└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # Security list for fun and profit 2 | 3 | Inspired by http://www.nothink.org/utilities.php 4 | 5 | ## Table of Contents 6 | 7 | * [Awesome lists](#awesome-lists-1) 8 | * [Books](#books-books) 9 | * [Bug bounty](#bug-bounty-chocolate_bar) 10 | * [Cheat sheets](#cheat-sheets-1) 11 | * [CTF](#ctf-triangular_flag_on_post) 12 | * [Decoder/Converter/Beautifier](#decoderconverterbeautifier-hurtrealbad) 13 | * [Domain name Research / Analysis / Reputation](#domain-name-research--analysis--reputation-chart_with_downwards_trend) 14 | * [Exploits and vulnerabilities](#exploits-and-vulnerabilities-door) 15 | * [Forensic](#forensic-mag) 16 | * [Free shell](#free-shell-shell) 17 | * [Fun](#fun-trollface) 18 | * [Generic utilities](#generic-utilities-file_folder) 19 | * [GNU/Linux](#gnulinux) 20 | * [Honeypots](#honeypots-honey_pot) 21 | * [IP Research / Analysis / Investigation](#ip-research--analysis--investigation) 22 | * [Leak / Defaced](#leak--defaced-ambulance) 23 | * [Learning / Exercises](#learning--exercises-mortar_board) 24 | * [Lock picking](#lock-picking-closed_lock_with_key) 25 | * [Mail utilities](#mail-utilities-mailbox_with_mail) 26 | * [Malicious traffic detection](#malicious-traffic-detection-vertical_traffic_light) 27 | * [Malware / Botnet sources](#malware--botnet-sources-angel) 28 | * [Malware analysis - Sandbox](#malware-analysis---sandbox-mask) 29 | * [Malware analysis - Sandbox - Online](#malware-analysis---sandbox---online-mask) 30 | * [Mobile](#mobile-iphone) 31 | * [Network](#network) 32 | * [OSINT](#osint) 33 | * [OS X](#os-x) 34 | * [Passwords](#passwords-key) 35 | * [Penetration testing](#penetration-testing-wrench) 36 | * [Port scanners / Wide scans](#port-scanners-dart--wide-scans-statue_of_liberty) 37 | * [Search engines](#search-engines-satellite) 38 | * [Security challenges / WarGames](#security-challenges--wargames-triangular_flag_on_post) 39 | * [Skimmer](#skimmer-black_joker) 40 | * [SSH](#ssh) 41 | * [SSL](#ssl) 42 | * [TOR](#tor) 43 | * [VOIP](#voip-phone) 44 | * [VPN](#vpn) 45 | * [Vulnerable environments](#vulnerable-environments-unlock) 46 | * [Web browser](#web-browser) 47 | * [Windows](#windows) 48 | * [Wireless / Radio](#wireless--radio-signal_strength) 49 | 50 | ---- 51 | 52 | ## Awesome lists :+1: 53 | Name | URL 54 | ------------------------------------ | --------------------------------------------- 55 | Android | https://github.com/ashishb/android-security-awesome 56 | Curated list of awesome lists | https://github.com/sindresorhus/awesome :star: 57 | Fuzzing | https://github.com/secfigo/Awesome-Fuzzing 58 | Hacking list | https://github.com/Hack-with-Github/Awesome-Hacking :star::star::star: 59 | Honeypots | https://github.com/paralax/awesome-honeypots :star: 60 | Incident response | https://github.com/meirwah/awesome-incident-response/ :star::star: 61 | Indicators of compromise | https://github.com/sroberts/awesome-iocs 62 | Info sec | https://github.com/rmusser01/Infosec_Reference 63 | Malware analysis | https://github.com/rshipp/awesome-malware-analysis/ :star::star::star: 64 | Personal Security | https://github.com/Lissy93/personal-security-checklist 65 | Red team | https://github.com/yeyintminthuhtut/Awesome-Red-Teaming 66 | Reversing | https://github.com/fdivrp/awesome-reversing 67 | Security | https://github.com/sbilly/awesome-security 68 | Threat intelligence | https://github.com/hslatman/awesome-threat-intelligence 69 | Web | https://github.com/qazbnm456/awesome-web-security/ https://github.com/infoslack/awesome-web-hacking 70 | 71 | 72 | ## Books :books: 73 | Name |URL 74 | ------------------------------------ | --------------------------------------------- 75 | Free programming books | https://github.com/EbookFoundation/free-programming-books 76 | Recommended Reading | http://dfir.org/?q=node/8 77 | 78 | 79 | ## Bug bounty :chocolate_bar: 80 | Name |URL 81 | ------------------------------------ | --------------------------------------------- 82 | Bounty factory | https://bountyfactory.io 83 | Bugcrowd | https://bugcrowd.com/programs 84 | Google | https://www.google.com/about/appsecurity/reward-program/ 85 | HackerOne | https://hackerone.com :star: 86 | List of bug bounty | https://www.bugcrowd.com/bug-bounty-list/ 87 | Microsoft | https://technet.microsoft.com/en-us/security/dn425036 88 | Open bug bounty | https://www.openbugbounty.org/ 89 | Programs and write-ups | https://github.com/djadmin/awesome-bug-bounty 90 | Write-ups | https://github.com/ngalongc/bug-bounty-reference 91 | Zerodium | https://www.zerodium.com/ :moneybag::trollface: 92 | 93 | 94 | ## Cheat sheets :+1: 95 | Name | URL 96 | ------------------------------------ | --------------------------------------------- 97 | General cheat sheets | http://www.cheat-sheets.org/ :star: 98 | Owasp series | https://github.com/OWASP/CheatSheetSeries :star::star: 99 | Packet life | http://packetlife.net/library/cheat-sheets/ 100 | Penetration test | https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ 101 | Pentest monkey | http://pentestmonkey.net 102 | SANS Forensic | https://digital-forensics.sans.org/community/cheat-sheets 103 | Security Onion | https://github.com/Security-Onion-Solutions/security-onion/wiki/Cheat-Sheet 104 | Zeltser's cheat sheets list | https://zeltser.com/cheat-sheets/ 105 | 106 | 107 | ## CTF :triangular_flag_on_post: 108 | Name | URL 109 | ------------------------------------ | --------------------------------------------- 110 | Awesome CTF | https://github.com/apsdehal/awesome-ctf :star::star: 111 | CTFd platform | https://github.com/CTFd/CTFd :star: 112 | CTF PAD | https://github.com/StratumAuhuur/CTFPad 113 | CTF TIME | https://ctftime.org/ 114 | Mellivora platform | https://github.com/Nakiami/mellivora :star: 115 | Platform list | https://github.com/We5ter/Awesome-Platforms/blob/master/CTF-Platforms.md 116 | Reddit | https://www.reddit.com/r/securityctf 117 | Tools list | https://github.com/Laxa/HackingTools 118 | Tools list | https://github.com/zardus/ctf-tools 119 | Write-ups | https://github.com/ctfs 120 | 121 | 122 | ## Decoder/Converter/Beautifier :hurtrealbad: 123 | Name | URL 124 | ------------------------------------ | --------------------------------------------- 125 | Code beautifier | http://codebeautify.org/ 126 | Converter | https://github.com/koczkatamas/koczkatamas.github.io 127 | Cyber Chef | https://gchq.github.io/CyberChef/ :fork_and_knife::star::star::star: 128 | JSUnpack | https://github.com/urule99/jsunpack-n 129 | JSBeautifier | http://jsbeautifier.org/ :star: 130 | Jjencode | http://utf-8.jp/public/jjencode.html 131 | JS deobfuscate | https://github.com/sevzero/honeybadger 132 | VB code beautifier | http://www.vbindent.com/ 133 | 134 | 135 | ## Domain name Research / Analysis / Reputation :chart_with_downwards_trend: 136 | Name | URL 137 | ------------------------------------ | --------------------------------------------- 138 | Archive | https://archive.is/ 139 | Archive | https://web.archive.org/ :star: 140 | BGP Toolkit | http://bgp.he.net/ :star: 141 | Biggest DNS history | https://securitytrails.com/list/ip/$IP :star: 142 | Cache page | http://www.cachedpages.com/ 143 | Cache view | http://cachedview.com/ 144 | Checking multiple blocklists | http://rbls.org/ :star: 145 | DGA intro | https://en.wikipedia.org/wiki/Domain_generation_algorithm 146 | DNS Blacklists | https://raw.githubusercontent.com/zbetcheckin/DNSBLs/master/active_dnsbls.txt 147 | DNS dumpster | https://dnsdumpster.com/ 148 | DNS Propagation Checker | https://www.whatsmydns.net/ 149 | DNS stuff | http://www.dnsstuff.com/ 150 | Domain analysis list | https://github.com/rshipp/awesome-malware-analysis/#domain-analysis 151 | Domain hijacking intro | https://en.wikipedia.org/wiki/Domain_hijacking 152 | Expired domain | https://www.expireddomains.net/backorder-expired-domains/ 153 | Google | https://www.google.com/transparencyreport/safebrowsing/diagnostic/ 154 | Into dns | http://www.intodns.com/ 155 | Multi RBL | http://multirbl.valli.org/lookup/ :star: 156 | MXToolBox | https://mxtoolbox.com/SuperTool.aspx# 157 | Netcraft | http://www.netcraft.com/ 158 | Reverse Whois | https://reversewhois.domaintools.com/ 159 | Robtex | https://www.robtex.com/dns/ 160 | Sucuri | http://sitecheck.sucuri.net/scanner/ 161 | TCP utils | http://www.tcpiputils.com/ 162 | Threat log | http://www.threatlog.com/ 163 | Threat miner | https://www.threatminer.org/ 164 | Top-Level Domains list | https://data.iana.org/TLD/tlds-alpha-by-domain.txt :star: 165 | Trusted source | http://www.trustedsource.org/ 166 | URL Query | http://urlquery.net/ :star: 167 | URL scan | https://urlscan.io/ :star: 168 | URL shorter list | https://mirror1.malwaredomains.com/files/url_shorteners.txt 169 | URL Void | http://www.urlvoid.com/ 170 | Virus total | https://www.virustotal.com/#url 171 | Whois - ARIN | https://whois.arin.net/ 172 | Whois - LACNIC | http://lacnic.net/cgi-bin/lacnic/whois 173 | Whois - RIPE NCC | https://apps.db.ripe.net/search/query.html 174 | Whois - AFRINIC | http://www.afrinic.net/fr/services/whois-query 175 | Whois - APNIC | http://wq.apnic.net/apnic-bin/whois.pl 176 | Whois by registrant name | http://viewdns.info/reversewhois/ 177 | Zeltser's list | https://zeltser.com/lookup-malicious-websites/ 178 | 179 | 180 | ## Exploits and vulnerabilities :door: 181 | Name | URL 182 | ------------------------------------ | --------------------------------------------- 183 | CVEdetails | http://www.cvedetails.com/ :star: 184 | CVE.mitre | https://cve.mitre.org/ :star: 185 | Full disclosure | http://seclists.org/fulldisclosure/ 186 | See bug | https://www.seebug.org/ :star: 187 | CXSecurity | https://cxsecurity.com/ :star: 188 | Inj3ct0r | http://0day.today/ 189 | Packet Storm | https://packetstormsecurity.com/files/tags/exploit/ 190 | Exploit-db | http://www.exploit-db.com 191 | Vulnerability-lab | http://www.vulnerability-lab.com/ 192 | Vulndb | https://vuldb.com/?archive.2016 193 | Vulners | https://vulners.com/search?query=order:published 194 | Backdoor - TCP-32764 | https://github.com/elvanderb/TCP-32764 195 | Rapid7 DB | https://www.rapid7.com/db/modules/ 196 | NIST | http://web.nvd.nist.gov/ 197 | Security focus | http://www.securityfocus.com/vulnerabilities 198 | Country compatibility | https://cve.mitre.org/compatible/country.html 199 | Mailing list | https://nmap.org/mailman/listinfo/fulldisclosure 200 | Mail received | http://lists.openwall.net/full-disclosure/2016/ 201 | Mailing list | http://seclists.org/ 202 | Mailing list | https://lists.debian.org/debian-security-announce/ 203 | CVSS FIRST | https://www.first.org/cvss/calculator/3.0 204 | CVSS NIST | https://nvd.nist.gov/cvss/v3-calculator 205 | 206 | 207 | ## Forensic :mag: 208 | Name | URL 209 | ------------------------------------------- | --------------------------------------------- 210 | Aldeid list | https://www.aldeid.com/wiki/Category:Digital-Forensics 211 | Awesome forensic | https://github.com/Cugu/awesome-forensics 212 | CFReDS | http://www.cfreds.nist.gov/ :star: 213 | DFRWS challenge | http://www.dfrws.org/dfrws-forensic-challenge-2016 214 | File signatures | https://en.wikipedia.org/wiki/List_of_file_signatures 215 | File signatures | http://www.filesignatures.net/index.php?page=all 216 | File signatures | http://www.garykessler.net/library/file_sigs.html 217 | Forensic kb practical | http://www.forensickb.com/2008/01/forensic-practical.html 218 | Forensic tools | https://forensics.cert.org/ 219 | Forensic - Technical graph | http://www.amanhardikar.com/mindmaps/ForensicChallenges.html 220 | Learn with David Cowen | https://www.youtube.com/channel/UCZ7mQV3j4GNX-LU1IKPVQZg 