Cybersecurity Link Collection

Security

Cybersecurity Stash – A Curated Directory of Tools and Resources

AI

What Is Microsoft Security Copilot? A Comprehensive Guide

BlueTeam

Download – PingCastle

Interactive Online Malware Analysis Sandbox – ANY.RUN

D3FEND Matrix | MITRE D3FEND™

AURORA Agent – Nextron Systems

Sigma – SIEM Detection Format | The shareable detection format for security professionals.

(667) Learn Qualys Vulnerability Management (Home Lab) – YouTube

Building Blue Team Home Lab Part 10 – SIEM Part 1 | facyber

Welcome :: Velociraptor – Digging deeper!

ZAP

SpyGuard/SpyGuard: SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.

GitHub – cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

GitHub – infosecn1nja/awesome-mitre-attack: A curated list of awesome resources related to Mitre ATT&CK™ Framework

–SOC

AbuseIPDB – IP address abuse reports – Making the Internet safer, one IP at a time

Cisco Talos Intelligence Group – Comprehensive Threat Intelligence

GitHub – splunk/botsv3: Splunk Boss of the SOC version 3 dataset.

SOCRadar LABS – Tests On Your Security Posture

LetsDefend – Blue Team Training Platform

horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.

qeeqbox/honeypots: 30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)

GitHub – illusconsulting/CDM-Generator: Generate a matrix based on an inventory of InfoSec tools

Test for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS and DANE.

Netcraft | Cybercrime Disruption, Cybersecurity Solutions & PCI Security Services

Advanced Persistent Threat (APT) Groups & Threat Actors

GitHub – alivx/CIS-Ubuntu-20.04-Ansible: Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

CVE – CVE

GitHub – n00py/GetFGPP: Get Fine Grained Password Policy

mandiant/flare-fakenet-ng: FakeNet-NG – Next Generation Dynamic Network Analysis Tool

GitHub – 34N0/awesome-fedora-security: Awesome Fedora Security: A curated collection of projects, featuring hardening scripts, configurations, spins, labs, and environments designed to secure and fortify the Fedora distribution.

Security Onion Solutions

Active Directory Security Assessment | Purple Knight

GitHub – ansible-lockdown/Windows-2022-CIS: CIS Baseline Ansible Role for Windows 2022

PacketFence | Open Source NAC

Privacy is sexy 🍑🍆 – Enforce privacy & security on Windows, macOS and Linux

Safing Portmaster – Easy Privacy

GitHub – dradis/dradis-ce: Dradis Framework: Colllaboration and reporting for IT Security teams

Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns

CloudSec

flAWS

AWS Policy Generator

GitHub – gladstomych/AHHHZURE: AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.

Visual Subnet Calculator

Amazon Web Services In Plain English

CISA shares free tools to help secure data in the cloud

MetaDefender Cloud | Advanced threat prevention and detection

GitHub – aws-solutions/aws-waf-security-automations: This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.

Administrator Portals | MSPortals.io – Microsoft Portals

CyberSecNews

Welcome to Feedly

DataDecoding

CyberChef

Educational

Open Source Cybersecurity Projects

What You Need to Know If You Are Thinking of Taking the SANS SEC504: Hacker Tools, Technique, and Incident Handling and the GIAC Certified Incident Handler Certification Exam – N00b_H@ck3r

The Ultimate List of SANS Cheat Sheets | SANS Institute

explainshell.com – match command-line arguments to their help text

How to Pass SANS Exams

SecurityZines

Cyber101 – Free Cybersecurity Awareness Training

QuantumSh3ll – Welcome!

Forensics

GitHub – cristianzsh/forensictools: Collection of forensic tools

GitHub – ufrisk/MemProcFS: MemProcFS

GitHub – frankwxu/digital-forensics-lab: Free hands-on digital forensics labs for students and faculty

Information RegCool

SRUM: Forensic Analysis of System Resource Utilization Monitor

The DFIR Report – Real Intrusions by Real Attackers, The Truth Behind the Intrusion

GRC

Home Page | CISA

security.txt: Proposed standard for defining security policies

IncidentResponse

FIRST – Improving Security Together

Chain of Custody Form

Blameless | Incident Management Workflow Solution

Investigation Theory

IDS/IPS

5 Open Source Intrusion Detection Tools That Are Too Good to Ignore

IP SCANNERS

Cisco Talos Intelligence Group – Comprehensive Threat Intelligence

Job Search

Jobs and talents in InfoSec / Cybersecurity | infosec-jobs.com

Malware Analysis

MalwareBazaar | Malware sample exchange

MalShare

SOC Prime Platform

ssdeep – Fuzzy hashing program

d4rksystem/VMwareCloak: A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.

