Skip to content

Here are some useful links for the CEH and CPENT course

Notifications You must be signed in to change notification settings

CyShu9/Ethical-Hacking-Links

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 

Repository files navigation

Ethical-Hacking-Links

Here are some useful links for the CEH & CPENT course:

Reconnaissance / OSINT
https://osintframework.com (web based framework containing different tools that you can use to carry out open-source intelligence)
https://tineye.com (Reverse Image Search)
https://www.osintcombine.com/reverse-image-analyzer (Reverse Image Search with AI/ML)
https://29a.ch/photo-forensics (Photo Forensics with Metadata Analysis)
https://pimeyes.com/en (Search engine for Face Recognition)
https://www.virustotal.com/gui/home/url (Analysis of Malware)
https://urlscan.io (Analysis of Websites for Malware)
https://dnsdumpster.com (Online Domain research tool, can find subdomains)
https://crt.sh (Certificate search, can find subdomains)
https://shodan.io (IoT Search Engine)
https://search.censys.io (IoT Search Engine)
https://builtwith.com (Find out what websites are Built With)
http://web.archive.org (Wayback Machine)
https://whatsmyname.app (Enumerate Usernames across Websites)
https://www.social-searcher.com (Free Social Media Search Engine)
https://www.heavy.ai/demos/tweetmap (Analysing geolocated Tweets)
https://intelx.io/tools?tab=youtube (YouTube Metadata Viewer)
http://mattw.io/youtube-metadata (YouTube Metadata Viewer)
https://haveibeenpwned.com (Check if your email or phone is in a data breach)
https://emailrep.io (Simple Email Reputation)
https://www.walletexplorer.com (Bitcoin block explorer with address grouping and wallet labeling)
https://www.bitcoinwhoswho.com (Bitcoin Address Lookup)
https://etherscan.io (Ethereum Blockchain Explorer)
https://opencellid.org (Database of cell towers)
https://www.osintcombine.com/data-visualization-tool (Data visualisation tool) https://www.osinttechniques.com/osint-tools.html (Collection of OSINT online tools)
https://github.com/ElevenPaths/FOCA (tool used to find metadata and hidden information in documents)
https://github.com/lanmaster53/recon-ng (full-featured reconnaissance framework to conduct open source web-based reconnaissance)
https://www.maltego.com/downloads (OSINT tool which analyses the searches and findings graphically)
https://github.com/laramies/theHarvester (tool that gathers names, emails, IPs, subdomains, and URLs by using multiple public resources)
https://github.com/pielco11/fav-up (Lookup real IP from Cloudflare)

Linux
https://explainshell.com (Explains parameters for common linux commands)
https://www.revshells.com (Online Reverse Shell Generator)

Windows
https://github.com/4ndr34z/ntlmthief (NTLMThief)

Search Engines
https://shodan.io (IoT Search Engine)
https://security.snyk.io (Database with known vulnerabilities)
https://filesec.io (Database of file extensions used by attackers)
https://andreacristaldi.github.io/APTmap (APTmap)

Vulnerability Scanning
https://de.tenable.com/products/nessus/nessus-essentials (Nessus Essentials - scan up to 16 IPs for free)

Exploits
https://exploit-db.com (Tested exploits recommended)
http://0day.today (Exploit database)

Privilege Escalation
https://gtfobins.github.io (How to bypass local security restrictions in Linux / UNIX)
https://lolbas-project.github.io (Living Off The Land Binaries, Scripts and Libraries / WINDOWS)
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ (Basic Linux Privilege Escalation)
https://github.com/abatchy17/WindowsExploits ((mostly) pre-compiled Windows PE exploits)

Web
https://github.com/projectdiscovery/katana (Katana web crawler)
https://github.com/kraken-ng (Kraken webshell)

Practice Questions
https://ceh.cagy.org (CEHv8 - CEHv10)

CPENT TryHackme-Machines
Blue (Windows, Metasploit)
RootMe (Linux, File Upload Vulnerability, Reverse Shell)
0day (Linux, many rabbit holes, Metasploit)
ColddBox (Linux, Wordpress, Brute Force, Reverse Shell)
All in One (Linux, Wordpress, FileInclusion, Reverse Shell)

CPENT Active Directory
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg (AD Exploitation Mindmap)
https://github.com/Orange-Cyberdefense/GOAD (Game of Active Directory)
https://zer1t0.gitlab.io/posts/attacking_ad (Attacking Active Directory)
https://github.com/lefayjey/linWinPwn (LinWinPwn - automation of Active Directory Enumeration)

About

Here are some useful links for the CEH and CPENT course

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published