#Security list for fun and profit

My initial idea came from this list : http://www.nothink.org/utilities.php

I wanted to update it with my sources, I will probably continue to update and reorganize it in the future.

Table of Contents

• Awesome lists
• Books
• Bug bounty
• Cheat sheets
• CTF
• Decoder/Packer/Unpacker
• Domain Research / Analysis / Reputation
• Exercises
• Exploits and vulnerabilities
• Forensic - Network
• Fingerprint
• Free shell
• Fun
• Generic utilities
• GNU/Linux
• Honeypots
• IP Research / Analysis / Investigation
• Leak / Defaced
• Mail utilities
• Malicious traffic detection
• Malware / Botnet sources
• Malware analysis - Sandbox
• Malware analysis - Sandbox - Online
• OS X
• Passwords
• Penetration testing / Tools
• Port scanners
• Search engines
• Security challenges / WarGames
• Social engineering
• SSL
• Tor resources
• VOIP
• VPN
• Vulnerable environments
• Web browser
• Wide Scans
• Windows
• Wireless

---

Awesome lists 👍

Name	URL
Collection of awesome lists	https://github.com/Hack-with-Github/Awesome-Hacking 🏆
Malware analysis	https://github.com/rshipp/awesome-malware-analysis/ 🏆
Incident response	https://github.com/meirwah/awesome-incident-response/ 🏆
Honeypots	https://github.com/paralax/awesome-honeypots 🏆
Threat intelligence	https://github.com/hslatman/awesome-threat-intelligence
PCAP	https://github.com/caesar0301/awesome-pcaptools
Network	https://github.com/Security-Onion-Solutions/security-onion/wiki/Tools
GNU/Linux workstation	https://github.com/lfit/itpol/blob/master/linux-workstation-security.md
GNU/Linux post exploitation	https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
GNU/Linux containers	https://github.com/Friz-zy/awesome-linux-containers#security
Android	https://github.com/ashishb/android-security-awesome
Web	https://github.com/infoslack/awesome-web-hacking
Security list	https://github.com/sbilly/awesome-security
Lists of lists of lists	https://github.com/t3chnoboy/awesome-awesome-awesome
Other lists of lists of lists	https://github.com/geekan/awesome-awesome-awesome

Cheat sheets 👍

Name	URL
Owasp cheat sheet series	https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
Web application cheat sheet	https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
Pentest monkey	http://pentestmonkey.net
Packet life	http://packetlife.net/library/cheat-sheets/
Reverse	http://r00ted.com/cheat%20sheet%20reverse%20v5.png
SANS Forensic	https://digital-forensics.sans.org/community/cheat-sheets
Penetration test	https://github.com/jshaw87/Cheatsheets
Penetration Test	https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
SQL injection	http://websec.ca/kb/sql_injection
LFI	https://highon.coffee/blog/lfi-cheat-sheet/
Zeltser's cheat sheets list	https://zeltser.com/cheat-sheets/
General cheat sheets	http://www.cheat-sheets.org/

Penetration testing 🔧

Name	URL
Owasp Check list	https://www.owasp.org/index.php/Testing_Checklist
Owasp testing guide	https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf 👍
Owasp tools	https://www.owasp.org/index.php/Category:OWASP_Tool
Reverse engineering	http://wiki.yobi.be/wiki/Reverse-Engineering
Vulnerabilities	http://oss-security.openwall.org/wiki/tools
Services enumeration	http://www.0daysecurity.com/penetration-testing/enumeration.html - Thx rawger
Informaion gathering	http://www.w4rri0r.com/softwares-freeware-shareware-open-source/information-gathering.html
Footprinting	http://www.0daysecurity.com/penetration-testing/network-footprinting.html
Web	http://www.w4rri0r.com/softwares-freeware-shareware-open-source/web-application-analysis.html
Web vulnerabilities	http://www.w4rri0r.com/softwares-freeware-shareware-open-source/vulnerability-assessment.html
SANS Penetration Testing	http://pen-testing.sans.org
Python tools	https://github.com/dloss/python-pentest-tools
Great tools list	http://wiki.yobi.be/wiki/Table_of_contents#Security
Kali list	http://tools.kali.org/tools-listing
BlackArch list	https://blackarch.org/tools.html
More tools	http://www.cotse.com/tools/
More tools	https://github.com/enaqx/awesome-pentest