Interactive Online Malware Analysis Sandbox – ANY.RUN

REMnux: A Linux Toolkit for Malware Analysts

ghidra/GhidraDocs/GhidraClass at master · NationalSecurityAgency/ghidra

Cuckoo Sandbox – Automated Malware Analysis

News

GitHub – RoseSecurity/CloudPulse: A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.

Hacker News | Latest Cyber Hacking News | Recent Internet Hacking News | Cyware

Dark Reading | Security | Protect The Business

Vx Underground

Explore – Infosec Exchange

BleepingComputer | Cybersecurity, Technology News and Support

Blog | hackers-arise

OSINT

GitHub – smicallef/spiderfoot: SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

OSINT Framework

DNSdumpster.com – dns recon and research, find and lookup dns records

crt.sh | Certificate Search

Shodan Search Engine

The Shadowserver Foundation

Find email addresses in seconds • Hunter (Email Hunter)

Phonebook.cz – Intelligence X

Have I Been Pwned: Check if your email has been compromised in a data breach

DeHashed — #FreeThePassword

Intelligence X

GitHub – clr2of8/GatherContacts: A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results

IP Address Lookup | Geolocation

Torrent downloads and distributions for IP 152.44.3.240

Google Hacking – Free Google Dorks for Recon – Pentest-Tools.com

Leak – Lookup | Data Breach Search Engine

GitHub – insidetrust/statistically-likely-usernames: Wordlists for creating statistically likely username lists for use in password attacks and security testing

IntelTechniques Search Tool

AS13335 Cloudflare, Inc. details – IPinfo.io

IP Transit – Hurricane Electric Internet Services

Pentesting

–C2

The C2 Matrix

–Persistent reverse shell

GitHub – Null-byte-00/LOTL: Living Off The Land (LOTL) persistent Reverse shell

–PrivEsc

Privilege Escalation in Google Cloud Platform – Part 1 (IAM) – Rhino Security Labs

–Passwords

GitHub – ad0nis/ntlm_relay_gat

–Password Guessing

GitHub – lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Ncrack Reference Guide (Man Page) | Table of Contents

How to use the Hydra password-cracking tool | TechTarget

Hashes and Password Cracking | Metasploit Documentation Penetration Testing Software, Pen Testing Security

Bruteforce Attacks | Metasploit Documentation

–Wifi

GitHub – AleksaMCode/WiFi-password-stealer: Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

WiFiChallenge Lab v2.0

–Unsorted

The-Art-of-Hacking/h4cker: This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

NetSecFocus Trophy Room – Google Drive

GitHub – Hacking-Notes/RedTeam: This repository contains notes and resources related to ethical hacking. Here, you'll find a wealth of information on various aspects of hacking, including information gathering, scanning and enumeration, web hacking, exploitation, and windows/linux hacking.

OSCP Tips – tjc.im

GitHub – RedSiege/EyeWitness: EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

GitHub – TheCyb3rAlpha/BobTheSmuggler: "Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

GitHub – The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing tool

PEASS-ng/linPEAS at master · carlospolop/PEASS-ng · GitHub

GitHub – ine-labs/AzureGoat: AzureGoat : A Damn Vulnerable Azure Infrastructure

GitHub – WebGoat/WebGoat: WebGoat is a deliberately insecure application

GitHub – redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.

GitHub – mitre/caldera: Automated Adversary Emulation Platform

Home – Stratus Red Team

GitHub – RhinoSecurityLabs/pacu: The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

GitHub – RhinoSecurityLabs/cloudgoat: CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

GitHub – NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure security

GitHub – hfiref0x/UACME: Defeating Windows User Account Control

GitHub – yuankong666/Ultimate-RAT-Collection: For educational purposes only, samples of old & new malware builders including screenshots!

GitHub – Warxim/deluder: Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡

GitHub – AykutSarac/jsoncrack.com: ✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.

