Skip to content

zbetcheckin/Security_list

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

148 Commits
README.md
README.md
Β 
Β 

Repository files navigation

Security list for fun and profit

Inspired by http://www.nothink.org/utilities.php

Table of Contents

Awesome lists πŸ‘

Name URL
Android https://github.com/ashishb/android-security-awesome
Curated list of awesome lists https://github.com/sindresorhus/awesome ⭐
Fuzzing https://github.com/secfigo/Awesome-Fuzzing
Hacking list https://github.com/Hack-with-Github/Awesome-Hacking ⭐⭐⭐
Honeypots https://github.com/paralax/awesome-honeypots ⭐
Incident response https://github.com/meirwah/awesome-incident-response/ ⭐⭐
Indicators of compromise https://github.com/sroberts/awesome-iocs
Info sec https://github.com/rmusser01/Infosec_Reference
Malware analysis https://github.com/rshipp/awesome-malware-analysis/ ⭐⭐⭐
Personal Security https://github.com/Lissy93/personal-security-checklist
Red team https://github.com/yeyintminthuhtut/Awesome-Red-Teaming
Reversing https://github.com/fdivrp/awesome-reversing
Security https://github.com/sbilly/awesome-security
Threat intelligence https://github.com/hslatman/awesome-threat-intelligence
Web https://github.com/qazbnm456/awesome-web-security/ https://github.com/infoslack/awesome-web-hacking

Books πŸ“š

Name URL
Free programming books https://github.com/EbookFoundation/free-programming-books
Recommended Reading http://dfir.org/?q=node/8

Bug bounty 🍫

Name URL
Bounty factory https://bountyfactory.io
Bugcrowd https://bugcrowd.com/programs
Google https://www.google.com/about/appsecurity/reward-program/
HackerOne https://hackerone.com ⭐
List of bug bounty https://www.bugcrowd.com/bug-bounty-list/
Microsoft https://technet.microsoft.com/en-us/security/dn425036
Open bug bounty https://www.openbugbounty.org/
Programs and write-ups https://github.com/djadmin/awesome-bug-bounty
Write-ups https://github.com/ngalongc/bug-bounty-reference
Zerodium https://www.zerodium.com/ πŸ’°:trollface:

Cheat sheets πŸ‘

Name URL
General cheat sheets http://www.cheat-sheets.org/ ⭐
Owasp series https://github.com/OWASP/CheatSheetSeries ⭐⭐
Packet life http://packetlife.net/library/cheat-sheets/
Penetration test https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
Pentest monkey http://pentestmonkey.net
SANS Forensic https://digital-forensics.sans.org/community/cheat-sheets
Security Onion https://github.com/Security-Onion-Solutions/security-onion/wiki/Cheat-Sheet
Zeltser's cheat sheets list https://zeltser.com/cheat-sheets/

CTF 🚩

Name URL
Awesome CTF https://github.com/apsdehal/awesome-ctf ⭐⭐
CTFd platform https://github.com/CTFd/CTFd ⭐
CTF PAD https://github.com/StratumAuhuur/CTFPad
CTF TIME https://ctftime.org/
Mellivora platform https://github.com/Nakiami/mellivora ⭐
Platform list https://github.com/We5ter/Awesome-Platforms/blob/master/CTF-Platforms.md
Reddit https://www.reddit.com/r/securityctf
Tools list https://github.com/Laxa/HackingTools
Tools list https://github.com/zardus/ctf-tools
Write-ups https://github.com/ctfs

Decoder/Converter/Beautifier :hurtrealbad:

Name URL
Code beautifier http://codebeautify.org/
Converter https://github.com/koczkatamas/koczkatamas.github.io
Cyber Chef https://gchq.github.io/CyberChef/ 🍴⭐⭐⭐
JSUnpack https://github.com/urule99/jsunpack-n
JSBeautifier http://jsbeautifier.org/ ⭐
Jjencode http://utf-8.jp/public/jjencode.html
JS deobfuscate https://github.com/sevzero/honeybadger
VB code beautifier http://www.vbindent.com/

