A curated list of online tools and resources that I use daily as a Purple-Team operator. Enjoy!
Virus Total - https://www.virustotal.com
Alien Vault OTX - https://otx.alienvault.com/browse/global/indicators
SecurityTrails - https://securitytrails.com/list/ip/151.101.130.217
GreyNoise - https://viz.greynoise.io
Threat Fox - https://threatfox.abuse.ch/browse/
IP Quality Score - https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test
BrowserLeaks - https://browserleaks.com
Shodan - https://www.shodan.io/
Censys - https://censys.io/ipv4
Cisco TALOS - https://talosintelligence.com/
AbuseIPDB - https://www.abuseipdb.com/
Whatismyipaddress Blacklist Check - https://whatismyipaddress.com/blacklist-check
The Anti Abuse Project - http://www.anti-abuse.org/multi-rbl-check/
InQuest Labs - https://labs.inquest.net/repdb
MalwareIURL - https://www.malwareurl.com/listing-urls.php
ThreatMiner - https://www.threatminer.org/
IPinfo - https://ipinfo.io/
VPN & Proxy Detection - https://vpn-proxy-detection.ipify.org/
IP Teoh - https://ip.teoh.io/vpn-detection
VPNAPI.io - https://vpnapi.io/vpn-detection
Pulsedive - https://pulsedive.com/
IOC.One - https://ioc.one/
Virus Total - https://www.virustotal.com
Alien Vault OTX - https://otx.alienvault.com/browse/global/indicators
SecurityTrails - https://securitytrails.com/domain/google.com/dns
URLHaus - https://urlhaus.abuse.ch/browse/
URLScan - https://urlscan.io/
IP Quality Score - https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner
Sucuri - https://sitecheck.sucuri.net/
InQuest Labs - https://labs.inquest.net/iocdb
Threat Fox - https://threatfox.abuse.ch/browse/
MalwareURL - https://www.malwareurl.com/listing-urls.php
ThreatMiner - https://www.threatminer.org/
Pulsedive - https://pulsedive.com/
WhereGoes - https://wheregoes.com/
RedirectDetective - https://redirectdetective.com/
RedirectTracker - https://www.redirecttracker.com/
Bulkblacklist - https://www.bulkblacklist.com/
DocGuard - https://app.docguard.io/
IOC.One - https://ioc.one/
Virus Total - https://www.virustotal.com
Alien Vault OTX - https://otx.alienvault.com/browse/global/indicators
Threat Fox - https://threatfox.abuse.ch/browse/
Malware Baazar - https://bazaar.abuse.ch/browse/
Hybrid Analysis - https://www.hybrid-analysis.com/
Any Run - https://app.any.run/
Joe Sandbox - https://www.joesandbox.com/#windows
Browserling - https://www.browserling.com/
Cuckoo Sandbox Online - https://sandbox.pikker.ee/
Cuckoo Sandbox Local - https://cuckoosandbox.org/download
Drakvuf Local Sandbox - https://github.com/CERT-Polska/drakvuf-sandbox
Noriben Local Sandbox - https://github.com/Rurik/Noriben
Triage - https://tria.ge/reports/public
CAPE - https://capesandbox.com/
Intezer - https://analyze.intezer.com/scan
IRIS-H Digital Forensics - https://iris-h.services/pages/dashboard
Malshare - https://malshare.com/
YOMI - https://yomi.yoroi.company/upload
InQuest Labs - https://labs.inquest.net/dfi
Manalyzer - https://manalyzer.org/
ThreatMiner - https://www.threatminer.org/
Pulsedive - https://pulsedive.com/
IObit - https://cloud.iobit.com/index.php
Amnpardaz Sandbox - https://jevereg.amnpardaz.com/
DocGuard - https://app.docguard.io/
Sophos Intelix - https://intelix.sophos.com/
Vuldb - https://vuldb.com/
Alien Vault OTX - https://otx.alienvault.com/browse/global/indicators
IBM X-Force Exchange- https://exchange.xforce.ibmcloud.com/
