Skip to content
/ InfosecCompilation Public

Infosec Compilation is an information security repository for offensive, defensive, and purple-teaming resources, along with guides designed for advanced penetration testing tactics, techniques, and procedures (TTPs) based on the MITRE framework

18 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DigitalQuinn/InfosecCompilation

BranchesTags

Repository files navigation

Infosec Compilation

Infosec Compilation is an information security repository for offensive, defensive, and purple-teaming resources, along with guides designed for advanced penetration testing tactics, techniques, and procedures (TTPs) based on the MITRE framework

Table of Contents


Homelab

Repository

  • Blue Team Homelab — Blue Team Environment
  • SecGen — Creates vulnerable VMs, Lab Environments, & Hacking challenges
  • DetectionLab - Quickly build a Windows domain with pre-loaded with security tooling and system logging configurations

Active Directory

Reverse Engineering

Blacklisting Domains

  • AbuseIPDB - Search engine for blacklisted IPs or domains.
  • AutoShun - Public repository of malicious IPs and other resources.
  • BadIPs - Online blacklist lookup.
  • Binary Defense IP Ban List - Public IP blacklist.
  • Blocklist Ipsets - Public IP blacklist.
  • Exonera Tor - A database of IP addresses that have been part of the Tor network. It answers the question whether there was a Tor relay running on a given IP address on a given date.
  • Malware Domain List - Search and share malicious URLs.
  • Spamcop - IP based blacklist.
  • Spamhaus - Online blacklist lookup.
  • malc0de DNSSinkhole - List of domains that have been identified as distributing malware during the past 30 days.
  • malc0de DNSSinkhole - List of domains that have been identified as distributing malware during the past 30 days.

Sandbox

  • Cuckoo - open source automated malware analysis system
  • DRAKVUF Sandbox - Automated black-box malware analysis system with DRAKVUF engine under the hood (Doesn't require an agent on guest OS)
  • PacketTotal — Online PCAP Analysis Engine
  • Joe Sandbox Cloud - Automated malware sandbox (Live interaction capabilities)
  • CAPE - Malware sandbox, derived from Cuckoo with the goal of adding automated malware unpacking and config extraction
    • Cuckoo - Open Source Highly configurable sandboxing tool.
  • Cuckoo-modified - Heavily modified Cuckoo fork developed by community.
  • Cuckoo-modified-api - A Python library to control a cuckoo-modified sandbox.
  • Hybrid-Analysis - Hybrid-Analysis is a free powerful online sandbox by Payload Security.
  • Malwr - Malwr is a free online malware analysis service and community, which is powered by the Cuckoo Sandbox.
  • Mastiff - MASTIFF is a static analysis framework that automates the process of extracting key characteristics from a number of different file formats.
  • Metadefender Cloud - Metadefender is a free threat intelligence platform providing multiscanning, data sanitization and vulnerability assesment of files.
  • Viper - Viper is a python based binary analysis and management framework, that works well with Cuckoo and YARA
  • Virustotal - Virustotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners.
  • Visualize_Logs - Open source. Visualization library and command line tools for logs.

Network Access Control (NAC)

Vulnerable Images

  • Exploit Education - Variety of resources to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues
  • Docker Images - Hundreds of offensive and useful Docker images for penetration testing

Malware Binaries

Malware Analysis Homelab Setup

Malware Tools

Endpoint Detection & Response (EDR)

Security Incident Event Monitoring (SIEM)

Log Management

  • bugfender.com — Free up to 100k log lines/day with 24 hours retention
  • humio.com — Free up to 16 GB/day with 7 days retention
  • logdna.com - Free for a single user, no retention, unlimited hosts and sources
  • logentries.com — Free up to 5 GB/month with 7 days retention
  • loggly.com — Free for a single user, 200MB/day with 7 days retention
  • logz.io — Free up to 1 GB/day, 1 days retention
  • ManageEngine Log360 Cloud — Log Management service powered by Manage Engine. Free Plan offers 50 GB storage with 1 Month retention.
  • papertrailapp.com — 48 hours search, 7 days archive, 50 MB/month
  • sematext.com — Free up to 500 MB/day, 7 days retention
  • sumologic.com — Free up to 500 MB/day, 7 days retention
  • logflare.app — Free for upto 12,960,000 enteries per app per month, 3 days retention
  • logtail.com — ClickHouse-based SQL-compatible log management. Free up to 1 GB per month, 3 days retention.
  • logzab.com — Audit trail management system. Free 1.000 user activity log per month, 1 month retention, for up-to 5 projects.

Monitoring

  • Pingmeter.com - 5 uptime monitors with 10 minutes interval. monitor SSH, HTTP, HTTPS, and any custom TCP ports.
  • appdynamics.com — Free for 24 hours metrics, application performance management agents limited to one Java, one .NET, one PHP and one Node.js
  • appneta.com — Free with 1-hour data retention
  • appspector.com - Mission control, for remote iOS/Android/Flutter debugging. Free for small traffic usage (64MB of logs).
  • assertible.com — Automated API testing and monitoring. Free plans for teams and individuals.
  • blackfire.io — Blackfire is the SaaS-delivered Application Performance Solution. Free Hacker plan (PHP only)
  • checklyhq.com - Open source E2E / Synthetic monitoring and deep API monitoring for developers. Free plan with 5 users and 50k+ check runs.
  • circonus.com — Free for 20 metrics
  • cloudsploit.com — AWS security and configuration monitoring. Free: unlimited on-demand scans, unlimited users, unlimited stored accounts. Subscription: automated scanning, API access, etc.
  • cronitor.io - Performance insights and uptime monitoring for cron jobs, websites, APIs and more. Free tier with 5 monitors.
  • datadoghq.com — Free for up to 5 nodes
  • deadmanssnitch.com — Monitoring for cron jobs. 1 free snitch (monitor), more if you refer others to sign up
  • economize.cloud — Economize helps demystify cloud infrastructure costs by organizing cloud resources, optimize and report the same. Free for up to $5000 spends on Google Cloud Platform every month.
  • elastic.co — Instant performance insights for JS developers. Free with 24 hours data retention
  • freeboard.io — Free for public projects. Dashboards for your Internet of Things (IoT) projects
  • freshworks.com — Monitor 50 URLs at 1-minute interval with 10 Global locations and 5 Public status pages for Free
  • gitential.com — Software Development Analytics platform. Free: unlimited public repositories, unlimited users, free trial for private repos. On-prem version available for enterprise.
  • Grafana Cloud - Grafana Cloud is a composable observability platform, integrating metrics and logs with Grafana. Free: 3 users, 10 dashboards, 100 alerts, metrics storage in Prometheus and Graphite (10,000 series, 14 days retention), logs storage in Loki (50 GB of logs, 14 days retention)
  • healthchecks.io — Monitor your cron jobs and background tasks. Free for up to 20 checks.
  • inspector.dev - A complete Real-Time monitoring dashboard in less than one minute with free forever tier.
  • instrumentalapp.com - Beautiful and easy-to-use application and server monitoring with up to 500 metrics and 3 hours of data visibility for free
  • keychest.net/speedtest - Independent speed test and TLS handshake latency test against Digital Ocean
  • letsmonitor.org - SSL monitoring, free for up to 5 monitors
  • loader.io — Free load testing tools with limitations
  • meercode.io — Meercode is the ultimate monitoring dashboard for your CI/CD builds. Free for open-source and 1 private repository.
  • netdata.cloud — Netdata is an open source tool designed to collect real-time metrics.Great fast growing product. It can also be found in github!
  • newrelic.com — New Relic observability platform built to help engineers create more perfect software. From monoliths to serverless, you can instrument everything, then analyze, troubleshoot, and optimize your entire software stack. Free tier offers 100GB/month of free data ingest, 1 free full access user, and unlimited free basic users.
  • nixstats.com - Free for one server. E-Mail Notifications, public status page, 60 second interval and more.
  • OnlineOrNot.com - OnlineOrNot is a reliable uptime monitor for both JS-based web apps and websites. 5 uptime checks (for static websites and APIs) with a 5 minute interval, 1 browser check with a 15 minute interval. Also provides automated public status pages (with support coming for 3rd party uptime monitoring). Free for up to 3 users, alerts via Slack, Discord, and Email.
  • opsgenie.com — Powerful alerting and on-call management for operating always-on services. Free up to 5 users.
  • paessler.com — Powerful infrastructure and network monitoring solution including alerting, strong visualization capabilities and basic reporting. Free up to 100 sensors.
  • syagent.com — Non commercial free server monitoring service, alerts and metrics.
  • pagertree.com - Simple interface for alerting and on-call management. Free up to 5 users.
  • pingbreak.com — Modern uptime monitoring service. Check unlimited URLs and get downtime notifications via Discord, Slack or email.
  • pingpong.one — Advanced status page platform with monitoring. Free tier includes one public customizable status page with SSL subdomain. Pro plan is offered to open-source projects and non-profits free of charge.
  • sematext.com — Free for 24 hours metrics, unlimited number of servers, 10 custom metrics, 500,000 custom metrics data points, unlimited dashboards, users, etc.
  • sitemonki.com — Website, domain, Cron & SSL monitoring, 5 monitors in each category for free
  • skylight.io — Free for first 100,000 requests (Rails only)
  • speedchecker.xyz — Performance Monitoring API, checks Ping, DNS, etc.
  • stathat.com — Get started with 10 stats for free, no expiration
  • statuscake.com — Website monitoring, unlimited tests free with limitations
  • statusgator.com — Status page monitoring, 3 monitors free
  • thousandeyes.com — Network and user experience monitoring. 3 locations and 20 data feeds of major web services free
  • thundra.io/apm — Application monitoring and debugging. Has a free tier up to 250k monthly invocations.
  • uptimerobot.com — Website monitoring, 50 monitors free
  • uptimetoolbox.com — Free monitoring for 5 websites, 60 second intervals, public statuspage.
  • zenduty.com — End-to-end incident management, alerting, on-call management and response orchestration platform for network operations, site reliability engineering and DevOps teams. Free for upto 5 users.
  • instatus.com - Get a beautiful status page in 10 seconds. Free forever with unlimited subs and unlimited teams.
  • Squadcast.com - Squadcast is an end-to-end incident management software that's designed to help you promote SRE best practices. Free forever plan available for upto 10 users.
  • RoboMiri.com - RoboMiri is a stable uptime monitor that offer a wide range of monitors: cronjob, keyword, website, port, ping. 25 uptime checks with a 3 minutes interval checks for free. Alerts via Phone Call, SMS, Email and Web Hook.
  • Better Stack - Uptime monitoring, incident management, on-call scheduling/alerting and status pages in a single product. 10 monitors with 3 min check frequency and status pages are included on the free plan.

