Cyber Sec: Resources & Tools
- Snort https://www.snort.org
- Suricata https://suricata-ids.org
- AlienVault® OSSIM™ (https://cybersecurity.att.com)
- SolarWinds Security Event Manager (https://www.solarwinds.com)
- OSSEC (https://www.ossec.net)
- Zeek (https://zeek.org)
- Sagan Log Analysis Engine (https://quadrantsec.com)
- HoneyBOT https://www.atomicsoftwaresolutions.com
- KFSensor (http://www.keyfocus.net)
- MongoDB-HoneyProxy (https://github.com)
- Modern Honey Network (https://github.com)
- ESPot (https://github.com)
- HoneyPy (https://github.com)
- Squid Proxy http://www.squid-cache.org
- Whonix (https://www.whonix.org)
- Psiphon (https://psiphon.ca)
- FoxyProxy (https://getfoxyproxy.org)
- GeoSurf (https://www.geosurf.com)
- JonDo (https://anonymous-proxy-servers.net)
- Proxify (https://proxify.com)
- Guardster (http://www.guardster.com)
- Global Proxy Network (https://infatica.io)
- Anonym8 (https://github.com)
- ProxySite (https://www.proxysite.com)
- ProxyCap (https://www.proxycap.com)
- CCProxy (https://www.youngzsoft.net)
- Fiddler (https://www.telerik.com)
- BlackArch Proxy (https://blackarch.org)
- Artica Proxy (https://artica-proxy.com)
- Splunk Enterprise https://www.splunk.com
- ArcSight ESM (https://www.microfocus.com)
- IBM Qradar SIEM (https://www.ibm.com)
- AlienVault OSSIM (https://cybersecurity.att.com)
- FortiSIEM (https://www.fortinet.com)
- SolarWinds Security Event Manager (SEM) (https://www.solarwinds.com)
- Federal Rules of Evidence (United States) https://www.rulesofevidence.org
- Scientific Working Group on Digital Evidence (SWGDE) https://www.swgde.org
- The Association of Chief Police Officers (ACPO) Principles of Digital Evidence https://www.college.police.uk
- Exabeam Advanced Analytics (https://www.exabeam.com)
- LogRhythm UEBA (https://logrhythm.com)
- Dtex Systems (https://dtexsystems.com)
- Gurucul Risk Analytics (GRA) (https://gurucul.com)
- Securonix UEBA (https://www.securonix.com)
- Kaspersky Internet Security https://www.kaspersky.com
- McAfee® LiveSafe™ (https://www.mcafee.com)
- Bitdefender Total Security (https://bitdefender.com)
- HitmanPro (https://www.hitmanpro.com)
- Malwarebytes (https://www.malwarebytes.org)
- Zemana Antimalware (https://www.zemana.com)
- Bitdefender Antivirus Plus https://www.bitdefender.com
- ClamWin (http://www.clamwin.com)
- Kaspersky Anti-Virus (https://www.kaspersky.com)
- McAfee Total Protection (https://www.mcafee.com)
- Avast Premier Antivirus (https://www.avast.com)
- ESET Internet Security (https://www.eset.com)
- VMware ESXi https:/www.vmware.com
- Citrix Hypervisor https://www.citrix.com
- Virtual Iron https://www.oracle.com
- Microsoft Hyper-V Server https://www.microsoft.com
- VirtualBox https://www.virtualbox.org
- Docker Bench for Security https://github.com
- Twistlock (https://github.com)
- Aqua (https://www.aquasec.com)
- Anchore (https://anchore.com)
- NeuVector (https://neuvector.com)
- CloudPassage Halo (https://www.cloudpassage.com)
- Amazon Web Service (AWS) https://aws.amazon.com
- Microsoft Azure https://azure.microsoft.com
- Google Cloud Platform (GCP) https://cloud.google.com
- IBM Cloud https://www.ibm.com
- Qualys Cloud Platform https://www.qualys.com
- CloudPassage Halo (https://www.cloudpassage.com)
- McAfee MVISION Cloud (https://www.mcafee.com)
- CipherCloud (https://www.ciphercloud.com)
- Netskope Security Cloud (https://www.netskope.com)
- Prisma Cloud (https://www.paloaltonetworks.com)
- Nimbostratus https://andresriancho.github.io
- S3Scanner https://github.com
- Cloud Container Attack Tool (CCAT) https://github.com
- Pacu https://github.com
- DumpsterDiver https://github.com
- GCPBucketBrute https://rhinosecuritylabs.com
- Docker https://www.docker.com
- Amazon Elastic Container Service (ECS) (https://aws.amazon.com)
- Microsoft Azure Container Instances (ACI) (https://azure.microsoft.com)
- Red Hat OpenShift Container Platform (https://www.openshift.com)
- Portainer (https://www.portainer.io)
- HPE Ezmeral Container Platform (https://www.hpe.com)
- Kubernetes https://kubernetes.io
- Amazon Elastic Kubernetes Service (EKS) (https://aws.amazon.com)
- Docker Kubernetes Service (DKS) (https://www.docker.com)
- Knative (https://cloud.google.com)
- IBM Cloud Kubernetes Service (https://www.ibm.com)
- Google Kubernetes Engine (GKE) (https://cloud.google.com)
- Cisco Adaptive Wireless IPS https://www.cisco.com
- AirMagnet WiFi Analyzer PRO (https://www.netally.com)
- RFProtect (https://www.arubanetworks.com)
- Fern Wifi Cracker (https://github.com)
- OSWA-Assistant (http://securitystartshere.org)
- BoopSuite (https://github.com)
- Miradore https://www.miradore.com
- AirWatch (https://www.vmware.com)
- Microsoft Intune (https://www.microsoft.com)
- IBM MaaS360 (https://www.ibm.com)
- XenMobile (https://www.citrix.com)
