Essential Resources for Red Team in Cyber Security

By /

Contents

Roadmap

  1. https://roadmap.sh/cyber-security
  2. Roadmap for Beginners : Cyber_Security_Roadmap_(Beginners)_ethicalhackx.pdf

CTF / Skills practice platforms:

  1. Picoctf: https://picoctf.org/
  2. Tryhackme: https://tryhackme.com/
  3. Hackthebox : https://www.hackthebox.com/
  4. Root-me: https://www.root-me.org/
  5. pwned labs: https://pwnedlabs.io/
  6. Ctftime: https://ctftime.org/
  7. portswigger: https://portswigger.net/web-security
  8. ctflearn : https://ctflearn.com/
  9. hackthissite : https://www.hackthissite.org/
  10. google-gruyere : https://google-gruyere.appspot.com/
  11. Damn Vulnerable iOS App – https://github.com/prateek147/DVIA
  12. Defend the Web : https://defendtheweb.net/
  13. OverTheWire: https://overthewire.org/wargames/
  14. hacksplaining : https://www.hacksplaining.com/
  15. hackinghub: https://app.hackinghub.io/
  16. Embedded Security CTF: https://microcorruption.com/
  17. xss practice : https://xss-game.appspot.com/level1
  18. . CyberWolf-Security: https://leonteale.gitbook.io/cyberwolf-security\
  19. HTB Academy: https://academy.hackthebox.com/
  20. Hackmyvm: https://hackmyvm.eu/
  21. Vulnlab: https://www.vulnlab.com/
  22. Thunder CTF : https://labs.thundercipher.tech
  23. Bug Bounty Hunter: https://www.bugbountyhunter.com/
  24. Pwnable: https://pwnable.kr/#
  25. Crackme: https://crackmes.one/
  26. Offset play : https://portal.offsec.com/labs/play
  27. Offsec Practice : https://portal.offsec.com/labs/practice
  28. pentesterlab : https://pentesterlab.com/
  29. sourcecodester : https://www.sourcecodester.com/

Source Code Review

  1. securecode : https://securecode.wiki/
  2. sourcecodester : https://www.sourcecodester.com/

Cloud

  1. https://hackingthe.cloud/

Bug Hunting platforms

  1. Bugcrowd
  2. HackerOne
  3. yeswehack
  4. Intigriti
  5. HackenProof
  6. openbounty

Invitation based

  1. Synack : https://boards.greenhouse.io/synacksrt/jobs/150860
  2. Yogosha : https://app.yogosha.com/signup/researcher
  3. Cobalt: https://boards.greenhouse.io/cobaltio/jobs/5688200002

API testing

  1. https://www.freecodecamp.org/news/what-is-an-api-and-how-to-test-it/
  2. https://cheatography.com/tag/api

General useful links

  1. bb radar: https://bbradar.io/
  2. Zero-day: https://0day.today/
  3. https://vulnrepo.com/
  4. https://reconshell.com/bug-bounty-tools/

Writeup or cheat sheet

  1. https://infosecwriteups.com/
  2. https://pentester.land/writeups/
  3. https://rashahacks.com/
  4. https://d00mfist1.gitbooks.io/ctf/content
  5. https://swisskyrepo.github.io/
  6. https://appsecexplained.gitbook.io/appsecexplained
  7. https://ed4m4s.blog
  8. https://cheatsheetseries.owasp.org/
  9. https://www.ired.team/

Tools

  1. Burpsuite
  2. Caido
  3. owasp zap
  4. nessus
  5. Metasploit
  6. openVAS
  7. Wireshark
  8. w3af
  9. Hashcat
  10. John the ripper
  11. Postman
  12. Netsparker
  13. Nikto