Hacking References & Cheatsheets

Showcasings

Github Repositories (Need to Look Through)

Offensive Security Tools

Reconnaissance Tools

Gathering information that can be used to support targeting


Anonymity Tools

  • Freenet - Freenet is a peer-to-peer platform for censorship-resistant communication and publishing.
  • I2P - The Invisible Internet Project.
  • OnionScan - Tool for investigating the Dark Web by finding operational security issues introduced by Tor hidden service operators.
  • Tor - Free software and onion routed overlay network that helps you defend against traffic analysis.
  • What Every Browser Knows About You - Comprehensive detection page to test your own Web browser's configuration for privacy and identity leaks.

OSINT Frameworks

  • ReconSpider
  • HostRecon — Provide situational awareness during reconnaissance of an engagement
  • reconFTW — Automates the entire reconnaisance process
  • OSINT Repository
  • DarkSide — OSINT & Social Engineering Tool
  • AutoRecon - Performs automated enumeration of services
  • Belati - The Traditional Swiss Army Knife For OSINT. Belati is tool for Collecting Public Data & Public Document from Website and other service for OSINT purpose.
  • Intrigue Core - Framework for attack surface discovery.
  • NetBootcamp OSINT Tools
  • OSINT Framework
  • Recon-ng - Full-featured Web Reconnaissance framework written in Python.
  • sn0int - Semi-automatic OSINT framework and package manager.

Search Engines

  • Shodan - Database containing information on all accessible domains on the internet obtained from passive scanning
  • Wigle - Database of wireless networks, with statistics
  • Binary Edge - Scans the internet for threat intelligence
  • ONYPHE - Collects cyber-threat intelligence data
  • GreyNoise - Search for devices connected to the internet
  • Censys - Assessing attack surface for internet connected devices
  • Hunter - Search for email addresses belonging to a website
  • ZoomEye - Gather information about targets
  • LeakIX - Search publicly indexed information
  • IntelligenceX - Search Tor, I2P, data leaks, domains, and emails
  • Netlas - Search and monitor internet connected assets
  • URL Scan - Free service to scan and analyse websites
  • PublicWWW - Marketing and affiliate marketing research
  • FullHunt - Search and discovery attack surfaces
  • crt.sh - Search for certs that have been logged by CT
  • Vulners - Search vulnerabilities in a large database
  • Pulsedive - Search for threat intelligence
  • Packet Storm Security - Browse latest vulnerabilities and exploits
  • GrayHatWarefare - Search public S3 buckets and URL shorteners
  • Dehashed - Search for anything like username, email, passwords, address, or phone number.
  • Have I Been Pwned? - Check whether personal data has been compromised by data breaches
  • Snusbase - Indexes information from hacked websites and leaked databases
  • LeakBase - Forum of leaked databases
  • LeakCheck - Data breach search engine
  • GhostProject.fr - Smart search engine
  • SecurityTrails - Extensive DNS data
  • DorkSearch - Really fast Google dorking
  • ExploitDB - Archive of various exploits
  • PolySwarm - Scan files and URLs for threats
  • DNSDumpster - Search for DNS records quickly
  • FullHunt - Search and discovery attack surfaces
  • AlienVault - Extensive threat intelligence feed
  • Vulners - Search vulnerabilities in a large database
  • WayBackMachine - View content from deleted websites
  • SearchCode - Search 75 billion lines of code from 40 million projects
  • Sarenka — Gathers data from Shodan, censys, etc.
  • All-in-One - All search engines in one
  • AllTheInternet - All in one search engine
  • Etools - Search information retrieved from several data sources simultaneously
  • FaganFinder - Collection of tools to help you find anything online
  • Goofram - Enhanced saerch engine
  • Myallsearch - Enhanced saerch engine
  • Qwant - Enhanced saerch engine
  • Zapmeta - All web results
  • iZito - Combine all search engines

National Search Engines

Localized search engines by country

Data Analytics

  • OpenRefine - Free & open source power tool for working with messy data and improving it.
  • Outwit - Find, grab and organize all kinds of data and media from online sources.
  • Pown Recon - Target reconnaissance framework powered by graph theory.
  • QuickCode - Python and R data analysis environment.
  • ThreatCrowd - Threat search engine
  • ThreatTracker - Python based IOC tracker.

Source Code Search

Search by website source code

  • NerdyData - Search engine for source code.
  • SearchCode - Help find real world examples of functions, API's and libraries across 10+ sources
  • Grep App - Search for source code across a half million git repos

Crypto OSINT

  • Bitcoin Abuse - Database of wallets associated with ransomware, blackmailers and fraud.
  • Bitcoin Who's Who - Database of known ID information from bitcoin addresses.
  • Blockchair - Multiple blockchain explorer.
  • Wallet Explorer - Finds all known associated bitcoin addresses from a single known address.
  • Orbit - Draws relationships between crypto wallets with recursive crawling of transaction history.

Government Record Search

  • Blackbook - Public Records Starting Point.
  • FOIA Search - Government information request portal.
  • PACER - Public Access to Federal Court Records.
  • RECAP - Free version of PACER. Includes browser extensions for Chrome & Firefox.
  • SSN Validator - Confirms valid Social Security Numbers.

Social Media

Twitter

Facebook

Instagram

Pinterest

Reddit

Tools to help discover more about a reddit user or subreddit

GitHub

  • Octosuite — Gather OSINT on GitHub users
  • Github-dorks - CLI tool to scan github repos/organizations for potential sensitive information leak.
  • Zen - Find email addresses of Github users.

LinkedIn

  • Raven - LinkedIn information gathering tool.

VKontakte (Russian) Search

Perform various OSINT on Russian social media site VKontakte


Credentials

Breached Credentials

  • breach-parse: Tool for parsing breached passwords
  • emagnet - Automated hacking tool that will find leaked databases.

Email


Personal Investigations


Phone Numbers

  • National Cellular Directory - Cell phone lookups. The lookup products including billions of records
  • Reverse Phone Lookup - Detailed information about phone carrier, region, service provider, and switch information.
  • Spy Dialer - Get the voicemail of a cell phone & owner name lookup.
  • Twilio - Look up a phone numbers carrier type, location, etc.
  • Phone Validator - Pretty accurate phone lookup service, particularly good against Google Voice numbers.

Company Research


Location

Wireless

Satellite Images


Image Search


Dorking

Document & Slides Search

Search for data located on PDFs, Word documents, presentation slides, and more


Web History


Web Monitoring


Social Network Analysis


Network Recon Tools

  • ACLight - Script for advanced discovery of sensitive Privileged Accounts - includes Shadow Admins.
  • BuiltWith - Technology lookup tool for websites.
  • CloudFail - Unmask server IP addresses hidden behind Cloudflare by searching old database records and detecting misconfigured DNS.
  • LdapMiner - Multiplatform LDAP enumeration utility.
  • Mass Scan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
  • Netdiscover - Simple and quick network scanning tool.
  • Pentest-Tools - Online suite of various different pentest related tools.
  • Ruler - Tool for remotely interacting with Exchange servers.
  • Shodan - Database containing information on all accessible domains on the internet obtained from passive scanning.
  • Spyse - Web research services that scan the entire internet using OSINT, to simplify the investigation of infrastructure and attack surfaces.
  • Spyse.py - Python API wrapper and command-line client for the tools hosted on spyse.com.
  • Sublist3r - Subdomain enumeration tool for penetration testers.
  • ldapsearch - Linux command line utility for querying LDAP servers.
  • nmap - Free security scanner for network exploration & security audits.
  • pyShodan - Python 3 script for interacting with Shodan API (requires valid API key).
  • smbmap - Handy SMB enumeration tool.
  • xprobe2 - Open source operating system fingerprinting tool.
  • zmap - Open source network scanner that enables researchers to easily perform Internet-wide network studies.