- Absolute Manage MDM (http://www.absolute.com)
- Microsoft Intune https://www.microsoft.com
- AppStation's MAM (https://www.mobileiron.com)
- Scalefusion Application Management (https://scalefusion.com)
- ManageEngine Mobile Device Manager Plus (https://www.manageengine.com)
- Apriorit Enterprise Mobile Device and Application Management (https://www.apriorit.com)
- Appaloosa (https://www.appaloosa.io)
- Vaultize (https://www.vaultize.com)
- MobileIron (https://www.mobileiron.com)
- AppTec360° (https://www.apptec360.com)
- MobileIron Threat Defense (MTD) (https://www.mobileiron.com)
- Pradeo Security Mobile Threat Defense (https://www.pradeo.com)
- Zimperium Mobile Threat Defense (MTD) (https://www.zimperium.com)
- Wandera Mobile Threat Defense (https://www.wandera.com)
- Lookout MTD (https://www.lookout.com)
- 42Gears MEM (https://www.42gears.com)
- Hexnode Mobile Email Management (https://www.hexnode.com)
- Mimecast Mobile Email Management (https://www.mimecast.com)
- ManageEngine Mobile Device Manager Plus (https://www.manageengine.com)
- 42Gears Enterprise Mobility Management (EMM) (https://www.42gears.com)
- Scalefusion EMM (https://scalefusion.com)
- IBM Security MaaS360® (https://www.ibm.com)
- Zebra Enterprise Mobility Management (EMM) Tool Kit (https://www.zebra.com)
- Mobileiron UEM (https://www.mobileiron.com)
- Ivanti Unified Endpoint Manager (https://www.ivanti.com)
- Workspace ONE UEM (https://www.vmware.com)
- ManageEngine Desktop Central (https://www.manageengine.com)
- 42Gears UEM (https://www.42gears.com)
- Malwarebytes Security https://play.google.com
- Lookout Personal (https://www.lookout.com)
- Zimperium’s zIPS (https://www.zimperium.com)
- BullGuard Mobile Security (https://www.bullguard.com)
- Norton Security for iOS (https://us.norton.com)
- Comodo Mobile Security (https://m.comodo.com)
- zANTI https://www.zimperium.com An Android app that allows you to perform attacks, such as spoof MAC address, creating a malicious Wi-Fi hotspot, and hijack session
- Network Spoofer (https://www.digitalsquid.co.uk)
- Low Orbit Ion Cannon (LOIC) (https://droidinformer.org)
- DroidSheep (https://droidsheep.info)
- Orbot Proxy (https://guardianproject.info)
- PhoneSploit (https://github.com)
- Kaspersky Internet Security for Android https://my.kaspersky.com
- Avira Antivirus Security (https://www.avira.com)
- Avast Mobile Security (https://www.avast.com)
- McAfee Mobile Security (https://www.mcafeemobilesecurity.com)
- Lookout Mobile Security and Antivirus (https://www.lookout.com)
- Sophos Mobile Security (https://www.sophos.com)
- Elcomsoft Phone Breaker https://www.elcomsoft.com
- Fing - Network Scanner (https://apps.apple.com)
- Network Analyzer Master (https://apps.apple.com)
- Spyic (https://spyic.com)
- iWepPRO (https://apps.apple.com)
- Frida (https://www.frida.re)
- Avira Mobile Security Source: https://www.avira.com
- Norton Mobile Security (https://us.norton.com)
- LastPass Password Manager (https://www.lastpass.com)
- Lookout Mobile Security (https://www.lookout.com)
- SplashID Safe Password Manager (https://www.splashid.com)
- Webroot Mobile Security (https://www.webroot.com)
- Firmalyzer https://firmalyzer.com
- RIoT Vulnerability Scanner https://www.beyondtrust.com
- Foren6 https://cetic.github.io
- IoT Inspector https://www.iot-inspector.com
- RFCrack https://github.com
- HackRF One https://greatscottgadgets.com
- Azure IoT Central https://azure.microsoft.com
- Oracle IoT Asset Monitoring Cloud (https://www.oracle.com)
- Predix (https://www.ge.com)
- Cloud IoT Core (https://cloud.google.com)
- IBM Watson IoT Platform (https://www.ibm.com)
- AT&T IoT Connectivity Management (https://www.business.att.com)
- Bevywise IoT Simulator https://www.bevywise.com
- SeaCat.io (https://teskalabs.com)
- DigiCert IoT Security Solutions (https://www.digicert.com)
- FortiNAC (https://www.fortinet.com)
- Darktrace (https://www.darktrace.com)
- Cisco IoT Threat Defense (https://www.cisco.com)
- Symantec Critical System Protection (https://www.symantec.com)
- ICS Exploitation Framework (ISF) https://github.com
- SCADA Shutdown Tool https://github.com
- GRASSMARLIN https://github.com
- Metasploit https://www.metasploit.com
- modbus-cli https://github.com
- PLCinject https://github.com
- Flowmon https://www.flowmon.com Flowmon empowers manufacturers and utility companies to ensure the reliability of their industrial networks to avoid downtime and disruption of service continuity
- tenable.ot https://www.tenable.com
- Forescout https://www.forescout.com
- PA-220R https://www.paloaltonetworks.com
- Fortinet ICS/SCADA solution https://www.fortinet.com
- Nozomi Networks Guardian https://www.nozominetworks.com
- MD5 Calculator https://www.bullzip.com
- HashMyFiles https://www.nirsoft.net
