Jefferson Kirkland numberwhun

## 22 Hacking Sites To Practice Your Hacking Skills
Taken from:  https://hackerlists.com/hacking-sites/

22 Hacking Sites, CTFs and Wargames To Practice Your Hacking Skills
InfoSec skills are in such high demand right now. As the world continues to turn everything into an app and connect even the most basic devices to the internet, the demand is only going to grow, so it’s no surprise everyone wants to learn hacking these days.


However, almost every day I come across a forum post where someone is asking where they should begin to learn hacking or how to practice hacking. I’ve compiled this list of some of the best hacking sites to hopefully be a valuable resource for those wondering how they can build and practice their hacking skill set. I hope you find this list helpful, and if you know of any other quality hacking sites, please let me know in the comments, so I can add them to the list.

1. CTF365 https://ctf365.com/

## Penetration testing sample test cases
Penetration testing sample test cases (test scenarios):

Remember this is not functional testing. In Pentest your goal is to find security holes in the system. Below are some generic test cases and not necessarily applicable for all applications.

1) Check if web application is able to identify spam attacks on contact forms used in the website.
2) Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server make it difficult for hackers to get internal details of the network thus protecting the system from external attacks.
3) Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited  emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body.
4) Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can p

## Malware Analysis Tips and other Pentesting Links
Books to look for:
http://www.barnesandnoble.com/w/a-bug-hunters-diary-tobias-klein/1110853653?ean=9781593273859
http://www.barnesandnoble.com/w/malware-forensics-cameron-h-malin/1111450972?ean=9781597492683
http://www.barnesandnoble.com/w/hacking-web-apps-mike-shema/1110781208?ean=9781597499514
http://www.barnesandnoble.com/w/professional-penetration-testing-thomas-wilhelm/1117354019?ean=9781597499934
http://www.barnesandnoble.com/w/the-hackers-guide-to-os-x-robert-bathurst/1111893150?ean=9781597499507
http://www.barnesandnoble.com/w/carry-on-bruce-schneier/1115806332?ean=9781118790816
http://www.barnesandnoble.com/w/phishing-dark-waters-christopher-hadnagy/1120616529?ean=9781118958476
http://www.barnesandnoble.com/w/network-security-through-data-analysis-michael-collins/1117219990?ean=9781449357900
http://www.barnesandnoble.com/w/practical-reverse-engineering-bruce-dang/1118229651?ean=9781118787311

## gist:dc09b0a047fae106d773
Borrowed from:  http://www.labnol.org/software/wget-command-examples/28750/

Wget is extremely powerful, but like with most other command line programs, the plethora of options it supports can be intimidating to new users. Thus what we have here are a collection of wget commands that you can use to accomplish common tasks from downloading single files to mirroring entire websites. It will help if you can read through the wget manual but for the busy souls, these commands are ready to execute.

1. Download a single file from the Internet
wget http://example.com/file.iso

2. Download a file but save it locally under a different name
wget ‐‐output-document=filename.html example.com

## OpenSSH Config File Examples
Taken from:  http://www.cyberciti.biz/faq/create-ssh-config-file-on-linux-unix/

System-wide SSH client configuration files

/etc/ssh/ssh_config : This files set the default configuration for all users of OpenSSH clients on that desktop/laptop and it must be readable by all users on the system.
User-specific SSH client configuration files

~/.ssh/config or $HOME/.ssh/config : This is user’s own configuration file which, overrides the settings in the global client configuration file, /etc/ssh/ssh_config.
~/.ssh/config file rules

## Python progression path - From apprentice to guru
Borrowed from:  http://stackoverflow.com/questions/2573135/python-progression-path-from-apprentice-to-guru

I've been learning, working, and playing with Python for a year and a half now. As a biologist slowly making the turn to bio-informatics, this language has been at the very core of all the major contributions I have made in the lab. I more or less fell in love with the way Python permits me to express beautiful solutions and also with the semantics of the language that allows such a natural flow from thoughts to workable code.

What I would like to know is your answer to a kind of question I have seldom seen in this or other forums. This question seems central to me for anyone on the path to Python improvement but who wonders what his next steps should be.

Let me sum up what I do NOT want to ask first ;)

    I don't want to know how to QUICKLY learn Python
    Nor do I want to find out the best way to get acquainted with the language

## PenTesting Tools
Information Gathering:
arping
bing-ip2hosts-0.2
chaosreader
darkstat
dmitry
dnstracer
dnswalk
enum4linux
frox

## gist:de23f428ef2d88dbf216
Taken from:  http://www.dfir.org/?q=node/8

Recommended Reading

This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.

Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category.

If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch.

## 19 Tips For Everyday Git Use
Taken from:  http://www.alexkras.com/19-git-tips-for-everyday-use/

19 Tips For Everyday Git Use
September 8, 2015 by Alex Kras 31 Comments

TwitterHacker NewsRedditFacebookShare1,491
I’ve been using git full time for the past 4 years, and I wanted to share the most practical tips that I’ve learned along the way. Hopefully, it will be useful to somebody out there.

If you are completely new to git, I suggest reading Git Cheat Sheet first or checking out this free tutorial. This article is aimed at somebody who has been using git for three months or more.