Domain

  • Ahrefs - A tool for backlink research, organic traffic research, keyword research, content marketing & more.
  • Amass - Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
  • Backlink Discovery — Find backlinks, Referring domains, Link history, etc.
  • Central Ops
  • Datasploit - Tool to perform various OSINT techniques on usernames, emails addresses, and domains.
  • Domain Dossier
  • Domain Investigation Toolbox — Gather information about the target domain name
  • Domain Tools - Whois lookup and domain/ip historical data.
  • Easy whois
  • Exonera Tor - A database of IP addresses that have been part of the Tor network. It answers the question whether there was a Tor relay running on a given IP address on a given date.
  • FindFrontableDomains - Multithreaded tool for finding frontable domains.
  • GooFuzz — Perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches
  • HaxUnit — Combines multiple active/passive subdomain enumeration tools and port scanning
  • IP Address.com
  • IP Neighboring — Discover Neighboring IP Hosts
  • IP Void
  • InfoByIp - Domain and IP bulk lookup tool.
  • Investigator — Quickly check & gather information about the target domain name
  • Link-JS — Fetch links from JS w/ Subfinder
  • Meg - Quickly find hidden paths/directories without flooding traffic
  • Squatm3gator - Enumerate available domains generated modifying the original domain name through different cybersquatting techniques
  • Verisign
  • Website Informer
  • w3snoop

Blacklisting

URL

  • Assetfinder: Find domains and subdomains potentially related to a given domain
  • Astra — Finds API keys, URLs, AWS Buckets, etc.
  • Awesome Hacker Search Engines — CVEs, Domains, Addresses, Certifications, Credentials, etc.
  • Censys - Collects data on hosts and websites through daily ZMap and ZGrab scans.
  • ExitLooter - Find geolocation on image URL and directories
  • Grey Noise — Trace IPs, URLs, etc.
  • Js-parse — Looks through javascript files in a given directory and finds subdomains, URLs, parameters, custom headers, and API keys
  • Majestic - Find out who links to your website
  • Phonebook — Lists all domains, email addresses, URL for the target domain
  • PowerMeta — Searches for publicly available files hosted on webpages for a particular domain
  • URLVoid - Analyzes a website through multiple blacklist engines and online reputation tools to facilitate the detection of fraudulent and malicious websites.
  • WhereGoes — URL Redirect Checker

Backlinks

Finding Broken Links

DNS / WHOIS

Favicon

  • FavFreak - Fetches the favicon.ico and hash value and generates shodan dorks

Cloud

  • CloudFrunt - Tool for identifying misconfigured CloudFront domains.

Vulnerability Scanners

Web Scanners

  • BurpSuite
  • ACSTIS - Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
  • BuiltWith
  • Burp Suite - Commercial web vulnerability scanner, with limited community edition.
  • cms-explorer - Reveal the specific modules, plugins, components and themes that various websites powered by content management systems are running.
  • Netsparker Web Application Security Scanner - Commercial web application security scanner to automatically find many different types of security flaws.
  • Nikto - Noisy but fast black box web server and web application vulnerability scanner.
  • Observatory - Free online web scanning utility.
  • OWASP Zed Attack Proxy (ZAP) - Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
  • Security Headers - Free online utility for checking a website's HTTP headers for security vulnerabilities.
  • SQLmate - A friend of sqlmap that identifies sqli vulnerabilities based on a given dork and website (optional).
  • WPScan - Black box WordPress vulnerability scanner.
  • Follow.net
  • HypeStat
  • StatsCrop
  • Netcraft Site Report
  • Wappalyzer

Additional Scanners

  • Fenrir - Fenrir is a simple IOC scanner. It allows scanning any UNIX system for IOCs in plain bash.

Fuzzers

  • fuzzbox - Multi-codec media fuzzing tool.
  • honggfuzz - Security orientated fuzzing tool.
  • melkor-android - Android fuzzing tool for ELF file formats.
  • radamsa - General purpose fuzzing tool.

API Keys

  • Clickjacker — Discover secret API Keys
  • js-parse — Looks through javascript files in a given directory and finds subdomains, URLs, parameters, custom headers, and API keys
  • Astra — Finds API keys, URLs, AWS Buckets, etc.

Web Cookies

Missing Headers

Web Exploitation

  • Browser Exploitation Framework (BeEF) - Command and control server for delivering exploits to commandeered Web browsers.
  • Commix - Automated all-in-one operating system command injection and exploitation tool.
  • Drupwn - Drupal web application exploitation tool.
  • EyeWitness - Tool to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  • fimap - Find, prepare, audit, exploit and even Google automatically for LFI/RFI bugs.
  • FuzzDB - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  • IIS-Shortname-Scanner - Command line tool to exploit the Windows IIS tilde information disclosure vulnerability.
  • Kadabra - Automatic LFI exploiter and scanner.
  • Kadimus - LFI scan and exploit tool.
  • LFISuite - A tool designed to exploit Local File Include vulnerabilities.
  • libformatstr - Python script designed to simplify format string exploits.
  • liffy - LFI exploitation tool.
  • lyncsmash - A collection of tools to enumerate and attack self-hosted Skype for Business and Microsoft Lync installations
  • NoSQLmap - Automatic NoSQL injection and database takeover tool.
  • SQLmap - Automated SQL injection and database takeover tool.
  • sqlninja - Automated SQL injection and database takeover tool.
  • sslstrip2 - SSLStrip version to defeat HSTS.
  • sslstrip - Demonstration of the HTTPS stripping attacks.
  • tplmap - Automatic server-side template injection and Web server takeover tool.
  • VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages.
  • wafw00f - Identifies and fingerprints Web Application Firewall (WAF) products.
  • webscreenshot - A simple script to take screenshots from a list of websites.
  • weevely3 - Weaponized web shell.
  • Wordpress Exploit Framework - Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
  • WPSploit - Exploit WordPress-powered websites with Metasploit.
  • Fuxploiter — Detecting and exploiting file upload forms flaws

Extensions

  • AutoScanWithBurp — Extension to perform automated & authenticated scans against URLS
  • OAuthScan - Burp Suite Extension written in Java with the aim to provide some automatic security checks
  • Mitaka — Browser extension for OSINT

Misc OSINT Tools

  • Photon - Crawler designed for OSINT.
  • GOSINT - OSINT tool with multiple modules and a telegram scraper.
  • Maltego - Proprietary software for open source intelligence and forensics, from Paterva.
  • SecApps Recon - Information gathering and target reconnaissance tool and UI.
  • Spiderfoot - Open source OSINT automation tool with a Web UI and report visualizations
  • Vcsmap - Plugin-based tool to scan public version control systems for sensitive information.
  • XRay - XRay is a tool for recon, mapping and OSINT gathering from public networks.

Threat Hunting / Intelligence

  • Crits - a web-based tool which combines an analytic engine with a cyber threat database .
  • Fileintel - Pull intelligence per file hash.
  • HELK - Threat Hunting platform.
  • Hostintel - Pull intelligence per host.

Resource Development Tools

Creating, purchasing, or compromising resources that can be used to support targeting

Pentesting OS Distributions

  • ArchStrike - Arch GNU/Linux repository for security professionals and enthusiasts.

  • AttifyOS - GNU/Linux distribution focused on tools useful during Internet of Things (IoT) security assessments.

  • BackBox - Ubuntu-based distribution for penetration tests and security assessments.

  • BlackArch - Arch GNU/Linux-based distribution for penetration testers and security researchers.

  • Buscador - GNU/Linux virtual machine that is pre-configured for online investigators.

  • Fedora Security Lab - Provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies.

  • Kali - GNU/Linux distribution designed for digital forensics and penetration testing.

  • Network Security Toolkit (NST) - Fedora-based bootable live operating system designed to provide easy access to best-of-breed open source network security applications.

  • Parrot Security OS - Distribution similar to Kali using the same repositories, but with additional features such as Tor and I2P integration.

  • The Pentesters Framework - Distro organized around the Penetration Testing Execution Standard (PTES), providing a curated collection of utilities that eliminates often unused toolchains.

  • LOTS Project — Websites that allows attackers to use their domain when conducting phishing, C2, exfiltration, and downloading tools to evade detection

Hardware

  • Flipper Zero
  • LAN Turtle - Covert "USB Ethernet Adapter" that provides remote access, network intelligence gathering, and MITM capabilities when installed in a local network.
  • PCILeech - Uses PCIe hardware devices to read and write from the target system memory via Direct Memory Access (DMA) over PCIe.
  • Poisontap - Siphons cookies, exposes internal (LAN-side) router and installs web backdoor on locked computers.
  • Proxmark3 - RFID/NFC cloning, replay, and spoofing toolkit often used for analyzing and attacking proximity cards/readers, wireless keys/keyfobs, and more.
  • USB Rubber Ducky - Customizable keystroke injection attack platform masquerading as a USB thumbdrive.
  • WiFi Pineapple - Wireless auditing and penetration testing platform.

Lockpicking Resources

  • /r/lockpicking Subreddit - Subreddit dedicated to the sport of lockpicking.
  • Keypicking.com - Bustling online forum for the discussion of lockpicking and locksport.
  • LockWiki - Community-driven reference for both beginners and professionals in the security industry.
  • Lockpicking Forensics - Website "dedicated to the science and study of forensic locksmithing."
  • Lockpicking101.com - One of the longest-running online communities "dedicated to the fun and ethical hobby of lock picking."
  • The Amazing King's Lockpicking pages - Hobbyist's website with detailed pages about locks, tools, and picking techniques.

