IT Security and Open Source Resources
Cybersecurity Resources
- Binary Edge (Scans the internet for threat intelligence).
- Censys (Assessing attack surface for internet connected devices).
- CRT sh (Search for certs that have been logged by CT).
- Dehashed (View leaked credentials).
- DNSDumpster (Search for DNS records quickly).
- DorkSearch (Really fast Google dorking).
- ExploitDB (Archive of various exploits).
- Fofa (Search for various threat intelligence).
- FullHunt (Search and discovery attack surfaces).
- Grep App (Search across a half million git repos).
- GrayHatWarfare (Search public S3 buckets).
- GreyNoise (Search for devices connected to the internet).
- Hunter (Search for email addresses belonging to a website).
- IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
- LeakIX (Search publicly indexed information).
- Netlas (Search and monitor internet connected assets).
- ONYPHE (Collects cyber-threat intelligence data).
- Packet Storm Security (Browse latest vulnerabilities and exploits).
- PolySwarm (Scan files and URLs for threats).
- PublicWWW (Marketing and affiliate marketing research).
- SearchCode (Search 75 billion lines of code from 40 million projects).
- SecurityTrails (Extensive DNS data).
- Shodan (Search for devices connected to the internet).
- URL Scan (Free service to scan and analyse websites).
- Vulners (Search vulnerabilities in a large database).
- WayBackMachine (View content from deleted websites).
- Wigle (Database of wireless networks, with statistics).
- ZoomEye (Gather information about targets).
Certificate SSL Check
URL Reputation Check
Sandbox
BSD
NIST
Online Antivirus Scanner
- VirusTotal
- VirSCAN
- MetaDefender Cloud
- Jotti's Malware Scan
- ESET Online Scanner
- F-Secure Online Scanner
- TrendMicro HouseCall
- Kaspersky Security Cloud - Free
- Bitdefender Online Free Virus Scan
- Avira Free Security
- BullGuard Online Scanner
- Comodo Free Online Scanner
- McAfee GetSusp
- Panda Cloud Cleaner
- Norton Security Scan
- Quick Heal Online Scan
- Sophos Free Tools
- FortiGuard Online Scanner
- Emsisoft Emergency Kit
- Zemana Online Scanner
Online OSINT Tools
Operating Systems
- Linux
- Windows
- macOS
- Ubuntu
- Debian
- Red Hat Enterprise Linux
- FreeBSD
- Fedora
- iOS
- Android
- Chromium OS
- Raspberry Pi OS
- QNX
- Solaris
- AIX
- HP-UX
- watchOS
- OpenBSD
- NetBSD
- Haiku
- CentOS
- Arch Linux
- Gentoo
- SUSE Linux
- Slackware
- Kali Linux
- Zorin OS
- elementary OS
- Solus
- Manjaro
- GNU Hurd
- ReactOS
- Kylin
- Qubes OS
- Tails
- Whonix
- eComStation
- AROS
- SkyOS
- MINIX 3
- TempleOS
- PureOS
- Liri OS
- Visopsys
- Syllable
- KolibriOS
- Contiki
- RISC OS
- MenuetOS
- MorphOS
Pentest tools
- Metasploit
- OWASP ZAP
- Nmap
- Wireshark
- NetHunter
- Aircrack-ng
- SQLMap
- Hashcat
- Nexpose
- SecLists
- GoPhish
- Impacket
- Wifite2
- Nessus
- Core Impact
- Burp Suite
- Cobalt Strike
- Responder
- CrackMapExec
- Hydra
- Dirsearch
- John the Ripper
- EyeWitness
- Social-Engineer Toolkit (SET)
- LinEnum
- pspy
- LaZagne
- PowerSploit
- GoBuster
- Masscan
- Empire
- PCredz
- Photon
- Discover
- Nishang
- DNSRecon
- LinkFinder
- MITMf
- Aquatone
- CMSmap
- JSVulnDB
- Weevely3
- Sn1per
- CeWL
- BruteX
- Taser
- Masscan
- Faraday
- Armitage
- The Backdoor Factory
- Morpheus
- Mimikatz
- Dirsearch
- RouterSploit
- Recon-ng
- Wifite
- Hydra
- SET Toolkit
- BeEF
- BlackWidow
IT security Framework
- CISSP - Certified Information Systems Security Professional
- ISO/IEC 27001
- NIST SP 800-53
- PCI DSS - Payment Card Industry Data Security Standard
- CIS Critical Security Controls
- CIS Benchmarks
- COBIT - Control Objectives for Information and Related Technologies
- HIPAA Security Rule
- GDPR - General Data Protection Regulation
- OWASP Top Ten
- ITIL - Information Technology Infrastructure Library
- FedRAMP - Federal Risk and Authorization Management Program
- SANS Top 20
- CSA STAR - Cloud Security Alliance Security Trust Assurance and Risk
- CVSS - Common Vulnerability Scoring System
- OWASP ASVS - Application Security Verification Standard
- SAFECode - Software Assurance Forum for Excellence in Code