Exploits and vulnerabilities 🚪

Name	URL
CVEdetails	http://www.cvedetails.com/
CVE.mitre	https://cve.mitre.org/
Full disclosure	http://seclists.org/fulldisclosure/
See bug	https://www.seebug.org/ 👍
CXSecurity	https://cxsecurity.com/ 👍
Exploit-db	http://www.exploit-db.com
Vulnerability-lab	http://www.vulnerability-lab.com/
Inj3ct0r	http://0day.today/
Packet Storm	https://packetstormsecurity.com/files/tags/exploit/
Vulndb	https://vuldb.com/?archive.2016
Vulners	https://vulners.com/search?query=order:published
Backdoor - TCP-32764	https://github.com/elvanderb/TCP-32764
Rapid7 DB	https://www.rapid7.com/db/modules/
Intelligent Exploit	http://www.intelligentexploit.com
Exploits download	http://www.exploitsdownload.com
NIST	http://web.nvd.nist.gov/
Security focus	http://www.securityfocus.com/vulnerabilities
Country compatibility	https://cve.mitre.org/compatible/country.html
Mailing list	https://nmap.org/mailman/listinfo/fulldisclosure
Mail received	http://lists.openwall.net/full-disclosure/2016/
Mailing list	http://seclists.org/
Mailing list	https://lists.debian.org/debian-security-announce/
Vulnerability scoring calculator	https://nvd.nist.gov/cvss/v3-calculator
CVSS	https://www.first.org/cvss

CTF 🚩

Name	URL
CTFTIME	https://ctftime.org/
Write-ups	https://github.com/ctfs
Reddit	https://www.reddit.com/r/securityctf
Tools list	https://github.com/Laxa/HackingTools
Tools list	https://github.com/zardus/ctf-tools
Tools list	https://github.com/apsdehal/awesome-ctf
Tinyctf platform	https://github.com/balidani/tinyctf-platform
Isislab platform	https://github.com/isislab/CTFd
Facebook platform	https://github.com/facebook/fbctf
Mellivora platform	https://github.com/Nakiami/mellivora

Exercises 🎓

Name	URL
Essential basics	https://github.com/alex/what-happens-when
Reverse - Malware	http://fumalwareanalysis.blogspot.se/p/malware-analysis-tutorials-reverse.html
Network - Malware	http://www.malware-traffic-analysis.net/training-exercises.html
Network - Forensic	https://www.honeynet.org/node/504
Exploits	https://exploit-exercises.com/
Exploits	https://thesprawl.org/research/
Basics with F-Secure	http://mooc.fi/courses/2016/cybersecurity/

Security challenges / WarGames 🚩

Name	URL
Zenk-Security	https://www.zenk-security.com/
Root-Me	http://www.root-me.org/
Overthewire	http://overthewire.org/wargames/
CrackMe.de	http://crackmes.de/
Reversing	http://reversing.kr/
Pwnable	http://pwnable.kr/
Newbiecontest	https://www.newbiecontest.org/
OWASP VWAD list	https://github.com/OWASP/OWASP-VWAD/blob/master/src/online.tsv
WeChall	https://www.wechall.net/
Vulnhub	https://www.vulnhub.com/
Net Garage	http://io.netgarage.org/
Flare-On	http://www.flare-on.com/
SmashTheStack	http://smashthestack.org/
Hackthissite	http://www.hackthissite.org/
Hack.me	https://hack.me
HackThis!	http://www.hackthis.co.uk/
PenTestLabs	https://lab.thecybershark.com/pentestlabs/5
Backdoor.Sdslabs	https://backdoor.sdslabs.co/
Bright-shadows	http://www.bright-shadows.net/
SmashTheStack	http://smashthestack.org/
Ringzer0team	https://ringzer0team.com/challenges
Forensic contest	http://forensicscontest.com/puzzles
Dareyourmind	http://www.dareyourmind.net
Lost chall	http://www.lost-chall.org/
Rankk	http://www.rankk.org/
Happy Security	http://www.happy-security.de/
Net force	https://www.net-force.nl/challenges/
CanYouHack.it	http://canyouhack.it/
Hellboundhackers	https://www.hellboundhackers.org/
Microcorruption	https://microcorruption.com/
More challenges	http://captf.com/practice-ctf/

