I’ve put together a collection of Cybersecurity web links that I’ve gathered over the years, featuring tools, resources, news, tutorials, and more. I’m always adding new links, so the list keeps growing. Some of the links are still unsorted, but I think you’ll find plenty of useful information here. Take a look and see if anything catches your eye!
I’ve put together a collection of Cybersecurity web links that I’ve gathered over the years, featuring tools, resources, news, tutorials, and more. I’m always adding new links, so the list keeps growing. Some of the links are still unsorted, but I think you’ll find plenty of useful information here. Take a look and see if anything catches your eye!
Security
- Cybersecurity Stash – A Curated Directory of Tools and Resources
AI
BlueTeam
- Download – PingCastle
- Interactive Online Malware Analysis Sandbox – ANY.RUN
- D3FEND Matrix | MITRE D3FEND™
- AURORA Agent – Nextron Systems
- Sigma – SIEM Detection Format | The shareable detection format for security professionals.
- (667) Learn Qualys Vulnerability Management (Home Lab) – YouTube
- Building Blue Team Home Lab Part 10 – SIEM Part 1 | facyber
- Welcome :: Velociraptor – Digging deeper!
- ZAP
- SpyGuard/SpyGuard: SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.
- GitHub – cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
- GitHub – infosecn1nja/awesome-mitre-attack: A curated list of awesome resources related to Mitre ATT&CK™ Framework
–SOC
- Interactive Online Malware Analysis Sandbox – ANY.RUN
- AbuseIPDB – IP address abuse reports – Making the Internet safer, one IP at a time
- Cisco Talos Intelligence Group – Comprehensive Threat Intelligence
- GitHub – splunk/botsv3: Splunk Boss of the SOC version 3 dataset.
- SOCRadar LABS – Tests On Your Security Posture
- LetsDefend – Blue Team Training Platform
- horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
- qeeqbox/honeypots: 30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)
- GitHub – illusconsulting/CDM-Generator: Generate a matrix based on an inventory of InfoSec tools
- Cisco Talos Intelligence Group – Comprehensive Threat Intelligence
- Test for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS and DANE.
- Netcraft | Cybercrime Disruption, Cybersecurity Solutions & PCI Security Services
- Advanced Persistent Threat (APT) Groups & Threat Actors
- GitHub – alivx/CIS-Ubuntu-20.04-Ansible: Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
- CVE – CVE
- GitHub – n00py/GetFGPP: Get Fine Grained Password Policy
- mandiant/flare-fakenet-ng: FakeNet-NG – Next Generation Dynamic Network Analysis Tool
- GitHub – 34N0/awesome-fedora-security: Awesome Fedora Security: A curated collection of projects, featuring hardening scripts, configurations, spins, labs, and environments designed to secure and fortify the Fedora distribution.
- Security Onion Solutions
- Active Directory Security Assessment | Purple Knight
- GitHub – ansible-lockdown/Windows-2022-CIS: CIS Baseline Ansible Role for Windows 2022
- PacketFence | Open Source NAC
- Privacy is sexy 🍑🍆 – Enforce privacy & security on Windows, macOS and Linux
- Safing Portmaster – Easy Privacy
- GitHub – dradis/dradis-ce: Dradis Framework: Colllaboration and reporting for IT Security teams
- Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns
- Netcraft | Cybercrime Disruption, Cybersecurity Solutions & PCI Security Services
CloudSec
- flAWS
- AWS Policy Generator
- GitHub – gladstomych/AHHHZURE: AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.
- Visual Subnet Calculator
- Amazon Web Services In Plain English
- CISA shares free tools to help secure data in the cloud
- MetaDefender Cloud | Advanced threat prevention and detection
- GitHub – aws-solutions/aws-waf-security-automations: This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
- Administrator Portals | MSPortals.io – Microsoft Portals
- AWS Policy Generator
CyberSecNews
DataDecoding
Educational
- Open Source Cybersecurity Projects
- What You Need to Know If You Are Thinking of Taking the SANS SEC504: Hacker Tools, Technique, and Incident Handling and the GIAC Certified Incident Handler Certification Exam – N00b_H@ck3r
- The Ultimate List of SANS Cheat Sheets | SANS Institute
- explainshell.com – match command-line arguments to their help text
- How to Pass SANS Exams
- SecurityZines
- Cyber101 – Free Cybersecurity Awareness Training
- QuantumSh3ll – Welcome!
