Here you will find links of useful Websites, Youtube Videos or Channels and Github-Repositories related to Cybersecurity, Programming and Web Development :)
YouTube Channels
YouTube Channels for penetration testing related stuff.
OALabs
Since : Nov 4, 2017
Open Analysis Live is a YouTube channel dedicated to reversing and malware analysis. Open Analysis Live does not have a lot of videos but it shows real-life hacking scenarios.
13Cubed
Since : Aug 24, 2006
Digital forensics (DFIR) is the forgotten son of the cybersecurity world. Usually, most people who work on cybersecurity learn and work in pentesting and then there is a little group that love forensics and these chhanel is for those only.
LiveOverflow
Since : Mar 16, 2015
In this channel, you are going to find from CTF video write-ups to videogame hacking or reverse-engineering tutorials.
STÖK
Since : Apr 19, 2017
People always found bug bounty interesting and STÖK YouTube channel is dedicated to that. If you are thinking on trying to earn some money through bug bounty you need to check out this channel. Watching videos of this channel you will learn bug bounty tips and techniques.
Null Byte
Since : Jul 4, 2017
On null-byte's channel you will wifi-hacks, about tools, use of hardware tools like esp32, esp8266, wifi-duck and some videos on micropython.
The PC Security Channel
Since : Oct 22, 2011
The PC Security Channel is your goto place for cybersecurity, brought to you by a malware analyst who is addicted to running ransomware and here you will find content related to Security Talks which cover interesting news/events, Malware Demonstration and Analysis videos, Basic Tutorials and How To guides.
Kaspersky
Since : Mar 11, 2006
Kaspersky Lab delivers some of the world's most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world's top four vendors of security solutions for endpoint users.
Security Now
Since : Jun 15, 2012
For a weekly roundup, Steve’s Security Now channel is always an entertaining to watch about cyber security news to recaps of all the major events from around the world. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program. Creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Steve covers mostly everything that’s happening in the infosec industry by weekly.
Black Hat
Since : Jul 31, 2013
Black Hat is the most technical and relevant information security event series in the world. Black Hat Briefings have provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry.
Security Weekly
Since : Oct 17, 2014
The Security Weekly channel keep posts videos very frequently on technical segments, interviews with other security guests, and the latest information security and hacking news. Security Weekly is the 5-time winner of the RSA Social Security Awards Best Security Podcast.
Sophos Products
Since : Apr 1, 2011
Sophos does IT security. Find out about the latest innovations as well as tips on getting the most from our solutions.
Malware Geek
Since : Aug 22, 2008
Malware Geek continuously posts videos on Anti-Malware Reviews, Computer Security Demonstrations, Online crime and Malware Tracking. You might be interested in watch out the ransomware series which gives you an insight as to how anti-malware products perform against ransomware.
ProgrammingKnowledge
Since : Mar 25, 2012
Here you will find a variety of videos aimed at new programmers. The tutorials here range from an Android tutorial for beginners to Java, Python and C++ tutorials. Among the resources is a C programming tutorial that is considered the most comprehensive course in that language that you will find anywhere. The channel (along with ProgrammingKnowledge blog) are owned by Yogesh Patel.
Thenewboston
Since : Feb 4, 2008
On thenewboston, you will find more than 4,200 videos that are followed by over a million subscribers. TheNewBoston is arguably the single best resource for anyone who wants to become a software developer. The tutorials cover a range of different programming topics including developing for android and design.
CodeWithHarry
Since : Apr 28, 2018
#Hindi
If you have problem with learning Programming and web development from other channels and you want content in hindi so just check CodeWithHarry this chhanel has tutorials on programming languages and web development with quality and language hindi.
DevTips
Since : Aug 6, 2013
DevTips will be of interest to you if you are a web designer who wants to improve your skills and if you need to learn more about coding CSS, HTML5 and other relevant topics. DevTips has over 200 videos where Google employee Travis Neilson will teach you about web design and development.
Fireship
Since : Apr 7, 2017
High-intensity ⚡ code tutorials to help you build & ship your app faster. Subscribe for new videos every week covering intermediate to advanced lessons about JavaScript, Flutter, Firebase, and modern app development.
kudvenkat
Since : Nov 26, 2008
Kudvenkat’s video tutorials should among your main resources if you want to learn Microsoft.NET technologies. The lessons cover topics like ASP.NET along with C# and SQL Server. Kudvenkat has 13 years experience with Microsoft.NET technologies and is currently working as a software architect.
