58 tools and resources
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
Monitor GitHub for sensitive data
A tool for enumerating subdomains of a given domain
A reconnaissance tool for GitHub organizations
InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.
The Web's Largest Community Tracking Online Fraud & Abuse
A weekly newsletter covering computer security news and tutorials
Collection of industry and community cybersecurity courses and materials by M. E. Kabay.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
Metta is an information security preparedness tool for adversarial simulation.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
WordPress plugin to reduce comment spam with a smarter honeypot.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
A comprehensive list of search filters for the SHODAN search engine.
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
A cybersecurity tool with online demo, mailing list, and multiple installation methods.
Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.
A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
An informational repo about hunting for adversaries in your IT environment.
A standard document for software projects
A leading technology media brand providing news, analysis, and opinion on IT leadership and digital transformation.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
Social news aggregation and discussion platform for cybersecurity professionals.
SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences.
A free online wargame for practicing hacking skills and learning security concepts.
Facilitates distribution of Threat Intelligence artifacts to defensive systems.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A framework for creating and executing pynids-based decoders and detectors of APT tradecraft
Check if your email address has been involved in a data breach.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
Proof-of-concept implementation of TAXII services for developers and non-developers.
Naked Security by Sophos offers expert insights and practical advice on cybersecurity threats and protection strategies.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A comprehensive guide to using Hashcat for password cracking
Schneier on Security provides expert analysis and commentary on a wide range of security issues.
A public domain for use in illustrative examples in documents.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A video-sharing platform for creators to share their content and for users to discover new content, with a focus on cybersecurity.
Online Telegram bot for collecting information on individuals from various websites.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
Free online class for web security and hacking
Google's Security Blog provides the latest news and insights on security and safety on the Internet.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
Hacker wargames site with forums and tutorials, fostering a learning community.
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.
Learn how to integrate security into Agile development teams for high performance
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.
msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.
