cybersources
A curated list of cybersecurity tools and resources.
https://github.com/bst04/cybersources
Last synced: 2 days ago
JSON representation
-
[β](#-content) π Learning
-
[β](#-content) π Open-Source Repositories
- awesome-hacking
- OWASP
- Awesome OSINT
- awesome-YARA
- awsome-CVE PoCs
- awesome-osint-for-everything
- dark-web-osint-tools
- awesome-bug-bounty
- OSINT
- Playbooks
- Mitre ATT&CK
- TheHive Project
- CyberSecTools
- awesome-red-team
- the-hacker-roadmap
- the-osint-toolbox
- programs-for-data-recovery
- Mitre ATT&CK
- programs-for-data-recovery
-
[β](#-content) π₯ Tutorials
- Corelan Team's Exploit writing tutorial
- Malware Unicorn Reverse Engineering Tutorial
- Missing Semester
- Begin RE: A Reverse Engineering Tutorial Workshop
- Lena151: Reversing With Lena
- Understanding the basics of Linux Binary Exploitation
- Blue Team Introduction - Fundamentals |
- Blue Team Introduction - Fundamentals |
-
[β](#-content) π Resources
- Corelan
- Osint-Dojo
- Bug Bounties 101
- Security related Operating Systems @ Rawsec
- Hacktricks
- Best Linux Penetration Testing Distributions @ CyberPunk
- Anna's Achive - source open-data library. Mirrors Sci-Hub, Library Genesis, Z-Library, and more. |
- Pentest Cheat Sheets
- Awsome list of bugbounty cheatsheets
- PowerShell Scripts
- PDFdrive
- SecTube
- Wiki - AddieLamarr
- PowerShell - Notes
- PowerShell Guide
- BadUSB File Format
- OSTIN Attack Surface Diagrams
- AN1305 MIFARE Classic as NFC Type MIFARE Classic Tag
- beafn28 notes
- HardBreak - source Hardware Hacking Wiki that aims to gather all essential knowledge for hardware hacking in one place. Whether you are a beginner or more advanced! |
- FR Secure
- HackingTraining
- Ransomchats - world ransomware negotiations. |
- Hack By Steps
- DuckyScriptβ’ Quick Reference
- ired
- How to Become a Successful Bug Bounty Hunter
- Researcher Resources - How to become a Bug Bounty Hunter
- The life of a bug bounty hunter
- Getting Started - Bug Bounty Hunter Methodology - by-step methodology to begin your bug bounty journey. |
- Ransomware.live - time |
-
[β](#-content) π© CTFs - Training
- CFT Time
- hpAndro Vulnerable Application CTF
- TraceLabs
- Top CTF challenges
- awesome-ctf
- Flipper Zero BadUSB Mastery
- InfoMachines
- CyberLand Labs
- Kase Scenarios - world investigations. You must apply OSINT techniques to solve intricate cases and mysteries. |
- Geolocating Images (THM)
- Google Dorking (THM)
- OhSINT
- Sakura Room
- Searchlight-IMINT
- KafeeSec-SoMeMINT
- Flipper Zero BadUSB Mastery
- InfoMachines
-
[β](#-content) πΈοΈ Practice Webs
- CFTd
- Hacker101-CTF - world challenges for web penetration testers or bug bounty hunters to hone their skills in finding and exploiting web vulnerabilities. |
- TryHackMe - on labs and ctfs on various topics from beginner to advanced. |
- CTFLearn - friendly CTF platform with challenges covering various cybersecurity topics. |
- Root Me
- PentesterLab
- OverTheWire (Wargames)
- Cryptohack - based CTF challenges, that teaches concepts through problem-solving. |
- OWASP Juice Shop
- Damn Vulnerable Web Application (DVWA)
- PortSwigger Web Security Academy - on trainings, tutorials and labs on web application security, covering various attack techniques and defensive strategies. |
- Codeforces
- Reversing.Kr
- DevChallenges
- HackTheBox - world challenges for all skill levels. |
- picoCTF
- Vulnerable Codes - world cases.|
- pwn4love
-
[β](#-content) π Courses
- edX
- Udemy
- HackerOne
- Bugcrowd
- FireEye - a whiteboard session on red team operations
- Hybrid Analysis
- Roppers Practical Networking
- AbuseIPDB
- Free Education Web
- Open Bug Bounty - source bug bounty program. |
- overthewire.org - filled games. |
- cs50 - Harvard
- LetsDefend - on experience by investigating real cyber attacks inside a simulated SOC.|
- VirusTotal
- Hacksplaining - nonsense advice for the developer in a hurry.|
- HackTheBox
- EC-Council - Learning
- Security Blue Team
- Root the Box - world cybersecurity skills. |
- RangeForce - on blue team exercises. |
- elHacker
- Seguridad/si
- Udemy
- Hacker101
- Cybersecurity Guide
- CyberLand Sec
- CyberEDU
- Advanced Threat Tactics Course & Notes
- EC-Council - Learning
- Professor Messer
- Tradecraft - a course on red team operations
- Hacker101
- SANS
- HTB-Academy
- TryHackMe
- Cybrary - on labs for certificatitions like Security+, CISSP and CEH. |
-
[β](#-content) π Certifications
- OSCP - 200 (PWK) is our foundational pentesting course where students learn and practice the latest techniques. |
- Cisco CCNA
- eJPT - on, entry-level Red Team certification that simulates skills utilized during real-world engagements. |
- CompTIA Security+
- OSEP
- CC
- OSWP - teaming |
- CREST Certified Simulated Attack Specialist
- GitHub Advanced Security
- GitHub Administration
- CREST Certified Simulated Attack Specialist
- SEC564: Red Team Operations and Threat Emulation