CLI Usability

Initial Access Tools

Various entry vectors to gain your initial foothold within a network

Phishing

  • [AdvPhishing] - This Is Advance Phishing Tool! OTP PHISHING
  • CredSniper — Launch phishing site
  • DarkSide — OSINT & Social Engineering Tool
  • EvilNoVNC - Ready to go Phishing Platform
  • Fake-SMS — Create SMS messages
  • Mip22 - Advanced phishing tool
  • PhishStats - gathering, enhancing and sharing phishing information with the infosec community.
  • PyPhisher — Phishing website templates
  • Zphishper - Automated phishing tool
  • C2
  • [CiLocks] - Android LockScreen Bypass
  • [Android-PIN-Bruteforce] - Unlock An Android Phone (Or Device) By Bruteforcing The Lockscreen PIN

Social Engineering Tools

  • Beelogger - Tool for generating keylooger.
  • Canary Tokens - Generate tokens to automatically alert users when triggered.
  • Catphish - Tool for phishing and corporate espionage written in Ruby.
  • Evilginx - MITM attack framework used for phishing credentials and session cookies from any Web service
  • Gophish - Open-Source Phishing Framework
  • King Phisher - Phishing campaign toolkit used for creating and managing multiple simultaneous phishing attacks with custom email and server content.
  • Lucy Phishing Server - (commercial) tool to perform security awareness trainings for employees including custom phishing campaigns, malware attacks etc. Includes many useful attack templates as well as training materials to raise security awareness.
  • PhishingFrenzy - Phishing Frenzy is an Open Source Ruby on Rails application that is leveraged by penetration testers to manage email phishing campaigns.
  • SET - The Social-Engineer Toolkit from TrustedSec
  • Wifiphisher - Automated phishing attacks against Wi-Fi networks

Execution Tools

Attacker-controlled code running on a local or remote system

C2 Frameworks

Communicating with systems under your control within a victim network

  • Browser Exploitation Framework (BeEF) — Recovering web session information and exploiting client-side scripting
  • Brute Ratel - A customized C2 center for Red Team and Adversary Simulation
  • Cobalt Strike — Adversary simulations & red team operations
  • Covenant — .NET C2 framework
  • Emp3R0R - Linux post-exploitation framework
  • GithubC2 - Using Github as a C2
  • HazProne — Cloud Pentesting Framework
  • Lockdoor Framework — Framework that automates pentesting tools
  • Metasploit
  • Notion Term — Embed reverse shell in Notion pages
  • Octopus — Pre-operation C2 server
  • Pacu — Scanning and exploit tools for reconnaissance and exploitation of Amazon Web Service (AWS) accounts
  • Recon-ng — Full reconnaissance framework to conduct open source web-based recon
  • SilentTrinity — Asynchronous, multiplayer, & multiserver C2 framework
  • Silver — Open source cross-platform red team framework
  • Sn1per — All in one pentesting framework
  • Zed Attack Proxy (ZAP) — Scanning tools and scripts for web application and mobile app security testing

Multi-Paradigm Frameworks

  • Armitage - Java-based GUI front-end for the Metasploit Framework.
  • AutoSploit - Automated mass exploiter, which collects target by employing the Shodan.io API and programmatically chooses Metasploit exploit modules based on the Shodan query.
  • Faraday - Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.
  • Habu Hacking Toolkit - Unified set of tools spanning passive reconnaissance, network attacks, social media monitoring, and website fingerprinting.
  • Mad-Metasploit - Additional scripts for Metasploit.
  • Metasploit - Software for offensive security teams to help verify vulnerabilities and manage security assessments.
  • Mobile Security Framework (MobSF) - Automated mobile application pentesting framework capable of static analysis, dynamic analysis, malware analysis, and web API testing.
  • Pupy - Cross-platform (Windows, Linux, macOS, Android) remote administration and post-exploitation tool.
  • Rupture - Multipurpose tool capable of man-in-the-middle attacks, BREACH attacks and other compression-based crypto attacks.

Post-Exploitation

  • CrackMapExec - Multipurpose post-exploitation suite containing many plugins.
  • DBC2 - Multipurpose post-exploitation tool.
  • Empire - PowerShell based (Windows) and Python based (Linux/OS X) post-exploitation framework.
  • EvilOSX - macOS backdoor with docker support.
  • Fathomless - A collection of post-exploitation tools for both Linux and Windows systems.
  • FruityC2 - Open source, agent-based post-exploitation framework with a web UI for management.
  • Koadic - Windows post-exploitation rootkit, primarily utilizing Windows Script Host.
  • PlugBot - Can be installed onto an ARM device for Command & Control use and more.
  • Portia - Automated post-exploitation tool for lateral movement and privilege escalation.
  • ProcessHider - Post-exploitation tool for hiding processes.
  • Pupy - Open source cross-platform post-exploitation tool, mostly written in Python.
  • RemoteRecon - Post-exploitation utility making use of multiple agents to perform different tasks.
  • TheFatRat - Tool designed to generate remote access trojans (backdoors) with msfvenom.arch-project/) - Can be installed onto an ARM device for Command & Control use and more.
  • p0wnedShell - PowerShell based post-exploitation utility utilizing .NET.
  • poet - Simple but multipurpose post-exploitation tool.

Side-channel Tools

  • ChipWhisperer - Complete open-source toolchain for side-channel power analysis and glitching attacks

Persistence Tools

  • [SillyRAT] - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT
  • [Byp4Xx] - Simple Bash Script To Bypass "403 Forbidden" Messages With Well-Known Methods
  • [Arbitrium-RAT] - A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Privilege Escalation Tools

Gaining higher-level permissions on a system or network

Windows Utilities

  • Bloodhound - Graphical Active Directory trust relationship explorer.
  • Commentator - PowerShell script for adding comments to MS Office documents, and these comments can contain code to be executed.
  • DeathStar - Python script that uses Empire's RESTful API to automate gaining Domain Admin rights in Active Directory environments.
  • Empire - Pure PowerShell post-exploitation agent.
  • Fibratus - Tool for exploration and tracing of the Windows kernel.
  • GetVulnerableGPO - PowerShell based utility for finding vulnerable GPOs.
  • Headstart - Lazy man's Windows privilege escalation tool utilizing PowerSploit.
  • Hyena - NetBIOS exploitation.
  • Luckystrike - PowerShell based utility for the creation of malicious Office macro documents.
  • Magic Unicorn - Shellcode generator for numerous attack vectors, including Microsoft Office macros, PowerShell, HTML applications (HTA), or certutil (using fake certificates).
  • Mimikatz - Credentials extraction tool for Windows operating system.
  • PowerSploit - PowerShell Post-Exploitation Framework.
  • PSKernel-Primitives - Exploiting primitives for PowerShell.
  • Redsnarf - Post-exploitation tool for retrieving password hashes and credentials from Windows workstations, servers, and domain controllers.
  • Rubeus - Rubeus is a C# toolset for raw Kerberos interaction and abuses.
  • Sysinternals Suite - The Sysinternals Troubleshooting Utilities.
  • Windows Credentials Editor - Inspect logon sessions and add, change, list, and delete associated credentials, including Kerberos tickets.
  • Windows Exploit Suggester - Suggests Windows exploits based on patch levels.

Linux Utilities

  • Bella - Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS.
  • Linus - Security auditing tool for Linux and macOS.

macOS Utilities

  • LinPeas — Linux Privilege Escalation
  • Linus - Security auditing tool for Linux and macOS.
  • Linux Exploit Suggester - Heuristic reporting on potentially viable exploits for a given GNU/Linux system.
  • Mempodipper - Linux Kernel 2.6.39 < 3.2.2 local privilege escalation script.
  • vuls - Linux/FreeBSD agentless vulnerability scanner.
  • Linux Priv Checker — Enumerate basic system info and search for common privilege escalation vectors

Defense Evasion Tools

Avoiding detection throughout your compromise

  • LOTS Project — Websites that allows attackers to use their domain when conducting phishing, C2, exfiltration, and downloading tools to evade detection

Evade AV/EDR

  • AntiVirus Evasion Tool (AVET) - Post-process exploits containing executable files targeted for Windows machines to avoid being recognized by antivirus software.
  • GPU Poisoning — Hide payload inside GPU memory
  • Hyperion - Runtime encryptor for 32-bit portable executables ("PE .exes").
  • Inceptor — Automate common AV/EDR bypasses
  • PeCloak.py - Automates the process of hiding a malicious Windows executable from antivirus (AV) detection.
  • PeCloakCapstone - Multi-platform fork of the peCloak.py automated malware antivirus evasion tool.
  • Shellter - Dynamic shellcode injection tool, and the first truly dynamic PE infector ever created.
  • SigThief - Stealing signatures to evade AV.
  • UniByAv - Simple obfuscator that takes raw shellcode and generates Anti-Virus friendly executables by using a brute-forcable, 32-bit XOR key.
  • Windows-SignedBinary - AV evasion tool for binary files.

