A collection of sites related to cybersecurity.
Warning
The domains could be changed or compromised over time. You may visit the links at your own risk.
- Practice Environments
- Vulnerabilities
- Patching Vulnerabilities
- Red Team
- Blue Team
- Hardening and Compliance
- Reverse Engineering
- Secure Coding
- Web Security
- Exploit Development
- Evasion
- Living Off The Land
- Notes
- Cheatsheets
- Website Articles / Blogs
- Mindmaps
- Whitepapers
- Reporting
- Reporting Vulnerabilities
Practice in vulnerable labs:
- https://github.com/kaiiyer/awesome-vulnerable
- https://github.com/Orange-Cyberdefense/GOAD
- https://docs.google.com/spreadsheets/u/0/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview?pli=1
Learn about vulnerable code:
- https://github.com/snoopysecurity/Vulnerable-Code-Snippets
- https://github.com/yeswehack/vulnerable-code-snippets
- https://github.com/Yavuzlar/VulnLab
- https://github.com/digininja/DVWA
Latest vulnerabilities:
- https://github.com/CVEProject/cvelistV5/releases
- https://www.cvedetails.com/browse-by-date.php
- https://www.tenable.com/cve/newest
- https://github.com/projectdiscovery/cvemap
- https://blog.qualys.com/vulnerabilities-threat-research
- https://hackerone.com/hacktivity/cve_discovery
- https://nvd.nist.gov/developers
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
0-day tags:
Receiving notifications of GitHub releases:
- https://stackoverflow.com/a/49350626
- https://docs.github.com/en/account-and-profile/managing-subscriptions-and-notifications-on-github/setting-up-notifications/configuring-notifications
CNA List:
EoL references:
- https://endoflife.date/
- https://learn.microsoft.com/en-us/lifecycle/
- https://access.redhat.com/product-life-cycles
Exploit sites:
- https://www.exploit-db.com/
- https://www.rapid7.com/db/
- https://packetstormsecurity.com/files/tags/exploit/
PoC collections (WARNING: Some "PoC" may have malware):
Vulnerability databases
CVE sites:
VPR:
CVSS:
- https://www.first.org/cvss/v4-0/
- https://www.first.org/cvss/v3-1/
- https://www.first.org/cvss/v3-0/
- https://www.first.org/cvss/v2/
- https://www.first.org/cvss/v1/
Vulnerability references:
- https://msrc.microsoft.com/update-guide/vulnerability
- https://ubuntu.com/security/cves
- https://access.redhat.com/security/vulnerabilities
Vulnerability files:
Security Advisories and Update Guides:
- https://learn.microsoft.com/en-us/security-updates/securitybulletins/securitybulletins
- https://msrc.microsoft.com/update-guide/
- https://ubuntu.com/security/cves
- https://access.redhat.com/security/security-updates/cve
- https://access.redhat.com/security/security-updates/security-advisories
- https://www.veeam.com/knowledge-base.html
- https://www.vmware.com/security/advisories.html
- https://www.dell.com/support/security/en-us
- https://sec.cloudapps.cisco.com/security/center/publicationListing.x
- https://www.cisco.com/c/en/us/support/security/identity-services-engine/products-security-advisories-list.html
- https://packetstormsecurity.com/files/tags/advisory/
- https://www.cisa.gov/news-events/cybersecurity-advisories
- https://technet.microsoft.com/security/advisory
- https://www.sophos.com/en-us/security-advisories
- https://www.fortiguard.com/psirt
- https://security.paloaltonetworks.com/
Note: Security advisories and update guides can be used to find remediations, mitigations, and/or workarounds for specific products and/or software. It also details which products and/or software are affected by a specific vulnerability. It is recommended to review the advisories of a vendor when performing vulnerability assessments, penetration tests, red team engagements, or for reporting in general.
