[𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐒𝐄𝐂𝐔𝐑𝐄 𝐂𝐎𝐃𝐄 𝐑𝐄𝐕𝐈𝐄𝐖]

👉 𝗪𝗵𝗮𝘁 𝗶𝘀 𝘀𝗲𝗰𝘂𝗿𝗲 𝗰𝗼𝗱𝗲 𝗿𝗲𝘃𝗶𝗲𝘄?
🌟 How to Identify Vulnerabilities in code – Manual Code Review on Hackingloops
https://lnkd.in/eGdQrB_Q
🌟 Security Code Review 101 by Paul Ionescu:
https://lnkd.in/en6gKsfJ
🌟 OWASP® Foundation Secure Coding Practice
https://lnkd.in/eEAA7Jcf

👉 𝗜𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝘀𝗲𝗰𝘂𝗿𝗲 𝗰𝗼𝗱𝗲 𝗿𝗲𝘃𝗶𝗲𝘄
🌟 Farah Hawa’s post about the subject:
https://lnkd.in/eE_zZqdx
🌟 Introduction to Secure Code Review on PentesterLab: https://lnkd.in/gXjm_MbJ
🌟 Freddy Macho’s Code review checklist
https://lnkd.in/e2vcqR4M

👉 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲 𝗮𝗻𝗱 𝘀𝗵𝗮𝗿𝗽𝗲𝗻 𝘆𝗼𝘂𝗿 𝗿𝗲𝘃𝗶𝗲𝘄𝗲𝗿 𝘀𝗸𝗶𝗹𝗹𝘀
🌟 Security training platform for devs Hacksplaining:
https://lnkd.in/gqrXr544
🌟 Make a vulnerable PHP App with this video by Wesley (The XSS Rat) Thijs https://lnkd.in/gWTwFtjf
🌟 Join the WeHackPurple Community to talk about secure code practice and more
https://lnkd.in/e2FCKTx5

Thank you Gabrielle B. for sharing
👉 𝗧𝗼𝗼𝗹𝘀
🌟 Manual code review versus using a SAST Tool on We Hack Purple
https://lnkd.in/er3qnSd7
🌟 Code Review tools on HackTricks
https://lnkd.in/e93pWfni
🌟 Awesome DevSecOps by TaptuIT
https://lnkd.in/eWSpZWN6


#cybersecurity #cybersécurité #pentest #sourcecode #testing #coding #coding #community #training #training #training #security #security #video #video #php

💥 [𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐓𝐎𝐏 𝐂𝐲𝐛𝐞𝐫 𝐋𝐚𝗯𝘀] 💥

✨ Alert to win - https://alf.nu/alert1
✨ Attack-Defense - https://attackdefense.com
✨ Bancocn - https://bancocn.com

🎡 Certified Secure - https://lnkd.in/gBKK-i-s
🎡 CMD Challenge - https://cmdchallenge.com
🎡 CryptoHack - https://cryptohack.org/

🧶 CTF Komodo Security - https://ctf.komodosec.com
🧶 Ctftime - https://ctftime.org/
🧶 Cyberdefenders - https://lnkd.in/gCf8v4Ju

🎇 CyberSecLabs - https://lnkd.in/gmyzMXju
🎇 EchoCTF - https://echoctf.red/
🎇 Explotation Education - https://exploit.education

💥 Google CTF - https://lnkd.in/e46drbz8
💥 Hack The Box - https://lnkd.in/ggfAMdQ8
💥 Hackaflag BR - https://hackaflag.com.br/

✨ Hacker Security - https://lnkd.in/gJbSaY3f
✨ Hacker101 - https://ctf.hacker101.com
✨ Hacking-Lab - https://hacking-lab.com/

🎡 Hacksplaining - https://lnkd.in/gVd9dNkK
🎡 HackTheBox - https://www.hackthebox.com
🎡 Hackthis - https://www.hackthis.co.uk

🧶 HackXpert - https://hackxpert.com/
🧶 HSTRIKE - https://hstrike.com
🧶 ImmersiveLabs - https://immersivelabs.com

