Some of the best general resources available on all things cybersecurity.
General
- Google Project Zero [Formed in 2014, Project Zero is a team of security researchers at Google who study zero-day vulnerabilities]
- Didier Stevens [Didier Stevens @DidierStevens personal blog]
- Mubix [Mubix “Rob” Fuller personal blog]
- Portswigger [Burpsuite blog]
- NetSPI [Penetration testing articles]
- Buffered IO [OJs Blog – a security guy trying to make the world a better place, one hack at a time.]
- Rapid7 Blog [Rapid7 blog]
- Silent Signal [@SilentSignalHU blog]
- Minded Security [Minded Security’s blog is focus on supporting businesses and organizations to build secure products and services.]
- Carnal 0wnage [Chris Gates @carnal0wnage personal blog]
- Skull Security [“Just another security weblog”]
- Wouter Coekaerts [@WouterCoekaerts personal blog]
- Corelan [Corelan Team is a group of IT Security researchers]
- Harmj0y [@harmj0y personal blog]
- SpiderLabs [This is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.]
- IOActive [Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.]
- nvisium [nVisium’s company blog]
- lcamtuf [lcamtuf’s personal blog]
- BugCrowd [Bugcrowd is a crowdsourced security platform.]
- pwntester [Security Researcher blog]
- Crypto Fails [Showcasing bad cryptography.]
- HackerOne [HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with penetration testers and cybersecurity researchers.]
- RIPTutorial [ Learn programming through books and examples]
- Internet Archive [Search the history of over 544 billion web pages on the Internet.]
- Pentestmonkey [Penetration testing blog]
- EdX [Cybersecurity Courses online courses (some are free)]
- Cybrary [Online video courses with hands on labs]
- FedVTE [Free online cybersecurity training for federal, state, local, tribal, and territorial government employees, federal contractors, and US military veterans.]
- ITProTV [Online video courses]
- PentesterLab [Hands on pen testing labs]
- PicoCTF [Free computer security training game platform]
- CTFChallenege [CTFchallenge is a collection of 12 vulnerable web applications, each one has its own realistic infrastructure]
- Brute XSS [Master the art of Cross Site Scripting.]
- KNOXSS [KNOXSS IS AN ONLINE XSS TOOL WITH DEMONSTRATION OF VULNERABILITY.]
- DigiNinja [Tools or patches DigiNinja created and released to the security community.]
- Termbin.com [command line pastebin – easy way to share your terminal output.]
- SecLists [It’s a collection of multiple types of lists used during security assessments]
- CeWL [Custom Word List generator]
- Crunch [generates complex and exhaustive wordlists using custom patters and permutations.]
- Lime Proxies [proxy servers]
- Squid Proxies [proxy servers]
- ProxyChains [allows to run any program through HTTP or SOCKS proxy]
OSINT
- OSINT Framework [Excellent resource for investigators and penetration testers]
- OSINT.link [Resource of links, search engines, and web directories designed to gather information.]
- IntelTechniques [OSINT services]
- Hunchly [Hunchly automatically collects, documents, and annotates every web page you visit.]
- Storm Proxies [Proxy auto rotate tool to avoid detection]
Cryptocurrencies
- CoinMarketCap [Top cryptocurrency prices and charts]
- Blockchain.com [Ledger explorer & other services]
- Blockcypher.com [Ledger explorer & other services]
- BTC.com [Ledger explorer & other services]
- Blockchair.com [Ledger explorer & other services]
- Bitinfocharts.com [Ledger explorer]
- Oxt.me [Exploratory Blockchain Analysis Tool for the Bitcoin Blockchain.]
- Chainalysis [transaction monitoring solutions]
- Ciphertrace [Cryptocurrency intelligence & blockchain analytics.]
- Elliptic [Blockchain analytics]
- Coinfirm [Blockchain analytics]