Vulnerable environments 🔓

Name	URL
Owasp list	https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline
Owasp BWA	https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
DVWA	http://www.dvwa.co.uk/
WebGoat	http://code.google.com/p/webgoat
Metasploitable 3	https://github.com/rapid7/metasploitable3/wiki
VulnHub	http://vulnhub.com/
LampSecurity	http://sourceforge.net/projects/lampsecurity/
Dragon	https://www.dragonresearchgroup.org/challenges/
Hackademic-RTB1	http://www.aldeid.com/wiki/Hackademic-RTB1
Moth	http://www.bonsai-sec.com
Peruggia	http://sourceforge.net/projects/peruggia/
XSS play ground	http://xssplayground.net23.net/

Books 📚

Name	URL
Many books	https://yadi.sk/d/Fkww0QKbuTdVF 🏆

Bug bounty 🍫

Name	URL
Programs and write-ups	https://github.com/djadmin/awesome-bug-bounty
Write-ups	https://github.com/ngalongc/bug-bounty-reference
HackerOne	https://hackerone.com
BugCrowd.com	https://bugcrowd.com/programs
Zerodium	https://www.zerodium.com/
Vul box	https://www.vulbox.com/
Open bug bounty	https://www.openbugbounty.org/
BountyFactory	https://bountyfactory.io
Firebounty	https://firebounty.com
Bugsheet	http://www.bugsheet.com/
BountySource	https://www.bountysource.com/
NewsLetter about bug bounty	http://bugbountyweekly.com
Hunter edu	http://www.bountyhunteredu.org/careers/
Google	https://www.google.com/about/appsecurity/reward-program/
Microsoft	https://technet.microsoft.com/en-us/security/dn425036
More bug bounty	https://bugcrowd.com/list-of-bug-bounty-programs#

Search engines 📡

Name	URL
ZoomEye	https://zoomeye.org/ 👍
Shodan	https://www.shodan.io/
Censys	https://censys.io/
Gegereka	http://gegereka.com/ (not always up)
Google	https://www.google.com/advanced_search
Google dorks	https://gist.github.com/zbetcheckin/04e6a5d7f2d5ef8cfa3c298701f47f9c
List of search engines	https://en.wikipedia.org/wiki/List_of_search_engines

Social engineering

Name	URL
Reddit	https://www.reddit.com/r/SocialEngineering/
List of social network	https://en.wikipedia.org/wiki/List_of_social_networking_websites
Hunter	https://hunter.io/
Pipl	https://pipl.com/
Peek you	http://www.peekyou.com/
Yatedo	http://www.yatedo.com/
Lullar	http://com.lullar.com/
Lakako	http://www.lakako.com/
Yasni	http://www.yasni.com/
User search	https://usersearch.org/
Google	https://www.google.com/advanced_search
Google dorks	intext:lastName firstName
Google dorks	insubject:lastName firstName
Google dorks	`intext:lastName firstName filetype:pdf
Bing	https://www.bing.com/
Bing dorks	lastName firstName (filetype:doc OR filetype:ppt OR filetype:pps OR filetype:xls OR filetype:docx OR filetype:pptx OR filetype:ppsx OR filetype:xlsx OR filetype:sxw OR filetype:sxc OR filetype:sxi OR filetype:odt OR filetype:ods OR filetype:odg OR filetype:odp OR filetype:pdf OR filetype:wpd OR filetype:svg OR filetype:svgz OR filetype:indd OR filetype:rdp OR filetype:ica)
Yahoo	https://search.yahoo.com/
Duck duck go	https://duckduckgo.com/
Yandex	https://www.yandex.com/
Exa lead	http://www.exalead.com
Maltego	https://www.paterva.com/
Osint stalker	https://github.com/milo2012/osintstalker
Speed phish framework	https://github.com/tatanus/SPF
Browser exploitation framework	https://github.com/beefproject/beef
The harvester	https://github.com/laramies/theHarvester
Meta goofil	https://github.com/laramies/metagoofil

Port scanners 🎯

Name	URL
Masscan	https://github.com/robertdavidgraham/masscan
Nmap	https://nmap.org/7/
Zmap	https://zmap.io/
Zgrab	https://github.com/zmap/zgrab (Banner Grabber)
Nscan	https://github.com/OffensivePython/Nscan
Scanrand	https://www.sans.org/security-resources/idfaq/scanrand.php
PFRing	https://github.com/ntop/PF_RING - High-speed packet processing framework

Malicious traffic detection 🚦

Name	URL
Maltrail	https://github.com/stamparm/maltrail 👍
Tsusen	https://github.com/stamparm/tsusen
Packetbeat	https://www.elastic.co/products/beats/packetbeat
p0f	http://lcamtuf.coredump.cx/p0f3/

