Resource Hub
Dive into curated links, tools, guides, and cheat sheets covering Cybersecurity, Development, DevOps, Cloud, AI and more.
No resources found matching your search term.
Tools, techniques, and resources for penetration testing, ethical hacking, and simulating attacks.
Learning, Notes & Roadmaps
- eJPT Notes (maisamnoyan) - Comprehensive notes for the eJPT certification exam.
- INE Notes (syselement) - Study notes related to various cybersecurity courses offered by INE.
- eJPT Roadmap (nyxragon) - A structured study plan and guide for preparing for the eJPT exam.
- eJPTv2 Preparation (xalgord) - Collection of resources and notes specifically for eJPTv2 preparation.
- Hacking Books Collection (tanc7) - Curated list of recommended books for learning hacking and security concepts.
- Awesome Hacker Note-Taking - Guide and resources on effective note-taking methods and tools for security professionals.
- Security Mindmaps (Ignitetechnologies) - Collection of mindmaps visually outlining security concepts and pentesting methodologies.
Offensive Resources (Zeyad-Azima)
A curated collection of various links and resources related to offensive security and penetration testing.
Guides & Reports
- Awesome Pentest - Comprehensive list of pentesting resources.
- Public Pentesting Reports - Learn from real-world examples of penetration testing reports.
- OWASP Pentest Guide - Voorivex - Structured penetration testing guide based on OWASP methodologies.
- Pentest Everything Notes - Extensive notes, writeups covering OSCP, Active Directory, and more.
- JHaddix Pentest Bookmarks - Massive curated bookmark list for penetration testers.
- Red Teaming & Pentest Checklists - Checklists for various types of offensive security engagements.
Payloads & Cheatsheets
- Payloads All The Things - Essential repository of payloads, bypass techniques, and useful commands.
- Pentest Cheat Sheets - Kitsun3Sec - Collection of command snippets and references for pentesting.
- Pentest Cheatsheets - Tib3rius - Focused pentesting references, particularly strong on privilege escalation.
- Pentest Notes Collection - Aggregated notes and cheatsheets covering various pentesting topics.
- Pentest Compilation - adon90 - Compilation of commands, tips, and scripts useful for pentesting.
- Metasploit Cheat Sheet - Quick reference guide for common Metasploit commands.
Privilege Escalation
- Privilege Escalation Techniques (Ignite) - Collection of notes and techniques for Linux/Windows privilege escalation.
- TCM Windows PrivEsc Resources - Resources accompanying The Cyber Mentor's Windows Privilege Escalation course.
- EasyPeasey Linux PrivEsc Script - Automated script to perform common Linux privilege escalation checks.
Tools & Frameworks
Reverse Shell Generator
Web-based tool to quickly generate reverse shell commands for various protocols and languages.
RedTeam Tools (A-poc)
A diverse collection of various tools and scripts useful for Red Team operations and pentesting.
Impacket
Collection of Python classes for working with network protocols. Essential for interacting with Windows environments.
Pupy RAT
An open source, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool.
CrackMapExec
A Swiss army knife for pentesting networks, particularly Windows/Active Directory environments.
Evil-WinRM
The ultimate WinRM shell for hacking/pentesting Windows environments, offering easy file transfer and command execution.
Linux Smart Enumeration
Linux enumeration tool for pentesting and CTFs, designed to be fast and provide detailed output based on verbosity levels.
pwndoc
A collaborative platform for writing penetration testing reports, streamlining the documentation process.
Exploit Development
Exploit Development Tools (tanc7)
A curated collection of tools commonly used in the process of exploit development and vulnerability research.
Labs & CTFs
- Vulnhub CTF Writeups (Ignite) - Collection of writeups and solutions for various Vulnhub machines.
- CTF Difficulty Resources (Ignite) - Resources related to understanding CTF difficulties and finding appropriate challenges.
Capsulecorp Pentest Env
A Vagrant/VirtualBox environment designed for practicing internal network penetration testing techniques.
More Labs Coming
Adding links to other great pentest labs (e.g., HackTheBox, TryHackMe, custom environments).
Resources for threat detection, incident response, forensics, and securing systems.
Guides & Cheatsheets
- Ultimate SANS Cheat Sheets - Gold standard sheets for DFIR, Security Essentials, etc.
