Great links/tools to learn from

[blindfuzzy]

*I am not taking any credit for this list. I found this list and I am posting it here to share with everyone. I have checked most of the links but not all of them so if any are dead let me know and I will look for alternatives.

Security Forums

    https://evilzone.org
    https://www.hackthissite.org/forums/index.php
    https://www.ethicalhacker.net/forums/index.php
    http://forum.antichat.ru/
    https://forum.xeksec.com/
    https://rdot.org/forum/
    https://forum.zloy.bz/
    https://forum.reverse4you.org/
    https://rstforums.com/forum/
    http://www.truehackers.ru/forum/index.php
    http://garage4hackers.com/forum.php
    https://www.hellboundhackers.org/
    http://www.lockpicking101.com/
    https://www.xploitworld.com/index.php

Tor Onion Links

    https://www.torproject.org/
    http://www.hiddenwiki.info/

Security Methodologies

    http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
    http://www.pentest-standard.org/index.php/Main_Page
    https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
    http://yehg.net/lab/pr0js/misc/wasarg_owasp-tgv4_with_ref.php
    http://www.social-engineer.org/
    http://projects.webappsec.org/w/page/13246927/FrontPage
    https://www.sans.org/reading-room/whitepapers/auditing/base-security-assessment-methodology-1587
    http://www.isecom.org/research/osstmm.html

Training/Classes/Video

    https://exploit-exercises.com
    https://www.cybrary.it/cyber-security/
    http://www.irongeek.com/i.php?page=videos/aide-winter-2011
    https://lab.pentestit.ru/pentestlabs/3
    https://trailofbits.github.io/ctf/
    http://ctf.forgottensec.com/wiki/?title=Main_Page
    http://smashthestack.org/
    http://ctf.hcesperer.org/
    https://www.google.com/calendar/feeds/noge7b1rg2dg4a8kcm1k68vbjg@group.calendar.google.com/public/basic
    https://www.google.com/calendar/embed?src=pe2ikdbe6b841od6e26ato0asc@group.calendar.google.com&gsessionid=OK
    https://crypto.stanford.edu/cs155/
    https://www.offensive-security.com/metasploit-unleashed/
    http://www.irongeek.com/i.php?page=videos/metasploit-class
    http://www.securitytube.net/
    http://resources.infosecinstitute.com/
    https://www.cs.fsu.edu/~redwood/OffensiveSecurity/lectures.html
    https://www.youtube.com/watch?v=ANlROJNWtCs&list=PLM0IiVYClP2vC3A6Uz_ESV86kBVYei5qx
    https://www.youtube.com/watch?v=Sye3mu-EoTI
    https://www.youtube.com/watch?v=GPjcSxyIIUc
    https://www.youtube.com/watch?v=kPxavpgos2I
    https://www.youtube.com/watch?v=pnqcHU2qFiA
    http://www.securitytube.net/video/7640
    https://www.youtube.com/watch?v=y2zrEAwmdws
    http://www.securitytube.net/video/7735

Pentest Tools

    https://github.com/pwnwiki/pwnwiki.github.io
    https://github.com/sbilly/awesome-security
    https://github.com/paragonie/awesome-appsec
    https://github.com/enaqx/awesome-pentest
    https://github.com/kahun/awesome-sysadmin#security
    http://beefproject.com/
    https://xsser.03c8.net/
    https://code.google.com/p/fuzzdb/
    https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database#tab=Statements
    http://w3af.org/
    https://code.google.com/p/skipfish/
    https://www.sans.org/reading-room/whitepapers/testing/fuzzing-approach-credentials-discovery-burp-intruder-33214
    https://www.securityninja.co.uk/hacking/burp-suite-tutorial-the-intruder-tool/
    http://www.justanotherhacker.com/projects/graudit.html
    https://packetstormsecurity.com/files/tags/tool
    http://pentestbox.com/   (For Windows users)
    http://seclist.us/
    http://www.toolwar.com/
    https://www.toolswatch.org/

