Resources

Articles

NMAP Legal Issues - When is port scanning legal?
Some Thoughts on Doing the OSCP - A great resource for anybody considering tackling OSCP.

Blogs

CQR
Krebs on Security
Secure Code Warrior
Signal Sciences
Troy Hunt

Books

Advanced Wireless Penetration Testing - Pentest Magazine
Mohamed Madgi
OWASP Testing Guide V4 - Open Web App Security Project (OWASP)
Matteo Meucci and Andrew Muller
Penetration Testing - A Hands-On Introduction to Hacking
Georgia Weidman

Bug Bounties

Awesome Bug Bounty
Bug Bounty Reference

Challenges

Hack The Box - A collection of hackable system with CTF like challenges. Great community too.
PentesterLab - Excercises based on common vulnerabilities agains real vulnerable systems.

Cheatsheets

Authentication

JWT Security Cheatsheet - Pentester Labs

Mobile Application Testing

Mobile App Pentest Cheatsheet

OSCP

Passing OSCP - Alex Dib

SQL Injection

MSSQL SQLi cheatsheet
MySQL SQLi cheatsheet
Oracle SQLi cheatsheet
PostgreSQL SQLi cheatsheet

Tools

TMUX - Mohamed A. Hassan

Datasets

Project Sonar

Information

Default Password - A list of default usernames and passwords for networking hardware.
Google Dorks - A database full of queries to get interesting information using advanced Google searches.

Podcasts

Black Hills Information Security
Risky Business
State of the Hack
Unsupervised Learning

Reports

Verizon Data Breach Reports

Verizon Data Breach Report 2017
Verizon Data Breach Report 2018

Tools

Buffer Overflow

Immunity Debugger
Mona

Exploit Databases

Exploit DB
Sploitus

Operating Systems

Kali Linux
VulnHub
Windows VMs

Remote Access

sshuttle

Scanning and Enumeration

gobuster - OJ
SecLists - A collection of lists including usernames, passwords and fuzzing lists curated by Daniel Miessler.

Web Testing

BurpSuite
Firefox

BurpSuite Extensions

Active Scan++ (Pro)
Autorize (Pro)
Decoder Improved
JSON Beautifier
SQLiPy Sqlmap Integration

Firefox Extensions

Proxy Switcher

Tutorials

Buffer Overflow

dobufferoverflowgood - Justin Steven