Awesome AlfaNet

A carefully selected, comprehensive learning list covering computer science, programming languages, and cybersecurity. Enabling everyone to become a top expert in their field.

Contribution

Contributions are welcome and appreciated.
Please read the Contribution Guidelines before submitting a pull request.

License CC0 1.0

1. Awesome Collections

1.1 Meta Lists & General

Awesome - The original curated list of awesome lists.
Awesome Awesomeness - A large collection of awesome lists across topics.
Lists - Categorized collections of useful GitHub lists.
Awesome JSON Datasets - Public JSON datasets for testing and prototyping.
Awesome README - Examples of well-structured README files.
Awesome Cheatsheets - Quick reference sheets for tools and technologies.
Awesome Falsehood - Common misconceptions in software development.
Awesome Interviews - Curated technical interview questions.
Awesome Public Datasets - High-quality public datasets.
Awesome Stacks - Popular technology stacks used by companies.

1.2 Platforms & Ecosystems

Awesome Mac - Applications and tools for macOS.
Awesome Linux Software - Applications and tools for Linux.
Awesome Self-Hosted - Free self-hosted web services and applications.
Awesome Android UI - Android UI/UX libraries and resources.
Awesome iOS - iOS libraries and frameworks.
Awesome Docker - Docker tools and projects.
Awesome Kubernetes - Kubernetes tools and resources.
Awesome Electron - Applications and tools built with Electron.
Awesome VSCode - VS Code extensions and resources.
Awesome Neovim - Neovim plugins and tools.
Awesome GitHub Profile README - GitHub profile README inspirations.
Awesome Actions - GitHub Actions tools and workflows.
Awesome Browser Extensions for GitHub - Browser extensions that enhance GitHub.

1.3 Awesome Programming Languages

Awesome Python - Python frameworks, libraries, and tools.
Awesome Go - Go frameworks and software.
Awesome JavaScript - JavaScript libraries and resources.
Awesome Rust - Rust libraries and tools.
Awesome Java - Java frameworks and tools.
Awesome C++ - C++ libraries and resources.
Awesome PHP - PHP libraries and frameworks.
Awesome Ruby - Ruby resources and tools.
Awesome Swift - Swift libraries and tools.
Awesome Kotlin - Kotlin resources and libraries.
Awesome TypeScript - TypeScript tools and libraries.
Awesome Scala - Scala libraries and tools.
Awesome Elixir - Elixir resources and libraries.
Awesome Haskell - Haskell resources.
Awesome Clojure - Clojure resources.
Awesome Lua - Lua libraries and tools.
Awesome Perl - Perl resources.
Awesome OCaml - OCaml tools and libraries.
Awesome R - R language resources.
Awesome Julia - Julia ecosystem resources.

2. Computer Science & Software Engineering

2.1 2.1 Comprehensive Learning Paths & Courses

OSSU Computer Science - A complete self-taught computer science curriculum from the open-source university community.
Developer Roadmap - Roadmaps to become various types of developers, very comprehensive.
Coding Interview University - A full self-study plan for software engineers, especially for interview preparation.
Free Programming Books - A vast collection of free programming ebooks.
Project Based Learning - Tutorials for learning programming by building real projects.
Build Your Own X - Tutorials for building your own database, operating system, robot, etc.
CS-Notes - Essential technical interview knowledge and Leetcode solutions.
Tech Interview Handbook - Free technical interview resources for busy engineers.
Teach Yourself CS - (Included in OSSU) Classic guide for self-learning computer science.
Every Programmer Should Know - A list of knowledge every programmer should know.
Free for Dev - Free SaaS, PaaS, IaaS, and other services for developers.
Professional Programming - Resources to become a more professional programmer.
What the f*ck Python! - Fun Python snippets to understand language details.

2.2 2.2 Algorithms & Data Structures

The Algorithms - Python - Python implementations of all algorithms.
The Algorithms - Java - Java implementations of all algorithms.
The Algorithms - JavaScript - JavaScript implementations of all algorithms.
The Algorithms - Go - Go implementations of all algorithms.
Awesome Algorithms - Resources for learning algorithms and data structures.
LeetCode - Solutions in multiple languages.
Algorithm Visualizer - Interactive algorithm visualization tool.
Algorithms - Minimalistic, human-readable algorithm implementations.
Hello-Algorithm - "Hello Algorithm": Animated, one-click runnable tutorials for data structures and algorithms.
Structure and Interpretation of Computer Programs - Electronic version of SICP.
Competitive Programming - Resources for algorithm competitions.
DSA-Bootcamp-Java - Kunal Kushwaha’s data structures and algorithms bootcamp.
Sedgewick-Algorithms - Solutions from Sedgewick and Wayne's Algorithms book.

2.3 2.3 System Design & Architecture

System Design Primer - Learn how to design scalable systems; essential for interviews.
Systems Design Cheatsheet - System design quick reference.
Awesome Microservices - Microservices architecture patterns, frameworks, and resources.
Microservices-Patterns - Example code for Microservices Patterns book.
Awesome Scalability - Reading list on scalability, availability, and stability patterns.
Cloud Design Patterns - Official Microsoft cloud design patterns.
Architecture of Open Source Applications - Analysis of open-source application architectures.
How-web-works - Simple explanations of how the web works.

2.4 2.4 Software Engineering Practices & DevOps

Awesome SRE - Site Reliability Engineering (SRE) resources.
Awesome Design Patterns - Software design pattern resources.
Source-Making-Design-Patterns - Java design pattern implementations.
Awesome Testing - Software testing resources, tools, and techniques.
Awesome Clean Code - Notes and practices from Clean Code.
Software Engineering at Google - Google engineering practices.
97-Things-Every-Programmer-Should-Know - 97 things every programmer should know.
The Book of Secret Knowledge - Notes and checklists for sysadmins, pentesters, and developers.
Awesome CI/CD - Continuous integration and deployment resources.
Awesome Production Machine Learning - Production ML resources.
Git-Best-Practices - Git flight rules; best practices guide.
API-Security-Checklist - Checklist for building secure APIs.
Awesome Agile - Agile software development resources.

2.5 2.5 Operating Systems & Low-Level Concepts

Awesome Operating Systems - Operating system development resources.
Linux Kernel - Source code.
Awesome Compilers - Compilers, interpreters, and runtime resources.
Crafting Interpreters - Open-source version of Crafting Interpreters.
Writing an OS in Rust - Blog series on building an OS in Rust.
The little book about OS development - A small book on OS development.
xv6-riscv - MIT’s teaching operating system xv6 for RISC-V.
Operating Systems: Three Easy Pieces - Classic operating systems textbook.
Awesome-LLVM - LLVM-related resources.
Linux-Insides - Deep dive into the Linux kernel.
What Happens When You Type a URL in the Browser - What happens after typing a URL in a browser.
Awesome Networking - A curated list of computer networking tutorials, courses, books, and resources, covering everything from fundamentals to advanced network topics.

2.6 2.6 Databases

Awesome Database - Database tools and resources.
Awesome-Postgres - PostgreSQL resources.
Awesome-MySQL - MySQL resources.
Awesome-Redis - Redis resources.
Awesome-MongoDB - MongoDB resources.
Database-Systems-Design-Implementation-and-Management - Database learning resources.
DB-Engines - Database popularity ranking.

2.7 2.7 Mathematics & Theoretical Foundations

Awesome Mathematics - Mathematics resources.
Awesome Cryptography - Cryptography resources.
3Blue1Brown - Animation engine behind famous math visualization videos.
Project Euler - Solutions for Project Euler problems.
Math-as-code - Cheat sheet for translating math formulas into code.
Homotopy Type Theory - Book on homotopy type theory.

2.8 2.8 Miscellaneous & Others

Awesome-Unicode - Unicode resources.
Awesome-Talks - Excellent technical talks.
Computer-Science-From-the-Bottom-Up - Computer science from scratch.
Nand to Tetris - From NAND gates to Tetris: build a modern computer.
Go-SCP - SCP client implemented in Go.
Public-APIs - Free public APIs for development and testing.
Learn-anything - Learning paths with interactive mind maps.
The-Art-of-Command-Line - The art of using the command line.
Gitignore - Collection of useful .gitignore templates.
Big-List-of-Naughty-Strings - List of "naughty" strings for testing.
Awesome-Technical-Writing - Technical writing resources.
Awesome-Scientific-Writing - Scientific writing resources.
Awesome-Product-Management - Product management resources.
Awesome-Sysadmin - System administrator resources.

3. Programming Languages

3.1 3.1 Comprehensive Awesome Lists & Multi-Language Resources

Learn X in Y Minutes - Quick syntax introductions for dozens of languages.
Rosetta Code - Compare the same tasks across many programming languages.
Build Your Own Lisp - Hands-on guide to building a Lisp interpreter in C.

3.2 3.2 Imperative & Procedural Languages

C – Awesome C - Libraries, tools, and best practices.
COBOL – Awesome COBOL - Enterprise and legacy system resources.
Pascal – Free Pascal - Compiler and documentation.
Ada – AdaCore Learn - Official tutorials and learning paths.

3.3 3.3 Object-Oriented Languages

Smalltalk – Pharo - Modern Smalltalk environment and tutorials.

3.4 3.4 Functional Languages

OCaml – OCaml - Official documentation and learning guides.
F# – F# - Functional programming on .NET.
Racket / Scheme – Racket - Lisp/Scheme language and SICP materials.
Erlang – Erlang - Concurrency-focused functional language.
Elixir – Elixir - Modern functional language on the BEAM VM.

3.5 3.5 Web & Modern Application Languages

Dart – Dart - Official tutorials and Flutter ecosystem.

3.6 3.6 Systems, Data & Emerging Languages

Rust – Rust - Memory-safe systems programming resources.
Go – Go - Concurrency-oriented backend development tools.
Zig – Zig - Modern low-level systems language.
Nim – Nim - Efficient compiled systems language.
R – R Project - Statistical computing environment.
Julia – Julia - High-performance scientific computing.
Swift – Swift - Apple ecosystem and server development.
Kotlin – Kotlin - JVM and Android development.

3.7 3.7 Domain-Specific & Specialized Languages

Solidity – Solidity - Ethereum smart contract language.
Vyper – Vyper - Pythonic smart contract language.
Move – Move - Blockchain smart contract language.
SQL – SQLBolt - Interactive SQL learning.
XQuery – XQuery - XML query language specification.
VHDL – VHDL Guide - Hardware description tutorials.
Bash – Awesome Shell - Shell scripting resources.
PowerShell – Awesome PowerShell - Automation and tooling.
GLSL – The Book of Shaders - Shader programming tutorials.
Processing / p5.js – p5.js - Creative coding framework.

4. Cybersecurity

4.1 Foundations & Entry Level

SafeLine - A high-performance WAF from Chaitin Tech.
CrowdSec - A community-driven, collaborative intrusion prevention system.
Trivy - A comprehensive vulnerability scanner for containers, Kubernetes, and code repositories.
Awesome Hacking - One of the most comprehensive lists of hacking resources, with a rich reconnaissance section.
Awesome Pentest - A curated list of penetration testing resources, where information gathering is the primary step.
Awesome OSINT - The authoritative resource list for Open Source Intelligence (OSINT), the core of information gathering.
InfoSec Reference - An information security reference with numerous diagrams, notes, and tool links.
Hacking-Tools - An all-in-one hacking tool installer and collection.
Bug Bounty Hunting Methodology - Jason Haddix's methodology for bug bounty hunters.
PayloadsAllTheThings/Reconnaissance - Reconnaissance methodology and resources.
NahamSec/Resources - Resources for beginner bug bounty hunters.
Pentester Land - A large collection of bug bounty writeups.
HackerOne/hacktivity - Publicly disclosed vulnerability reports.
OSINT Dojo - OSINT learning and challenges.
The Hacker's Handbook - Official The Hacker's Handbook resource.
Bug-Bounty-Toolz - A collection of tools for bug bounty hunting.