Recon Tools

  1. subfinder : https://github.com/projectdiscovery/subfinder
  2. Sublist3r : https://github.com/aboul3la/Sublist3r
  3. Assetfinder : https://github.com/tomnomnom/assetfinder
  4. Censys: https://search.censys.io/
  5. Shodan: https://www.shodan.io/
  6. Keyhacks: https://github.com/streaak/keyhacks
  7. Pdtm : https://github.com/projectdiscovery/pdtm
  8. nuclei : https://github.com/projectdiscovery/nuclei
  9. notify : https://github.com/projectdiscovery/notify
  10. waybackurls: https://github.com/tomnomnom/waybackurls
  11. Httpx: https://github.com/projectdiscovery/httpx
  12. Amass : https://github.com/owasp-amass/amass
  13. Paramspider : https://github.com/devanshbatham/ParamSpider
  14. way more: https://github.com/xnl-h4ck3r/waymore
  15. Ffuf : https://github.com/ffuf/ffuf
  16. Jsecret : https://github.com/raoufmaklouf/jsecret
  17. Jsfscan : https://github.com/KathanP19/JSFScan.sh
  18. JS-Scan : https://github.com/zseano/JS-Scan
  19. Fofa : https://en.fofa.info/
  20. Knock : https://github.com/guelfoweb/knock
  21. Wayback archive web version : https://web.archive.org/cdx/search/cdx?url=.domain.com/&output=text&fl=original&collapse=urlkey
  22. Pentest-tools: https://pentest-tools.com/
  23. Gowitness: https://github.com/sensepost/gowitness
  24. ZoomEye: https://github.com/knownsec/ZoomEye-python
  25. EyeWitness : https://github.com/RedSiege/EyeWitness
  26. Aquatone : https://github.com/michenriksen/aquatone
  27. Crlfi: https://github.com/karthi-the-hacker/crlfi
  28. XSStrike : https://github.com/s0md3v/XSStrike
  29. Subdominator: https://github.com/RevoltSecurities/Subdominator
  30. Dnsdumpster: https://dnsdumpster.com/
  31. Feroxbuster : https://github.com/epi052/feroxbuster
  32. Rustscan : https://github.com/RustScan/RustScan
  33. Gau : https://github.com/lc/gau
  34. OpenRedireX : https://github.com/devanshbatham/OpenRedireX
  35. Nmap : https://nmap.org/download.html
  36. Dirsearch : https://github.com/maurosoria/dirsearch
  37. Gobuster : https://github.com/OJ/gobuster
  38. Reconftw : https://github.com/six2dez/reconftw
  39. Altdns : https://github.com/infosec-au/altdns
  40. Rustscan : https://github.com/RustScan/RustScan
  41. Gospider : https://github.com/jaeles-project/gospider
  42. Naabu : https://github.com/projectdiscovery/naabu
  43. Assetfinder : https://github.com/tomnomnom/assetfinder
  44. Gotator : https://github.com/Josue87/gotator
  45. Masscan : https://github.com/robertdavidgraham/masscan
  46. Infoga : https://github.com/The404Hacking/Infoga
  47. JSFScan : https://github.com/KathanP19/JSFScan.sh
  48. Slackcat : https://github.com/dwisiswant0/slackcat
  49. GitGraber : https://github.com/hisxo/gitGraber
  50. Red Hawk : https://github.com/Tuhinshubhra/RED_HAWK
  51. Anew : https://github.com/tomnomnom/anew
  52. sql map : https://github.com/sqlmapproject/sqlmap
  53. jsql-injection : https://github.com/ron190/jsql-injection
  54. bbqsql : https://github.com/CiscoCXSecurity/bbqsql
  55. Dsss : https://github.com/stamparm/DSSS
  56. whitewindow : https://github.com/WhitewidowScanner/whitewidow
  57. 403bypasser : https://github.com/yunemse48/403bypasser
  58. WhatWeb : https://github.com/urbanadventurer/WhatWeb
  59. dalfox : https://github.com/hahwul/dalfox
  60. XSStrike : https://github.com/s0md3v/XSStrike
  61. xss_vibes : https://github.com/faiyazahmad07/xss_vibes
  62. jsecrets : https://github.com/pixielabs/jsecrets
  63. cloud enum : https://github.com/initstring/cloud_enum
  64. Hunter: https://hunter.how/
  65. Blindf: https://dorkking.blindf.com/
  66. Bgp: https://bgp.he.net/
  67. Nuclei Templates: https://nuclei-templates.netlify.app/
  68. SecretFinder : https://github.com/m4ll0k/SecretFinder

Post exploitation

  1. Linux exploit suggested: https://github.com/The-Z-Labs/linux-exploit-suggester
  2. linpeas : https://github.com/peass-ng/PEASS-ng/tree/master/linPEAS
  3. LinEnum : https://github.com/rebootuser/LinEnum

