Explore 53 curated tools and resources
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A compilation of Red Teaming resources including cheatsheets, notes, scripts, and practice platforms for cybersecurity learning and skill development.
A lightweight and portable Docker container for penetration testers and CTF players
A lightweight and portable Docker container for penetration testers and CTF players
Framework for creating jeopardy CTF challenges with configurable structure and efficient integration.
Framework for creating jeopardy CTF challenges with configurable structure and efficient integration.
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
A lightweight CTF platform inspired by motherfuckingwebsite.com with a focus on challenge difficulty.
A lightweight CTF platform inspired by motherfuckingwebsite.com with a focus on challenge difficulty.
Archive of information, tools, and references regarding CTF competitions.
Archive of information, tools, and references regarding CTF competitions.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
A Docker image with tools for solving Steganography challenges and screening scripts for analyzing files.
A Docker image with tools for solving Steganography challenges and screening scripts for analyzing files.
A repository of CTF challenges and resources from various cybersecurity competitions.
A repository of CTF challenges and resources from various cybersecurity competitions.
Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.
Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.
A free, safe, and legal training ground for ethical hackers to test and expand their skills
A free, safe, and legal training ground for ethical hackers to test and expand their skills
A tool for scraping CTF writeups from ctftime.org and organizing them for easy access.
A tool for scraping CTF writeups from ctftime.org and organizing them for easy access.
A cheatsheet for understanding privilege escalation with examples, not for enumeration using Linux Commands.
A cheatsheet for understanding privilege escalation with examples, not for enumeration using Linux Commands.
A simple security capture the flag framework for running contests
An annual jeopardy-style capture-the-flag contest with challenges related to cybersecurity.
An annual jeopardy-style capture-the-flag contest with challenges related to cybersecurity.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Collection of CTF writeups from September 2018 onwards, including various CTFs and HackTheBox.
Collection of CTF writeups from September 2018 onwards, including various CTFs and HackTheBox.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
CTF toolkit for rapid exploit development and prototyping.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
A collection of CTF source files and write-ups that anyone can contribute to
A collection of CTF source files and write-ups that anyone can contribute to
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
Platform for hosting Jeopardy and 'King of the Hill' style Capture the Flag competitions.
Platform for hosting Jeopardy and 'King of the Hill' style Capture the Flag competitions.
CTF write-ups from SababaSec team
Find RCE gadgets for CTF pwn challenges with ease.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A Capture The Flag (CTF) platform for testing computer security skills
A Capture The Flag (CTF) platform for testing computer security skills
Blue-team capture the flag competition for improving cybersecurity skills.
Blue-team capture the flag competition for improving cybersecurity skills.
A repository of CTF source files and write-ups for CTFs from 2014, allowing contributions and corrections.
A repository of CTF source files and write-ups for CTFs from 2014, allowing contributions and corrections.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A collection of CTF source files and write-ups that anyone can contribute to.
A collection of CTF source files and write-ups that anyone can contribute to.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
Scoring server for Cyber Capture the Flag events with a focus on problem modification and hint offerings.
Scoring server for Cyber Capture the Flag events with a focus on problem modification and hint offerings.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A live archive of DEF CON CTF challenges, vulnerable by design, for hackers to play safely.
CTFd is a Capture The Flag framework with extensive features for creating and managing CTF competitions.
CTFd is a Capture The Flag framework with extensive features for creating and managing CTF competitions.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
Cross-site scripting labs for web application security enthusiasts
Cross-site scripting labs for web application security enthusiasts
A collection of write-ups from Capture The Flag hacking competitions
A collection of writeups of CTF challenges I solved, including explanations of the challenges and how I solved them.
A collection of writeups of CTF challenges I solved, including explanations of the challenges and how I solved them.
Detailed explanations of steps taken to solve challenges in Capture The Flag competitions.
Detailed explanations of steps taken to solve challenges in Capture The Flag competitions.
A low-interaction honeypot that logs IP addresses, usernames, and passwords used by clients connecting via SSH, primarily used for gathering intelligence on brute force attacks.
A low-interaction honeypot that logs IP addresses, usernames, and passwords used by clients connecting via SSH, primarily used for gathering intelligence on brute force attacks.
Educational CTF-styled challenges for Memory Forensics.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.