Packet Injection


Wrappers

  • dll4shell - A collection of DLL wrappers around various shellcode injection and obfuscation techniques

Credential Access Tools

Stealing credentials like account names and passwords

Password Attacks

  • CredKing — Launch Password Spraying using AWS Lamba across multiple regions, rotating IPs w/ each request
  • DomainPasswordSpray — Perform password spraying against users in a domain
  • LDAP Nom Nom - Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)
  • Masky - Python library providing an alternative way to remotely dump domain users' credentials thanks to an ADCS
  • [SharpML] - Machine Learning Network Share Password Hunting Toolkit

Hash Cracking

  • CeWL - Generates custom wordlists by spidering a target's website and collecting unique words.
  • CrackStation - Online password cracker.
  • Hashcat - Fast hash cracking utility with support for most known hashes as well as OpenCL and CUDA acceleration.
  • JPassword Recovery Tool - RAR bruteforce cracker. Formery named RAR Crack.
  • JWT Cracker - Simple HS256 JWT token brute force cracker.
  • John the Ripper Jumbo edition - Community enhanced version of John the Ripper.
  • John the Ripper - Fast password cracker.
  • Mentalist - Unique GUI based password wordlist generator compatible with CeWL and John the Ripper.
  • Hash Database — Upload Hashes

Discovery Tools

Observing potential control and what’s around your entry point in order to discover how it could benefit your current objective

  • Barcode Reader - Decode barcodes in C#, VB, Java, C\C++, Delphi, PHP and other languages.
  • LinEnum — Linux Enumeration
  • Linux Exploit Suggester — Assist in detecting security deficiencies for given Linux kernel/Linux-based machine

Network Tools

  • dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.
  • dsniff - Collection of tools for network auditing and pentesting.
  • enumdb - MySQL and MSSQL bruteforce utility
  • FireAway - Firewall audit and security bypass tool.
  • impacket - Collection of Python classes for working with network protocols.
  • Intercepter-NG - Multifunctional network toolkit.
  • kerbrute - A tool to perform Kerberos pre-auth bruteforcing.
  • Low Orbit Ion Cannon (LOIC) - Open source network stress testing tool.
  • Ncat - TCP/IP command line utility supporting multiple protocols.
  • netcut - ARP based utility for discovering and spoofing MAC addresses and enabling/disabling network connectivity on network devices.
  • Network-Tools.com - Website offering an interface to numerous basic network utilities like ping, traceroute, whois, and more.
  • patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
  • pig - GNU/Linux packet crafting tool.
  • Praeda - Automated multi-function printer data harvester for gathering usable data during security assessments.
  • Printer Exploitation Toolkit (PRET) - Tool for printer security testing capable of IP and USB connectivity, fuzzing, and exploitation of PostScript, PJL, and PCL printer language features.
  • routersploit - Open source exploitation framework similar to Metasploit but dedicated to embedded devices.
  • scapy - Python-based interactive packet manipulation program & library.
  • Sockstress - TCP based DoS utility.
  • SPARTA - Graphical interface offering scriptable, configurable access to existing network infrastructure scanning and enumeration tools.
  • Spyse - Web research services that scan the entire internet using OSINT, to simplify the investigation of infrastructure and attack surfaces.
  • Spyse.py - Python API wrapper and command-line client for the tools hosted on spyse.com.
  • THC Hydra - Online password cracking tool with built-in support for many network protocols, including HTTP, SMB, FTP, telnet, ICQ, MySQL, LDAP, IMAP, VNC, and more.
  • UFONet - Layer 7 DDoS/DoS tool.
  • Zarp - Multipurpose network attack tool, both wired and wireless.

Protocol Analyzers & Sniffers

  • Chaosreader - Universal TCP/UDP snarfing tool that dumps session data from various protocols.
  • Dshell - Network forensic analysis framework.
  • Fiddler - Cross platform packet capturing tool for capturing HTTP/HTTPS traffic.
  • Netsniff-ng - Swiss army knife for Linux network sniffing.
  • Tcpdump/libpcap - Common packet analyzer that runs under the command line.
  • Wireshark - Widely-used graphical, cross-platform network protocol analyzer.
  • Yersinia - Packet and protocol analyzer with MITM capability.

Proxies & MITM Tools

  • BetterCAP - Modular, portable and easily extensible MITM framework.
  • dnschef - Highly configurable DNS proxy for pentesters.
  • Ettercap - Comprehensive, mature suite for machine-in-the-middle attacks.
  • evilgrade - Modular framework to take advantage of poor upgrade implementations by injecting fake updates.
  • mallory - HTTP/HTTPS proxy over SSH
  • MITMf - Multipurpose man-in-the-middle framework.
  • mitmproxy - Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
  • Morpheus - Automated ettercap TCP/IP Hijacking tool.
  • Responder-Windows - Windows version of the above NBT-NS/LLMNR/MDNS poisoner.
  • Responder - Open source NBT-NS, LLMNR, and MDNS poisoner.
  • SSH MITM - Intercept SSH connections with a proxy; all plaintext passwords and sessions are logged to disk.

Wireless Network Tools

  • Aircrack-ng - Set of tools for auditing wireless networks.
  • BetterCAP - Wifi, Bluetooth LE, and HID reconnaissance and MITM attack framework, written in Go.
  • Fluxion - Suite of automated social engineering based WPA attacks.
  • Kismet - Wireless network discovery tool.
  • MANA Toolkit - Rogue AP and man-in-the-middle utility.
  • NetStumbler - WLAN scanning tool.
  • WiFi Pumpkin - All in one Wi-Fi exploitation and spoofing utility.
  • wifi-pickle - Fake access point attacks.
  • Wifite - Automated wireless attack tool.

TLS Tools

  • SMTP TLS Checker - Online TLS/SSL testing suite for SMTP servers.
  • SSL Labs - Online TLS/SSL testing suite for revealing supported TLS/SSL versions and ciphers.
  • SSLscan - Quick command line SSL/TLS analyzer.
  • SSLyze - Fast and comprehensive TLS/SSL configuration analyzer to help identify security mis-configurations.
  • crackpkcs12 - Multithreaded program to crack PKCS#12 files (.p12 and .pfx extensions), such as TLS/SSL certificates.
  • spoodle - Mass subdomain + POODLE vulnerability scanner.
  • tlssled - Comprehensive TLS/SSL testing suite.

Cryptography

  • FeatherDuster - Analysis tool for discovering flaws in cryptography.
  • rsatool - Tool for calculating RSA and RSA-CRT parameters.
  • xortool - XOR cipher analysis tool.

Lateral Movement Tools

Pivoting through multiple systems and accounts to gain additional access

  • [Forbidden] - Bypass 4Xx HTTP Response Status Codes
  • Neo-reGeorg -- Used for HTTP(S) Tunneling

Collection Tools

Gathering information relevant to following through on the adversary's objectives

  • ICMPDoor - Open-source reverse-shell written in Python3 and scapy
  • iodined - DNS Tunneling
  • Data Exfiltration Toolkit (DET) - Proof of concept to perform data exfiltration using either single or multiple channel(s) at the same time.
  • dnsteal - Fake DNS server for stealthily extracting files.
  • HTTPTunnel - Tunnel data over pure HTTP GET/POST requests.
  • Iodine - Tunnel IPv4 data through a DNS server; useful for exfiltration from networks where Internet access is firewalled, but DNS queries are allowed.
  • MailSniper - Search through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.).
  • mallory - HTTP/HTTPS proxy over SSH.
  • mimikatz - Credentials extraction tool for Windows operating system.
  • mimikittenz - Post-exploitation PowerShell tool for extracting data from process memory.
  • PANHunt - Search file systems for credit cards.
  • PassHunt - Search file systems for passwords.
  • ptunnel-ng - Tunnel IPv4 traffic through ICMP pings; slow but stealthy when normal IP exfiltration traffic is blocked.
  • pwnat - Punches holes in firewalls and NATs.
  • spYDyishai - Local Google credentials exfiltration tool, written in Python.
  • tgcd - Simple Unix network utility to extend the accessibility of TCP/IP based network services beyond firewalls.

Impact

Disrupting availability, compromising integrity by manipulating business and operational processes


Remediation / Reporting

  • [PeTeReport] - An Open-Source Application Vulnerability Reporting Tool

Cloud Pentesting

AWS


GCP


Azure


Misc Cloud


Active Directory


Compilation of Tools


Python


Wireless Pentesting


Car Hacking


Adversary Emulation

  • APTSimulator - A Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised.
  • Atomic Red Team](https://github.com/redcanaryco/atomic-red-team) - Small and highly portable detection tests mapped to the Mitre ATT&CK Framework.
  • AutoTTP - Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers.
  • Blue Team Training Toolkit](https://www.bt3.no/) - Software for defensive security training, which will bring your network analysis training sessions, incident response drills and red team engagements to a new level.
  • Caldera - an automated adversary emulation system that performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge](ATT&CK™) project.
  • DumpsterFire - The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations.
  • Metta - An information security preparedness tool to do adversarial simulation.
  • Network Flight Simulator - flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility.
  • Red Team Automation ](https://github.com/endgameinc/RTA) - RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
  • RedHunt-OS - A virtual machine for adversary emulation and threat hunting.

Defensive Security Tools

NEED TO GO THROUGH

  • Active Countermeasures - Open source tools for countermeasure
  • Cortex - Cortex allows you to analyze observables such as IP and email addresses, URLs, domain names, files or hashes one by one or in bulk mode using a Web interface. Analysts can also automate these operations using its REST API.
  • DNS Blacklist - Detect Blacklisted IPs from your traffic
  • DarkTrace - Cyber AI detection
  • Diffy - a DFIR tool developed by Netflix's SIRT that allows an investigator to quickly scope a compromise across cloud instances (Linux instances on AWS, currently) during an incident and efficiently triaging those instances for followup actions by showing differences against a baseline.
  • Fileintel - Pull intelligence per file hash.
  • Hindsight - Internet history forensics for Google Chrome/Chromium.
  • Imagemounter - Command line utility and Python package to ease the (un)mounting of forensic disk images.
  • Kansa - Kansa is a modular incident response framework in Powershell.
  • Live Forensicator - Powershell script to aid Incidence Response and Live Forensics
  • Netzob - Multipurpose tool for reverse engineering, modeling, and fuzzing communciation protocols.
  • Spidertrap - Trap web crawlers and spiders in dynamically generated webpages
  • Stalk - Collect forensic data about MySQL when problems occur.
  • Stenographer - Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. It stores as much history as it possible, managing disk usage, and deleting when disk limits are hit. It's ideal for capturing the traffic just before and during an incident, without the need explicit need to store all of the network traffic.
  • The CredDefense Toolkit - Detect & Prevent Brute Force attacks
  • Threat Hunter Playbook - Open source project to share detection logic, adversary tradecraft and resources to make detection development more efficient
  • traceroute-circl - traceroute-circl is an extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Responce Center Luxembourg.
  • RaQet - RaQet is an unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system.
  • rastrea2r - allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X.