Note-taking apps

  1. Obsidian
  2. Notion
  3. Cherry Tree
  4. One Note
  5. gitbook
  6. evernote
  7. joplin

Test bugs in bug hunting or penetration testing

List of bugs
  1. 2FA bypass
  2. Authentication bypass
  3. Array Index Underflow (CWE-129)
  4. Autocomplete Enabled on Sensitive Form Fields
  5. API Security Vulnerabilities
  6. Account Takeover
  7. Broken Authentication and Session Management
  8. Buffer Over-read (CWE-126)
  9. Buffer Overflow
  10. Buffer Underflow (CWE-124)
  11. Buffer Under-read (CWE-127)
  12. Buffer Overflow Heap-based
  13. Business Logic Errors (CWE-840) or Logic Flaws
  14. Brute Force Attacks
  15. Classic Buffer Overflow (CWE-120) or Buffer Copy without Checking Size of Input
  16. Cleartext Storage of Sensitive Information (CWE-312)
  17. Cleartext Transmission of Sensitive Information (CWE-319)
  18. Content Spoofing
  19. Cookie Injection
  20. clickjacking
  21. Credential/Session Prediction
  22. Client-Side Enforcement of Server-Side Security (CWE-602)
  23. Code Injection (CWE-94)
  24. Command Injection – Generic (CWE-77) or Command Injection
  25. CRLF Injection (CWE-93)
  26. Cross-origin resource sharing (CORS)
  27. [x] Cross-Site Request Forgery (CSRF) (CWE-352)
  28. Cross-site Scripting – Basic (CWE – 80)
  29. Cross-site Scripting (XSS) – DOM (CWE-79)
  30. Cross-site Scripting (XSS) – Generic (CWE-79)
  31. Cross-site Scripting (XSS) – Reflected (CWE-79)
  32. Cross-site Scripting (XSS) – Stored (CWE-79)
  33. Cryptographic Issues – Generic (CWE-310) or Cryptographic Failures
  34. Credential Stuffing
  35. Content Security Policy (CSP) Bypass
  36. Cache Control Misconfigurations
  37. Download of Code Without Integrity Check – CWE-494
  38. Denial of Service (CWE-400) or Uncontrolled Resource Consumption
  39. Default Credentials:
  40. Dependency Confusion
  41. Deserialization of Untrusted Data (CWE-502)
  42. Directory traversal
  43. Double Free (CWE-415)
  44. DNS Hijacking
  45. DOM-based Vulnerabilities
  46. Expression Language Injection
  47. Email Header Injection
  48. External Control of Assumed-Immutable Web Parameter – CWE-472
  49. Execution with Unnecessary Privileges – CWE-250
  50. Exposed Administration Panels
  51. Exposed Debugging Information
  52. Exposed Error Handling Information
  53. File Upload or Unrestricted File Upload
  54. Form/Function Level Access Control
  55. Forced Browsing (CWE-425)
  56. Format String Attacks
  57. Heap Overflow (CWE-122)
  58. HTTP Host header attacks OR Host Header Injection
  59. HTTP Parameter Pollution
  60. HTTP Request Smuggling (CWE-444)
  61. HTTP Response Splitting (CWE-113)
  62. HTML Injection
  63. Hidden Field Manipulation
  64. Improper Access Control
  65. Improper Input Validation – CWE-20
  66. Improper Access Control – Generic (CWE-284)
  67. Improper Authentication
  68. Improper Authentication – Generic (CWE-287)
  69. Improper Authorization (CWE-285)
  70. Improper Certificate Validation (CWE-295)
  71. Improper Following of a Certificate’s Chain of Trust (CWE-296)
  72. Improper Neutralization of HTTP Headers for Scripting Syntax (CWE-644)
  73. Improper Null Termination (CWE-170)
  74. Improper Restriction of Authentication Attempts (CWE-307)
  75. Improper Neutralization of CRLF Sequences in HTTP Headers – (CWE-113)
  76. Improper Handling of Extra Parameters – (CWE – 235)
  77. Insecure HTTP Methods
  78. Insufficient Session Expiration
  79. Insufficient Transport Layer Protection
  80. Inadequate Encryption Strength (CWE-326)
  81. Inadequate Access Controls
  82. Incorrect Calculation of Buffer Size (CWE-131)
  83. Information Disclosure / Sensitive data exposure
  84. Incorrect Session Management
  85. Information Disclosure (CWE-200)
  86. Information Exposure Through an Error Message (CWE-209)
  87. Information Exposure Through Debug Information (CWE-215)
  88. Information Exposure Through Directory Listing (CWE-548)
  89. Insecure deserialization
  90. Insecure Direct Object Reference (IDOR) (CWE-639)
  91. Insecure Storage of Sensitive Information (CWE-922)
  92. Insecure Password Reset Functionality
  93. Insufficient Session Expiration (CWE-613)
  94. Insecure Configuration Management
  95. Insufficiently Protected Credentials (CWE-522)
  96. Integer Overflow (CWE-190)
  97. Integer Underflow (CWE-191)
  98. Information Leakage and Improper Error Handling
  99. Intentional Information Exposure (CWE-213)
  100. Incorrect Permission Assignment for Critical Resource – CWE-732
  101. Insecure Cookies
  102. Insecure CORS Policy
  103. Inadequate Transport Layer Protection
  104. Integer Overflow or Wraparound
  105. JWT Token Manipulation
  106. Key Exchange without Entity Authentication (CWE-322)
  107. LDAP Injection (CWE-90)
