Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Great security list for fun and profit

NotificationsYou must be signed in to change notification settings

zbetcheckin/Security_list

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 

Repository files navigation

Inspired byhttp://www.nothink.org/utilities.php

Table of Contents

Awesome lists 👍

NameURL
Androidhttps://github.com/ashishb/android-security-awesome
Curated list of awesome listshttps://github.com/sindresorhus/awesome
Fuzzinghttps://github.com/secfigo/Awesome-Fuzzing
Hacking listhttps://github.com/Hack-with-Github/Awesome-Hacking ⭐⭐⭐
Honeypotshttps://github.com/paralax/awesome-honeypots
Incident responsehttps://github.com/meirwah/awesome-incident-response/ ⭐⭐
Indicators of compromisehttps://github.com/sroberts/awesome-iocs
Info sechttps://github.com/rmusser01/Infosec_Reference
Malware analysishttps://github.com/rshipp/awesome-malware-analysis/ ⭐⭐⭐
Personal Securityhttps://github.com/Lissy93/personal-security-checklist
Red teamhttps://github.com/yeyintminthuhtut/Awesome-Red-Teaming
Reversinghttps://github.com/fdivrp/awesome-reversing
Securityhttps://github.com/sbilly/awesome-security
Threat intelligencehttps://github.com/hslatman/awesome-threat-intelligence
Webhttps://github.com/qazbnm456/awesome-web-security/https://github.com/infoslack/awesome-web-hacking

Books 📚

NameURL
Free programming bookshttps://github.com/EbookFoundation/free-programming-books
Recommended Readinghttp://dfir.org/?q=node/8

Bug bounty 🍫

NameURL
Bounty factoryhttps://bountyfactory.io
Bugcrowdhttps://bugcrowd.com/programs
Googlehttps://www.google.com/about/appsecurity/reward-program/
HackerOnehttps://hackerone.com
List of bug bountyhttps://www.bugcrowd.com/bug-bounty-list/
Microsofthttps://technet.microsoft.com/en-us/security/dn425036
Open bug bountyhttps://www.openbugbounty.org/
Programs and write-upshttps://github.com/djadmin/awesome-bug-bounty
Write-upshttps://github.com/ngalongc/bug-bounty-reference
Zerodiumhttps://www.zerodium.com/ 💰:trollface:

Cheat sheets 👍

NameURL
General cheat sheetshttp://www.cheat-sheets.org/
Owasp serieshttps://github.com/OWASP/CheatSheetSeries ⭐⭐
Packet lifehttp://packetlife.net/library/cheat-sheets/
Penetration testhttps://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
Pentest monkeyhttp://pentestmonkey.net
SANS Forensichttps://digital-forensics.sans.org/community/cheat-sheets
Security Onionhttps://github.com/Security-Onion-Solutions/security-onion/wiki/Cheat-Sheet
Zeltser's cheat sheets listhttps://zeltser.com/cheat-sheets/

CTF 🚩

NameURL
Awesome CTFhttps://github.com/apsdehal/awesome-ctf ⭐⭐
CTFd platformhttps://github.com/CTFd/CTFd
CTF PADhttps://github.com/StratumAuhuur/CTFPad
CTF TIMEhttps://ctftime.org/
Mellivora platformhttps://github.com/Nakiami/mellivora
Platform listhttps://github.com/We5ter/Awesome-Platforms/blob/master/CTF-Platforms.md
Reddithttps://www.reddit.com/r/securityctf
Tools listhttps://github.com/Laxa/HackingTools
Tools listhttps://github.com/zardus/ctf-tools
Write-upshttps://github.com/ctfs

Decoder/Converter/Beautifier:hurtrealbad:

NameURL
Code beautifierhttp://codebeautify.org/
Converterhttps://github.com/koczkatamas/koczkatamas.github.io
Cyber Chefhttps://gchq.github.io/CyberChef/ 🍴⭐⭐⭐
JSUnpackhttps://github.com/urule99/jsunpack-n
JSBeautifierhttp://jsbeautifier.org/
Jjencodehttp://utf-8.jp/public/jjencode.html
JS deobfuscatehttps://github.com/sevzero/honeybadger
VB code beautifierhttp://www.vbindent.com/