Static Analyzers

  • Androbugs-Framework - Android program vulnerability analysis tool.
  • Androwarn - Android static code analysis tool.
  • APKinspector - Android APK analysis tool with GUI.
  • bandit - Security oriented static analyser for python code.
  • Brakeman - Static analysis security vulnerability scanner for Ruby on Rails applications.
  • Codebeat (open source) - Open source implementation of commercial static code analysis tool with GitHub integration.
  • Codelyzer - A set of tslint rules for static code analysis of Angular TypeScript projects. You can run the static code analyzer over web apps, NativeScript, Ionic, etc.
  • cppcheck - Extensible C/C++ static analyzer focused on finding bugs.
  • FindBugs - Free software static analyzer to look for bugs in Java code.
  • Icewater - 16,432 free Yara rules.
  • Joint Advanced Defense Assessment for Android Applications (JAADAS) - Multipurpose Android static analysis tool.
  • OWASP Dependency Check - Open source static analysis tool that enumerates dependencies used by Java and .NET software code (with experimental support for Python, Ruby, Node.js, C, and C++) and lists security vulnerabilities associated with the depedencies.
  • pefile - Static portable executable file inspector.
  • Progpilot - Static security analysis tool for PHP code.
  • Quick Android Review Kit (Qark) - Tool for finding security related Android application vulnerabilities.
  • ShellCheck - Static code analysis tool for shell script.
  • smalisca - Android static code analysis tool.
  • sobelow - Security-focused static analysis for the Phoenix Framework.
  • truffleHog - Git repo scanner.
  • Veracode - Commercial cloud platform for static code analysis, dynamic code analysis, dependency/plugin analysis, and more.
  • VisualCodeGrepper - Open source static code analysis tool with support for Java, C, C++, C#, PL/SQL, VB, and PHP. VisualCodeGrepper also conforms to OWASP best practices.
  • Yara - Static pattern analysis tool for malware researchers.

Dynamic Analyzers

  • AndroidHooker - Dynamic Android application analysis tool.
  • Androl4b - Android security virtual machine based on Ubuntu-MATE for reverse engineering and malware analysis.
  • Cheat Engine - Memory debugger and hex editor for running applications.
  • ConDroid - Android dynamic application analysis tool.
  • Cuckoo - Automated dynamic malware analysis tool.
  • DECAF - Dynamic code analysis tool.
  • droidbox - Dynamic malware analysis tool for Android, extension to DECAF.
  • drozer - Android platform dynamic vulnerability assessment tool.
  • idb - iOS app security analyzer.
  • Inspeckage - Dynamic Android package analysis tool.

Hex Editors

  • Cheat Engine - Memory debugger and hex editor for running applications.
  • Frhed - Binary file editor for Windows.
  • HexEdit.js - Browser-based hex editing.
  • Hexinator - World's finest (proprietary, commercial) Hex Editor.

File Format Analysis Tools

  • Hachoir - Python library to view and edit a binary stream as tree of fields and tools for metadata extraction.
  • Kaitai Struct - File formats and network protocols dissection language and web IDE, generating parsers in C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.
  • Veles - Binary data visualization and analysis tool.

Forensic Tools

Memory Analysis

  • Evolve - Web interface for Volatility advanced memory forensics framework.
  • inVtero.net - Windows x64 memory analysis tool.
  • Linux Memory Extractor (LiME) - A Loadable Kernel Module (LKM) allowing for volatile memory extraction of Linux-based systems.
  • Memoryze - Memory forensics software.
  • Microsoft User Mode Process Dumping - Dumps any running Win32 processes memory image on the fly.
  • PMDump - Tool for dumping memory contents of a process without stopping the process.
  • Rekall - Open source tool and library for the extraction of digital artifacts from volatile memory, RAM, samples.
  • Responder PRO - Commercial memory analysis software.
  • Volatility - Advanced memory forensics framework.
  • VolatilityBot - Automation tool utilizing Volatility.
  • VolDiff - Malware Memory Footprint Analysis based on Volatility.
  • WindowsSCOPE - Commercial memory forensics software for Windows systems.

Memory Imaging Tools

  • Belkasoft Live RAM Capturer - A tiny free forensic tool to reliably extract the entire content of the computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system.
  • Linux Memory Grabber - A script for dumping Linux memory and creating Volatility profiles.
  • Magnet RAM Capture - Magnet RAM Capture is a free imaging tool designed to capture the physical memory of a suspect’s computer. Supports recent versions of Windows.
  • OSForensics - OSForensics can acquire live memory on 32bit and 64bit systems. A dump of an individual process’s memory space or physical memory dump can be done.

Incident Response

All in one Incident Response Tools

  • Belkasoft Evidence Center - The toolkit will quickly extract digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, JTAG and chip-off dumps.
  • CimSweep - CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
  • CIRTkit - CIRTKit is not just a collection of tools, but also a framework to aid in the ongoing unification of Incident Response and Forensics investigation processes.
  • Cyber Triage - Cyber Triage remotely collects and analyzes endpoint data to help determine if it is compromised. It’s agentless approach and focus on ease of use and automation allows companies to respond without major infrastructure changes and without a team of forensics experts. Its results are used to decide if the system should be erased or investigated further.
  • Digital Forensics Framework - DFF is an Open Source computer forensics platform built on top of a dedicated Application Programming Interface. DFF proposes an alternative to the aging digital forensics solutions used today. Designed for simple use and automation, the DFF interface guides the user through the main steps of a digital investigation so it can be used by both professional and non-expert to quickly and easily conduct a digital investigations and perform incident response.
  • Doorman - Doorman is an osquery fleet manager that allows remote management of osquery configurations retrieved by nodes. It takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness.
  • Envdb - Envdb turns your production, dev, cloud, etc environments into a database cluster you can search using osquery as the foundation. It wraps the osquery process with a cluster node agent that can communicate back to a central location.
  • Falcon Orchestrator - Falcon Orchestrator by CrowdStrike is an extendable Windows-based application that provides workflow automation, case management and security response functionality.
  • GRR Rapid Response - GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python agent client that is installed on target systems, and a python server infrastructure that can manage and talk to the agent.
  • Kolide Fleet - Kolide Fleet is a state of the art host monitoring platform tailored for security experts. Leveraging Facebook's battle-tested osquery project, Kolide delivers fast answers to big questions.
  • Limacharlie - an endpoint security platform. It is itself a collection of small projects all working together, and gives you a cross-platform, Windows, OSX, Linux, Android and iOS, low-level environment allowing you to manage and push additional modules into memory to extend its functionality.
  • MIG - Mozilla Investigator, MIG, is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.
  • MozDef - The Mozilla Defense Platform, MozDef, seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.
  • nightHawk - the nightHawk Response Platform is an application built for asynchronus forensic data presentation using ElasticSearch as the backend. It's designed to ingest Redline collections.
  • Open Computer Forensics Architecture - Open Computer Forensics Architecture, OCFA, is another popular distributed open-source computer forensics framework. This framework was built on Linux platform and uses postgreSQL database for storing data.
  • Osquery - with osquery you can easily ask questions about your Linux and OSX infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company. Queries in the -incident-response pack - help you detect and respond to breaches.
  • Redline - provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile.
  • The Sleuth Kit & Autopsy - The Sleuth Kit is a Unix and Windows based tool which helps in forensic analysis of computers. It comes with various tools which helps in digital forensics. These tools help in analyzing disk images, performing in-depth analysis of file systems, and various other things.
  • TheHive - TheHive is a scalable 3-in-1 open source and free solution designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
  • X-Ways Forensics - X-Ways is a forensics tool for Disk cloning and imaging. It can be used to find deleted files and disk analysis.
  • Zentral - combines osquery's powerful endpoint inventory features with a flexible notification and action framework. This enables one to identify and react to changes on OS X and Linux clients.

Disk Image Creation Tools

  • AccessData FTK Imager - AccessData FTK Imager is a forensics tool whose main purpose is to preview recoverable data from a disk of any kind. FTK Imager can also acquire live memory and paging file on 32bit and 64bit systems.
  • Bitscout - Bitscout by Vitaly Kamluk helps you build your fully-trusted customizable LiveCD/LiveUSB image to be used for remote digital forensics, or perhaps any other task of your choice. It is meant to be transparent and monitorable by the owner of the system, forensically sound, customizable and compact.
  • GetData Forensic Imager - GetData Forensic Imager is a Windows based program that will acquire, convert, or verify a forensic image in one of the following common forensic file formats.
  • Guymager - Guymager is a free forensic imager for media acquisition on Linux.
  • Magnet ACQUIRE - ACQUIRE by Magnet Forensics allows various types of disk acquisitions to be performed on Windows, Linux, and OS X as well as mobile operating systems.

Evidence Collection Tools

  • Bulk_extractor - bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. Because of ignoring the file system structure, the program distinguishes itself in terms of speed and thoroughness.
  • Cold Disk Quick Response - uses a streamlined list of parsers to quickly analyze a forenisic image file, dd, E01, .vmdk, etc, and output nine reports.
  • Ir-rescue - -ir-rescue - is a Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  • Live Response Collection - The Live Response collection by BriMor Labs is an automated tool that collects volatile data from Windows, OSX, and -nix based operating systems.

