☣️ Free Labs to Train Your Pentest / CTF Skills ☣️

🔸 Academy Hackaflag -BR https://academy.hackaflag.com.br

🔸 Try Hack Me https://tryhackme.com

🔸 Attack-Defense https://attackdefense.com

🔸 alert to win https://alf.nu/alert1

🔸 CTF Komodo Security https://ctf.komodosec.com

🔸 CMD Challenge https://cmdchallenge.com

🔸 Explotation Education https://exploit.education

🔸 Google CTF https://capturetheflag.withgoogle.com

🔸 HackTheBox https://www.hackthebox.eu

🔸 Hackthis https://www.hackthis.co.uk

🔸 Hacksplaining https://www.hacksplaining.com/exercises

🔸 Hacker101 https://ctf.hacker101.com

🔸 Hacker Security https://capturetheflag.com.br

🔸 Hacking-Lab https://www.hacking-lab.com/index.html

🔸 HSTRIKE https://hstrike.com

🔸 ImmersiveLabs https://immersivelabs.com

🔸 Labs Wizard Security https://labs.wizard-security.net

🔸 NewbieContest https://www.newbiecontest.org

🔸 OverTheWire http://overthewire.org

🔸 Practical Pentest Labs https://practicalpentestlabs.com

🔸 Pentestlab https://pentesterlab.com

🔸 Penetration Testing Practice Labs http://www.amanhardikar.com/mindmaps/Practice.html

🔸 PentestIT LAB https://lab.pentestit.ru

🔸 PicoCTF https://picoctf.com

🔸 PWNABLE https://pwnable.kr/play.php

🔸 Root-Me https://www.root-me.org

🔸 Root in Jail http://ctf.rootinjail.com

🔸 Shellter https://shellterlabs.com/pt

🔸 SANS Challenger https://www.holidayhackchallenge.com

🔸 SmashTheStack http://smashthestack.org/wargames.html

🔸 Try Hack Me https://tryhackme.com

🔸 The Cryptopals Crypto Challenges https://cryptopals.com

🔸 Vulnhub https://www.vulnhub.com

🔸 W3Challs https://w3challs.com

🔸 WeChall http://www.wechall.net

🔸 Zenk-Security https://www.zenk-security.com/epreuves.php


Join🟢@hacker_habesha🇪🇹

🔒 Support our hackers AND cybersecurity professionals channel by sharing it with a friend.😊 Unleash their digital prowess!

ከተመቻቹ react ያድርጉ 😉

And don't forget to react if you like the contents 🤗
💻🔐 #HackerCommunity

https://t.me/hacker_habesha?boost

🟢@hacker_habesha

Web Crawlers & Directory Brute Force ⚡

🔹Dirbrute
🔗https://github.com/Xyntax/DirBrute

🔹Dirb
🔗https://dirb.sourceforge.net/

🔹ffuf
🔗https://github.com/ffuf/ffuf

🔹Dirbuster
🔗https://sourceforge.net/projects/dirbuster/

🔹Dirsearch
🔗https://github.com/maurosoria/dirsearch

🔹Gobuster
🔗https://github.com/OJ/gobuster

🔹WebPathBrute
🔗https://github.com/7kbstorm/7kbscan-WebPathBrute

🔹wfuzz
🔗https://github.com/xmendez/wfuzz

🔹Dirmap
🔗https://github.com/H4ckForJob/dirmap

🔹YJdirscan
🔗https://github.com/foryujian/yjdirscan

Join:🟢@hacker_habesha🇪🇹

Sql Injection 💉


🔹 Sqlmap
🔗https://github.com/sqlmapproject/sqlmap

🔹 SSQLInjection
🔗https://github.com/shack2/SuperSQLInjectionV1

🔹Jsql-injection
🔗https://github.com/ron190/jsql-injection

🔹NoSQLMap
🔗https://github.com/codingo/NoSQLMap

🔹Sqlmate
🔗https://github.com/s0md3v/sqlmate

🔹SQLiScanner
🔗https://github.com/0xbug/SQLiScanner

🔹sql-injection-payload-list
🔗https://github.com/payloadbox/sql-injection-payload-list

🔹Advanced-SQL-Injection-Cheatsheet
🔗https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet

Join:🟢@hacker_habesha🇪🇹

Wordlists 📄


🔹 wordlists - Real-world infosec wordlists, updated regularly.
🔗https://github.com/trickest/wordlists/

🔹psudohash - Password list generator that focuses on keywords mutated by commonly used password creation patterns.
🔗https://github.com/t3l3machus/psudohash

🔹wister - A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
🔗https://github.com/cycurity/wister