Pentest Lab ISO-VMs

    http://www.amanhardikar.com/mindmaps/PracticeUrls.html
    https://www.kali.org/
    https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project
    http://blackarch.org/
    https://code.google.com/p/owaspbwa/
    https://www.mavensecurity.com/web_security_dojo/
    http://hackingdojo.com/dojo-media/
    http://informatica.uv.es/~carlos/docencia/netinvm/
    http://www.bonsai-sec.com/en/research/moth.php
    http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
    http://sourceforge.net/projects/lampsecurity/?source=navbar
    https://www.hacking-lab.com/index.html
    http://sourceforge.net/projects/virtualhacking/files/
    http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10
    http://www.dvwa.co.uk/
    http://sourceforge.net/projects/thebutterflytmp/
    http://magikh0e.ihtb.org/pubPapers/

Metasploit

    http://resources.metasploit.com/
    http://netsec.ws/?p=262
    http://seclists.org/metasploit/
    https://www.offensive-security.com/metasploit-unleashed/Introduction/
    http://www.offensive-security.com/metasploit-unleashed/Msfvenom
    https://community.rapid7.com/community/metasploit/
    http://www.securitytube.net/video/711?q=METASPLOIT
    https://en.wikibooks.org/wiki/Metasploit
    https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf
    http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html
    https://github.com/rapid7/metasploit-framework/wiki/Meterpreter
    https://www.blackhat.com/presentations/bh-dc-10/Egypt/BlackHat-DC-2010-Egypt-UAV-slides.pdf

Net Scanners

    https://nmap.org/
    https://nmap.org/nsedoc/
    http://www.securitytube.net/video/931
    https://nmap.org/nsedoc/
    http://www.openvas.org/
    http://www.tenable.com/products/nessus-vulnerability-scanner
    https://www.rapid7.com/products/nexpose/compare-downloads.jsp
    http://www.inguardians.com/research/docs/Skoudis_pentestsecrets.pdf

Man-in-the-middle attack

    http://www.linuxsecurity.com/docs/PDF/dsniff-n-mirror.pdf
    http://media.techtarget.com/searchUnifiedCommunications/downloads/Seven_Deadliest_UC_Attacks_Ch3.pdf
    https://packetstormsecurity.com/papers/wireless/cracking-air.pdf
    https://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf
    https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-sam_bowne-hijacking_web_2.0.pdf
    http://www.leetupload.com/database/Misc/Papers/Asta%20la%20Vista/18.Ettercap_Spoof.pdf
    http://bandwidthco.com/nf.html
    http://articles.manugarg.com/arp_spoofing.pdf
    http://academy.delmar.edu/Courses/ITSY2430/eBooks/Ettercap(ManInTheMiddleAttack-tool).pdf
    http://www.ucci.it/docs/ICTSecurity-2004-26.pdf

Phase 1 - Reconnaissance: Information Gathering before the Attack

    https://en.wikipedia.org/wiki/Open-source_intelligence
    http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-1-social-networks/
    http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-%E2%80%93-part-2-blogs-message-boards-and-metadata/
    http://www.spylogic.net/2009/10/enterprise-open-source-intelligence-gathering-part-3-monitoring/
    http://www.slideshare.net/Laramies/tactical-information-gathering
    http://www.infond.fr/2010/05/toturial-footprinting.html

Phase 1.1 - People and Orginizational

    http://www.spokeo.com/
    http://www.spoke.com/
    https://www.xing.com/
    http://www.zoominfo.com/
    https://pipl.com/
    http://www.zabasearch.com/
    http://www.searchbug.com/
    http://skipease.com/
    http://addictomatic.com/
    http://socialmention.com/
    http://entitycube.research.microsoft.com/
    http://www.yasni.com/
    http://www.glassdoor.com/index.htm
    https://connect.data.com/
    https://searchwww.sec.gov/EDGARFSClient/jsp/EDGAR_MainAccess.jsp
    https://www.tineye.com/
    http://www.peekyou.com/