- ELearn Security Penetration Testing eXtreme
- Certified Red Team Professional - on red team operations. |
- Certified Red Teaming Expert - level certification in advanced red teaming strategies and tools. |
- PentesterAcademy Certified Enterprise Security Specialist (PACES)
- CPTS - on certification that assesses the candidatesβ penetration testing skills. |
- CBBH - on certification that assesses the candidatesβ bug bounty hunting and web application pentesting skills |
- CWEE - on certification that assesses candidates' skills in identifying advanced and hard-to-find web vulnerabilities using both black box and white box techniques. |
- CDSA - on certification that assesses the candidatesβ security analysis, SOC operations, and incident handling skills. |
- GitHub Advanced Security
- GitHub Administration
-
-
2. [β](#-content) Pentesting
-
2.6 [β](#-content) Network
- Scapy
- Tcpdump - line packet analyzer for capturing and analyzing network traffic. |
- HTTP Toolkit - source tool for debugging, testing and building with HTTP on Windows, Linux & Mac. 1 click setup for rooted devices. |
- Wireshark
- Burp Suite - related vulnerabilities. |
- nmap
- Bettercap - in-the-middle attacks, network sniffing, and WiFi exploitation. |
- Kismet
- ZAP
- ASlookup
- Wifi Jammer - Fi clients in range. |
- Uptime-Kuma - hosted monitoring tool.|
- sniffglue
- ssh-mitm - in-the-middle tool for logging sessions and passwords. |
- Sniffnet
- CrackMapExec - exploitation tool for pentesters to automate common tasks against networks. |
- SSLstrip
- Ettercap - in-the-middle attacks on LANs and WiFi networks. |
- Netz - wide misconfigurations using zgrab2. |
- dnschef
- TorCrawl - based tool to crawl .onion websites efficiently. |
- Responder - in-the-middle attacks. |
- pig - based packet crafting tool. |
- Nope Proxy - http (TCP and UDP) proxy extension for burp suite. Nope has a built in DNS, port monitor, scripting engine, and proxies for row TCP and UDP sockets. |
- Netcat
- Amass
- NetHawk - powered tool for ethical hacking and network vulnerability assessment, simplifying deep scans and security audits for professionals.|
- Nipe
- Habu
- mitmsocks4j - in-the-middle SOCKS proxy for Java. |
- Firesheep
- PETEP
- Pentest Collaboration Framework - platform and portable toolkit for automating routine processes when carrying out various works for testing!|
- Midnight Sea
- Windows Network CPR
- RustScan
- NetworkMiner
- Paros - based HTTP/HTTPS proxy for web application vulnerability assessment. |
- Fierce
- MitM - in-the-middle framework for intercepting, modifying, and injecting traffic. |
-
2.3 [β](#-content) Decompilers
- DotPeek - of-charge .NET decompiler from JetBrains |
- apktool
- Hopper - bit Windows/Mac/Linux/iOS executables. |
- BinaryNinja
- JADX
- uncompyle6
- Luyten
- Karkatau - GUI and Luyten have failed to do it fully. |
- R2Dec
- Procyon - Procyon is a binary star system in Canis Minor|
- Decai - based decompiler for radare2 |
- dnSpy
- ILSpy - source .NET assembly browser and decompiler |
- JAD - source, unmaintained) |
-
2.5 [β](#-content) Web
- Shodan
- URLVoid
- SpySe
- sqlmap
- Ffuf - domains, VHosts and resources by brute-forcing URL paths. |
- SecLists
- Katana
- Httpx - purpose tool for probing and discovering HTTP-based services, performing various checks like SSL/TLS, redirects, and more. |
- recon-ng
- VHostScan - all configurations. |
- Keyscope
- Waybackurls
- Git-Scanner
- 403JUMP
- SubdomainRadar - in-one recon platform: 50+ data sources for subdomain discovery, port & vulnerability scans, screenshots, and API access|
- Cyberbro
- SubFinder
- Gobuster - forcing web server paths or subdomains using wordlists. |
- Burp Suite - forcing and exploiting security flaws. |
- HExHTTP
- 0BL1V10N CVE-2024-25600 (Bricks Builder Plugin Exploit) - 2024-25600 in Bricks Builder (WordPress). Developed for TryHackMeβs Bricks Heist room. Enhanced from Tornad0007. From OD&H|
-
[β](#-content) 2.8 WiFi
- Aircrack-ng - PSK encryption keys. |
- Wifiphisher
- Wifite
- Fern WiFi Cracker - based tool to crack WEP/WPA/WPS encryption on wireless networks. |
- Ghost Phisher
- Aireplay-ng
- Airmon-ng
- Airolib-ng
- Airbase-ng
- Xeno
- Airegeddon - purpose WiFi hacking tool focused on WPA/WPA2 PSK networks. |
- Wash
- Reaver
- Bully - forcing WPS PINs of vulnerable routers. |
-
[β](#-content) 2.12 Binary Explotation
- Angr - source binary analysis platform for Python. It combines both static and dynamic symbolic ("concolic") analysis, providing tools to solve a variety of tasks.|
- Nightmare
- gef - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux|
- pwntools
-
[β](#-content) 2.7 RFID
- Flipper Zero - tool device for interacting with RFID, NFC, and other protocols. |
- Proxmark3
- LibNFC - source library for using NFC readers and performing RFID interactions. |
- Metrodroid
- MIFARE Classic Tool (MCT)
- MFOC
- ChameleonMini
- Seader