- MD6 Hash Generator (https://www.browserling.com)
- All Hash Generator (https://www.browserling.com)
- MD6 Hash Generator (https://convert-tool.com)
- md5 hash generator (https://onlinehashtools.com)
- HashCalc (https://www.slavasoft.com)
- FastSum https://www.fastsum.com
- WinMD5 https://www.winmd5.com
- Hash Tools https://play.google.com
- Hash Droid https://play.google.com
- Hash Checker (https://play.google.com)
- Hashr Hash & Checksum Calculator (https://play.google.com)
- Hash Calc (https://play.google.com)
- Hash Generator Checksum Calculator (https://play.google.com)
- Hash Smart Checker (https://play.google.com)
- BCTextEncoder https://www.jetico.com
- AxCrypt (https://axcrypt.net)
- Microsoft Cryptography Tools (https://docs.microsoft.com)
- Concealer (https://www.belightsoft.com)
- CryptoForge (https://www.cryptoforge.com)
- Cyphertop (https://cyphertop.com)
- Comodo https://www.comodoca.com
- IdenTrust https://www.identrust.com
- DigiCert CertCentral https://www.digicert.com
- GoDaddy https://www.godaddy.com
- VeraCrypt https://www.veracrypt.fr
- BitLocker Drive Encryption (https://docs.microsoft.com)
- FinalCrypt (https://www.finalcrypt.org)
- Seqrite Encryption Manager (https://www.seqrite.com)
- FileVault (https://support.apple.com)
- Gilisoft Full Disk Encryption (http://www.gilisoft.com)
- Advanced Encryption Package http://www.aeppro.com
- AxCrypt (https://www.axcrypt.net)
- idoo File Encryption (https://www.idooencryption.com)
- Cryptomator (https://cryptomator.org)
- Encrypto (https://macpaw.com)
- AES Crypt (https://www.aescrypt.com)
- GiliSoft USB Encryption http://www.gilisoft.com
- idoo USB Encryption (https://www.idooencryption.com)
- Kakasoft USB Security (https://www.kakasoft.com)
- Rohos Mini Drive (https://www.rohos.com)
- McAfee File & Removable Media Protection (https://www.mcafee.com)
- MFG’s Removable Media Encryption (https://www.managedencryption.co.uk)
- OpenStego https://www.openstego.com
- StegSpy http://www.spy-hunter.com
- Steganography Studio (http://stegstudio.sourceforge.net)
- CryptaPix (https://www.briggsoft.com)
- GiliSoft File Lock Pro (http://gilisoft.com)
- wbStego (https://wbstego.wbailer.com)
- Data Stash (https://www.skyjuicesoftware.com)
- OmniHide PRO (https://omnihide.com)
- Masker (http://softpuls.weebly.com)
- DeepSound (http://jpinsoft.net)
- DBAN (https://dban.org)
- east-tec InvisibleSecrets (https://www.east-tec.com)
- NetworkOpenedFiles https://www.nirsoft.net
- Process Dumper https://github.com
- PromiscDetect tool https://vidstromlabs.com
- ESEDatabaseView https://www.nirsoft.net
- DriveLetterView https://www.nirsoft.net
- Redline https://www.fireeye.com
- ChromeCacheView https://www.nirsoft.net
- ChromeCookiesView https://www.nirsoft.net
- ChromeHistoryView https://www.nirsoft.net
- MZCacheView (https://www.nirsoft.net)
- MZCookiesView (https://www.nirsoft.net)
- MZHistoryView (https://www.nirsoft.net)
- IECacheView (https://www.nirsoft.net)
- EdgeCookiesView (https://www.nirsoft.net)
- BrowsingHistoryView (https://www.nirsoft.net)
- Metashield Analyzer https://www.elevenpaths.com
- Volatility Framework https://volatilityfoundation.org/
- PhotoRec Tool https://www.cgsecurity.org
- OS X Auditor (https://github.com)
- Recon Imager (https://sumuri.com)
- Memoryze for the Mac (https://www.fireeye.com)
- Stellar Data Recovery Professional for Mac (https://www.stellarinfo.com)
- F-Response (https://www.f-response.com)
- volafox (https://github.com)
- Volatility (https://www.volatilityfoundation.org)
- mac_apt macOS (and iOS) Artifact Parsing Tool (https://github.com)
- SysTools Mailpro+ https://www.systoolsgroup.com
- Email Dossier https://centralops.net
- Email Address Verifier https://tools.verifyemailaddress.io
- Email Checker https://email-checker.net
- G-Lock Software Email Verifier https://www.glocksoft.com
- Paraben's Electronic Evidence Examiner https://paraben.com
- Malware Analysis Challenges https://www.hhs.gov
- VirusTotal https://www.virustotal.com
- Virtual Box (https://www.virtualbox.org)
- Parallels Desktop (https://www.parallels.com)
- VMware vSphere Hypervisor (https://www.vmware.com)
- NetSim (https://www.tetcos.com)
- ns-3 (https://www.nsnam.org)
- Riverbed Modeler (https://www.riverbed.com)
- QualNet (https://www.scalable-networks.com)
- Snagit (https://www.techsmith.com)
- Camtasia (https://www.techsmith.com)
- Ezvid (https://www.ezvid.com)
- Genie Backup Manager Pro (https://www.zoolz.com)
- Macrium Reflect Server (https://www.macrium.com)
- R-Drive Image (https://www.drive-image.com)
- O&O DiskImage (https://www.oo-software.com)
- PEiD https://github.com
- Pestudio https://www.winitor.com
- Dependency Walker https://www.dependencywalker.com
- OllyDbg http://www.ollydbg.de
- WhatChanged Portable https://portableapps.com
- RegRipper https://github.com