4.2 Reconnaissance & Information Gathering

4.2.1 Subdomain Enumeration & Discovery

Amass - From OWASP, the most powerful tool for in-depth subdomain enumeration and network mapping.
Subfinder - From ProjectDiscovery, a fast and modular passive subdomain enumeration tool.
OneForAll - A powerful subdomain collection tool.
Assetfinder - Quickly discovers subdomains and domains related to a given domain.
Findomain - An extremely fast cross-platform subdomain scanner.
Sublist3r - A Python tool for passive subdomain enumeration using multiple search engines.
MassDNS - A high-performance DNS resolver, often used for subdomain brute-forcing.
Gobuster - A directory/file, DNS, and vHost brute-forcing tool written in Go.
Ksubdomain - A stateless subdomain brute-forcing tool.
ShuffleDNS - A subdomain brute-forcing and resolution tool that wraps MassDNS.
Altdns - Generates and resolves variations of existing subdomains.
CTFR - Discovers subdomains using certificate transparency logs.
Sudomy - A subdomain enumeration, analysis, and reconnaissance tool.
DNSx - A fast and versatile DNS toolkit supporting multiple query types.
Domain-hunter - A powerful domain asset collection and management tool.
Cero - Scrapes subdomains from certificate transparency logs.
Crt.sh - A certificate transparency log search engine website.
DNS-Recon - A powerful DNS enumeration script.
Knock - A Python subdomain scanning tool.
Lepus - A subdomain enumeration and information gathering tool.
BBScan - A fast and simple information leakage scanner that also includes subdomain discovery.
dnscan - A DNS scanner written in Python.
subbrute - A fast DNS subdomain brute-forcing tool.

4.2.2 Network Scanning & Port Discovery

Nmap - The king of network discovery and security auditing, an essential tool.
Masscan - An internet-scale port scanner, extremely fast.
Zmap - Another open-source network scanner designed for internet-wide scanning.
Naabu - A fast port scanner written in Go, focusing on reliability and simplicity.
RustScan - An extremely fast port scanner that can automatically pipe results into Nmap.
Sandmap - A graphical scanning tool that uses Nmap as its engine.
Unicornscan - An asynchronous TCP/UDP scanner.
Angry IP Scanner - A fast and friendly network scanner.
Advanced-Port-Scanner - A free Windows port scanner.
Netdiscover - An ARP reconnaissance tool included in Kali.
Sparta - A graphical network infrastructure penetration testing tool.
Zgrab2 - A fast, modular application layer scanner written in Go.

4.2.3 Web Crawling & Directory/Path Discovery

Dirsearch - A web path scanner written in Go, fast and powerful.
Feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
FFUF (Fuzz Faster U Fool) - A fast web fuzzer written in Go, often used for directory brute-forcing.
Wfuzz - A flexible web application fuzzer.
Hakrawler - A fast web crawler written in Go, designed to discover endpoints and assets.
Gospider - A fast web crawler written in Go.
Katana - The next-generation web crawler from ProjectDiscovery.
Scrapy - A powerful Python crawling framework that can be used for information gathering.
Waybackurls - Extracts URLs from the Wayback Machine and Common Crawl.
Gau (Get All URLs) - Fetches known URLs from multiple sources.
ParamSpider - A crawler for mining parameters.
LinkFinder - A Python script to discover endpoints in JavaScript files.
Arjun - An HTTP parameter discovery suite.
Meg - A fetch tool for fetching a large list of URLs.
Dirb - A classic web content scanner included in Kali.
Photon - An extremely fast OSINT and web crawler.
XRay - A powerful security assessment tool that includes a crawler.
URL-Hunter - Collects URLs from Pastebin in real-time.
Subjs - Extracts JavaScript files from web pages.
Waymore - Finds more URLs from more sources.

4.2.4 Open Source Intelligence (OSINT) & Sensitive Information Leakage

TruffleHog - Searches for high entropy strings and secrets in Git repositories, digging deep into commit history.
Gitleaks - Detects hardcoded secrets in Git repositories.
Shhgit - Monitors GitHub in real-time for accidentally committed secrets and sensitive files.
Sherlock - Hunts for social media accounts by username across major social networks.
Maigret - A powerful fork of Sherlock that supports more websites.
Social-analyzer - Analyzes and finds profiles on over 1000 social media/websites by username or email.
SpiderFoot - An automated OSINT tool that integrates dozens of data sources.
Recon-ng - A full-featured web reconnaissance framework inspired by Metasploit.
Maltego - A powerful graphical link analysis tool for OSINT and forensics.
OSINT-Framework - A web interface for the OSINT framework with clear categorization.
GitDorker - Quickly and effectively finds sensitive information on GitHub using dorks.
PhoneInfoga - An advanced information gathering tool for phone numbers.
Twint - An advanced Twitter scraping and OSINT tool.
GitGraber - Monitors GitHub in real-time for sensitive data leakage related to companies.
DumpsterDiver - Searches for hardcoded secrets in various types of files.
Git-secrets - Prevents you from committing passwords and other sensitive information to a Git repository.
Gitrob - Finds potentially sensitive files in the repositories of public organizations or members on GitHub.
Holehe - Checks if an email is registered on different websites.
GHunt - An OSINT tool for Google accounts.
Blackbird - A username search tool for social networks.
Metagoofil - Extracts metadata from public documents.
FOCA - An automated metadata analysis tool.
DataSploit - Performs reconnaissance on companies, people, phone numbers, etc., using OSINT.
Instaloader - Downloads Instagram pictures (or videos) along with their captions and metadata.
WhatsMyName - A username enumeration tool.

4.2.5 Visualization & Data Processing

Aquatone - A tool for visual inspection of websites across a large number of hosts.
Gowitness - A website screenshot tool written in Go.
Eyewitness - Designed to take screenshots of websites and assess default credentials for web servers.
Httpx - A fast and multi-purpose HTTP toolkit, often used for probing live hosts.
Httprobe - Probes a given list of domains for running HTTP or HTTPS services.
Unfurl - Effectively parses and visualizes URLs.
Jq - A command-line JSON processor, a godsend for handling API output in information gathering.
Anew - Appends new lines to a file if they don't already exist.
Grep - A basic Linux command, a powerful tool for text searching.
Curl - A command-line tool for transferring URLs.
Wget - A non-interactive network downloader.
webscreenshot - A simple website screenshot tool.
WitnessMe - A web screenshotting tool.
qsreplace - Replaces parameter values in URL query strings.
gf - A wrapper around grep to find potential vulnerability patterns.
Interlace - Easily multithread and parallelize different commands.

4.2.6 Comprehensive Reconnaissance Frameworks & Platforms

Sn1per - An automated penetration testing reconnaissance scanner.
Osmedeus - An automated offensive security workflow.
ReconFTW - Aims to perform fully automated reconnaissance on a target by running the best set of tools.
IVRE - An open-source network reconnaissance framework, including passive and active analysis.
Faraday - A multi-user penetration test collaboration platform.
Dradis Framework - A collaboration framework for sharing information and reporting.
MagicTree - A data management and reporting tool, often used in penetration testing.
Discover - A custom bash script to automate various reconnaissance tasks.
TIDoS-Framework - A comprehensive web application penetration testing framework.
ReconDog - An all-in-one reconnaissance tool.

4.2.7 Technology-Specific Reconnaissance

Wpscan - A WordPress security scanner.
Joomscan - A Joomla CMS scanner.
Droopescan - A Drupal CMS scanner.
CMSeeK - A CMS detection and vulnerability scanning suite.
S3Scanner - Scans for misconfigured AWS S3 buckets.
Cloud-enum - A multi-cloud OSINT enumeration tool (AWS, Azure, Google Cloud).
Git-dumper - A tool to dump source code exposed by a .Git directory.
DS_Store-dumper - Parses .DS_Store files and downloads source code.
WeirdAAL - An AWS attack and reconnaissance tool.
kube-hunter - Hunts for security weaknesses in Kubernetes clusters.
Nacos-Client - The Nacos client, which can be used for unauthorized access.

4.3 Secure Development

Awesome AppSec - A comprehensive list of resources for Application Security (AppSec).
OWASP Cheat Sheet Series - Secure development cheat sheets from OWASP, the gold standard for secure coding.
OWASP Secure Coding Practices-Quick Reference Guide - The OWASP Secure Coding Practices Quick Reference Guide.
Awesome DevSecOps - A list of tools, services, and resources related to DevSecOps.
Awesome-Static-Analysis - A collection of static analysis tools, linters, and code quality checkers.
OWASP-SAMM - The Software Assurance Maturity Model (SAMM).
OWASP-ASVS - The Application Security Verification Standard (ASVS).
Semgrep - A fast, open-source static analysis tool that is easy to write custom rules for.
CodeQL - A code analysis engine from GitHub for automating security checks.
SonarQube - An open-source platform for continuous inspection of code quality and security.
Horusec - An open-source tool for SAST, SCA, and IaC scanning.
Snyk Code - Snyk's developer-first SAST tool.
Dependency-Check - OWASP's SCA tool, which can also be considered part of broader SAST.
Snyk Open Source - Finds and fixes vulnerabilities in open-source dependencies.
Dependabot - (Integrated into GitHub) Automatically creates PRs to keep your dependencies up to date.
Syft - Generates a Software Bill of Materials (SBOM) from container images and filesystems.
Grype - Scans SBOMs generated by Syft for vulnerabilities.
CycloneDX - A lightweight Software Bill of Materials (SBOM) standard.
SPDX (Software Package Data Exchange) - Another SBOM standard.
Renovate - An automated dependency update tool, similar to Dependabot.
JFrog Xray - A commercial SCA tool.
Black Duck - Synopsys's commercial SCA solution.
Contrast Security - A commercial leader in the IAST and RASP space.
Seeker (Synopsys) - Synopsys's IAST solution.
OpenRASP - Baidu's open-source Runtime Application Self-Protection (RASP) solution.
Sqreen - (Acquired by Datadog) RASP and application security monitoring.