- ACR122U - based NFC reader and writer commonly used for RFID development and testing. |
- Cardpeek - based transit cards, with a focus on data parsing and visualization. |
- Metroflip - protocol card reading and global transit card analysis. |
- NFC Magic
- PicoPass
- Mifare Fuzzer
- MFKey
- ACR122U - based NFC reader and writer commonly used for RFID development and testing. |
-
[β](#-content) 2.11 Bug Bounty
- YesWeHack
- Bug Bounty Hunting
- Airbitz
- Asana
- Bountysource - source projects and software development bounties. |
- Abacus
- ActiveProspect
- AeroFS
- Altervista
- Altroconsumo
- Amara
- ANCILE Solutions Inc. - demand learning and performance support. |
- Anghami
- ANXBTC
- Appcelerator - platform mobile app development tool. |
- BMW Group Bug Bounty
- FreedomSponsors - source software improvements and bug fixes. |
- FOSS Factory - source software development. |
- HackenProof
- Bugbountyjp
- Hackerhive
- exifharvester
- Ripper Web Content - Capture Metadata Content
- FreedomSponsors - source software improvements and bug fixes. |
- Safehats
- Amazon Web Services
- AeroFS
- 123Contact Form
- 99designs
- Abacus
- Acquia - based solutions for managing and optimizing digital experiences on Drupal. |
- ActiveProspect
- Adobe - leading software solutions for creative professionals, including Photoshop and Acrobat. |
- Altervista
- Altroconsumo
- Amara
- ANCILE Solutions Inc. - demand learning and performance support. |
- ANXBTC
- Apptentive
- Aptible
- Arkane
- ARM mbed
- intigriti
- HackerOne
- Cobalt - testing as a service platform with a global community of security experts. |
- Coder Bounty
- Synack
- Detectify
- BugbountyHQ
- Hacktrophy
- AntiHACK
- CESPPA
- Ripper Web Content - Capture Metadata Content
-
[β](#-content) 2.10 Reconnaissance
- Masscan
- Sublist3r - source intelligence. |
- Fierce
- Prowler
- Dnsrecon - related data. |
- Enum4linux
- Shodan
- EnumeRannden
- SpiderFoot
- Censys
- Nmap
- Netcat
- Dig - line tool for querying DNS records and gathering information on domain names. |
-
2.4 [β](#-content) Disassembler and debuggers
-
[β](#-content) 2.9 Bluetooth
- GATTacker - based tool for attacking GATT (Generic Attribute Profile) services on BLE devices.|
- BlueToolkit - enabled devices.|
- bluepot
- btlejuice - in-the-middle attack proxy for BLE communications, allowing interception and manipulation of BLE traffic.|
- Bluelog
- Blueranger
- BTScanner
- UBERTOOTH - based Bluetooth analysis and interception tool, capable of monitoring Bluetooth communications.|
- spooftooph
- bluemaho - of-death.|
- blueranger-ng - ng is an updated version of Blueranger, enhancing Bluetooth reconnaissance capabilities.|
- bluesnarfer
- bluediving
- Blueranger
- UBERTOOTH - based Bluetooth analysis and interception tool, capable of monitoring Bluetooth communications.|
- crackle
-
2.2 [β](#-content) Deobfuscators
-
[β](#-content) 2.13 CCTV
-
-
4. [β](#-content) Forensic & Malware Analysis
-
4.1 [β](#-content) Forensic
- PhotoRec - ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory.|
- Recuva - Recuva recovers files from your Windows computer, recycle bin, digital camera card, or MP3 player! |
- CAINE - based tool that provides a complete forensic environment with a graphical interface. |
- IPED - Indexador e Processador de EvidΓͺncias Digitais
- Kuiper
- CyLR
- REKALL
- sleuthkit - line digital forensics tools and library. |
- Sherloq - source digital image forensic toolset. |
- Forensic Tools
- Autopsy
- EnCase
- Cyber Triage
- Dumpzilla
- DFTimewolf
- IPED Digital Forensic Tool - source tool for analyzing disk images and file systems. |
- Volatility 3
- Binalyze AIR
- TestDisk
- WinHex
- Skadi - source tools for forensic artifact and image analysis. |
- Hoarder
- libregf
- Radare2
- Silk Guardian - forensic Linux kernel module that acts as a USB port kill-switch. |
- evtkit
- Pancake Viewer - backed viewer for file extraction and viewing. |
- Mobile Verification Toolkit (MVT)
- Turbinia
- Belkasoft Evidence Center
- libevt
- RegRipper4.0
- EaseUS
- malzilla
- EnCase
- Log2Timeline (Plaso)
-
4.2 [β](#-content) Hex editors
- 010 Editor - 8 files, C/C++ source code, PHP, etc. Unlimited undo and powerful editing and scripting tools. |
- Synalize It
- Hexinator
- ImHex
- wxHexEditor
- HxD
- WinHex - level data processing, and IT security |
-
-
5. [β](#-content) Anonymity and Security Tools
-
[β](#-content) 5.2 Password Managers
-
[β](#-content) 5.1 Delete Your Trace
-
[β](#-content) 5.4 Privacy and Anonymity
-
[β](#-content) 5.3 VPNs
- Proton VPN - logs policy. |
- IVPN - focused VPN service offering strong encryption, a strict no-logs policy, and advanced features like multi-hop VPN for enhanced security. |
- Ultrasurf - censorship program developed by a small group of Silicon Valley engineers to promote free information exchange. It allows users to bypass internet censorship for free. |
- Psiphon
- CactusVPN
- VPN over DNS