Phase 1.2 - Infastructure

    http://uptime.netcraft.com/
    http://www.shodanhq.com/
    http://www.domaintools.com/
    http://centralops.net/co/
    http://whois.webhosting.info/
    https://www.ssllabs.com/ssltest/analyze.html
    https://www.exploit-db.com/google-hacking-database/
    http://www.my-ip-neighbors.com/

Phase 1.2 - Tools

    OSINT Tools
    http://www.edge-security.com/theharvester.php
    http://www.edge-security.com/metagoofil.php
    http://www.paterva.com/web6/
    https://www.sans.org/reading-room/whitepapers/privacy/document-metadata-silent-killer-32974
    http://www.sno.phy.queensu.ca/~phil/exiftool/
    http://www.darkoperator.com/blog/2009/4/24/metadata-enumeration-with-foca.html

Phase 2 - Enumeration: Finding Attack Vectors

    http://securitysynapse.blogspot.be/2013_08_01_archive.html
    https://hackertarget.com/attacking-wordpress/
    https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
    http://www.0daysecurity.com/penetration-testing/enumeration.html
    https://github.com/n3ko1/WrapMap
    https://cirt.net/Nikto2
    http://www.unixmen.com/install-nikto-web-scanner-check-vulnerabilities/
    http://seclist.us/autoenum-nmap-enumeration-and-script-scan-automation-script.html
    http://code.stephenmorley.org/articles/xampp-version-history-apache-mysql-php/
    http://carnal0wnage.attackresearch.com/2007/07/over-in-lso-chat-we-were-talking-about.html
    http://www.iodigitalsec.com/windows-null-session-enumeration/
    https://pen-testing.sans.org/blog/2013/07/24/plundering-windows-account-info-via-authenticated-smb-sessions
    http://carnal0wnage.attackresearch.com/2007/07/enumerating-user-accounts-on-linux-and.html
    https://github.com/isaudits/autoenum
    http://www.webpronews.com/snmp-enumeration-and-hacking-2003-09
    http://carnal0wnage.attackresearch.com/2007/07/over-in-lso-chat-we-were-talking-about.html
    http://www.iodigitalsec.com/windows-null-session-enumeration/
    http://pen-testing.sans.org/blog/2013/07/24/plundering-windows-account-info-via-authenticated-smb-sessions
    http://carnal0wnage.attackresearch.com/2007/07/enumerating-user-accounts-on-linux-and.html
    http://www.madirish.net/59a

Phase 3 - Exploitation: Verifying Security Weaknesses

    http://pwnwiki.io
    http://download.vulnhub.com/pentesterlab/php_include_and_post_exploitation.pdf
    http://ru.scribd.com/doc/245679444/hak5-org-OSXPost-Exploitation-copy-20130228-pdf#scribd
    https://cyberwar.nl/d/hak5.org_LinuxUnixBSDPost-ExploitationCommandList_copy-20130228.pdf
    https://www.yumpu.com/en/document/view/14963680/from-sqli-to-shell

Dump Windows Password Hashes

    http://bernardodamele.blogspot.com/2011/12/dump-windows-password-hashes.html

Windows Passhing The Hash

    https://www.kali.org/penetration-testing/passing-hash-remote-desktop/
    https://www.kali.org/kali-monday/pass-the-hash-toolkit-winexe-updates/

Windows Privilege Escalation

    http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/
    https://github.com/0xdeafbeef/PSSecSnapshot
    http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.html
    http://www.fuzzysecurity.com/tutorials/16.html
    http://www.youtube.com/watch?v=kMG8IsCohHA
    http://www.youtube.com/watch?v=_8xJaaQlpBo
    http://www.greyhathacker.net/?p=738
    http://bernardodamele.blogspot.ru/2011/12/dump-windows-password-hashes.html