221 | Package - DEFT | http://www.deftlinux.net/package-list/ 222 | Package - forensic-all | https://packages.debian.org/stretch/forensics-all :star::star: 223 | Testing Images | http://dftt.sourceforge.net/ 224 | Tools - DFIR | http://www.dfir.training/index.php/tools/ :star: 225 | Tools - Forensics wiki | http://forensicswiki.org/wiki/Tools 226 | Tools - NIST | https://toolcatalog.nist.gov/taxonomy/index.php 227 | Windows tools | https://ericzimmerman.github.io/ 228 | Windows tools list | http://forensic-proof.com/tools 229 | Windows Artifact | [https://blogs.sans.org/computer-forensics/](https://blogs.sans.org/computer-forensics/files/2012/06/SANS-Digital-Forensics-and-Incident-Response-Poster-2012.pdf) 230 | Write blocker | http://www.cftt.nist.gov/software_write_block.htm 231 | Write blocker | https://github.com/msuhanov/Linux-write-blocker 232 | Zythom list | https://zythom.blogspot.se/2007/02/les-outils-dun-expert-judiciaire.html :fr: 233 | 234 | 235 | ## Free shell :shell: 236 | Name | URL 237 | ------------------------------------ | --------------------------------------------- 238 | FreeShells list | http://www.freeshells.info/ 239 | Red-pill | http://shells.red-pill.eu/ 240 | 241 | 242 | ## Fun :trollface: 243 | Name | URL 244 | ------------------------------------ | --------------------------------------------- 245 | Akamai map | https://www.akamai.com/us/en/resources/visualizing-akamai/real-time-web-monitor.jsp :earth_americas: 246 | BGP stream | https://bgpstream.com/ :earth_americas: 247 | Bitdefender map | https://threatmap.bitdefender.com/ :earth_americas: 248 | Blueliv map | https://community.blueliv.com/map/ :earth_americas: 249 | Checkpoint map | https://threatmap.checkpoint.com/ :earth_americas: 250 | DDoS attacks | http://www.digitalattackmap.com/ :trollface: 251 | Dead drops | https://deaddrops.com/db/ :floppy_disk::skull: 252 | Dshield map | https://dshield.org/threatmap.html :earth_americas: 253 | Eset map | http://www.virusradar.com/ :earth_americas: 254 | Fire eye map | https://www.fireeye.com/cyber-map/threat-map.html :earth_americas: 255 | Flight radar | https://www.flightradar24.com :airplane: 256 | Fortinet map | https://threatmap.fortiguard.com/ :earth_americas: 257 | HE maps | https://he.net/3d-map/ :earth_americas: 258 | Kaspersky AV map | https://cybermap.kaspersky.com/ :earth_americas: 259 | Kaspersky map | https://apt.securelist.com/ :earth_americas: 260 | Mozilla location service map | https://location.services.mozilla.com/map :earth_americas: 261 | Open IP video cameras | http://www.insecam.org/ :video_camera::see_no_evil: 262 | Pwnie Awards | http://pwnies.com/nominations/ :horse: 263 | Sub marine cable | http://www.submarinecablemap.com/ :anchor: 264 | Sub marine cable | http://submarine-cable-map-2016.telegeography.com/ :anchor: 265 | Sub marine cable | http://lifewinning.com/submarine-cable-taps/ :anchor: 266 | Threat butt | https://threatbutt.com/map/ :earth_americas::clown_face: 267 | Tor flow map | https://torflow.uncharted.software :earth_americas: 268 | Trendmicro map | https://botnet-cd.trendmicro.com/ :earth_americas: 269 | World of VNC | https://worldofvnc.net/ :santa: 270 | 271 | 272 | ## Generic utilities :file_folder: 273 | Will be reorganized 274 | 275 | Name |URL 276 | ------------------------------------ | --------------------------------------------- 277 | Abuse Contact DB | https://www.abusix.com/contactdb :closed_book: 278 | CERT teams | https://www.first.org/about/organization/teams 279 | Citizen lab | https://citizenlab.org/ 280 | Code analysises | https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis 281 | Codepad | http://codepad.org/ 282 | Crypto currency | https://coinmarketcap.com 283 | Deepweb | https://www.reddit.com/r/deepweb/ 284 | Electronic Frontier Foundation | https://www.eff.org/ 285 | Face generator | https://www.thispersondoesnotexist.com/ 286 | Fake ID | http://www.fakenamegenerator.com/ 287 | Hackforum | http://hackforums.net/ :trollface: 288 | Hardened BSD | https://hardenedbsd.org/content/easy-feature-comparison 289 | Hashes example | https://hashcat.net/wiki/doku.php?id=example_hashes 290 | Mibbit | http://www.mibbit.com/ 291 | Microsoft threat | http://www.microsoft.com/security 292 | MIME types | https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Complete_list_of_MIME_types 293 | MIME types | https://slick.pl/kb/htaccess/complete-list-mime-types/ 294 | MIME types | https://www.iana.org/assignments/media-types/media-types.xhtml :star: 295 | Mindmaps | http://www.amanhardikar.com/mindmaps.html :star::star::star: 296 | Random data generator | http://www.mockaroo.com/ 297 | Sans | http://isc.sans.edu/diary/ :star::star: 298 | Security wiki | http://oss-security.openwall.org/wiki/ 299 | Understand your commands | https://explainshell.com/ :star: 300 | 301 | 302 | ## GNU/Linux 303 | Name | URL 304 | ------------------------------------ | --------------------------------------------- 305 | Chkrootkit | https://packages.debian.org/en/jessie/chkrootkit 306 | Command collection | https://github.com/tuwid/GNU-Linux-OpsWiki 307 | Debsecan | https://packages.debian.org/en/jessie/debsecan 308 | GNU/Linux containers | https://github.com/Friz-zy/awesome-linux-containers#security 309 | GNU/Linux executable walkthrough | https://i.imgur.com/q5nyHp7.png 310 | GNU/Linux post exploitation | https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List :star: 311 | GNU/Linux workstation | https://github.com/lfit/itpol/blob/master/linux-workstation-security.md :star::star: 312 | Kernel exploitation | https://github.com/xairy/linux-kernel-exploitation 313 | Lynis | https://packages.debian.org/en/jessie/lynis 314 | RE 101 | https://github.com/michalmalik/linux-re-101 315 | RKhunter | https://packages.debian.org/en/jessie/rkhunter :star: 