Microsoft Update Catalog:
Microsoft Update Definitions:
Microsoft KB (example):
Microsoft CU Updates (replaces previous KBs):
Screenshot of Update ID (879575bc-c874-401f-af6f-51bf373427b7):
Unix/Linux-based Updates:
MITRE ATT&CK:
Red team tactics:
- https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/
- https://atomicredteam.io/atomics/
- https://github.com/A-poc/RedTeam-Tools
- https://github.com/center-for-threat-informed-defense
- https://redteamrecipe.com/
- https://book.redteamguides.com/
- https://github.com/LuemmelSec/Pentest-Tools-Collection#obfuscation
- https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
- https://github.com/h3ll0clar1c3/CRTO
- https://github.com/J0hnbX/RedTeam-Resources
- https://hacklido.com/t/red-teaming
Practice Red Team Ops:
- https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki
- https://github.com/WesleyWong420/RedTeamOps-Havoc-101
- https://github.com/dmcxblue/Red-Team-Guide?tab=readme-ov-file
- https://tryhackme.com/path/outline/redteaming
OPSEC:
- https://github.com/WesleyWong420/OPSEC-Tradecraft
- https://github.com/Lissy93/personal-security-checklist
- https://labs.nettitude.com/blog/creating-an-opsec-safe-loader-for-red-team-operations/
- https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
OSINT:
- https://github.com/OffcierCia/non-typical-OSINT-guide
- https://github.com/jivoi/awesome-osint
- https://github.com/OhShINT/ohshint.gitbook.io
Adversary emulation platforms:
- https://github.com/mitre/caldera
- https://github.com/FourCoreLabs/firedrill
- https://www.encripto.no/en/downloads-2/tools/
C2 Matrixes:
MITRE D3FEND:
Blue team tactics:
- https://github.com/A-poc/BlueTeam-Tools
- https://book.blueteamguides.com/
- https://github.com/fabacab/awesome-cybersecurity-blueteam
- https://github.com/rshipp/awesome-malware-analysis
- https://github.com/paralax/awesome-honeypots
- https://github.com/meirwah/awesome-incident-response
- https://github.com/hslatman/awesome-threat-intelligence
- https://github.com/InQuest/awesome-yara
- https://github.com/cugu/awesome-forensics
- https://github.com/kai5263499/container-security-awesome
- https://github.com/sroberts/awesome-iocs
- https://github.com/meirwah/awesome-incident-response
- https://github.com/tylerha97/awesome-reversing
- https://github.com/cyb3rxp/awesome-soc
- https://github.com/nasbench/SIGMA-Resources
- https://hacklido.com/t/blue-teaming
- https://cyberblueteam.medium.com/
Latest threats:
IP Information:
URL Information:
SIGMA:
Yara:
OSSEC:
Custom Rules:
XDR Rules:
Detection Sites:
Parkerian Hexad:
Logs references:
Sysmon references:
- https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
- https://github.com/Sysinternals/SysinternalsEBPF
- https://github.com/Sysinternals/SysmonForLinux
- https://github.com/SwiftOnSecurity/sysmon-config
- https://www.youtube.com/watch?v=kESndPO5Fig&list=PLk-dPXV5k8SG26OTeiiF3EIEoK4ignai7
- https://github.com/trustedsec/SysmonCommunityGuide
- https://github.com/trustedsec/SysmonCommunityGuide/blob/master/chapters/install_windows.md#installation-best-practice
IANA:
Email:
DNS:
- https://viewdns.info/
- https://dnsdumpster.com/
- https://dnsspy.io/scan
- https://dnschecker.org/reverse-dns.php
- https://www.nslookup.io/
- https://www.whatsmydns.net/
- https://hackertarget.com/zone-transfer/
Certificates Information:
Website Information:
Hardening Papers:
Projects:
Implement hardening in infrastructure:
- https://github.com/decalage2/awesome-security-hardening