Linux Privilege Escalation

    http://incolumitas.com/wp-content/uploads/2012/12/blackhats_view.pdf
    http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation.html
    http://pentestmonkey.net/tools/audit/unix-privesc-check
    http://www.rebootuser.com/?page_id=1721
    http://www.rebootuser.com/?p=1758
    http://www.rebootuser.com/?p=1623
    http://insidetrust.blogspot.nl/2011/04/quick-guide-to-linux-privilege.html

Tunneling & Port Forwarding

    https://www.sans.org/reading-room/whitepapers/testing/tunneling-pivoting-web-application-penetration-testing-36117
    https://highon.coffee/blog/reverse-shell-cheat-sheet/
    https://highon.coffee/blog/ssh-meterpreter-pivoting-techniques/
    http://staff.washington.edu/corey/fw/ssh-port-forwarding.html
    http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
    http://magikh0e.ihtb.org/pubPapers/ssh_gymnastics_tunneling.html
    http://www.debianadmin.com/howto-use-ssh-local-and-remote-port-forwarding.html
    http://www.danscourses.com/Network-Penetration-Testing/metasploit-pivoting.html
    http://carnal0wnage.attackresearch.com/2007/09/using-metasploit-to-pivot-through_06.html
    http://www.offensive-security.com/metasploit-unleashed/Portfwd
    http://www.offensive-security.com/metasploit-unleashed/Pivoting
    http://www.howtoforge.com/reverse-ssh-tunneling
    http://ftp.acc.umu.se/pub/putty/putty-0.57/htmldoc/Chapter7.htmla

XSS Cheat Codes

    http://www.xenuser.org/xss-cheat-sheet/
    https://gist.github.com/sseffa/11031135
    https://html5sec.org/

WebShells

    http://www.r57shell.net/
    https://github.com/b374k/b374k
    https://github.com/epinna/weevely3

SQLi General Resources

    http://www.w3schools.com/sql/sql_injection.asp
    http://sqlzoo.net/hack/
    https://information.rapid7.com/rs/rapid7/images/R7%20SQL_Injection_Cheat_Sheet.v1.pdf
    http://websec.ca/kb/sql_injection
    http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
    http://www.unixwiz.net/techtips/sql-injection.html
    http://www.sqlinjectionwiki.com/
    http://sqlmap.org/
    https://packetstorm.sigterm.no/papers/cheatsheets/sqlmap-cheatsheet-1.0-SDB.pdf
    https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet
    http://bobby-tables.com/
    https://spike188.wordpress.com/category/blind-sql-injection/
    http://securityidiots.com/Web-Pentest/SQL-Injection
    https://information.rapid7.com/rs/rapid7/images/R7%20SQL_Injection_Cheat_Sheet.v1.pdf
   

MySQLi Resources

    http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet
    https://websec.wordpress.com/2010/12/04/sqli-filter-evasion-cheat-sheet-mysql/
    http://resources.infosecinstitute.com/backdoor-sql-injection/
    http://www.michaelboman.org/books/sql-injection-cheat-sheet-mysql

MSSQLi Resources

    http://evilsql.com/main/page2.php
    http://pentestmonkey.net/cheat-sheet/sql-injection/mssql-sql-injection-cheat-sheet
    http://www.michaelboman.org/books/sql-injection-cheat-sheet-mssql

Oracle SQLi Resources

    http://pentestmonkey.net/cheat-sheet/sql-injection/oracle-sql-injection-cheat-sheet
    http://www.michaelboman.org/books/sql-injection-cheat-sheet-oracle

Postgres SQLi Resources

    http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet
    http://www.michaelboman.org/books/sql-injection-cheat-sheet-postgresql

SQLite Resources

    https://sites.google.com/site/0x7674/home/sqlite3injectioncheatsheet

RFI/LFI Tutorials

    https://evilzone.org/tutorials/remote-file-inclusion%28rfi%29/
    http://www.hackersonlineclub.com/lfi-rfi
    https://0xzoidberg.wordpress.com/category/security/lfi-rfi/

