IT Security and Open Source Resources

Cybersecurity Resources

• Binary Edge (Scans the internet for threat intelligence).
• Censys (Assessing attack surface for internet connected devices).
• CRT sh (Search for certs that have been logged by CT).
• Dehashed (View leaked credentials).
• DNSDumpster (Search for DNS records quickly).
• DorkSearch (Really fast Google dorking).
• ExploitDB (Archive of various exploits).
• Fofa (Search for various threat intelligence).
• FullHunt (Search and discovery attack surfaces).
• Grep App (Search across a half million git repos).
• GrayHatWarfare (Search public S3 buckets).
• GreyNoise (Search for devices connected to the internet).
• Hunter (Search for email addresses belonging to a website).
• IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
• LeakIX (Search publicly indexed information).
• Netlas (Search and monitor internet connected assets).
• ONYPHE (Collects cyber-threat intelligence data).
• Packet Storm Security (Browse latest vulnerabilities and exploits).
• PolySwarm (Scan files and URLs for threats).
• PublicWWW (Marketing and affiliate marketing research).
• SearchCode (Search 75 billion lines of code from 40 million projects).
• SecurityTrails (Extensive DNS data).
• Shodan (Search for devices connected to the internet).
• URL Scan (Free service to scan and analyse websites).
• Vulners (Search vulnerabilities in a large database).
• WayBackMachine (View content from deleted websites).
• Wigle (Database of wireless networks, with statistics).
• ZoomEye (Gather information about targets).

Certificate SSL Check

• SSL Labs
• SSL Shopper

URL Reputation Check

• Trend Micro Site Safety
• APIVoid URL Reputation Check
• URLVoid
• Norton Safe Web
• ScanURL
• Cisco Talos Intelligence

Sandbox

• any.run - sandbox
• APIVoid URL Reputation Check

BSD

• FreeBSD
• OpenBSD
• NetBSD
• DragonFly BSD

NIST

• NIST Official Website
• NIST Computer Security Resource Center

Online Antivirus Scanner

• VirusTotal
• VirSCAN
• MetaDefender Cloud
• Jotti's Malware Scan
• ESET Online Scanner
• F-Secure Online Scanner
• TrendMicro HouseCall
• Kaspersky Security Cloud - Free
• Bitdefender Online Free Virus Scan
• Avira Free Security
• BullGuard Online Scanner
• Comodo Free Online Scanner
• McAfee GetSusp
• Panda Cloud Cleaner
• Norton Security Scan
• Quick Heal Online Scan
• Sophos Free Tools
• FortiGuard Online Scanner
• Emsisoft Emergency Kit
• Zemana Online Scanner

Online OSINT Tools

• OSINT Framework
• theHarvester
• Shodan
• Spyse
• Censys
• ZoomEye
• Intelligence X
• BinaryEdge
• Have I Been Pwned
• urlscan.io
• BuiltWith
• Robtex
• WiGLE
• PeeringDB
• SpyOnWeb
• Hunter.io
• FullContact
• DeHashed
• Keybase
• Pastebin
• Pipl

Operating Systems

• Linux
• Windows
• macOS
• Ubuntu
• Debian
• Red Hat Enterprise Linux
• FreeBSD
• Fedora
• iOS
• Android
• Chromium OS
• Raspberry Pi OS
• QNX
• Solaris
• AIX
• HP-UX
• watchOS
• OpenBSD
• NetBSD
• Haiku
• CentOS
• Arch Linux
• Gentoo
• SUSE Linux
• Slackware
• Kali Linux
• Zorin OS
• elementary OS
• Solus
• Manjaro
• GNU Hurd
• ReactOS
• Kylin
• Qubes OS
• Tails
• Whonix
• eComStation
• AROS
• SkyOS
• MINIX 3
• TempleOS
• PureOS
• Liri OS
• Visopsys
• Syllable
• KolibriOS
• Contiki
• RISC OS
• MenuetOS
• MorphOS

Pentest tools

• Metasploit
• OWASP ZAP
• Nmap
• Wireshark
• NetHunter
• Aircrack-ng
• SQLMap
• Hashcat
• Nexpose
• SecLists
• GoPhish
• Impacket
• Wifite2
• Nessus
• Core Impact
• Burp Suite
• Cobalt Strike
• Responder
• CrackMapExec
• Hydra
• Dirsearch
• John the Ripper
• EyeWitness
• Social-Engineer Toolkit (SET)
• LinEnum
• pspy
• LaZagne
• PowerSploit
• GoBuster
• Masscan
• Empire
• PCredz
• Photon
• Discover
• Nishang
• DNSRecon
• LinkFinder
• MITMf
• Aquatone
• CMSmap
• JSVulnDB
• Weevely3
• Sn1per
• CeWL
• BruteX
• Taser
• Masscan
• Faraday
• Armitage
• The Backdoor Factory
• Morpheus
• Mimikatz
• Dirsearch
• RouterSploit
• Recon-ng
• Wifite
• Hydra
• SET Toolkit
• BeEF
• BlackWidow

