Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/egrieco/awesome-security-awesome

A collection of awesome-* repos (curated resources) related to cybersecurity.
https://github.com/egrieco/awesome-security-awesome

List: awesome-security-awesome

Last synced: about 1 month ago
JSON representation

A collection of awesome-* repos (curated resources) related to cybersecurity.

Awesome Lists containing this project

README 

        
# Awesome Security Awesome



A collection of `awesome-*` repos (curated resources) related to cybersecurity.



For more awesome repos that are not yet included in this repo, there’s the primary [awesome repo](https://github.com/sindresorhus/awesome#contents) and a whole [awesome category](https://github.com/topics/awesome) on GitHub with repos covering many, many subject areas.



## Canonical Sources



* [Keybase](keybase://team/securityidentity/awesome-security-awesome)

* [GitLab](https://gitlab.com/egrieco/awesome-security-awesome)

* [GitHub](https://github.com/egrieco/awesome-security-awesome)



## Disclaimer



This repo is intended for security professionals that are able to adequately assess their personal and corporate threat models. The links provided below have not been deeply evaluated and there is **no guarantee whatsoever about their content and risks associated with visiting these links** or running programs found in the below repos.



Some repos may contain malware samples and programs like [OONI Probe](https://ooni.org/install/) that may expose you to [risks](https://ooni.org/about/risks/) such as legal penalties and sanctions depending on your jurisdiction.



Further, due to the adversarial nature of cybersecurity and hacking, it's best to browse these links with a browser that has JavaScript disabled, blocks known malicious hosts, and has had other security hardening and mitigations applied. Suggestions follow.



**Proceed Carefully! Some repos may contain harmful content!**



### Firefox Hardening



Firefox can be dramatically hardened by enabling and disabling specific features. Some good examples of which features should be modified and how, consult the below repositories:



* [arkenfox/user.js](https://github.com/arkenfox/user.js): Firefox privacy, security and anti-fingerprinting: a comprehensive user.js template for configuration and hardening

* [pyllyukko/user.js](https://github.com/pyllyukko/user.js): user.js -- Firefox configuration hardening

* [firefox-legacy-user-profile-customizations](https://github.com/poghahm/firefox-legacy-user-profile-customizations): Scripts to configure Firefox profiles



### Ad Blockers



Internet ads have become a popular threat vector. JavaScript also represents a broad attack surface. Disabling these dangerous features is always recommended, but even more so when conducting security research.



* [uBlock](https://[email protected]/gorhill/uBlock): uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.

* [scriptsafe](https://github.com/andryou/scriptsafe): a browser extension to bring security and privacy to chrome, firefox, and opera

* [noscript](https://github.com/hackademix/noscript): The popular NoScript Security Suite browser extension.

* [behave](https://github.com/mindedsecurity/behave): Behave! A monitoring browser extension for pages acting as "bad boi"

* [ClearURLs](https://gitlab.com/KevinRoebert/ClearUrls): an add-on that will automatically remove tracking elements from URLs to help protect your privacy when browse the Internet.



### Secure OSes



Ideally, in depth security research should be conducted from a dedicated machine running a secure OS such as:



* [OpenBSD](https://www.openbsd.org/)

* [Qubes OS](https://www.qubes-os.org/)

* [Tails](https://tails.boum.org/)



Not that while [Kali Linux](https://www.kali.org/), is designed for "Penetration Testing and Ethical Hacking" it is poorly hardened against attacks itself. **DO NOT USE Kali as a daily OS**.



## General



General tools and starting points.



1. [the-book-of-secret-knowledge](https://github.com/trimstray/the-book-of-secret-knowledge): A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

2. [awesome-cybersecurity-blueteam](https://github.com/fabacab/awesome-cybersecurity-blueteam): A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.



## Forensics, Reversing, and OSINT



1. [awesome-forensics](https://github.com/Cugu/awesome-forensics)

2. [awesome-reversing](https://github.com/tylerha97/awesome-reversing)

3. [awesome-osint](https://github.com/jivoi/awesome-osint)

4. [awesome-ml-for-cybersecurity](https://github.com/jivoi/awesome-ml-for-cybersecurity)

5. [awesome-yara](https://github.com/InQuest/awesome-yara)

6. [awesome-honeypots](https://github.com/paralax/awesome-honeypots)

7. [awesome-cybersecurity-blueteam](https://github.com/meitar/awesome-cybersecurity-blueteam)

8. [awesome-pcaptools](https://github.com/caesar0301/awesome-pcaptools)

9. [awesome-iocs](https://github.com/sroberts/awesome-iocs)



## Industrial Security



1. [awesome-industrial-control-system-security](https://github.com/hslatman/awesome-industrial-control-system-security)

2. [ICS-Security-Tools](https://github.com/ITI/ICS-Security-Tools)



## Hacking and Pentesting



1. [Awesome-Hacking-Resources](https://github.com/vitalysim/Awesome-Hacking-Resources)

2. [Awesome-Hacking](https://github.com/Hack-with-Github/Awesome-Hacking)

3. [awesome-pentest-cheat-sheets](https://github.com/coreb1t/awesome-pentest-cheat-sheets)

4. [awesome-malware-analysis](https://github.com/rshipp/awesome-malware-analysis)

5. [awesome-hacking](https://github.com/carpedm20/awesome-hacking)

6. [awesome-pentest](https://github.com/enaqx/awesome-pentest)

7. [awesome-cve-poc](https://github.com/qazbnm456/awesome-cve-poc)



## Personal Security and Checklists



1. [macOS-Security-and-Privacy-Guide](https://github.com/drduh/macOS-Security-and-Privacy-Guide)

2. [osx-security-awesome](https://github.com/kai5263499/osx-security-awesome)

3. [security-checklist](https://github.com/brianlovin/security-checklist)

4. [personal-security-checklist](https://github.com/Lissy93/personal-security-checklist)

5. [osx-and-ios-security-awesome](https://github.com/ashishb/osx-and-ios-security-awesome)

6. [Awesome-Application-Security-Checklist](https://github.com/MahdiMashrur/Awesome-Application-Security-Checklist)



## Education Best Practices



1. [Free-Security-eBooks](https://github.com/Hack-with-Github/Free-Security-eBooks)

2. [awesome-linux-android-hacking](https://github.com/pfalcon/awesome-linux-android-hacking)

3. [awesome-serverless-security](https://github.com/puresec/awesome-serverless-security)

4. [awesome-container-security](https://github.com/kai5263499/awesome-container-security)

5. [awesome-cloud-security](https://github.com/Funkmyster/awesome-cloud-security)

6. [awesome-security-audits](https://github.com/pomerium/awesome-security-audits)

7. [awesome-sdn-security](https://github.com/lopezalvar/awesome-sdn-security)

8. [awesome-rails-security](https://github.com/0xedward/awesome-rails-security)

9. [awesome-frontend-security](https://github.com/rustcohlnikov/awesome-frontend-security)

10. [awesome-bluetooth-security](https://github.com/engn33r/awesome-bluetooth-security)

11. [awesome-aws-security](https://github.com/coffeewithayman/awesome-aws-security)

12. [awesome-security](https://github.com/sbilly/awesome-security)

13. [awesome-web-security](https://github.com/qazbnm456/awesome-web-security)

14. [awesome-security-trivia](https://github.com/qazbnm456/awesome-security-trivia)