Domain name Research / Analysis / Reputation πŸ“‰

Name URL
Archive https://archive.is/
Archive https://web.archive.org/ ⭐
BGP Toolkit http://bgp.he.net/ ⭐
Biggest DNS history https://securitytrails.com/list/ip/$IP ⭐
Cache page http://www.cachedpages.com/
Cache view http://cachedview.com/
Checking multiple blocklists http://rbls.org/ ⭐
DGA intro https://en.wikipedia.org/wiki/Domain_generation_algorithm
DNS Blacklists https://raw.githubusercontent.com/zbetcheckin/DNSBLs/master/active_dnsbls.txt
DNS dumpster https://dnsdumpster.com/
DNS Propagation Checker https://www.whatsmydns.net/
DNS stuff http://www.dnsstuff.com/
Domain analysis list https://github.com/rshipp/awesome-malware-analysis/#domain-analysis
Domain hijacking intro https://en.wikipedia.org/wiki/Domain_hijacking
Expired domain https://www.expireddomains.net/backorder-expired-domains/
Google https://www.google.com/transparencyreport/safebrowsing/diagnostic/
Into dns http://www.intodns.com/
Multi RBL http://multirbl.valli.org/lookup/ ⭐
MXToolBox https://mxtoolbox.com/SuperTool.aspx#
Netcraft http://www.netcraft.com/
Reverse Whois https://reversewhois.domaintools.com/
Robtex https://www.robtex.com/dns/
Sucuri http://sitecheck.sucuri.net/scanner/
TCP utils http://www.tcpiputils.com/
Threat log http://www.threatlog.com/
Threat miner https://www.threatminer.org/
Top-Level Domains list https://data.iana.org/TLD/tlds-alpha-by-domain.txt ⭐
Trusted source http://www.trustedsource.org/
URL Query http://urlquery.net/ ⭐
URL scan https://urlscan.io/ ⭐
URL shorter list https://mirror1.malwaredomains.com/files/url_shorteners.txt
URL Void http://www.urlvoid.com/
Virus total https://www.virustotal.com/#url
Whois - ARIN https://whois.arin.net/
Whois - LACNIC http://lacnic.net/cgi-bin/lacnic/whois
Whois - RIPE NCC https://apps.db.ripe.net/search/query.html
Whois - AFRINIC http://www.afrinic.net/fr/services/whois-query
Whois - APNIC http://wq.apnic.net/apnic-bin/whois.pl
Whois by registrant name http://viewdns.info/reversewhois/
Zeltser's list https://zeltser.com/lookup-malicious-websites/

Exploits and vulnerabilities πŸšͺ

Name URL
CVEdetails http://www.cvedetails.com/ ⭐
CVE.mitre https://cve.mitre.org/ ⭐
Full disclosure http://seclists.org/fulldisclosure/
See bug https://www.seebug.org/ ⭐
CXSecurity https://cxsecurity.com/ ⭐
Inj3ct0r http://0day.today/
Packet Storm https://packetstormsecurity.com/files/tags/exploit/
Exploit-db http://www.exploit-db.com
Vulnerability-lab http://www.vulnerability-lab.com/
Vulndb https://vuldb.com/?archive.2016
Vulners https://vulners.com/search?query=order:published
Backdoor - TCP-32764 https://github.com/elvanderb/TCP-32764
Rapid7 DB https://www.rapid7.com/db/modules/
NIST http://web.nvd.nist.gov/
Security focus http://www.securityfocus.com/vulnerabilities
Country compatibility https://cve.mitre.org/compatible/country.html
Mailing list https://nmap.org/mailman/listinfo/fulldisclosure
Mail received http://lists.openwall.net/full-disclosure/2016/
Mailing list http://seclists.org/
Mailing list https://lists.debian.org/debian-security-announce/
CVSS FIRST https://www.first.org/cvss/calculator/3.0
CVSS NIST https://nvd.nist.gov/cvss/v3-calculator

Forensic πŸ”

Name URL
Aldeid list https://www.aldeid.com/wiki/Category:Digital-Forensics
Awesome forensic https://github.com/Cugu/awesome-forensics
CFReDS http://www.cfreds.nist.gov/ ⭐
DFRWS challenge http://www.dfrws.org/dfrws-forensic-challenge-2016
File signatures https://en.wikipedia.org/wiki/List_of_file_signatures
File signatures http://www.filesignatures.net/index.php?page=all
File signatures http://www.garykessler.net/library/file_sigs.html
Forensic kb practical http://www.forensickb.com/2008/01/forensic-practical.html
Forensic tools https://forensics.cert.org/
Forensic - Technical graph http://www.amanhardikar.com/mindmaps/ForensicChallenges.html
Learn with David Cowen https://www.youtube.com/channel/UCZ7mQV3j4GNX-LU1IKPVQZg
Package - DEFT http://www.deftlinux.net/package-list/
Package - forensic-all https://packages.debian.org/stretch/forensics-all ⭐⭐
Testing Images http://dftt.sourceforge.net/
Tools - DFIR http://www.dfir.training/index.php/tools/ ⭐
Tools - Forensics wiki http://forensicswiki.org/wiki/Tools
Tools - NIST https://toolcatalog.nist.gov/taxonomy/index.php
Windows tools https://ericzimmerman.github.io/
Windows tools list http://forensic-proof.com/tools
Windows Artifact https://blogs.sans.org/computer-forensics/
Write blocker http://www.cftt.nist.gov/software_write_block.htm
Write blocker https://github.com/msuhanov/Linux-write-blocker
Zythom list https://zythom.blogspot.se/2007/02/les-outils-dun-expert-judiciaire.html πŸ‡«πŸ‡·

