diff --git a/README.md b/README.md index 30aef2e..d5efb9c 100644 --- a/README.md +++ b/README.md @@ -10,94 +10,90 @@ Your [contributions](contributing.md) are always welcome ! Repository | Description ---- | ---- -[Android Security](https://github.com/ashishb/android-security-awesome) | Collection of Android security related resources -[AppSec](https://github.com/paragonie/awesome-appsec) | Resources for learning about application security -[Asset Discovery](https://github.com/redhuntlabs/Awesome-Asset-Discovery) | List of resources which help during asset discovery phase of a security assessment engagement -[Bug Bounty](https://github.com/djadmin/awesome-bug-bounty) | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters -[Capsulecorp Pentest](https://github.com/r3dy/capsulecorp-pentest) | Vagrant+Ansible virtual network penetration testing lab. Companion to "The Art of Network Penetration Testing" by Royce Davis -[Celluar Hacking](https://github.com/W00t3k/Awesome-Cellular-Hacking) | This is a list of hacking research in the 3G/4G/5G cellular security space. -[CTF](https://github.com/apsdehal/awesome-ctf) | List of CTF frameworks, libraries, resources and softwares +[Android Security](https://github.com/ashishb/android-security-awesome) | Collection of Android security related resources +[AppSec](https://github.com/paragonie/awesome-appsec) | Resources for learning about application security +[Asset Discovery](https://github.com/redhuntlabs/Awesome-Asset-Discovery) | List of resources which help during asset discovery phase of a security assessment engagement +[Bug Bounty](https://github.com/djadmin/awesome-bug-bounty) | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters +[Celluar Hacking](https://github.com/W00t3k/Awesome-Cellular-Hacking) | This is a list of hacking research in the 3G/4G/5G cellular security space. +[CI/CD Attacks](https://github.com/TupleType/awesome-cicd-attacks) | Offensive research of CI/CD systems and deployment processes +[CTF](https://github.com/apsdehal/awesome-ctf) | List of CTF frameworks, libraries, resources and softwares +[Cyber Security University](https://github.com/brootware/awesome-cyber-security-university) | Free educational resources that focus on learning cybersecurity by doing [Cyber Skills](https://github.com/joe-shenouda/awesome-cyber-skills) | Curated list of hacking environments where you can train your cyber skills legally and safely -[DevSecOps](https://github.com/devsecops/awesome-devsecops) | List of awesome DevSecOps tools with the help from community experiments and contributions +[Cybersources](https://github.com/bst04/CyberSources) | A collection of all types of tools and resources for cybersecurity +[Detection Engineering](https://github.com/infosecB/awesome-detection-engineering) | Resources for designing, building, and operating detective cybersecurity controls +[DevSecOps](https://github.com/devsecops/awesome-devsecops) | List of awesome DevSecOps tools with the help from community experiments and contributions [Embedded and IoT Security](https://github.com/fkie-cad/awesome-embedded-and-iot-security) | A curated list of awesome resources about embedded and IoT security -[Exploit Development](https://github.com/FabioBaroni/awesome-exploit-development) | Resources for learning about Exploit Development -[Fuzzing](https://github.com/secfigo/Awesome-Fuzzing) | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis -[Hacking](https://github.com/carpedm20/awesome-hacking) | List of awesome Hacking tutorials, tools and resources -[Hacking Resources](https://github.com/vitalysim/Awesome-Hacking-Resources) | Collection of hacking / penetration testing resources to make you better! -[Honeypots](https://github.com/paralax/awesome-honeypots) | List of honeypot resources -[Incident Response](https://github.com/meirwah/awesome-incident-response) | List of tools for incident response -[Industrial Control System Security](https://github.com/hslatman/awesome-industrial-control-system-security) | List of resources related to Industrial Control System (ICS) security -[InfoSec](https://github.com/onlurking/awesome-infosec) | List of awesome infosec courses and training resources -[IoT Hacks](https://github.com/nebgnahz/awesome-iot-hacks) | Collection of Hacks in IoT Space -[Mainframe Hacking](https://github.com/samanL33T/Awesome-Mainframe-Hacking) | List of Awesome Mainframe Hacking/Pentesting Resources -[Malware Analysis](https://github.com/rshipp/awesome-malware-analysis) | List of awesome malware analysis tools and resources -[OSINT](https://github.com/jivoi/awesome-osint) | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources -[OSX and iOS Security](https://github.com/ashishb/osx-and-ios-security-awesome) | OSX and iOS related security tools -[Pcaptools](https://github.com/caesar0301/awesome-pcaptools) | Collection of tools developed by researchers in the Computer Science area to process network traces -[Pentest](https://github.com/enaqx/awesome-pentest) | List of awesome penetration testing resources, tools and other shiny things -[PHP