4.4 Web Security

Awesome Web Security - The most comprehensive list of web security resources, covering various topics.
PayloadsAllTheThings - The ultimate collection of web attack payloads and bypass techniques.
OWASP Top 10 Project - The official OWASP Top 10 project and documentation.
Awesome Web Hacking - Another resource list on web security and bug bounties.
Awesome-Bug-Bounty - A list of bug bounty resources.
Web-Security-Learning - Web security learning notes.
PortSwigger Web Security Academy - Free online web security training from the creators of Burp Suite.
Awesome-WAF - A list of resources for Web Application Firewalls (WAF).
Burp Suite - The industry standard for web security testing, integrating proxy, scanner, intruder, and more.
OWASP ZAP (Zed Attack Proxy) - A powerful, open-source web application security scanner and proxy tool.
mitmproxy - An interactive, SSL/TLS-capable HTTPS proxy.
Caido - An emerging, lightweight, and fast web security auditing toolkit.
GoLismero - An open-source web application security framework.
Vega - An open-source web security scanner and testing platform.
Fiddler - A free web debugging proxy for Windows.
Charles Proxy - A commercial HTTP proxy/monitor for Windows, Mac, and Linux.
Proxify - A versatile and customizable HTTPS proxy written in Go.
Bettercap - The Swiss army knife for man-in-the-middle attacks.
sqlmap - An automated SQL injection and database takeover tool.
NoSQLMap - An automated NoSQL injection and database takeover tool.
Commix - An automated command injection and exploitation tool.
Tplmap - An automated server-side template injection detection and exploitation tool.
GraphQLmap - A script for mapping GraphQL endpoints and conducting penetration tests.
Inject-Payloads - A collection of payloads for web fuzzing.
Damn Vulnerable Web Application (DVWA) - A classic PHP/MySQL web application with various vulnerabilities.
SQLi-Labs - A practice lab for SQL injection.
Ghauri - An advanced SQL injection detection and exploitation tool.
DSSS (Damn Small SQLi Scanner) - A small SQL injection scanner.
BeEF (The Browser Exploitation Framework) - A browser exploitation framework, often used in conjunction with XSS.
XSSHunter - A framework for identifying and managing blind XSS vulnerabilities.
XSStrike - An advanced XSS scanner.
Dalfox - An XSS parameter analysis and scanning tool written in Go.
Awesome-XSS - A list of XSS resources.
DOMPurify - A DOM-only, super-fast, and robust XSS sanitizer for HTML, MathML, and SVG.
js-xss - A JavaScript library for preventing XSS.
bXSS - A blind XSS framework.
xssor2 - An XSS data reception and exploitation platform.
EzXSS - An easy-to-use blind XSS platform.
SSRFmap - An automated SSRF exploitation tool.
Gopherus - Generates Gopher payloads for SSRF and more.
XXEinjector - An automated XXE exploitation tool.
LFISuite - A fully automated LFI scanning and exploitation tool.
dotdotpwn - A directory traversal fuzzer.
Interactsh - An OAST (Out-of-Band Application Security Testing) server for detecting SSRF, blind injection, etc.
Request-Baskets - A web service for collecting HTTP requests, useful for testing SSRF.
Smuggler - A Python script for testing HTTP request smuggling.
Race The Web - A tool for testing race condition vulnerabilities in web applications.
Turbo Intruder - A Burp Suite extension for sending a large number of high-speed HTTP requests, suitable for testing race conditions.
WAFW00F - Identifies and fingerprints Web Application Firewalls.
WhatWeb - The next generation web scanner for fingerprinting.
CORStest - A comprehensive scanner for CORS misconfigurations.
JWT-tool - A toolkit for verifying, forging, and cracking JWTs.
C-jwt-cracker - A JWT cracker written in C.
OAuth-2.0-Security-Best-Current-Practice - OAuth 2.0 Security Best Current Practice.
Web-Cache-Vulnerability-Scanner - A scanner for web cache poisoning vulnerabilities.
Wordlists (SecLists) - A collection of multiple types of lists used during security assessments, with a large number of lists for web attacks.
FuzzDB - A dictionary of payloads for offensive security testing.
HTTPie - A modern, user-friendly command-line HTTP client.

4.5 JavaScript Reverse Engineering

de4js - A JavaScript deobfuscation tool.
AST Explorer - An online tool for analyzing JavaScript AST.
Retire.js - Detects the use of JS libraries with known vulnerabilities.
SecretFinder - Discovers sensitive data and endpoints in JS files.
PostMessage-tracker - A Chrome extension for tracking postMessage communication.
JSCrunch - A JavaScript obfuscator.
Obfuscator.io - A free JavaScript obfuscation tool.
JS-Vuln-DB - A JavaScript vulnerability database.
ESLint - A pluggable JS linting tool that can be configured with security rules.
Nodejsscan - A static security code scanner for Node.js applications.

4.6 Java Security

ysoserial - A tool for generating payloads that exploit unsafe Java object deserialization.
Marshalsec - A Java deserialization exploitation library supporting multiple formats and payloads.
GadgetProbe - Probes for available gadget chains in Java deserialization.
Java-Deserialization-Cheat-Sheet - A cheat sheet for Java deserialization.
Log4j-scan - A scanner for the Log4Shell (CVE-2021-44228) vulnerability.
JNDI-Injection-Exploit - A tool for exploiting JNDI injection.
JNDI-Exploit-Kit - A JNDI injection exploit kit.
Jackson-databind-deser-PoC - The official Jackson documentation, including a security section.
Java-Decompiler - A GUI for Java decompilers.
Recaf - A modern Java bytecode editor.
Arthas - An open-source Java diagnostic tool from Alibaba, also useful for security analysis.
Burp-ysoserial - A plugin to integrate ysoserial into Burp Suite.
Java-Exploit-Framework - A Java security research and exploitation framework.
SpotBugs - The spiritual successor to FindBugs, for Java static analysis.
Error-prone - A Java static analysis tool from Google that catches compile-time errors.

4.7 Web3 & Blockchain Security

Awesome Web3 Security - A list of resources for Web3 security.
Smart Contract Best Practices - Best practices for smart contract security.
Echidna - An Ethereum smart contract fuzzer.
Slither - A Solidity static analysis framework.
Manticore - A dynamic binary analysis and symbolic execution tool that supports smart contracts.
Mythril - A security analysis tool for Ethereum smart contracts.
Damn Vulnerable DeFi - A wargame to learn offensive security of DeFi smart contracts.
Ethernaut - A Web3/Solidity-based wargame.
Solidity-doc - The official Solidity documentation.
OpenZeppelin Contracts - A library for secure smart contract development.
Foundry - An extremely fast, portable, and modular toolkit for Ethereum application development written in Rust.
Hardhat - An Ethereum development environment.
Ganache - A personal Ethereum Blockchain for development and testing.

4.8 API Security

Awesome API Security - The authoritative resource list for API security, covering tools, articles, and best practices.
OWASP API Security Top 10 - The official OWASP Top 10 API Security Risks project.
Postman - A collaboration platform for API development, testing, and documentation, also a starting point for API security testing.
Insomnia - An open-source, cross-platform API design and testing tool.
Kiterunner - An API brute-forcing and content discovery tool for scanning API endpoints.
InQL - A Burp Suite extension for advanced GraphQL testing.
gRPC-UI - An interactive web UI for gRPC, similar to Postman.
gRPCurl - A command-line tool for gRPC, similar to cURL.
Clairvoyance - A tool to get the schema of a GraphQL API without a wordlist.
Astra - An automated security testing suite for REST APIs.
Cherrybomb - A CLI tool for finding inconsistencies in OpenAPI specifications.
Talisman - A tool to detect potential secrets or sensitive information in Git hooks, preventing API key leakage.
Widdershins - Converts formats like OpenAPI/Swagger to Markdown documentation.
Swagger-Editor - An editor for OpenAPI/Swagger specifications.
OpenAPI-Generator - Generates clients, server stubs, etc., from an OpenAPI specification.
SOAP-UI - An open-source web service testing tool supporting SOAP and REST.
Karate - An open-source API test automation tool.
Rest-assured - A library for easily testing REST services in Java.

4.9 Service & Middleware Security

ysoserial.net - A deserialization payload generation tool for the .NET platform.
dnSpy - A .NET debugger and assembly editor.
ILSpy - An open-source .NET assembly browser and decompiler.
dotPeek - A free .NET decompiler from JetBrains.
Exchange-Vulns - A PoC for the Exchange Server (ProxyLogon) vulnerability.
PHPGGC - A PHP deserialization payload generator.
Weevely - A stealthy PHP webshell and backdoor.
AntSword - An open-source, cross-platform website management tool (webshell management).
Behinder - A dynamic binary encrypted website management client (webshell management).
Godzilla - Another powerful webshell management tool.
PowerUpSQL - A PowerShell toolkit for attacking SQL Server.
SQL-Server-Cheatsheet - A cheatsheet for attacking SQL Server.
Redis-Rogue-Server - An exploit tool for Redis unauthorized access.
MSDAT (Microsoft SQL Database Attacking Tool) - A Microsoft SQL Database attacking tool.
Elasticsearch-Exploit - Exploits for Elasticsearch vulnerabilities.
DB-PT-Cheatsheet - A database penetration testing cheatsheet.
JBoss-Scan - A vulnerability scanning and exploitation tool for JBoss application servers.
Tomcat-Exploits - Exploit tools related to Tomcat.
Nginx-Exploits - An Nginx configuration analysis tool.
Apache-Struts-Exploits - Struts exploit modules in Metasploit.
Jenkins-Vulns - Exploits for Jenkins vulnerabilities.
RabbitMQ-Vulns - The official security page for RabbitMQ.
ActiveMQ-RCE - ActiveMQ security advisories.
Awesome-Web-Server-Security - A list of resources for web server security.
Memcached-injection-payloads - Payloads for Memcached injection.
FTP-Attack - Hydra can be used for brute-forcing FTP.
SMTP-Exploits - Exploit scripts related to SMTP.
SNMP-Attack - Exploit scripts related to SNMP.
RDP-Exploits (BlueKeep) - A scanner for BlueKeep (CVE-2019-0708).
VNC-Hacking - (Includes) Zphisher has VNC-related phishing templates.
LDAP-Injection-Cheatsheet - OWASP's LDAP injection cheatsheet.
SIP-Hacking - The SIPVicious suite for auditing SIP-based VoIP systems.
VoIP-Hacking - A list of VoIP security resources.
NTP-Amplification-Attack - A script for NTP amplification attacks.
DNS-Amplification-Attack - A script for DNS reflection attacks.
DHCP-Attack - DHCP reconnaissance and attacks.

4.10 Mobile Application Security

Awesome-Android-Security - A list of Android security resources, including many reverse engineering tools.
Awesome-iOS-Security - A list of iOS security resources.
MobSF (Mobile Security Framework) - An automated, all-in-one mobile application (Android/iOS/Windows) pentesting, malware analysis, and security assessment framework.
Objection - A runtime mobile security assessment framework built on Frida.
Apktool - A tool for reverse engineering Android applications.
Jadx - A decompiler for Android Dex and Apk files.
JEB Decompiler - A professional decompiler for Android and Java.
Frida - A dynamic code instrumentation toolkit for injecting scripts into black-box processes.
Drozer - A comprehensive security and attack framework for Android.
Needle - An open-source, modular framework to streamline the process of assessing the security of iOS apps.
Androguard - A full-featured, powerful, and Python-based tool for reverse engineering and malware analysis on Android.
House - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida.
Grapefruit - A runtime application instrumentation tool for iOS.
Cycript - A tool that allows developers to explore and modify running applications on either iOS or Mac OS X.
IDB - A tool to simplify some common tasks for iOS pentesting and research.
Android-SSL-TrustKiller - A tool to bypass SSL certificate pinning in Android apps.
iOS-SSL-Kill-Switch - A blackbox tool to disable SSL certificate validation in iOS apps.
Magisk - A suite of open source software for Android that allows for systemless modification.
Xposed Framework - A framework for modules that can change the behavior of the system and apps without touching any APKs.