Domain name Research / Analysis / Reputation 📉

NameURL
Archivehttps://archive.is/
Archivehttps://web.archive.org/
BGP Toolkithttp://bgp.he.net/
Biggest DNS historyhttps://securitytrails.com/list/ip/$IP
Cache pagehttp://www.cachedpages.com/
Cache viewhttp://cachedview.com/
Checking multiple blocklistshttp://rbls.org/
DGA introhttps://en.wikipedia.org/wiki/Domain_generation_algorithm
DNS Blacklistshttps://raw.githubusercontent.com/zbetcheckin/DNSBLs/master/active_dnsbls.txt
DNS dumpsterhttps://dnsdumpster.com/
DNS Propagation Checkerhttps://www.whatsmydns.net/
DNS stuffhttp://www.dnsstuff.com/
Domain analysis listhttps://github.com/rshipp/awesome-malware-analysis/#domain-analysis
Domain hijacking introhttps://en.wikipedia.org/wiki/Domain_hijacking
Expired domainhttps://www.expireddomains.net/backorder-expired-domains/
Googlehttps://www.google.com/transparencyreport/safebrowsing/diagnostic/
Into dnshttp://www.intodns.com/
Multi RBLhttp://multirbl.valli.org/lookup/
MXToolBoxhttps://mxtoolbox.com/SuperTool.aspx#
Netcrafthttp://www.netcraft.com/
Reverse Whoishttps://reversewhois.domaintools.com/
Robtexhttps://www.robtex.com/dns/
Sucurihttp://sitecheck.sucuri.net/scanner/
TCP utilshttp://www.tcpiputils.com/
Threat loghttp://www.threatlog.com/
Threat minerhttps://www.threatminer.org/
Top-Level Domains listhttps://data.iana.org/TLD/tlds-alpha-by-domain.txt
Trusted sourcehttp://www.trustedsource.org/
URL Queryhttp://urlquery.net/
URL scanhttps://urlscan.io/
URL shorter listhttps://mirror1.malwaredomains.com/files/url_shorteners.txt
URL Voidhttp://www.urlvoid.com/
Virus totalhttps://www.virustotal.com/#url
Whois - ARINhttps://whois.arin.net/
Whois - LACNIChttp://lacnic.net/cgi-bin/lacnic/whois
Whois - RIPE NCChttps://apps.db.ripe.net/search/query.html
Whois - AFRINIChttp://www.afrinic.net/fr/services/whois-query
Whois - APNIChttp://wq.apnic.net/apnic-bin/whois.pl
Whois by registrant namehttp://viewdns.info/reversewhois/
Zeltser's listhttps://zeltser.com/lookup-malicious-websites/

Exploits and vulnerabilities 🚪

NameURL
CVEdetailshttp://www.cvedetails.com/
CVE.mitrehttps://cve.mitre.org/
Full disclosurehttp://seclists.org/fulldisclosure/
See bughttps://www.seebug.org/
CXSecurityhttps://cxsecurity.com/
Inj3ct0rhttp://0day.today/
Packet Stormhttps://packetstormsecurity.com/files/tags/exploit/
Exploit-dbhttp://www.exploit-db.com
Vulnerability-labhttp://www.vulnerability-lab.com/
Vulndbhttps://vuldb.com/?archive.2016
Vulnershttps://vulners.com/search?query=order:published
Backdoor - TCP-32764https://github.com/elvanderb/TCP-32764
Rapid7 DBhttps://www.rapid7.com/db/modules/
NISThttp://web.nvd.nist.gov/
Security focushttp://www.securityfocus.com/vulnerabilities
Country compatibilityhttps://cve.mitre.org/compatible/country.html
Mailing listhttps://nmap.org/mailman/listinfo/fulldisclosure
Mail receivedhttp://lists.openwall.net/full-disclosure/2016/
Mailing listhttp://seclists.org/
Mailing listhttps://lists.debian.org/debian-security-announce/
CVSS FIRSThttps://www.first.org/cvss/calculator/3.0
CVSS NISThttps://nvd.nist.gov/cvss/v3-calculator

Forensic 🔍

NameURL
Aldeid listhttps://www.aldeid.com/wiki/Category:Digital-Forensics
Awesome forensichttps://github.com/Cugu/awesome-forensics
CFReDShttp://www.cfreds.nist.gov/
DFRWS challengehttp://www.dfrws.org/dfrws-forensic-challenge-2016
File signatureshttps://en.wikipedia.org/wiki/List_of_file_signatures
File signatureshttp://www.filesignatures.net/index.php?page=all
File signatureshttp://www.garykessler.net/library/file_sigs.html
Forensic kb practicalhttp://www.forensickb.com/2008/01/forensic-practical.html
Forensic toolshttps://forensics.cert.org/
Forensic - Technical graphhttp://www.amanhardikar.com/mindmaps/ForensicChallenges.html
Learn with David Cowenhttps://www.youtube.com/channel/UCZ7mQV3j4GNX-LU1IKPVQZg
Package - DEFThttp://www.deftlinux.net/package-list/
Package - forensic-allhttps://packages.debian.org/stretch/forensics-all ⭐⭐
Testing Imageshttp://dftt.sourceforge.net/
Tools - DFIRhttp://www.dfir.training/index.php/tools/
Tools - Forensics wikihttp://forensicswiki.org/wiki/Tools
Tools - NISThttps://toolcatalog.nist.gov/taxonomy/index.php
Windows toolshttps://ericzimmerman.github.io/
Windows tools listhttp://forensic-proof.com/tools
Windows Artifacthttps://blogs.sans.org/computer-forensics/
Write blockerhttp://www.cftt.nist.gov/software_write_block.htm
Write blockerhttps://github.com/msuhanov/Linux-write-blocker
Zythom listhttps://zythom.blogspot.se/2007/02/les-outils-dun-expert-judiciaire.html 🇫🇷