- https://www.cisecurity.org/cis-benchmarks
- https://www.sans.org/information-security-policy/
- https://github.com/SpecterOps/TierZeroTable/
Zero trust:
- https://www.microsoft.com/en-us/security/business/zero-trust
- https://csrc.nist.gov/pubs/sp/800/207/final
- https://csrc.nist.gov/pubs/sp/1800/35/3prd
Security Baselines:
- https://learn.microsoft.com/en-us/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines
- https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines
Assessment and Auditing Tools:
Cybersecurity evaluation tools:
- CISA CSET: https://www.cisa.gov/downloading-and-installing-cset
- HIPAA: https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool
Compliance tools:
- https://www.microsoft.com/en-us/download/details.aspx?id=55319
- https://ubuntu.com/security/certifications/docs/16-18/cis/compliance
- https://github.com/Microsoft/PowerStig/wiki/
- https://public.cyber.mil/stigs/stig-viewing-tools/
Compliance CSF references:
- https://csf.tools/reference/nist-cybersecurity-framework/v1-1/
- https://csf.tools/reference/nist-sp-800-53/
Compliance Frameworks:
- PCI-DSS: https://www.pcisecuritystandards.org/
- HIPAA: https://www.hhs.gov/hipaa/for-professionals/index.html
- ISO: https://www.iso.org/home.html
- NIST: https://www.nist.gov/
- Other: https://www.rapid7.com/fundamentals/compliance-regulatory-frameworks/
NIST framework publications:
- Cybersecurity Framework: https://www.nist.gov/cyberframework
- NIST 800-171: https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final
- NIST 800-53: https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final
NIST Computer Security Resource Center (CSRC):
NIST CSRC FIPS:
NIST CSRC SP:
CIS:
SCuBA:
- https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project
- https://github.com/cisagov/ScubaGear
DISA STIG:
Compliance documents:
Risk Management:
- https://www.nist.gov/risk-management
- https://csrc.nist.gov/pubs/sp/800/39/final
- https://github.com/cingulara/openrmf-docs/
Reversing:
- https://github.com/HACKE-RC/awesome-reversing
- https://github.com/mytechnotalent/Reverse-Engineering
- https://0xinfection.github.io/reversing/
- https://guyinatuxedo.github.io/index.html
Secure coding articles:
- https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/stable-en/01-introduction/05-introduction
- https://snyk.io/learn/secure-coding-practices/
- https://developers.redhat.com/topics/secure-coding
Development guides:
Web General:
Certificates Information:
Exploit development:
Win32 API:
- https://github.com/microsoft/CsWin32
- https://github.com/microsoft/cppwinrt
- https://github.com/microsoft/windows-rs
- https://pinvoke.net/
Syscalls:
Blinding Sysmon:
- https://tierzerosecurity.co.nz/2024/03/27/blind-edr.html
- https://codewhitesec.blogspot.com/2022/09/attacks-on-sysmon-revisited-sysmonente.html
Shellcoding:
- https://axcheron.github.io/linux-shellcode-101-from-hell-to-shell/
- https://xacone.github.io/custom_shellcode.html
Hiding Stuff:
Malware Development Basics:
- https://otterhacker.github.io/Malware/Introduction/0%20-%20Introduction.html
- https://d3ext.github.io
Bypass AV/EDR summary:
- https://matro7sh.github.io/BypassAV/
- https://luemmelsec.github.io/Circumventing-Countermeasures-In-AD/
- https://synzack.github.io/Blinding-EDR-On-Windows/
- https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
Shellcoding:
Windows API:
- https://noelit911.github.io/Introduction-to-the-Windows-API/#
- https://learn.microsoft.com/en-us/windows/win32/apiindex/windows-api-list