- Windows Service Manager (SrvMan) https://sysprogs.com
API Monitor http://www.rohitab.com
- DriverView https://www.nirsoft.net
- Tripwire Enterprise https://www.tripwire.com
- PA File Sight https://www.poweradmin.com
- Genie Backup Manager Pro (https://www.zoolz.com)
- BullGuard Backup (https://www.bullguard.com)
- NTI Backup Now EZ (https://www.nticorp.com)
- Power2Go 13 (https://www.cyberlink.com)
- Backup4all (https://www.backup4all.com)
- EaseUS Data Recovery Wizard https://www.easeus.com
- Recuva (https://www.ccleaner.com)
- Puran File Recovery (http://www.puransoftware.com)
- Glary Undelete (https://www.glarysoft.com)
- SoftPerfect File Recovery (https://www.softperfect.com)
- Wise Data Recovery (https://www.wisecleaner.com)
- WinHex https://x-ways.net
- Recover My Files https://getdata.com
- DiskDigger https://diskdigger.org
- Handy Recovery https://www.handyrecovery.com
- Quick Recovery https://www.recoveryourdata.com
- Stellar Phoenix Windows Data Recovery https://www.stellarinfo.com
- Passware Kit Forensic https://www.passware.com
- L0phtCrack https://www.l0phtcrack.com
- ophcrack https://ophcrack.sourceforge.io
- Cain & Abel https://www.oxid.it
- RainbowCrack https://project-rainbowcrack.com
- Offline NT Password & Registry Editor https://pogostick.net
- John the Ripper https://www.openwall.com
- hashcat https://hashcat.net
- THC-Hydra https://github.com
- Medusa http://foofus.net
- https://open-sez.me
- https://www.fortypoundhead.com
- https://cirt.net
- http://www.defaultpassword.us
- https://www.routerpasswords.com
- https://default-password.info
- https://www.defpass.com
- MyDLP https://mydlp.com
- Symantec Data Loss Prevention (https://www.symantec.com)
- SecureTrust Data Loss Prevention (https://www.securetrust.com)
- McAfee Total Protection (https://www.mcafee.com)
- Check Point Data Loss Prevention (https://www.checkpoint.com)
- Digital Guardian Endpoint DLP (https://digitalguardian.com)
- Belkasoft Live RAM Capturer https://belkasoft.com
- Bulk Extractor https://digitalcorpora.org
- AccessData FTK Imager https://accessdata.com
- Examples of Phishing Emails https://its.tntech.edu
- ShellPhish https://github.com
- BLACKEYE https://github.com
- PhishX https://github.com
- Modlishka https://github.com
- Trape https://github.com
- Evilginx https://github.com
- Netcraft https://www.netcraft.com
- PhishTank https://www.phishtank.com
- Social Engineering Toolkit (SET) https://www.trustedsec.com
- SpeedPhish Framework (SPF) (https://github.com)
- Gophish (https://getgophish.com)
- King Phisher (https://github.com)
- LUCY (https://www.lucysecurity.com)
- MSI Simple Phish (https://microsolved.com)
- OhPhish https://ohphish.eccouncil.org
- Mac Flooding Switches with macof https://www.monkey.org
- arpspoof https://linux.die.net
- BetterCAP (https://www.bettercap.org)
- Ettercap (http://www.ettercap-project.org)
- dsniff (https://www.monkey.org)
- MITMf (https://github.com)
- Arpoison (https://sourceforge.net)
- High Orbit Ion Cannon (HOIC) https://sourceforge.net
- Low Orbit Ion Cannon (LOIC) https://sourceforge.net
- XOIC (http://anonhacktivism.blogspot.com)
- HULK (https://siberianlaika.ru)
- Tor’s Hammer (https://sourceforge.net)
- Slowloris (https://github.com)
- PyLoris (https://sourceforge.net)
- R-U-Dead-Yet (https://sourceforge.net)
- Anti DDoS Guardian http://www.beethink.com
- Imperva DDoS Protection (https://www.imperva.com)
- DOSarrest’s DDoS protection service (https://www.dosarrest.com)
- DDoS-GUARD (https://ddos-guard.net)
- Cloudflare (https://www.cloudflare.com)
- F5 (https://f5.com)
- OWASP ZAP https://owasp.org
- Burp Suite (https://portswigger.net)
- bettercap (https://www.bettercap.org)
- netool toolkit (https://sourceforge.net)
- WebSploit Framework (https://sourceforge.net)
- sslstrip (https://pypi.org)
- Wireshark https://www.wireshark.org
- USM Anywhere (https://cybersecurity.att.com)
- Check Point IPS (https://www.checkpoint.com)
- LogRhythm (https://logrhythm.com)
- SolarWinds Security Event Manager (SEM) (https://www.solarwinds.com)
- IBM Security Network Intrusion Prevention System (https://www.ibm.com)
- Metasploit https://www.metasploit.com
- Immunity’s CANVAS (https://www.immunityinc.com)
- THC Hydra (https://github.com)
- HULK DoS (https://github.com)
- MPack (https://sourceforge.net)
- w3af (https://w3af.org)
- Fortify WebInspect Source: https://www.microfocus.com
- Acunetix Web Vulnerability Scanner (https://www.acunetix.com)
- Retina Host Security Scanner (https://www.beyondtrust.com)
- NetIQ Secure Configuration Manager (https://www.netiq.com)
- SAINT Security Suite (https://www.carson-saint.com)
- Sophos Intercept X for Server (https://www.sophos.com)
- Burp Suite https://portswigger.net
- OWASP Zed Attack Proxy (ZAP) https://www.owasp.org
- Metasploit (https://www.metasploit.com)