Wide Scans 🌎

Name	URL
Scans.io	https://scans.io/
Rapid7 Sonar Labs	https://sonar.labs.rapid7.com/
Similar projects	https://github.com/rapid7/sonar/wiki/Similar-Projects
Defcon conference	https://defcon.org/
Blackhat conference	https://www.blackhat.com/

Honeypots 🍯

Name	URL
Awesome list - All of them !	https://github.com/paralax/awesome-honeypots#honeypots 🏆
Honeynet	https://honeynet.org/project
Live nothink	http://www.nothink.org/honeypots.php

Malware / Botnet sources 👼

Name	URL
Malc0de	http://malc0de.com/database/
Malekal	http://malwaredb.malekal.com/
Botnet.fr	https://www.botnets.fr/wiki/Main_Page
Cybercrime tracker	http://cybercrime-tracker.net/
Malshare	http://malshare.com
Tracker	http://tracker.h3x.eu/
Exposed Botnets	http://www.exposedbotnets.com/
VX Vault	http://vxvault.siri-urz.net
Malware exploit database	https://www.pwnmalw.re/
Total hash	https://totalhash.cymru.com/
Cyber tracker	http://cybertracker.malwarehunterteam.com/
Custom Google search engine	https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu (from Corey Harrell)
Ransomware overview	https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#
Ransomware simulator	https://shinolocker.com/
Contagio	http://contagiodump.blogspot.se/
VirusShare	http://virusshare.com/
Virusign	http://www.virusign.com/
Malware domain list	http://www.malwaredomainlist.com
Malware.lu	https://malware.lu/
SafeGroup	http://www.malware.pl/
NovCon Minotaur	http://minotauranalysis.com
Clean MX	http://support.clean-mx.de/clean-mx/viruses.php
Edu malrec	http://panda.gtisc.gatech.edu/malrec/
Secubox Labs	http://secuboxlabs.fr/
Abuse CH	https://www.abuse.ch/
Maltrieve	https://github.com/technoskald/maltrieve
Malware domain blocklist	http://www.malwaredomains.com
Tool Mwcrawler	https://github.com/0day1day/mwcrawler
ZeuS Tracker	https://zeustracker.abuse.ch
theZoo aka Malware DB	https://ytisf.github.io/theZoo/
Malware Analysis course	https://github.com/RPISEC/Malware
Structured Threat Information eXpression	https://stixproject.github.io/

Malware analysis - Sandbox 😷

Name	URL
Zeltser's list	https://zeltser.com/automated-malware-analysis/
Cuckoo Sandbox	https://www.cuckoosandbox.org/ 👍
Mastiff	https://github.com/KoreLogicSecurity/mastiff
Fastir	https://github.com/SekoiaLab/Fastir_Collector
SysAnalyser	https://github.com/dzzie/SysAnalyzer
Viper	https://github.com/viper-framework/viper
REMnux	http://zeltser.com/remnux/
Zeltser analysis	http://zeltser.com/reverse-malware/automated-malware-analysis.html
Manalyze	https://github.com/JusticeRage/Manalyze
Quarkslab IRMA	http://irma.quarkslab.com/
Dorothy2	https://github.com/m4rco-/dorothy2
F-Secure see	https://github.com/F-Secure/see
Noriben	https://github.com/Rurik/Noriben
Norman	http://enterprise.norman.com/analysis
Malheur	https://github.com/rieck/malheur
Drakvuf	https://github.com/tklengyel/drakvuf
Zero Wine Tryouts	http://zerowine-tryout.sourceforge.net/
CWSandbox	http://www.cwsandbox.org
RFI sandbox	https://monkey.org/~jose/software/rfi-sandbox/
Malwasm	https://github.com/malwarelu/malwasm
Androidsandbox	http://androidsandbox.net/ (temporarily out of service)

