A curated collection of essential cybersecurity resources, tools, and platforms aimed at empowering security professionals and enthusiasts with valuable insights, best practices, and practical knowledge to enhance their cybersecurity practices and defenses.
- HackTricks Book: A comprehensive online resource providing a wide range of cybersecurity techniques, tools, and methodologies, covering topics such as penetration testing, privilege escalation, web application security, and more.
- AttackIQ Academy: Offers a range of free cybersecurity training courses, designed to enhance skills in threat informed defense, leveraging practical exercises and comprehensive educational content to prepare for various cybersecurity roles.
- Cybrary: An online platform offering a wide range of cybersecurity courses, certifications, and hands-on labs, providing learners with the skills and knowledge needed to excel in the field of cybersecurity.
- PortSwigger Web Security Academy: An interactive learning platform offering free web security training, tutorials, and labs, covering topics such as cross-site scripting (XSS), SQL injection, and other common web vulnerabilities.
- PentesterLab: PentesterLab is a penetration testing training platform designed to provide hands-on experience and practical skills in web application security, offering a range of exercises, challenges, and labs for cybersecurity enthusiasts and professionals to enhance their penetration testing abilities.
- PicoCTF: PicoCTF is a capture the flag (CTF) platform aimed at teaching cybersecurity skills through interactive challenges and competitions, catering to beginners and experienced players alike, fostering learning and collaboration in the cybersecurity community.
- TryHackMe: TryHackMe is a cybersecurity training platform that offers immersive, hands-on labs and challenges covering a wide range of topics, from beginner to advanced levels, enabling users to learn and practice real-world hacking techniques in a safe and controlled environment.
- Security Blue Team: Security Blue Team is a platform providing comprehensive resources, training materials, and exercises for blue team professionals and enthusiasts to enhance their skills in cybersecurity defense, incident response, and threat detection.
- BlueTeamLabs.Online: BlueTeamLabs.Online is a blue team training platform designed to simulate real-world cyber threats and incidents, offering hands-on labs and scenarios to enhance defensive skills and incident response capabilities for cybersecurity professionals and teams.
- Hack The Box: Hack The Box is an online platform that provides hands-on penetration testing practice labs, challenges, and virtual machines for cybersecurity enthusiasts and professionals to develop and sharpen their offensive security skills in a realistic and gamified environment.
- INE Security: INE Security is a cybersecurity training platform that offers a wide range of courses, labs, and resources covering diverse topics such as ethical hacking, penetration testing, incident response, and network defense, providing hands-on learning experiences for cybersecurity professionals and enthusiasts.
- ArcX: ArcX is a cybersecurity collaboration platform that enables security teams to collaborate, share threat intelligence, and respond to security incidents effectively, providing a centralized hub for incident management, communication, and coordination.
- MAD: MAD is a cybersecurity training platform that offers hands-on labs, challenges, and scenarios to help individuals develop practical skills in offensive and defensive security techniques, preparing them for real-world cybersecurity challenges.
- (ISC)²: A globally recognized professional certification body offering various cybersecurity certifications, including the CISSP (Certified Information Systems Security Professional) and CCSP (Certified Cloud Security Professional), designed to validate expertise and advance careers in the field of cybersecurity.
- Security-Study-Plan by jassics on GitHub: A detailed and practical study plan for aspiring cybersecurity engineers covering multiple security roles and domains, including Pentest, AppSec, Cloud Security, and DevSecOps, with a mix of free and paid resources, tools, and concepts.
- Roadmap.sh - Cyber Security: Roadmap.sh provides a comprehensive learning roadmap for individuals interested in pursuing a career in cybersecurity, offering a structured guide with resources, skills, and learning paths covering various domains within the cybersecurity field.
- Paul Jerimy - Security Certification Roadmap: Paul Jerimy provides a comprehensive roadmap for individuals interested in pursuing security certifications, offering guidance and recommendations for various certification paths and levels to advance their careers in the cybersecurity field.
- Free Services / Freemium services
- Spur.us: Specializes in advanced detection tools for VPNs, residential proxies, and bots, offering solutions to combat fraud and boost revenue through real-time threat and evasion method tracking.
-
Free Services / Freemium services
- FullHunt.io: A platform designed to discover, monitor, and secure your external attack surface by continuously scanning for vulnerabilities and security misconfigurations, providing real-time alerts and integrations for a comprehensive security posture.
- DNSdumpster.com: A free domain research tool that helps in discovering hosts related to a domain, essential for security assessment processes, providing a "virtual dumpster dive" into DNS records to map an organization's attack surface.
