Learn to hack

From Enlace Hacktivista
Revision as of 12:50, 15 January 2023 by Booda (talk | contribs)
Jump to navigation Jump to search

This page aims to compile high quality resources for hackers. All books listed on this page can be found on Library Genesis and Z-Library

General Resources

Resources that assume little to no background knowledge:

Resources that assume minimal tech background:

Resources that assume a tech or hacking background:

Practice labs:

General references:

Active Directory

Tools

Office 365 & Azure

Tools

GSuite

https://www.slideshare.net/dafthack/ok-google-how-do-i-red-team-gsuite

C2 Frameworks

Antivirus & EDR Evasion

VMware

RocketChat

Microsoft Exchange

ProxyLogon is dead. It's mitigated by Defender. ProxyShell is not. AMSI catches unmodified public exploits.

Initial Access

Phishing

Password spraying

Buying Access

CVE POCs

Scanning and Recon

Search Engines

Web Crawlers

Wordlists

OSINT

Open-source intelligence Tools/Resources

API Hacking

Intercepting Proxies

These let you view, edit, and replay requests, and are extremely useful for finding vulnerabilities in web applications.

Opsec

Any illegal activity should be done from an encrypted and separate computer or virtual machine, with all traffic over Tor.

Secure Messaging

Best practice for secure messaging includes using connections over Tor and end-to-end encryption for messages.

Recommended Applications

For Jabber/XMPP, make sure to enable OTR or OMEMO encryption. For email use PGP for encryption. For file sharing use onionshare.

   Tails comes with onionshare for file sharing, pidgin with OTR for encrypted chat, and thunderbird with GPG for encrypted email
   Probably the most mature jabber client with a focus on security and privacy is CoyIM
   https://cwtch.im/
   https://www.thunderbird.net/ A email client with built-in support for PGP encryption
   https://onionshare.org/

For a more detailed comparison of secure messaging software, see the whonix wiki.