Free shell 🐚

Name URL
FreeShells list http://www.freeshells.info/
Red-pill http://shells.red-pill.eu/

Fun :trollface:

Name URL
Akamai map https://www.akamai.com/us/en/resources/visualizing-akamai/real-time-web-monitor.jsp 🌎
BGP stream https://bgpstream.com/ 🌎
Bitdefender map https://threatmap.bitdefender.com/ 🌎
Blueliv map https://community.blueliv.com/map/ 🌎
Checkpoint map https://threatmap.checkpoint.com/ 🌎
DDoS attacks http://www.digitalattackmap.com/ :trollface:
Dead drops https://deaddrops.com/db/ πŸ’ΎπŸ’€
Dshield map https://dshield.org/threatmap.html 🌎
Eset map http://www.virusradar.com/ 🌎
Fire eye map https://www.fireeye.com/cyber-map/threat-map.html 🌎
Flight radar https://www.flightradar24.com ✈️
Fortinet map https://threatmap.fortiguard.com/ 🌎
HE maps https://he.net/3d-map/ 🌎
Kaspersky AV map https://cybermap.kaspersky.com/ 🌎
Kaspersky map https://apt.securelist.com/ 🌎
Mozilla location service map https://location.services.mozilla.com/map 🌎
Open IP video cameras http://www.insecam.org/ πŸ“ΉπŸ™ˆ
Pwnie Awards http://pwnies.com/nominations/ 🐴
Sub marine cable http://www.submarinecablemap.com/ βš“
Sub marine cable http://submarine-cable-map-2016.telegeography.com/ βš“
Sub marine cable http://lifewinning.com/submarine-cable-taps/ βš“
Threat butt https://threatbutt.com/map/ 🌎🀑
Tor flow map https://torflow.uncharted.software 🌎
Trendmicro map https://botnet-cd.trendmicro.com/ 🌎
World of VNC https://worldofvnc.net/ πŸŽ…

Generic utilities πŸ“

Will be reorganized

Name URL
Abuse Contact DB https://www.abusix.com/contactdb πŸ“•
CERT teams https://www.first.org/about/organization/teams
Citizen lab https://citizenlab.org/
Code analysises https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
Codepad http://codepad.org/
Crypto currency https://coinmarketcap.com
Deepweb https://www.reddit.com/r/deepweb/
Electronic Frontier Foundation https://www.eff.org/
Face generator https://www.thispersondoesnotexist.com/
Fake ID http://www.fakenamegenerator.com/
Hackforum http://hackforums.net/ :trollface:
Hardened BSD https://hardenedbsd.org/content/easy-feature-comparison
Hashes example https://hashcat.net/wiki/doku.php?id=example_hashes
Mibbit http://www.mibbit.com/
Microsoft threat http://www.microsoft.com/security
MIME types https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Complete_list_of_MIME_types
MIME types https://slick.pl/kb/htaccess/complete-list-mime-types/
MIME types https://www.iana.org/assignments/media-types/media-types.xhtml ⭐
Mindmaps http://www.amanhardikar.com/mindmaps.html ⭐⭐⭐
Random data generator http://www.mockaroo.com/
Sans http://isc.sans.edu/diary/ ⭐⭐
Security wiki http://oss-security.openwall.org/wiki/
Understand your commands https://explainshell.com/ ⭐

GNU/Linux

Name URL
Chkrootkit https://packages.debian.org/en/jessie/chkrootkit
Command collection https://github.com/tuwid/GNU-Linux-OpsWiki
Debsecan https://packages.debian.org/en/jessie/debsecan
GNU/Linux containers https://github.com/Friz-zy/awesome-linux-containers#security
GNU/Linux executable walkthrough https://i.imgur.com/q5nyHp7.png
GNU/Linux post exploitation https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List ⭐
GNU/Linux workstation https://github.com/lfit/itpol/blob/master/linux-workstation-security.md ⭐⭐
Kernel exploitation https://github.com/xairy/linux-kernel-exploitation
Lynis https://packages.debian.org/en/jessie/lynis
RE 101 https://github.com/michalmalik/linux-re-101
RKhunter https://packages.debian.org/en/jessie/rkhunter ⭐
Securing debian https://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html ⭐
Vulnerability scanner https://github.com/future-architect/vuls

Honeypots 🍯

Name URL
Awesome list - All of them ! https://github.com/paralax/awesome-honeypots#honeypots ⭐⭐
Honeynet https://honeynet.org/project
Live nothink http://www.nothink.org/honeypots.php