🎇 LetsDefend- https://letsdefend.io/
🎇 NewbieContest - https://lnkd.in/gZ4UjDhy
🎇 OSBOXES - http://www.osboxes.org/

💥 OverTheWire - http://overthewire.org
💥 Penetration Testing Practice Labs - https://lnkd.in/grQev9Kk
💥 PentestIT LAB - https://lab.pentestit.ru

✨ Pentestlab - https://pentesterlab.com
✨ PicoCTF - https://picoctf.com
✨ PortSwigger Web Security Academy - https://lnkd.in/gAPq2ezr

🎡 Practical Pentest Labs - https://lnkd.in/gUSqv6xS
🎡 Pwn college - https://dojo.pwn.college/
🎡 PWNABLE - https://lnkd.in/gNcyqG64

🧶 RangeForce - https://lnkd.in/gGy3feqt
🧶 Root in Jail - http://rootinjail.com
🧶 Root-Me - https://www.root-me.org

🎇 SANS Challenger - https://lnkd.in/gG-5_ZPF
🎇 SmashTheStack - https://lnkd.in/gMFNTURc
🎇 TCM Security - https://lnkd.in/gbQinqvf

💥 The Cryptopals Crypto Challenges - https://cryptopals.com
💥 Try Hack Me - https://tryhackme.com
💥 Vulnhub - https://www.vulnhub.com

✨ Vulnmachines https://vulnmachines.com/
✨ W3Challs - https://w3challs.com
✨ WeChall - http://www.wechall.net
✨ Zenk-Security - https://lnkd.in/g_y_p5ha
✨ Webgoat - https://lnkd.in/gjsgegYw

Resource collection credit: Patrick Gorman
If any other usefull websites we have missed, please share them in the comments.


#hacking #penetrationtesting #cyber #security #education #share #2023planning #google #offensivesecurity #defensive #planning #cybersecurity #free #cyberattacks #cyberdefence #socanalyst #securityoperations #pentest #vapt #osint #ceh #hackthebox #wechat #management #kpmg #pwc #deloitte #ey #australia #cybercrime

👨‍💻💥[Web Pentesting Home-Lab]💥👩‍💻
.
.
🟢 Pre-requisites
📌 Free Resources - Phases pf Pentest by Gabrielle B. https://lnkd.in/dqkPd4Df
📌 ChatGPT for Pentester https://lnkd.in/drhUhtVA
📌 Zero to CyberHero Cybersecurity Career https://lnkd.in/dDtanqyn


🟢 Platform and OS Setup
📌 Setup Virtual-box https://lnkd.in/d8Shs5VE
📌 Setup Kali Linux on Virtualbox https://lnkd.in/dN7Rv5Qk
📌 Setup Ubuntu Server with Docker https://lnkd.in/dbSisgqb
🟢 Set-up Vulnerable Applications
📌 Setup DVWA on Kali-Linux https://lnkd.in/d9t2aWzD
📌 Download bWAPP on Kali-Linux https://lnkd.in/dqHjCxCi [password: bee/bug]
📌 Setup OWASP Mutillidae on Ubuntu Docker https://lnkd.in/drVJ4MV8
📌 Set up WebGoat on Ubuntu Docker https://lnkd.in/dM5D6nWh
🟢 Burp-Suite Excercises
📌 Intercepting HTTP requests https://lnkd.in/d5v8yyNm
📌 Testing WebSockets with Burp SUite https://lnkd.in/d7vQiHbD
📌 Testing Reflected XSS https://lnkd.in/dWiZ8WHN
📌 Detect SQL Injection https://lnkd.in/dWEPA6bS
📌 Enumerating subdomains using Burp Intruder https://lnkd.in/drGmi7SW
📌 Credential stuffing using a Burp Intruder Pitchfork attack https://lnkd.in/dd_rHxsJ

Pentest GPT

AI assistant that can run different hashtag#pentest tools. Available for free:

- CVEMap
- Subdomain Finder
- Link Finder
- WAF Detector
- Whois Lookup

Nuclei, SQLi Exploiter, Katana, and Linux terminal commands are available in the PRO version.

https://pentestgpt.ai/