- w3af (http://w3af.org)
- Nikto (https://cirt.net)
- Sn1per (https://github.com)
- WSSiP (https://github.com)
- N-Stalker Web App Security Scanner https://www.nstalker.com
- Acunetix WVS (https://www.acunetix.com)
- Browser Exploitation Framework (BeEF) (http://beefproject.com)
- Metasploit (https://www.metasploit.com)
- PowerSploit (https://github.com)
- Watcher (https://www.casaba.com)
- sqlmap http://sqlmap.org
- Mole (https://sourceforge.net)
- Blisqy (https://github.com)
- blind-sql-bitshifting (https://github.com)
- NoSQLMap (https://github.com)
- SQL Power Injector (http://www.sqlpowerinjector.com)
- Damn Small SQLi Scanner (DSSS) https://github.com
- OWASP ZAP (https://www.owasp.org)
- Snort (https://www.snort.org)
- Burp Suite (https://portswigger.net)
- HCL AppScan (https://www.hcltech.com)
- w3af (https://w3af.org)
- Aircrack-ng Suite: http://www.aircrack-ng.org
- AirMagnet WiFi Analyzer PRO https://www.netally.com
- Ettercap https://www.ettercap-project.org
- Wifiphisher https://wifiphisher.org
- Reaver https://github.com
- Fern Wifi Cracker https://github.com
- Elcomsoft Wireless Security Auditor https://www.elcomsoft.com
- Cisco Adaptive Wireless IPS https://www.cisco.com
- AirMagnet WiFi Analyzer PRO (https://www.netally.com)
- RFProtect (https://www.arubanetworks.com)
- WatchGuard WIPS (https://www.watchguard.com)
- AirMagnet Planner (https://www.netally.com)
- Extreme AirDefense (https://www.extremenetworks.com)
- BluetoothView https://www.nirsoft.net
- BlueZ (http://www.bluez.org)
- BtleJack (https://github.com)
- BTCrawler (http://petronius.sourceforge.net)
- BlueScan (http://bluescanner.sourceforge.net)
- Bluetooth Scanner btCrawler (https://play.google.com)
- Web Data Extractor http://www.webextractor.com
- Whois Lookup https://whois.domaintools.com
- Tamos https://www.tamos.com
- Nmap https://nmap.org
- MegaPing http://www.magnetosoft.com
- Unicornscan https://www.kali.org/tools/unicornscan/
- Hping2/Hping3 http://www.hping.org
- NetScanTools Pro https://www.netscantools.com
- SolarWinds Port Scanner https://www.solarwinds.com
- PRTG Network Monitor https://www.paessler.com
- OmniPeek Network Protocol Analyzer https://www.liveaction.com
- Nbtstat Utility https://docs.microsoft.com
- nbtstat [-a RemoteName] [-A IP Address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [Interval]
- NetBIOS Enumerator http://nbtenum.sourceforge.net
- Global Network Inventory http://www.magnetosoft.com
- Advanced IP Scanner https://www.advancedip-scanner.com
- Hyena https://www.systemtools.com
- Nsauditor Network Security Auditor https://www.nsauditor.com
- Common Vulnerability Scoring System (CVSS) https://www.first.org
- Common Vulnerabilities and Exposures (CVE) https://cve.mitre.org
- National Vulnerability Database (NVD) https://nvd.nist.gov
- Common Weakness Enumeration (CWE) https://cwe.mitre.org
- Qualys Vulnerability Management https://www.qualys.com
- OpenVAS https://www.openvas.org
- GFI LanGuard https://www.gfi.com
- Nessus Professional https://www.tenable.com
- Nikto https://cirt.net
- Qualys FreeScan https://freescan.qualys.com
- Acunetix Web Vulnerability Scanner https://www.acunetix.com
- Nexpose https://www.rapid7.com
- Network Security Scanner https://www.beyondtrust.com
- SAINT Security Suite https://www.carson-saint.com
- beSECURE (AVDS) https://www.beyondsecurity.com
- Core Impact https://www.coresecurity.com
- N-Stalker Web Application Security Scanner https://www.nstalker.com
- Exploit-DB https://www.exploit-db.com
- SecurityFocus https://www.securityfocus.com
- Microsoft Vulnerability Research (MSVR) (https://www.microsoft.com)
- Dark Reading (https://www.darkreading.com)
- SecurityTracker (https://securitytracker.com)
- Trend Micro (https://www.trendmicro.com)
- Security Magazine (https://www.securitymagazine.com)
- PenTest Magazine (https://pentestmag.com)
- SC Magazine (https://www.scmagazine.com)
- Help Net Security (https://www.helpnetsecurity.com)
- HackerStorm (http://www.hackerstorm.co.uk)
- Computerworld (https://www.computerworld.com)
- WindowsSecurity (http://www.windowsecurity.com)
- D’Crypt (https://www.d-crypt.com)
- Wireshark https://www.wireshark.org https://wiki.wireshark.org
- tcpdump https://www.tcpdump.org
- Riverbed Packet Analyzer Plus (https://www.riverbed.com)
- OmniPeek (https://www.liveaction.com)
- Observer Analyzer (https://www.viavisolutions.com)
- SolarWinds Deep Packet Inspection and Analysis (https://www.solarwinds.com)
- Xplico (https://www.xplico.org)
- SteelCentral Packet Analyzer https://www.riverbed.com
- PRTG Network Monitor https://www.paessler.com
- SolarWinds Network Performance Monitor (https://www.solarwinds.com)
- ManageEngine OpManager (https://www.manageengine.com)
- Capsa Free Network Analyzer (https://www.colasoft.com)