- What You Need to Know If You Are Thinking of Taking the SANS SEC504: Hacker Tools, Technique, and Incident Handling and the GIAC Certified Incident Handler Certification Exam – N00b_H@ck3r
Forensics
- GitHub – cristianzsh/forensictools: Collection of forensic tools
- GitHub – ufrisk/MemProcFS: MemProcFS
- GitHub – frankwxu/digital-forensics-lab: Free hands-on digital forensics labs for students and faculty
- Information RegCool
- SRUM: Forensic Analysis of System Resource Utilization Monitor
- The DFIR Report – Real Intrusions by Real Attackers, The Truth Behind the Intrusion
- GitHub – ufrisk/MemProcFS: MemProcFS
GRC
IncidentResponse
- FIRST – Improving Security Together
- Chain of Custody Form
- Blameless | Incident Management Workflow Solution
- Investigation Theory
- Chain of Custody Form
IDS/IPS
IP SCANNERS
Job Search
Malware Analysis
- MalwareBazaar | Malware sample exchange
- MalShare
- SOC Prime Platform
- ssdeep – Fuzzy hashing program
- d4rksystem/VMwareCloak: A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
- Interactive Online Malware Analysis Sandbox – ANY.RUN
- REMnux: A Linux Toolkit for Malware Analysts
- ghidra/GhidraDocs/GhidraClass at master · NationalSecurityAgency/ghidra
- Cuckoo Sandbox – Automated Malware Analysis
- MalShare
News
- GitHub – RoseSecurity/CloudPulse: A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.
- Hacker News | Latest Cyber Hacking News | Recent Internet Hacking News | Cyware
- Dark Reading | Security | Protect The Business
- Vx Underground
- Explore – Infosec Exchange
- BleepingComputer | Cybersecurity, Technology News and Support
- Blog | hackers-arise
- Hacker News | Latest Cyber Hacking News | Recent Internet Hacking News | Cyware
OSINT
- GitHub – smicallef/spiderfoot: SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
- OSINT Framework
- DNSdumpster.com – dns recon and research, find and lookup dns records
- crt.sh | Certificate Search
- Shodan Search Engine
- The Shadowserver Foundation
- Find email addresses in seconds • Hunter (Email Hunter)
- Phonebook.cz – Intelligence X
- Have I Been Pwned: Check if your email has been compromised in a data breach
- DeHashed — #FreeThePassword
- Intelligence X
- GitHub – clr2of8/GatherContacts: A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
- IP Address Lookup | Geolocation
- Torrent downloads and distributions for IP 152.44.3.240
- Google Hacking – Free Google Dorks for Recon – Pentest-Tools.com
- Leak – Lookup | Data Breach Search Engine
- GitHub – insidetrust/statistically-likely-usernames: Wordlists for creating statistically likely username lists for use in password attacks and security testing
- IntelTechniques Search Tool
- AS13335 Cloudflare, Inc. details – IPinfo.io
- IP Transit – Hurricane Electric Internet Services
- OSINT Framework
Pentesting
–C2
–Persistent reverse shell
–PrivEsc
–Passwords
–Password Guessing
- GitHub – lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
- Ncrack Reference Guide (Man Page) | Table of Contents
- How to use the Hydra password-cracking tool | TechTarget
- Hashes and Password Cracking | Metasploit Documentation Penetration Testing Software, Pen Testing Security
- Bruteforce Attacks | Metasploit Documentation
- Ncrack Reference Guide (Man Page) | Table of Contents
–Wifi
- GitHub – AleksaMCode/WiFi-password-stealer: Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
- WiFiChallenge Lab v2.0
- The-Art-of-Hacking/h4cker: This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
- NetSecFocus Trophy Room – Google Drive
- GitHub – Hacking-Notes/RedTeam: This repository contains notes and resources related to ethical hacking. Here, you'll find a wealth of information on various aspects of hacking, including information gathering, scanning and enumeration, web hacking, exploitation, and windows/linux hacking.
- OSCP Tips – tjc.im
- GitHub – RedSiege/EyeWitness: EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
- GitHub – TheCyb3rAlpha/BobTheSmuggler: "Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
- GitHub – The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing tool
- PEASS-ng/linPEAS at master · carlospolop/PEASS-ng · GitHub
- GitHub – ine-labs/AzureGoat: AzureGoat : A Damn Vulnerable Azure Infrastructure
- GitHub – WebGoat/WebGoat: WebGoat is a deliberately insecure application
- GitHub – redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.
- GitHub – mitre/caldera: Automated Adversary Emulation Platform
- Home – Stratus Red Team
- GitHub – RhinoSecurityLabs/pacu: The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
- GitHub – RhinoSecurityLabs/cloudgoat: CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
- GitHub – NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure security
- GitHub – hfiref0x/UACME: Defeating Windows User Account Control
- GitHub – yuankong666/Ultimate-RAT-Collection: For educational purposes only, samples of old & new malware builders including screenshots!
