Links
bug bounty
- https://hackerone.com
- https://bugcrowd.com
CTF links
- https://gtfobins.github.io/
- https://lolbas-project.github.io/
- https://www.revshells.com/
- https://pentestmonkey.net
- https://pentestmonkey.net/tools/web-shells/php-reverse-shell
- https://gchq.github.io/CyberChef/
- https://www.guballa.de/vigenere-solver
- https://copy.sh/brainfuck/
- https://crackstation.net/
- https://hashes.com/en/decrypt/hash
- https://chmod-calculator.com/
- https://github.com/tomnomnom/assetfinder
- https://github.com/tomnomnom/httprobe
- https://github.com/tomnomnom/waybackurls
Search engine
OWASP
- OWASP Top Ten
- OWASP Application Security Verification Standard Project
- OWASP Mobile Application Security Verification
- OWASP Proactive Controls
Safecode
- https://safecode.org/publications/
- https://safecode.org/training/
- http://safecode.org/wp-content/uploads/2018/01/SAFECode_Agile_Dev_Security0712.pdf
- http://safecode.org/wp-content/uploads/2018/01/SAFECode_Dev_Practices0211.pdf
Web
- https://cheatsheets.pragmaticwebsecurity.com
- https://pragmaticwebsecurity.com/talks/commonapisecuritypitfalls
Vulnerability information source
- https://nvd.nist.gov/products/cpe/search
- https://cve.mitre.org/
- https://www.exploit-db.com
- https://www.securityfocus.com/
- Full Disclosure Mailing List
- Hackerone internet
- Packet Storm
- CERT Vulnerability Notes Database