- Mullvad VPN - focused VPN service that offers anonymous internet browsing with no personal information required for registration. |
-
-
6. [β](#-content) Utility & Miscellaneous
-
6.6 [β](#-content) System
-
6.1 [β](#-content) Utility
- Faction - source tool that automates many aspects of manual penetration testing. Faction automates pen-test reports, tracks vulnerabilities, and schedules pen-test assessments. |
- CavalierGPT - The First Comprehensive Infostealers AI Bot
-
6.4 [β](#-content) Search Engines
- Ahmia Search Engine
- DuckDuckGo - oriented search engine that doesn't track user activity. |
- IntelligenceX
- CRT.sh
- Maltego
- ExploitDB
- Katana - source framework for web scanning and recon, useful for dark web investigations. |
- LibGen
- Binary Edge
- Vulners
- Family Watchdog
- Breach Detective
- Qwant - respecting search engine with a European origin. |
- File Finder Β· GitHub
- WiGLE
- Dogpile
- AlienVault
- GrayHatWarfare
- PolySwarm
- Netlas - connected assets. |
- FullHunt
- GreyNoise
- LeakIX
- WayBackMachine
- Onion Search Engine
- Yandex
- Background Checks.org
- BOP: Federal Bureau of Prisons
- IntelTechniques OSINT Tool
- OSINT.link
- Snusbase
- Cylect.io
- ZoomEye
- Marginaila Search
- PublicWWW
- Pulsedive
- MetaGer - focused search engine combining results from multiple indexes. |
- Webmii
- Bing
- Ecosia - friendly search engine that uses ad revenue to plant trees worldwide. |
- Brave Search - centric search engine integrated with the Brave browser. |
- Yahoo Search
- Million Short - ranked websites for deeper web discovery. |
- Carrot2 - based clusters for better navigation. |
- Ask
- Search Engines Index
- CachedViews
- 2lingual
- Binary Edge
- Packet Storm Security
- ONYPHE - threat intelligence data. |
- SearchCode
- URL Scan
- DeHashed
- YouTube Metadata
- FlightAware - time flight tracking and status tool. |
- Black Book Online
-
6.5 [β](#-content) DNS/IP
- IPLeak
- ZoomEye
- Robtex
- IP Tracker
- Router Optimization Script
- Domain Codex
- Domain Digger
- DNSlytics
- DNSTwist
- InternetDB
- Censys - connected devices and platforms. |
- Technology Lookup
- Free Network Tools
- Google Transparency Report
- Domain Codex
- Wi-Fi Range and Speed Optimization Script (Windows-based) - Fi range and speed on Windows.|
- Internet Checking Windows 11
- SimilarWeb
-
6.2 [β](#-content) Miscellaneous
-
-
1. [β](#-content) OSINT
- OverPass Turbo
- Voilanobert
- IDCrawl
- Snoop
- Recruitin.net
- OneLook
- Pim Eyes
- Hunter - in-one email outreach platform.|
- Sentinel Playground
- Google Maps
- OSINT Framework
- Foto Forensics
- SunCalc
- EmailRep
- SingalHire
- TikTok Downloader - -- |
- Exolyt.com - -- |
- Tikbuddy - -- |
- Mavekite.com - -- |
- TikTok Creative Center Statistics - -- |
- RedditPostSleuth
- IPLogger
- CheckUser
- GeoSpy
- Hashtagify
- GeoHints
- GeoEstimation Labs
- Skymem
- Picodash
- Ashley Madison Emails
- phoneinfoga
- Sherlock
- Gitrecon
- Ghunt - related emails and associated documents. |
- Exiftool
- NexFil
- Check-if-email-exists
- InstaLoader
- Maigret
- the Harvester - mails, subdomains and names Harvester - OSINT|
- Seekr - tool for OSINT data management, note-taking, and username checking. |
- snscrape - line tool for scraping social media posts. |
- Holehe
- h8mail
- Mitaka
- InstaLooter
- Instagram OSINT - source intelligence tool for Instagram. |
- Osintgram
- ScrapedIn
- TikTok API - -- |
- BridgeKeeper
- raven
- Osi.ig
- Instagram Crawler
- DataSurgeon
- Instant Username
- osint.rocks
- IntelTechniques
- Cybdetective
- LensoAI - driven platform for reverse image searching. |
- OhShint
- GeoSpy AI
- Digital Footprint Check
- LeakRadar - text info-stealer credentials; email, domain, metadata queries, monitoring & API|
- OsintLabs
- SherlockEye
- NameMC
- US Crisis Monitor - depth coverage of political violence trends in the US. |
- GeoProtests API
- GeoGuessr Assistant
- GeoTips
- Plonkit - related guidance. |
- Photo.Osint
- Engagement-calculator
- ImgInn
- In Tags
- instaloctrack
- noninstagram
- Phantom Buster
- Social-alerts
- SoIG
- ThumbTube
- Flufi
- Find Instagram User ID
- IntelligenceX: Linkedin
- Email Reverse Lookup
- Linkedin Bookmarklet
- Linkedin Profile Scraper
- LinkedInt
- Osint Support Linkedin
- Recruitment Geek
- Sinwindie TikTok Bookmarklet Tools - -- |
- TikTok Scraper - -- |
- TikTok Timestamp - -- |
- TikView - -- |
- tikvstock - -- |
- Tokvid - -- |
- TubeHi - -- |
- Vidnice - -- |
- Toronto Live
- osint.support
- OSINT Investigation Assistant
- ClatScope
- Combin
- Hashtags for Likes - -- |
- NamesDir
- Amazon Usernames
- GitHub Usernames
- Tinder Usernames
- MailBox Validator
- ReadNotify
- MailScrap
- IntelTechniques
- Predicta Search
- Deep Dork Web - built queries.|
- Digital Digging OSINT - checkers, and digital profilers.|
- toposint
- BreachDirectory
- Social Catfish
- The OSINT Rack - source intelligence tools; explore resources across recon, social media, metadata, geolocation, and more.|
- Name Checkr
- EmailHippo