IT security Framework

• CISSP - Certified Information Systems Security Professional
• ISO/IEC 27001
• NIST SP 800-53
• PCI DSS - Payment Card Industry Data Security Standard
• CIS Critical Security Controls
• CIS Benchmarks
• COBIT - Control Objectives for Information and Related Technologies
• HIPAA Security Rule
• GDPR - General Data Protection Regulation
• OWASP Top Ten
• ITIL - Information Technology Infrastructure Library
• FedRAMP - Federal Risk and Authorization Management Program
• SANS Top 20
• CSA STAR - Cloud Security Alliance Security Trust Assurance and Risk
• CVSS - Common Vulnerability Scoring System
• OWASP ASVS - Application Security Verification Standard
• SAFECode - Software Assurance Forum for Excellence in Code
• CISM - Certified Information Security Manager

Pentester Search Engine

• Shodan
• Censys
• ZoomEye
• BinaryEdge
• Onyphe
• FoFa
• SpyOnWeb
• ThreatCrowd
• VirusTotal
• PublicWWW
• DNSdumpster
• Hunter.io
• theHarvester
• Intelligence X
• urlscan.io
• AlienVault OTX
• PulseDive
• GrayHatWarfare
• WiGLE
• KeySearch

Programming Language

• Python
• Java
• JavaScript
• PHP
• Ruby
• Rust
• Swift
• C++
• C
• TypeScript
• Kotlin
• Go
• Scala
• R
• Perl
• Lua
• Haskell
• Dart
• Erlang
• Elixir
• Pascal
• Fortran
• Ada
• Julia
• Groovy
• MATLAB
• Shell Script
• Scheme
• .NET (C#, F#, VB.NET)
• Objective-C
• PowerShell

RFC

• RFC Editor
• IETF RFC Pages
• RFC 791 - Internet Protocol
• RFC 793 - Transmission Control Protocol
• RFC 5246 - TLS 1.2
• RFC 8446 - TLS 1.3
• RFC 2104 - HMAC
• RFC 2818 - HTTP Over TLS
• RFC 2821 - SMTP
• RFC 3261 - SIP
• RFC 4251 - SSH Protocol Architecture
• RFC 4301 - IPsec Architecture
• RFC 4346 - TLS 1.1
• RFC 4511 - LDAP Protocol
• RFC 4949 - Internet Security Glossary
• RFC 5280 - X.509 PKI Certificate and CRL Profile
• RFC 6347 - DTLS 1.2
• RFC 6749 - OAuth 2.0
• RFC 6750 - OAuth 2.0 Bearer Token Usage
• RFC 7519 - JSON Web Token (JWT)
• RFC 7540 - HTTP/2
• RFC 7766 - DNS Transport over TCP
• RFC 7858 - DNS over TLS
• RFC 7918 - TLS False Start
• RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA)
• RFC 8447 - TLS 1.3 Middlebox Compatibility Mode
• RFC 8484 - DNS Queries over HTTPS (DoH)
• RFC 8492 - DNS Reverse IP AMT Discovery
• RFC 8613 - Object Security for Constrained RESTful Environments (OSCORE)
• RFC 8705 - OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
• RFC 1321 - MD5 Message-Digest Algorithm
• RFC 1421 - Privacy Enhancement for Internet Electronic Mail
• RFC 1422 - Privacy Enhancement for Internet Electronic Mail
• RFC 1423 - Privacy Enhancement for Internet Electronic Mail
• RFC 1510 - The Kerberos Network Authentication Service (V5)
• RFC 2401 - Security Architecture for the Internet Protocol
• RFC 2986 - PKCS #10: Certification Request Syntax Specification
• RFC 3394 - Advanced Encryption Standard (AES) Key Wrap Algorithm
• RFC 3686 - Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)
• RFC 4086 - Randomness Requirements for Security
• RFC 4107 - Guidelines for Cryptographic Key Management
• RFC 4492 - Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
• RFC 4513 - LDAP Authentication Methods and Security Mechanisms
• RFC 4572 - Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)
• RFC 4648 - The Base16, Base32, and Base64 Data Encodings
• RFC 5077 - Transport Layer Security (TLS) Session Resumption without Server-Side State
• RFC 5158 - An Internet Protocol (IP) Address Block POTAR Tool
• RFC 5289 - TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
• RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
• RFC 5929 - Channel Bindings for TLS
• RFC 5958 - Asymmetric Key Packages
• RFC 6238 - Time-Based One-Time Password Algorithm
• RFC 6275 - Mobility Support in IPv6
• RFC 6520 - Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension
• RFC 6797 - HTTP Strict Transport Security (HSTS)
• RFC 6818 - Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
• RFC 6960 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
• RFC 6979 - Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)
• RFC 7515 - JSON Web Signature (JWS)
• RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients

Popular Social Media Platforms

• Facebook
• Instagram
• Twitter
• Snapchat
• Pinterest
• LinkedIn
• Weibo
• TikTok
• Reddit
• YouTube
• QQ
• WeChat
• Qzone
• Tumblr
• Sina Weibo
• Badoo
• Telegram
• Douban
• Viber
• LINE
• Medium
• VKontakte (VK)
• Tagged
• Periscope
• Flickr
• Meetup
• Ask.fm
• MeetMe
• Classmates
• Twitch
• Quora
• Tinder
• MySpace
• The Dots
• KakaoTalk
• Discord
• Clubhouse
• Goodreads
• XING
• Skype
• Snapfish
• ReverbNation
• Foursquare
• Renren