Free shell 🐚

NameURL
FreeShells listhttp://www.freeshells.info/
Red-pillhttp://shells.red-pill.eu/

Fun:trollface:

NameURL
Akamai maphttps://www.akamai.com/us/en/resources/visualizing-akamai/real-time-web-monitor.jsp 🌎
BGP streamhttps://bgpstream.com/ 🌎
Bitdefender maphttps://threatmap.bitdefender.com/ 🌎
Blueliv maphttps://community.blueliv.com/map/ 🌎
Checkpoint maphttps://threatmap.checkpoint.com/ 🌎
DDoS attackshttp://www.digitalattackmap.com/:trollface:
Dead dropshttps://deaddrops.com/db/ 💾💀
Dshield maphttps://dshield.org/threatmap.html 🌎
Eset maphttp://www.virusradar.com/ 🌎
Fire eye maphttps://www.fireeye.com/cyber-map/threat-map.html 🌎
Flight radarhttps://www.flightradar24.com✈️
Fortinet maphttps://threatmap.fortiguard.com/ 🌎
HE mapshttps://he.net/3d-map/ 🌎
Kaspersky AV maphttps://cybermap.kaspersky.com/ 🌎
Kaspersky maphttps://apt.securelist.com/ 🌎
Mozilla location service maphttps://location.services.mozilla.com/map 🌎
Open IP video camerashttp://www.insecam.org/ 📹🙈
Pwnie Awardshttp://pwnies.com/nominations/ 🐴
Sub marine cablehttp://www.submarinecablemap.com/
Sub marine cablehttp://submarine-cable-map-2016.telegeography.com/
Sub marine cablehttp://lifewinning.com/submarine-cable-taps/
Threat butthttps://threatbutt.com/map/ 🌎🤡
Tor flow maphttps://torflow.uncharted.software 🌎
Trendmicro maphttps://botnet-cd.trendmicro.com/ 🌎
World of VNChttps://worldofvnc.net/ 🎅

Generic utilities 📁

Will be reorganized

NameURL
Abuse Contact DBhttps://www.abusix.com/contactdb 📕
CERT teamshttps://www.first.org/about/organization/teams
Citizen labhttps://citizenlab.org/
Code analysiseshttps://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
Codepadhttp://codepad.org/
Crypto currencyhttps://coinmarketcap.com
Deepwebhttps://www.reddit.com/r/deepweb/
Electronic Frontier Foundationhttps://www.eff.org/
Face generatorhttps://www.thispersondoesnotexist.com/
Fake IDhttp://www.fakenamegenerator.com/
Hackforumhttp://hackforums.net/:trollface:
Hardened BSDhttps://hardenedbsd.org/content/easy-feature-comparison
Hashes examplehttps://hashcat.net/wiki/doku.php?id=example_hashes
Mibbithttp://www.mibbit.com/
Microsoft threathttp://www.microsoft.com/security
MIME typeshttps://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Complete_list_of_MIME_types
MIME typeshttps://slick.pl/kb/htaccess/complete-list-mime-types/
MIME typeshttps://www.iana.org/assignments/media-types/media-types.xhtml
Mindmapshttp://www.amanhardikar.com/mindmaps.html ⭐⭐⭐
Random data generatorhttp://www.mockaroo.com/
Sanshttp://isc.sans.edu/diary/ ⭐⭐
Security wikihttp://oss-security.openwall.org/wiki/
Understand your commandshttps://explainshell.com/

GNU/Linux

NameURL
Chkrootkithttps://packages.debian.org/en/jessie/chkrootkit
Command collectionhttps://github.com/tuwid/GNU-Linux-OpsWiki
Debsecanhttps://packages.debian.org/en/jessie/debsecan
GNU/Linux containershttps://github.com/Friz-zy/awesome-linux-containers#security
GNU/Linux executable walkthroughhttps://i.imgur.com/q5nyHp7.png
GNU/Linux post exploitationhttps://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
GNU/Linux workstationhttps://github.com/lfit/itpol/blob/master/linux-workstation-security.md ⭐⭐
Kernel exploitationhttps://github.com/xairy/linux-kernel-exploitation
Lynishttps://packages.debian.org/en/jessie/lynis
RE 101https://github.com/michalmalik/linux-re-101
RKhunterhttps://packages.debian.org/en/jessie/rkhunter
Securing debianhttps://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html
Vulnerability scannerhttps://github.com/future-architect/vuls

Honeypots 🍯

NameURL
Awesome list - All of them !https://github.com/paralax/awesome-honeypots#honeypots ⭐⭐
Honeynethttps://honeynet.org/project
Live nothinkhttp://www.nothink.org/honeypots.php