🔹Rockyou - wordlists packaging for Kali Linux.
🔗https://gitlab.com/kalilinux/packages/wordlists

🔹Weakpass - For any kind of bruteforce find wordlists.
🔗https://weakpass.com/


Join:🟢@hacker_habesha🇪🇹

🌐Search Engines For PenTesters

Cross-Site Scripting (XSS)

🔹Data Theft
🔹Session Hijacking
🔹Phishing
🔹Defacement
🔹Keylogging
🔹Remote Code Execution
🔹Bypass Security Measures

🟢@hacker_habesha🇪🇹

🩸Domain Takeover with PetitPotam Exploit

📝Petitpotam is a vulnerability that allows a domain user to take over domain controllers through triggering authentications using the MS-EFSRPC protocol.

🔗https://en.hacks.gr/2023/12/27/domain-takeover-with-petitpotam-exploit/

JOIN:🟢@hacker_habesha🇪🇹

🧬Networking Essentials

🔖#infosec #cybersecurity #hacking #pentesting #security

JOIN:🟢@hacker_habesha🇪🇹

🛠Red Team Toolkit

🔴Privilege Escalation
🔴Phishing
🔴OSINT
🔴Exfiltration

🔖#infosec #cybersecurity #hacking #pentesting #security

JOIN:🟢@hacker_habesha🇪🇹

🛠Blue Team Toolkit

🔵Network Analysis
🔵EDR
🔵OS Analysis
🔵Honeypots
🔵SIEM

🔖#infosec #cybersecurity #hacking #pentesting #security

JOIN:🟢@hacker_habesha🇪🇹

Offensive Security Bookmarks
My security bookmarks collection.
All that things I need to pass OSCP, i think =)
Security Blogs
My Security OPML
Security Forums
http://securityoverride.org/forum/index.php
https://www.hackthissite.org/forums/index.php
https://www.ethicalhacker.net/forums/index.php
https://evilzone.org/
http://forum.antichat.ru/
https://forum.xeksec.com/
https://rdot.org/forum/
https://forum.zloy.bz/
https://forum.reverse4you.org/
https://rstforums.com/forum/
http://www.truehackers.ru/forum/index.php
http://garage4hackers.com/forum.php
https://www.hellboundhackers.org/
http://www.lockpicking101.com/
https://www.xploitworld.com/index.php

👉Join: @hacker_habesha🇪🇹
👉Join: @hacker_habesha🇪🇹

🐧Linux Privileges Escalation Techniques (Basic to Advanced) Series

🔹Part 1: http://hacklido.com/blog/158
🔹Part 2: http://hacklido.com/blog/162
🔹Part 3: http://hacklido.com/blog/210
🔹Part 4: http://hacklido.com/blog/224
🔹Part 5: https://hacklido.com/blog/286


Join 👉@hacker_habesha

**🚀 Exciting News! PicoCTF-Africa Online Training Series**

Hey everyone! 🌟

Hope you're all doing well! 🚀 I've got some exciting news - the PicoCTF-Africa online training series is kicking off on Jan 27! 🖥️ It's a fantastic opportunity for university undergrads & high schoolers interested in diving into the world of cybersecurity.

🔗 Register here: https://forms.gle/JhgPHzCVPWEx4uPNA

📅 Training starts: Jan 27

🌐 About:
🖥️Introduction to the cyber-Security concepts focusing on practical skills using a Capture The Flag (CTF) approach.
🖥️ Familiarizing with PicoCTF platform and getting ready for PicoCTF2024 competition.

📌 Poster Attached: Check out the poster and feel free to share this amazing opportunity with your friends and peers!

📢 Kindly share with your undergrad and high school colleagues! Let's make sure everyone gets a chance to join this cybersecurity adventure.


Got questions or need more info? Drop them here, and let's get ready for an awesome learning experience together! 🛡️✨

41% attacks bypass network security.

Defense-in-Depth isn't enough. Use AI-powered Cyber Threat Intelligence (CTI) and Breach & Attack Simulation (BAS) to test defenses against real-world attacks, uncover vulnerabilities.

Read to find the key: https://thehackernews.com/2024/01/perfecting-defense-in-depth-strategy.html

📋Cyber Security Periodic Table

🔖#infosec #cybersecurity #hacking #pentesting #security

👉Join: @hacker_habesha

🗝Plaintext vs Encoding vs Hashing vs Encryption

🔖#infosec #cybersecurity #hacking #pentesting #security

👉Join: @hacker_habesha
👉Join: @hacker_habesha🇪🇹

🧬Popular HTTP Request Methods for Log Analysis

🔖#infosec #cybersecurity #hacking #pentesting #security

👉Join: @hacker_habesha
👉Join: @hacker_habesha🇪🇹