- Netlas.io: Netlas.io is a cyber threat intelligence platform that provides comprehensive insights into Internet-wide attack surface, including domains, IPs, certificates, and more, empowering cybersecurity professionals with actionable threat intelligence for proactive defense strategies.
- Censys: Censys is an internet-wide asset discovery platform that enables users to search and analyze devices, networks, and protocols across the internet, providing comprehensive visibility and insights for cybersecurity professionals to assess their organization's attack surface and mitigate security risks.
-
Paid services
- Shodan.io: A search engine for Internet-connected devices, allowing users to discover devices ranging from power plants to refrigerators online, monitor network exposure, and gain insights into the use of technology across the internet.
- Free Services / Freemium services
- Grep.app: A powerful code search tool that allows users to search through millions of code repositories for specific patterns, facilitating easier code review and bug tracking.
- Free Services / Freemium services
- Explain Shell: Explain Shell is a web-based tool that provides explanations and breakdowns of complex command-line syntax and options, helping users understand the functionality and usage of various Unix commands for efficient shell scripting and system administration.
- Free Services / Freemium services
- Browserling.com: An online platform providing live interactive cross-browser testing sessions, enabling developers to test their websites across different browsers and operating systems to ensure compatibility and performance.
- Free Services / Freemium services
- Hunter.io: An all-in-one email outreach platform that helps users find and verify email addresses, facilitating effective communication with decision-makers and professionals, thereby enhancing business connectivity and outreach efforts.
-
Free Services / Freemium services
- Ipbase.com: Offers an IP Geolocation API designed for developers, featuring free requests to enhance user experience and security.
- IP-API: IP-API is a service providing IP geolocation and information lookup capabilities, allowing users to retrieve details about IP addresses, including their geographical location, ISP, and ASN, for various cybersecurity and networking purposes.
-
Paid services
- ipinfo.io: A website offering IP geolocation and information services, providing users with details about IP addresses, including their geographic location, organization, and internet service provider.
- Free Services / Freemium services
- VirusTotal.com: A comprehensive tool for analyzing suspicious files and URLs to detect malware and other security threats, facilitating community-wide sharing of threat intelligence and enhancing cybersecurity efforts.
- Hybrid-Analysis.com: A free platform for comprehensive dynamic and static analysis of suspicious files and URLs in a sandbox environment, widely used for malware research and detection.
- Urlscan.io: A web service for scanning and analyzing websites to identify potential security threats, providing detailed reports on hosted content, connections, and other relevant security information for assessing web safety.
- ANY.RUN: An interactive online sandbox that offers real-time malware analysis, allowing users to observe how malware operates within an isolated environment, aiding in threat detection and cybersecurity research.
- PolySwarm.io: A next-generation malware intelligence marketplace powered by a global network of security experts and specialized engines, providing early threat detection, unique malware samples, and high accuracy with its blockchain-based reward system.
- Free Services / Freemium services
- Microsoft Remote Connectivity Analyzer: A diagnostic tool to help users identify and troubleshoot connectivity issues with their Office 365 services, providing detailed reports and actionable insights.
- Paid services
- Pipl.com: A powerful tool for uncovering a wealth of information on individuals by aggregating data from various online sources, ideal for professionals needing detailed background checks and personal profiles.
- Free Services / Freemium services
- PhishTank.org: A community-driven site for submitting and verifying phishing attempts, providing an open API for developers and researchers to access a comprehensive database of phishing URLs to enhance online security measures.
- CheckPhish.ai: Offers free real-time URL scanning and typosquat monitoring to protect web and email domains against phishing attacks, leveraging AI for comprehensive threat intelligence and detection.
- Free Services / Freemium services
- OTX.AlienVault.com: A collaborative platform for sharing and researching real-time threat intelligence, enabling cybersecurity professionals and researchers to exchange insights and data on emerging threats.
- Any.Run Intelligence: Any.Run Intelligence is a threat intelligence platform offering comprehensive insights into malware threats, providing threat intelligence reports, indicators of compromise (IOCs), and actionable intelligence for cybersecurity professionals and researchers.
- ThreatBook: A threat intelligence platform that provides comprehensive insights into cyber threats, offering real-time monitoring, analysis, and mitigation strategies to enhance cybersecurity defenses.
- Paid services
- ThreatModeler: An advanced threat modeling platform that enables organizations to build, analyze, and visualize threat models for their applications and systems, facilitating proactive cybersecurity risk management.
