Welcome to my repository of resources to help the budding information security professional round out their knowledge-base on tools, training and education around our industry. I hope you find this information useful. Please feel free to fork this and add to it if you think something is missing here. Please see the wiki for this project for details on the pull request process. My only expectations on these lists is that the resource added has been vetted for quality and is something you've personally used and found benefit from at some point or another. What I don't want to is to fill this with resources that are either dead, have no relevancy or just become another dead pile of links that will serve no one.
- C Programming Language, 2nd Edition by Brian W. Kernighan & Dennis M. Ritchie
- Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter
- Cracking the Coding Interview: 189 Programming Questions and Solutions (Cracking the Interview & Career), 6th Edition by Gayle Laakmann McDowell
- Cyber War: The Next Threat to National Security and What to Do About It by Richard Knake and Robert Clarke
- The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
- Dark Territory: The Secret History of Cyber War by Fred Kaplan
- Dawn of the Code War: America's Battle Against Russia, China, and the Rising Global Cyber Threat by John Carlin
- The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age by David Sanger
- Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers by Andy Greenberg
- Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson
- PowerShell Obfuscation Bible: A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to bypass signature-based detection, compiled for educational purposes.
- HijackLibs: Queryable database of publicly disclosed DLL hijacking opportunities.
- GOAD (Game of Active Directory: GOAD is a pentest active directory LAB project. The purpose of this lab is to give pentesters a vulnerable Active directory environment ready to use to practice usual attack techniques.
- Microsoft Activation Scripts (MAS): A Windows and Office activator using HWID/Ohook/KMS38/Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
- Cache Sleuth: A lot of useful tools, particularly for decoding/encoding text, as well as some useful interpreters.
- CyberChef: Self-described as the "Cyber Swiss Army Knife" created and maintained by UK's four-letter glowies, it contains an impressive amount of functionality for doing analysis and assisting in other cybersecurity-related work and activities, such as CTFs.
- HackTricks: An extensive wiki with tips, methodologies and explanation of techniques for red teaming, pentesting and CTFs.
- Finger User Enumeration Script: Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server.
- BloodHound Community Edition: Intended to identify flaws in a given Active Directory setup, BloodHound is useful for enumeration of users and objects found within these environment. An enterprise edition of this software is also available to assist in defending an environment from accidental slips configuration within an environment that might expose an organization to unnecessary privilege escalation.
- AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
- impacket: Impacket is a collection of Python3 classes focused on providing access to network packets. Impacket is highly effective when used in conjunction with a packet capture utility or package such as Pcapy.
- nmap: A comprehensive network mapping and enumeration tool with scripting extensibility.
- WhatWeb: Scans and identifies software/services used on a given target website.
- peass-ng: These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily.
- AvaloniaILSpy: A cross-platform disassembler of .NET binaries. Particularly useful in cases where a Linux machine is your only available option during an engagement, CTF or challenge.
- Codemerx Decompiler: Cross-platform .NET decompiler.
- de4js: A JavaScript deobfuscator.
- Ghidra: A software reverse-engineering framework created and maintained by everyone's favorite glowies, the NSA.
- jd-gui: A Java decompiler.
- pwntools: A Python CTF framework and binary exploitation library.
- FoxyProxy: A browser extension for quickly switching proxy configurations in your web browser during an engagement.
- Hack Tools: Provides a wide-variety of payloads and other useful shell commands you can use during an engagement.
- Livemarks: A RSS Feed reader uses your bookmarks folders to maintain RSS feeds you provide it.
- Multi-Account Containers
- Search By Image: A powerful reverse image search tool, with support for various search engines, such as Google, Bing, Yandex, Baidu and TinEye.
- uBlock Origin: The go-to when it comes to ad-blocking while being CPU-performant.
- User Agent Switcher and Manager: A versatile user agent switcher.
- vimium: It's not enough to have vim in your terminal. Show your browser some love by putting vim motions into your browser too.