Malware analysis - Sandbox - Online 😷

Name	URL
Malwr	https://malwr.com/submission/ 👍
Hybrid analysis	https://www.hybrid-analysis.com/ 👍
Virscan	http://www.virscan.org/
Virusade	http://virusade.com/
VirusTotal	http://www.virustotal.com/
Malwareconfig	http://malwareconfig.com/
Deepviz	https://sandbox.deepviz.com/
AVcaesar	https://avcaesar.malware.lu/
Detux GNU/Linux sandbox	http://detux.org/
Vscan	http://vscan.novirusthanks.org/
Mastiff online	https://mastiff-online.korelogic.com/
AndroTotal	https://andrototal.org/
Comodo	http://camas.comodo.com/cgi-bin/submit
VirScan	http://r.virscan.org/
Manalyzer	https://manalyzer.org/
ID Ransomware	https://id-ransomware.malwarehunterteam.com/
Document Analyzer	http://www.document-analyzer.net/
Malware tracker	http://www.cryptam.com/
Metascan	https://www.metascan-online.com/
Jotti	http://virusscan.jotti.org/it
ViCheck	https://www.vicheck.ca/
PDF examiner	http://www.pdfexaminer.com/
Malware tracker	https://www.malwaretracker.com
ThreadExpert	http://www.threatexpert.com/submit.aspx
Xecure-lab	http://scan.xecure-lab.com/
Randomly changes Win32/64 PE Files	https://github.com/secretsquirrel/recomposer
Virus Total Notifier	https://github.com/mubix/vt-notify
Other list	http://cleanbytes.net/malware-online-scanners
APK Analzyer	http://www.apk-analyzer.net/
Joebox Cloud	https://jbxcloud.joesecurity.org/login
SandDroid	http://sanddroid.xjtu.edu.cn
Tracedroid	http://tracedroid.few.vu.nl
MobiSecLab	http://akana.mobiseclab.org/

Decoder/Packer/Unpacker

Name	URL
Code beautifier	http://codebeautify.org/
VB code beautifier	http://warp.senecac.on.ca/timothy.mckenna/CodeFormatter.asp
VB code beautifier	http://www.vbindent.com/
PHP formatter	http://beta.phpformatter.com/
PHPdecoder	http://ddecode.com/phpdecoder/
PHP encoding	http://yehg.net/encoding/
SQL formatter	http://dpriver.com/pp/sqlformat.htm
XML formatter	http://chris.photobooks.com/xml/default.htm
JSDetox	http://www.relentless-coding.com/projects/jsdetox/
JSNice	http://www.jsnice.org/
JSUnpack	https://github.com/urule99/jsunpack-n
JSBeautifier	http://jsbeautifier.org/
JavaScript Compressor	http://dean.edwards.name/packer/
Jjencode	http://utf-8.jp/public/jjencode.html
JSFuck	http://www.jsfuck.com/
Jsobfuscate	http://www.jsobfuscate.com/
Netteleuthe	http://www.netteleuthe.de/gc/
Colour higlighter	http://quickhighlighter.com/
URL	http://meyerweb.com/eric/tools/dencoder/
HEXdecoder	http://ddecode.com/hexdecoder/
Hackvertor (Tag based decoder/encoder)	https://hackvertor.co.uk/public

GNU/Linux

Name	URL
Lynis	https://packages.debian.org/en/jessie/lynis
Chkrootkit	https://packages.debian.org/en/jessie/chkrootkit
RKhunter	https://packages.debian.org/en/jessie/rkhunter
Debsecan	https://packages.debian.org/en/jessie/debsecan
Vulnerability scanner	https://github.com/future-architect/vuls
GNU/Linux post exploitation	https://github.com/mubix/post-exploitation/wiki/Linux-Post-Exploitation-Command-List
GNU/Linux workstation	https://github.com/lfit/itpol/blob/master/linux-workstation-security.md
Securing debian	https://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html
GNU/Linux containers	https://github.com/Friz-zy/awesome-linux-containers#security
Command collection	https://github.com/tuwid/GNU-Linux-OpsWiki
GNU/Linux executable walkthrough	https://i.imgur.com/q5nyHp7.png

Windows

Name	URL
Windows exploitation	https://github.com/enddo/awesome-windows-exploitation
Anti forensic Windows	https://www.reddit.com/r/security/comments/32fb1l/open_guide_to_scrubbing_windows_oss_from_forensic/
Windows executable walkthrough	https://i.imgur.com/pHjcI.png

OS X

Name	URL
Security and privacy guide	https://github.com/drduh/OS-X-Security-and-Privacy-Guide