IP Research / Analysis / Investigation

Name URL
Abuse IP DB https://www.abuseipdb.com/
BGP Toolkit http://bgp.he.net/ ⭐
Bing dork ip:$IP
Black List Alert http://www.blacklistalert.org/
Black List Check http://whatismyipaddress.com/blacklist-check/
Check host http://check-host.net/
FireHOL IP list https://github.com/firehol/blocklist-ipsets ⭐
Google dork "$IP"
Host file https://hosts-file.net/
IP void http://www.ipvoid.com/
Multi RBL http://multirbl.valli.org/lookup/ ⭐
Nirsoft country IP http://www.nirsoft.net/countryip/
Project Honeypot https://www.projecthoneypot.org/search_ip.php
RIPE stat https://stat.ripe.net/
Spamhaus https://www.spamhaus.org/lookup/
Virus total https://www.virustotal.com/gui/search/$IP
Whatch Guard http://www.reputationauthority.org/

Leak / Defaced πŸš‘

Name URL
Biggest db leaks https://cdn.databases.today/
Breach alarm https://breachalarm.com/
Darknet leaks https://darknetleaks.ru/archive/leaked/dumps/
Hacked emails https://hacked-emails.com/
Have I been pwned https://haveibeenpwned.com/
Isithacked http://www.isithacked.com
Leakedin http://www.leakedin.com/
Siph0n https://twitter.com/datasiph0n
Zone-H https://zone-h.org/

Learning / Exercises πŸŽ“

Name URL
Awesome training http://opensecuritytraining.info/Training.html ⭐⭐
Cybrary training https://www.cybrary.it/
Essential basics https://github.com/alex/what-happens-when ⭐⭐
Exploits https://thesprawl.org/research/
F-Secure training https://moocfi.github.io/courses/2017/cybersecurity/
Malware Analysis course https://github.com/RPISEC/Malware ⭐⭐
Malware traffic training http://www.malware-traffic-analysis.net/training-exercises.html ⭐
Practical analysis https://practicalmalwareanalysis.com/labs/
Reverse - Malware http://fumalwareanalysis.blogspot.se/p/malware-analysis-tutorials-reverse.html
Security courses https://bitvijays.github.io/ ⭐
Security training https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Courses_Training.md
Security talks https://github.com/PaulSec/awesome-sec-talks ⭐

Lock picking πŸ”

Name URL
Awesome lockpicking https://github.com/meitar/awesome-lockpicking
Lock pick guide http://lockpickguide.com ⭐
Bosnianbill video https://www.youtube.com/user/bosnianbill/videos ⭐
Lock lab https://lock-lab.com/
Lock wiki http://www.lockwiki.com/

Mail utilities πŸ“¬

Name URL
10 Minute Mail http://10minutemail.com
DNSBL https://en.wikipedia.org/wiki/DNSBL
DKIM validator http://dkimvalidator.com/
Email recon https://github.com/laramies/theHarvester
Get air mail http://en.getairmail.com/
Google Phishing quiz https://phishingquiz.withgoogle.com/ β­πŸ“§πŸ“Š
Gophish https://github.com/gophish/gophish
Mailinator https://www.mailinator.com/ # https://gist.github.com/nocturnalgeek/1b8fa44283314544c487
Mailnesia http://mailnesia.com/
Mailcatch http://mailcatch.com/
Mxtoolbox http://www.mxtoolbox.com/
Open phish https://openphish.com/ ⭐
Openresolver JP http://www.openresolver.jp/en/
Phishing Framework https://github.com/pentestgeek/phishing-frenzy
Phish tank http://www.phishtank.com/ ⭐
SimplyEmail https://github.com/killswitch-GUI/SimplyEmail
Spam DB http://www.dnsbl.info/dnsbl-database-check.php
Spam encode secret http://spammimic.com/encode.cgi
SpeedPhish Framework https://github.com/tatanus/SPF
Yop mail http://www.yopmail.com/

Malicious traffic detection 🚦

Name URL
10 strategies cyber ops center pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf
Awesome threat detection https://github.com/0x4D31/awesome-threat-detection
Maltrail https://github.com/stamparm/maltrail
Packetbeat https://www.elastic.co/products/beats/packetbeat
p0f http://lcamtuf.coredump.cx/p0f3/
Tsusen https://github.com/stamparm/tsusen