- 15-410, Operating System Design and Implementation
- Nightmare: A self-paced course covering binary exploitation and reverse engineering.
- Binary Exploitation: A self-paced course covering binary exploitation.
- Computation Structures: Procedures and Stacks
- Cornell ECE Open Courseware
- Operating System Engineering
- pwntools Tutorial: A fantastic python module to know for binary exploitation purposes.
- Virtual Memory
- Ghidra Class: Within the documentation of the Ghidra software has class material for helping teaching how to use the software.
- PicoCTF (binary exploit and RE)
- ROP Emporium: Challenges intended to help teach you about Return-Oriented Programming.
- Awesome CTF: A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials.
- ångstromCTF
- CTF101: A site documenting the basics of playing Capture the Flags.
- CyberStakes
- MetaCTF Competition: Great CTF for a short CTF to flex your muscle on.
- picoCTF
- HSCTF
- Life of Binaries
- PACTF1
- PPP
- OverTheWire: Great beginner platform for those looking to getting into CTFs to practice on Linux boxes, particularly their Bandit server.
- RPISEC
- UnderTheWire: Similar to OverTheWire, but using PowerShell and focuses on a Windows environment instead of a Linux environment.
- vim: Included in most Linux and Unix-like operating systems by default, vim is a lightweight, yet powerful, modal text editor that can be easily used in your terminal or through and SSH and tmux and is highly extensible. It is available on most operating systems.
- Obsidian: Note-taking application available on both desktop and mobile using Markdown and a diverse array of community plugins to customize your note-taking to your workflow. Because everything is stored in Markdown and stored locally, it can make transforming your notes into reports that you may need to generate down the road.
- docsthebox: A Python program to utilize with HackTheBox if you are a user of Notion. Doesn't really account for Windows users, so you'll need to read the documentation to adjust your script accordingly.
- Dradis CE: An open-source pentesting report generation program. Some features are limited within the Community Edition, but otherwise a solid tool.
- SysReptor: A fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people. Easy report writing using Markdown, HTML and CSS that can be converted into a clean looking PDF. Open-source and self-hosting options are available.
- Discord:
- Reddit:
- Security Groups
- InfoSecStreams: An actively maintained activity-based-autosorted list of Information Security streamers.
- Security Creators: Similar to InfoSec streams, but a more curated list of content creators.
- DJ Chateau: Ok, sure. I'm tooting my own horn here, but I stream on Twitch pretty regularly doing boxes from platforms like TryHackMe, HackTheBox, and react to and discuss various information security topics.
- John Hammand: Security researcher at Huntress with a large following and a solid number of videos going over various security news, CTFs and other platforms like TryHack and HackTheBox.
- LiveOverflow: LiveOverflow has an excellent array of videos on binary exploitation and reverse-engineering that are worth going through.
- Tib3rius: Well-known web application pentester and creator of AutoRecon.
- Tyler Ramsbey: Under the mindset of "Hack Smarter", not harder (as often touted by OffSec), Tyler streams on both Twitch and YouTube sharing his methodologies for approaching CTF boxes on platforms like HackTheBox or discussing other aspects of the information security industry.
- CTF Radiooo
- Darknet Diaries
- InfoSec to Insanity
- Security Chipmunks2
- Shared Security
- Professionally Evil Perspective
- Unsecurity
- /dev/random/3
- AWS Security Blog
- Bishop Fox Blog
- Black Hills Information Security
- Bleeping Computer
- CISA News
- CISA Blog
- CISA Advisories (All)
- Crowdstrike Blog
- Expression with Curiosity: Security Lesson Bytes
- MetaCTF Announcements
- Hacker News
- Hacking Articles
- HackTheBox Blog (All Content)
- Impose Cost
- IT Security Guru
- Krebs on Security
- Sentinel One Blog
- SecureIdeas: Professionally Evil Insights
- Schneir on Security
- The Hacker News
- Troy Hunt's Blog