IP Research / Analysis / Investigation

NameURL
Abuse IP DBhttps://www.abuseipdb.com/
BGP Toolkithttp://bgp.he.net/
Bing dorkip:$IP
Black List Alerthttp://www.blacklistalert.org/
Black List Checkhttp://whatismyipaddress.com/blacklist-check/
Check hosthttp://check-host.net/
FireHOL IP listhttps://github.com/firehol/blocklist-ipsets
Google dork"$IP"
Host filehttps://hosts-file.net/
IP voidhttp://www.ipvoid.com/
Multi RBLhttp://multirbl.valli.org/lookup/
Nirsoft country IPhttp://www.nirsoft.net/countryip/
Project Honeypothttps://www.projecthoneypot.org/search_ip.php
RIPE stathttps://stat.ripe.net/
Spamhaushttps://www.spamhaus.org/lookup/
Virus totalhttps://www.virustotal.com/gui/search/$IP
Whatch Guardhttp://www.reputationauthority.org/

Leak / Defaced 🚑

NameURL
Biggest db leakshttps://cdn.databases.today/
Breach alarmhttps://breachalarm.com/
Darknet leakshttps://darknetleaks.ru/archive/leaked/dumps/
Hacked emailshttps://hacked-emails.com/
Have I been pwnedhttps://haveibeenpwned.com/
Isithackedhttp://www.isithacked.com
Leakedinhttp://www.leakedin.com/
Siph0nhttps://twitter.com/datasiph0n
Zone-Hhttps://zone-h.org/

Learning / Exercises 🎓

NameURL
Awesome traininghttp://opensecuritytraining.info/Training.html ⭐⭐
Cybrary traininghttps://www.cybrary.it/
Essential basicshttps://github.com/alex/what-happens-when ⭐⭐
Exploitshttps://thesprawl.org/research/
F-Secure traininghttps://moocfi.github.io/courses/2017/cybersecurity/
Malware Analysis coursehttps://github.com/RPISEC/Malware ⭐⭐
Malware traffic traininghttp://www.malware-traffic-analysis.net/training-exercises.html
Practical analysishttps://practicalmalwareanalysis.com/labs/
Reverse - Malwarehttp://fumalwareanalysis.blogspot.se/p/malware-analysis-tutorials-reverse.html
Security courseshttps://bitvijays.github.io/
Security traininghttps://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Courses_Training.md
Security talkshttps://github.com/PaulSec/awesome-sec-talks

Lock picking 🔐

NameURL
Awesome lockpickinghttps://github.com/meitar/awesome-lockpicking
Lock pick guidehttp://lockpickguide.com
Bosnianbill videohttps://www.youtube.com/user/bosnianbill/videos
Lock labhttps://lock-lab.com/
Lock wikihttp://www.lockwiki.com/

Mail utilities 📬

NameURL
10 Minute Mailhttp://10minutemail.com
DNSBLhttps://en.wikipedia.org/wiki/DNSBL
DKIM validatorhttp://dkimvalidator.com/
Email reconhttps://github.com/laramies/theHarvester
Get air mailhttp://en.getairmail.com/
Google Phishing quizhttps://phishingquiz.withgoogle.com/ ⭐📧📊
Gophishhttps://github.com/gophish/gophish
Mailinatorhttps://www.mailinator.com/ #https://gist.github.com/nocturnalgeek/1b8fa44283314544c487
Mailnesiahttp://mailnesia.com/
Mailcatchhttp://mailcatch.com/
Mxtoolboxhttp://www.mxtoolbox.com/
Open phishhttps://openphish.com/
Openresolver JPhttp://www.openresolver.jp/en/
Phishing Frameworkhttps://github.com/pentestgeek/phishing-frenzy
Phish tankhttp://www.phishtank.com/
SimplyEmailhttps://github.com/killswitch-GUI/SimplyEmail
Spam DBhttp://www.dnsbl.info/dnsbl-database-check.php
Spam encode secrethttp://spammimic.com/encode.cgi
SpeedPhish Frameworkhttps://github.com/tatanus/SPF
Yop mailhttp://www.yopmail.com/

Malicious traffic detection 🚦

NameURL
10 strategies cyber ops centerpr-13-1028-mitre-10-strategies-cyber-ops-center.pdf
Awesome threat detectionhttps://github.com/0x4D31/awesome-threat-detection
Maltrailhttps://github.com/stamparm/maltrail
Packetbeathttps://www.elastic.co/products/beats/packetbeat
p0fhttp://lcamtuf.coredump.cx/p0f3/
Tsusenhttps://github.com/stamparm/tsusen