Malware / Botnet sources πŸ‘Ό

Name URL
0btemoslab tracker http://tracker.0btemoslab.com/
Abuse CH https://www.abuse.ch/
Benkow.cc tracker http://benkow.cc/
Botnet.fr https://www.botnets.fr/wiki/Main_Page
Clean MX http://support.clean-mx.de/clean-mx/viruses.php
Contagio http://contagiodump.blogspot.se/
Custom Google search engine https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu (from Corey Harrell)
Cybercrime tracker http://cybercrime-tracker.net/
Dont need coffee http://malware.dontneedcoffee.com/
Exposed Botnets http://www.exposedbotnets.com/
H3X tracker http://tracker.h3x.eu/
Malc0de http://malc0de.com/database/
No more ransom https://www.nomoreransom.org/
Kernel mode http://www.kernelmode.info
Malware domain list http://www.malwaredomainlist.com
Malware domain blocklist http://www.malwaredomains.com
Malware museum https://archive.org/details/malwaremuseum
Malware src https://malwares.github.io/
Malware.lu https://malware.lu/
Mirai tracker https://mirai.security.gives/
MISP https://github.com/MISP/MISP
Ransomware overview https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
Ransomware simulator https://shinolocker.com/
Ransomware tracker https://ransomwaretracker.abuse.ch/tracker/
SafeGroup http://www.malware.pl/ - https://www.scumware.org/
Structured Threat Information eXpression https://stixproject.github.io/
The Zoo aka Malware DB https://ytisf.github.io/theZoo/
Total hash https://totalhash.cymru.com/
VirusBay https://beta.virusbay.io/
VirusShare https://virusshare.com/
VX Vault http://vxvault.net/
Yararules https://github.com/Yara-Rules/rules
ZeuS Tracker https://zeustracker.abuse.ch

Malware analysis - Sandbox 😷

Name URL
Zeltser's list https://zeltser.com/automated-malware-analysis/
Cuckoo Sandbox https://www.cuckoosandbox.org/
Mastiff https://github.com/KoreLogicSecurity/mastiff
Fastir https://github.com/SekoiaLab/Fastir_Collector
SysAnalyser https://github.com/dzzie/SysAnalyzer
Viper https://github.com/viper-framework/viper
REMnux http://zeltser.com/remnux/
Zeltser analysis http://zeltser.com/reverse-malware/automated-malware-analysis.html
Manalyze https://github.com/JusticeRage/Manalyze
Quarkslab IRMA http://irma.quarkslab.com/
Dorothy2 https://github.com/m4rco-/dorothy2
F-Secure see https://github.com/F-Secure/see
Noriben https://github.com/Rurik/Noriben
Malheur https://github.com/rieck/malheur
Drakvuf https://github.com/tklengyel/drakvuf
Zero Wine Tryouts http://zerowine-tryout.sourceforge.net/
RFI sandbox https://monkey.org/~jose/software/rfi-sandbox/
Malwasm https://github.com/malwarelu/malwasm

Malware analysis - Sandbox - Online 😷

Name URL
Any.run https://any.run/
AVcaesar https://avcaesar.malware.lu/
Cape https://cape.contextis.com/
Comodo https://cit.valkyrie.comodo.com/
Hybrid analysis https://www.hybrid-analysis.com/
ID Ransomware https://id-ransomware.malwarehunterteam.com/
Jotti http://virusscan.jotti.org/it
Joe sandbox https://www.joesandbox.com/
Malwareconfig http://malwareconfig.com/
Malware tracker http://www.cryptam.com/
Malwr - Cuckoo https://malwr.com/
Other list http://cleanbytes.net/malware-online-scanners
PDF examiner http://www.pdfexaminer.com/
PE dump https://github.com/zed-0xff/pedump
Randomly changes Win32/64 PE Files https://github.com/secretsquirrel/recomposer
ViCheck https://www.vicheck.ca/
Virscan http://www.virscan.org/
VirusTotal http://www.virustotal.com/
Virus Total Notifier https://github.com/mubix/vt-notify

Mobile πŸ“±

Name URL
APK Analzyer http://www.apk-analyzer.net/
Droid Sec wiki http://www.droidsec.org/wiki/
Joebox Cloud https://jbxcloud.joesecurity.org/login
Mobile security wiki https://mobilesecuritywiki.com/ ⭐
OWASP Goat Droid https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project
Sand droid http://sanddroid.xjtu.edu.cn
Wiki secmobi https://github.com/secmobi/wiki.secmobi.com πŸ†

Network

Name URL
Awesome PCAP https://github.com/caesar0301/awesome-pcaptools ⭐
BGPlay https://stat.ripe.net/widget/bgplay ⭐
GNU/Linux monitoring https://blog.serverdensity.com/80-linux-monitoring-tools-know/
MAC address block http://standards-oui.ieee.org/oui/oui.txt
MAC find http://www.coffer.com/mac_find/
MAC find http://hwaddress.com
Packet total http://www.packettotal.com/
Ping.eu http://ping.eu/
Project honeypot https://www.projecthoneypot.org/
Protocol Numbers http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Publicly PCAP files http://www.netresec.com/?page=PcapFiles
Service Port Number Registry https://www.iana.org/assignments/service-names-port-numbers/ ⭐⭐
Service Port Number Registry https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Subnet calculator http://www.subnet-calculator.com/cidr.php
Subnet calculator http://www.subnetonline.com/pages/subnet-calculators.php
Security Onion tools https://github.com/Security-Onion-Solutions/security-onion/wiki/Tools