- CISM - Certified Information Security Manager
Pentester Search Engine
Programming Language
RFC
- RFC Editor
- IETF RFC Pages
- RFC 791 - Internet Protocol
- RFC 793 - Transmission Control Protocol
- RFC 5246 - TLS 1.2
- RFC 8446 - TLS 1.3
- RFC 2104 - HMAC
- RFC 2818 - HTTP Over TLS
- RFC 2821 - SMTP
- RFC 3261 - SIP
- RFC 4251 - SSH Protocol Architecture
- RFC 4301 - IPsec Architecture
- RFC 4346 - TLS 1.1
- RFC 4511 - LDAP Protocol
- RFC 4949 - Internet Security Glossary
- RFC 5280 - X.509 PKI Certificate and CRL Profile
- RFC 6347 - DTLS 1.2
- RFC 6749 - OAuth 2.0
- RFC 6750 - OAuth 2.0 Bearer Token Usage
- RFC 7519 - JSON Web Token (JWT)
- RFC 7540 - HTTP/2
- RFC 7766 - DNS Transport over TCP
- RFC 7858 - DNS over TLS
- RFC 7918 - TLS False Start
- RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA)
- RFC 8447 - TLS 1.3 Middlebox Compatibility Mode
- RFC 8484 - DNS Queries over HTTPS (DoH)
- RFC 8492 - DNS Reverse IP AMT Discovery
- RFC 8613 - Object Security for Constrained RESTful Environments (OSCORE)
- RFC 8705 - OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
- RFC 1321 - MD5 Message-Digest Algorithm
- RFC 1421 - Privacy Enhancement for Internet Electronic Mail
- RFC 1422 - Privacy Enhancement for Internet Electronic Mail
- RFC 1423 - Privacy Enhancement for Internet Electronic Mail
- RFC 1510 - The Kerberos Network Authentication Service (V5)
- RFC 2401 - Security Architecture for the Internet Protocol
- RFC 2986 - PKCS #10: Certification Request Syntax Specification
- RFC 3394 - Advanced Encryption Standard (AES) Key Wrap Algorithm
- RFC 3686 - Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)
- RFC 4086 - Randomness Requirements for Security
- RFC 4107 - Guidelines for Cryptographic Key Management
- RFC 4492 - Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
- RFC 4513 - LDAP Authentication Methods and Security Mechanisms
- RFC 4572 - Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)
- RFC 4648 - The Base16, Base32, and Base64 Data Encodings
- RFC 5077 - Transport Layer Security (TLS) Session Resumption without Server-Side State
- RFC 5158 - An Internet Protocol (IP) Address Block POTAR Tool
- RFC 5289 - TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
- RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
- RFC 5929 - Channel Bindings for TLS
- RFC 5958 - Asymmetric Key Packages
- RFC 6238 - Time-Based One-Time Password Algorithm
- RFC 6275 - Mobility Support in IPv6
- RFC 6520 - Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension
- RFC 6797 - HTTP Strict Transport Security (HSTS)
- RFC 6818 - Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- RFC 6960 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
- RFC 6979 - Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)
- RFC 7515 - JSON Web Signature (JWS)
- RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients
Popular Social Media Platforms
- Snapchat
- TikTok
- YouTube
- Qzone
- Tumblr
- Sina Weibo
- Badoo
- Telegram
- Douban
- Viber
- LINE
- Medium
- VKontakte (VK)
- Tagged
- Periscope
- Flickr
- Meetup
- Ask.fm
- MeetMe
- Classmates
- Twitch
- Quora
- Tinder
- MySpace
- The Dots
- KakaoTalk
- Discord
- Clubhouse
- Goodreads
- Skype
- Snapfish
- ReverbNation
- Foursquare
- Renren
-
Security and Privacy
Cryptography and Authentication
Network Hardening
Internet Protocols and Standards
Network Management and Monitoring
Email Security
DNS Security
Advanced Encryption and Security Protocols
Privacy Enhancements
Secure Network Protocols
Secure Routing and Network Management
Email and Web Security
DNS Security and Privacy
Security Best Practices and Guidelines
IoT and Emerging Technologies Security
Identity and Access Management
Secure Messaging and Communication
Mobile Security
Security Incident Handling and Reporting
Network Security Protocols
Secure Configuration and Network Hardening
Privacy and Anonymity
Cryptographic Techniques and Key Management
Secure Software Development and Deployment
Next-Generation Internet Protocols
Last Update: 6th November 2023
Updated: Added new links in various sections.