Resources
Here's a list of cybersecurity tools and references I've collected over the years. I'm hoping this will help someone else get up to speed on their cybersecurity journey. If you have any recommendations, send them my way!
Online Tools
Shodan
PhishTool
Is it dodgy quick search
VirusTotal
VirusTotal
URL and website scanner - urlscan.io
urlscan.io - Website scanner for suspicious and malicious URLs
OffSec’s Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
Wannabrowser
With Wannabrowser you can mimic any User-Agent and look at the HTML-Sourcecode. Be a Bot, Browser, Tool on Smartphone, Desktop or Tablet.
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
URL2PNG - Screenshots as a Service
Whois Lookup, Domain Availability & IP Search - DomainTools
Research domain ownership with Whois Lookup: Get ownership info, IP address history, rank, traffic, SEO & more. Find available domains & domains for sale.
Uncoder IO: Detection Engineering IDE & Translation Engine for Cyber Defenders
Sign up to Uncoder AI for free and obtain advanced detection engineering capabilities that unlock collective expertise backed by Sigma and MITRE ATT&CK®.
MalShare
The MalShare Project is a community driven public malware repository that works to provide free access to malware samples and tooling to the infomation security community.
RegExr: Learn, Build, & Test RegEx
RegExr is an online tool to learn, build, & test Regular Expressions (RegEx / RegExp).
URLhaus - Malware URL exchange
Share malware distribution sites with the community
MalwareBazaar - Malware sample exchange
Share malware samples with the community
Feodo Tracker
Feodo Tracker tracks botnet C&Cs associated with Emotet (aka Heodo), Dridex, TrickBot and QakBot
ThreatFox - Share Indicators Of Compromise (IOCs)
Share indicators of compromise (IOCs) with the community
SSLBL | Detecting malicious SSL connections
The SSL Blacklist (SSLBL) is a collection of malicious SSL certificates and JA3 fingerprints used by botnet C2s
EchoTrail
Endpoint log security platform.
EchoTrail, Ltd.
Free Automated Malware Analysis Service - powered by Falcon Sandbox
Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.
Python Online Toolbox - Pythonium
Welcome to our Python Online Toolbox. Python, renowned for its versatility and simplicity, stands as a beacon in the world of programming languages. Our platform harnesses this power, offering tools and resources for developers. Whether you’re a seasoned developer or just starting out, our Python Online Toolbox might be useful for you, well, I hope
Cybersecurity References
Wireshark · Command Line Manual Pages
Wireshark: The world’s most popular network protocol analyzer
Wireshark · Display Filter Reference: Index
Wireshark: The world’s most popular network protocol analyzer
Kali Linux Forum
NVD - Home
Introduction - Metasploit Unleashed
Introduction to the freely available Metasploit Unleashed course by Offensive Security based on the Metasploit Framework.
OffSec Team
MITRE ATT&CK®
Ghidra
Cyber Security Posters | SANS Institute
Cyber Security Posters
Cyber Security White Papers | SANS Institute
Cyber Security White Papers | SANS Institute
Try Zeek
Null Byte
Explore Null Byte, a hub for white hat hackers, networking, security, pen-testing, zero days, social engineering, and more.
Osas Obaiza
cranky-bookshelf/Cranky Bookshelf.md at main
cranky-bookshelf - Dump of the books from the CrankySec Discord #bookshelf channel
scarcav
Cybersecurity Canon | Cybersecurity & Digital Trust
Sysinternals System Information Utilities - Sysinternals
Windows Sysinternals system information utilities
markruss
Bash scripting cheatsheet
Variables · Functions · Interpolation · Brace expansions · Loops · Conditional execution · Command substitution · One-page guide to Bash scripting
GitHub Repositories
GitHub - danielmiessler/SecLists: SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords,…
danielmiessler
SecLists
GitHub - jivoi/awesome-osint: :scream: A curated list of amazingly awesome OSINT
:scream: A curated list of amazingly awesome OSINT - jivoi/awesome-osint
jivoi
OSINT Resources
GitHub - 0x4D31/awesome-threat-detection: ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️ - 0x4D31/awesome-threat-detection
0x4D31Threat Detection Resources
GitHub - hslatman/awesome-threat-intelligence: A curated list of Awesome Threat Intelligence resources
A curated list of Awesome Threat Intelligence resources - hslatman/awesome-threat-intelligence
hslatman
Threat Intelligence Resources
GitHub - SigmaHQ/sigma: Main Sigma Rule Repository
Main Sigma Rule Repository. Contribute to SigmaHQ/sigma development by creating an account on GitHub.
SigmaHQ
SIGMA Rules Repository
GitHub - guardsight/gsvsoc_cirt-playbook-battle-cards: Cyber Incident Response Team Playbook Battle Cards
Cyber Incident Response Team Playbook Battle Cards - guardsight/gsvsoc_cirt-playbook-battle-cards
guardsight
Incident Response Playbook Battle Cards
Online Cybersecurity Training
TryHackMe | Cyber Security Training
An online platform for learning and teaching cyber security, all through your browser.
Blue Team Labs Online
A gamified platform for cyber defenders to test and showcase their skills
Hack The Box: The #1 Cybersecurity Performance Center
HTB is the leading Cybersecurity Performance Center for advanced frontline teams to aspiring security professionals & students. Start driving peak cyber performance.
Home | Linux Journey
Home Lab Resources
Vulnerable By Design ~ VulnHub
VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Jay Beale
IntroLabs/IntroClassFiles/navigation.md at master · strandjs/IntroLabs
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional. - strandjs/IntroLabs
strandjs
Project Ideas | Cybercademy