Malware / Botnet sources 👼

NameURL
0btemoslab trackerhttp://tracker.0btemoslab.com/
Abuse CHhttps://www.abuse.ch/
Benkow.cc trackerhttp://benkow.cc/
Botnet.frhttps://www.botnets.fr/wiki/Main_Page
Clean MXhttp://support.clean-mx.de/clean-mx/viruses.php
Contagiohttp://contagiodump.blogspot.se/
Custom Google search enginehttps://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu (from Corey Harrell)
Cybercrime trackerhttp://cybercrime-tracker.net/
Dont need coffeehttp://malware.dontneedcoffee.com/
Exposed Botnetshttp://www.exposedbotnets.com/
H3X trackerhttp://tracker.h3x.eu/
Malc0dehttp://malc0de.com/database/
No more ransomhttps://www.nomoreransom.org/
Kernel modehttp://www.kernelmode.info
Malware domain listhttp://www.malwaredomainlist.com
Malware domain blocklisthttp://www.malwaredomains.com
Malware museumhttps://archive.org/details/malwaremuseum
Malware srchttps://malwares.github.io/
Malware.luhttps://malware.lu/
Mirai trackerhttps://mirai.security.gives/
MISPhttps://github.com/MISP/MISP
Ransomware overviewhttps://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
Ransomware simulatorhttps://shinolocker.com/
Ransomware trackerhttps://ransomwaretracker.abuse.ch/tracker/
SafeGrouphttp://www.malware.pl/ -https://www.scumware.org/
Structured Threat Information eXpressionhttps://stixproject.github.io/
The Zoo aka Malware DBhttps://ytisf.github.io/theZoo/
Total hashhttps://totalhash.cymru.com/
VirusBayhttps://beta.virusbay.io/
VirusSharehttps://virusshare.com/
VX Vaulthttp://vxvault.net/
Yararuleshttps://github.com/Yara-Rules/rules
ZeuS Trackerhttps://zeustracker.abuse.ch

Malware analysis - Sandbox 😷

NameURL
Zeltser's listhttps://zeltser.com/automated-malware-analysis/
Cuckoo Sandboxhttps://www.cuckoosandbox.org/
Mastiffhttps://github.com/KoreLogicSecurity/mastiff
Fastirhttps://github.com/SekoiaLab/Fastir_Collector
SysAnalyserhttps://github.com/dzzie/SysAnalyzer
Viperhttps://github.com/viper-framework/viper
REMnuxhttp://zeltser.com/remnux/
Zeltser analysishttp://zeltser.com/reverse-malware/automated-malware-analysis.html
Manalyzehttps://github.com/JusticeRage/Manalyze
Quarkslab IRMAhttp://irma.quarkslab.com/
Dorothy2https://github.com/m4rco-/dorothy2
F-Secure seehttps://github.com/F-Secure/see
Noribenhttps://github.com/Rurik/Noriben
Malheurhttps://github.com/rieck/malheur
Drakvufhttps://github.com/tklengyel/drakvuf
Zero Wine Tryoutshttp://zerowine-tryout.sourceforge.net/
RFI sandboxhttps://monkey.org/~jose/software/rfi-sandbox/
Malwasmhttps://github.com/malwarelu/malwasm

Malware analysis - Sandbox - Online 😷

NameURL
Any.runhttps://any.run/
AVcaesarhttps://avcaesar.malware.lu/
Capehttps://cape.contextis.com/
Comodohttps://cit.valkyrie.comodo.com/
Hybrid analysishttps://www.hybrid-analysis.com/
ID Ransomwarehttps://id-ransomware.malwarehunterteam.com/
Jottihttp://virusscan.jotti.org/it
Joe sandboxhttps://www.joesandbox.com/
Malwareconfighttp://malwareconfig.com/
Malware trackerhttp://www.cryptam.com/
Malwr - Cuckoohttps://malwr.com/
Other listhttp://cleanbytes.net/malware-online-scanners
PDF examinerhttp://www.pdfexaminer.com/
PE dumphttps://github.com/zed-0xff/pedump
Randomly changes Win32/64 PE Fileshttps://github.com/secretsquirrel/recomposer
ViCheckhttps://www.vicheck.ca/
Virscanhttp://www.virscan.org/
VirusTotalhttp://www.virustotal.com/
Virus Total Notifierhttps://github.com/mubix/vt-notify

Mobile 📱

NameURL
APK Analzyerhttp://www.apk-analyzer.net/
Droid Sec wikihttp://www.droidsec.org/wiki/
Joebox Cloudhttps://jbxcloud.joesecurity.org/login
Mobile security wikihttps://mobilesecuritywiki.com/
OWASP Goat Droidhttps://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project
Sand droidhttp://sanddroid.xjtu.edu.cn
Wiki secmobihttps://github.com/secmobi/wiki.secmobi.com 🏆

Network

NameURL
Awesome PCAPhttps://github.com/caesar0301/awesome-pcaptools
BGPlayhttps://stat.ripe.net/widget/bgplay
GNU/Linux monitoringhttps://blog.serverdensity.com/80-linux-monitoring-tools-know/
MAC address blockhttp://standards-oui.ieee.org/oui/oui.txt
MAC findhttp://www.coffer.com/mac_find/
MAC findhttp://hwaddress.com
Packet totalhttp://www.packettotal.com/
Ping.euhttp://ping.eu/
Project honeypothttps://www.projecthoneypot.org/
Protocol Numbershttp://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Publicly PCAP fileshttp://www.netresec.com/?page=PcapFiles
Service Port Number Registryhttps://www.iana.org/assignments/service-names-port-numbers/ ⭐⭐
Service Port Number Registryhttps://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Subnet calculatorhttp://www.subnet-calculator.com/cidr.php
Subnet calculatorhttp://www.subnetonline.com/pages/subnet-calculators.php
Security Onion toolshttps://github.com/Security-Onion-Solutions/security-onion/wiki/Tools