- Monitis Network Monitoring Solution (https://www.monitis.com)
- Nagios Network Analyzer (https://www.nagios.com)
- Payment Card Industry Data Security Standard (PCI DSS) https://www.pcisecuritystandards.org
- Health Insurance Portability and Accountability Act (HIPAA) https://www.hhs.gov
- Sarbanes Oxley Act (SOX) https://www.sec.gov
- Gramm-Leach-Bliley Act (GLBA) https://www.ftc.gov
- General Data Protection Regulation (GDPR) https://gdpr.eu
- Data Protection Act 2018 (DPA) https://www.legislation.gov.uk
- ISO Information Security Standards https://www.iso27001security.com
- The Digital Millennium Copyright Act (DMCA) https://www.copyright.gov
- The Federal Information Security Management Act (FISMA) https://csrc.nist.gov
- The Electronic Communications Privacy Act https://it.ojp.gov
- http://www.metasploit.com/ – World’s most used penetration testing software
- http://www.arachni-scanner.com/ – Web Application Penetration Testing Scanner Framework
- https://github.com/sullo/nikto – Nikto web server scanner
- http://www.tenable.com/products/nessus-vulnerability-scanner – Nessus Vulnerability Scanner
- http://www.portswigger.net/burp/intruder.html – Burp Intruder is a Web Application Penetration Testing Tools for automating customized attacks against web apps.
- http://www.openvas.org/ – The world’s most advanced Open Source vulnerability scanner and manager.
- https://github.com/iSECPartners/Scout2 – Security auditing tool for AWS environments
- https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project – Is a multi threaded java application designed to brute force directories and files names on web/application servers.
- https://www.owasp.org/index.php/ZAP – The Zed Attack Proxy is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications.
- https://github.com/tecknicaltom/dsniff – dsniff is a collection of tools for network auditing and penetration testing.
- https://github.com/WangYihang/Webshell-Sniper – Manage your web shell via terminal.
- https://github.com/DanMcInerney/dnsspoof – DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
- https://github.com/trustedsec/social-engineer-toolkit – The Social-Engineer Toolkit (SET) repository from TrustedSec
- https://github.com/sqlmapproject/sqlmap – Automatic SQL injection and database takeover tool
- https://github.com/beefproject/beef – The Browser Exploitation Framework Project
- http://w3af.org/ – w3af is a Web Application Attack and Audit Framework
- https://github.com/espreto/wpsploit – WPSploit, Exploiting WordPress With Metasploit
- https://github.com/WangYihang/Reverse-Shell-Manager – Reverse shell manager via terminal.
- https://github.com/RUB-NDS/WS-Attacker – WS-Attacker is a modular framework for web services penetration testing
- https://github.com/wpscanteam/wpscan – WPScan is a black box WordPress vulnerability scanner
- http://sourceforge.net/projects/paros/ Paros proxy
- https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project Web Scarab proxy
- https://code.google.com/p/skipfish/ Skipfish, an active Web Application Penetration Testing reconnaissance tool
- http://www.acunetix.com/vulnerability-scanner/ Acunetix Web Vulnerability Scanner
- http://www-03.ibm.com/software/products/en/appscan IBM Security AppScan
- https://www.netsparker.com/web-vulnerability-scanner/ Netsparker web vulnerability scanner
- http://www8.hp.com/us/en/software-solutions/webinspect-dynamic-analysis-dast/index.html HP Web Inspect
- https://github.com/sensepost/wikto Wikto – Nikto for Windows with some extra features
- http://samurai.inguardians.com Samurai Web Testing Framework
- https://code.google.com/p/ratproxy/ Ratproxy
- http://www.websecurify.com Websecurify
- http://sourceforge.net/projects/grendel/ Grendel-scan
- https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project DirBuster
- http://www.edge-security.com/wfuzz.php Wfuzz
- http://wapiti.sourceforge.net wapiti
- https://github.com/neuroo/grabber Grabber
- https://subgraph.com/vega/ Vega
- http://websecuritytool.codeplex.com Watcher passive web scanner
- http://xss.codeplex.com x5s XSS and Unicode transformations security testing assistant
- http://www.beyondsecurity.com/avds AVDS Vulnerability Assessment and Management
- http://www.golismero.com Golismero
- http://www.ikare-monitoring.com IKare
- http://www.nstalker.com N-Stalker X
- https://www.rapid7.com/products/nexpose/index.jsp Nexpose
- http://www.rapid7.com/products/appspider/ App Spider
- http://www.milescan.com ParosPro
- https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning
- http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina
- https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework
- https://github.com/future-architect/vuls Vulnerability scanner for Linux, agentless, written in golang.