Treehouse
Since : Nov 6, 2011
Treehouse is an online school that teaches technology. Treehouse has courses on hundreds of topics including how to build a website, how to build a web app, how to build a mobile app, and how to start a business.
FreeCodeCamp.org
Since : Dec 16, 2014
freeCodeCamp has awebsite also where there are courses for Web-Development, Programming languages and on youtube they have a channel where they upload video courses on web-development and programming.
LearnCode.academy
Since : Dec 20, 2012
At Learncode.academy, you will be walked through topics like JavaScript and jQuery in Stern’s efficient and thorough style. The channel’s trailer is one of Stern’s more popular videos and provides web development career advice. This helpful video outlines the paths that you can take on your way to becoming a web developer along with the order in which you should learn things.
Information Gathering
Shodan.io
Shodan (Sentient Hyper-Optimised Data Access Network) is a search engine designed to map and gather information about internet-connected devices and systems. Shodan is sometimes referred to as a search engine for the internet of things (IoT).
Information Gathering
Censys.io
Censys is a platform that helps information security practitioners discover, monitor, and analyze devices that are accessible from the Internet. ... Enterprises use Censys to understand their network attack surfaces. CERTs and security researchers use it to discover new threats and assess their global impact.
Information Gathering
Twoogle
Its a combined search engine for twitter and google, useful in information gathering of some person.
Information Gathering
Whois
Whois is used for an whois lookup of Domain and IP Address. A whois Domain lookup allows you to trace the ownership and tenure of a domain name. The Whois database contains details such as the registration date of the domain name, when it expires, ownership and contact information, nameserver information of the domain, the registrar via which the domain was purchased, etc.
Information Gathering
KOLTH.NET
This site is mostly about radio communications (aeronautical and maritime) and internet (DNS nslookup, whois, bad bots) and anti-spam.
Information Gathering
Metadata2go
Metadata2Go.com is a free online tool that allows you to access the hidden exif & meta data of your files. Metadata is, basically, information about other data. Many files contain extra or even hidden data other than the visual data you see at first glance. E-books, photographs, movies, music and even documents can contain data that you don’t see at first glance.
Information Gathering
Netcraft
This website gives us a detailed information about the web hosting and the Server with detailed information on what is running on the server along with the IP, whoIs information, Server side technologies etc. All this Information should be saved in your reports so that you can use all the information to find the right tests and define the attack surface which is the most important part of a penetration testing.
OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Information Gathering
yougetsignal >> Reverse IP Domain Check
Many times the particular domain you are targetting is not so vulnerable or you are not able to find the right attack surface, in such case you can make a Reverse IP domain lookup and find the other domains on the server which may be vulnerable and allow you to enter the Server.
Information Gathering
Archive.org
Archive.org is a website which is maintaining history of many websites over the internet. Many times you can get some information which is no more displayed on the website because of some security issue but something related to that can still be found there.
Information Gathering
Robtex
This will help gather comprehensive Domain Name Server (DNS) information on the target victim. Robtex uses various sources to gather public information about IP numbers, domain names, host names, Autonomous systems, routes etc. It then indexes the data in a big database and provides free access to the data.
Information Gathering
Google Images
Google images can be used reverse image lookup and gather more information about any picture you have.
Information Gathering
Exploit Database
he Exploit Database (EDB) is an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts. The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers.
Information Gathering
';--have i been pwned?
This is a website that allows Internet users to check whether their personal data has been compromised by data breaches. The service collects and analyzes hundreds of database dumps and pastes containing information about billions of leaked accounts, and allows users to search for their own information by entering their username or email address.
Similar Websites :
To Learn Penetration Testing
TryHackMe
TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. They have content for both complete beginners and seasoned hackers, encorporating guides and challenges to cater for different learning styles. TryHackMe is highly recommended not only for OSCP but for anyone to excel skills and is a golden gate to beginners in cyber security and it is completely worth the price.
To Learn Penetration Testing
HackTheBox
Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field. It has massive labs ans with new machines and challenges released on a weekly basis, you will learn hundreads of new techniques, tips and tricks.
To Learn Penetration Testing
PentesterLab
PentesterLab is an easy and great way to learn penetration testing. PentesterLab provides free vulnerable systems that can be used to test and understand vulnerabilities. They exercises are based on common vulnerabilities found in different systems. They provide you real systems with real vulnerabilities.
To Learn Penetration Testing
IoT Learning
The village consists of workshops on hacking numerous off-the-shelf devices (e.g. medical devices, home appliances, routers, and storage devices), live educational talks and a variety of contests. IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT.