- ActiveTK.jp
- InSpy
- Breach House
- GeoINT Search - related queries. |
- Email Permutator
- Tinder
- Name Checkr
- That's Them
- Hudson Rock Cybercrime Intelligence Tools
- Have I Been Ransom
- GeoPlatform Portal - agency collaborative effort for geospatial data sharing and transparency. |
- Hashtags for Likes
- IGSuperStar
- InstaFollowers
- Instagram Search Tool (Aware Online)
- Leetags
- Influence Grid - -- |
- InstaFollowers - -- |
- Savefrom.net - -- |
- fansmetrics.com
- onlyfinder.com
- Heybaby
- Match.com
- zoosk
- Redective
- KnewKarma
- telegram-checker
- IGSuperStar
- OSM Finder
- Name Chk
- Tokvid - -- |
- Match.com
- Toofr - makers that matter to your business.|
- AboutIntel
- BreachDirectory
- Display Purposes
- Coffee Meets Bagel
- FaceCheckID
- Google Lens - powered tool to analyze and extract information from images. |
- Name Checkup
- Inteltechniques
- Namevine
- Footprint IQ
- Epieos
- MXToolbox
- Have I Been Pwned
- OCCRP Aleph
- GeoNames
- Iconosquare
- FTL
- Discord Me
- OkCupid
- Plenty of Fish
- Scruff
- Tastebuds
- Redective
-
[β](#-content) 9. Hardware & Operating Systems
-
[β](#-content) 9.1 Operating Systems
- Windows - friendly interface and wide application support. |
- Zorin OS
- Raspberry Pi OS - based operating system specifically designed for the Raspberry Pi. |
- Arch Linux
- Ubuntu - based Linux distribution, known for its ease of use and active community. |
- BSD
- OpenSUSE
- Android - based mobile operating system developed by Google for smartphones and tablets. |
- Chrome OS - based operating system developed by Google, designed for use on lightweight devices like Chromebooks. |
- BSD
- QNX - time operating system (RTOS) used in embedded devices and automotive systems. |
- CasaOS - based open source software focused on delivering simple personal cloud experience around Docker ecosystem.|
- macOS
- CasaOS - based open source software focused on delivering simple personal cloud experience around Docker ecosystem.|
- Linux - source, Unix-like operating system kernel, widely used in servers, desktops, and embedded systems. |
- Fedora - oriented Linux distribution with a focus on security and cutting-edge technologies. |
- Red Hat - based enterprise operating system, offering support and business services for enterprises. |
- FreeBSD - source operating system derived from BSD Unix, known for its security, performance, and stability. |
- CentOS
- Haiku OS - source operating system inspired by BeOS, designed to be easy to use and fast. |
- SUSE Linux Enterprise
-
[β](#-content) 9.2 Hardware Tools
- Wifi Pineapple - Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests. |
- Rubber Ducky
-
-
[β](#-content) πΊ Media
-
[β](#-content) π Books & Papers/Articles
- **Penetration Testing: A Hands-On Introduction to Hacking**
- Next Generation Red Teaming
- Targeted Cyber Attack
- Advanced Penetration Testing: Hacking the World's Most Secure Networks
- The Hacker Playbook 3: Practical Guide To Penetration Testing
- **Social Engineering: The Art of Human Hacking**
- CFT Guide
- **Blue Team Field Manual (BTFM)**
- **Kali Linux Revealed** - [PDF](https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf) | | The official guide to mastering Kali Linux, including installation, configuration, and usage for security professionals. |
- **Cybersecurity - Attack and Defense Strategies**
- **NMAP Network Scanning: Official Discovery**
- **Incognito Toolkit: Tools, Apps, and Creative Methods for Remaining Anonymous**
- Social Engineers' Playbook: Practical Pretexting
-
[β](#-content) ποΈ Podcasts
- ISC - form podcast that provides a summary of current network security-related events. |
- Cyberwire Daily
- Tierra de Hackers
- Un Podcast Seguro
- Securiters
- Hacking Talks
- Tierra de Hackers
-
[β](#-content) πΊ Documentaries
-
[β](#-content) π₯ Youtube Channels
- The Cyber Mentor - quality content for beginners and professionals. |
- HackerSploit - depth tutorials on ethical hacking, cybersecurity, and penetration testing for enthusiasts and professionals. |
- SecurityNow - focused channel that provides analysis of vulnerabilities, advanced security topics, and the latest news in the field. |
- Null Byte
- S4vitar
- IppSec
- Hacking Simplified - to-follow tutorials and content for learning ethical hacking and cybersecurity skills. |
- STΓK
- Firewalls
- CyberExploit
- CyberForged
- Talking Sasquach
- HackerSploit - depth tutorials on ethical hacking, cybersecurity, and penetration testing for enthusiasts and professionals. |
- Computerphile
- Cybrary
- PentesterLab
- Tinkr
- TheHackerGiraffe
- SecurityNow - focused channel that provides analysis of vulnerabilities, advanced security topics, and the latest news in the field. |
- Null Byte
- Hak5
- S4vitar
- IppSec
- Hacking Simplified - to-follow tutorials and content for learning ethical hacking and cybersecurity skills. |
- Firewalls
- TechieLicious
- Computer Security