NASM Tutorial

    http://ccm.net/faq/1559-compiling-an-assembly-program-with-nasm

Buffer Overflow Tutorial

    http://www.madirish.net/142
    http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v1-90-buffer-overflow
    http://resources.infosecinstitute.com/author/nikhil-kumar/
    http://www.frequency.com/video/athcon-hack-in-paris-demo-1/40181156
    http://www.savevid.com/video/athcon-hack-in-paris-demo-2.html
    http://www.frequency.com/video/athcon-hack-in-paris-demo-3/11306148
    https://tehaurum.wordpress.com/2015/06/22/exploit-development-stack-buffer-overflow/
    http://proactivedefender.blogspot.ru/2013/05/understanding-buffer-overflows.html
    https://forum.reverse4you.org/showthread.php?t=1371
    http://grey-corner.blogspot.com/2010/01/beginning-stack-based-buffer-overflow.html
    http://grey-corner.blogspot.com/2010/01/seh-stack-based-windows-buffer-overflow.html
    http://grey-corner.blogspot.com/2010/01/windows-buffer-overflow-tutorial.html
    http://grey-corner.blogspot.com/2010/01/heap-spray-exploit-tutorial-internet.html
    http://grey-corner.blogspot.com/2010/02/windows-buffer-overflow-tutorial.html
    http://thepcn3rd.blogspot.ru/2015/07/freeftpd-108-seh-stack-based-overflow.html

Exploit Development

    https://www.corelan.be/index.php/articles/
    http://www.fuzzysecurity.com/tutorials.html
    https://code.google.com/p/it-sec-catalog/wiki/Exploitation
    http://www.myne-us.com/2010/08/from-0x90-to-0x4c454554-journey-into.html
    https://www.ethicalhacker.net/columns/heffner/smashing-the-modern-stack-for-fun-and-profit
    http://x9090.blogspot.ru/2010/03/tutorial-exploit-writting-tutorial-from.html
    http://ref.x86asm.net/index.html
    https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
    https://forum.reverse4you.org/showthread.php?t=1371

Exploits and Shellcodes

    https://www.exploit-db.com/
    https://packetstormsecurity.com/
    http://www.securityfocus.com/bid
    https://nvd.nist.gov/
    http://osvdb.org/
    http://www.secdocs.org/
    http://www.cvedetails.com/
    https://cve.mitre.org/
    http://www.windowsexploits.com/
    http://farlight.org/index.html?type=shellcode
    http://shell-storm.org/shellcode/

Reverse Engineering

    https://www.cyberguerrilla.org/blog/what-the-blackhats-dont-want-you-to-know-series/
    http://fumalwareanalysis.blogspot.ru/p/malware-analysis-tutorials-reverse.html
    http://www.woodmann.com/TiGa/idaseries.html
    http://visi.kenshoto.com/viki/MainPage
    http://www.radare.org/r/
    http://www.offensivecomputing.net/
    http://www.oldapps.com/
    http://www.oldversion.com/
    https://www.exploit-db.com/webapps/
    http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
    http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
    http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
    http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx

OS Cheat Sheets and Script Syntax

    https://www.owasp.org/index.php/Cheat_Sheets
    http://www.cheat-sheets.org/
    http://ss64.com/nt/
    https://rstforums.com/forum/22324-hacking-tools-windows.rst
    https://en.wikipedia.org/wiki/IPv4_subnetting_reference
    http://www.nixtutor.com/linux/all-the-best-linux-cheat-sheets/
    http://shelldorado.com/shelltips/beginner.html
    http://mywiki.wooledge.org/BashPitfalls
    https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
    http://www.robvanderwoude.com/ntadmincommands.php
    https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
    https://countuponsecurity.files.wordpress.com/2015/06/jtr-cheatsheetimg.png
    https://danielmiessler.com/study/tcpdump/
    http://www.infosecwriters.com/Papers/nessusNMAPcheatSheet.pdf