Forensic - Network 🔍

Name	URL
Package forensic-all	https://packages.debian.org/jessie-backports/forensics-all 👍
CFReDS	http://www.cfreds.nist.gov/
DEFT package	http://www.deftlinux.net/package-list/
Tools list	http://toolcatalog.nist.gov/populated_taxonomy/index.php
DFIR tools list	http://www.dfir.training/index.php/tools/
Aldeid list	https://www.aldeid.com/wiki/Category:Digital-Forensics
Forensic tools	http://forensicswiki.org/wiki/Tools
Forensic Control	https://forensiccontrol.com/resources/free-software/
Windows tools list	http://forensic-proof.com/tools
Windows Artifact	https://blogs.sans.org/computer-forensics/
More forensic links	http://www.amanhardikar.com/mindmaps/ForensicChallenges.html
Wireshark extentions	https://www.honeynet.org/project/WiresharkExtensions
GNU/Linux monitoring	https://blog.serverdensity.com/80-linux-monitoring-tools-know/
Testing Images	http://dftt.sourceforge.net/
FR - Zythom list	https://zythom.blogspot.se/2007/02/les-outils-dun-expert-judiciaire.html
Write blocker	http://www.cftt.nist.gov/software_write_block.htm
Write blocker	https://github.com/msuhanov/Linux-write-blocker

IP Research / Analysis / Investigation

Name	URL
BGP Toolkit	http://bgp.he.net/ 🏆
Google dork	"xxx.xxx.xxx.xxx" (replace xxx.xxx.xxx.xxx with the ip you are looking for)
Bing dork	ip:xxx.xxx.xxx.xxx
Whois	https://whois.domaintools.com/
IP void	http://www.ipvoid.com/ 👍
IPv4 info	http://ipv4info.com/ 👍
TCP utils	http://www.tcpiputils.com/
Virus total	https://www.virustotal.com/en/ip-address/xxx.xxx.xxx.xxx/information/
Multi RBL	http://multirbl.valli.org/lookup/
Black List Alert	http://www.blacklistalert.org/
Whatch Guard	http://www.reputationauthority.org/
Black List Check	http://whatismyipaddress.com/blacklist-check/
Project Honeypot	https://www.projecthoneypot.org/search_ip.php
Spamhaus	https://www.spamhaus.org/lookup/
Nirsoft country IP	http://www.nirsoft.net/countryip/
Host file	https://hosts-file.net/
Check host	http://check-host.net/
Host tracker	https://www.host-tracker.com/

Domain Research / Analysis / Reputation 📉

Name	URL
Checking multiple blocklists	http://rbls.org/ 👍
Into DNS	http://www.intodns.com/intodns.com
URL Void	http://www.urlvoid.com/ 👍
urlQuery	http://urlquery.net/search.php 👍
Virus total	https://www.virustotal.com/#url
Google	https://www.google.com/transparencyreport/safebrowsing/diagnostic/
Sucuri	http://sitecheck.sucuri.net/scanner/
RBL	http://rbls.org/
Multi RBL	http://multirbl.valli.org/lookup/
Global DNS checker	https://www.whatsmydns.net/
Trusted source	http://www.trustedsource.org/
Isithacked	http://www.isithacked.com
DNS dumpster	https://dnsdumpster.com/
Threat miner	https://www.threatminer.org/
MXToolBox	https://mxtoolbox.com/SuperTool.aspx#
Wois	https://whois.domaintools.com/
Build with	https://builtwith.com/
Expired domain	https://www.expireddomains.net/backorder-expired-domains/
Zeltser's list	https://zeltser.com/lookup-malicious-websites/
Domain analysis list	https://github.com/rshipp/awesome-malware-analysis/#domain-analysis

Wireless 📶

Name	URL
Awesome wifi tools list	https://github.com/0x90/wifi-arsenal
Penetration test	http://0daysecurity.com/penetration-testing/wireless-penetration.html
Great wifi map	https://wigle.net/
Wireless in airports	https://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY

VOIP ☎️

Name	URL
Penetration test	http://0daysecurity.com/penetration-testing/VoIP-security.html
Penetration test	http://www.backtrack-linux.org/wiki/index.php/Pentesting_VOIP

Free shell 🐚

Name	URL
FreeShells list	http://www.freeshells.info/
Devio.us OpenBSD	http://devio.us/
Red-pill	http://shells.red-pill.eu/