To Learn Penetration Testing
OpenSecurityTraning [Part 1]
Here you will learn about arbitrary code execution, This will be a lab driven class where specific software vulnerability types in particular environments are discussed and then exploited in a lab setting. Examples of lab components of the class as well as specific topics covered include:
>> Shellcode Development
>> Stack Overflow Exploitation
>> Heap Overflow Exploitation
>> Static Source Code Analysis
>> Defeating Non-Executable Stack Protection
To Learn Penetration Testing
OpenSecurityTraning [Part 2]
This course covers the exploitation of stack corruption vulnerabilities in the Windows environment. Stack overflows are programming flaws that often times allow an attacker to execute arbitrary code in the context of a vulnerable program. There are many nuances involved with exploiting these vulnerabilities in Windows. Window's exploit mitigations such as DEP, ASLR, SafeSEH, and SEHOP, makes leveraging these programming bugs more difficult, but not impossible. The course highlights the features and weaknesses of many the exploit mitigation techniques deployed in Windows operating systems.
To Learn Penetration Testing
securitytube.net
Securitytube is an youtube of cybersecurtiy where you will find many Videos on related topics to Cybersecurity, you should explore these site on your own !!
To Learn Penetration Testing
Pentester.Land >> List Of Bug Bounty Writeups
On pentestter.land has a page where they publish Bug Bounty Writeups in which you will find how those vulnerabilities were found and the amount paid out by the company.
To Learn Penetration Testing
Guru99
You can have a look at tutorials made by guru99 on ethical hacking.
To Learn Penetration Testing
null-byte wonderhowto
On Null-byte Wonder how to is a place you will find articles about WIFI-Hacking, Password Cracking, Phishing attacks and other articles on wifi adapters, hardware tools or around these topics.
To Learn Programming And Web Development
W3school
W3school is a good place to start learn Programming and Web Development languages, there are written tutorials on HTML, CSS, Bootstrap, javascript, React, SQL, PHP, Python, C++, C#, jQuery, AngularJS, JSON, Node.js, AJAX, HTML-DOM, ASP, R, XML, AI, Machine Learning, Data Science, Pandas.
To Learn Programming And Web Development
FreeCodeCamp
FreeCodeCamp is an another good website which will provide you written tutorials on programming languages, Javascript Algorithms and Data Structure, Frontend Development Libraries, APIs, Data Analysis, Machine Learning, Coding Interview preparation.
To Learn Programming And Web Development
Codecademy
I will again say that codecademy is an good place to start learning. It has written courses on HTML, CSS, JavaScript, Java, SQL, Bash/Shell, Ruby, C++, R, C#, PHP, Go, Swift, Kotlin. they have a Quiz also if you are not sure that from where you have to start and it has paid and free version both.
To Learn Programming And Web Development
Sololearn
Sololearn is also a good choice and has written tutorials on Python, C++, Java, C#, JavaScript, HTML, CSS, PHP, SQL, Machine Learning, React, Angular, Kotlin, C, Ruby, Swift 4, jQuery.
For Web Developers
Mockup Tools
For Web Developers
Free Icons & Fonts
For Web Developers
Free Images & Videos
For Web Developers
Hosting
For Web Developers
Chrome DevTools
Chrome DevTools is a set of web developer tools built directly into the Google Chrome browser. DevTools can help you edit pages on-the-fly and diagnose problems quickly, which ultimately helps you build better websites, faster. Its rapid debugging feature will help direct you to errors within your code, saving you tons of time when trying to figure out the location of a coding error.
For Web Developers
CSS-Tricks
Definitely check out this website because you can get lots of tweaks and tricks about the cascading style sheet(CSS). There are a whole bunch of articles, videos and books are available on their site. This is a great learning platform but its prerequisite is that one should atleast have the basic knowledge of CSS as it's better suited to someone who has already been introduced to CSS and is looking for more info on a specific topic or wants to discover new concepts.
For Web Developers
Tailwind CSS
Tailwind CSS is an awesome CSS Framework it is packed with classes like flex, pt-4, text-center and rotate-90 that can be composed to build any design, directly in your markup. If you wanna see an example just see my website, these website is been built using Tailwind CSS.
For Web Developers
Awwwards
Not getting idea for your new site just visit awwwards and explore it. its an professional web design and development competition body. It aims to recognize and promote the best of innovative web design. It is a website competition that developers can submit to.
For Web Developers
ImageCompressor
his online image optimizer uses a smart combination of the best optimization and lossy compression algorithms to shrink JPEG and PNG images to the minimum possible size while keeping the required level of quality.