OSINT

Name URL
Osint list https://github.com/jivoi/awesome-osint ⭐
List of social network https://en.wikipedia.org/wiki/List_of_social_networking_websites ⭐
Reddit https://www.reddit.com/r/SocialEngineering/
Maltego https://www.paterva.com/
Hunter https://hunter.io/
Pipl https://pipl.com/
Peek you Β http://www.peekyou.com/
Lullar http://com.lullar.com/
Lakako http://www.lakako.com/
Yasni http://www.yasni.com/
User search https://usersearch.org/
Google https://www.google.com/advanced_search
Google dorks intext:lastName firstName
Google dorks insubject:lastName firstName
Google dorks `intext:lastName firstName filetype:pdf
Google Scraper https://github.com/NikolaiT/GoogleScraper
Bing https://www.bing.com/
Bing dorks lastName firstName (filetype:doc OR filetype:ppt OR filetype:pps OR filetype:xls OR filetype:docx OR filetype:pptx OR filetype:ppsx OR filetype:xlsx OR filetype:sxw OR filetype:sxc OR filetype:sxi OR filetype:odt OR filetype:ods OR filetype:odg OR filetype:odp OR filetype:pdf OR filetype:wpd OR filetype:svg OR filetype:svgz OR filetype:indd OR filetype:rdp OR filetype:ica)
Yahoo https://search.yahoo.com/
Duck duck go https://duckduckgo.com/
Yandex https://www.yandex.com/
Exa lead http://www.exalead.com
Osint stalker https://github.com/milo2012/osintstalker
Speed phish framework https://github.com/tatanus/SPF
Browser exploitation framework https://github.com/beefproject/beef
The harvester https://github.com/laramies/theHarvester
Meta goofil https://github.com/laramies/metagoofil

OS X

Name URL
Awesome OSX & IOS sec list https://github.com/ashishb/osx-and-ios-security-awesome
OSX auditor https://github.com/jipegit/OSXAuditor
OWASP iGoat Project https://www.owasp.org/index.php/OWASP_iGoat_Project
Security and privacy guide https://github.com/drduh/OS-X-Security-and-Privacy-Guide
stronghold - Easily configure MacOS security settings from the terminal. https://github.com/alichtman/stronghold

Passwords πŸ”‘

Name URL
CrackStation https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
Default password https://default-password.info/
Default password https://cirt.net/passwords
Default password http://www.defaultpassword.com/
Default password http://www.defaultpassword.us/
Default cameras password https://github.com/jeanphorn/wordlist/blob/master/README.md
Default password thc-hydra https://github.com/vanhauser-thc/thc-hydra/blob/master/dpl4hydra_full.csv
Dafault router password http://www.cleancss.com/router-default/
Default router password https://github.com/jeanphorn/wordlist/blob/master/router_default_password.md
Default VoIP password https://github.com/netbiosX/Default-Credentials/blob/master/VoIP-Default-Password-List.mdown
Fun secure password checker https://password.kaspersky.com/
Hashcat WIKI https://hashcat.net/wiki/
Multiple dictionary https://github.com/danielmiessler/SecLists/tree/master/Passwords
Multiple dictionary https://github.com/duyetdev/bruteforce-database
Online CrackStation https://crackstation.net
Online Hask Killer https://hashkiller.co.uk
Online Hash crack http://www.onlinehashcrack.com/
Online MD5 and SHA1 db http://hashtoolkit.com/
OpenWall http://www.openwall.com/passwords/wordlists/ or ftp://ftp.openwall.com/pub/wordlists/
Outpost9 http://www.outpost9.com/files/WordLists.html
Packets storm https://packetstormsecurity.com/Crackers/wordlists/
Password research http://www.passwordresearch.com/
Programming - Secure Password Storage https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016
SecLists https://github.com/danielmiessler/SecLists/tree/master/Passwords
Skull security https://wiki.skullsecurity.org/Passwords
SSH dictionary https://github.com/droope/pwlist