• Security and Privacy

  • RFC 2828 - Internet Security Glossary
  • RFC 4949 - Internet Security Glossary, Version 2
  • RFC 2504 - Users' Security Handbook
  • RFC 3552 - Guidelines for Writing RFC Text on Security Considerations

  Cryptography and Authentication

  • RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3
  • RFC 4251 - The Secure Shell (SSH) Protocol Architecture
  • RFC 6238 - TOTP: Time-Based One-Time Password Algorithm
  • RFC 8018 - PKCS #5: Password-Based Cryptography Specification Version 2.1

  Network Hardening

  • RFC 2196 - Site Security Handbook
  • RFC 2827 - Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing

  Internet Protocols and Standards

  • RFC 791 - Internet Protocol (IP)
  • RFC 793 - Transmission Control Protocol (TCP)
  • RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1
  • RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2

  Network Management and Monitoring

  • RFC 1157 - A Simple Network Management Protocol (SNMP)
  • RFC 2571 - An Architecture for Describing SNMP Management Frameworks

  Email Security

  • RFC 3207 - SMTP Service Extension for Secure SMTP over Transport Layer Security
  • RFC 6851 - Internet Message Access Protocol (IMAP) - MOVE Extension

  DNS Security

  • RFC 4033 - DNS Security Introduction and Requirements
  • RFC 4034 - Resource Records for the DNS Security Extensions
  • RFC 4035 - Protocol Modifications for the DNS Security Extensions

  Advanced Encryption and Security Protocols

  • RFC 5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
  • RFC 7258 - Pervasive Monitoring Is an Attack
  • RFC 7469 - Public Key Pinning Extension for HTTP

  Privacy Enhancements

  • RFC 6973 - Privacy Considerations for Internet Protocols
  • RFC 7624 - Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement

  Secure Network Protocols

  • RFC 4301 - Security Architecture for the Internet Protocol
  • RFC 4302 - IP Authentication Header
  • RFC 4303 - IP Encapsulating Security Payload (ESP)

  Secure Routing and Network Management

  • RFC 4271 - A Border Gateway Protocol 4 (BGP-4)
  • RFC 6811 - BGP Prefix Origin Validation
  • RFC 7120 - Early IANA Allocation of Standards Track Code Points

  Email and Web Security

  • RFC 7208 - Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1
  • RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)
  • RFC 8616 - Authenticated Received Chain (ARC) Protocol

  DNS Security and Privacy

  • RFC 7858 - Specification for DNS over Transport Layer Security (TLS)
  • RFC 8484 - DNS Queries over HTTPS (DoH)

  Security Best Practices and Guidelines

  • RFC 3631 - Security Mechanisms for the Internet
  • RFC 4949 - Internet Security Glossary, Version 2
  • RFC 6973 - Privacy Considerations for Internet Protocols

  IoT and Emerging Technologies Security

  • RFC 8576 - Internet of Things (IoT) Security: State of the Art and Challenges
  • RFC 8840 - A Negotiated Duplication of RTP Streams

  Identity and Access Management

  • RFC 6749 - The OAuth 2.0 Authorization Framework
  • RFC 7519 - JSON Web Token (JWT)

  Secure Messaging and Communication

  • RFC 8440 - SMTP MTA Strict Transport Security (MTA-STS)
  • RFC 8555 - Automatic Certificate Management Environment (ACME)

  Mobile Security

  • RFC 5448 - Improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA')

  Security Incident Handling and Reporting

  • RFC 2350 - Expectations for Computer Security Incident Response
  • RFC 5070 - The Incident Object Description Exchange Format (IODEF)

  Network Security Protocols

  • RFC 4306 - Internet Key Exchange (IKEv2) Protocol
  • RFC 6347 - Datagram Transport Layer Security Version 1.2

  Secure Configuration and Network Hardening

  • RFC 3871 - Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure
  • RFC 6192 - Protecting the Router Control Plane

  Privacy and Anonymity

  • RFC 7626 - DNS Privacy Considerations
  • RFC 7814 - Internet Protocol Version 6 (IPv6) over Low Power Wireless Personal Area Network (6LoWPAN) Encryption and Compression Using IPsec and ROHC

  Cryptographic Techniques and Key Management

  • RFC 4107 - Guidelines for Cryptographic Key Management
  • RFC 7693 - The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)

  Secure Software Development and Deployment

  • RFC 4949 - Internet Security Glossary, Version 2
  • RFC 6973 - Privacy Considerations for Internet Protocols

  Next-Generation Internet Protocols

  • RFC 7855 - Source Packet Routing in Networking (SPRING) Problem Statement and Requirements
  • RFC 8969 - A Framework for Automating Service and Network Management with YANG

  Last Update: 6th November 2023

  Updated: Added new links in various sections.