316 | Securing debian | https://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html :star: 317 | Vulnerability scanner | https://github.com/future-architect/vuls 318 | 319 | 320 | ## Honeypots :honey_pot: 321 | Name | URL 322 | ------------------------------------ | --------------------------------------------- 323 | Awesome list - All of them ! | https://github.com/paralax/awesome-honeypots#honeypots :star::star: 324 | Honeynet | https://honeynet.org/project 325 | Live nothink | http://www.nothink.org/honeypots.php 326 | 327 | 328 | ## IP Research / Analysis / Investigation 329 | Name | URL 330 | ------------------------------------ | --------------------------------------------- 331 | Abuse IP DB | https://www.abuseipdb.com/ 332 | BGP Toolkit | http://bgp.he.net/ :star: 333 | Bing dork | ip:$IP 334 | Black List Alert | http://www.blacklistalert.org/ 335 | Black List Check | http://whatismyipaddress.com/blacklist-check/ 336 | Check host | http://check-host.net/ 337 | FireHOL IP list | https://github.com/firehol/blocklist-ipsets :star: 338 | Google dork | "$IP" 339 | Host file | https://hosts-file.net/ 340 | IP void | http://www.ipvoid.com/ 341 | Multi RBL | http://multirbl.valli.org/lookup/ :star: 342 | Nirsoft country IP | http://www.nirsoft.net/countryip/ 343 | Project Honeypot | https://www.projecthoneypot.org/search_ip.php 344 | RIPE stat | https://stat.ripe.net/ 345 | Spamhaus | https://www.spamhaus.org/lookup/ 346 | Virus total | https://www.virustotal.com/gui/search/$IP 347 | Whatch Guard | http://www.reputationauthority.org/ 348 | 349 | 350 | ## Leak / Defaced :ambulance: 351 | Name | URL 352 | ------------------------------------ | --------------------------------------------- 353 | Biggest db leaks | https://cdn.databases.today/ 354 | Breach alarm | https://breachalarm.com/ 355 | Darknet leaks | https://darknetleaks.ru/archive/leaked/dumps/ 356 | Hacked emails | https://hacked-emails.com/ 357 | Have I been pwned | https://haveibeenpwned.com/ 358 | Isithacked | http://www.isithacked.com 359 | Leakedin | http://www.leakedin.com/ 360 | Siph0n | https://twitter.com/datasiph0n 361 | Zone-H | https://zone-h.org/ 362 | 363 | 364 | ## Learning / Exercises :mortar_board: 365 | Name | URL 366 | ------------------------------------ | --------------------------------------------- 367 | Awesome training | http://opensecuritytraining.info/Training.html :star::star: 368 | Cybrary training | https://www.cybrary.it/ 369 | Essential basics | https://github.com/alex/what-happens-when :star::star: 370 | Exploits | https://thesprawl.org/research/ 371 | F-Secure training | https://moocfi.github.io/courses/2017/cybersecurity/ 372 | Malware Analysis course | https://github.com/RPISEC/Malware :star::star: 373 | Malware traffic training | http://www.malware-traffic-analysis.net/training-exercises.html :star: 374 | Practical analysis | https://practicalmalwareanalysis.com/labs/ 375 | Reverse - Malware | http://fumalwareanalysis.blogspot.se/p/malware-analysis-tutorials-reverse.html 376 | Security courses | https://bitvijays.github.io/ :star: 377 | Security training | https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/Courses_Training.md 378 | Security talks | https://github.com/PaulSec/awesome-sec-talks :star: 379 | 380 | 381 | ## Lock picking :closed_lock_with_key: 382 | Name | URL 383 | ------------------------------------ | --------------------------------------------- 384 | Awesome lockpicking | https://github.com/meitar/awesome-lockpicking 385 | Lock pick guide | http://lockpickguide.com :star: 386 | Bosnianbill video | https://www.youtube.com/user/bosnianbill/videos :star: 387 | Lock lab | https://lock-lab.com/ 388 | Lock wiki | http://www.lockwiki.com/ 389 | 390 | 391 | ## Mail utilities :mailbox_with_mail: 392 | Name | URL 393 | ------------------------------------ | --------------------------------------------- 394 | 10 Minute Mail | http://10minutemail.com 395 | DNSBL | https://en.wikipedia.org/wiki/DNSBL 396 | DKIM validator | http://dkimvalidator.com/ 397 | Email recon | https://github.com/laramies/theHarvester 398 | Get air mail | http://en.getairmail.com/ 399 | Google Phishing quiz | https://phishingquiz.withgoogle.com/ :star::e-mail::bar_chart: 400 | Gophish | https://github.com/gophish/gophish 401 | Mailinator | https://www.mailinator.com/ # https://gist.github.com/nocturnalgeek/1b8fa44283314544c487 402 | Mailnesia | http://mailnesia.com/ 403 | Mailcatch | http://mailcatch.com/ 404 | Mxtoolbox | http://www.mxtoolbox.com/ 405 | Open phish | https://openphish.com/ :star: 406 | Openresolver JP | http://www.openresolver.jp/en/ 407 | Phishing Framework | https://github.com/pentestgeek/phishing-frenzy 408 | Phish tank | http://www.phishtank.com/ :star: 409 | SimplyEmail | https://github.com/killswitch-GUI/SimplyEmail 410 | Spam DB | http://www.dnsbl.info/dnsbl-database-check.php 411 | Spam encode secret | http://spammimic.com/encode.cgi 412 | SpeedPhish Framework | https://github.com/tatanus/SPF 413 | Yop mail | http://www.yopmail.com/ 414 | 415 | 416 | ## Malicious traffic detection :vertical_traffic_light: 417 | Name | URL 418 | ------------------------------------------- | --------------------------------------------- 419 | 10 strategies cyber ops center | [pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf](https://www.mitre.org/sites/default/files/publications/pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf) 420 | Awesome threat detection | https://github.com/0x4D31/awesome-threat-detection 421 | Maltrail | https://github.com/stamparm/maltrail 422 | Packetbeat | https://www.elastic.co/products/beats/packetbeat 423 | p0f | http://lcamtuf.coredump.cx/p0f3/ 424 | Tsusen | https://github.com/stamparm/tsusen 425 | 426 | 427 | ## Malware / Botnet sources :angel: 428 | Name | URL 429 | ------------------------------------ | --------------------------------------------- 430 | 0btemoslab tracker | http://tracker.0btemoslab.com/ 431 | Abuse CH | https://www.abuse.ch/ 432 | Benkow.cc tracker | http://benkow.cc/ 433 | Botnet.fr | https://www.botnets.fr/wiki/Main_Page 434 | Clean MX | http://support.clean-mx.de/clean-mx/viruses.php 435 | Contagio | http://contagiodump.blogspot.se/ 436 | Custom Google search engine | https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu (from Corey Harrell) 437 | Cybercrime tracker | http://cybercrime-tracker.net/ 438 | Dont need coffee | http://malware.dontneedcoffee.com/ 439 | Exposed Botnets | http://www.exposedbotnets.com/ 440 | H3X tracker | http://tracker.h3x.eu/ 441 | Malc0de | http://malc0de.com/database/ 442 | No more ransom | https://www.nomoreransom.org/ 443 | Kernel mode | http://www.kernelmode.info 444 | Malware domain list | http://www.malwaredomainlist.com 445 | Malware domain blocklist | http://www.malwaredomains.com 446 | Malware museum | https://archive.org/details/malwaremuseum 447 | Malware src | https://malwares.github.io/ 448 | Malware.lu | https://malware.lu/ 449 | Mirai tracker | https://mirai.security.gives/ 450 | MISP | https://github.com/MISP/MISP 451 | Ransomware overview | https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# 452 | Ransomware simulator | https://shinolocker.com/ 453 | Ransomware tracker | https://ransomwaretracker.abuse.ch/tracker/ 454 | SafeGroup | http://www.malware.pl/ - https://www.scumware.org/ 455 | Structured Threat Information eXpression | https://stixproject.github.io/ 456 | The Zoo aka Malware DB | https://ytisf.github.io/theZoo/ 457 | Total hash | https://totalhash.cymru.com/ 458 | VirusBay | https://beta.virusbay.io/ 459 | VirusShare | https://virusshare.com/ 460 | VX Vault | http://vxvault.net/ 461 | Yararules | https://github.com/Yara-Rules/rules 462 | ZeuS Tracker | https://zeustracker.abuse.ch 463 | 464 | 465 | ## Malware analysis - Sandbox :mask: 466 | Name | URL 467 | ------------------------------------ | --------------------------------------------- 468 | Zeltser's list | https://zeltser.com/automated-malware-analysis/ 469 | Cuckoo Sandbox | https://www.cuckoosandbox.org/ 470 | Mastiff | https://github.com/KoreLogicSecurity/mastiff 471 | Fastir | https://github.com/SekoiaLab/Fastir_Collector 472 | SysAnalyser | https://github.com/dzzie/SysAnalyzer 473 | Viper | https://github.com/viper-framework/viper 474 | REMnux | http://zeltser.com/remnux/ 475 | Zeltser analysis | http://zeltser.com/reverse-malware/automated-malware-analysis.html 476 | Manalyze | https://github.com/JusticeRage/Manalyze 477 | Quarkslab IRMA | http://irma.quarkslab.com/ 478 | Dorothy2 | https://github.com/m4rco-/dorothy2 479 | F-Secure see | https://github.com/F-Secure/see 480 | Noriben | https://github.com/Rurik/Noriben 481 | Malheur | https://github.com/rieck/malheur 482 | Drakvuf | https://github.com/tklengyel/drakvuf 483 | Zero Wine Tryouts | http://zerowine-tryout.sourceforge.net/ 484 | RFI sandbox | https://monkey.org/~jose/software/rfi-sandbox/ 485 | Malwasm | https://github.com/malwarelu/malwasm 486 | 487 | 488 | ## Malware analysis - Sandbox - Online :mask: 489 | Name |URL 490 | ------------------------------------ | --------------------------------------------- 491 | Any.run | https://any.run/ 492 | AVcaesar | https://avcaesar.malware.lu/ 493 | Cape | https://cape.contextis.com/ 494 | Comodo | https://cit.valkyrie.comodo.com/ 495 | Hybrid analysis | https://www.hybrid-analysis.com/ 496 | ID Ransomware | https://id-ransomware.malwarehunterteam.com/ 497 | Jotti | http://virusscan.jotti.org/it 498 | Joe sandbox | https://www.joesandbox.com/ 499 | Malwareconfig | http://malwareconfig.com/ 500 | Malware tracker | http://www.cryptam.com/ 501 | Malwr - Cuckoo | https://malwr.com/ 502 | Other list | http://cleanbytes.net/malware-online-scanners 503 | PDF examiner | http://www.pdfexaminer.com/ 504 | PE dump | https://github.com/zed-0xff/pedump 505 | Randomly changes Win32/64 PE Files | https://github.com/secretsquirrel/recomposer 506 | ViCheck | https://www.vicheck.ca/ 507 | Virscan | http://www.virscan.org/ 508 | VirusTotal | http://www.virustotal.com/ 509 | Virus Total Notifier | https://github.com/mubix/vt-notify 510 | 511 | 512 | ## Mobile :iphone: 513 | Name |URL 514 | ------------------------------------ | --------------------------------------------- 515 | APK Analzyer | http://www.apk-analyzer.net/ 516 | Droid Sec wiki | http://www.droidsec.org/wiki/ 517 | Joebox Cloud | https://jbxcloud.joesecurity.org/login 518 | Mobile security wiki | https://mobilesecuritywiki.com/ :star: 519 | OWASP Goat Droid | https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project 520 | Sand droid | http://sanddroid.xjtu.edu.cn 521 | Wiki secmobi | https://github.com/secmobi/wiki.secmobi.com :trophy: 522 | 523 | 524 | ## Network 525 | Name | URL 526 | ------------------------------------ | --------------------------------------------- 527 | Awesome PCAP | https://github.com/caesar0301/awesome-pcaptools :star: 528 | BGPlay | https://stat.ripe.net/widget/bgplay :star: 529 | GNU/Linux monitoring | https://blog.serverdensity.com/80-linux-monitoring-tools-know/ 530 | MAC address block | http://standards-oui.ieee.org/oui/oui.txt 531 | MAC find | http://www.coffer.com/mac_find/ 532 | MAC find | http://hwaddress.com 533 | Packet total | http://www.packettotal.com/ 534 | Ping.eu | http://ping.eu/ 535 | Project honeypot | https://www.projecthoneypot.org/ 536 | Protocol Numbers | http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml 537 | Publicly PCAP files | http://www.netresec.com/?page=PcapFiles 538 | Service Port Number Registry | [https://www.iana.org/assignments/service-names-port-numbers/](https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml) :star::star: 539 | Service Port