- https://learn.microsoft.com/en-us/windows/win32/apiindex/windows-apisets
Bypass AMSI:
- https://rxored.github.io/post/csharploader/bypassing-amsi-with-csharp/
- https://ret2desync.github.io/using-msbuild-bypass-powershell-clm-amsi-scriptlogging/
- https://icyguider.github.io/2021/07/21/Bypass-AMSI-via-PowerShell-with-Zero-Effort.html
Process Hollowing:
- https://rxored.github.io/post/malware/process-hollowing/process-hollowing/
- https://alexfrancow.github.io/red-team/OffensiVe-Security-with-V-2-Process-Hollowing/
- https://alexfrancow.github.io/red-team/OffensiVe-Security-with-V-Shellcode-Execution/
- https://alexfrancow.github.io/red-team/OffensiVe-Security-with-V-3-XOR/
- https://alexfrancow.github.io/red-team/OffensiVe-Security-with-V-4-Caesar/
Under Radar:
- https://crypt0ace.github.io/posts/Staying-under-the-Radar/
- https://crypt0ace.github.io/posts/Staying-under-the-Radar-Part-2/
- https://crypt0ace.github.io/posts/Staying-under-the-Radar-Part-3/
Shellcode Injection:
COFF Loader:
APC Injection:
DLL Injection:
- https://noelit911.github.io/Payload-Unleashed-DLL-Injection/
- https://skr1x.github.io/reflective-loading-portable-executable-memory/
- https://xacone.github.io/remote-reflective-dll-injection.html
- https://otterhacker.github.io/Malware/Remote%20DLL%20Injection.html
- https://otterhacker.github.io/Malware/Reflective%20DLL%20injection.html
DLL Sideloading:
- https://github.com/georgesotiriadis/Chimera
- https://www.redpacketsecurity.com/chimera-automated-dll-sideloading-tool-with-edr-evasion-capabilities/
- https://www.crowdstrike.com/blog/dll-side-loading-how-to-combat-threat-actor-evasion-techniques/
ETW:
- https://otterhacker.github.io/Malware/ETW.html
- https://whiteknightlabs.com/2021/12/11/bypassing-etw-for-fun-and-profit/
- https://thewover.github.io/Cruller/
- https://0xstarlight.github.io/posts/Bypassing-Windows-Defender/
- https://benjitrapp.github.io/attacks/2024-02-11-offensive-etw/
- https://reprgm.github.io/2023/08/30/lets-make-malware-part-11/
- https://lougerard.github.io/me/posts/THM-monitoringevasion/
- https://damonmohammadbagher.github.io/Posts/11Feb2021x.html
Function Hooking:
Kernel Callback:
Module Stomping:
Bypass AV/EDR/MDR/XDR software:
- https://avred.r00ted.ch/
- https://github.com/dobin/avred
- https://github.com/netero1010/EDRSilencer
- https://github.com/myzxcg/RealBlindingEDR
- https://github.com/wavestone-cdt/EDRSandblast
- https://github.com/klezVirus/inceptor/
Bypass AV/EDR/MDR/XDR articles:
- https://book.hacktricks.xyz/windows-hardening/av-bypass
- https://luemmelsec.github.io/Circumventing-Countermeasures-In-AD/
- https://blog.scrt.ch/category/antivirus/
- https://blog.xpnsec.com/anti-debug-openprocess/
- https://medium.com/@0xHossam
Bypass AV/EDR/MDR/XDR learning:
LOL:
- https://lolol.farm/
- https://br0k3nlab.com/LoFP/
- https://loldrivers.io/
- https://gtfobins.github.io/
- https://lolbas-project.github.io/
- https://lots-project.com/
- https://filesec.io/
- https://malapi.io/
- https://hijacklibs.net/
- https://wadcoms.github.io/
- https://www.loobins.io/
- https://lolapps-project.github.io/
- https://www.bootloaders.io/
- https://www.mandiant.com/resources/blog/bring-your-own-land-novel-red-teaming-technique
- https://lothardware.com.tr/
- https://wtfbins.wtf/
- https://lofl-project.github.io/
- https://persistence-info.github.io/
- https://github.com/WithSecureLabs/lolcerts
Collection of notes:
- https://book.redteamguides.com/
