Here’s a list of links that I have found useful during my course of work. This is a work in progress (and will most likely stay so), as I will be updating it regularly. If you have any good resource links, please send them across so we can share it others.
Mail them to wasimhalani [at] gmail [dot] com
VA-PT
Penetration Test
VulnerabilityAssessement.co.uk
Steve Shead Dot Com – Penetration Testing Checklist
ISAAF-Penetration Testing Framework
Introduction to ARP Poison Routing – Oxid.it(SWF)
TCP Tutorial/Primer
DarkOperator’s Meterpreter and Misc. Scripts
ZeroCold’s Meterpreter and Bash Scripts
OWASP-Testing Guide v3
OWASP-Phoenix Tools
PHPCharset Encoder / String Encrypter
Businessinfo – Web Security Applications & Experiments
Advance XSS Knowledge
Password/Hash/Rainbow-tables Cracking
Downloadable Rainbow Tables and Password lists (torrents)
Password List collection – SkullSecurity
Online WPA/Hash/RAR/SHA1 Crackers service (commercial)
Online Hash Crackers
Reverse Engineering
Reddit-ReverseEngineering
IDA Pro-Video Tutorials
Resources by Mubix
Convert Shellcode to x86 Assembly
Exploit Development
Buffer Overflows for Kids
Buffer Overflows for Kids – 2
Writing exploits for Metasploit 3.0
pvefindaddr.py ImmDbg Plugin
Shellcode to JavaScript encoder
Debugging an SEH 0-day – mr_me
Metasploit Exploit Creation: Step-by-step
Windows Stack Based Overflows – Winamp
Overwriting the SEH
The Amazing King – Exploit Development Tutorials
Memory Exploitation Techniques Timeline
Malware Analysis
Lenny Zeltser – Reverse Engineering – Malware Analysis Cheat Sheet
Lenny Zeltser – Reverse Engineering Malware Paper
Resources by Mubix
XORSearch
JSUNPACK – Generic JavaScript Unpacker
Tools for Malicious PDF Analysis
Audit
Active Directory Security Checklist
Windows 2000 Auditing
SQL Server Security Audit Report