Passwords Wordlists, Hashes, Tools

    http://www.irongeek.com/i.php?page=videos/password-exploitation-class
    https://cirt.net/passwords
    http://h.foofus.net/?page_id=51
    http://h.foofus.net/?page_id=55
    http://foofus.net/?page_id=63
    http://hashcrack.blogspot.ru/
    http://www.onlinehashcrack.com/
    http://www.md5this.com/
    http://contest-2010.korelogic.com/wordlists.html
    https://packetstormsecurity.com/Crackers/wordlists/
    http://hqsoftwarecollection.blogspot.in/p/36gn-wordlist.html
    https://wiki.skullsecurity.org/Passwords
    https://www.sans.org/reading-room/whitepapers/testing/pass-the-hash-attacks-tools-mitigation-33283
    https://www.sans.org/reading-room/whitepapers/testing/crack-pass-hash-33219
    https://nmap.org/ncrack/
    http://www.openwall.com/john/
    http://ophcrack.sourceforge.net/
    https://inquisb.github.io/keimpx/
    http://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-3-using-hashcat-0156543/

Privacy Tools

    https://www.privacytools.io/

Links Collections

    http://in-addr.nl/security-links.php
    http://ser-storchak.blogspot.ru/p/blog-page_16.html
    https://www.vulnhub.com/resources/
    https://mobilesecuritywiki.com/

bookmarksv1.0.html
^Submitted by: null_scientist_44


*I have checked most of the links but not all of them so if any are dead let me know and I will look for alternatives.

This is a great list to get started with and can help answer a lot of redundant questions. 

[novaccainne]

Thanks for the great list, it is very useful, but it would be even better if there were a bookmark list for firefox which contains these links

[blindfuzzy]

Thanks for the great list, it is very useful, but it would be even better if there were a bookmark list for firefox which contains these links

bookmarks-2015-09-29.json

Json file for importing into Firefox.

[rincewind]

Wow man, wow, +1, +rate and I have to thank you with post, really cool list. Btw there are also some other lists here one EZ, maybe use all of them and make BIG resources wiki page. Just an idea

[blindfuzzy]

Added a few more links and pentest tools for Windows users.

Feel free to contribute if you guys have any links to share.

[iTpHo3NiX]

Added evilzone.org to security forums and set topic sticky.

[0pt1musPr1m3]

This is a pretty damn good list +1

Possibly wiki worthy??

[Biokinetix]

Thanx allot for the list. This will keep me busy for a while going through all those links. The firefox bookmarks are a awesome added bonus. Thanx

[blindfuzzy]

This is a pretty damn good list +1

Possibly wiki worthy??

I wouldn't say that; but thanks it's appreciated.

*Added a few new links; I plan to go through and weed out the ones that are no longer working here soon.*

[null_scientist_44]

Hey, I made a sort of customized version of this, figured I would share with you. No credit wanted or taken.

bookmarksv1.0.html

[blindfuzzy]

Hey, I made a sort of customized version of this, figured I would share with you. No credit wanted or taken.

bookmarksv1.0.html

Added to the list and gave credit. Thank you.

[etnica]

Thank you for all this links my friend.
the link to the forum: "http://securityoverride.org/forum/index.php" seems not working... :\

[null_scientist_44]

Looks like site is down, I'll look for a few days and remove it after that with an update on the bookmark pack. Seems to be mis-configured apache...

[blindfuzzy]

Looks like site is down, I'll look for a few days and remove it after that with an update on the bookmark pack. Seems to be mis-configured apache...

I went ahead a removed it from my list. It's been down for a few days.

[x40a0e]

Great list +1

This link seems to be down. index.php 404s, and the root seems to be a parked domain or something.

https://www.xploitworld.com/index.php