GitHub – sysdream/ligolo: Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

GitHub – nicocha30/ligolo-ng: An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Online Python Obfuscator

Nmap Command Examples For Linux Users / Admins – nixCraft

penetration testing – freeCodeCamp.org

NullArray/AutoSploit: Automated Mass Exploiter

FFUF.me

Kubernetes LAN Party – by Wiz

Active Directory Security – Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…

Introduction – The Hacker Tools

gwen001 (Gwendal Le Coguic) · GitHub

OWASP Amass | OWASP Foundation

PSExec Pass the Hash – Metasploit Unleashed

jhaddix’s gists · GitHub

GitHub – Orange-Cyberdefense/GOAD: game of active directory

KC7 – A Cybersecurity Game

GitHub – projectdiscovery/subfinder: Fast passive subdomain enumeration tool.

GitHub – davidprowe/BadBlood: BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

commonexploits (Daniel Compton) · GitHub

GitHub – JacksonVD/PwnedPasswordsDLL-API: Open source solution to check prospective AD passwords against previously breached passwords

Tools | Exploits Revealed

Grayhatwarfare

SSL and SSL Certificates Explained For Beginners

What is ired.team notes? – Red Team Notes

Intigriti – Bug Bounty & Agile Pentesting Platform

Home – BloodHound Enterprise

GitHub – clong/DetectionLab: Automate the creation of a lab environment complete with security tooling and logging best practices

GitHub – illsk1lls/ZipRipper: A CMD script to crack password protected ZIP, RAR, 7z and PDF files, using JohnTheRipper

Pentest Reporting and Collaboration Platform – PlexTrac

Shellter | AV Evasion Artware

Policies

Information Security Policy Templates | SANS Institute

Programming

Regular Expressions (RegEx)

Regex Cheat Sheet

RegExr: Learn, Build, & Test RegEx

Regex Pattern – Useful Regular Expressions

Recon

Search People FREE, Address Lookup, & Reverse Phone

Have I Been Pwned: Check if your email has been compromised in a data breach

DNSdumpster.com – dns recon and research, find and lookup dns records

GitHub – freelabz/secator: Secator

GitHub – 21y4d/nmapAutomator: A script that you can run in the background!

GitHub – Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

GitHub – gwen001/github-subdomains: Find subdomains on GitHub.

URL and website scanner – urlscan.io

ViewDNS.info – Your one source for DNS related tools!

A down and dirty script for finding GitHub PATs in public repositories · GitHub

GitHub – yogeshojha/rengine: reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Steganography

Steganography – A list of useful tools and resources – 0xRick’s Blog

Training

Training – LetsDefend

Rust for n00bs – Zero-Point Security

SEC505 Securing Windows with PowerShell Training | SANS Institute

So you want to be an ethical hacker? 21 ways to get started – Safe and Savvy Blog by F-Secure

Dashboard | Web Security Academy – PortSwigger

(33) Cyber Security Training – YouTube

Best Websites To Learn Ethical Hacking

Hack Like a Pro: How to Spy on Anyone, Part 1 (Hacking Computers) « Null Byte :: WonderHowTo

OverTheWire: Wargames

API Penetration Testing

Voltaire

(722) Zero to Hero Pentesting: Episode 1 – Course Introduction, Notekeeping, Introductory Linux, and AMA – YouTube

Blue Team Labs Online – Cyber Range

Virtual Hacking Labs | Penetration Testing Training Labs & Courses

ThreatHunting

Threat Hunting — Suspicious Windows Service | by mthcht | Jan, 2024 | Detect FYI | Detect FYI

Linux Threat Hunting Persistence | 0xMatheuZ

delorean/gaynoise: high fidelity threat intelligence generator (heehee) – gaynoise – SuperNETs Git

GitHub – telekom-security/tpotce: 🍯 T-Pot – The All In One Honeypot Platform 🐝

Vulnerability Scanners

Nessus Vulnerability Scanner: Network Security Solution | Tenable®

Nikto2 | CIRT.net

OpenVAS – Open Vulnerability Assessment Scanner

CVE security vulnerability database. Security vulnerabilities, exploits, references and more

NVD – Home

Open source security tools driving cloud native innovation

WifiPenTesting

GitHub – wifiphisher/wifiphisher: The Rogue Access Point Framework

Networking

IPv4 Subnetting Practice

Email

Learn and Test DMARC