Penetration testing πŸ”§

Name URL
Awesome pentest https://github.com/enaqx/awesome-pentest
Awesome WAF https://github.com/0xInfection/Awesome-WAF
Footprinting - Procedure & tools http://www.0daysecurity.com/penetration-testing/network-footprinting.html
GNU/Linux privilege escalation https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ ⭐
Informaion gathering - Tools http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/information-gathering.html
IppSec channel https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
Organization of the Standard http://www.pentest-standard.org/index.php/Main_Page ⭐
Owasp - Check list https://www.owasp.org/index.php/Testing_Checklist
Owasp testing guide https://www.owasp.org/images/1/19/OTGv4.pdf ⭐⭐
Owasp - tools https://www.owasp.org/index.php/Category:OWASP_Tool
Public pentest reports https://github.com/juliocesarfort/public-pentesting-reports ⭐
Python tools for pentest https://github.com/dloss/python-pentest-tools
Report sample https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf
Reverse engineering http://wiki.yobi.be/wiki/Reverse-Engineering
SANS Penetration Testing http://pen-testing.sans.org
Services enumeration http://www.0daysecurity.com/penetration-testing/enumeration.html ⭐
Tools - BlackArch list https://blackarch.org/tools.html
Tools - Great list http://wiki.yobi.be/wiki/Table_of_contents#Security
Tools - Kali list http://tools.kali.org/tools-listing
Web http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/web-application-analysis.html
Web vulnerabilities http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/vulnerability-assessment.html
Webshell list https://github.com/tennc/webshell

Port scanners 🎯 && Wide Scans πŸ—½

Name URL
Masscan https://github.com/robertdavidgraham/masscan
Masscan Defcon conference https://defcon.org/
Network Scan Mon https://scan.netlab.360.com/#/dashboard
Nmap https://nmap.org/7/
Nscan https://github.com/OffensivePython/Nscan
PFRing https://github.com/ntop/PF_RING
Rapid7 Sonar Labs https://sonar.labs.rapid7.com/
Rapid7 Sonar Blackhat conference https://www.blackhat.com/
Scans.io https://scans.io/
Shadowserver https://www.shadowserver.org/ ⭐⭐⭐⭐
Sonar similar projects https://github.com/rapid7/sonar/wiki/Similar-Projects
Trending Ports https://isc.sans.edu/trends.html
Zmap https://zmap.io/
Zgrab https://github.com/zmap/zgrab

Search engines πŸ“‘

Name URL
ZoomEye https://zoomeye.org/ β­πŸ‡¨πŸ‡³
Shodan https://www.shodan.io/
Censys https://censys.io/
Gegereka http://gegereka.com/ (not always up)
Google https://www.google.com/advanced_search
Google dorks https://gist.github.com/zbetcheckin/04e6a5d7f2d5ef8cfa3c298701f47f9c
List of search engines https://en.wikipedia.org/wiki/List_of_search_engines
Threat crowd https://www.threatcrowd.org/

Security challenges / WarGames 🚩

Name URL
Zenk-Security https://www.zenk-security.com/
Root-Me http://www.root-me.org/
Overthewire http://overthewire.org/wargames/
Reversing http://reversing.kr/
Pwnable http://pwnable.kr/
Newbiecontest https://www.newbiecontest.org/
OWASP VWAD list https://github.com/OWASP/OWASP-VWAD/
WeChall https://www.wechall.net/
Vulnhub https://www.vulnhub.com/ ⭐
Net Garage http://io.netgarage.org/
SmashTheStack http://smashthestack.org/
Hackthissite http://www.hackthissite.org/
Hack.me https://hack.me
HackThis! http://www.hackthis.co.uk/
Backdoor.Sdslabs https://backdoor.sdslabs.co/
Bright-shadows http://www.bright-shadows.net/
SmashTheStack http://smashthestack.org/
Ringzer0team https://ringzer0team.com/challenges
Forensic contest http://forensicscontest.com/puzzles
Lost chall http://www.lost-chall.org/
Rankk http://www.rankk.org/
Happy Security http://www.happy-security.de/
Net force https://www.net-force.nl/challenges/
CanYouHack.it http://canyouhack.it/
Hellboundhackers https://www.hellboundhackers.org/
Microcorruption https://microcorruption.com/

Skimmer πŸƒ

Name URL
Skimmer source from Krebs https://krebsonsecurity.com/all-about-skimmers/
Great reverse engineering on skimmer https://trustfoundry.net/reverse-engineering-a-discovered-atm-skimmer/

SSH

Name URL
Bruteforce know hosts https://github.com/Churro/bruteforce-known-hosts
OpenSSH guidelines https://wiki.mozilla.org/Security/Guidelines/OpenSSH
SSH audit https://github.com/arthepsy/ssh-audit.git
SSH audit online https://sshcheck.com
Who's there https://github.com/FiloSottile/whosthere