- https://github.com/rastating/wordpress-exploit-framework A Ruby framework for developing and using modules that aid in the penetration testing of WordPress-powered websites and systems.
- http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, and practice penetration testing skills.
- https://github.com/joaomatosf/jexboss JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
- https://github.com/commixproject/commix Automated All-in-One OS command injection and exploitation tool
- https://github.com/pathetiq/BurpSmartBuster A Burp Suite content discovery plugin that adds the smart into the Buster!
- https://github.com/GoSecure/csp-auditor Burp and ZAP plugin to analyze CSP headers
- https://github.com/ffleming/timing_attack Perform timing attacks against web applications
- https://github.com/lalithr95/fuzzapi Fuzzapi is a tool used for REST API pentesting
- https://github.com/owtf/owtf Offensive Web Testing Framework (OWTF)
- https://github.com/nccgroup/wssip Application for capturing, modifying, and sending custom WebSocket data from client to server and vice versa.
- https://github.com/tijme/angularjs-csti-scanner Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS).
- https://www.advanced-port-scanner.com/ Advanced Port Scanner
- https://nmap.org/book/port-scanning-tutorial.html TCP with Nmap
- https://www.ipvoid.com/ IPVOID
- https://networkappers.com/ Network Tool
- https://mxtoolbox.com/DNSLookup.aspx DNS Tools
- https://hidemy.io/en/ Web Proxy and Privacy Tool
- https://www.solarwinds.com/engineers-toolset/use-cases/open-port-scanner Solar Winds Port Scanner
- https://www.whatismyip.com/ IP Tool
- https://www.home.neustar/about-us/news-room/press-releases/2010/neustar-ultradns-unveils-free-ultratools-website UltraTools
- https://www.yougetsignal.com/ Yougetsignal
- https://pipl.com/ pipl
- http://www.mylife.com/ MyLife
- https://yippy.com/ Yippy
- http://lookahead.surfwax.com/ Surfwax
- https://archive.org/web/ Way Back Machine
- https://scholar.google.com.ph/ Google Scholar
- https://duckduckgo.com/ DuckDuckgo
- https://fazzle.com/ Fazzle
- http://hss3uro2hsxfogfq.onion not Evil
- https://www.startpage.com/ Start Page
- https://www.spokeo.com/ Spokeo
- http://n0p.net/penguicon/php_app_sec/mirror/xss.html – XSS cheatsheet
- https://highon.coffee/blog/lfi-cheat-sheet/ – LFI Cheat Sheet
- https://highon.coffee/blog/reverse-shell-cheat-sheet/ – Reverse Shell Cheat Sheet
- https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ – SQL Injection Cheat Sheet
- https://www.gracefulsecurity.com/path-traversal-cheat-sheet-windows/ – Path Traversal Cheat Sheet: Windows
- https://www.manageengine.com/vulnerability-management/ OpenVAS Vulnerability Scanner
- https://www.tripwire.com/products/tripwire-ip360 Tripwire IP360
- https://intruder.io/?&utm_source=gbhackers&utm_medium=p_referral&utm_campaign=global|fixed|vulnerability_scanner_tools Intruder vulnerability scanner
- https://www.comodo.com/hackerproof/?track=8258 Comodo HackerProof
- https://www.tenable.com/products/nessus Nessus Vulnerability Scanner
- https://www.rapid7.com/products/nexpose/ Nexpose community
- https://www.cirt.net/nikto2/ Nikto
- https://www.wireshark.org/ Wireshark
- https://www.aircrack-ng.org/ Aircrack-ng
- https://retina234.rssing.com/chan-14983683/article50.html Retina network security scanner
- http://cve.mitre.org/ – Common Vulnerabilities and Exposures. The Standard for Information Security Vulnerability Names. Web Application Pentesting Tools.
- https://www.exploit-db.com/ – The Exploit Database – the ultimate archive of Exploits, Shellcode, and Security Papers.
- http://0day.today/ – Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.
- http://osvdb.org/ – OSVDB’s goal is to provide accurate, detailed, current, and unbiased technical security information.
- http://www.securityfocus.com/ – Since its inception in 1999, SecurityFocus has been a mainstay in the security community.