Security](https://github.com/ziadoz/awesome-php#security) | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities +[Fuzzing](https://github.com/secfigo/Awesome-Fuzzing) | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis +[Hacking](https://github.com/carpedm20/awesome-hacking) | List of awesome Hacking tutorials, tools and resources +[Honeypots](https://github.com/paralax/awesome-honeypots) | List of honeypot resources +[Incident Response](https://github.com/meirwah/awesome-incident-response) | List of tools for incident response +[Industrial Control System Security](https://github.com/hslatman/awesome-industrial-control-system-security) | List of resources related to Industrial Control System (ICS) security +[InfoSec](https://github.com/onlurking/awesome-infosec) | List of awesome infosec courses and training resources +[IoT and Hardware Security](https://github.com/kayranfatih/awesome-iot-and-hardware-security) | Collection of tools, books, resources and software about IoT and hardware security +[Mainframe Hacking](https://github.com/samanL33T/Awesome-Mainframe-Hacking) | List of Awesome Mainframe Hacking/Pentesting Resources +[Malware Analysis](https://github.com/rshipp/awesome-malware-analysis) | List of awesome malware analysis tools and resources +[Malware Persistence](https://github.com/Karneades/awesome-malware-persistence) | Techniques adversaries use to maintain system access across restarts +[OSINT](https://github.com/jivoi/awesome-osint) | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources +[OSX and iOS Security](https://github.com/ashishb/osx-and-ios-security-awesome) | OSX and iOS related security tools +[Password Cracking](https://github.com/n0kovo/awesome-password-cracking) | Tools and resources for recovering passwords +[Pcaptools](https://github.com/caesar0301/awesome-pcaptools) | Collection of tools developed by researchers in the Computer Science area to process network traces +[Pentest](https://github.com/enaqx/awesome-pentest) | List of awesome penetration testing resources, tools and other shiny things +[PHP Security](https://github.com/ziadoz/awesome-php#security) | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities +[Prompt Injection](https://github.com/Joe-B-Security/awesome-prompt-injection) | Prompt injection vulnerabilities targeting AI and LLM systems [Real-time Communications hacking & pentesting resources](https://github.com/EnableSecurity/awesome-rtc-hacking) | Covers VoIP, WebRTC and VoLTE security related topics -[Red Teaming](https://github.com/yeyintminthuhtut/Awesome-Red-Teaming) | List of Awesome Red Team / Red Teaming Resources -[Reversing](https://github.com/fdivrp/awesome-reversing) | List of awesome reverse engineering resources -[Reinforcement Learning for Cyber Security](https://github.com/Limmen/awesome-rl-for-cybersecurity) | List of awesome reinforcement learning for security resources -[Sec Talks](https://github.com/PaulSec/awesome-sec-talks) | List of awesome security talks -[SecLists](https://github.com/danielmiessler/SecLists) | Collection of multiple types of lists used during security assessments -[Security](https://github.com/sbilly/awesome-security) | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security -[Serverless Security](https://github.com/puresec/awesome-serverless-security/) | Collection of Serverless security related resources -[Social Engineering](https://github.com/v2-dev/awesome-social-engineering) | List of awesome social engineering resources -[Static Analysis](https://github.com/mre/awesome-static-analysis) | List of static analysis tools, linters and code quality checkers for various programming languages -[The Art of Hacking Series](https://github.com/The-Art-of-Hacking/h4cker) | List of resources includes thousands of cybersecurity-related references and resources -[Threat Intelligence](https://github.com/hslatman/awesome-threat-intelligence) | List of Awesome Threat Intelligence resources -[Vehicle Security](https://github.com/jaredthecoder/awesome-vehicle-security) | List of resources for learning about vehicle security and car hacking -[Vulnerability Research](https://github.com/re-pronin/awesome-vulnerability-research) | List of resources about Vulnerability Research -[Web Hacking](https://github.com/infoslack/awesome-web-hacking) | List of web application security +[Red Teaming Toolkit](https://github.com/infosecn1nja/Red-Teaming-Toolkit) | Cutting-edge open-source security tools (OST) for red teamers and threat hunters +[Reinforcement Learning for Cyber Security](https://github.com/Kim-Hammar/awesome-rl-for-cybersecurity) | List of awesome reinforcement learning for security resources +[Reversing](https://github.com/HACKE-RC/awesome-reversing) | Collection of resources to learn Reverse Engineering from start +[Sec Talks](https://github.com/PaulSec/awesome-sec-talks) | List of awesome security talks +[SecLists](https://github.com/danielmiessler/SecLists) | Collection of multiple types of lists used during security assessments +[Security](https://github.com/sbilly/awesome-security) | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security +[Social Engineering](https://github.com/giuliacassara/awesome-social-engineering) | List of awesome social engineering resources +[Static Analysis](https://github.com/analysis-tools-dev/static-analysis) | List of static analysis tools, linters and code quality checkers for various programming languages +[The Art of Hacking Series](https://github.com/The-Art-of-Hacking/h4cker) | List of resources includes thousands of cybersecurity-related references and resources +[Threat Intelligence](https://github.com/hslatman/awesome-threat-intelligence) | List of Awesome Threat Intelligence resources +[Vehicle Security](https://github.com/jaredthecoder/awesome-vehicle-security) | List of resources for learning about vehicle security and car hacking +[Web Hacking](https://github.com/infoslack/awesome-web-hacking) | List of web application security [Web3 Security](https://github.com/Anugrahsr/Awesome-web3-Security) | A curated list of web3 Security materials and resources For Pentesters and Bug Hunters. -[Windows Exploitation - Advanced](https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References) | List of Awesome Advanced Windows Exploitation References -[WiFi Arsenal](https://github.com/0x90/wifi-arsenal) | Pack of various useful/useless tools for 802.11 hacking -[YARA](https://github.com/InQuest/awesome-yara) | List of awesome YARA rules, tools, and people -[Hacker Roadmap](https://github.com/sundowndev/hacker-roadmap) | A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking. -[Cybersources](https://github.com/brunoooost/cybersources) | A collection of all types of tools and resources for cybersecurity. +[YARA](https://github.com/InQuest/awesome-yara) | List of awesome YARA rules, tools, and people ## Other Useful Repositories Repository | Description ---- | ---- -[Adversarial Machine Learning](https://github.com/yenchenlin/awesome-adversarial-machine-learning) | Curated list of awesome adversarial machine learning resources -[AI Security](https://github.com/RandomAdversary/Awesome-AI-Security) | Curated list of AI security resources +[AI Security](https://github.com/DeepSpaceHarbor/Awesome-AI-Security) | Curated list of AI security resources +[Annual Security Reports](https://github.com/jacobdjwilson/awesome-annual-security-reports) | Cybersecurity trends, insights, and challenges from annual reports [API Security Checklist](https://github.com/shieldfy/API-Security-Checklist) | Checklist of the most important security countermeasures when designing, testing, and releasing your API -[APT Notes](https://github.com/kbandla/APTnotes) | Various public documents, whitepapers and articles about APT campaigns -[Bug Bounty Reference](https://github.com/ngalongc/bug-bounty-reference) | List of bug bounty write-up that is categorized by the bug nature +[APT Notes](https://github.com/kbandla/APTnotes) | Various public documents, whitepapers and articles about APT campaigns +[Bug Bounty Reference](https://github.com/ngalongc/bug-bounty-reference) | List of bug bounty write-up that is categorized by the bug nature +[Capsulecorp Pentest](https://github.com/r3dy/capsulecorp-pentest) | Vagrant+Ansible virtual network penetration testing lab. Companion to "The Art of Network Penetration Testing" by Royce Davis [Cryptography](https://github.com/sobolevn/awesome-cryptography) | Cryptography resources and tools -[CTF Tool](https://github.com/SandySekharan/CTF-tool) | List of Capture The Flag (CTF) frameworks, libraries, resources and softwares -[CVE PoC](https://github.com/qazbnm456/awesome-cve-poc) | List of CVE Proof of Concepts (PoCs) -[CVE PoC updated daily](https://github.com/trickest/cve) | List of CVE Proof of Concepts (PoCs) updated daily by Trickest +[CVE PoC](https://github.com/trickest/cve) | List of CVE Proof of Concepts (PoCs) updated daily by Trickest [CyberChef](https://gchq.github.io/CyberChef/) | A simple, intuitive web app for analysing and decoding data without having to deal with complex tools or programming languages. -[Detection Lab](https://github.com/clong/DetectionLab) | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices -[Forensics](https://github.com/Cugu/awesome-forensics) | List of awesome forensic analysis tools and resources -[Free Programming Books](https://github.com/EbookFoundation/free-programming-books) | Free programming books for developers -[Gray Hacker Resources](https://github.com/bt3gl/Gray-Hacker-Resources) | Useful for CTFs, wargames, pentesting -[GTFOBins](https://gtfobins.github.io) | A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions +[Detection Lab](https://github.com/clong/DetectionLab) | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices +[Executable Packing](https://github.com/packing-box/awesome-executable-packing) | Resources about executable packing and unpacking +[Forensics](https://github.com/Cugu/awesome-forensics) | List of awesome forensic analysis tools and resources +[Free Programming Books](https://github.com/EbookFoundation/free-programming-books) | Free programming books for developers +[GTFOBins](https://gtfobins.github.io) | A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions [Hacker101](https://github.com/Hacker0x01/hacker101) | A free class for web security by HackerOne -[Infosec Getting Started](https://github.com/gradiuscypher/infosec_getting_started) | A collection of resources, documentation, links, etc to help people learn about Infosec -[Infosec Reference](https://github.com/rmusser01/Infosec_Reference) | Information Security Reference That Doesn't Suck -[IOC](https://github.com/sroberts/awesome-iocs) | Collection of sources of indicators of compromise +[Infosec Getting Started](https://github.com/gradiuscypher/infosec_getting_started) | A collection of resources, documentation, links, etc to help people learn about Infosec +[Infosec Reference](https://github.com/rmusser01/Infosec_Reference) | Information Security Reference That Doesn't Suck +[IOC](https://github.com/sroberts/awesome-iocs) | Collection of sources of indicators of compromise [Linux Kernel Exploitation](https://github.com/xairy/linux-kernel-exploitation) | A bunch of links related to Linux kernel fuzzing and exploitation -[Lockpicking](https://github.com/meitar/awesome-lockpicking) | Resources relating to the security and compromise of locks, safes, and keys. -[Machine Learning for Cyber Security](https://github.com/jivoi/awesome-ml-for-cybersecurity) | Curated list of tools and resources related to the use of machine learning for cyber security -[Payloads](https://github.com/foospidy/payloads) | Collection of web attack payloads -[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) | List of useful payloads and bypass for Web Application Security and Pentest/CTF -[Pentest Cheatsheets](https://github.com/coreb1t/awesome-pentest-cheat-sheets) | Collection of the cheat sheets useful for pentesting -[Pentest Wiki](https://github.com/nixawk/pentest-wiki) | A free online security knowledge library for pentesters / researchers -[Probable Wordlists](https://github.com/berzerk0/Probable-Wordlists) | Wordlists sorted by probability originally created for password generation and testing -[Resource List](https://github.com/FuzzySecurity/Resource-List) | Collection of useful GitHub projects loosely categorised -[Reverse Engineering](https://github.com/onethawt/reverseengineering-reading-list) | List of Reverse Engineering articles, books, and papers -[RFSec-ToolKit](https://github.com/cn0xroot/RFSec-ToolKit) | Collection of Radio Frequency Communication Protocol Hacktools -[Security Cheatsheets](https://github.com/andrewjkerr/security-cheatsheets) | Collection of cheatsheets for various infosec tools and topics -[Security List](https://github.com/zbetcheckin/Security_list) | Great security list for fun and profit -[Shell](https://github.com/alebcay/awesome-shell) | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell -[ThreatHunter-Playbook](https://github.com/Cyb3rWard0g/ThreatHunter-Playbook) | A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns -[Web Security](https://github.com/qazbnm456/awesome-web-security) | Curated list of Web Security materials and resources +[Machine Learning for Cyber Security](https://github.com/jivoi/awesome-ml-for-cybersecurity) | Curated list of tools and resources related to the use of machine learning for cyber security +[Payloads](https://github.com/foospidy/payloads) | Collection of web attack payloads +[PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings) | List of useful payloads and bypass for Web Application Security and Pentest/CTF +[Pentest Wiki](https://github.com/nixawk/pentest-wiki) | A free online security knowledge library for pentesters / researchers +[Probable Wordlists](https://github.com/berzerk0/Probable-Wordlists) | Wordlists sorted by probability originally created for password generation and testing +[Red Team Physical Tools](https://github.com/DavidProbinsky/RedTeam-Physical-Tools) | Curated list of tools for physical security, red teaming, and tactical covert entry +[Reverse Engineering](https://github.com/onethawt/reverseengineering-reading-list) | List of Reverse Engineering articles, books, and papers +[RFSec-ToolKit](https://github.com/cn0xroot/RFSec-ToolKit) | Collection of Radio Frequency Communication Protocol Hacktools +[Security Cheatsheets](https://github.com/OWASP/CheatSheetSeries) | OWASP Cheat Sheet Series for application security +[Shell](https://github.com/alebcay/awesome-shell) | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell +[Suricata](https://github.com/satta/awesome-suricata) | Suricata IDS/IPS and network security monitoring resources +[ThreatHunter-Playbook](https://github.com/OTRF/ThreatHunter-Playbook) | A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns +[Tor](https://github.com/polycarbohydrate/awesome-tor) | Resources about the Tor network and anonymous communication [Vulhub](https://github.com/vulhub/vulhub) | Pre-Built Vulnerable Environments Based on Docker-Compose +[Web Security](https://github.com/qazbnm456/awesome-web-security) | Curated list of Web Security materials and resources ## Need More ?