Incident Management Tools

  • Cortex XSOAR - Security orchestration tool. Formerly Demisto community edition. Offers full Incident lifecycle management, Incident Closure Reports, team assignments and collaboration, and many integrations to enhance automations, like Active Directory, PagerDuty, Jira and much more.
  • CyberCPR - A community and commercial incident management tool with Need-to-Know built in to support GDPR compliance while handling sensitive incidents.
  • Cyphon - Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow — aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents.
  • FIR - Fast Incident Response, FIR, is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike.
  • RTIR - Request Tracker for Incident Response, RTIR, is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker.
  • SCOT - Sandia Cyber Omni Tracker, SCOT, is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user.
  • Threat_note - A lightweight investigation notebook that allows security researchers the ability to register and retrieve indicators related to their research.

Incident Response Playbooks

  • IR Workflow Gallery - Different generic incident response workflows, e.g. for malware outbreak, data theft, unauthorized access,... Every workflow constists of seven steps: prepare, detect, analyze, contain, eradicate, recover, post-incident handling.
  • IRM - Incident Response Methodologies by CERT Societe Generale.
  • PagerDuty Incident Response Documentation - Documents that describe parts of the PagerDuty Incident Response process. It provides information not only on preparing for an incident, but also what to do during and after.

Linux Forensics Distributions

  • ADIA - The Appliance for Digital Investigation and Analysis, ADIA, is a VMware-based appliance used for digital investigation and acquisition and is built entirely from public domain software. Among the tools contained in ADIA are Autopsy, the Sleuth Kit, the Digital Forensics Framework, log2timeline, Xplico, and Wireshark. Most of the system maintenance uses Webmin. It is designed for small-to-medium sized digital investigations and acquisitions. The appliance runs under Linux, Windows, and Mac OS. Both i386 32-bit and x86_64 versions are available.
  • CAINE - The Computer Aided Investigative Environment, CAINE, contains numerous tools that help investigators during their analysis, including forensic evidence collection.
  • CCF-VM - CyLR CDQR Forensics Virtual Machine, CCF-VM: An all-in-one solution to parsing collected data, making it easily searchable with built-in common searches, enable searching of single and multiple hosts simultaneously.
  • DEFT - The Digital Evidence & Forensics Toolkit, DEFT, is a Linux distribution made for computer forensic evidence collection. It comes bundled with the Digital Advanced Response Toolkit, DART, for Windows. A light version of DEFT, called DEFT Zero, is also available, which is focused primarily on forensically sound evidence collection.
  • NST - Network Security Toolkit - Linux distribution that includes a vast collection of best-of-breed open source network security applications useful to the network security professional.
  • PALADIN - PALADIN is a modified Linux distribution to perform various forenics task in a forensically sound manner. It comes with many open source forensics tools included.
  • Security Onion - Security Onion is a special Linux distro aimed at network security monitoring featuring advanced analysis tools.
  • SIFT Workstation - The SANS Investigative Forensic Toolkit, SIFT, Workstation demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

Linux Evidence Collection

  • FastIR Collector Linux - FastIR for Linux collects different artefacts on live Linux and records the results in csv files.

Log Analysis Tools

  • Logdissect - A CLI utility and Python API for analyzing log files and other data.
  • Lorg - a tool for advanced HTTPD logfile security analysis and forensics.

OSX Evidence Collection

  • Knockknock - Displays persistent items, scripts, commands, binaries, etc., that are set to execute automatically on OSX.
  • Mac_apt - macOS Artifact Parsing Tool - Plugin based forensics framework for quick mac triage that works on live machines, disk images or individual artifact files.
  • OSX Auditor - OSX Auditor is a free Mac OS X computer forensics tool.
  • OSX Collector - An OSX Auditor offshoot for live response.

Process Dump Tools

Honeypot Tools

IDS / IPS

  • AIEngine - Very advanced NIDS.
  • Elastic Stack - Also known as the ELK stack, the combination of Elasticsearch, Logstash, and Kibana, for monitoring and logging.
  • OSSEC - Open source HIDS.
  • Security Onion - Linux distro for monitoring.
  • Snort - Open source NIPS/NIDS.
  • SSHWATCH - SSH IPS.
  • Suricata - Open source NIPS/NIDS.

Timeline tools

  • Highlighter - Free Tool available from Fire/Mandiant that will depict log/text file that can highlight areas on the graphic, that corresponded to a key word or phrase. Good for time lining an infection and what was done post compromise.
  • Morgue - A PHP Web app by Etsy for managing postmortems.
  • Plaso - a Python-based backend engine for the tool log2timeline.
  • Timesketch - open source tool for collaborative forensic timeline analysis.

Windows Evidence Collection

  • AChoir - Achoir is a framework/scripting tool to standardize and simplify the process of scripting live acquisition utilities for Windows.
  • Binaryforay - list of free tools for win forensics.
  • Crowd Response - Crowd Response by CrowdStrike is a lightweight Windows console application designed to aid in the gathering of system information for incident response and security engagements. It features numerous modules and output formats.
  • FastIR Collector - FastIR Collector is a tool that collects different artefacts on live Windows systems and records the results in csv files. With the analyses of these artefacts, an early compromise can be detected.
  • FECT - Fast Evidence Collector Toolkit, FECT, is a light incident response toolkit to collect evidences on a suspicious Windows computer. Basically it is intended to be used by non-tech savvy people working with a journeyman Incident Handler.
  • Fibratus - tool for exploration and tracing of the Windows kernel.
  • IREC - All-in-one IR Evidence Collector which captures RAM Image, $MFT, EventLogs, WMI Scripts, Registry Hives, System Restore Points and much more. It is FREE, lightning fast and easy to use.
  • IOC Finder - IOC Finder is a free tool from Mandiant for collecting host system data and reporting the presence of Indicators of Compromise. Support for Windows only.
  • LOKI - Loki is a free IR scanner for scanning endpoint with yara rules and other indicators.
  • Panorama - Fast incident overview on live Windows systems.
  • PowerForensics - Live disk forensics platform, using PowerShell.
  • PSRecon - PSRecon gathers data from a remote Windows host using PowerShell](v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
  • RegRipper - Regripper is an open source tool, written in Perl, for extracting/parsing information, keys, values, and data from the Registry and presenting it for analysis.
  • TRIAGE-IR - Triage-IR is a IR collector for Windows.

Purple Teaming / Security Training

  • Dockerized Android - A Container-Based framework to enable the integration of mobile components in security training platforms
  • [AzureHunter] - A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365

Governance Risk & Compliance (GRC) Tools

Device Hardening

  • Department of Defense Cyber Exchange: Provides STIGs w/ hardening guidelines for a variety of software and hardware solutions
  • National Checklist Program (NCP): Provided by the NIST, checklists and benchmarks for OSs and applications

Auditing Tools

  • lansweeper — Scan hosts and compiles an asset information database (Asset inventory management)
  • Domain Password Audit Tool (DPAT) — Generate password statistics from hashes from a DC and a password crack file
  • Ping Castle — Assess the security level of the AD based on risk assessment and a maturity framework
  • Domain Audit — Wrapper around PowerView, Impacket, PowerUpSQL and BloodHound to execute a lot of checks

Cloud

Networking


Books

Need to Go Through

InfoSec Books


Red Teaming

  • Red Team Field Manual

Penetration Testing

  • Advanced Penetration Testing: Hacking the World’s Most Secure Networks
  • Hands On Hacking
  • Penetration Testing Essentials
  • Penetration Testing: A Hands-On Introduction to Hacking
  • The Basics of Hacking & Penetration Testing: Ethical Hacking & Penetration Made Easy
  • The Pentester BluePrint: Starting a Career as an Ethical Hacker

Social Engineering

  • Social Engineering: The Science of Human Hacking

Web Applications

  • A Bug Hunter's Diary (Klein)
  • Exploiting Software: How to Break Code (Hoglund and McGraw)
  • Hands-on Web Penetration Testing with Metasploit (Singh and Sharma)
  • Hunting Security Bugs (Gallagher, Landauer, and Jeffries)
  • Professional Pen Testing for Web Applications: Programmer to Programmer (Andreu)
  • Read-World Bug Hunting: A Field Guide to Web Hacking (Yaworski)
  • SQL Injection Attacks and Defense (Clarke et al)
  • Seven Deadliest Web Application Attacks (Shema)
  • The Art of Software Security Assessment (Dowd, McDonald, and Schuh)
  • The Tangled Web: A Guide to Securing Modern Web Applications (Zalewski)
  • Web Penetration Testing with Kali Linux (Najera-Gutierrez and Ansari)

Networking

  • Aggressive Network Self-Defense (Wyler, Potter, and Hurley)
  • Hacking Exposed: Network Security Secrets & Solutions (McClure et al)
  • Silence on the Wire: A Field Guide to Passive Recon and Indirect Attacks (Zalewski)
  • The Hacker's Handbook: Breaking Into & Defending Networks (Young and Aitel)

Specialized

  • Android Hacker's Handbook (Drake et al)
  • Google Hacking for Penetration Testers (Long, Gardner, and Brown)
  • Hacking Exposed Cisco Networks: Cisco Security (Vladimirov et al)
  • iOS Hacker's Handbook (Miller et al)
  • Practical IoT Hacking (Chantzis et al)
  • Securing the Smart Grid: Next Generation Power Grid Security (Flick and Morehouse)
  • Shellcoder's Handbook: Discovering and Exploiting Security Holes (Anley)
  • Social Engineering: The Art of Human Hacking (Hadnagy et al)
  • The Car Hacker's Handbook: A Guide for the Penetration Tester (Smith)
  • The Database Hacker's Handbook: Defending Database Servers (Litchfield et al)
  • The Hardware Hacker: Adventures in Making & Breaking Hardware (Huang)
  • The Mac Hacker's Handbook (Miller and Zovi)
  • The Mobile Application Hacker's Handbook (Chell)
  • Unauthorized Access: Physical Penetration Testing for IT Security Teams (Allsopp)
  • WarDriving and Wireless Penetration Testing (Hurley et al)

Digging Deep

  • A Guide to Kernel Exploitation: Attacking the Core (Perla and Oldani)
  • Advanced Penetration Testing for Highly-Secured Environments (Allen and Cardwell)
  • Advanced Penetration Testing: Hacking the World's Most Secure Networks (Allsopp)
  • Advanced Persistent Threat Hacking: The Art & Science of Hacking (Wrightson)
  • Applied Machine Learning/Neural Networks: Offensive Security (Atkins)
  • Hacking: The Art of Exploitation , 1st or 2nd edition (Jon Erickson)
  • Managed Code Rootkits: Hooking into Runtime Environments (Metula)
  • Ninja Hacking: Unconventional Penetration Testing (Wilhelm and Andress)
  • Rootkits and Bootkits (Matrosov, Rodionov, and Bratus)

Cyber Intelligence


Tool Guide

  • Learning Nessus for Penetration Testing (Kumar)
  • Metasploit Penetration Testing Cookbook (Teixeira, Singh, and Agarwal)
  • Metasploit: The Penetration Tester's Guide (Kennedy)
  • Nmap 6 Cookbook: The Fat-Free Guide to Network Security Scanning (Marsh)
  • Nmap Network Scanning: The Official Nmap Project Guide (Fyodor)
  • Penetration Tester's Open Source Toolkit (Faircloth)

Kali Linux

  • Digital Forensics With Kali Linux
  • Hacking Exposed Linux (ISECOM)
  • Kali Linux Revealed: Mastering the Penetration Testing Distro (Hertzog and O'Gorman)
  • Linux Basics for Hackers: Getting Started with Networking, Scripting, & Security in Kali
  • Linux Command Line and Shell Scripting Bible (Blum and Bresnahan)
  • Linux Shell Scripting Cookbook (Flynt, Lakshman, and Tushar)
  • The Linux Command Line: A Complete Introduction (Shotts)
  • Wicked Cool Shell Scripts (Taylor and Perry)

Real-World

  • American Kingpin
  • Black Software
  • The Hacked World Order
  • The Shadow Factory
  • You Have A Very Soft Voice, Susan: A Shocking True Story of Internet Stalking

Python

  • Black Hat Python
  • Cryptography With Python
  • Grey Hat Python
  • Violent Python

Dark Web

  • Burners & Black Markets
  • Dark Web Investiagtions (Security Informatics & Law Enforcement)
  • Inside The Dark Web
  • Tor & The Dark Web

Fiction

  • The cuckoos egg
  • CyberStorm: World War C

Story Telling

  • Countdown to Zero Day: Stuxnet (Zetter)
  • Dark Territory: The Secret History of Cyber War (Kaplan)
  • Dissecting the Hack: The F0rb1dd3n Network (Street, Nabors, and Baskin)
  • Fatal System Error: Hunt for the New Crime Lords Bringing Down the Internet (Menn)
  • Ghost in the Wires: My Adventures as the World's Most Wanted Hacker (Mitnick)
  • Hackers & Painters: Big Ideas from the Computer Age (Graham)
  • How to Hack Like a Pornstar: Breaking into a Bank (Sparc Flow)
  • I, Robot (Asimov)
  • Inside Cyber Warfare: Mapping the Cyber Underworld (Carr)
  • Kingpin (Poulsen)
  • Neuromancer (Gibson)
  • Nineteen Eighty-Four (1984) (Orwell)
  • No Place to Hide: Snowden, the NSA, and the U.S. Surveillance State (Greenwald)
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage (Stoll)
  • The Girl with the Dragon Tattoo (Larsson)
  • The Hitchhiker's Guide to the Galaxy (Adams)
  • The Lure (Schroeder)
  • Zero Day: The Threat in Cyberspace (The Washington Post and O'Harrow)

Bug Hunting

  • A bug hunter’s diary
  • Real-World Bug Hunting

IoT

  • Practical IoT Hacking

Quantum

  • Quantum Computing Fundamentals
  • Quantum Physics and The Power of the Mind: 5 BOOKS IN 1

Cryptography

  • Cryptography Engineering: Design Principles and Practical Applications
  • Real-World cryptography
  • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography

Law

  • Cyberlaw: Software and Computer Networks
  • Damage Control: Cyber Insurance and Compliance
  • The 2020 Cyber Security & Cyber Law Guide

Cybersecurity

  • Cyber Breach Response That Actually Works
  • Cyber Mercenaries: The State, Hackers, and Power
  • CyberSpace
  • CyberStorm
  • Extreme Privacy: What It Takes to Disappear
  • Find Me (series)
  • Little brother
  • Security Testing with Raspberry Pi
  • Stealing the network
  • The 8 Layers of the OSI Cake: A Forensic Taste of Each Layer (Cyber Secrets)
  • The Smartest Person in the Room
  • The Tribe of Hacker (Series)
  • The hackers playbook (series)
  • We Are Anonymous

Malware

  • Antivirus Bypass Techniques
  • Learning Malware Analysis
  • Practical Malware Analysis
  • The Art of Memory Forensics: Detecting Malware & Threats in Windows, Linux & Mac Memory

Finance Books

  • I Will Teach You To Be Rich
  • Rich Dad Poor Dad
  • The Psychology of Money
  • The Richest Man in Babylon
  • The Simple Path to Wealth
  • Your Money or Your Life

Psychology Books

  • Dark Pyschology & Manipulation: 10 In 1
  • Designing The Mind: The Principles of Psychitecture
  • 48 Laws of Power

Miscellaneous Books

  • Adversarial Tradecraft in Cybersecurity
  • Black Hat Go
  • Extreme Ownership by Jocko Willink / Leif Babin
  • Hacker Disassembling Uncovered
  • How to Measure Anything in Cybersecurity
  • Security Warrior
  • Shellcoders Handbook
  • Traction by Gino Wickman

Education / Bootcamps / Programs / Certification Material

Bootcamps & Programs

Threat Intelligence Platforms

Cloud Pentesting

  • AWS Vulnerable

Information Security Certifications

Security Training Platforms

Offensive Development

Defense

Azure

Methodologies

Documentaries

Social Engineering Articles

Resource Compilation

Offense Security

Bug Hunting

Powershell Automation

Privacy

Cybersecurity Maps, Domains, etc

(https://s3-us-west-2.amazonaws.com/secure.notion-static.com/087527b0-f437-4255-8b00-0bc69c7dcd73/Untitled.png)

Security News — Stay Updated On Relevant Attacks & Other Infosec News

  • Microsoft

Specific Articles

CVEs

Apple

Freelancing Sites

Support Organizations

Black Tech Organizations

Conferences

  • (ISC)2 Secure Event Series
  • 44CON London
  • 44Con
  • AFCEA Defensive Cyber Operations Symposium
  • AppSec United States](OWASP National Conference)
  • AppSecUSA
  • Atlantic Security Conference](AtlSecCon)
  • BSides
  • BSides Event Series
  • BalCCon
  • Black Hat
  • Black Hat United States
  • BruCON
  • CCC
  • CISO Executive Summit Series](Invite-only)
  • CSO50 Conference
  • CanSecWest
  • CarolinaCon
  • Cyber Threat Intelligence Summit
  • DEF CON
  • DeepSec
  • DefCamp
  • DerbyCon
  • DerbyCon 8.0
  • Ekoparty
  • FIRST Conference
  • FSec
  • HACKMIAMI
  • HITB
  • HOPE
  • Hack.lu
  • Hack3rCon
  • Hacker Halted - Optionally includes certification-specific training
  • IANS Information Security Forums
  • IAPP Global Privacy Summit
  • IEEE Symposium on Security & Privacy
  • ISACA Cyber Security Nexus
  • ISF Annual World Congress
  • ISSA CISO Executive Forum Series
  • ISSA International Conference
  • Ignite
  • Infiltrate
  • InfoSec Southwest
  • InfoSec World
  • Infosecurity Europe
  • Infosecurity Europe
  • Infosecurity North America
  • LayerOne
  • Nullcon
  • Nullcon Conference
  • Open Security Summit
  • PhreakNIC
  • RSA Conference United States
  • SANS Annual Conference
  • SANS Pen Test Annual Conferences
  • SANS Security Annual Conferences
  • SECUINSIDE
  • SOURCE Annual Conferences
  • SecTor Canada
  • Secure360 Conference
  • SecureWorld
  • Securi-Tay
  • Security Operations Summit & Training
  • ShmooCon
  • SkyDogCon
  • SummerCon
  • Swiss Cyber Storm
  • ThotCon
  • USENIX Security Symposium
  • Virus Bulletin Conference
  • conINT
  • secureCISO

Cybersecurity Apparel

Blogging

About

Infosec Compilation is an information security repository for offensive, defensive, and purple-teaming resources, along with guides designed for advanced penetration testing tactics, techniques, and procedures (TTPs) based on the MITRE framework

Resources

Readme
Activity

Stars

18 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published