Tutorials
*Metasploit Unleashed
Excellent tutorial by Offensive Security on the basics of using Metasploit.
*Hash-Dumping Techniques
Series from Bernardo Damele AG on all known NT/LM hash dumping methods.
*Hacking Oracle
Six-part series from Chris Gates on methods of getting shell through Oracle.
*Post-Exploitation Techniques
Mubix has organized several great post-exploitation resources on Google Docs.
*Getting Started with PowerShell
SynJunkie goes through a quick introduction to PowerShell.
*PowerShell Basics and the Environment
Carlos Perez does a great job introducing security pros to PowerShell!
*Exploit Writing Tutorials
The Corelan Team has put together great tutorials on exploitation which are regularly referenced (or stolen) in most exploit writing classes.
*Secrets of PowerShell Remoting
This guide to using PowerShell remotely is extremely detailed and has already been updated several times by Don Jones. Download the zip and check it out.
Technical Posts and Tools
*Keyboard Pattern Password Generation
Excellent post by d3ad0ne about keyboard patterns and a script to help crack them.
*Injecting Shellcode with PowerShell
Great way to use PowerShell to bypass application whitelisting and AV by Matt Graeber.
*How Metasploit Generates Payloads
Scriptjunkie discusses how payload generation works and the comments references a great AV bypass.
*Excel Exercises in Style
Didier Stevens does a lot of great research, but I have heavily used this macro on engagements.
*Command-line Tips and Tricks
This is actually another link page on the Command Line Kung Fu blog but its really helpful.
*How to Collect Passwords
Mark Burnett lists several ways to compile an effective password dictionary.
Articles and Opinion Posts
*Facts and Myths about Meterpreter AV Evasion
Mihi scientifically explains AV evasion with meterpreter payloads.
*Certifications don't make you a penetration tester
A common debate from some people who know.
*Maximizing Value in Pen Testing
A good writeup on report writing and focus on business value for pen testers by Ed Skoudis.
*What to do with the local Administrator account?
A discussion about the risk associated with different Local Admin password strategies.
Infosec Humor
*How to get anyone's IP Address by NextGenHacker101
Over a million views on youtube.
*You Should Work for Symantec
We have all had a conversation like this.
*Wat
A short talk about language inconsistencies.
*Even Bill Gates has to pray to the Demo gods
Bill Gates getting a BSOD is still funny.
*How to Become an Infosec Rockstar
Lean how you can become a Infosec Rockstar (Hint: not a good thing).