- https://book.hacktricks.xyz/welcome/readme
- https://github.com/swisskyrepo/PayloadsAllTheThings
- https://swisskyrepo.github.io/PayloadsAllTheThingsWeb/
- https://github.com/swisskyrepo/InternalAllTheThings
- https://swisskyrepo.github.io/InternalAllTheThings/
- https://github.com/swisskyrepo/HardwareAllTheThings
- https://swisskyrepo.github.io/HardwareAllTheThings/
- https://www.thehacker.recipes/
- https://www.ired.team/
- https://ppn.snovvcrash.rocks/
- https://dmcxblue.gitbook.io/red-team-notes-2-0
Collection of cheat sheets:
- https://github.com/ivan-sincek/penetration-testing-cheat-sheet
- https://github.com/ivan-sincek/ios-penetration-testing-cheat-sheet
- https://github.com/ivan-sincek/android-penetration-testing-cheat-sheet
- https://github.com/ivan-sincek/wifi-penetration-testing-cheat-sheet
- https://github.com/drak3hft7/Cheat-Sheet---Active-Directory
- https://github.com/Kyuu-Ji/Awesome-Azure-Pentest
- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- https://hideandsec.sh/books/cheatsheets-82c/page/active-directory
- https://github.com/riramar/Web-Attack-Cheat-Sheet
- https://github.com/payloadbox/xss-payload-list
- https://github.com/payloadbox/command-injection-payload-list
- https://github.com/payloadbox/sql-injection-payload-list
- https://github.com/payloadbox/open-redirect-payload-list
- https://github.com/payloadbox/xxe-injection-payload-list
- https://github.com/payloadbox/rfi-lfi-payload-list
- https://github.com/payloadbox/directory-payload-list
- https://github.com/payloadbox/open-redirect-payload-list
- https://github.com/payloadbox/ssti-payloads
- https://github.com/payloadbox/csv-injection-payloads
- https://github.com/saisathvik1/OSCP-Cheatsheet
- https://github.com/saisathvik1/Linux-Privilege-Escalation-Notes
- https://github.com/saisathvik1/Windows-Privilege-Escalation-Notes
- https://0x4rt3mis.github.io/posts/OSEP-Cheat-Sheet/
- https://github.com/chvancooten/OSEP-Code-Snippets
- https://github.com/We5ter/Scanners-Box
- https://github.com/sinfulz/JustEvadeBro
- https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
Nice websites to read:
- https://packetstormsecurity.com/
- https://www.zerodayinitiative.com/blog/
- https://atomicredteam.io/
- https://blog.whiteflag.io/
- https://specterops.io/blog/
- https://trustedsec.com/research
- https://www.blackhillsinfosec.com/blog/
- https://www.sentinelone.com/blog/
- https://blog.scrt.ch/
- https://outflank.nl/blog/
- https://starlabs.sg/blog/
- https://tmpout.sh/
- https://s3cur3th1ssh1t.github.io/
- https://luemmelsec.github.io/
- https://blog.xpnsec.com/
- https://aadinternals.com/
- https://zxsecurity.co.nz/research
- https://www.riskinsight-wavestone.com/en/
- https://pentestlab.blog/
- https://thecontractor.io/
- https://shorsec.io/blog/
- https://dirkjanm.io/
- https://assume-breach.medium.com/
- https://0xsp.com/
- https://sokarepo.github.io/
- https://magisterquis.github.io/
- https://0xdf.gitlab.io
- https://offsec.almond.consulting/
- https://hideandsec.sh
- https://zer1t0.gitlab.io
- https://harmj0y.medium.com
- https://redsiege.com/red-siege-blog/
- https://www.hackthebox.com/blog/
- https://xacone.github.io/
- https://blog.redteam-pentesting.de/
- https://ipurple.team/
- https://sec-consult.com/blog/
- https://redfoxsec.com/blog/
- https://labs.nettitude.com/blog/
- https://www.netero1010-securitylab.com/
- https://cymulate.com/blog/
- https://synzack.github.io/
- https://frischkorn-nicholas.medium.com/