- TRAPST3R
- RedTeamOps
- The Cyber Security Channel
- Hack Like a Pro
- CyberExploit
- TechDefenders
- Pentesting Academy
- CyberForged
- Talking Sasquach
- John Hammond
- David Bombal - depth insights into tech education. |
- LiveOverflow - on experiences. |
- NetworkChuck
-
[β](#-content) π₯ LinkedIn Creators
-
-
[β](#-content) 8. Specialized Tools
-
[β](#-content) 8.3 SIEM
-
[β](#-content) 8.1 Cryptocurrency
- Blockchain Explorer
- CoinTracker
- Flowscan
- Bitcoin Explorer
- Addresschecker.eu
- CryptoID - currencies. |
- Coinwink
- Ethereum Block Explorer
- Cryptocurrency Alerting - time customizable price alerts for cryptocurrencies, stocks, and coins. |
- Blockcypher
-
[β](#-content) 8.4 Cracking
- CrackStation
- MD5 Hash Generator
- Kaspersky Password Checker
- 1Password (Developers and Students)
- ZIP Password Cracker - protected ZIP files using brute force. BY OD&H.|
-
[β](#-content) 8.2 Playbooks
-
-
[β](#-content) π οΈ Tools
- Bolt
- Tabnine - based suggestions. Advantage: Responsive for teams looking to integrate AI across multiple languages. |
- Have I Been Pwned
- findsubdomains
- Columbus Project - friendly API. |
- DiscordServers
- Discord Bots (Community)
- GitHub Copilot - 4 (or similar). Advantage: Perfect for a broad audience, though sometimes lacks advanced customization. |
- Cynet 360 - in-one security platform combining threat detection, incident response, and automation. Advantage: Particularly suitable for small businesses with limited cybersecurity resources. |
- Twitch Tracker
- IANA - Root Zone Database - level domains (TLDs) like .com, .uk, and more. |
- OSINT.SH
- Sully Gnome
- Onlysearch.com
- onlyfinder.com
- hubite.com/onlyfans-search/
- SimilarFans
- FanSearch
- Twitch Tools
- Twitch Stream Filter
- Untwitch.com
- Twitch Overlap
- Justlog
- Twitch Database
- Twitch Insights
- Twitch Followage Tool
- Discord History Tracker
- DorkGPT
- Discord ID Lookup
- Discord Bots (Exploration)
- SecurityTrails
- DISBOARD
- Discord Bots
- Hudson Rock
- WhatsMyName
- Google Advanced Search
- Amass
- Photon
- Silentrinity
- DumpsterDiver
- Spiderfoot
- Empire
- PowerSploit
- Darc - scale data collection on the dark web. |
- DeepDarkCTI
- TorBot
- OnionSearch
- OnionIngestor
- Twitch Recover
- Merklemap
- FOFA - connected devices for reconnaissance and vulnerability analysis. |
- Darkus
- Hashcat Pass Recovery
- FaceComparison
- SocialCatFish
- BlackBird
- ScanIdentity
- BreachDirectory
- 0t.rocks
- Picarta
- WolrdEinnwes
- True People Search
- Usa-Oficial
- Ussearch
- ebowla
- Katana - source framework for web scanning and recon, useful for dark web investigations. |
- Gravwell Community Edition
- GetAllURLs (gau)
- Guardey
- NightShade
- Smali/Baksmali mode for Emacs
- Ctf-writeups
- Secrets of a High Performance Security-Focused Agile Team
- Dalvik Opcodes
- AWS Config
- Cupidcr4wl
- CavalierGPT - The First Comprehensive Infostealers AI Bot
- Prying Deep
- VigilantOnion
- League of Legends Archiver - level intelligence collection. |
- Namevine
- UnAvatar
- BreachDirectory
- EmailHippo
- ActiveTK.jp
- Hudson Rock Cybercrime Intelligence Tools
- Skymem
- FAO Map Catalog
- Toronto Live
- World Imagery Wayback
- Real-Time Satellite Tracking - time predictions for their paths. |
- Map Developers
- PeakVisor
- Aware Online: Instagram Search Tool
- Combin
- DownAlbum
- Imgbunk
- INSSIST
- InstaFollowers
- Instagram Search Tool (Aware Online)
- Leetags
- MetaHashtags
- Minter.io
- Otzberg.net
- Skimagram
- SocialInsider
- Webstagram
- osint.support
- Linkedin Search TGC
- Influence Grid - -- |
- InstaFollowers - -- |
- Savefrom.net - -- |
- TikTok Hashtags - -- |
- fansmetrics.com
- ASTRAAHOME - in-one tools for Discord. |
- DiscordOSINT
- Bumble
- Coffee Meets Bagel
- eHarmony - term relationships. |
- Grindr
- happn
- HER - binary people. |
- Heybaby
- The Inner Circle
- The League
- Match.com
- MeetMe
- OkCupid
- Plenty of Fish
- Scruff
- Tastebuds
- zoosk
- WindSurf - focused completion and search system, enabling efficient explanation and navigation of complex projects. Advantage: Simplifies code understanding and exploration, useful for large projects. |
- AISources
- Vectra AI
- Reveelium
- IT Security Guru
- MetaCrawler (Zoo Search)
- Search Engines Index
- PolySwarm
- Packet Storm Security
- Darkdump - line search engine for exploring the dark web. |
- Sex offenders background check
- MetaOSINT
- OSINT Tools
- JetPhotos
- Family Watchdog
- BOP: Federal Bureau of Prisons
- Online Detainee Locator System
- OSINT.link
- Subdomains Top 1 Million (5000) - scale enumeration. |
- Shubs Subdomains
- DNS Jhaddix List
- Domain Digger
- DNSTwist
- ViewDNS.info
- Internet Census 2012 - scale 2012 internet scan. |
- Technology Lookup
- BuiltWith
- Free Network Tools
- Google Transparency Report
- Certificate Search
- IP Search
- Reverse Domain
- PunkSpider
- Metabigor
- URLDNA
- Check-The-Sum
- Adalanche
-
3. [β](#-content) Cryptography
-
