These are many websites we have bookmarked while hacking. They are useful for many case. Here is short list which we tried to collect. We are still updating.
For practice
- Portswigger Academy https://portswigger.net/web-security
- Hackthebox https://www.hackthebox.com/
- Pentesterlab https://pentesterlab.com/
- HackerOne writeups https://hackerone.com/hacktivity
- CTFTime writeups https://ctftime.org/writeups
For OSINT, Information gathering
- Shodan https://www.shodan.io/
- Securitytrails https://securitytrails.com/
- Zoomeye https://www.zoomeye.org/
- Censys https://censys.io/
- crt.sh https://crt.sh/
- Wayback Machine https://archive.org/web/
For payload finding
- Exploit db https://www.exploit-db.com/
- Nuclei templates https://github.com/projectdiscovery/nuclei-templates
- PayloadsAllTheThings https://github.com/swisskyrepo/PayloadsAllTheThings
- Metasploit payload https://www.rapid7.com/db/
- cxsecurity https://cxsecurity.com/
For post exploit
- Requestbin https://requestbin.net
- Xsshunter https://xsshunter.com/
For show-off
- Zone-h http://www.zone-h.org/
- Raidforums https://raidforums.com/