application Security Check List.

url ->

Comment by Rmusser2…, Mar 5, 2012

I organized all of the current bookmarks(Feb.6) and added them into a free application I created. It’s an android app that is meant to be a reference guide. The link is

Comment by optinsoft, Mar 25, 2012

Proxy checking software:

Comment by pogonyu…, Mar 27, 2012

My Website:

Comment by WP2525…, Apr 11, 2012


Comment by go2d…, Jun 8, 2012

SSH, Nmap, Nessus, Tor, BitTorrent?, and more:

Doug Vitale Tech Blog

Comment by ag4ve…, Jun 20, 2012

since this is such a nice comprehensive list, i figured i’d contribute. some of these are probably dupes, but i searched a few and you didn’t have them, so…

if you make this a git repo (mabe mediawiki on github or something) i’ll look to dedupe and make a push. to make possible sharing easier for anyone else: <code>perl -Mojo -E ‘for my $a (x(join ” “, <>)->find(“a”)->each) { say ” * ” . $a->text . “: ” . $a->{href} }’ sec-bookmarks.html</code>

Comment by ag4ve…, Jun 21, 2012

oh, and malwr and cuckoobox

Comment by CiphersSon, Jun 21, 2012

I was going to atempt to make a list of android apk’s that were security related. However this seem like a better format than my craptastic blog. (work in progress.)

Comment by tjose.g…, Jul 2, 2012

Comprehensive list. I would suggest to add 3 sites to the list.

Comment by saimakhanb, Jul 14, 2012

Totally agree with your suggestion… Very nice post and good information here… Thanks for posting that….

Comment by panagiot…, Jul 23, 2012

I would suggest the following to be included:

Comment by pakistan…, Aug 12, 2012

also include the following….

Comment by ad…, Aug 18, 2012

I would suggest to add

Comment by Nassim0…, Oct 15, 2012

Thanks for reverse enggg there’s too

Comment by urazamo…, Nov 18, 2012

CyberPunk? @

Comment by INFOTIV…, Dec 20, 2012

Comment by ecasbas, Jan 17, 2013

Web fingerprinting:

Comment by maskedma…, Jan 19, 2013

Please check out my forum for the list at

Comment by goldet…, Feb 8, 2013

just a hint: add svn checkout ability – bring sync to that list! I’d like to just type: svn update to get latest version, will wait for that =))) Thanks.

Comment by maskedma…, Feb 9, 2013

my ethical hacking and security forum can be found at I have also just started making tutorials on how to use the various tools in Backtrack 5 r3

Comment by nomii…, Feb 19, 2013

if you want to get in touch with Hacking News, Defacements, Anonymous Hackers and Security news.Go:

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>