## PenTesting Bookmarks
I found this list by chance.  It is located at: https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList

Its a bit old (compiled in 2012), but links may still be valid.

------------------

Hacker Media

    Blogs Worth It:
    What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.
	Taken from: https://hackerlists.com/hacking-sites/

	22 Hacking Sites, CTFs and Wargames To Practice Your Hacking Skills
	InfoSec skills are in such high demand right now. As the world continues to turn everything into an app and connect even the most basic devices to the internet, the demand is only going to grow, so it’s no surprise everyone wants to learn hacking these days.


	However, almost every day I come across a forum post where someone is asking where they should begin to learn hacking or how to practice hacking. I’ve compiled this list of some of the best hacking sites to hopefully be a valuable resource for those wondering how they can build and practice their hacking skill set. I hope you find this list helpful, and if you know of any other quality hacking sites, please let me know in the comments, so I can add them to the list.

	1. CTF365 https://ctf365.com/
	Penetration testing sample test cases (test scenarios):

	Remember this is not functional testing. In Pentest your goal is to find security holes in the system. Below are some generic test cases and not necessarily applicable for all applications.

	1) Check if web application is able to identify spam attacks on contact forms used in the website.
	2) Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server make it difficult for hackers to get internal details of the network thus protecting the system from external attacks.
	3) Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body.
	4) Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can p
	Books to look for:
	http://www.barnesandnoble.com/w/a-bug-hunters-diary-tobias-klein/1110853653?ean=9781593273859
	http://www.barnesandnoble.com/w/malware-forensics-cameron-h-malin/1111450972?ean=9781597492683
	http://www.barnesandnoble.com/w/hacking-web-apps-mike-shema/1110781208?ean=9781597499514
	http://www.barnesandnoble.com/w/professional-penetration-testing-thomas-wilhelm/1117354019?ean=9781597499934
	http://www.barnesandnoble.com/w/the-hackers-guide-to-os-x-robert-bathurst/1111893150?ean=9781597499507
	http://www.barnesandnoble.com/w/carry-on-bruce-schneier/1115806332?ean=9781118790816
	http://www.barnesandnoble.com/w/phishing-dark-waters-christopher-hadnagy/1120616529?ean=9781118958476
	http://www.barnesandnoble.com/w/network-security-through-data-analysis-michael-collins/1117219990?ean=9781449357900
	http://www.barnesandnoble.com/w/practical-reverse-engineering-bruce-dang/1118229651?ean=9781118787311
	Borrowed from: http://www.labnol.org/software/wget-command-examples/28750/

	Wget is extremely powerful, but like with most other command line programs, the plethora of options it supports can be intimidating to new users. Thus what we have here are a collection of wget commands that you can use to accomplish common tasks from downloading single files to mirroring entire websites. It will help if you can read through the wget manual but for the busy souls, these commands are ready to execute.

	1. Download a single file from the Internet
	wget http://example.com/file.iso

	2. Download a file but save it locally under a different name
	wget ‐‐output-document=filename.html example.com
	Taken from: http://www.cyberciti.biz/faq/create-ssh-config-file-on-linux-unix/

	System-wide SSH client configuration files

	/etc/ssh/ssh_config : This files set the default configuration for all users of OpenSSH clients on that desktop/laptop and it must be readable by all users on the system.
	User-specific SSH client configuration files

	~/.ssh/config or $HOME/.ssh/config : This is user’s own configuration file which, overrides the settings in the global client configuration file, /etc/ssh/ssh_config.
	~/.ssh/config file rules
	Borrowed from: http://stackoverflow.com/questions/2573135/python-progression-path-from-apprentice-to-guru

	I've been learning, working, and playing with Python for a year and a half now. As a biologist slowly making the turn to bio-informatics, this language has been at the very core of all the major contributions I have made in the lab. I more or less fell in love with the way Python permits me to express beautiful solutions and also with the semantics of the language that allows such a natural flow from thoughts to workable code.

	What I would like to know is your answer to a kind of question I have seldom seen in this or other forums. This question seems central to me for anyone on the path to Python improvement but who wonders what his next steps should be.

	Let me sum up what I do NOT want to ask first ;)

	I don't want to know how to QUICKLY learn Python
	Nor do I want to find out the best way to get acquainted with the language
	Information Gathering:
	arping
	bing-ip2hosts-0.2
	chaosreader
	darkstat
	dmitry
	dnstracer
	dnswalk
	enum4linux
	frox
	Taken from: http://www.dfir.org/?q=node/8

	Recommended Reading

	This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.

	Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category.

	If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch.
	Taken from: http://www.alexkras.com/19-git-tips-for-everyday-use/

	19 Tips For Everyday Git Use
	September 8, 2015 by Alex Kras 31 Comments

	TwitterHacker NewsRedditFacebookShare1,491
	I’ve been using git full time for the past 4 years, and I wanted to share the most practical tips that I’ve learned along the way. Hopefully, it will be useful to somebody out there.

	If you are completely new to git, I suggest reading Git Cheat Sheet first or checking out this free tutorial. This article is aimed at somebody who has been using git for three months or more.
	I found this list by chance. It is located at: https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList

	Its a bit old (compiled in 2012), but links may still be valid.

	------------------

	Hacker Media

	Blogs Worth It:
	What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.