- http://packetstormsecurity.com/ – Global Security Resource
- https://wpvulndb.com/ – WPScan Vulnerability Database
- https://my.norton.com/extspa/passwordmanager Norton Password Manager
- https://www.lastpass.com/password-manager LastPass Password Manager
- https://www.dashlane.com/ Dashlane Password Manager
- https://www.zoho.com/vault/ Zoho Vault
- https://www.stickypassword.com/ Sticky Password
- https://www.splashid.com/best-password-manager SplashID Password Manager
- https://keepass.info/ Keepass Password Manager
- https://www.roboform.com/ RoboForm
- https://logmeonce.com/ LogMeOnce Password Manager
- https://www.enpass.io/ Enpass Password Manager
- https://www.ivanti.com/products/endpoint-manager Ivanti Endpoint Management Software
- https://www.sentinelone.com/platform/?utm_medium=paid-search&utm_source=google-paid&utm_campaign=apj-ind-en-g-s-brand&utm_term=Sentinelone&utm_campaignid=19538119170&ad_id=644475838448&gad_source=1&gclid=CjwKCAiA3aeqBhBzEiwAxFiOBiAS_iTVzYZVM6tKK6F4EqsU4-lHptzubhNcBodiq-YVVK8feRJdahoCBKIQAvD_BwE SentinelOne
- https://www.sophos.com/en-us/products/endpoint-antivirus?cmp=7014w000001sQT4AAM&utm_source=Google&utm_campaign=IndiaSearchV4%7cBrand%7cB-Endpointprotection&utm_medium=cpc&utm_id=01010&utm_content=SM118385&gad_source=1&gclid=CjwKCAiA3aeqBhBzEiwAxFiOBv9NF84uu-ZVYakUW_exmBsqpHQtNHVl0l8BHY6NiUUAgWdu4bOtrxoCGLgQAvD_BwE&gclsrc=aw.ds Sophos
- https://www.manageengine.com/products/desktop-central/ EndPoint Central
- https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune Microsoft Intune
- https://www.vmware.com/in/topics/glossary/content/unified-endpoint-management.html VMware
- https://docs.citrix.com/en-us/citrix-endpoint-management/endpoint-management.html Citrix Systems
- https://www.gendigital.com/us/en/ Gen Digital
- https://www.bitdefender.com/business/solutions/endpoint-security.html Bitdefender
- https://www.crowdstrike.com/cybersecurity-101/endpoint-security/endpoint-management/ CrowdStrike
- https://www.splunk.com/en_us/download/splunk-cloud.html Splunk
- https://www.ibm.com/account/reg/signup?formid=urx-30445 IBM Security QRadar
- https://www.microfocus.com/cyberres/products?trial=true ArcSight
- https://learn.microsoft.com/en-us/azure/sentinel/overview Microsoft Sentinel
- https://chronicle.security/ Google Chronicle Security
- https://cybersecurity.att.com/products/usm-anywhere/free-trial?utm_internal=sb_freetrial_modal OSSIM
- https://www.ossec.net/ossec-downloads/ OSSEC
- https://console.cloud.wazuh.com/sign-up?landing=trial Wazuh
- https://metron.apache.org/documentation/#releases Apache Metron
- https://aws.amazon.com/marketplace/pp/prodview-saajoeydschi2 SIEMonster
- https://www.prelude-siem.org/projects/prelude/files Prelude SIEM
- https://securityonionsolutions.com/ Security Onion
- https://suricata.io/download/ Suricata
- https://www.ssllabs.com/ssltest/index.html – This service performs a deep analysis of the configuration of any SSL web server on the public Internet.
- https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html – Strong SSL Security on nginx
- https://weakdh.org/ – Weak Diffie-Hellman and the Logjam Attack
- https://letsencrypt.org/ – Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open.
- https://filippo.io/Heartbleed/ – A checker (site and tool) for CVE-2014-0160 (Heartbleed).
- https://www.ssllabs.com/ssltest/ SSL Labs
- https://www.immuniweb.com/ssl/ SSL Security Test
- https://www.sslchecker.com/certdecoder SSL certificate Decoder
- https://comodosslstore.com/ssltools/ssl-checker.php COMODO SSL Analyzer
- https://certs.securetrust.com/support/support-certificate-analyzer.php Certificate Analyzer
- https://www.digicert.com/help/ DigiCert SSL Checker
- https://appsec-labs.com/ssl_analyzer/ AppSec SSL Analyzer
- https://www.geocerts.com/ GocertsSSL
- https://www.sslshopper.com/ SSLShopper
- http://brakemanscanner.org/ – A static analysis security vulnerability scanner and Web Application Security Tools for Ruby on Rails applications.
- https://github.com/rubysec/ruby-advisory-db – A database of vulnerable Ruby Gems
- https://github.com/rubysec/bundler-audit – Patch-level verification for Bundler
- https://github.com/hakirisec/hakiri_toolbelt – Hakiri Toolbelt is a command line interface for the Hakiri platform.
- https://hakiri.io/facets – Scan Gemfile.lock for vulnerabilities.
- http://rails-sqli.org/ – This page lists many query methods and options in ActiveRecord that do not sanitize raw SQL arguments and are not intended to be called with unsafe user input.
- https://github.com/0xsauby/yasuo – A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
- https://ubuntu.com/ Ubuntu
- https://www.centos.org/ CentOS
- https://www.debian.org/ Debian
- https://linuxmint.com/ Linux Mint
- https://archlinux.org/ Arch Linux
- https://tails.net/ Tails
- https://fedoraproject.org/ Fedora
- https://elementary.io/ Elementary OS
- https://www.kali.org/ Kali Linux
- https://mxlinux.org/ MX Linux
- https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_US Signal Private Messenger
- https://play.google.com/store/apps/details?id=org.telegram.messenger&hl=en&gl=US Telegram
- https://play.google.com/store/apps/details?id=com.wido.connected&hl=en_IN&gl=US Cyphr
- https://play.google.com/store/apps/details?id=com.whatsapp&hl=en&gl=US WhatsApp
- https://play.google.com/store/apps/details?id=pl.cisza&hl=en_US Silence
- https://play.google.com/store/apps/details?id=com.viber.voip&hl=en&gl=US Viber Messenger
- https://apps.apple.com/us/app/messages/id1146560473 iMessage
- https://play.google.com/store/apps/details?id=ch.threema.app&hl=en&gl=US Threema
- https://play.google.com/store/apps/details?id=com.mywickr.wickr2&hl=en&gl=US Wickr Me
- https://play.google.com/store/apps/details?id=com.silentcircle.silentphone&hl=en&gl=US Silent Phone