SSL

Name URL
Certificate search https://crt.sh
Bad SSL https://github.com/chromium/badssl.com
Htbridge - Online analysis https://www.htbridge.com/ssl/
Mozilla SSL Configuration Generator https://mozilla.github.io/server-side-tls/ssl-config-generator/
Observatory by Mozilla - Online analysis https://observatory.mozilla.org/ ⭐⭐⭐⭐
O-Saft - Tools https://www.owasp.org/index.php/O-Saft
OWASP tests - Procedure https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers
Qualys SSL Labs - Online analysis https://www.ssllabs.com/ssltest/
SSLscan - Tools https://github.com/rbsec/sslscan
SSLyze - Tools https://github.com/iSECPartners/sslyze
Testssl.sh - Tools https://github.com/drwetter/testssl.sh ⭐

TOR

Name URL
Hidden services https://www.torproject.org/docs/hidden-services.html.en
Hidden services scanner https://github.com/superp00t/sadonion
Reddit https://www.reddit.com/r/onions/
Scan Onion Services https://github.com/s-rah/onionscan
Search engine - Grams http://grams7enufi7jmdl.onion/
Search engine - Ahmia https://ahmia.fi/
Search engine - TORCH http://xmh57jrzrnw6insl.onion/
Search engine - DuckDuckGo http://3g2upl4pq6kufc4m.onion/
Tails https://tails.boum.org/
The hidden wiki https://thehiddenwiki.org/
Tolerant ISP for exit node https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
Tor Browser Fingerprint https://github.com/jonaslejon/tor-fingerprint
Tor Bulk exit list https://check.torproject.org/cgi-bin/TorBulkExitList.py
Tor IP history https://exonerator.torproject.org/
Tor Know exit nodes https://check.torproject.org/exit-addresses
Tor Project https://www.torproject.org/
Tor Relays bandwidth https://github.com/TheTorProject/bwscanner
Tor Socks https://gitweb.torproject.org/torsocks.git
Tor Status https://torstatus.blutmagie.de/
URL onion inspector https://github.com/k4m4/onioff

VOIP ☎️

Name URL
Penetration test http://0daysecurity.com/penetration-testing/VoIP-security.html

VPN

Name URL
Open VPN https://github.com/OpenVPN
Comparison https://thatoneprivacysite.net/vpn-comparison-chart/
Location test https://www.dnsleaktest.com/
Location test https://ipleak.net/

Vulnerable environments πŸ”“

Name URL
Owasp list https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline
Owasp BWA https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
DVWA http://www.dvwa.co.uk/
WebGoat http://code.google.com/p/webgoat
Metasploitable 3 https://github.com/rapid7/metasploitable3/wiki
Vulnerable systems list https://www.amanhardikar.com/mindmaps/Practice.html ⭐
VulnHub http://vulnhub.com/
LampSecurity http://sourceforge.net/projects/lampsecurity/
Hackademic-RTB1 http://www.aldeid.com/wiki/Hackademic-RTB1
Moth http://www.bonsai-sec.com
Peruggia http://sourceforge.net/projects/peruggia/

Web browser

Name URL
Amiunique project https://github.com/DIVERSIFY-project/amiunique
Browser exploit https://github.com/julienbedard/browsersploit
Browser info http://www.browser-info.net/
Browser leaks https://www.browserleaks.com/
Browser recommendations https://gist.github.com/atcuno/3425484ac5cce5298932 ⭐
Browserling https://www.browserling.com/
Fingerprint https://amiunique.org/
Fingerprint https://panopticlick.eff.org/
Flash http://isflashinstalled.com/
Referer https://www.whatismyreferer.com/
SSL https://www.ssllabs.com/ssltest/viewMyClient.html
URL Shorter List https://bit.do/list-of-url-shorteners.php
User agent http://useragentstring.com/pages/useragentstring.php
User agent http://whatsmyuseragent.com/
User agent https://www.projecthoneypot.org/robot_useragents.php
User agent https://www.whatismybrowser.com/developers/tools/user-agent-parser/browse
Web technologies support tables https://caniuse.com/

Windows

Name URL
Anti forensic Windows https://www.reddit.com/r/security/comments/32fb1l/open_guide_to_scrubbing_windows_oss_from_forensic/
Security development https://github.com/ExpLife0011/awesome-windows-kernel-security-development
Windows executable walkthrough https://i.imgur.com/pHjcI.png
Windows exploitation https://github.com/r3p3r/nixawk-awesome-windows-exploitation
Windows hardening https://github.com/PaulSec/awesome-windows-domain-hardening

Wireless / Radio πŸ“Ά

Name URL
Awesome wifi tools list https://github.com/0x90/wifi-arsenal
Penetration test http://0daysecurity.com/penetration-testing/wireless-penetration.html
Great wifi map https://wigle.net/
RFSec-ToolKit https://github.com/cn0xroot/RFSec-ToolKit
RTL-SDR http://www.rtl-sdr.com/
Wireless in airports https://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY

About

Great security list for fun and profit

Resources

Readme
Activity

Stars

1.8k stars

Watchers

117 watching

Forks

348 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 8