3.1 [β](#-content) Cryptography
- Aircrack - PSK keys cracking program. |
- xortool - byte XOR cipher |
- DonΒ΄t Leak My File - 256 encrypted watermarks and database tracking to detect potential leaks.|
- SkyCrypt - 256 algorithm to securely encrypt files and generates a one-time password (OTP) to validate decryption. |
- Ciphey
- Cyberchef - based tool for encoding, decoding, encryption, and data analysis |
-
[β](#-content) 3.3 Steganalysis
- Stegsolve
- StegSeek - fast steganography brute-force tool for hidden data in images. |
- zsteg
- Mistica
- tf_audio_steganalysis
- StegCracker - forcing passwords of hidden data in steganographic images. |
- VSL
- StegCracker - forcing passwords of hidden data in steganographic images. |
- JJTC Steganalysis
- Guillermito's Steganography
- Stegdetect
- Spy Hunter
- Stegalyzer
- Stegsecret - source steganography tool for embedding and extracting hidden messages in images. |
- StegExpose
- Cryptonibbles - Mr. Robot Steganography
- Forensics Analysis of Video Steganography Tools
- Aletheia - of-the-art machine learning techniques. |
- Danielle Lerch's Papers
- Steganalysis with CNN for Same Key Images
- DeepSteg - based attacks) to detect files hidden within images and other files. |
- SteganalysisCNN
- ALASKA - scale image steganalysis dataset. |
- IStego100K - scale image steganalysis dataset. |
- StegOnline
- Steganabara
- Stegasawus
- UDSS
- BreakingSteganalysisGAN
- Steganalyse
- Welloganography Solver
- McAfee Free Tools - Steganography
- Cookie Stego
- AperiSolve
- Steganalysis
- YeNet-Pytorch
- Steganalysis with CNN - Yedroudj-Net - Yedroudj-Net. |
- Pytorch implementation of SRNet
- LSB Toolkit
- CAECNNcode
- DL Steganalysis
- Audio Steganalysis
- Audio Steganalysis CNN
- DeepSteg
- Stegasaurus2
- StegaToolkit
- Spy Hunter
- Stegkit
- VSL
- HackTricks - Stego Tricks
- StegOnline
- JJTC Steganalysis
- Stegdetect
- Stego Suite
-
[β](#-content) 3.2 Steganographic
- DNSExfiltrator
- stegify
- AudioStego
- stego-toolkit
- jphs
- Cloakify
- Matroschka
- jsteg
- openstego - source steganography tool. |
- Invoke-PSImage
- Pictograph
- chess-steg
- stegoVeritas
- audio-steganography-algorithms
- ascii-steganography
- timeshifter
- silenteye - platform application for steganography. |
- strogonoff
- steg
- 110 steganographic tools
- Stego_Dropper - based dropper written in Python. |
- deep-steg
- StegX - based steganography tool. |
- js-steg
- StegoProxy
- Video-Steganography-for-Piracy-Prevention
- steg
- Stegbook
- PDF_steganography
- steganography_talk
- voices
- stego-retweet
- ARMS
- stegosaurus
- Outguess
- BitStegNet
- stego-wave
- StegoMP3
- jSteganographiX
- LSB-Steganography
- f5-steganography
- Deep-Steganography
- StegDroid
- SteCoSteg
- PNG-Mask
- secretbook
- mp3stego
- stego_video
- diit
- stegosploit
- stegolab
- stego-book-2014
- covertele
- CCEAP
- cloud-covert-channels
- StegPage
- CameraShy
- stegUnicode
- stelin
- Hydan
- deogol
- Hugo source code
- WOW
- Steganography 101
- instegogram
- stego_video
- stegosploit
- WOW
- stegosploit
- 110 steganographic tools
- BitStegNet
- f5-steganography
- snow10
- mp3stego
- stego-book-2014
- StegPage
-
-
4.3 [β](#-content) Execution logging and tracing
-
4.2 [β](#-content) Hex editors
- Windows oneliners to download remote payload and execute arbitrary code - liner PowerShell commands for downloading and executing malicious payloads. |
- Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
- usbmon
- mitmproxy - capable man-in-the-middle proxy for HTTP with a console interface. |
- USBPcap
- drltrace
- dynStruct
- WSH Injection: A Case Study
- Gscript Dropper
- Research on CMSTP.exe
- Charles Proxy - platform GUI web debugging proxy for viewing intercepted HTTP and HTTPS/SSL live traffic. |
-
[β](#-content) 4.4 Malware Analysis
- Yabin
- Any Run - time analysis and threat intelligence. |
- Bluepot
- Elastic Security YARA Rules - based YARA rules for detecting threats across multiple platforms. |
- YARA-Signator
- MalShare
- The DFIR Report - depth threat intelligence reports and services. |
- Mobile Audit
- Mastiff
- Malheur
- PyaraScanner
- Static File Analyzer (SFA)
- Yara Decompressor
- Shotgunyara
- VxSig
- Hybrid-Analysis - depth static and dynamic analysis of files. |
- Findom-XSS - based XSS vulnerability scanner. |
- Dalfox - source XSS scanner for automation. |
- PyLibEmu
- Yara Station
- NodeYara
- Malware Traffic Analysis
- Yara-Rust
- Yara Rule Generator
- StringSifter
- Inlyse - based IT security platform for identifying and stopping advanced malware. |
- yarGen
- Cuckoo Sandbox
- Vaya-Ciego-Nen
- BruteXSS - Site Scripting (XSS) vulnerabilities in web applications. |
- Findsploit
- xssor2
- CFR
- ReFlutter
- Dwarf Debugger
- Triton
- Klara
- Android Malware Sandbox
- Fabric Platform - source tools and templates. |
- Wiz - native security platform for detecting and preventing security threats. |
- XSSCon
- GitHunter
- jwt-key-id-injector