4.11 System Security

Linux-Kernel-Exploitation - Learning resources for Linux kernel exploitation.
Windows-Kernel-Exploits - A collection of exploit code for Windows kernel vulnerabilities.
Mimikatz - A god-like tool for extracting plaintext passwords, hashes, PINs, and Kerberos tickets from Windows memory.
PowerSploit - A post-exploitation framework for PowerShell.
Empire - A post-exploitation agent for PowerShell and Python.
Sysinternals Suite - Microsoft's official suite of advanced troubleshooting, management, and diagnostic tools for Windows.
BloodHound - A tool for visualizing Active Directory trust relationships to find attack paths.
Responder - An LLMNR, NBT-NS, and MDNS poisoning tool for obtaining Net-NTLM hashes.
Impacket - A collection of Python classes for working with network protocols, including many scripts for attacking Windows network protocols.
CrackMapExec - A post-exploitation tool for assessing large Active Directory networks.
Rubeus - A toolset for Kerberos interaction and abuse.
SharpHound - The official C# data collector for BloodHound.
LaZagne - An open-source password recovery tool that can grab passwords from various software.
Juicy Potato - A Windows privilege escalation tool (a variant of Rotten Potato).
PrintSpoofer - Abuses the printer service for privilege escalation.
Windows-Exploit-Suggester - A tool that suggests available exploits based on the system's patch level.
Sherlock - A PowerShell script to quickly find local privilege escalation vulnerabilities.
Watson - A .NET tool for enumerating Windows kernel vulnerabilities.
Seatbelt - A C# tool for performing host reconnaissance and security posture checks.
DeathStar - A script that uses GPO to move laterally in an AD forest via Empire.
AD-Attack-Defense - Active Directory attack and defense resources.
LOLBAS (Living Off The Land Binaries and Scripts) - Attacking using binaries and scripts native to the Windows system.
ProcDump - Microsoft's official process memory dump tool, can be used with Mimikatz.
Sticky-Keys-Slayer - Automates the exploitation of sticky keys for backdoor implantation.
Invoke-Obfuscation - A PowerShell command obfuscation framework.
Process-Hacker - A powerful, multi-purpose tool for monitoring system resources, debugging software, and detecting malware.
LinPEAS - A script for checking Linux privilege escalation (Privilege Escalation Awesome Scripts SUITE).
Linux-Exploit-Suggester - A tool that suggests available exploits based on the operating system version.
GTFOBins - Exploiting Unix/Linux binaries for privilege escalation or bypass.
PwnKit Exploit (CVE-2021-4034) - An exploit for the PwnKit local privilege escalation vulnerability in Polkit.
Dirty-Pipe (CVE-2022-0847) - Detection and exploitation of the "Dirty Pipe" vulnerability.
Chkrootkit - A tool to locally check for rootkits.
RKHunter (Rootkit Hunter) - Scans for rootkits, backdoors, and local exploits.
Lynis - A security auditing and hardening tool for Linux, macOS, and Unix-like systems.
Linux-Privilege-Escalation-Resources - Linux kernel exploitation resources.
Sudo-Killers - A tool to exploit Sudo configuration errors for privilege escalation.
Linux-Post-Exploitation-Command-List - A list of Linux post-exploitation commands.
Linux-Hardening-Guid - A Linux security hardening guide.
SELinux-Game - Learn SELinux by playing a game.
AppArmor - A Linux kernel security module for restricting program capabilities.
Auditd - The Linux audit system.
OSSEC - An open-source Host-based Intrusion Detection System (HIDS).
Wazuh - An open-source security platform based on OSSEC.
Falco - A cloud-native runtime security tool, often used for Linux hosts and containers.

4.12 Cloud Security

Awesome Cloud Security - A comprehensive list of resources i>.
Awesome Kubernetes Security - A list of Kubernetes security res>.
Awesome Container Security - A list of container security>.
Awesome Cloud Native Security - A list of cloud-native s>.
Awesome-Serverless-Security - A list of Serverless security>.
Cloud-Sec-List - A list of cloud security tools, blogs,>.
Container-Security-Book - The book "Container Security" by Liz Rice.
Hacking-Kubernetes - The official repository for the book>.
Cloud-Native-Security-Whitepaper - The Cloud Na>.
Deepce - An exploitation tool for Docker/K8s.
Docker-bench-security - A script that checks if Docker is deployed>.
Clair - An open-source static analysis tool for vulnerabilities in container images.
Dagda - Scans Docker images for known vulnerabilities, trojans, viruses,>.
Dive - A tool for exploring Docker/OCI images, layer contents, and discovering w>.
Hadolint - A linter and static analysis tool for Dockerfiles.
Slim - A tool for automatically slimming down Docker images to reduce the atta>.
Docker-escape-ctf - A PoC for the runC container escape vulne>.
Control-groups-in-containers - Hands-on learning for cgroups.
Namespaces-in-Go - Hands-on learning for namespaces.
Sysdig - A system-level exploration, monitoring, and troubleshooting tool that su>.
Kata-Containers - A secure container runtime that provides stro>.
gVisor - An application kernel (sandbox) from Google that provides secure isolati>.
Container-security-checklist - A container security checklis>.
Docker-Secure-Deployment-Guidelines - Docker secure d>.
Kube-bench - A tool that checks if Kubernetes is deployed securely, bas>.
Kube-score - A static code analysis tool for Kubernetes object definitions.
Kube-scan - Scans Kubernetes clusters for risks and provides a score.
Kubelet-attack - Analysis >.
Kubescape - The first tool for testing if Kubernetes is deployed based on t>.
Peirates - A Kubernetes penetration testing tool.
CDK (Container-Device-Interface) - CDK is a penetration testing tool customized fo>.
Helm-secrets - A plugin for managing secrets in Helm charts.
Kyverno - A policy engine designed for Kubernetes.
OPA/Gatekeeper - A Kubernetes policy controller that uses Open Pol>.
Kube-apiserver-attack
ETCD-Security - The official etcd security guide.
Kubernetes-Goat - An intentionally vulnerable Kubernetes cluster for>.
Kube-Linter - A static analysis tool for Kubernetes YAML files and Helm ch>.
Terrascan - Detects security issues in IaC, supporting Kubernetes.
Checkov - A static code analysis tool for IaC, supporting Kubernetes.
Datree - Prevents incorrect Kubernetes configurations from being pushed to prod>.
K9s - A Kubernetes CLI for managing clusters, also useful for security reviews.
Lens - A Kubernetes IDE that provides powerful visualization and management capabi>.
Pacu - An AWS exploitation framework.
Cloud-sploit - A security and compliance checking tool for AWS, Azure,>.
Prowler - A tool for AWS security best practices assessment, auditing, ha>.
ScoutSuite - A multi-cloud security auditing tool.
CloudGoat - Rhino Security Labs' "vulnerable by design" AWS deploym>.
TerraGoat - Bridgecrew's "vulnerable by design" Terraform project.
Lambda-Guard - An AWS Lambda security scanner.
GCP-Bucket-Brute - A script to brute-force Google Cloud Storag>.
Steampipe - Use SQL to query your cloud infrastructure.
Cartography - Visualize infrastructure assets and their relationships in an in>.
ElectricEye - Continuous AWS security auditing.
Azure-Hunter - A threat hunting tool for the Azure platform.
MicroBurst - A PowerShell toolkit for Azure services.
Azucar - A security auditing tool for the Azure platform.
Tfsec - A static analysis security scanner for Terraform code.
Kics - Finds security vulnerabilities, compliance issues, and infrastructure mis>.
Regula - Evaluates Terraform and CloudFormation Infrastructure as Code for complia>.
Atlantis - Pull Request automation for Terraform.
Argo CD - A declarative GitOps continuous delivery tool for Kubernetes.
Flux - A toolset for GitOps on Kubernetes.
Awesome-IaC-Security - A list of IaC security resources.

4.13 Vulnerability Discovery & Exploitation

Awesome Pentesting - A curated co>.
Exploit Database - The offici>.
ProjectDiscovery Tools - A collection of >.

4.14 Code Auditing

Awesome Code Review - A curated list of tools, articles, and resources about code review.
Bandit - A tool designed specifically to find common security issues in Python code.

4.15 Privilege Escalation

Awesome Privilege Escalation - A curated list of high-quality resources, articles, and tools on privilege escalation.
PEASS-ng - Privilege Escalation Awesome Scripts SUITE, for Windows and Linux/Unix systems, to check for potential privilege escalation paths.
LOLBAS - Documents binaries, scripts, and libraries that can be used for "Living Off The Land" attacks on Windows.
LinEnum - A scripted Linux local enumeration and privilege escalation checker.

4.16 Evasion & Defense Bypass

ScareCrow - An EDR evasion payload generatio>.
Shellcode-Loader - Converts .NET assemblies i>.
Gargoyle - A tool that uses PEB obfuscat>.
AMSI.fail - An online tool to generate PowerShell scripts th>.
Amsi-Bypass-Powershell - >.
UAC-bypass - A collection of methods for bypa>.
SysWhispers2 - A tool to generate s>.
Hell's Gate - A PoC for bypassing EDR usin>.
SharpBlock - A tool to block EDR from >.
Invisibility-Cloak - Encodes a PowerSh>.
Unhooking-Patching-EDR-Bypass
Reflective-DLL-Injection - >.
Process-Injection - A colle>.
Process-Hollowing - A PoC for the >.
Phantom-Evasion - An antivirus evasi>.
Veil-Framework - Generates Metasploit pa>.
The-Backdoor-Factory - P>.
Al-Khaser - A PoC for anti-debuggin>.
Vba-obfuscator - A VBA macro obfusc>.
Evil-Office - An Office document encry>.
DKMC (Don't Kill My Cat) - A shellcode obfu>.
Nim-Shellcode-Loader - A shellcod>.
Freeze - A payload toolkit that uses various te>.

4.17 Binary Modification & Repackaging

Awesome Reverse Engineering - A curated list of resources, frameworks, and tools for reverse engineering.
Ghidra - A software reverse engineering (SRE) framework developed by the National Security Agency (NSA).
Radare2 - A Unix-like reverse engineering framework and command-line toolset.
x64dbg - An open-source x64/x32 debugger for Windows.
Apktool - A tool for reverse engineering Android APK files, allowing for modification and repackaging.

4.18 Weaponization & Tooling

Metasploit's msfvenom
Macro-Pack - A tool for automatically generating>.
Unicorn - A tool for PowerShell downgrade attack>.
HTA-Attack - Unicorn can >.
Social-Engineer-Toolkit (SET) - >.
Certutil-Payloads - Using c>.
PowerShell-Armory - PowerShell weaponizatio>.
Malicious-Macro-Generator - A m>.
GadgetToJScript - Generates .NET deserializ>.
CACTUSTORCH - VBScript and JScript fo>.
SharpShooter - A payload creation fr>.
DotNetToJScript - A tool to convert .NET as>.

4.19 Internal Network Security

Internal-Pentest-Playbook - A practical playbook for internal penetration testing, covering various techniques and strategies.

4.20 Persistence Techniques

Awesome-Persistence - A resource list>.
Atomic Red Team - A library of small, p>.
SharpPersist - A .NET assembly for implementin>.
Persistence-Sniper - A PowerShell scri>.
Python-for-Red-Teaming - Python to>.
Schtasks-persistence - Persistence usin>.
WMI-Persistence
Registry-RunKeys-Persistence - Persiste>.
DLL-Hijacking - DLL Hijacking Hunter.
COM-Hijacking - A .NET tool for viewing and d>.
Powershell-Persistence-Cookbook

4.21 Red Team & APT Operations

4.21.1 Comprehensive Awesome Lists & Resource Libraries

Awesome Red Teaming - The most comprehensive list of red teaming resources, covering all phases.
Awesome C2 (Command and Control) - The authoritative list of C2 frameworks, projects, and resources.
Awesome Evasion - A resource list focused on evasion and bypass techniques.
Awesome-Cobalt-Strike - Cobalt Strike related resources, plugins, and tools.
Red Teaming Toolkit - A red team operations toolkit.
MITRE ATT&CK® - The navigator for the MITRE ATT&CK framework, the common language for red and blue teams.
APT-Notes - A collection of publicly available APT (Advanced Persistent Threat) reports and documents over the years.
Red-Team-Infrastructure-Wiki - A wiki for building red team infrastructure.
Red-Team-Tips - A collection of red team tips.
The-Red-Team-Tool-Kit - Red team toolkit scripts.
Awesome-APT-Reports - A collection of APT reports.
Tradecraft - A red teamer's guide to GPO and OPSEC.
RedTeam-Techniques - Red team tactics and techniques.
Adversary Emulation Library - A library of adversary emulation plans.

4.21.2 Command and Control (C2) Frameworks

Cobalt Strike - The commercial benchmark C2 framework for red team operations and adversary simulation.
Metasploit Framework - A classic open-source penetration testing framework with C2 capabilities.
Sliver - A cross-platform, open-source C2 framework written in Go, considered a strong alternative to Cobalt Strike.
Covenant - A C2 framework with a web interface, written in .NET.
Havoc - A modern, extensible post-exploitation C2 framework.
Brute Ratel C4 - A commercial C2 framework known for its powerful evasion capabilities.
Mythic - A cross-platform, web-based C2 framework written in Go, supporting multiple agents.
PoshC2 - A C2 framework written entirely in PowerShell.
Merlin - A cross-platform post-exploitation tool written in Go that uses HTTP/2 for C2 communication.
Starkiller - A graphical front-end for Empire.
SILENTTRINITY - An asynchronous C2 using IronPython and the .NET DLR.
Koadic - A Windows JScript / VBScript C2.
Quasar - An open-source remote administration tool (RAT) written in C#.
AsyncRAT - An open-source remote access trojan written in C#.
DeimosC2 - A C2 written in Go.
GoPhish - An open-source phishing framework, often used for initial access.
Evilginx2 - A man-in-the-middle attack framework for phishing credentials and session hijacking.