Mail utilities 📬

Name	URL
Yop mail	http://www.yopmail.com/
Mailinator	https://www.mailinator.com/ # https://gist.github.com/nocturnalgeek/1b8fa44283314544c487
Mailnesia	http://mailnesia.com/
Mailcatch	http://mailcatch.com/
Get air mail	http://en.getairmail.com/
10 Minute Mail	http://10minutemail.com
Spam DB	http://www.dnsbl.info/dnsbl-database-check.php
Mxtoolbox	http://www.mxtoolbox.com/
Open relay	http://www.mailradar.com
Openresolver JP	http://www.openresolver.jp/en/
DKIM validator	http://dkimvalidator.com/
Email recon	https://github.com/laramies/theHarvester
Gophish	https://github.com/gophish/gophish
SimplyEmail	https://github.com/killswitch-GUI/SimplyEmail
SpeedPhish Framework	https://github.com/tatanus/SPF
Phishing Framework	https://github.com/pentestgeek/phishing-frenzy
Spam encode secret	http://spammimic.com/encode.cgi
DNSBL	https://en.wikipedia.org/wiki/DNSBL

Passwords 🔑

Name	URL
Password research	http://www.passwordresearch.com/
Programming - Secure Password Storage	https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016
Hashcat WIKI	https://hashcat.net/wiki/
Fun secure password checker	https://password.kaspersky.com/
Default password	https://default-password.info/
Default password	https://cirt.net/passwords
Default password	http://www.defaultpassword.com/
Default password	http://www.defaultpassword.us/
Default router Password	http://portforward.com/default_username_password/
Default router password	http://router-defaults.com/
Dafault router password	http://www.cleancss.com/router-default/
Default router password	https://github.com/jeanphorn/wordlist/blob/master/router_default_password.md
Default IP Cameras password	https://github.com/jeanphorn/wordlist/blob/master/README.md
Default VoIP password	https://github.com/netbiosX/Default-Credentials/blob/master/VoIP-Default-Password-List.mdown
Skull security	https://wiki.skullsecurity.org/Passwords
SecLists	https://github.com/danielmiessler/SecLists/tree/master/Passwords
OpenWall	http://www.openwall.com/passwords/wordlists/ or ftp://ftp.openwall.com/pub/wordlists/
Packets storm	https://packetstormsecurity.com/Crackers/wordlists/
Outpost9	http://www.outpost9.com/files/WordLists.html
Cotse	http://www.cotse.com/tools/wordlists.htm
CrackStation	https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
Multiple dictionary	https://github.com/danielmiessler/SecLists/tree/master/Passwords
Multiple dictionary	https://github.com/duyetdev/bruteforce-database
CrackStation	https://crackstation.net
HaskKiller	https://hashkiller.co.uk
Hash crack	http://www.onlinehashcrack.com/
MD5 and SHA1 db	http://hashtoolkit.com/

Generic utilities 📁

Will be reorganized

Name	URL
Electronic Frontier Foundation	https://www.eff.org/
CERT teams	https://www.first.org/about/organization/teams
Skimmers	https://krebsonsecurity.com/all-about-skimmers/
Understand your commands	http://explainshell.com
Hashes example	https://hashcat.net/wiki/doku.php?id=example_hashes
w4rri0r toolbox	http://www.w4rri0r.com/
Code analysises	https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
Python tools	http://s3ize.blogspot.fr/2012/08/python-tools-for-penetration-testers.html
Tools	http://seclist.us/
Sans	http://isc.sans.edu/diary/
Security wiki	http://oss-security.openwall.org/wiki/
Hackforum	http://hackforums.net/
Cracking forum	http://crackingforum.com/
Cracking seal	https://crackingseal.io/
0day.su	https://0day.su/
Deepweb	https://www.reddit.com/r/deepweb/
Codepad	http://codepad.org/
GZinflate	http://www.tareeinternet.com/scripts/decrypt.php
Hurl	http://www.hurl.it/
Magic-net	http://www.magic-net.info
MAC_Find	http://www.coffer.com/mac_find/
MAC_Search	http://hwaddress.com
Mibbit	http://www.mibbit.com/
Microsoft threat	http://www.microsoft.com/security
Random data generator	http://www.mockaroo.com/
Ping.eu	http://ping.eu/
Project Honeypot	https://www.projecthoneypot.org/
Sandsprite	http://sandsprite.com/shellcode_2_exe.php
Uptimerobot	http://uptimerobot.com/
Fake ID	http://www.fakenamegenerator.com/

Leak / Defaced 🚑

Name	URL
Have I been pwned	https://haveibeenpwned.com/
Siph0n	https://twitter.com/datasiph0n
Leaked source	https://www.leakedsource.com/
Leak forums	https://leakforums.net/
Leakedin	http://www.leakedin.com/
Zone-H	https://zone-h.org/
Mr white	https://mrwhite.biz/
URL Find	http://urlfind.org/
Isithacked	http://www.isithacked.com