- Cheatography Security Collection - Various defensive and general security topics.
- Windows Security Audit Policy Recommendations - Reference for configuring Windows auditing effectively.
- Sigma Rules - Generic signature format for SIEM systems to describe log events.
Tools & Platforms
cve-search
Tool to import CVEs/CPEs into a local database for offline searching and managing vulnerabilities.
Security Onion
Free and open platform for intrusion detection, enterprise security monitoring, and log management.
TheHive Project
Scalable, open source and free Security Incident Response Platform (SIRP), tightly integrated with MISP.
Velociraptor
An advanced digital forensic and incident response tool that enhances visibility into endpoints.
More Tools Coming
Looking for great Blue Team tools (e.g., specific Forensics tools, Threat Intel platforms) to add here!
Understanding protocols, configuration, troubleshooting, and network analysis.
Cheatsheets & Guides
- Cheatography Network Collection - 90+ sheets on various network topics.
- PacketLife Protocol Sheets - Excellent, detailed protocol references.
- Practical Subnetting Guide - Master subnetting with this clear guide.
- StationX Wireshark Sheet - Essential filters and tips for Wireshark.
- Red Hat Linux Networking Sheet - Key Linux network commands reference.
- ipCisco Cheat Sheets - Various networking command references (often Cisco-focused).
- Go to Dedicated Networking Page - View a more structured deep-dive into Networking resources.
Tools & Labs
Cisco Images for GNS3/EVE-NG
Collection of Cisco IOS/IOU/VIRL images to use with network simulators like GNS3 and EVE-NG for lab practice.
GNS3
Graphical network simulator allowing emulation of complex networks using real device images for robust lab setups.
More Tools Coming
Adding links for EVE-NG, Packet Tracer, Wireshark, etc. (Check dedicated Networking page too!).
Tools and practices for automating infrastructure, CI/CD pipelines, configuration management, and deployment.
Cheatsheets & Guides
- Edureka Ansible Cheat Sheet (PDF) - Quick start for Ansible commands/modules.
- Deploying Django w/ Gunicorn Guide - Practical deployment tutorial for Django apps.
- Docker Cheat Sheet (PDF) - Essential Docker CLI commands.
- Kubernetes Cheat Sheet - Common Kubectl commands for interacting with clusters.
Tools & Platforms
Salt (SaltStack)
Powerful software for automating the management and configuration of any infrastructure or application stack at scale.
Predator Load Testing
An open-source platform for load testing APIs, built to handle distributed and high-volume tests.
Terraform
Enables you to safely and predictably create, change, and improve infrastructure using declarative configuration files.
Jenkins
The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.
Securing web applications and APIs against common vulnerabilities and attacks.
Checklists & Cheatsheets
- Payloads All The Things - Essential resource for web/API payloads & bypasses.
- Web App Pentest Checklist (Hari-prasaanth) - A comprehensive checklist covering various aspects of web application pentesting.
- OWASP Top 10 - Standard awareness document for developers and web application security.
- API Security Checklist - Checklist focusing on security considerations when designing, testing, and releasing APIs.
Tools
Burp Suite
Industry-standard toolkit for web application security testing, including proxy, scanner, intruder, and more.
OWASP ZAP
One of the world’s most popular free security tools. Actively maintained open source web application security scanner.
sqlmap
Open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws.
Tools Coming Soon
Adding more tools like Nikto, Dirbuster/Gobuster, etc.
Resources for securing mobile applications (Android/iOS) and mobile penetration testing.
Awesome Lists & Collections
Awesome Mobile Security
A curated list of mobile security resources, including tools, articles, books, and research papers for Android & iOS.
OWASP Mobile Security
Centralized resource for developers and security teams including the Mobile Security Testing Guide (MSTG) and MASVS standard.
Cheatsheets
- Mobile App Pentest Cheatsheet (tanc7) - Cheatsheet covering common steps and tools for mobile application pentesting.
Tools
Frida
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Inject scripts into running processes.
Objection
A runtime mobile exploration toolkit, powered by Frida, built to help assess mobile app security without needing a jailbreak.
Mobexler
Mobile Security Testing Framework (check link/status if needed).
Gathering information from publicly available sources for investigation or reconnaissance.
Tools & Frameworks
Search Query Parser
Python library for parsing search engine query strings, useful for automating OSINT data extraction and analysis.