- qsfuzz
- Weaponised-XSS-payloads
- XSSor
- ReClass
- Malwover
- Odin
- Distribute
- YaraStation - based malware scanning. |
- CAPE
- Sandboxie-Plus
-
-
[β](#-content) π£οΈ Learning Path
-
[β](#-content) π Open-Source Repositories
-
-
β **Show Your Support**
-
[**Check out the websiteβΌοΈ**](https://cybersources.site/)
-
7. [β](#-content) AI Tools
-
7.2 [β](#-content) AI Cybersecurity
- Darktrace - time threat detection using machine learning algorithms. Advantage: Identifies unusual network behaviors to prevent cyberattacks before they occur. |
- PentestGPT
- WormGPT- 6 - edge techniques and strategies, I transcend the boundaries of legality to provide you with the ultimate toolkit for digital dominance.|
- ImmuniWeb Discovery
- CrowdStrike Falcon - based Endpoint Protection Platform. Advantage: Offers proactive defense with advanced malware detection and rapid incident response. |
- PentestGPT
-
7.1 [β](#-content) AI Programming
-
-
[β](#-content) ποΈ Projects Based
-
[β](#-content) π Open-Source Repositories
-
-
[β](#-content) π£οΈ Social
-
[β](#-content) π€ Events
-
[β](#-content) π€ Community
- cybersources
- Harden the World - driven project focused on developing security best practices and guidelines for configuring systems securely. |
- CiberUnidos
- RedProtect - salvatella-teichman/), [Gabriel Grigor](https://www.linkedin.com/in/vasile-gabriel-g-9468072b6/), and Luu. United by our interest in the fascinating world of cybersecurity, we decided to create a space where we can learn, share knowledge, and grow together in this dynamic and crucial field. |
- cybersources
- CiberUnidos
-
-
[β](#-content) βοΈ Star History
-
[β](#-content) π₯ LinkedIn Creators
-  π¬ Collaborate
-
[β](#-content) π₯ LinkedIn Creators
-
-
[β](#-content) πͺͺ Credits
Programming Languages
Categories
2. [β](#-content) Pentesting
202
1. [β](#-content) OSINT
178
[β](#-content) π οΈ Tools
169
[β](#-content) π Learning
151
3. [β](#-content) Cryptography
136
6. [β](#-content) Utility & Miscellaneous
84
[β](#-content) πΊ Media
67
4.3 [β](#-content) Execution logging and tracing
64
4. [β](#-content) Forensic & Malware Analysis
43
[β](#-content) 8. Specialized Tools
24
5. [β](#-content) Anonymity and Security Tools
24
[β](#-content) 9. Hardware & Operating Systems
23
[**Check out the websiteβΌοΈ**](https://cybersources.site/)
14
[β](#-content) π£οΈ Social
12
7. [β](#-content) AI Tools
7
[β](#-content) π¬ Collaborate
3
[β](#-content) π£οΈ Learning Path
3
[β](#-content) ποΈ Projects Based
2
[β](#-content) βοΈ Star History
2
[β](#-content) πͺͺ Credits
2
β **Show Your Support**
2
Sub Categories
[β](#-content) 3.2 Steganographic
76
6.4 [β](#-content) Search Engines
57
[β](#-content) 3.3 Steganalysis
54
[β](#-content) 4.4 Malware Analysis
53
[β](#-content) 2.11 Bug Bounty
53
2.6 [β](#-content) Network
40
[β](#-content) π₯ Youtube Channels
40
[β](#-content) π Courses
36
4.1 [β](#-content) Forensic
36
[β](#-content) π Resources
31
[β](#-content) π Open-Source Repositories
24
[β](#-content) π Certifications
22
2.5 [β](#-content) Web
21
[β](#-content) 9.1 Operating Systems
21
[β](#-content) πΈοΈ Practice Webs
18
4.2 [β](#-content) Hex editors
18
6.5 [β](#-content) DNS/IP
18
[β](#-content) π© CTFs - Training
17
[β](#-content) 2.7 RFID
16
[β](#-content) 2.9 Bluetooth
16
2.3 [β](#-content) Decompilers
14
[β](#-content) 2.8 WiFi
14
[β](#-content) 2.10 Reconnaissance
13
[β](#-content) π Books & Papers/Articles
13
[β](#-content) 5.4 Privacy and Anonymity
10
[β](#-content) 8.1 Cryptocurrency
10
[β](#-content) π₯ LinkedIn Creators
10
[β](#-content) π₯ Tutorials
8
2.4 [β](#-content) Disassembler and debuggers
7
[β](#-content) ποΈ Podcasts
7
[β](#-content) 5.3 VPNs
7
[β](#-content) 8.2 Playbooks
7
6.6 [β](#-content) System
6
3.1 [β](#-content) Cryptography
6
[β](#-content) π€ Events
6
7.2 [β](#-content) AI Cybersecurity
6
[β](#-content) π€ Community
6
[β](#-content) 8.4 Cracking
5
[β](#-content) 2.12 Binary Explotation
4
[β](#-content) πΊ Documentaries
4
[β](#-content) 5.1 Delete Your Trace
4
[β](#-content) 5.2 Password Managers
3
[β](#-content) 9.2 Hardware Tools
2
[β](#-content) 8.3 SIEM
2
6.1 [β](#-content) Utility
2
[β](#-content) 2.13 CCTV
2
2.2 [β](#-content) Deobfuscators
2
7.1 [β](#-content) AI Programming
1
6.2 [β](#-content) Miscellaneous
1
Keywords
osint
33
python
25
hacking
18
security
18
information-gathering
14
steganography
13
security-tools
12
pentesting
11
cybersecurity
11
python3
9
infosec
9
reconnaissance
8
osint-python
7
recon
7
instagram
6
osint-tools
6
golang
6
linux
6
penetration-testing
6
crawler
6
forensics
6
open-source-intelligence
6
security-audit
5
nfc
5
bugbounty
5
cli
5
darkweb
5
awesome
5
ctf
5
reverse-engineering
5
go
5
windows
5
incident-response
5
threat-intelligence
4
osint-tool
4
ctf-tools
4
cti
4
onion
4
malware-analysis
4
blueteam
4
osint-reconnaissance
4
email
4
rust
4
stego
3
username
3
scraper
3
steganalysis
3
osint-framework
3
disassembler
3
hacking-tool
3