4.21.3 Internal Network Security (Lateral Movement)

Invoke-TheHash - A PowerShell Pass-the-Hash attack tool.
KrbRelayUp - A universal Kerberos relaying privilege escalation tool.
SharpExec - A lateral movement toolset written in .NET.
Go-psexec - A Go language implementation of PsExec.
SSH-Lateral-Movement - SSH pivoting and tunneling techniques.
Plink - The command-line interface for PuTTY, can be used for tunneling and proxying.
Chisel - A fast TCP/UDP tunnel, transported over HTTP, written in Go.
Ligolo-ng - An advanced, simple, and fast tunneling/pivoting tool that uses a TUN/TAP interface.
Pivotnacci - A tool to perform network scanning through a socks4 proxy.
Ssh-mitm - An SSH man-in-the-middle server.
Evil-WinRM - The ultimate WinRM shell.
PsExec - The official PsExec from Microsoft.

4.21.4 APT Reports & Adversary Emulation

APT-Simulator - A Windows batch script to simulate APT attack behaviors.
Red-Team-Automation (RTA) - Provides a script framework for simulating malicious behavior.
Caldera - MITRE's automated adversary emulation system.
FlightSim - A tool for generating and executing adversary emulation scenarios.
Invoke-Adversary - A PowerShell script to simulate adversary techniques.
APT-Hunter - A threat hunting tool for detecting APT activity.
APT-Group-Paper - Materials on APT groups and operations.
MITRE-ATTACK-scripts - Scripts related to MITRE ATT&CK.
FireEye-Threat-Research - Threat research reports from FireEye/Mandiant.
Kaspersky-APT-Reports - APT reports from Kaspersky.
CrowdStrike-Adversary-Reports - Adversary reports from CrowdStrike.
Talos-Threat-Research - The threat research blog of Cisco Talos.

4.22 Incident Response – Basic

Awesome Cybersecurity Blue Team - The most comprehensive list of blue team resources, covering all aspects.
Awesome Incident Response - A list of tools and resources focused on incident response.
Awesome Threat Intelligence - Threat intelligence resources, a key input for blue teams.
Awesome Threat Detection - Threat detection techniques and resources.
Awesome Forensics - Digital forensics tools and resources.
Awesome-Honeypots - Honeypot resources for deceiving and capturing attackers.
Blue-Team-Tools - A collection of blue team tools.
Blue Team Field Manual (BTFM) - The SANS Blue Team Field Manual.
The-Hunters-Handbook - The Threat Hunter's Handbook.
Incident-Response-Plan-template - The SANS Incident Response Plan Template.
Awesome-Security-Hardening - Security hardening resources.
Awesome-YARA - YARA rules, tools, and resources.
Awesome-PCAP - PCAP analysis tools.
Security-Playbooks - Incident response playbooks.
Awesome-SOAR - Resources for SOAR (Security Orchestration, Automation, and Response) platforms.
Elastic Stack (ELK) - The combination of Elasticsearch, Logstash, and Kibana, a powerful log analysis and SIEM solution.
Graylog - An open-source log management platform.
Splunk - The commercial leader in log management and data analytics.
TheHive - A scalable, open-source, and free security incident response platform.
Shuffle - An open-source SOAR platform.
Fluentd - An open-source data collector for a unified logging layer.
Log-MD - A Windows log analysis tool.
Sigma - A generic and open signature format for SIEM systems.
ElastAlert - A tool for alerting on anomalies, spikes, or other patterns in data in Elasticsearch.
StreamAlert - A real-time data analysis and alerting framework from Airbnb.
OpenCTI - An open-source threat intelligence platform.
MISP (Malware Information Sharing Platform) - An open-source threat intelligence sharing platform.
Loki - A system from Grafana, similar to Prometheus but for logs.
Vector - A high-performance observability data pipeline.
GoAccess - A real-time web log analyzer and interactive viewer.
Log-Dissector - A log analysis and event correlation tool.
Sysmon - Microsoft's official advanced Windows system monitoring tool.
Sysmon-modular - Modular Sysmon configuration files.
Velociraptor - An advanced digital forensics and incident response tool.
Osquery - Treats an operating system as a high-performance relational database, allowing queries with SQL.
GRR Rapid Response - A remote live forensics framework from Google.
Loki (Simple IOC Scanner) - A simple IOC (Indicators of Compromise) scanner.
ClamAV - An open-source antivirus engine.
Linux-Process-Monitor - Firejail, a SUID program sandbox using Linux namespaces and seccomp-bpf.
ProcMon-for-Linux - The Linux version of Microsoft's ProcMon.
Autoruns - Microsoft's official tool for checking Windows startup items.
OSSEC-Rules - The official rules for OSSEC.
Zeek (formerly Bro) - A powerful network analysis framework, also useful for host event analysis.
LimaCharlie - Security middleware that provides EDR functionality.

4.23 Incident Response – Advanced

4.23.1 Network Intrusion Detection & Monitoring (NIDS / NSM)

Snort - A famous open-source Network Intrusion Prevention System (NIPS) and Network Intrusion Detection System (NIDS).
Suricata - A high-performance Network IDS, IPS, and Network Security Monitoring engine.
Wireshark - The most popular network protocol analyzer.
Tshark - The command-line version of Wireshark.
Tcpdump - A powerful command-line network packet capture tool.
Moloch / Arkime - An open-source, large-scale full packet capture, indexing, and database system.
Stenographer - A full packet capture tool from Google.
Ntopng - A network traffic probe and analyzer.
Security-Onion - A free and open-source Linux distribution for threat hunting, network security monitoring, and log management.
Malcolm - A powerful, easy-to-deploy network traffic analysis tool suite.
Nfsen - A NetFlow analysis tool.
Awesome-PCAP-Analysis - Haka, an open-source security monitoring language.
Network-Miner - An open-source Network Forensic Analysis Tool (NFAT).
Sguil - A GUI for network security analysis.
PF_RING - A high-speed packet capture library.
DPDK - The Data Plane Development Kit for fast packet processing.

4.23.2 Digital Forensics & Memory Analysis

The Volatility Framework - The leading open-source memory forensics framework (Volatility 2).
Volatility3 - The next generation of Volatility.
Autopsy - A graphical interface for The Sleuth Kit, a digital forensics platform.
The Sleuth Kit - A library of command-line tools for analyzing disk images and recovering files.
Plaso / log2timeline - Extracts timestamps from various sources and merges them into a single timeline.
LiME (Linux Memory Extractor) - A loadable kernel module for acquiring memory images from Linux and Android devices.
Redline - A free host investigation tool from FireEye/Mandiant.
Bulk_extractor - A fast, parallel, and extensible feature scanner.
Forensic-Tools - Forensic tools from Sandfly Security.
Timesketch - An open-source tool for collaborative forensic timeline analysis.
Kansa - A modular incident response framework written in PowerShell.
AVML (Acquire Volatile Memory for Linux) - A Linux memory acquisition tool from Microsoft.
DumpIt - A Windows memory acquisition tool.
Magnet RAM Capture - A free Windows memory acquisition tool.
FTK Imager - A free data preview and imaging tool.
Eric Zimmerman's Tools - A series of excellent Windows forensics tools.
DFIR-Cheat-Sheets - SANS DFIR cheatsheets.
Awesome-Forensics-Resources - Another list of digital forensics resources.
DFIR-Training - A DFIR training resource website.

4.23.3 Threat Hunting & Adversary Emulation

Threat-Hunter-Playbook - A playbook that maps ATT&CK techniques to various data sources and analysis methods.
HELK (Hunting ELK Stack) - A threat hunting ELK stack with advanced analysis capabilities.
DeepBlueCLI - Threat hunting in Windows event logs using PowerShell.
Chainsaw - A tool for rapidly searching and extracting records from Windows event logs.
Hayabusa - A fast forensic timeline generator for Windows event logs, written in Go.
VECTR - A tool for tracking red and blue team activities.
Detection-Rules - Detection rules for Elastic Security.
Splunk-Security-Content - Analytic stories, searches, dashboards, etc., for Splunk security content.
Yara-Rules - An open-source collection of YARA rules.
Florian-Roth-Sigma-Rules - Florian Roth's Sigma rules.
ThreatHunting - The Threat Hunting Project.
Invoke-ThreatIntel - A threat intelligence module for PowerShell.

4.23.4 Security Hardening & Compliance

OpenSCAP - An open-source toolset that implements the SCAP (Security Content Automation Protocol) standard.
CIS-Benchmarks - Industry-recognized security configuration baselines.
InSpec - An open-source testing, auditing, and compliance framework.
Dev-Sec-Hardening-Framework - Operating system hardening using Ansible.
Windows-Hardening - Windows 10 hardening scripts.
Awesome-Security-Policy - Security policy templates and resources.

4.24 Binary Reverse Engineering

Awesome Malware Analysis - The authoritative list of malware analysis tools and resources.
Reverse-Engineering-Tutorials - Reverse engineering tutorials.
Malware-Analysis-Training - Malware analysis training materials.
The-Art-of-Reversing - The Art of Reversing.
Reverse-Engineering-for-Beginners - A free book for beginners.
Malware-Source-Code - A large collection of malware source code from VX-Underground.
Awesome-Firmware-Security - Firmware security and reversing resources.
RE-for-beginners - A website for getting started with reverse engineering.
IDA Pro - The industry standard for interactive disassemblers, extremely powerful.
Binary Ninja - A modern, programmable binary analysis platform.
Cutter - A graphical interface for Radare2.
Rizin - A fork of Radare2, focusing on usability and community.
Hopper Disassembler - A disassembler/decompiler for macOS and Linux.
Bytecode-Viewer - A Java 8 bytecode viewer, decompiler, editor, and more.
Objdump - Part of GNU Binutils, used to display information from binary files.
Capstone Engine - A lightweight multi-platform, multi-architecture disassembly framework.
RetDec - A retargetable machine-code decompiler from Avast.
WinDbg - The official Windows debugger from Microsoft.
GDB (GNU Debugger) - The standard debugger for the GNU project.
Immunity Debugger - A debugger designed for exploit development and malware analysis.
OllyDbg - A classic 32-bit assembly-level analyzing debugger for Windows.
LLDB - The next-generation high-performance debugger from the LLVM project.
ScyllaHide - An anti-anti-debugging plugin for x64dbg.
Cuckoo Sandbox - The leading open-source automated malware analysis system.
CAPE Sandbox - A fork of Cuckoo, focusing on configuration extraction and malware feature detection.
Any.run - An interactive online malware analysis sandbox.
Hybrid-Analysis - A free malware analysis service from CrowdStrike.
INetSim - A suite for simulating common internet services to analyze the network behavior of malware in a lab environment.
Fakenet-NG - The next-generation dynamic network analysis tool from FireEye.
ProcMon (Process Monitor) - Microsoft's official advanced monitoring tool for Windows, showing real-time file system, Registry, and process/thread activity.
Regshot - An open-source registry comparison tool for analyzing malware modifications to the registry.
Unicorn Engine - A lightweight multi-platform, multi-architecture CPU emulator framework.
YARA - The "pattern matching Swiss army knife" for identifying and classifying malware samples.
FLOSS (FireEye Labs Obfuscated String Solver) - Automatically extracts obfuscated strings from malware binaries.
Oletools - A set of Python tools for analyzing MS OLE2 files (like Word, Excel).
De4dot - A .NET deobfuscator and unpacker.
UnpacMe - An automated online unpacking service.
NoMoreXOR - A tool to guess 256-byte XOR keys.
XORSearch - Searches for XOR, ROL, or SHIFT encoded strings in a file.
FLARE-VM - A Windows virtual machine configuration script for malware analysis from FireEye.
REMnux - A Linux distribution for reverse engineering and malware analysis.
MalwareBazaar - The malware sample exchange platform from abuse.ch.
VirusTotal - A service that analyzes files and URLs for malicious content.
TheZoo - A repository containing a large number of malware samples.
Malshare - A free malware sample repository.
Unit42-Paloalto - The blog of Palo Alto Networks' threat intelligence team.