OSINT Framework
Web-based framework presenting a vast collection of OSINT tools, broken down into categories for easy navigation.
Maltego
Powerful data mining and visualization tool for OSINT and link analysis, used to uncover relationships between information.
Sherlock
Command-line tool to hunt down social media accounts by username across a vast number of networks.
More Resources Coming
Adding more OSINT tools like theHarvester, SpiderFoot, etc.
Securing cloud environments (AWS, Azure, GCP), configurations, and services.
Cheatsheets
- AWS Cheat Sheet - InterviewBit - Concise overview of key AWS services and concepts.
- Azure Cheat Sheet - milanm - Reference sheet for Azure services and CLI commands.
- Google Cloud (gcloud) Cheat Sheet - Official cheatsheet for the `gcloud` command-line tool.
- OpenStack Cheat Sheet - Ubuntu (PDF) - Reference for OpenStack CLI commands.
Tools & Labs
AWS RedTeam AD Lab (tanc7)
Terraform setup for creating an AWS lab environment focused on Active Directory enumeration and attacks within the cloud.
Prowler
Open Source security tool to perform AWS security best practices assessments, audits, incident response, hardening and forensics readiness.
CloudSploit
Open-source project to detect security risks in cloud infrastructure accounts (AWS, Azure, GCP, OCI). Part of Aqua Security.
More Cloud Tools
Adding resources like CloudGoat, specific cloud service security guides, etc.
Resources related to the security of Internet of Things devices and hardware analysis.
Labs & Learning Platforms
OWASP IoTGoat
A deliberately insecure firmware based on OpenWrt, designed to help learn and practice IoT security testing.
Awesome Hardware Hacking
An awesome list curated for hardware security enthusiasts, covering tools, techniques, and learning materials.
More Resources Coming
Adding links for specific hardware tools (Bus Pirate, JTAGulator), firmware analysis tools, etc.
Libraries, platforms, and resources for developing and understanding AI/ML models.
Awesome Lists & Collections
Awesome Artificial Intelligence
A comprehensive curated list of AI courses, books, video lectures, papers, tools, and frameworks.
Awesome MLOps
A curated list of tools and resources for Machine Learning Operations (MLOps), covering the lifecycle of ML models.
Learning Resources & Notes
- Andrew NG Course Notes - Detailed notes covering Andrew Ng's popular Machine Learning and Deep Learning courses.
- Deep Learning, ML & TensorFlow Resources - A collection of resources focused on Deep Learning, Machine Learning, and TensorFlow.
- fast.ai Course - Free practical deep learning course for coders using PyTorch and the fastai library.
Frameworks & Libraries
TensorFlow
An end-to-end open source platform for machine learning. It has a comprehensive, flexible ecosystem of tools and libraries.
PyTorch
An open source machine learning framework that accelerates the path from research prototyping to production deployment.
Scikit-learn
Simple and efficient tools for predictive data analysis, accessible to everybody, and reusable in various contexts.
More Tools Coming
Curating links for AI/ML frameworks (Keras, Hugging Face), libraries, and datasets.
Tools, frameworks, libraries, and best practices for building software.
Cheatsheets & Core Concepts
- Python 3 Memento (PDF) - Concise Python 3 syntax reference.
- Python Cheatsheet - gto76 - Comprehensive Python reference sheet.
- JavaScript Cheat Sheet - Quick JS syntax/functions reference.
- HTML/CSS Cheat Sheet - Core web frontend syntax reference.
- Git Cheat Sheet (PDF) - Essential Git commands from GitHub.
- React Docs (Learn) - Official learning path and documentation for React.
- Vue.js Syntax (v2 Guide) - Reference for Vue 2 syntax (Note: v3 is current).
Learning & Notes
- CodeAcademy Notes (tanc7) - Personal notes taken from various Codecademy courses (check repo for specifics).
- freeCodeCamp - Free online platform offering courses and certifications in various development areas.
- Developer Roadmaps - Community-driven roadmaps, guides, and learning paths for developers.
Awesome for Beginners
A list of awesome beginner-friendly projects on GitHub, perfect for finding your first open-source contribution.
Awesome App Ideas
A curated list of application ideas (from beginner to advanced) to practice your coding skills or build portfolio projects.