- GitHub – Warxim/deluder: Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
- GitHub – AykutSarac/jsoncrack.com: ✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.
- GitHub – sysdream/ligolo: Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
- GitHub – nicocha30/ligolo-ng: An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
- Online Python Obfuscator
- Nmap Command Examples For Linux Users / Admins – nixCraft
- penetration testing – freeCodeCamp.org
- NullArray/AutoSploit: Automated Mass Exploiter
- FFUF.me
- Kubernetes LAN Party – by Wiz
- Active Directory Security – Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…
- Introduction – The Hacker Tools
- gwen001 (Gwendal Le Coguic) · GitHub
- OWASP Amass | OWASP Foundation
- PSExec Pass the Hash – Metasploit Unleashed
- jhaddix’s gists · GitHub
- GitHub – Orange-Cyberdefense/GOAD: game of active directory
- KC7 – A Cybersecurity Game
- GitHub – projectdiscovery/subfinder: Fast passive subdomain enumeration tool.
- GitHub – davidprowe/BadBlood: BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
- commonexploits (Daniel Compton) · GitHub
- GitHub – JacksonVD/PwnedPasswordsDLL-API: Open source solution to check prospective AD passwords against previously breached passwords
- Tools | Exploits Revealed
- Grayhatwarfare
- SSL and SSL Certificates Explained For Beginners
- What is ired.team notes? – Red Team Notes
- Intigriti – Bug Bounty & Agile Pentesting Platform
- Home – BloodHound Enterprise
- GitHub – clong/DetectionLab: Automate the creation of a lab environment complete with security tooling and logging best practices
- GitHub – illsk1lls/ZipRipper: A CMD script to crack password protected ZIP, RAR, 7z and PDF files, using JohnTheRipper
- Pentest Reporting and Collaboration Platform – PlexTrac
- Shellter | AV Evasion Artware
- NetSecFocus Trophy Room – Google Drive
Policies
Programming
Regular Expressions (RegEx)
Recon
- Search People FREE, Address Lookup, & Reverse Phone
- Have I Been Pwned: Check if your email has been compromised in a data breach
- DNSdumpster.com – dns recon and research, find and lookup dns records
- GitHub – freelabz/secator: Secator
- GitHub – 21y4d/nmapAutomator: A script that you can run in the background!
- GitHub – Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
- GitHub – gwen001/github-subdomains: Find subdomains on GitHub.
- URL and website scanner – urlscan.io
- ViewDNS.info – Your one source for DNS related tools!
- A down and dirty script for finding GitHub PATs in public repositories · GitHub
- GitHub – yogeshojha/rengine: reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
- Have I Been Pwned: Check if your email has been compromised in a data breach
Steganography
Training
- Training – LetsDefend
- Rust for n00bs – Zero-Point Security
- SEC505 Securing Windows with PowerShell Training | SANS Institute
- So you want to be an ethical hacker? 21 ways to get started – Safe and Savvy Blog by F-Secure
- Dashboard | Web Security Academy – PortSwigger
- (33) Cyber Security Training – YouTube
- Best Websites To Learn Ethical Hacking
- Hack Like a Pro: How to Spy on Anyone, Part 1 (Hacking Computers) « Null Byte :: WonderHowTo
- OverTheWire: Wargames
- API Penetration Testing
- Voltaire
- (722) Zero to Hero Pentesting: Episode 1 – Course Introduction, Notekeeping, Introductory Linux, and AMA – YouTube
- Blue Team Labs Online – Cyber Range
- Virtual Hacking Labs | Penetration Testing Training Labs & Courses
- Rust for n00bs – Zero-Point Security
ThreatHunting
- Threat Hunting — Suspicious Windows Service | by mthcht | Jan, 2024 | Detect FYI | Detect FYI
- Linux Threat Hunting Persistence | 0xMatheuZ
- delorean/gaynoise: high fidelity threat intelligence generator (heehee) – gaynoise – SuperNETs Git
- GitHub – telekom-security/tpotce: 🍯 T-Pot – The All In One Honeypot Platform 🐝
- Linux Threat Hunting Persistence | 0xMatheuZ
Vulnerability Scanners
- Nessus Vulnerability Scanner: Network Security Solution | Tenable®
- Nikto2 | CIRT.net
- OpenVAS – Open Vulnerability Assessment Scanner
- CVE security vulnerability database. Security vulnerabilities, exploits, references and more
- NVD – Home
- Open source security tools driving cloud native innovation
- Nikto2 | CIRT.net
WifiPenTesting
Networking
Email
–Unsorted