For Web Developers
Sass
Sass (which stands for 'Syntactically awesome style sheets) is an extension of CSS that enables you to use things like variables, nested rules, inline imports and more. It also helps to keep things organised and allows you to create style sheets faster. Sass is compatible with all versions of CSS.
For Web Developers
Color Hailpixel
Color by Hailpixel is the perfect tool for finding and exploring color combinations and color tones. Simply hover your mouse across your screen in order to see and admire the never-ending variations of colors. As soon as you come across the color you like, click on it and continue searching for the next color. The app provides you with all the hex color codes you selected, which is very convenient.
For Web Developers
Brusheezy
Brusheezy is the go-to place for Photoshop resources. There you will find an infinite array of Photoshop brushes, patterns, textures, PSDs and much much more – basically anything and everything Photoshop-related. All of the resources on Brusheezy are free to download and, depending on the license, free to use in your projects.
For Web Developers
Dribbble
reat source for inspiration, Dribbble is a community of designers that share with each other, other fellow designers, what they are working on. The community consists of web designers, graphic designers, illustrators, logo designers, icon artists, typographers, and other creatives which share screenshots of whatever project(s) they’re working on, making it a great destination for attaining new ideas for your projects.
For Web Developers
whats My Browser Size
As straightforward as it sounds, this Web app shows you the current size of your browser window. This can be useful in designing responsive websites.
B/0-0\KS
Grey Hat Hacking : The Ethical Hacker’s Handbook
[2 Edition]
Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness
FOCA
FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans. These documents may be on web pages and can be downloaded and analyzed with FOCA. It is capable of analyzing a wide variety of documents, with the most common being Microsoft Office, Open Office, or PDF files, although it also analyzes Adobe InDesign or SVG files, for instance.
Recon-ng
Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open source web-based reconnaissance quickly and thoroughly. It is designed exclusively for web-based open-source reconnaissance.
SpooNMAP
This script is simply a wrapper for NMAP and Masscan. This wrapper script implements many of the IDS evasion techniques and service discovery methodologies. It also takes care of the packet rates, depending on the selected options (external, internal, single port, full port, etc.). The README.md also includes references for several commonly exploited services.
Buster
Buster is an advanced OSINT tool used to:
>> Get social accounts of an email using multiple sources (gravatar,about.me,myspace,skype,github, linkedin,previous breaches).
>> Get links to where the email was found using google,twitter,darksearch and paste sites.
>> Get breaches of an email.
>> Get domains registered with an email (reverse whois).
>> Generate possible emails and usernames of a person.
Quick Android Review Kit
This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds. There is no need to root the test device, as this tool focuses on vulnerabilities that can be exploited under otherwise secure conditions.
usbrip
usbrip (inherited from "USB Ripper", not "USB R.I.P.") is a simple forensics tool with command line interface that lets you keep track of USB device artifacts (i.e., USB event history) on Linux machines.
PEASS - Privilege Escalation Awesome Scripts SUITE
Here you will find privilege escalation tools for Windows and Linux/Unix* and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily.
Andrax
ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more powerful than a common distribution!
BLACKMAMBA
BlackMamba is a multi-client C2/post-exploitation framework with some spyware features. It is powered by Python 3.8.6 and QT Framework.
Some Feature:
>> Multi-Client - Supports multiple client connections at the same time.
>> Real-Time Communication Updates - Real-time communication and updates between the client and server.
>> Encrypted Communication - Almost all communications are encrypted, except for screen video streaming.
>> Screenshot Gathering - Get a real-time screenshot from the client.
Search-That-Hash
Tired of going to every website to crack your hash? Search-That-Hash automates this process in less than 2 seconds. Search-That-Hash searches the most popular hash cracking sites and automatically inputs your hash(s) for cracking.
>> Auto-Type Identification
>> Offline Mode
>> Fast
>> JSON API
>> Accessible
>> Extensible
>> Beautiful
>> Ethical
MetaFinder
Search for documents in a domain through Search Engines. The objective is to extract metadata
byp4xx
A bash script to bypass "403 Forbidden" responses with well-known methods discussed in #bugbountytips
Features
>> Multiple HTTP verbs/methods.
>> Multiple methods mentioned in #bugbountytips.
>> Multiple headers: Referer, X-Custom-IP-Authorization...
>> Allow redirects.
>> Return the entire curl command if response is 200.
Responder
Responder is an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix. By default, the tool will only answer to File Server Service request, which is for SMB.
STILL IN PROGRESS...