-
Free Services / Freemium services
- Vulners.com: A search engine for software vulnerabilities, exploits, and security advisories to support cybersecurity efforts.
-
Paid services
- Adalanche by lkarlslund on GitHub: A tool for visualizing and exploring Active Directory ACLs to identify who has domain admin rights, aiding in security assessments and audits with both free and commercial versions available.
- eBPF explorer by ebpfdev on GitHub: A web UI for exploring the eBPF subsystem, including viewing maps and programs, with features like a GraphQL API, Prometheus metrics, and a visual map and program interconnection graph. It's designed to enhance visibility and control over eBPF components, aiding in performance analysis and debugging.
- Tripwire Open Source: A free file integrity monitoring tool designed to detect changes to files and directories on a system, providing alerts for potential security breaches or unauthorized modifications.
- Kuiper: Kuiper is a digital forensics and incident response tool designed to automate and simplify the process of collecting and analyzing volatile memory (RAM) artifacts from Windows systems, aiding forensic investigators and incident responders in identifying and investigating security incidents.
- Nuclei by Projectdiscovery on GitHub: A fast and customizable vulnerability scanner framework that enables security professionals to detect security issues in web applications and APIs by using predefined templates or creating custom ones.
- Nuclei Templates by VulnSpace on GitHub: A collection of community-contributed templates for use with Nuclei, covering various security checks and vulnerability detection scenarios in web applications and APIs.
- Externals Scan Script by aleksey-vi on GitHub: A script designed to scan external dependencies for known vulnerabilities, aiding in the identification and mitigation of security risks in software projects.
- WAFW00F by EnableSecurity on GitHub: A tool for identifying and fingerprinting Web Application Firewall (WAF) products protecting a website, allowing for enhanced security assessment and analysis.
- ERMACK by Security-Experts-Community on GitHub: A repository focused on the Enterprise Response Model & Common Knowledge, designed to provide a structured framework for cybersecurity incident response and knowledge sharing.
- MITRE ATT&CK®: A globally-recognized knowledge base of adversary tactics and techniques based on real-world observations, used for developing specific threat models and methodologies in cybersecurity.
- Sensor Mappings to ATT&CK: Provides resources to help security teams understand how to detect real-world adversary behaviors through concrete logs, sensors, and security capabilities, enhancing threat-informed defense practices.
- OCSF Schema Documentation: Offers detailed documentation on the Open Cybersecurity Framework (OCSF) schema, providing a standardized structure for representing cybersecurity information and facilitating interoperability among security tools and platforms.
- Auditd by Neo23x0 on GitHub: Provides a best practice configuration for Auditd, the Linux Audit Framework, designed to monitor and track security-relevant activities across various Linux distributions.
- loggen Man Page: The official manual page for the loggen command in Linux, providing detailed information on its usage, options, and syntax for generating log messages, commonly used for testing and troubleshooting purposes.
- Linux Malware Analysis Repository by timb-machine on GitHub: A collection of resources, tools, and scripts for analyzing and understanding Linux malware, aiding in malware research and cybersecurity defense strategies.
- Hashemian.com: A website offering various resources and tools related to web development, security, and internet technologies, including code snippets, tutorials, and articles covering a wide range of topics.
- Rezbez.ru: A website providing cybersecurity news, articles, and resources in Russian, covering a wide range of topics related to cybersecurity threats, vulnerabilities, and best practices.
- Syntax-IR Playbooks on GitLab: A repository containing security playbooks developed by Syntax-IR, providing incident response and security operation procedures to help organizations effectively handle cybersecurity incidents and threats.
- Awesome-SOC by cyb3rxp on GitHub: Curated list of Security Operations Center (SOC) resources, including tools, frameworks, and best practices for SOC operations and incident response.
- SOC-CMM: Website providing information about the Security Operations Center (SOC) Maturity Model (SOC-CMM), a framework for assessing and improving the maturity of SOC capabilities.
- LVCKernelHardening: Guide on the Linux Kernel Vulnerability Checker and Hardening, providing information and resources for securing and hardening Linux kernel configurations.
- SigmaHQ on GitHub: GitHub repository for SigmaHQ, a generic and open signature format for SIEM systems, designed to describe relevant log events in a straight forward manner.
- LOLBAS Project: The LOLBAS Project is a comprehensive repository documenting various legitimate binaries and scripts used by attackers for living off the land techniques, aiding cybersecurity professionals in understanding and mitigating threats associated with these techniques.