Number Registry | https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers 540 | Subnet calculator | http://www.subnet-calculator.com/cidr.php 541 | Subnet calculator | http://www.subnetonline.com/pages/subnet-calculators.php 542 | Security Onion tools | https://github.com/Security-Onion-Solutions/security-onion/wiki/Tools 543 | 544 | 545 | ## OSINT 546 | Name | URL 547 | ------------------------------------ | --------------------------------------------- 548 | Osint list | https://github.com/jivoi/awesome-osint :star: 549 | List of social network | https://en.wikipedia.org/wiki/List_of_social_networking_websites :star: 550 | Reddit | https://www.reddit.com/r/SocialEngineering/ 551 | Maltego | https://www.paterva.com/ 552 | Hunter | https://hunter.io/ 553 | Pipl | https://pipl.com/ 554 | Peek you | http://www.peekyou.com/ 555 | Lullar | http://com.lullar.com/ 556 | Lakako | http://www.lakako.com/ 557 | Yasni | http://www.yasni.com/ 558 | User search | https://usersearch.org/ 559 | Google | https://www.google.com/advanced_search 560 | Google dorks | `intext:lastName firstName` 561 | Google dorks | `insubject:lastName firstName` 562 | Google dorks | `intext:lastName firstName filetype:pdf || filetype:doc || filetype:xml || filetype:txt || filetype:xls || filetype:ppt || filetype:pps || filetype:docx || filetype:wps || filetype:rtf || filetype:csv || filetype:pptx || filetype:xlsx || filetype:xlr || filetype:sxw || filetype:ods || filetype:odt || filetype:psw` 563 | Google Scraper | https://github.com/NikolaiT/GoogleScraper 564 | Bing | https://www.bing.com/ 565 | Bing dorks | `lastName firstName (filetype:doc OR filetype:ppt OR filetype:pps OR filetype:xls OR filetype:docx OR filetype:pptx OR filetype:ppsx OR filetype:xlsx OR filetype:sxw OR filetype:sxc OR filetype:sxi OR filetype:odt OR filetype:ods OR filetype:odg OR filetype:odp OR filetype:pdf OR filetype:wpd OR filetype:svg OR filetype:svgz OR filetype:indd OR filetype:rdp OR filetype:ica)` 566 | Yahoo | https://search.yahoo.com/ 567 | Duck duck go | https://duckduckgo.com/ 568 | Yandex | https://www.yandex.com/ 569 | Exa lead | http://www.exalead.com 570 | Osint stalker | https://github.com/milo2012/osintstalker 571 | Speed phish framework | https://github.com/tatanus/SPF 572 | Browser exploitation framework | https://github.com/beefproject/beef 573 | The harvester | https://github.com/laramies/theHarvester 574 | Meta goofil | https://github.com/laramies/metagoofil 575 | 576 | 577 | ## OS X 578 | Name | URL 579 | ------------------------------------ | --------------------------------------------- 580 | Awesome OSX & IOS sec list | https://github.com/ashishb/osx-and-ios-security-awesome 581 | OSX auditor | https://github.com/jipegit/OSXAuditor 582 | OWASP iGoat Project | https://www.owasp.org/index.php/OWASP_iGoat_Project 583 | Security and privacy guide | https://github.com/drduh/OS-X-Security-and-Privacy-Guide 584 | stronghold - Easily configure MacOS security settings from the terminal. | https://github.com/alichtman/stronghold 585 | 586 | 587 | ## Passwords :key: 588 | Name | URL 589 | ------------------------------------ | --------------------------------------------- 590 | CrackStation | https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm 591 | Default password | https://default-password.info/ 592 | Default password | https://cirt.net/passwords 593 | Default password | http://www.defaultpassword.com/ 594 | Default password | http://www.defaultpassword.us/ 595 | Default cameras password | https://github.com/jeanphorn/wordlist/blob/master/README.md 596 | Default password thc-hydra | https://github.com/vanhauser-thc/thc-hydra/blob/master/dpl4hydra_full.csv 597 | Dafault router password | http://www.cleancss.com/router-default/ 598 | Default router password | https://github.com/jeanphorn/wordlist/blob/master/router_default_password.md 599 | Default VoIP password | https://github.com/netbiosX/Default-Credentials/blob/master/VoIP-Default-Password-List.mdown 600 | Fun secure password checker | https://password.kaspersky.com/ 601 | Hashcat WIKI | https://hashcat.net/wiki/ 602 | Multiple dictionary | https://github.com/danielmiessler/SecLists/tree/master/Passwords 603 | Multiple dictionary | https://github.com/duyetdev/bruteforce-database 604 | Online CrackStation | https://crackstation.net 605 | Online Hask Killer | https://hashkiller.co.uk 606 | Online Hash crack | http://www.onlinehashcrack.com/ 607 | Online MD5 and SHA1 db | http://hashtoolkit.com/ 608 | OpenWall | http://www.openwall.com/passwords/wordlists/ or ftp://ftp.openwall.com/pub/wordlists/ 609 | Outpost9 | http://www.outpost9.com/files/WordLists.html 610 | Packets storm | https://packetstormsecurity.com/Crackers/wordlists/ 611 | Password research | http://www.passwordresearch.com/ 612 | Programming - Secure Password Storage | https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016 613 | SecLists | https://github.com/danielmiessler/SecLists/tree/master/Passwords 614 | Skull security | https://wiki.skullsecurity.org/Passwords 615 | SSH dictionary | https://github.com/droope/pwlist 616 | 617 | 618 | ## Penetration testing :wrench: 619 | Name | URL 620 | ------------------------------------ | --------------------------------------------- 621 | Awesome pentest | https://github.com/enaqx/awesome-pentest 622 | Awesome WAF | https://github.com/0xInfection/Awesome-WAF 623 | Footprinting - Procedure & tools | http://www.0daysecurity.com/penetration-testing/network-footprinting.html 624 | GNU/Linux privilege escalation | https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ :star: 625 | Informaion gathering - Tools | http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/information-gathering.html 626 | IppSec channel | https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA 627 | Organization of the Standard | http://www.pentest-standard.org/index.php/Main_Page :star: 628 | Owasp - Check list | https://www.owasp.org/index.php/Testing_Checklist 629 | Owasp testing guide | https://www.owasp.org/images/1/19/OTGv4.pdf :star::star: 630 | Owasp - tools | https://www.owasp.org/index.php/Category:OWASP_Tool 631 | Public pentest reports | https://github.com/juliocesarfort/public-pentesting-reports :star: 632 | Python tools for pentest | https://github.com/dloss/python-pentest-tools 633 | Report sample | https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf 634 | Reverse engineering | http://wiki.yobi.be/wiki/Reverse-Engineering 635 | SANS Penetration Testing | http://pen-testing.sans.org 636 | Services enumeration | http://www.0daysecurity.com/penetration-testing/enumeration.html :star: 637 | Tools - BlackArch list | https://blackarch.org/tools.html 638 | Tools - Great list | http://wiki.yobi.be/wiki/Table_of_contents#Security 639 | Tools - Kali list | http://tools.kali.org/tools-listing 640 | Web | http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/web-application-analysis.html 641 | Web vulnerabilities | http://www.w4rri0r.com/hacking-tools-windows-os-x-linux-android-solaris-unixware/vulnerability-assessment.html 642 | Webshell list | https://github.com/tennc/webshell 643 | 644 | 645 | ## Port scanners :dart: && Wide Scans :statue_of_liberty: 646 | Name | URL 647 | ------------------------------------ | --------------------------------------------- 648 | Masscan | https://github.com/robertdavidgraham/masscan 649 | Masscan Defcon conference | [https://defcon.org/](https://defcon.org/images/defcon-22/dc-22-presentations/Graham-McMillan-Tentler/DEFCON-22-Graham-McMillan-Tentler-Masscaning-the-Internet.pdf) 650 | Network Scan Mon | https://scan.netlab.360.com/#/dashboard 651 | Nmap | https://nmap.org/7/ 652 | Nscan | https://github.com/OffensivePython/Nscan 653 | PFRing | https://github.com/ntop/PF_RING 654 | Rapid7 Sonar Labs | https://sonar.labs.rapid7.com/ 655 | Rapid7 Sonar Blackhat conference | [https://www.blackhat.com/](https://www.blackhat.com/docs/asia-14/materials/Schloesser/Asia-14-Schloesser-Scan-All-The-Things.pdf) 656 | Scans.io | https://scans.io/ 657 | Shadowserver | https://www.shadowserver.org/ :star::star::star::star: 658 | Sonar similar projects | https://github.com/rapid7/sonar/wiki/Similar-Projects 659 | Trending Ports | https://isc.sans.edu/trends.html 660 | Zmap | https://zmap.io/ 661 | Zgrab | https://github.com/zmap/zgrab 662 | 663 | 664 | ## Search engines :satellite: 665 | Name | URL 666 | ------------------------------------ | --------------------------------------------- 667 | ZoomEye | https://zoomeye.org/ :star::cn: 668 | Shodan | https://www.shodan.io/ 669 | Censys | https://censys.io/ 670 | Gegereka | http://gegereka.com/ (not always up) 671 | Google | https://www.google.com/advanced_search 672 | Google dorks | https://gist.github.com/zbetcheckin/04e6a5d7f2d5ef8cfa3c298701f47f9c 673 | List of search engines | https://en.wikipedia.org/wiki/List_of_search_engines 674 | Threat crowd | https://www.threatcrowd.org/ 675 | 676 | 677 | ## Security challenges / WarGames :triangular_flag_on_post: 678 | Name | URL 679 | ------------------------------------ | --------------------------------------------- 680 | Zenk-Security | https://www.zenk-security.com/ 681 | Root-Me | http://www.root-me.org/ 682 | Overthewire | http://overthewire.org/wargames/ 683 | Reversing | http://reversing.kr/ 684 | Pwnable | http://pwnable.kr/ 685 | Newbiecontest | https://www.newbiecontest.org/ 686 | OWASP VWAD list | https://github.com/OWASP/OWASP-VWAD/ 687 | WeChall | https://www.wechall.net/ 688 | Vulnhub | https://www.vulnhub.com/ :star: 689 | Net Garage | http://io.netgarage.org/ 690 | SmashTheStack | http://smashthestack.org/ 691 | Hackthissite | http://www.hackthissite.org/ 692 | Hack.me | https://hack.me 693 | HackThis! | http://www.hackthis.co.uk/ 694 | Backdoor.Sdslabs | https://backdoor.sdslabs.co/ 695 | Bright-shadows | http://www.bright-shadows.net/ 696 | SmashTheStack | http://smashthestack.org/ 697 | Ringzer0team | https://ringzer0team.com/challenges 698 | Forensic contest | http://forensicscontest.com/puzzles 699 | Lost chall | http://www.lost-chall.org/ 700 | Rankk | http://www.rankk.org/ 701 | Happy Security | http://www.happy-security.de/ 702 | Net force | https://www.net-force.nl/challenges/ 703 | CanYouHack.it | http://canyouhack.it/ 704 | Hellboundhackers | https://www.hellboundhackers.org/ 705 | Microcorruption | https://microcorruption.com/ 706 | 707 | 708 | ## Skimmer :black_joker: 709 | Name |URL 710 | ------------------------------------ | --------------------------------------------- 711 | Skimmer source from Krebs | https://krebsonsecurity.com/all-about-skimmers/ 712 | Great reverse engineering on skimmer | https://trustfoundry.net/reverse-engineering-a-discovered-atm-skimmer/ 713 | 714 | 715 | ## SSH 716 | Name | URL 717 | ------------------------------------ | --------------------------------------------- 718 | Bruteforce know hosts | https://github.com/Churro/bruteforce-known-hosts 719 | OpenSSH guidelines | https://wiki.mozilla.org/Security/Guidelines/OpenSSH 720 | SSH audit | https://github.com/arthepsy/ssh-audit.git 721 | SSH audit online | https://sshcheck.com 722 | Who's there | https://github.com/FiloSottile/whosthere 723 | 724 | 725 | ## SSL 726 | Name | URL 727 | ------------------------------------ | --------------------------------------------- 728 | Certificate search | https://crt.sh 729 | Bad SSL | https://github.com/chromium/badssl.com 730 | Htbridge - Online analysis | https://www.htbridge.com/ssl/ 731 | Mozilla SSL Configuration Generator | https://mozilla.github.io/server-side-tls/ssl-config-generator/ 732 | Observatory by Mozilla - Online analysis | https://observatory.mozilla.org/ :star::star::star::star: 733 | O-Saft - Tools | https://www.owasp.org/index.php/O-Saft 734 | OWASP tests - Procedure | [https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers](https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers,_Insufficient_Transport_Layer_Protection_(OTG-CRYPST-002)) 735 | Qualys SSL Labs - Online analysis | https://www.ssllabs.com/ssltest/ 736 | SSLscan - Tools | https://github.com/rbsec/sslscan 737 | SSLyze - Tools | https://github.com/iSECPartners/sslyze 738 | Testssl.sh - Tools | https://github.com/drwetter/testssl.sh :star: 739 | 740 | 741 | ## TOR 742 | Name | URL 743 | ------------------------------------ | --------------------------------------------- 744 | Hidden services | https://www.torproject.org/docs/hidden-services.html.en 745 | Hidden services scanner | https://github.com/superp00t/sadonion 746 | Reddit | https://www.reddit.com/r/onions/ 747 | Scan Onion Services | https://github.com/s-rah/onionscan 748 | Search engine - Grams | http://grams7enufi7jmdl.onion/ 749 | Search engine - Ahmia | https://ahmia.fi/ 750 | Search engine - TORCH | http://xmh57jrzrnw6insl.onion/ 751 | Search engine - DuckDuckGo | http://3g2upl4pq6kufc4m.onion/ 752 | Tails | https://tails.boum.org/ 753 | The hidden wiki | https://thehiddenwiki.org/ 754 | Tolerant ISP for exit node | https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs 755 | Tor Browser Fingerprint | https://github.com/jonaslejon/tor-fingerprint 756 | Tor Bulk exit list | https://check.torproject.org/cgi-bin/TorBulkExitList.py 757 | Tor IP history | https://exonerator.torproject.org/ 758 | Tor Know exit nodes | https://check.torproject.org/exit-addresses 759 | Tor Project | https://www.torproject.org/ 760 | Tor Relays bandwidth | https://github.com/TheTorProject/bwscanner 761 | Tor Socks | https://gitweb.torproject.org/torsocks.git 762 | Tor Status | https://torstatus.blutmagie.de/ 763 | URL onion inspector | https://github.com/k4m4/onioff 764 | 765 | 766 | ## VOIP :phone: 767 | Name | URL 768 | ------------------------------------------- | --------------------------------------------- 769 | Penetration test | http://0daysecurity.com/penetration-testing/VoIP-security.html 770 | 771 | 772 | ## VPN 773 | Name | URL 774 | ------------------------------------ | --------------------------------------------- 775 | Open VPN | https://github.com/OpenVPN 776 | Comparison | https://thatoneprivacysite.net/vpn-comparison-chart/ 777 | Location test | https://www.dnsleaktest.com/ 778 | Location test | https://ipleak.net/ 779 | 780 | 781 | ## Vulnerable environments :unlock: 782 | Name | URL 783 | ------------------------------------ | --------------------------------------------- 784 | Owasp list | https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline 785 | Owasp BWA | https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project 786 | DVWA | http://www.dvwa.co.uk/ 787 | WebGoat | http://code.google.com/p/webgoat 788 | Metasploitable 3 | https://github.com/rapid7/metasploitable3/wiki 789 | Vulnerable systems list | https://www.amanhardikar.com/mindmaps/Practice.html :star: 790 | VulnHub | http://vulnhub.com/ 791 | LampSecurity | http://sourceforge.net/projects/lampsecurity/ 792 | Hackademic-RTB1 | http://www.aldeid.com/wiki/Hackademic-RTB1 793 | Moth | http://www.bonsai-sec.com 794 | Peruggia | http://sourceforge.net/projects/peruggia/ 795 | 796 | 797 | ## Web browser 798 | Name | URL 799 | ------------------------------------ | --------------------------------------------- 800 | Amiunique project | https://github.com/DIVERSIFY-project/amiunique 801 | Browser exploit | https://github.com/julienbedard/browsersploit 802 | Browser info | http://www.browser-info.net/ 803 | Browser leaks | https://www.browserleaks.com/ 804 | Browser recommendations | https://gist.github.com/atcuno/3425484ac5cce5298932 :star: 805 | Browserling | https://www.browserling.com/ 806 | Fingerprint | https://amiunique.org/ 807 | Fingerprint | https://panopticlick.eff.org/ 808 | Flash | http://isflashinstalled.com/ 809 | Referer | https://www.whatismyreferer.com/ 810 | SSL | https://www.ssllabs.com/ssltest/viewMyClient.html 811 | URL Shorter List | https://bit.do/list-of-url-shorteners.php 812 | User agent | http://useragentstring.com/pages/useragentstring.php 813 | User agent | http://whatsmyuseragent.com/ 814 | User agent | https://www.projecthoneypot.org/robot_useragents.php 815 | User agent | https://www.whatismybrowser.com/developers/tools/user-agent-parser/browse 816 | Web technologies support tables | https://caniuse.com/ 817 | 818 | 819 | ## Windows 820 | Name | URL 821 | ------------------------------------ | --------------------------------------------- 822 | Anti forensic Windows | https://www.reddit.com/r/security/comments/32fb1l/open_guide_to_scrubbing_windows_oss_from_forensic/ 823 | Security development | https://github.com/ExpLife0011/awesome-windows-kernel-security-development 824 | Windows executable walkthrough | https://i.imgur.com/pHjcI.png 825 | Windows exploitation | https://github.com/r3p3r/nixawk-awesome-windows-exploitation 826 | Windows hardening | https://github.com/PaulSec/awesome-windows-domain-hardening 827 | 828 | 829 | ## Wireless / Radio :signal_strength: 830 | Name | URL 831 | ------------------------------------------- | --------------------------------------------- 832 | Awesome wifi tools list | https://github.com/0x90/wifi-arsenal 833 | Penetration test | http://0daysecurity.com/penetration-testing/wireless-penetration.html 834 | Great wifi map | https://wigle.net/ 835 | RFSec-ToolKit | https://github.com/cn0xroot/RFSec-ToolKit 836 | RTL-SDR | http://www.rtl-sdr.com/ 837 | Wireless in airports | https://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY 838 | --------------------------------------------------------------------------------