Web App#
Runs in a web browser.
Software#
This page lists all projects using this programming language or deployment platform. Only the main server-side requirements, packaging or distribution formats are considered.
10 Types of Application Security Testing Tools#
List of different application security testing tools and methods.
Antisyphon Training#
Approachable, accessible, and affordable public and private training.
Aperisolve#
Steganography analysis for multiple tools combined into one.
Awesome CTF#
“A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials.”
Awesome Selfhosted#
“This is a list of Free Software network services and web applications which can be hosted on your own server(s)..”
Backdoors & Breaches#
Incident response card game. Can buy card deck or play online.
Canarytokens#
“Canarytokens helps track activity and actions on your network.”
”Canarytokens are like motion sensors for your networks, computers and clouds. You can put them in folders, on network devices and on your phones.”
Clark#
Largest platform for building and sharing free cybersecurity curriculum.
cloudtango#
Catalog of MSPs (managed service providers).
CMD Challenge#
“Test your shell knowledge by taking the CMD Challenge”
Codecademy Cybersecurity#
Contains multiple cybersecurity focused courses.
Computer Systems Security: Planning For Success#
“The text, labs, and review questions in this book are designed as an introduction to the applied topic of computer security.”
By Ryan Tolboom.
CyberChef#
“The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.”
Datadog#
Infrastructure monitoring tool.
10 servers free for 2 years via GitHub Education Pack.
Dcode.fr#
Many encode and decode tools for different ciphers.
F00L.DE#
Collection of miscellaneous tools such as vigenere cipher cracking, file analysis, etc.
Web App Windows Mac Linux Freeware Source Given with No License
FederalPay.org#
“We are a non-governmental information portal built by federal employees, for federal employees.”
ForeverCTF#
CTF that is up indefinitely for practice.
GCA Cybersecurity Toolkit#
A toolkit to help improve your personal cyber hygiene.
Google Dorking Tutorial#
Tutorial on Google “dorking” which is the art of using search operators to find what you want.
GTFOBins#
“GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.”
HackTheBox#
Test your skills against a variety of hacking labs!
HackThisSite#
“HackThisSite.org is a free, safe and legal training ground for hackers to test and expand their ethical hacking skills with challenges, CTFs, and more.”
HackTricks#
Collection of hacking tricks: e.g reverse shells, encoded text for web, etc.
Hiration#
Cover letter and resume builder.
IronGeek Unicode Steg#
Hides text within text.
JWT.io#
Tool to decode and encode JSON Web Tokens.
Kontra Application Security Training#
Interactive application security training.
Kurose/Ross Networking Book#
Material on understanding computer networks.
By Jim Kurose and Keith Ross.
learnpython.org#
Python references and tutorials.
Linux auditd for Threat Detection#
Blog post on configuring auditd on Linux systems.
LOLBAS#
“The goal of the LOLBAS project is to document every binary, script, and library that can be used for Living Off The Land techniques.”
CISA National Initiative for Cybersecurity Careers and Studies#
“NICCS is the premier online resource for cybersecurity training, education, and career information.”
Nightmare Bin/Rev Guide#
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges.
OSINT Framework#
Guide to assist in gathering information while performing OSINT.
OverTheWire#
Learn Linux basics through fun-filled games.
OWASP Top Ten#
“The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.”
Payloads All The Things#
“A list of useful payloads and bypasses for Web Application Security.”
PentesterLab#
Learn how to manually exploit web applications!
picoGym#
CTF that is up indefinitely for practice.
PortSwigger Web Security Academy#
Free, online web security training from the creators of BurpSuite!
QRazyBox#
“QR Code Analysis and Recovery Toolkit”
Rapid Tables#
Collection of different converter tools and calculators.
Security Certification Roadmap#
A roadmap of differnet cybersecurity certifications.
shellscript.sh#
Tutorials for bash scripting.
Shodan#
Search engine for IoT devices. Can search for publically accessible servers based on details such as header, geolocation, etc.
Snyk CTF 101 Workshop#
“Check out this hands-on, virtual workshop to learn how to solve Capture the Flag (CTF) challenges, including pwn and web. After the workshop, you’ll have the security skills and experience to compete in CTFs.”
Spectra Assure Community#
“Spectra Assure Community monitors open source packages to identify malware, code tampering and indicators of software supply chain attacks.”
StegOnline#
Online Image Steganography Tool for Embedding and Extracting data through LSB techniques.
TryHackMe#
Hand-on cyber security training through real-world scenarios.