4.25 Device & Infrastructure Deployment

This section covers the deployment and management of infrastructure for both offensive (Red Team) and defensive (Blue Team) operations. It includes tools for automation, secure configuration, and operational security (OPSEC) to ensure that your tools and systems are effective and resilient.

4.25.1 Comprehensive Awesome Lists & Resource Libraries

4.25.2 Automation & Infrastructure as Code (IaC)

4.25.2.1 Core Tools

Terraform - The industry standard for building, changing, and versioning infrastructure safely and efficiently across multiple cloud providers.
Ansible - An open-source automation tool for configuration management, application deployment, and task automation. It's agentless and uses YAML.
Packer - A tool from HashiCorp for creating identical machine images (like AMIs, Docker images, etc.) for multiple platforms from a single source configuration.
Pulumi - An IaC platform that allows you to use familiar programming languages (like Python, Go, TypeScript) to provision cloud infrastructure.

4.25.2.2 Deployment Scripts & Frameworks

Red Baron - A set of Terraform and Ansible scripts to automate the deployment of a Red Team infrastructure in AWS.
Automated Red Team Infrastructure - Scripts for deploying a ready-to-use Red Team infrastructure.
T-Pot - A multi-honeypot platform that is deployed via a simple installation script, automating the setup of a complex defensive deception environment.

4.25.3 Red Team Infrastructure & C2 Redirectors

4.25.3.1 Domain & Redirector Management

CatMyFish - A tool for searching for categorized domains to bypass corporate filters.
Modlishka - A flexible and powerful reverse proxy, often used as a redirector for phishing campaigns. It can handle 2FA.
Nginx / Apache mod_rewrite - Using standard web servers as redirectors is a fundamental technique. mod_rewrite allows for sophisticated rule-based redirection to hide C2 servers.

4.25.3.2 C2 Infrastructure Deployment

Cobalt Strike - Malleable C2 Profiles - A core part of deploying Cobalt Strike is customizing its network traffic profile to blend in with normal traffic.
C2-Infra-Automated - A script to automate the setup of a C2 infrastructure with redirectors.
cs-ansible - An Ansible playbook for deploying a Cobalt Strike Team Server.
sliver-ansible - An Ansible playbook for deploying the Sliver C2 framework.

4.25.3.3 Operational Security (OPSEC) for Infrastructure

IP-Rotator - Scripts to rotate egress IP addresses using VPNs, making attribution harder.
Let's Encrypt - A free, automated, and open certificate authority. Using valid SSL/TLS certificates is a basic OPSEC requirement for C2 and phishing infrastructure.
Cloud-init - A standard for customizing cloud instances at boot time, useful for securely configuring servers on first launch (e.g., setting firewall rules, installing tools).

4.25.4 Blue Team & Defensive Device Deployment

4.25.4.1 SIEM & Log Management Deployment

Wazuh - Deployment Guide - Official documentation for deploying Wazuh in various configurations (all-in-one, distributed).
Elastic Stack - Deploying the Stack - Official guides for deploying Elasticsearch, Logstash, and Kibana.
Graylog - Installation Guide - Official documentation for installing Graylog.

4.25.4.2 NIDS/HIDS & Sensor Deployment

Security Onion - Installation Guide - The official guide for deploying the Security Onion platform, which includes a fleet of sensors.
Osquery - Deployment Guide - Guides for deploying and managing osquery agents across a fleet of hosts, often using tools like FleetDM or Uptycs.

4.25.4.3 Honeypot Deployment

T-Pot-Autoinstall - T-Pot's automated installation process, which makes deploying a complex honeypot network incredibly simple.
MHN (Modern Honey Network) - Provides a centralized server and simple deployment scripts to deploy and manage honeypots like Cowrie, Dionaea, etc.

4.25.5 Cloud-Based Infrastructure

4.25.5.1 General Cloud Tools

AWS CLI / Azure CLI / gcloud CLI - The official command-line interfaces for the major cloud providers are essential for scripting and automating any infrastructure deployment.
CloudFormation / Azure Resource Manager / Google Cloud Deployment Manager - The native IaC services for each major cloud provider.

4.25.5.2 Serverless for Red Team

Serverless C2 - Using serverless functions (like AWS Lambda) and cloud storage (like S3) to host C2 infrastructure, making it harder to take down.
Lambda-based Redirectors - A guide on using AWS Lambda and API Gateway to create resilient and hard-to-trace C2 redirectors.

4.26 Traffic Analysis

This section covers the tools, techniques, and platforms for capturing, parsing, and analyzing network traffic. It is a fundamental skill for network defense, incident response, threat hunting, and verifying red team operations.

4.26.1 Comprehensive Awesome Lists & Resource Libraries

Awesome-Zeek - A curated list of resources for Zeek (formerly Bro), a powerful network analysis framework.
Awesome-Suricata - A list of awesome things related to Suricata, the high-performance NIDS/IPS.

4.26.2 Packet Capture & Protocol Analysis

4.26.2.1 Core Tools

ngrep (network grep) - A tool that applies the grep concept to network traffic, allowing you to match patterns in the payload of packets.

4.26.2.2 Specialized Capture Tools

Termshark - A terminal-based UI for Tshark, bringing a Wireshark-like experience to the command line.

4.26.3 Network Security Monitoring (NSM) & Intrusion Detection (NIDS)

4.26.3.1 Frameworks & Engines

Suricata - A high-performance, open-source Network IDS, IPS, and Network Security Monitoring engine. It uses signatures (rules) but can also generate protocol logs similar to Zeek.

4.26.3.2 Integrated Platforms

4.26.4 Traffic Analysis & Visualization Tools

4.26.4.1 Flow Analysis

SiLK (System for Internet-Level Knowledge) - A collection of tools for large-scale NetFlow analysis, developed by the CERT/CC.

4.26.4.2 PCAP Analysis & Manipulation

Brim - A desktop application that processes PCAP files with Zeek and allows you to search the resulting logs with the Zed query language.
Scapy - A powerful Python-based interactive packet manipulation program. It can forge or decode packets of a wide number of protocols, send them on the wire, capture them, and more. Essential for testing and custom analysis.
CapTipper - A tool to analyze, explore, and revive HTTP malicious traffic. It's particularly useful for analyzing traffic from exploit kits.

4.26.4.3 Visualization

EtherApe - A graphical network monitor for Unix, which displays network activity graphically.
AfterGlow - A collection of scripts for generating link-graph visualizations from log data.

4.26.5 Encrypted Traffic Analysis

4.26.5.1 TLS/SSL Decryption & Analysis

PolarProxy - A transparent SSL/TLS proxy that decrypts and re-encrypts TLS traffic while saving the decrypted traffic to a PCAP file.
Wireshark (with SSL Key Log File) - Browsers can be configured to log TLS session keys, which can then be loaded into Wireshark to decrypt captured traffic.

4.26.5.2 Encrypted Traffic Metadata Analysis

JA3/JA3S - A method for creating SSL/TLS client and server fingerprints, which can be used to identify specific malware or applications even without decryption.
Mercury - A tool for fingerprinting network traffic, including TLS, SSH, and other protocols, to identify applications and threats.
Joy - A package for capturing and analyzing network flow data and intra-flow data, for use in network security monitoring and forensics.

4.27 Rule & Signature Development

This section is dedicated to the art and science of writing rules, signatures, and templates for various security tools. Effective rule development is crucial for threat detection, vulnerability scanning, and automating security checks.

4.27.1 Comprehensive Awesome Lists & Resource Libraries

Awesome-Sigma - A curated list of resources for the Sigma detection rule format.

4.27.2 Malware & Threat Detection Rules (YARA)

4.27.2.1 Core Resources

YARA Official Documentation - The official source for YARA's syntax, modules, and usage.
Florian Roth's Signature-Base - A massive collection of detection signatures, including a large set of high-quality YARA rules.

4.27.2.2 Rule Writing & Testing Tools

Yaralyzer - A tool to analyze YARA rules and identify potential issues or optimizations.
Yara-Validator - A tool for validating YARA rules against a set of goodware/malware samples.
YaraGenerator - A tool to automatically generate YARA rules from malware samples.

4.27.2.3 Learning & Best Practices

Writing YARA Rules - A great introductory video by Florian Roth.
YARA Rule Writing Best Practices - A blog post outlining best practices for creating effective and performant rules.
YARA in a Nutshell - A concise guide from VirusTotal.

4.27.3 SIEM & Log-Based Detection Rules (Sigma)

4.27.3.1 Core Resources

Sigma Official Website - Provides an overview and documentation for the Sigma format.

4.27.3.2 Rule Writing & Conversion Tools

Sigmac - The official Sigma rule compiler, which converts Sigma rules into queries for various SIEM systems (Splunk, Elasticsearch, QRadar, etc.).
Uncoder.io - An online tool for converting Sigma rules to different SIEM/EDR query languages.
Sigma-Rule-Converter - Another tool for converting Sigma rules.

4.27.3.3 Learning & Best Practices

How to Write Sigma Rules - The official guide for creating Sigma rules.
Sigma Rule Writing Cheatsheet - A handy cheatsheet for Sigma syntax and fields.

4.27.4 Vulnerability & Exposure Scanning Rules (Nuclei)

4.27.4.1 Core Resources

Nuclei Templates Guide - The official and comprehensive guide to writing Nuclei templates.
ProjectDiscovery/nuclei-templates - The official community-contributed template repository. A great place to learn by example.

4.27.4.2 Template Writing & Testing Tools

Nuclei CLI - The Nuclei engine itself is the primary tool for testing and validating templates (-validate flag).
VS Code Extension for Nuclei - Provides syntax highlighting and autocompletion for Nuclei templates.

4.27.4.3 Learning & Best Practices

Writing Your First Nuclei Template - A beginner-friendly blog post.
Nuclei Template Deep Dive - A video that goes into the details of template creation.

4.27.5 Static Code Analysis Rules (Semgrep)

4.27.5.1 Core Resources

Semgrep Official Documentation - The official documentation, including tutorials and rule syntax.
Semgrep Registry - A public repository of thousands of rules for various languages and frameworks, perfect for learning.

4.27.5.2 Rule Writing & Testing Tools

Semgrep Playground - An interactive online editor for writing and testing Semgrep rules against code snippets in real-time.

4.27.5.3 Learning & Best Practices

Semgrep Rule Writing Tutorial - The official step-by-step guide to writing rules.
Trail of Bits - Semgrep Rules - High-quality rules from a reputable security company.
Automating vulnerability discovery with Semgrep - A presentation on how to leverage Semgrep for security.

4.27.6 Network Intrusion Detection Rules (Snort/Suricata)

4.27.6.1 Core Resources

Snort Official Documentation - Official guides for writing Snort 2 and Snort 3 rules.
Suricata Official Documentation - Official guide for Suricata rule syntax and keywords.
ET Open Ruleset - The Emerging Threats Open ruleset, a widely used, free, and open-source set of Snort and Suricata rules.

4.27.6.2 Rule Writing & Testing Tools

PulledPork - A popular tool for managing and updating Snort and Suricata rules.
VRT (Vulnerability Research Team) Rules - The official rule set from the creators of Snort (requires subscription for real-time updates).