Feedly - https://feedly.com/
Inoreader - https://www.inoreader.com/
PulseDive Threat Feed - https://pulsedive.com/explore/threats/
PulseDive Ransomware Feed - https://pulsedive.com/threat/Ransomware
Ransomlook.io - https://www.ransomlook.io/
Ransomware Live - https://www.ransomware.live/
HudsonRock Tools - https://www.hudsonrock.com/threat-intelligence-cybercrime-tools
Malpedia - https://malpedia.caad.fkie.fraunhofer.de/
IntelX - https://intelx.io/tools?tab=general
SANS Internet Storm Center - https://isc.sans.edu/
SOCRadar Labs - https://socradar.io/labs
Threat Fox - https://threatfox.abuse.ch/browse/
ThreatMiner - https://www.threatminer.org/
Malware Baazar - https://bazaar.abuse.ch/browse/
Virus Total - https://www.virustotal.com/gui/home/search
Shodan - https://www.shodan.io/
Censys - https://censys.io/ipv4
Any-run - https://any.run/malware-trends/
Risk IQ Community - https://community.riskiq.com/home
Mandiant Threat Intelligence - https://www.mandiant.com/advantage/threat-intelligence/free-version
VmWare Carbon Black - https://community.carbonblack.com/
Crowdstrike Threat Profile - https://www.crowdstrike.com/adversaries/?ref=adversary.crowdstrike.com
SecureWorks Threat Profile - https://www.secureworks.com/research/threat-profiles
Dragos Threat Profile - https://www.dragos.com/threat-groups/
Lab52 Threat Mapping Tool - https://lab52.io/
vx-underground APT repository - https://vx-underground.org/samples/Families/APT/
Threat Actor Map - https://aptmap.netlify.app/
Nation State Cyber Operation Map - https://www.cfr.org/cyber-operations/
Intezer OST Map - https://intezer.com/ost-map/
Ransom Wiki - https://ransom.wiki/
Kaspersky CyberTrace Feeds - https://support.kaspersky.com/datafeeds/about/13850
Cyber Operations Tracker - https://www.cfr.org/cyber-operations/
MISP Galaxy Threat Map - https://raw.githubusercontent.com/MISP/misp-galaxy/main/clusters/threat-actor.json
InTheWild Feed Vuln Feed - https://inthewild.io/feed
RESCURE Threat Feeds - https://rescure.me/feeds.html
IOC.One - https://ioc.one/
- Cyber Threat Intelligence for Autodidacts
- Intelligence Structured Analytical Techniques (SAT)
- Intelligence Report Writing
- Intelligence Profiling
- Dark Web Monitoring
- The Cyber Threat Intelligence Life Cycle: A Case Study
- Teaching the Intelligence Process: The Killing of Bin Laden as a Case Study
Let's Defend - https://letsdefend.io/
Cyber Defenders - https://cyberdefenders.org/
Blue Team Labs - https://blueteamlabs.online/
Linux Forensics Cheatsheet - https://fahmifj.github.io/blog/linux-forensics-command-cheat-sheet/
Incident Response Linux Cheatsheet - https://www.hackingarticles.in/incident-response-linux-cheatsheet/
OSINT Framework - https://osintframework.com/
OSINT Cheatsheet - https://www.cheatsheet.wtf/osint/
FullContact API - https://platform.fullcontact.com/developers/api-keys
Intelius - https://www.intelius.com/
GoodHire - https://www.goodhire.com/
Webmii - https://webmii.com
GrayHat Warfare - https://buckets.grayhatwarfare.com/
ICANN Lookup - https://lookup.icann.org/en
cqcounter Whois - http://www.cqcounter.biz/whois/
Subdomain Finder - https://subdomainfinder.c99.nl/
Asint Collection - https://start.me/p/b5Aow7/asint_collection
DNSdumpster - https://dnsdumpster.com/
DNSTwister - https://dnstwister.report/
Blackbird - https://blackbird-osint.herokuapp.com/