OSINT

NameURL
Osint listhttps://github.com/jivoi/awesome-osint
List of social networkhttps://en.wikipedia.org/wiki/List_of_social_networking_websites
Reddithttps://www.reddit.com/r/SocialEngineering/
Maltegohttps://www.paterva.com/
Hunterhttps://hunter.io/
Piplhttps://pipl.com/
Peek you http://www.peekyou.com/
Lullarhttp://com.lullar.com/
Lakakohttp://www.lakako.com/
Yasnihttp://www.yasni.com/
User searchhttps://usersearch.org/
Googlehttps://www.google.com/advanced_search
Google dorksintext:lastName firstName
Google dorksinsubject:lastName firstName
Google dorks`intext:lastName firstName filetype:pdf
Google Scraperhttps://github.com/NikolaiT/GoogleScraper
Binghttps://www.bing.com/
Bing dorkslastName firstName (filetype:doc OR filetype:ppt OR filetype:pps OR filetype:xls OR filetype:docx OR filetype:pptx OR filetype:ppsx OR filetype:xlsx OR filetype:sxw OR filetype:sxc OR filetype:sxi OR filetype:odt OR filetype:ods OR filetype:odg OR filetype:odp OR filetype:pdf OR filetype:wpd OR filetype:svg OR filetype:svgz OR filetype:indd OR filetype:rdp OR filetype:ica)
Yahoohttps://search.yahoo.com/
Duck duck gohttps://duckduckgo.com/
Yandexhttps://www.yandex.com/
Exa leadhttp://www.exalead.com
Osint stalkerhttps://github.com/milo2012/osintstalker
Speed phish frameworkhttps://github.com/tatanus/SPF
Browser exploitation frameworkhttps://github.com/beefproject/beef
The harvesterhttps://github.com/laramies/theHarvester
Meta goofilhttps://github.com/laramies/metagoofil

OS X

NameURL
Awesome OSX & IOS sec listhttps://github.com/ashishb/osx-and-ios-security-awesome
OSX auditorhttps://github.com/jipegit/OSXAuditor
OWASP iGoat Projecthttps://www.owasp.org/index.php/OWASP_iGoat_Project
Security and privacy guidehttps://github.com/drduh/OS-X-Security-and-Privacy-Guide
stronghold - Easily configure MacOS security settings from the terminal.https://github.com/alichtman/stronghold

Passwords 🔑

NameURL
CrackStationhttps://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
Default passwordhttps://default-password.info/
Default passwordhttps://cirt.net/passwords
Default passwordhttp://www.defaultpassword.com/
Default passwordhttp://www.defaultpassword.us/
Default cameras passwordhttps://github.com/jeanphorn/wordlist/blob/master/README.md
Default password thc-hydrahttps://github.com/vanhauser-thc/thc-hydra/blob/master/dpl4hydra_full.csv
Dafault router passwordhttp://www.cleancss.com/router-default/
Default router passwordhttps://github.com/jeanphorn/wordlist/blob/master/router_default_password.md
Default VoIP passwordhttps://github.com/netbiosX/Default-Credentials/blob/master/VoIP-Default-Password-List.mdown
Fun secure password checkerhttps://password.kaspersky.com/
Hashcat WIKIhttps://hashcat.net/wiki/
Multiple dictionaryhttps://github.com/danielmiessler/SecLists/tree/master/Passwords
Multiple dictionaryhttps://github.com/duyetdev/bruteforce-database
Online CrackStationhttps://crackstation.net
Online Hask Killerhttps://hashkiller.co.uk
Online Hash crackhttp://www.onlinehashcrack.com/
Online MD5 and SHA1 dbhttp://hashtoolkit.com/
OpenWallhttp://www.openwall.com/passwords/wordlists/ or ftp://ftp.openwall.com/pub/wordlists/
Outpost9http://www.outpost9.com/files/WordLists.html
Packets stormhttps://packetstormsecurity.com/Crackers/wordlists/
Password researchhttp://www.passwordresearch.com/
Programming - Secure Password Storagehttps://paragonie.com/blog/2016/02/how-safely-store-password-in-2016
SecListshttps://github.com/danielmiessler/SecLists/tree/master/Passwords
Skull securityhttps://wiki.skullsecurity.org/Passwords
SSH dictionaryhttps://github.com/droope/pwlist