4.27.6.3 Learning & Best Practices

Writing Good Snort Rules - A SANS blog post on best practices.
Suricata Rule Writing Guide - A video tutorial on writing Suricata rules.

4.28 Attribution & Counter-Operations

This section focuses on the techniques and tools used to trace the origin of attacks (attribution) and to actively deceive, delay, or gather intelligence on attackers (counter-operations).

4.28.1 Comprehensive Awesome Lists & Resource Libraries

MITRE ATT&CK® - Understanding adversary TTPs (Tactics, Techniques, and Procedures) is the first step in attribution.
MITRE Shield - An active defense knowledge base that provides techniques for counter-operations and deception.
The Art of Deception - Resources on deception techniques in cybersecurity.

4.28.2 Attribution & Threat Actor Tracking

Recorded Future - A commercial threat intelligence platform that provides extensive data for attribution.
Shodan - A search engine for Internet-connected devices, useful for mapping adversary infrastructure.
Censys - Another platform for discovering and monitoring internet-facing hosts and services.
ZoomEye - A cyberspace search engine from Knownsec, often used for infrastructure analysis.
PassiveTotal - (Now part of RiskIQ/Microsoft) A threat investigation platform that aggregates passive DNS and other data.
DomainTools - Provides extensive domain and DNS profile information for investigating infrastructure.
VirusTotal Graph - Visualizes relationships between files, domains, IPs, and other artifacts to uncover attacker campaigns.
YETI (Your Everyday Threat Intelligence) - An open-source, feed-driven threat intelligence platform.

4.28.3 Honeypots & Deception (Counter-Operations)

4.28.3.1 Low-Interaction Honeypots

Cowrie - A medium- to high-interaction SSH and Telnet honeypot designed to log brute force attacks and shell interaction.
Dionaea - A low-interaction honeypot designed to trap malware by emulating services offered by a Windows system.
Honeytrap - A low-interaction honeypot that can be configured to mimic a wide range of services.

4.28.3.2 High-Interaction Honeypots

Honeywell - A high-interaction ICS/SCADA honeypot.
Conpot - A low-interaction, server-side Industrial Control Systems (ICS) honeypot.

4.28.3.3 Web & Application Honeypots

Wordpot - A WordPress honeypot.
Elasticpot - An Elasticsearch honeypot.
CanaryTokens - A free tool to create "tripwires" (e.g., fake URLs, files, API keys) that alert you when they are accessed.

4.28.3.4 Deception Frameworks

Deception Toolkit (DTK) - A classic toolkit for creating deception networks.

4.28.4 Counter-Analysis & Anti-Reversing

Pafish (Paranoid Fish) - A demonstration tool that uses several techniques to detect sandboxes and analysis environments.
Threat-Intelligence-Hunter - A tool to investigate domains and IPs to determine if they are malicious.

4.29 SRC Programs

This section covers resources, tools, and methodologies specifically for participating in Security Response Centers (SRCs) and Bug Bounty Programs.

4.29.1 Comprehensive Awesome Lists & Learning Resources

Bug Bounty Reference - A list of references for bug bounty hunters.
The Bug Hunter's Methodology - A series of videos by "The Cyber Mentor" covering bug hunting methodology.

4.29.2 Major Platforms & Program Lists

HackerOne - One of the largest bug bounty and vulnerability disclosure platforms.
Bugcrowd - A major crowdsourced security platform offering bug bounty programs.
Intigriti - A European bug bounty platform known for its quality programs and community engagement.
YesWeHack - Another leading European bug bounty platform.
Synack - A private, vetted crowdsourced security platform that includes bug bounty and pentesting.
Open Bug Bounty - A platform for coordinated, non-intrusive vulnerability disclosure.
FireBounty - An aggregator of bug bounty programs from various platforms.

4.29.3 Specialized Tools for SRC/Bug Bounty

4.29.3.1 Reconnaissance Automation

4.29.3.2 Live Host & Web Technology Discovery

4.29.3.3 Vulnerability Discovery

4.29.3.4 Data Handling & Workflow

4.29.4 Methodology & Report Writing

How to write a good vulnerability report - Guidance from HackerOne on writing effective reports.
Vulnerability-Report-Templates - A collection of templates for writing vulnerability reports.
Business Logic Vulnerabilities - Resources focused on finding business logic flaws, which are often high-impact in SRC programs.
Public-Bug-Bounty-Reports - A repository of publicly disclosed bug bounty reports for learning and inspiration.

4.30 CTF Resources

4.30.1 Comprehensive Awesome Lists & Resource Libraries

Awesome CTF - The most comprehensive list of CTF resources, covering platforms, tools, writeups, etc.
CTF-Tools - A collection of CTF tools with clear categorization.
CTF-All-In-One - A CTF knowledge base, including various types of problems and solutions.
CTF-Wiki - A free and open CTF knowledge base that systematically introduces knowledge in various CTF directions.
CTF-Resources - A collection of CTF resources, including getting started guides and tools.
Hacker-Roadmap - A learning roadmap to become a hacker.

4.30.2 CTF Platforms & Practice Labs

4.30.2.1 Comprehensive Platforms

Hack The Box - One of the most famous online penetration testing lab platforms.
TryHackMe - A very beginner-friendly, gamified online cybersecurity learning platform.
VulnHub - Provides a large number of downloadable virtual machine images with vulnerabilities.
CTFtime - A global CTF event calendar and team ranking.
PicoCTF - A free CTF platform for beginners, hosted by CMU.
Root-me - Offers over 400 cybersecurity challenges.
Hacker101 - A free web security course and CTF from HackerOne.
OverTheWire - Learn security concepts through wargames.
PentesterLab - Provides web penetration testing exercises from beginner to advanced levels.
CTFd - A popular, open-source framework for building CTF competition platforms.

4.30.2.2 Web Security

Juice Shop - A modern vulnerable web application for practice from OWASP.
WebGoat - A J2EE vulnerable web application for practice from OWASP.
bWAPP - An intentionally insecure web application with over 100 vulnerabilities.
XSS-Game - An XSS challenge game from Google.

4.30.2.3 Pwn / Binary

Pwnable.kr - Provides various pwn challenges.
Pwnable.tw - A pwn challenge platform from Taiwan.
ROP Emporium - Challenges for learning ROP (Return-Oriented Programming) techniques.
How2Heap - A tutorial and examples for learning heap exploitation.
Microcorruption - An embedded security CTF, reversing a lock.

4.30.2.4 Reverse Engineering & Malware

Crackmes.one - A platform for sharing Crackmes (programs to be cracked).
Reversing.kr - Reverse engineering challenges.
Flare-On Challenge - An annual reverse engineering challenge hosted by FireEye/Mandiant.

4.30.2.5 Cloud Security

4.30.2.6 Others

4.30.3 CTF Tools

4.30.3.1 Pwn

Pwntools - A CTF framework and exploit development library, essential for pwners.
One-gadget - Finds execve gadgets in glibc.
Libc-database - Collects different versions of libc for calculating offsets.

4.30.3.2 Web

4.30.3.3 Reverse Engineering (RE)

Angr - A powerful binary analysis platform, excelling at symbolic execution.

4.30.3.4 Cryptography (Crypto)

CyberChef - The "Cyber Swiss Army Knife" from GCHQ for various encoding, encryption, compression, and data analysis tasks.
FeatherDuster - An automated cryptanalysis tool.
Rsactftool - An attack tool for weak RSA keys.
Hash-Identifier - A hash type identification tool.

4.30.3.5 Steganography (Stego) & Forensics

Stegsolve - A classic image steganography analysis tool.
Zsteg - A steganography detection tool for PNG and BMP files.
Foremost - A file recovery tool.
Binwalk - A firmware analysis and extraction tool, also often used for file analysis.
ExifTool - A tool for reading, writing, and editing metadata in a wide variety of files.

4.30.3.6 Comprehensive & Others

Z3 - An SMT solver from Microsoft Research, often used in pwn and reverse engineering.

4.30.4 Writeups & Learning Resources

CTFtime.org/writeups - A collection of writeups on CTFtime.
LiveOverflow - A famous security education YouTube channel with a lot of CTF and low-level knowledge.
John Hammond - Another excellent YouTube channel for CTF and cybersecurity.
Pwn.college - A program security course from Arizona State University.
Modern Binary Exploitation - The Modern Binary Exploitation course from RPISEC.
Nightmare - An introductory course on binary exploitation.
CryptoHack - Learn modern cryptography through a series of fun challenges.
Trail of Bits Blog - The blog of Trail of Bits, with many high-quality technical articles.
DEF CON CTF Archives - The official archive of DEF CON CTF.

5. Artificial Intelligence & Data Science

5.1 5.1 Comprehensive Awesome Lists & Repositories

Awesome Machine Learning - A comprehensive list of machine learning frameworks, libraries, and software.
Awesome Deep Learning - A collection of deep learning tutorials, projects, and communities.
Awesome Data Science - Resources for data science, including courses, blogs, datasets, and more.
Awesome LLM - Authoritative list of resources for Large Language Models (LLM).
Awesome AI Agents - Resources for AI agents.
Awesome Generative AI - Curated list of generative AI tools and applications.
Awesome MLOps - Collection of MLOps platforms, tools, and resources.
Awesome Data Engineering - Tools and resources for data engineering.
Awesome AI Security - AI security resources, covering attacks and defenses.
AI Expert Roadmap - Learning roadmap to become an AI expert.
Data Science Cheatsheet - Cheatsheets for data science concepts.
Deep Learning Drizzle - Collection of deep learning resources.
Hugging Face - AI community providing models, datasets, and tools.

5.2 5.2 Machine Learning & Deep Learning Frameworks

TensorFlow - End-to-end open-source machine learning platform by Google.
PyTorch - Open-source ML framework by Meta, known for flexibility and dynamic computation.
Keras - High-level neural networks API, compatible with TensorFlow, PyTorch, and more.
scikit-learn - Popular library for classical ML in Python.
JAX - High-performance numerical computing library from Google, NumPy compatible.
MXNet - Deep learning framework by Apache.
Caffe - Deep learning framework developed by Berkeley AI Research.
Theano - Historical Python library for deep learning (no longer maintained).
ONNX - Open format for representing deep learning models.
Deeplearning4j - Distributed deep learning library for JVM.
Fastai - High-level deep learning library based on PyTorch.
Chainer - Flexible neural network framework (now largely merged with PyTorch).
PaddlePaddle - Open-source deep learning platform by Baidu.
TFLearn - Modular deep learning library built on TensorFlow.
Sonnet - Neural network library by DeepMind, built on TensorFlow.

5.3 5.3 Large Language Models (LLM) & AIGC

n8n - Open-source workflow automation with AI nodes.
Langflow - Visual builder for designing and deploying LLM applications.
DeepSeek-V3 - One of the most powerful open-source LLMs currently.
Dify - Production-grade LLM development platform.
Ollama - Tool to run LLMs locally with ease.
RAGFlow - Next-gen RAG engine based on deep document understanding.
vLLM - High-throughput, memory-efficient LLM inference library.
OpenHands - Open-source AI software engineer agents.
LangChain - Framework to build applications powered by language models.
LlamaIndex - Connects LLMs with external data.
Transformers - Hugging Face library with thousands of pre-trained models for NLP, NLU, and NLG.
Stable Diffusion - Open-source text-to-image generation model.
Stable Diffusion WebUI - Browser interface for Stable Diffusion.
Whisper - OpenAI’s universal speech recognition model.
LLaMA - Foundation LLM by Meta AI.
Alpaca - Instruction-tuned model based on LLaMA.
Vicuna - LLaMA-based, ChatGPT-level open-source chat model.
Oobabooga Text Generation WebUI - Gradio Web UI for running LLMs.
PrivateGPT - Local, offline interaction with documents.
Auto-GPT - Experimental autonomous GPT-4 project.
AgentGPT - Assemble, configure, and deploy autonomous AI agents in-browser.
Awesome Prompt Engineering - Resources for prompt engineering.
LLM From Scratch - Tutorial to build LLMs from zero.
LoRA (Low-Rank Adaptation) - Efficient fine-tuning method for large models.
Sentence Transformers - Library for generating sentence/text embeddings.
PEFT (Parameter-Efficient Fine-Tuning) - Hugging Face library for parameter-efficient fine-tuning.
bitsandbytes - 8-bit quantization library for running large models on consumer hardware.
GPT-Engineer - Generate entire codebases from prompts.
InvokeAI - Leading Stable Diffusion GUI and API.
ComfyUI - Modular node-based GUI for Stable Diffusion.
Fooocus - Minimal but powerful Stable Diffusion software.

