Links

Pre-Engagement

The Penetration Testing Execution Standard (PTES)

Information Gathering

Daniel Miessler’s TCPDump Study

SecurityTube HackOfTheDay – Wi-Fi Sniffer

D-Sploit

HTTPrint

NMap

Threat Modeling

The New School of Information Security

Vulnerability Analysis

A Few Thoughts on Cryptographic Engineering

Exploitation

..:: Corelan Team ::..

Carnal0wnage & Attack Research Blog

How to Smash the stack for fun and profit – Aleph One

Brad Spengler (Spender) at grsecurity

E-Spohn

Mudge – How to write Buffer Overflows

Post Exploitation

Spiderlabs – Top 5 Privilege Escalation Techniques

FuzzySec – Windows Privilege Escalation Fundamentals

Ruxcon 2012 – Encyclopedia of Windows Privilege Escalation – Brett Moore

DerbyCon 3 – Windows Attacks At is the New Black – Rob Fuller and Chris Gates

Reporting

PTES – Reporting

Serpico – Simple Report Writing and Collaboration Tool

ORG – OWASP Report Generator

Hands-On

Metasploitable

Mutillidae

Samurai Web Testing Framework

Favorites

CobaltStrike Blog

Offensive Security Blog

G0tmi1k’s blog

Ghost in the lab

Google Online Security Blog

Scientific Hooliganism