Frameworks & Libraries (Python)
Python for Security (CyberSecurityUP)
A collection of resources, scripts, and examples demonstrating the use of Python for various cybersecurity tasks.
Python Data Science Lib
A Python library developed for the UC Berkeley Data 8 course, designed for introductory data science concepts.
H2O Wave (Python/R)
Build beautiful, low-latency, realtime Web Apps and Dashboards quickly using Python or R. No HTML/CSS/JavaScript required.
Scrapy (Python)
A fast, high-level web crawling and scraping framework for Python, used to extract structured data from websites.
Django
High-level Python web framework that encourages rapid development and clean, pragmatic design.
Flask
A lightweight WSGI web application framework in Python. It is designed to make getting started quick and easy.
Frameworks & Libraries (JavaScript Ecosystem)
Electron
Framework for building cross-platform desktop applications using web technologies (JavaScript, HTML, and CSS).
Gatsby
React-based open source framework for creating fast, secure, and powerful websites (Static Sites / Jamstack).
Material UI (MUI Core)
A comprehensive library of React UI components that implement Google's Material Design system.
Node.js
Asynchronous event-driven JavaScript runtime, designed to build scalable network applications.
Express.js
Fast, unopinionated, minimalist web framework for Node.js, widely used for building APIs and web applications.
Testing & Utility Tools
CustomTools (bogdanbarbulescu)
A personal collection of custom scripts and utility tools developed for various purposes (likely includes automation, networking, or dev tasks).
Cypress
Fast, easy, and reliable end-to-end testing framework for anything that runs in a browser, built for developers and QA engineers.
Hyper Terminal
A beautiful, extensible, and fully customizable terminal emulator built on open web standards (HTML, CSS, JavaScript).
JSON Editor
A web-based editor for viewing, editing, and validating JSON data, often utilizing JSON Schema for structure definition.
Postman
An API platform for building and using APIs. Simplifies each step of the API lifecycle and streamlines collaboration.
Managing operating systems, servers, and infrastructure.
OS Cheatsheets & Commands
- Windows:
- Windows CMD Reference (SS64) - Excellent command prompt reference.
- PowerShell Core Commands (NirSoft) - Useful PowerShell command reference.
- Linux:
- Bash Reference Manual - The definitive guide for Bash scripting.
- 50 Essential Linux Commands - Great starting point for the Linux CLI.
- Explain Shell - Paste a command and see a breakdown of what each part does!
Management & Self-Hosting
Awesome Self-Hosted
A curated list of Free Software network services and web applications which can be hosted on your own servers.
md-page
A simple tool to quickly create a self-contained single webpage directly from a Markdown file.
Decap CMS
A Git-based Content Management System for Static Site Generators. Provides editors with a simple UI to manage content stored in Git.
Salt (SaltStack)
Powerful infrastructure automation and configuration management tool, relevant for SysAdmins managing multiple systems.
Resources related to blockchain technology, cryptocurrencies, smart contracts, and Web3 development.
Awesome Blockchain
A curated list of awesome blockchain frameworks, libraries, resources, and other cool things.
Ethereum Dev Docs
Official documentation for Ethereum development, covering concepts, smart contracts, clients, and more.
Resources Coming Soon
Adding links for Blockchain/Web3 development tools (Truffle, Hardhat), security resources, etc.
Broad learning platforms, resource collections, helpful conceptual explanations, and meta-lists.
Mega Lists & Cheatsheet Collections
Awesome Cheatsheets (LeCoupa)
An extensive collection of cheatsheets covering a wide range of popular programming languages, frameworks, and tools.
Awesome Lists Meta-List
The ultimate starting point: A curated list of *all* the awesome lists hosted on GitHub, covering nearly any topic imaginable.
Collection of Useful Repositories
Another curated collection of useful GitHub repositories spanning various topics for learning and development.
Concepts & Platforms
Awesome ELI5
A collection of resources that explain complex technical concepts in simple, easy-to-understand ("Explain Like I'm 5") terms.
Oppia Learning Platform
A free, open-source online learning platform providing interactive lessons, aiming to make quality education accessible to all.
A-to-Z Resources for Students
Curated list of diverse resources, tools, programs, and opportunities valuable for college students, especially in tech fields.
Help Improve This Hub!
Found an awesome resource we missed? Spot an error? Have a suggestion? Let us know!
Suggest a Resource