Cybersecurity
Tools & Distributions
- Kali Linux — https://www.kali.org/
- Parrot Security — https://parrotsec.org/
- BlackArch Linux — https://blackarch.org/
- Metasploit — https://www.metasploit.com/
- REMnux (malware analysis) — https://remnux.org/
Vulnerability & Exploitation
- Nessus — https://www.tenable.com/products/nessus
- Nikto — https://www.cirt.net/Nikto2
- CVE / NVD — https://www.cve.org/ · https://nvd.nist.gov/
- Exploit Database — https://www.exploit-db.com/
- Atomic Red Team — https://www.atomicredteam.io/
Penetration Testing
- OWASP WSTG — https://owasp.org/www-project-web-security-testing-guide/
- PTES — http://www.pentest-standard.org/
- HackTricks — https://book.hacktricks.wiki/
- The Art of Hacking — https://github.com/The-Art-of-Hacking/h4cker
- Practice labs: SecHow Bricks · OWASP Bricks · VulnHub · Acunetix test site
- Bug bounty: Bugcrowd · Intigriti · Synack · HackerOne
Malware Analysis
- ANY.RUN — https://any.run/
- Joe Sandbox — https://www.joesandbox.com/
- SANS Hunt Evil poster — https://www.sans.org/posters/hunt-evil/
- MalAPI.io — https://malapi.io/
- LOTS Project — https://lots-project.com/
Threat Intelligence
- ThreatFox — https://threatfox.abuse.ch
- Cisco Talos — https://talosintelligence.com
- AbuseIPDB — https://www.abuseipdb.com
- PhishTank — https://phishtank.org
- Google Safe Browsing — https://transparencyreport.google.com/safe-browsing/search
Cryptography
- CyberChef — https://gchq.github.io/CyberChef/
- quipqiup (cryptogram solver) — https://www.quipqiup.com/
- DES simulator — https://simewu.com/des/
- CryptoHack — https://cryptohack.org/
Frameworks & Compliance
- NIST CSF — https://www.nist.gov/cyberframework
- NIST RMF — https://csrc.nist.gov/projects/risk-management/about-rmf
- NIST SP 800-53 — https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final
- OWASP Top Ten — https://owasp.org/www-project-top-ten/
- ISO 27001 Toolkit — https://hightable.io/
- CVSS — https://www.first.org/cvss/
- GDPR · HIPAA · PCI DSS · CCPA
- OSSTMM — https://www.isecom.org/