Penetration testing 🔧

NameURL
Awesome pentesthttps://github.com/enaqx/awesome-pentest
Awesome WAFhttps://github.com/0xInfection/Awesome-WAF
Footprinting - Procedure & toolshttp://www.0daysecurity.com/penetration-testing/network-footprinting.html
GNU/Linux privilege escalationhttps://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Informaion gathering - Toolshttp://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/information-gathering.html
IppSec channelhttps://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
Organization of the Standardhttp://www.pentest-standard.org/index.php/Main_Page
Owasp - Check listhttps://www.owasp.org/index.php/Testing_Checklist
Owasp testing guidehttps://www.owasp.org/images/1/19/OTGv4.pdf ⭐⭐
Owasp - toolshttps://www.owasp.org/index.php/Category:OWASP_Tool
Public pentest reportshttps://github.com/juliocesarfort/public-pentesting-reports
Python tools for pentesthttps://github.com/dloss/python-pentest-tools
Report samplehttps://www.offensive-security.com/reports/sample-penetration-testing-report.pdf
Reverse engineeringhttp://wiki.yobi.be/wiki/Reverse-Engineering
SANS Penetration Testinghttp://pen-testing.sans.org
Services enumerationhttp://www.0daysecurity.com/penetration-testing/enumeration.html
Tools - BlackArch listhttps://blackarch.org/tools.html
Tools - Great listhttp://wiki.yobi.be/wiki/Table_of_contents#Security
Tools - Kali listhttp://tools.kali.org/tools-listing
Webhttp://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/web-application-analysis.html
Web vulnerabilitieshttp://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/vulnerability-assessment.html
Webshell listhttps://github.com/tennc/webshell

Port scanners 🎯 && Wide Scans 🗽

NameURL
Masscanhttps://github.com/robertdavidgraham/masscan
Masscan Defcon conferencehttps://defcon.org/
Network Scan Monhttps://scan.netlab.360.com/#/dashboard
Nmaphttps://nmap.org/7/
Nscanhttps://github.com/OffensivePython/Nscan
PFRinghttps://github.com/ntop/PF_RING
Rapid7 Sonar Labshttps://sonar.labs.rapid7.com/
Rapid7 Sonar Blackhat conferencehttps://www.blackhat.com/
Scans.iohttps://scans.io/
Shadowserverhttps://www.shadowserver.org/ ⭐⭐⭐⭐
Sonar similar projectshttps://github.com/rapid7/sonar/wiki/Similar-Projects
Trending Portshttps://isc.sans.edu/trends.html
Zmaphttps://zmap.io/
Zgrabhttps://github.com/zmap/zgrab

Search engines 📡

NameURL
ZoomEyehttps://zoomeye.org/ ⭐🇨🇳
Shodanhttps://www.shodan.io/
Censyshttps://censys.io/
Gegerekahttp://gegereka.com/ (not always up)
Googlehttps://www.google.com/advanced_search
Google dorkshttps://gist.github.com/zbetcheckin/04e6a5d7f2d5ef8cfa3c298701f47f9c
List of search engineshttps://en.wikipedia.org/wiki/List_of_search_engines
Threat crowdhttps://www.threatcrowd.org/

Security challenges / WarGames 🚩

NameURL
Zenk-Securityhttps://www.zenk-security.com/
Root-Mehttp://www.root-me.org/
Overthewirehttp://overthewire.org/wargames/
Reversinghttp://reversing.kr/
Pwnablehttp://pwnable.kr/
Newbiecontesthttps://www.newbiecontest.org/
OWASP VWAD listhttps://github.com/OWASP/OWASP-VWAD/
WeChallhttps://www.wechall.net/
Vulnhubhttps://www.vulnhub.com/
Net Garagehttp://io.netgarage.org/
SmashTheStackhttp://smashthestack.org/
Hackthissitehttp://www.hackthissite.org/
Hack.mehttps://hack.me
HackThis!http://www.hackthis.co.uk/
Backdoor.Sdslabshttps://backdoor.sdslabs.co/
Bright-shadowshttp://www.bright-shadows.net/
SmashTheStackhttp://smashthestack.org/
Ringzer0teamhttps://ringzer0team.com/challenges
Forensic contesthttp://forensicscontest.com/puzzles
Lost challhttp://www.lost-chall.org/
Rankkhttp://www.rankk.org/
Happy Securityhttp://www.happy-security.de/
Net forcehttps://www.net-force.nl/challenges/
CanYouHack.ithttp://canyouhack.it/
Hellboundhackershttps://www.hellboundhackers.org/
Microcorruptionhttps://microcorruption.com/

Skimmer 🃏

NameURL
Skimmer source from Krebshttps://krebsonsecurity.com/all-about-skimmers/
Great reverse engineering on skimmerhttps://trustfoundry.net/reverse-engineering-a-discovered-atm-skimmer/

SSH

NameURL
Bruteforce know hostshttps://github.com/Churro/bruteforce-known-hosts
OpenSSH guidelineshttps://wiki.mozilla.org/Security/Guidelines/OpenSSH
SSH audithttps://github.com/arthepsy/ssh-audit.git
SSH audit onlinehttps://sshcheck.com
Who's therehttps://github.com/FiloSottile/whosthere