VPN

Name	URL
Comparison	https://thatoneprivacysite.net/vpn-comparison-chart/
Location test	https://www.dnsleaktest.com/
Location test	https://ipleak.net/

Tor

Name	URL
Tor Project	https://www.torproject.org/
Tor know exit nodes	https://check.torproject.org/exit-addresses
Tor IP history	https://exonerator.torproject.org/
Tor bulk exit list	https://check.torproject.org/cgi-bin/TorBulkExitList.py
Tor status	https://torstatus.blutmagie.de/
Tor socks	https://gitweb.torproject.org/torsocks.git
Grams - search engine	http://grams7enufi7jmdl.onion/
Ahmia - search engine	https://ahmia.fi/
TORCH - search engine	http://xmh57jrzrnw6insl.onion/
DuckDuckGo	http://3g2upl4pq6kufc4m.onion/
The hidden wiki	https://thehiddenwiki.org/
Tor hidden services	https://www.torproject.org/docs/hidden-services.html.en
Tor hidden services scanner	https://github.com/superp00t/sadonion
Scan Onion Services	https://github.com/s-rah/onionscan
URL onion inspector	https://github.com/k4m4/onioff
Tor Browser Fingerprint	https://github.com/jonaslejon/tor-fingerprint
Tor relays bandwidth	https://github.com/TheTorProject/bwscanner
Tor flow map	https://torflow.uncharted.software
Onion Mail	http://onionmail.info/
Tails	https://blog.torproject.org/blogs/tails
Reddit	https://www.reddit.com/r/onions/

Web browser

Name	URL
Browser recommendations	https://gist.github.com/atcuno/3425484ac5cce5298932
Browser exploit	https://github.com/julienbedard/browsersploit
Fingerprint	https://amiunique.org/
Amiunique project	https://github.com/DIVERSIFY-project/amiunique
Fingerprint	https://panopticlick.eff.org/
Browser info	http://www.browser-info.net/
Browser leaks	https://www.browserleaks.com/
SSL	https://www.ssllabs.com/ssltest/viewMyClient.html
User agent	http://whatsmyuseragent.com/
Referer	https://www.whatismyreferer.com/
Flash	http://isflashinstalled.com/
Browserling	https://www.browserling.com/

Fingerprint

Name	URL
Robtex	https://www.robtex.com/dns/
Netcraft	http://www.netcraft.com/
TCP utils	http://www.tcpiputils.com/
DNS stuff	http://www.dnsstuff.com/
Into dns	http://www.intodns.com/
Web archive	https://web.archive.org/web/*/
Web cookies	http://webcookies.org/cookies/

SSL

Name	URL
OWASP tests	https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers
Testssl.sh	https://github.com/drwetter/testssl.sh
O-Saft	https://www.owasp.org/index.php/O-Saft
SSLyze	https://github.com/iSECPartners/sslyze
SSLscan	https://github.com/rbsec/sslscan
Qualys SSL Labs	https://www.ssllabs.com/ssltest/
Htbridge	https://www.htbridge.com/ssl/
SSLAnalyzer Comodoca	https://sslanalyzer.comodoca.com/
Freak	https://freakattack.com/
Heartbleed	http://heartbleed.com/,https://filippo.io/Heartbleed/
Logjam	https://weakdh.org/sysadmin.html
Poodle	https://poodle.io/,https://www.poodlescan.com/

Fun

Name	URL
Pwnie Awards	http://pwnies.com/nominations/
Malware museum	https://archive.org/details/malwaremuseum
Dead drops	https://deaddrops.com/db/
Mozilla location service	https://location.services.mozilla.com/map - Thx rawger
The cyber shark map	https://lab.thecybershark.com/
Norse map	http://map.norsecorp.com/
Fire eye map	https://www.fireeye.com/cyber-map/threat-map.html
Kaspersky AV map	https://cybermap.kaspersky.com/
Kaspersky map	https://apt.securelist.com/
Eset map	http://www.virusradar.com/
Fortinet map	https://threatmap.fortiguard.com/
Blueliv map	https://community.blueliv.com/map/
DDoS attacks	http://www.digitalattackmap.com/
Sub marine cable	http://www.submarinecablemap.com/
Sub marine cable	http://submarine-cable-map-2016.telegeography.com/
Sub marine cable	http://lifewinning.com/submarine-cable-taps/
Flight radar	https://www.flightradar24.com
Fligh aware	https://flightaware.com/
World of VNC	https://worldofvnc.net/