5.4 5.4 Computer Vision (CV)

OpenCV - Open-source computer vision library.
YOLO (You Only Look Once) - Real-time object detection algorithm (v5 version).
Detectron2 - Next-generation object detection and segmentation platform by FAIR.
MMDetection - OpenMMLab toolbox and benchmarks for object detection.
Awesome Computer Vision - Curated computer vision resources.
Pillow - Friendly Python image processing library (PIL fork).
Tesseract - Open-source OCR engine supported by Google.
Albumentations - Fast image augmentation library.
OpenPose - Real-time multi-person keypoint detection.
DeepFaceLab - Leading Deepfake software.
Face-recognition - Simplest Python library for face recognition.
MediaPipe - Google cross-platform ML solutions for real-time streaming.

5.5 5.5 Natural Language Processing (NLP)

NLTK - Leading Python toolkit for human language data processing.
SpaCy - Industrial-grade NLP library for production.
Gensim - Python library for topic modeling, document indexing, and similarity retrieval.
Awesome NLP - Curated NLP resources.
Stanza - Stanford University Python NLP library.
Flair - Simple NLP framework.
TextBlob - Simplified text processing library in Python.
CoreNLP - Stanford Java NLP toolkit.

5.6 5.6 Data Processing & Visualization

Pandas - Powerful Python library for data manipulation and analysis.
NumPy - Fundamental package for scientific computing in Python.
Matplotlib - Popular plotting library in Python.
Seaborn - Statistical data visualization library built on Matplotlib.
Plotly - Interactive plotting library.
Bokeh - Interactive visualization for modern web browsers.
Dask - Flexible library for parallel computing, scalable with Pandas and scikit-learn.
Vaex - High-performance out-of-core DataFrame library for Python.
Jupyter Notebook - Web-based interactive computing environment.
JupyterLab - Next-generation Jupyter Notebook interface.
Streamlit - Build web apps for ML and data science projects rapidly.
Gradio - Customizable UI components for ML models.
Apache Spark - Unified engine for large-scale data processing.
Apache Arrow - Cross-language development platform for in-memory data.
Polars - Fast DataFrame library written in Rust.

5.7 5.7 MLOps & Data Engineering

MLflow - Open-source platform for managing the end-to-end ML lifecycle.
Kubeflow - Toolkit for running ML on Kubernetes.
DVC - Open-source version control for ML projects.
Airflow - Platform for programmatically authoring, scheduling, and monitoring workflows.
Prefect - Modern workflow automation platform for data pipelines.
BentoML - Framework for serving and deploying ML models.
Feast - Open-source feature store.
Ray - Unified compute framework to scale AI and Python applications.
Optuna - Automated hyperparameter optimization framework.
Weights & Biases (Wandb) - MLOps platform for experiment tracking, data visualization, and collaboration.
ClearML - Automated MLOps platform.
DBT - Data transformation tool for analysts.
Great Expectations - Data testing, documentation, and validation framework.
Trino - Distributed SQL query engine for big data analytics.
Delta Lake - Storage layer bringing ACID transactions to data lakes.

5.8 5.8 AI Security & Explainability

Adversarial Robustness Toolbox (ART) - Python library for ML security.
CleverHans - Library for benchmarking adversarial attacks on ML systems.
SHAP - Game-theoretic method for explaining ML model outputs.
LIME - Python package for interpreting predictions of any classifier or regressor.
Captum - Model interpretability library for PyTorch.
Counterfit - CLI tool for automated AI system security assessment.
TextAttack - Python framework for NLP adversarial attacks, data augmentation, and model training.
DeepFool - Simple and accurate method to compute deep network robustness.
AI-Exploits - Collection of AI system exploits.
Garak - LLM vulnerability scanner.

6. Developer Tools & Career Growth

6.1 6.1 Comprehensive Awesome Lists & Resource Libraries

Awesome Dev Env - A comprehensive list of development environment resources.
Awesome Developer Tools - A collection of various developer tools.
Awesome Productivity - Tools and resources to boost productivity.
Awesome-for-Beginners - Beginner-friendly open source projects.
Awesome-Podcasts - (Duplicate) Podcasts loved by developers.
Awesome-Newsletters - (Duplicate) Valuable tech newsletters.
Developer-Health - Developer health resources.

6.2 6.2 Code Editors & IDEs

Claude Code - Official AI coding CLI tool by Anthropic.
Zed - A high-performance code editor created by the founders of Atom.
Visual Studio Code (VS Code) - Microsoft’s most popular open-source code editor.
Neovim - A fork of Vim focused on extensibility and usability.
Vim - Highly configurable text editor.
The Ultimate Vim Configuration - Ultimate Vim configuration.
SpaceVim - Community-driven modular Vim/Neovim configuration.
Emacs - Extensible, customizable, self-documenting real-time display editor.
Doom Emacs - An Emacs configuration framework for Vim enthusiasts.
Spacemacs - Community-driven Emacs distribution.
JetBrains IDEs - (Commercial) IntelliJ IDEA, PyCharm, GoLand, WebStorm, etc.
Sublime Text - (Commercial) Mature and refined text editor.
Atom - (Archived) Customizable text editor by GitHub.
Lapce - Lightning-fast powerful code editor written in Rust.
Helix - Post-modern text editor inspired by Kakoune/Neovim, written in Rust.
OniVim 2 - (Archived) Editor combining Vim and VS Code features.

6.3 6.3 Terminals & Shells

Alacritty - (Duplicate) Cross-platform GPU-accelerated terminal emulator.
WezTerm - Rust-based GPU-accelerated cross-platform terminal and multiplexer.
Kitty - Fast, feature-rich GPU-accelerated terminal emulator.
Hyper - Terminal built on web technologies.
iTerm2 - (macOS) Terminal replacement for macOS.
Windows Terminal - Modern terminal application for Windows.
Oh My Zsh - Community-driven framework for managing Zsh configuration.
Awesome-Zsh-Plugins - (Duplicate) Zsh plugins and themes.
Starship - Minimal, blazing-fast, infinitely customizable cross-shell prompt.
Fish Shell - Smart and user-friendly command line shell.
Oh My Fish - Framework for Fish Shell.
Fig - (Acquired by AWS) IDE-style autocomplete for terminals.
Warp - (macOS) Modern Rust-based terminal.
Tmux - Terminal multiplexer.
Zellij - Rust-based terminal workspace for developers.
Fzf - General-purpose command-line fuzzy finder.
Bat - (Duplicate) cat clone with syntax highlighting and Git integration.
Ripgrep - (Duplicate) Extremely fast line-oriented search tool.
Exa - (Duplicate) Modern replacement for ls.
Fd - Simple, fast, user-friendly alternative to find.
Sd - Intuitive find & replace CLI tool.
Zoxide - Smarter cd command.
Tldr - Community-maintained simplified man pages.
Cheat.sh - Unified community-driven cheat sheets.
Awesome-CLI-Apps - (Duplicate) Excellent command-line applications.

6.4 6.4 Git & Version Control

Git - Distributed version control system.
Pro Git - The official Pro Git 2nd edition book.
Lazygit - Simple Git terminal UI.
Conventional Commits - Standardized Git commit message convention.
Commitizen - Generate commits following Conventional Commits.
Husky - Modern native Git hooks.
GitKraken - (Commercial) Cross-platform Git GUI client.
SourceTree - (Free) Git GUI for Windows and Mac.
GitHub Desktop - Official GitHub desktop client.
Gitea - Self-hosted Git service written in Go.
Gogs - Another self-hosted Git service written in Go.
GitLab - Open-source complete DevOps platform.
BFG Repo-Cleaner - Tool for removing large files or sensitive data from Git repos.
Git-LFS (Large File Storage) - Git extension for large file storage.
Delta - Viewer for Git and diff output.

6.5 6.5 Documentation & Knowledge Management

Docusaurus - Easy-to-maintain open-source documentation websites by Facebook.
MkDocs - Fast, simple, beautiful static site generator for project docs.
Material for MkDocs - Popular theme for MkDocs.
VitePress - Vite-powered static site generator by the Vue team.
Docsify - Magical documentation generator without build steps.
Read the Docs - Platform for building, versioning, and hosting docs.
Obsidian - (Freemium) Powerful knowledge base built on local Markdown files.
Logseq - Privacy-focused open-source knowledge management platform.
Joplin - Open-source note-taking and to-do app with E2EE.
Notion - (Commercial) All-in-one workspace for notes, tasks, wikis, and databases.
Typora - (Commercial) Minimal WYSIWYG Markdown editor.
Markdown-Cheatsheet - Markdown syntax cheat sheet.
Diataxis Framework - Systematic framework for technical documentation.
Write the Docs - Global community focused on documentation and writers.

6.6 6.6 Career Growth & Soft Skills

Refactoring Guru - Visual learning site for design patterns, refactoring, and SOLID principles.
Staff Engineer - Stories and lessons for Staff+ engineers.
The Manager's Path - The Manager’s Path book.
Pragmatic Engineer - Blog by Gergely Orosz on software engineering careers.
Levels.fyi - Compare levels, salaries, and career paths in tech companies.
Blind - Anonymous professional community.
LeetCode - (Duplicate) Algorithms and data structure practice platform.
HackerRank - Coding skills practice and competitions.
Codewars - Improve coding through challenges.
Project Euler - Challenging math and programming problems.
Awesome-Remote-Work - (Duplicate) Remote work resources.
Public-Speaking - Public speaking resources.
How to be a Programmer - Guide on becoming a programmer.
You-are-not-a-visual-learner - Discussion on learning methodologies.
Learning How to Learn - Popular Coursera course on learning strategies.

6.7 6.7 Other Practical Tools

Docker - (Duplicate) Application containerization platform.
Kubernetes - (Duplicate) Container orchestration system.
NVM (Node Version Manager) - Node.js version manager.
Pyenv - Python version manager.
asdf - Extensible multi-language version manager.
yq - YAML/JSON/XML/TOML processor similar to jq.
ngrok - Expose local servers to the public internet.
LocalStack - Local AWS cloud service emulator.
DBngin - All-in-one database version manager.
DB-Gate - DBeaver, free universal database tool.
Responsively App - Modified browser for multi-screen web preview.
Carbon - Create and share beautiful source code images.
ScreenToGif - Screen, webcam, and whiteboard recorder exporting GIF/video.
Kap - (macOS) Open-source screen recorder.
LiceCap - Simple animated screen capture tool.
GIMP - Open-source image editor.
Inkscape - Open-source vector graphics editor.
Excalidraw - Virtual collaborative whiteboard tool.

Name		Name	Last commit message	Last commit date
Latest commit History 165 Commits
.github		.github
Media		Media
data		data
404_report.txt		404_report.txt
LICENSE		LICENSE
README.md		README.md
SECURITY.md		SECURITY.md
code-of-conduct.md		code-of-conduct.md
contributing.md		contributing.md

Uh oh!

License

ADA-XiaoYao/awesome-AlphaNet

Folders and files

Latest commit

History

Repository files navigation