SSL

NameURL
Certificate searchhttps://crt.sh
Bad SSLhttps://github.com/chromium/badssl.com
Htbridge - Online analysishttps://www.htbridge.com/ssl/
Mozilla SSL Configuration Generatorhttps://mozilla.github.io/server-side-tls/ssl-config-generator/
Observatory by Mozilla - Online analysishttps://observatory.mozilla.org/ ⭐⭐⭐⭐
O-Saft - Toolshttps://www.owasp.org/index.php/O-Saft
OWASP tests - Procedurehttps://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers
Qualys SSL Labs- Online analysishttps://www.ssllabs.com/ssltest/
SSLscan - Toolshttps://github.com/rbsec/sslscan
SSLyze - Toolshttps://github.com/iSECPartners/sslyze
Testssl.sh - Toolshttps://github.com/drwetter/testssl.sh

TOR

NameURL
Hidden serviceshttps://www.torproject.org/docs/hidden-services.html.en
Hidden services scannerhttps://github.com/superp00t/sadonion
Reddithttps://www.reddit.com/r/onions/
Scan Onion Serviceshttps://github.com/s-rah/onionscan
Search engine - Gramshttp://grams7enufi7jmdl.onion/
Search engine - Ahmiahttps://ahmia.fi/
Search engine - TORCHhttp://xmh57jrzrnw6insl.onion/
Search engine - DuckDuckGohttp://3g2upl4pq6kufc4m.onion/
Tailshttps://tails.boum.org/
The hidden wikihttps://thehiddenwiki.org/
Tolerant ISP for exit nodehttps://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
Tor Browser Fingerprinthttps://github.com/jonaslejon/tor-fingerprint
Tor Bulk exit listhttps://check.torproject.org/cgi-bin/TorBulkExitList.py
Tor IP historyhttps://exonerator.torproject.org/
Tor Know exit nodeshttps://check.torproject.org/exit-addresses
Tor Projecthttps://www.torproject.org/
Tor Relays bandwidthhttps://github.com/TheTorProject/bwscanner
Tor Sockshttps://gitweb.torproject.org/torsocks.git
Tor Statushttps://torstatus.blutmagie.de/
URL onion inspectorhttps://github.com/k4m4/onioff

VOIP ☎️

NameURL
Penetration testhttp://0daysecurity.com/penetration-testing/VoIP-security.html

VPN

NameURL
Open VPNhttps://github.com/OpenVPN
Comparisonhttps://thatoneprivacysite.net/vpn-comparison-chart/
Location testhttps://www.dnsleaktest.com/
Location testhttps://ipleak.net/

Vulnerable environments 🔓

NameURL
Owasp listhttps://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline
Owasp BWAhttps://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
DVWAhttp://www.dvwa.co.uk/
WebGoathttp://code.google.com/p/webgoat
Metasploitable 3https://github.com/rapid7/metasploitable3/wiki
Vulnerable systems listhttps://www.amanhardikar.com/mindmaps/Practice.html
VulnHubhttp://vulnhub.com/
LampSecurityhttp://sourceforge.net/projects/lampsecurity/
Hackademic-RTB1http://www.aldeid.com/wiki/Hackademic-RTB1
Mothhttp://www.bonsai-sec.com
Peruggiahttp://sourceforge.net/projects/peruggia/

Web browser

NameURL
Amiunique projecthttps://github.com/DIVERSIFY-project/amiunique
Browser exploithttps://github.com/julienbedard/browsersploit
Browser infohttp://www.browser-info.net/
Browser leakshttps://www.browserleaks.com/
Browser recommendationshttps://gist.github.com/atcuno/3425484ac5cce5298932
Browserlinghttps://www.browserling.com/
Fingerprinthttps://amiunique.org/
Fingerprinthttps://panopticlick.eff.org/
Flashhttp://isflashinstalled.com/
Refererhttps://www.whatismyreferer.com/
SSLhttps://www.ssllabs.com/ssltest/viewMyClient.html
URL Shorter Listhttps://bit.do/list-of-url-shorteners.php
User agenthttp://useragentstring.com/pages/useragentstring.php
User agenthttp://whatsmyuseragent.com/
User agenthttps://www.projecthoneypot.org/robot_useragents.php
User agenthttps://www.whatismybrowser.com/developers/tools/user-agent-parser/browse
Web technologies support tableshttps://caniuse.com/

Windows

NameURL
Anti forensic Windowshttps://www.reddit.com/r/security/comments/32fb1l/open_guide_to_scrubbing_windows_oss_from_forensic/
Security developmenthttps://github.com/ExpLife0011/awesome-windows-kernel-security-development
Windows executable walkthroughhttps://i.imgur.com/pHjcI.png
Windows exploitationhttps://github.com/r3p3r/nixawk-awesome-windows-exploitation
Windows hardeninghttps://github.com/PaulSec/awesome-windows-domain-hardening

Wireless / Radio 📶

NameURL
Awesome wifi tools listhttps://github.com/0x90/wifi-arsenal
Penetration testhttp://0daysecurity.com/penetration-testing/wireless-penetration.html
Great wifi maphttps://wigle.net/
RFSec-ToolKithttps://github.com/cn0xroot/RFSec-ToolKit
RTL-SDRhttp://www.rtl-sdr.com/
Wireless in airportshttps://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY

About

Great security list for fun and profit

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published
[8]ページ先頭
©2009-2025 Movatter.jp