A collection of awesome software, libraries, documents, books, resources and cool stuff about security.
Inspired by Awesome Security and Herman Slatman.
Thanks to all contributors, you're awesome and wouldn't be possible without you! The goal is to build a categorized community-driven collection of very well-known resources.
List links and description
- Cert and alerts
- Certification
- Jornls and Papers publishing
- Organizations
- Informatives and Blogs
- Training L3g@l and G@mes
- Non-legal Cyber activism
- IT Hacking list
- AT Hacking list
- Courses and Guides Sites
- OS - Operation Systens
- Tools
| Link | Description |
|---|---|
| CERT-EU - Latest News | (Latest News) Computer emergency response Tean for the EU (Europe Union) institutions, bodies and agencies |
| CERT-US - ALERTS | (Alerts) US-CERT United States Computer Emergency Readiness Team |
| Link | Description |
|---|---|
| CEH - Certified Ethical Hacker | A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. |
| GPEN - GIAC Penetration Tester | The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test. |
| OSCP - Offensive Security Certified Professional | The Offensive Security Certified Professional (OSCP) is the companion certification for our Penetration Testing with Kali Linux training course and is the world’s first completely hands-on offensive information security certification. The OSCP challenges the students to prove they have a clear and practical understanding of the penetration testing process and life-cycle through an arduous twenty-four (24) hour certification exam. |
| Link | Description |
|---|---|
| Enigma | Brazillian Journal of Information Security and Criptography |
| Laboratório de Defesa Cibernetica do IME | Cyber Security Laboratory of Brazillian Military Engineering Institute |
| Link | Description |
|---|---|
| No more ransomware | Need Help unlocking your digital life without paying your attackers*? |
| Owasp | Open Web Application Security Project |
| ZeroDayInitiative | (Alerts) Zero Day Iniciative |
| Link | Description |
|---|---|
| EffectHacking | Blog |
| ICS Sans | Sans Industrial Control Systems blog |
| GBHackers on Security | Security blog |
| Google Security Blog | Google Security Blog |
| g0tmi1k Blog | Hacker blog |
| Hacker Security | Hacker security News and Blog |
| SecurityWeek | Internet and Enterprise Security News, Insights e Analysis |
| Security art Work | Security art Work |
| Security Affairs | Copyright 2015 Security Affairs by Pierluigi Paganini All Right Reserved. |
| The Hacker News | The Hacker News Security in a Serius Way |
| Virus Guides | Powered by Knowledge |
| Malwaretech | News about Malware |
| WeLiveSecurity | News, Views, and insight from the ESET security comunity |
| Link | Description |
|---|---|
| CTF365 | CTF Praticing |
| FBCTF | Facebook Capture the Flag |
| Hacker Experience | Game of Hacker Experience |
| Hacking-LAB | Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. |
| OtherWire | The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. |
| Open Security Training | OpenSecurityTraining.info is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long. |
| Pwnable.kr | 'pwnable.kr' is a non-commercial wargame site which provides various pwn challenges regarding system exploitation. |
| Trailofbits Github | CTF Field Guide |
| Shellter | Social Network focused on information security |
| Link | Description |
|---|---|
| Zone-H | List of sites attacked by unethical Hackers |
| WikiLeaks | WikiLeaks is a multi-national media organization and associated library. |
| Link | Description |
|---|---|
| Google Hacking Database | Google Hackgin Database |
| Metasploit | Metasploit penetration testing software |
| Link | Description |
|---|---|
| Shodan | Open ports in A.T |
| Critifence | Default Password database of A.T |
| Link | Description |
|---|---|
| Cybrary | Free and Open Source Cyber Security Learning |
| O Tao do Desenvolvimento Seguro | [PT-BR] Safe Development Guide |
| Link | Description |
|---|---|
| BackBoxLinux | BackBox Linux is a penetration testing and security assessment oriented Linux distro.. |
| BlackArckLinux | BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. The repository contains 1925 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. |
| Kali | Penetration Testing Destribution OS |
| ParrotSec | Parrot Security Operating System is a Penetration Testing & Forensics Distro dedicated to Ethical Hackers & Cyber Security Professionals. |
| QubesOS | Qubes OS is a security-oriented operating system (OS). The OS is the software that runs all the other programs on a computer. Some examples of popular OSes are Microsoft Windows, Mac OS X, Android, and iOS. Qubes is free and open-source software (FOSS). |
| Samurai Web Tester Framework | Web Tester OS |
| PENTOOS | Pentoo is a security-focused livecd based on Gentoo |
| Vulnhub | OS with vulnerabilities for pentests |
| Link | Description |
|---|---|
| Find Sec Bugs | The FindBugs plugin for security audits of Java Web Applications. |
| Sonarqube | Static Code Reviewer |
| PunkSPIDER | A global web application vulnerability search engine. |
| Metasploit Framework | Pentest Framework used by Kali Linux. |
| NMap | Nmap "Network Mapper" is a free and open source utility for network discovery and security auditing. |
| Netcat | Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. |
| Sonarqube | Static Code Reviewer |
| TCPDump | Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; |
| w3af | Web Application Attack And Audit Framework |
| Wireshark | Wireshark is the world’s foremost and widely-used network protocol analyzer |