Useful websites

From SecurityTools

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

  • AD Security - An infrequently updated but useful guide to attacking and defending Active Directory
  • Awesome Cybersecurity Blue Team - A GitHub page loaded with resources for blue team specialists.
  • DFIR Diva's Digital Forensics and Incident Response Blog - Geared towards beginners, this links free and affordable training, resources, and a job board
  • Five Pillars of an Information/Cyber Security Professional - A guide to the 5 key areas of proficiency necessary to excel in security
  • The hacking sub-reddit wiki - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
  • HackTricks - A penetration testing, red team testing, and CTF tips project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurity
  • Have I Been Pwned? - A site for checking whether your email or password is in a data breach
  • LOLBAS - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
  • m0nad's Awesome Privilege Escalation - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips
  • PEASS-ng - The Privilege Escalation Awesome Scripts SUITE new generation - a collection of macOS, Linux, and Windows tools to help you escalate your privileges once you gain a foothold on a system. Get some guidance on privilege escalation techniques, including use of PEASS-ng tools, from the Linux privilege escalationand Windows privilege escalation subsections of HackTricks
  • Shodan web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
  • Vulnhub - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
  • VX-Underground - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow the vx-underground Twitter account