Search 0t Rocks - https://search.0t.rocks/ (Currently down)
Breach Directory - https://breachdirectory.org/
PimEyes - https://pimeyes.com/pt
TinEye - https://tineye.com/
Hacking Articles - https://www.hackingarticles.in/
Hack Tricks - https://book.hacktricks.xyz/
Cloud Hack Tricks - https://cloud.hacktricks.xyz/
Pentest Book - https://chryzsh.gitbooks.io/pentestbook/content/
Total OSCP Guide - https://sushant747.gitbooks.io/total-oscp-guide/content/
Hack The Box OSCP Preparation - https://rana-khalil.gitbook.io/hack-the-box-oscp-preparation/
Steflan Security - https://steflan-security.com
SecWiki - https://wiki.zacheller.dev/
Hausec - https://hausec.com/
HighOnCoffee - https://highon.coffee/blog/
/home/six2dez/.pentest-book - https://pentestbook.six2dez.com/
0xffsec Handbook - https://0xffsec.com/handbook/
haax's Cheatsheet - https://cheatsheet.haax.fr/
golinuxcloud - https://www.golinuxcloud.com/kali-linux-bootable-usb/
Pentest Monkey - http://pentestmonkey.net/
Web App Testing Guide - https://owasp.org/www-project-web-security-testing-guide/stable/
XSS CheatSheet - https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
Payload Box - https://github.com/payloadbox
Steganography Tools - https://0xrick.github.io/lists/stego/
Metasploit Unleashed - https://www.offensive-security.com/metasploit-unleashed
Mobile Security Testing Guide - https://mobile-security.gitbook.io/mobile-security-testing-guide/overview/0x03-overview
WADComs - https://wadcoms.github.io/
LOLBAS - https://lolbas-project.github.io/#
explainshell - https://explainshell.com/
HackTheBox - https://www.hackthebox.eu/
TryHackMe - https://tryhackme.com/
VulnHub - https://www.vulnhub.com/
PortSwigger - https://portswigger.net/web-security/all-materials
Hacker101 - https://ctf.hacker101.com/
HackMyVM - https://hackmyvm.eu/
AndroidCTF - https://ctf.hpandro.raviramesh.info/
CrackStation - https://crackstation.net/
Hashes.com - https://hashes.com/en/decrypt/hash
Hashkiller - https://hashkiller.io
Revshell - https://www.revshells.com/
IP Logger - https://iplogger.org/
Grabify - https://grabify.link
GTFOBins - https://gtfobins.github.io/#
- Exploit Development - Everything you need to know
- How to build your own exploits, Part 1
- How to build your own exploits, Part 2
- How to build your own exploits, Part 3
- How to create a Metasploit Exploit in a few minutes
- Metasploit - Building a Module
- The art of creating backdoors and exploits with Metasploit
- Privilege escalation in Linux using Capabilities
- Wordpress Reverse Shell
- Wordpress User Cracking
- Web Apps Testing Guide by OWASP
- Phishing attack using SET and Ettercap
Webhook Site - https://webhook.site/
Webhook Test - https://webhook-test.com/
Typed Webhook Tools - https://typedwebhook.tools/
PrivateBin - https://privatebin.net/
Dontpad - https://dontpad.com/
Send - https://send.vis.ee/
Wormhole - https://wormhole.app/
WeTransfer - https://wetransfer.com/
OnionShare - https://onionshare.org/ (require download)
PWPush - https://pwpush.com/p/new
Tinyurl - https://tinyurl.com/
Shorturl - https://www.shorturl.at
T.ly - https://t.ly/
Signal - https://signal.org/
Session - https://getsession.org/
Tox - https://tox.chat/
Matrix - https://matrix.org/
Jabber - https://www.jabber.org/
Nord - https://nordvpn.com/
Surfshark - https://surfshark.com/
Proton - https://protonvpn.com/
Express - https://www.expressvpn.com/