  108. Leftover Debug Code (Backdoor) (CWE-489)
  109. Local File Inclusion
  110. LLM01: Prompt Injection
  111. LLM02: Insecure Output Handling
  112. LLM03: Training Data Poisoning
  113. LLM04: Model Denial of Service
  114. LLM05: Supply Chain Vulnerabilities
  115. LLM06: Sensitive Information Disclosure
  116. LLM07: Insecure Plugin Design
  117. LLM08: Excessive Agency
  118. LLM09: Overreliance
  119. LLM10: Model Theft
  120. Malware (CAPEC-549)
  121. Missing HttpOnly Flag on Cookies
  122. Missing Secure Flag on Cookies
  123. Man-in-the-Middle (CWE-300)
  124. Memory Corruption – Generic (CWE-119)
  125. Misconfiguration (CWE-16)
  126. Misconfigured CORS
  127. Missing Encryption of Sensitive Data (CWE-311)
  128. Missing Required Cryptographic Step (CWE-325)
  129. Missing Security Headers
  130. Missing Authentication for Critical Function – CWE-306
  131. Missing Content-Security-Policy (CSP) Headers
  132. Mass Assignment
  133. Memory Corruption
  134. Misconfigured S3 Buckets
  135.  NULL Pointer Dereference (CWE-476)
  136. Null Byte Injection
  137.  OAuth authentication
  138. Off-by-one Error (CWE-193)
  139. Open Redirect (CWE-601) or Unvalidated Redirects and Forwards
  140. OS Command Injection (CWE-78)
  141. Out-of-bounds Read (CWE-125)
  142. Off-by-one Error
  143. Password in Configuration File (CWE-260)
  144. Path Traversal (CWE-22)
  145. Phishing (CAPEC-98)
  146. Plaintext Storage of a Password (CWE-256)
  147. Privacy Violation (CWE-359)
  148. Privilege Escalation (CAPEC-233)
  149. Prototype pollution
  150. Path Parameter Vulnerabilities
  151. Parameter Pollution
  152. Parameter Tampering
  153. Parameter Delimiter
  154. Password Spraying
  155. Passwords in Clear Text
  156.  rate limit
  157. Race Condition – CWE-362
  158. Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784)
  159. Reliance on Untrusted Inputs in a Security Decision (CWE-807)
  160. Remote Code Execution
  161. Remote File Inclusion (CWE-98)
  162. Resource Injection (CWE-99)
  163. Reusing a Nonce, Key Pair in Encryption (CWE-323)
  164. Reversible One-Way Hash (CWE-328)
  165. Reflected File Download (RFD)
  166. Stack Overflow
  167. Shellshock Vulnerability (Bash Bug)
  168. Security Through Obscurity (CWE-656)
  169. Security Misconfiguration
  170. Sensitive Information Passed to HTTP by Default
  171. Server-Side Request Forgery (SSRF) (CWE-918)
  172. Server-side template injection
  173. Session Fixation (CWE-384)
  174. SQL Injection (CWE-89)
  175. Session Hijacking
  176. Stack Overflow (CWE-121)
  177. Storing Passwords in a Recoverable Format (CWE-257)
  178. Subdomain Takeover
  179. Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute – CWE-614
  180. Slow HTTP DoS Attack (Slowloris)
  181.  Template Injection
  182. Timing Attack
  183. Time-of : -check Time-of-use (TOCTOU) Race Condition (CWE-367)
  184. Type Confusion (CWE-843)
  185. UI Redressing (Clickjacking) (CAPEC-103)
  186. Unprotected Transport of Credentials (CWE-523)
  187. Unrestricted Upload of File with Dangerous Type – CWE-434
  188. Untrusted Search Path – CWE-426
  189. Unverified Password Change (CWE-620)
  190. Uncontrolled Format String
  191. Use After Free (CWE-416)
  192. Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
  193. Use of a Key Past its Expiration Date (CWE-324)
  194. Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CWE-338)
  195. Use of Externally-Controlled Format String (CWE-134)
  196. Use of Hard-coded Credentials (CWE-798)
  197. Use of Hard-coded Cryptographic Key (CWE-321)
  198. Use of Hard-coded Password (CWE-259)
  199. Use of Inherently Dangerous Function (CWE-242)
  200. Use of Insufficiently Random Values (CWE-330)
  201. Unprotected Files and Directories
  202. Unsecured JSONP Endpoints
  203. Using Components with Known Vulnerabilities
  204. Use of a One-Way Hash without a Salt – CWE-759
  205. Unrestricted Input Bug – Exploiting Server-Side Weakness
  206. Violation of Secure Design Principles (CWE-657)
  207. Weak Session Management
  208. Weak Transport Layer Security
  209. Weak Cryptographic Hashes
  210. Weak Cryptography for Passwords (CWE-261)
  211. Weak Password Recovery Mechanism for Forgotten Password (CWE-640)
  212. Web cache poisoning or Cache Poisoning or Cookie Poisoning
  213. Web Cache Deception
  214. Web Sockets
  215. Weak Encryption
  216. Weak Captcha Implementation
  217. Wrap-around Error (CWE-128)
  218. Write-what-where Condition (CWE-123)
  219. Weak Password Requirements (CWE-521)
  220. XML Entity Expansion (CWE-776)
  221. XML External Entities (XXE) (CWE-611)
  222. XML external entity (XXE) injection
  223. XML Injection (CWE-91)
  224. XSS Using MIME Type Mismatch (CAPEC-209)
  225. Zero-Day Exploits