- https://douggemhax.wordpress.com/
- https://medium.com/@matterpreter
- https://www.matteomalvica.com/blog
- https://br-sn.github.io/
- https://de-engineer.github.io/
- https://malwaretech.com/
- https://www.elastic.co/blog/
- https://rxored.github.io/page/4/
- https://klezvirus.github.io/
- https://alexfrancow.github.io/
- https://crypt0ace.github.io/
- https://noelit911.github.io/
- https://attl4s.github.io/
- https://hdm.io/
- https://osandamalith.com/
Nice system administrator websites:
- https://www.informaticar.net/
- https://whackasstech.com/
- https://www.prajwaldesai.com/intune/
- https://joymalya.com/category/microsoft-intune/
- https://www.anoopcnair.com/intune/
- https://www.petervanderwoude.nl/
- https://4sysops.com/archives/
- https://adamtheautomator.com/
- https://www.digitalocean.com/community/tutorials/
- https://www.thelazyadministrator.com/
- https://myronhelgering.com/
Recommended read documentations:
- https://learn.microsoft.com/
- https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831360(v=ws.11)
- https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn786436(v=ws.11)
- https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn786440(v=ws.11)
Websites about news:
- https://packetstormsecurity.com/news/
- https://arstechnica.com/
- https://www.theregister.com/
- https://www.scmagazine.com/
- https://www.securityweek.com/
Nice articles to read:
- https://zer1t0.gitlab.io/posts/attacking_ad/
- https://medium.com/@br4nsh/from-linux-to-ad-10efb529fae9
- https://hideandsec.sh/books/windows-sNL/page/in-the-potato-family-i-want-them-all
- https://blog.whiteflag.io/blog/exploiting-windows-tokens/
- https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/
- https://offsec.almond.consulting/authenticating-with-certificates-when-pkinit-is-not-supported.html
- https://offsec.almond.consulting/ldap-authentication-in-active-directory-environments.html
- https://luemmelsec.github.io/Pentest-Everything-SMTP/
- https://synzack.github.io/Blinding-EDR-On-Windows/
- https://frischkorn-nicholas.medium.com/windows-evasion-edrs-shellcode-loaders-
- https://blog.xpnsec.com/lapsv2-internals/
- https://www.matteomalvica.com/blog/2020/07/15/silencing-the-edr/
- https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/
Collection of mindmaps:
- https://github.com/Ignitetechnologies/Mindmap/
- https://www.amanhardikar.com/mindmaps/
- https://www.amanhardikar.com/mindmaps/Practice.html
- https://orange-cyberdefense.github.io/ocd-mindmaps/
Whitepapers:
- https://packetstormsecurity.com/files/tags/paper/
- https://www.giac.org/research-papers/
- https://www.sans.org/white-papers/
- https://www.cisecurity.org/insights/white-papers
- https://csrc.nist.gov/publications/cswp
- https://www.crowdstrike.com/resources/white-papers/
Reporting software:
Report templates:
Reporting tips:
- https://www.blackhillsinfosec.com/dos-and-donts-of-pentest-report-writing/
- https://www.blackhillsinfosec.com/wp-content/uploads/2023/04/SLIDES_BB_Hacking_Reporting_2023-04.pdf
- https://www.blackhillsinfosec.com/your-reporting-matters-how-to-improve-pen-test-reporting/
RFC 9116:
Vulnerability reporting:
- https://docs.hackerone.com/en/articles/8473994-submitting-reports
- https://docs.bugcrowd.com/researchers/reporting-managing-submissions/reporting-a-bug/
CVE Process:
- https://nvd.nist.gov/general/cve-process
- https://cve.mitre.org/CVEIDsAndHowToGetThem.pdf
- https://cveproject.github.io/docs/content/key-details-phrasing.pdf
CNA: