IT Security and Open Source Resources
Cybersecurity Resources
- Binary Edge (Scans the internet for threat intelligence).
- Censys (Assessing attack surface for internet connected devices).
- CRT sh (Search for certs that have been logged by CT).
- Dehashed (View leaked credentials).
- DNSDumpster (Search for DNS records quickly).
- DorkSearch (Really fast Google dorking).
- ExploitDB (Archive of various exploits).
- Fofa (Search for various threat intelligence).
- FullHunt (Search and discovery attack surfaces).
- Grep App (Search across a half million git repos).
- GrayHatWarfare (Search public S3 buckets).
- GreyNoise (Search for devices connected to the internet).
- Hunter (Search for email addresses belonging to a website).
- IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
- LeakIX (Search publicly indexed information).
- Netlas (Search and monitor internet connected assets).
- ONYPHE (Collects cyber-threat intelligence data).
- Packet Storm Security (Browse latest vulnerabilities and exploits).
- PolySwarm (Scan files and URLs for threats).
- PublicWWW (Marketing and affiliate marketing research).
- SearchCode (Search 75 billion lines of code from 40 million projects).
- SecurityTrails (Extensive DNS data).
- Shodan (Search for devices connected to the internet).
- URL Scan (Free service to scan and analyse websites).
- Vulners (Search vulnerabilities in a large database).
- WayBackMachine (View content from deleted websites).
- Wigle (Database of wireless networks, with statistics).
- ZoomEye (Gather information about targets).
BSD
Certificate SSL Check
NIST
Online Antivirus Scanner
- VirusTotal
- VirSCAN
- MetaDefender Cloud
- Jotti's Malware Scan
- ESET Online Scanner
- F-Secure Online Scanner
- TrendMicro HouseCall
- Kaspersky Security Cloud - Free
- Bitdefender Online Free Virus Scan
- Avira Free Security
- BullGuard Online Scanner
- Comodo Free Online Scanner
- McAfee GetSusp
- Panda Cloud Cleaner
- Norton Security Scan
- Quick Heal Online Scan
- Sophos Free Tools
- FortiGuard Online Scanner
- Emsisoft Emergency Kit
- Zemana Online Scanner
Online OSINT Tools
Operating Systems
- Linux
- Windows
- macOS
- Ubuntu
- Debian
- Red Hat Enterprise Linux
- FreeBSD
- Fedora
- iOS
- Android
- Chromium OS
- Raspberry Pi OS
- QNX
- Solaris
- AIX
- HP-UX
- watchOS
- OpenBSD
- NetBSD
- Haiku
- CentOS
- Arch Linux
- Gentoo
- SUSE Linux
- Slackware
- Kali Linux
- Zorin OS
- elementary OS
- Solus
- Manjaro
- GNU Hurd
- ReactOS
- Kylin
- Qubes OS
- Tails
- Whonix
- eComStation
- AROS
- SkyOS
- MINIX 3
- TempleOS
- PureOS
- Liri OS
- Visopsys
- Syllable
- KolibriOS
- Contiki
- RISC OS
- MenuetOS
- MorphOS
Pentest tools
- Metasploit
- OWASP ZAP
- Nmap
- Wireshark
- NetHunter
- Aircrack-ng
- SQLMap
- Hashcat
- Nexpose
- SecLists
- GoPhish
- Impacket
- Wifite2
- Nessus
- Core Impact
- Burp Suite
- Cobalt Strike
- Responder
- CrackMapExec
- Hydra
- Dirsearch
- John the Ripper
- EyeWitness
- Social-Engineer Toolkit (SET)
- LinEnum
- pspy
- LaZagne
- PowerSploit
- GoBuster
- Masscan
- Empire
- PCredz
- Photon
- Discover
- Nishang
- DNSRecon
- LinkFinder
- MITMf
- Aquatone
- CMSmap
- JSVulnDB
- Weevely3
- Sn1per
- CeWL
- BruteX
- Taser
- Masscan
- Faraday
- Armitage
- The Backdoor Factory
- Morpheus
- Mimikatz
- Dirsearch
- RouterSploit
- Recon-ng
- Wifite
- Hydra
- SET Toolkit
- BeEF
- BlackWidow
IT security Framework
- CISSP - Certified Information Systems Security Professional
- ISO/IEC 27001
- NIST SP 800-53
- PCI DSS - Payment Card Industry Data Security Standard
- CIS Critical Security Controls
- CIS Benchmarks
- COBIT - Control Objectives for Information and Related Technologies
- HIPAA Security Rule
- GDPR - General Data Protection Regulation
- OWASP Top Ten
- ITIL - Information Technology Infrastructure Library
- FedRAMP - Federal Risk and Authorization Management Program
- SANS Top 20
- CSA STAR - Cloud Security Alliance Security Trust Assurance and Risk
- CVSS - Common Vulnerability Scoring System
- OWASP ASVS - Application Security Verification Standard
- SAFECode - Software Assurance Forum for Excellence in Code
- CISM - Certified Information Security Manager
Pentester Search Engine
Programming Language
RFC
- RFC Editor
- IETF RFC Pages
- RFC 791 - Internet Protocol
- RFC 793 - Transmission Control Protocol
- RFC 5246 - TLS 1.2
- RFC 8446 - TLS 1.3
- RFC 2104 - HMAC
- RFC 2818 - HTTP Over TLS
- RFC 2821 - SMTP
- RFC 3261 - SIP
- RFC 4251 - SSH Protocol Architecture
- RFC 4301 - IPsec Architecture
- RFC 4346 - TLS 1.1
- RFC 4511 - LDAP Protocol
- RFC 4949 - Internet Security Glossary
- RFC 5280 - X.509 PKI Certificate and CRL Profile
- RFC 6347 - DTLS 1.2
- RFC 6749 - OAuth 2.0
- RFC 6750 - OAuth 2.0 Bearer Token Usage
- RFC 7519 - JSON Web Token (JWT)
- RFC 7540 - HTTP/2
- RFC 7766 - DNS Transport over TCP
- RFC 7858 - DNS over TLS
- RFC 7918 - TLS False Start
- RFC 8032 - Edwards-Curve Digital Signature Algorithm (EdDSA)
- RFC 8447 - TLS 1.3 Middlebox Compatibility Mode
- RFC 8484 - DNS Queries over HTTPS (DoH)
- RFC 8492 - DNS Reverse IP AMT Discovery
- RFC 8613 - Object Security for Constrained RESTful Environments (OSCORE)
- RFC 8705 - OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
- RFC 1321 - MD5 Message-Digest Algorithm
- RFC 1421 - Privacy Enhancement for Internet Electronic Mail
- RFC 1422 - Privacy Enhancement for Internet Electronic Mail
- RFC 1423 - Privacy Enhancement for Internet Electronic Mail
- RFC 1510 - The Kerberos Network Authentication Service (V5)
- RFC 2401 - Security Architecture for the Internet Protocol
- RFC 2986 - PKCS #10: Certification Request Syntax Specification
- RFC 3394 - Advanced Encryption Standard (AES) Key Wrap Algorithm
- RFC 3686 - Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)
- RFC 4086 - Randomness Requirements for Security
- RFC 4107 - Guidelines for Cryptographic Key Management
- RFC 4492 - Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
- RFC 4513 - LDAP Authentication Methods and Security Mechanisms
- RFC 4572 - Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)
- RFC 4648 - The Base16, Base32, and Base64 Data Encodings
- RFC 5077 - Transport Layer Security (TLS) Session Resumption without Server-Side State
- RFC 5158 - An Internet Protocol (IP) Address Block POTAR Tool
- RFC 5289 - TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
- RFC 5869 - HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
- RFC 5929 - Channel Bindings for TLS
- RFC 5958 - Asymmetric Key Packages
- RFC 6238 - Time-Based One-Time Password Algorithm
- RFC 6275 - Mobility Support in IPv6
- RFC 6520 - Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension
- RFC 6797 - HTTP Strict Transport Security (HSTS)
- RFC 6818 - Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- RFC 6960 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
- RFC 6979 - Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)
- RFC 7515 - JSON Web Signature (JWS)
- RFC 7636 - Proof Key for Code Exchange by OAuth Public Clients
Popular Social Media Platforms
- Snapchat
- TikTok
- YouTube
- Qzone
- Tumblr
- Sina Weibo
- Badoo
- Telegram
- Douban
- Viber
- LINE
- Medium
- VKontakte (VK)
- Tagged
- Periscope
- Flickr
- Meetup
- Ask.fm
- MeetMe
- Classmates
- Twitch
- Quora
- Tinder
- MySpace
- The Dots
- KakaoTalk
- Discord
- Clubhouse
- Goodreads
- Skype
- Snapfish
- ReverbNation
- Foursquare
- Renren
-
Last Update: 6th November 2023
Updated: Added new links in various sections.