Spawning a shell

python -c 'import pty; pty.spawn("/bin/sh")' 
python3 -c 'import pty; pty.spawn("/bin/bash")'

script -qc /bin/bash /dev/null

echo os.system('/bin/bash') 
/bin/sh -i 
perl -e 'exec "/bin/sh";' 
perl: exec "/bin/sh"; 
ruby: exec "/bin/sh" 
lua: os.execute('/bin/sh') 
exec "/bin/sh"; 
/bin/bash -i
exec "/bin/sh"                # (From within IRB) 
:!bash                        # (From within vi)
:set shell=/bin/bash:shell    # (From within vi) 
!sh                           # (From within nmap)

Interactive shell

which python3
python3 -c 'import pty; pty.spawn("/bin/bash")'
ctrl + z
stty raw -echo; fg
export TERM=xterm

Privilege Escalation

Linux

  1. https://medium.com/@Varma_Chekuri/linux-privilege-escalation-part-1-c35b6c5b4841
  2. https://medium.com/@Varma_Chekuri/privilege-escalation-in-linux-2-c2ececd7f385
  3. https://medium.com/@Varma_Chekuri/privilege-escalation-in-linux-3-b1430b1ea221

Windows

  1. https://medium.com/@Varma_Chekuri/windows-privilege-escalation-aa2c048d246b
  2. https://medium.com/@Varma_Chekuri/windows-privilege-escalation-2-f0dfb1021213

Reverse shell links

  1. https://www.revshells.com/
  2. https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/
  3. https://d00mfist1.gitbooks.io/ctf/content/spawning_shells.html

Binaries

  1. Gtfobins: https://gtfobins.github.io/ [unix / Linux ]
  2. Lolbas: https://lolbas-project.github.io/ [ windows ]
  3. drivers: https://www.loldrivers.io/ [ Vulnerable drivers ]

GitHub Repos

  1. https://github.com/The-Art-of-Hacking/h4cker
  2. https://github.com/Hack-with-Github/Awesome-Hacking
  3. https://github.com/enaqx/awesome-pentest
  4. https://github.com/B3nac/Android-Reports-and-Resources
  5. https://github.com/infoslack/awesome-web-hacking
  6. https://github.com/JohnHammond/security-resources

Wordlists

  1. https://github.com/random-robbie/bruteforce-lists
  2. https://wordlists.assetnote.io/
  3. https://github.com/danielmiessler/SecLists
  4. https://github.com/kongsec/Wordpress-BruteForce-List

Checklists

  1. https://github.com/KathanP19/HowToHunt
  2. https://github.com/Az0x7/vulnerability-Checklist
  3. https://github.com/swisskyrepo/PayloadsAllTheThings

Extensions

Browser Extensions

  1. wappalyzer
  2. Cookie Editor
  3. Http headers
  4. foxyproxy
  5. fileon
  6. open multiple URLs
  7. hackbar
  8. shodan
  9. netcraft
  10. Builtwith
  11. Google Maps Api Checker

Burp Suite extensions

  1. Collaborator everywhere
  2. InQL – GraphQL Scanner
  3. param miner
  4. NoSQLi Scanner
  5. JSON Web Tokens

Keep up to date with the latest news

Appsec

  1. https://github.com/Simpsonpt/AppSecEzine
  2. https://www.reddit.com/r/websecurityresearch/
  3. https://appsec.beehiiv.com/

Yearly Reports

  1. https://survey.stackoverflow.co/2023/
  2. https://www.verizon.com/business/resources/reports/dbir/2023/master-guide/
  3. https://www.hackerone.com/resources/reporting/7th-annual-hacker-powered-security-report-2023

General CyberSecurity News

  1. https://tldrsec.com/
  2. https://www.reddit.com/r/netsec/
  3. https://thehackernews.com/
  4. https://executiveoffense.beehiiv.com/
  5. https://danielmiessler.com/
  6. https://www.hackthebox.com/blog/

Others

  1. https://www.criticalthinkingpodcast.io/
  2. https://www.theregister.com/
  3. https://www.youtube.com/c/GeraldAuger
  4. https://hackyx.io/
  5. https://dorki.io
  6. https://bbradar.io/
  7. https://book.hacktricks.xyz/
  8. https://cheatsheetseries.owasp.org/IndexTopTen.html
  9. https://appsecexplained.gitbook.io/appsecexplained/
  10. https://osintframework.com/
  11. https://quickref.me/index.html
  12. https://www.cvedetails.com/
  13. https://cvexploits.io/
  14. https://sqlitebrowser.org/

Youtube

  1. https://www.youtube.com/@RanaKhalil101
  2. https://www.youtube.com/@ippsec
  3. https://www.youtube.com/@criticalthinkingpodcast
  4. https://www.youtube.com/@BittenTech
  5. https://www.youtube.com/@CristiVladZ
  6. https://www.youtube.com/@FarahHawa
  7. https://www.youtube.com/@HackerSploit
  8. https://www.youtube.com/@InsiderPhD
  9. https://www.youtube.com/@_JohnHammond
  10. https://www.youtube.com/@LiveOverflow
  11. https://www.youtube.com/@LoiLiangYang
  12. https://www.youtube.com/@TheXSSrat
  13. https://www.youtube.com/@TomNomNomDotCom
  14. https://youtube.com/@impratikdabhi
  15. https://www.youtube.com/@jhaddix
  16. https://www.youtube.com/@ByteBloggerBase
  17. https://www.youtube.com/@TylerRamsbey
  18. https://www.youtube.com/@BugBountyReportsExplained
  19. https://www.youtube.com/@NetworkChuck
  20. https://www.youtube.com/@networkchuckacademy

Twitter

  1. https://twitter.com/jhaddix
  2. https://twitter.com/NahamSec
  3. https://twitter.com/stokfredrik
  4. https://twitter.com/3nc0d3dGuY
  5. https://x.com/HunterMapping
  6. https://x.com/Bugcrowd
  7. https://x.com/Hacker0x01
  8. https://x.com/yeswehack
  9. https://x.com/intigriti
  10. https://twitter.com/adityashende17
  11. https://twitter.com/GodfatherOrwa
  12. https://x.com/CVEnew
  13. https://twitter.com/h4x0r_fr34k
  14. https://twitter.com/ReconOne_bk
  15. https://twitter.com/theXSSrat
  16. https://x.com/7h3h4ckv157
  17. https://twitter.com/TCMSecurity
  18. https://twitter.com/0xTib3rius
  19. https://twitter.com/trick3st
  20. https://twitter.com/Ox4d5a
  21. https://twitter.com/CyberWarship
  22. https://x.com/hunter0x7

Referrals

  1. Digitalocean : https://m.do.co/c/1f650a3ace33
  2. Hostinger : https://hostinger.in?REFERRALCODE=1NAGASAIKIR24

when I find good resources or if you find good resources mentioned in the comments I’ll update the blog

Happy Hacking !!!

Connect me on
Linkedin: https://www.linkedin.com/in/nagasaikiran010/

,

1 thought on “Essential Resources for Red Team in Cyber Security”

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top