)
A curated list of many tools and resources for both offensive and defensive security teams.
Please visit https://infosec.house for our website version of this repo. Found a resources that should be on here? Feel free to submit a pull request!
| Sub-Category | Description |
|---|---|
| Asset Management | Keep track of your inventory. You can't protect what you don't see. |
| Auditing | Stay in compliance. |
| Courses | Training and courses to master your craft. Some of the below courses do offer professional certifications as add-ons to course purchase. |
| Endpoint Protection | Protect your endpoints. |
| Forensics | Uncover the dirty little secrets of a recovered HDD, Image, malware, and more. |
| Honeypots | Catch them with their hands/attacks sticky. |
| IDS/IPS | Intrusion Detection and Prevention Systems. |
| Incident Response | Incident response tools, and resources when alarms pop off. |
| IOC | Indicators of compromise. Discover if you've been compromised. |
| Malware | All the malware you can wish for to reverse engineer. |
| Monitoring | Monitor your network, e-mail, packets, and infrastructure. |
| Operating Systems | Operating system's solely focused for defensive security teams. |
| Phishing | Tools and resources for analyzing phishing attacks. |
| Threat Intel | Discover where the threats begin. |
| Sub-Category | Description |
|---|---|
| API | Tools and resources for pentesting against API endpoints. |
| Blogs | Reading material for offensive security researchers. |
| Bug Bounty | Test out your skills against other hackers. Get paid for finding vulnerabilities. |
| Command & Control | Command and Control tools and frameworks. |
| Cheat Sheets | Offensive security cheat sheets. |
| Cloud | Discover tools and resources dedicated to hacking cloud platforms. |
| Collaboration | Discover tools and frameworks for red team collaboration. |
| Courses | Training and courses to master your craft. Some of the below courses do offer professional certifications as add-ons to course purchase. |
| Cracking | Everything you need to crack all the hashes. |
| Cryptography | How great is your cryptography. |
| CTF Offensive | Compete your hacking skills against others. |
| Data Exfiltration | Exfiltrate the data, and test your DLP. |
| E-Mail pentesting tools and resources. | |
| Evasion | Evade getting caught. |
| Exploits | Gather all your exploits needed to pop that box. |
| Firewalls | Attack the castle doors. |
| Hardware | Grab some of the most used hardware within the penetration testing industry. |
| Linux | Tools and resources for popping those linux boxes. |
| Mobile | Tools and resources for pentesting on mobile applications. |
| Network | Sniff the network. Modify the packets. |
| Operating Systems | Operating system's solely focused for offensive security teams. |
| Reconnaissance | Understand your target. Perform in-depth research and discover new attack surfaces. |
| Shells | Generating pre-built webshells to customizing your own. |
| Social Engineering | Manipulation techniques that exploits human error to gain private information, access, or valuables. |
| Vulnerability Scanners | Discover vulnerabilities fast, and automate some of the heavy loads. |
| Web Application | Break that web application. |
| Windows | Mirosoft Windows pentesting tools and resources. |
| Wireless | Discover tools and resources for exploiting Wi-Fi, bluetooth, RFID, and more. |
| Sub-Category | Description |
|---|---|
| Anonymity | The quality or state of being anonymous. Seek out technologies and methods of remaining anonymous in the day and age of mass surveillance. |
| Anti-Forensics | Destroy your data. |
| Burners | Everything for your temporary needs. |
| Communication | Protect your SMS messages, voice calls, and e-mails. Big brother is always watching. |
| Operating Systems | Hardening your operating system. |
| Passwords & Authentication | Secure your passwords, secrets, and notes. |
| Search Engines | Hardening your operating system. |
| Sub-Category | Description |
|---|---|
| Analysis | Tools and scripts for analyzing data. |
| Courses | Training and courses to master your craft. |
| Editors & Viewers | Tools for editing/viewing files. |
| Emulation | Emulate the adversary. |
| Network | Network tools both offensive and defensive operations can utilize. |
| OSINT | Open-Source Intel. Get all the information needed for your target. |
| Passwords | 1,000+ default passwords. |
| Reverse Engineering | Reverse engineering tools both offensive and defensive operations can utilize. |
| Write-Ups | Write-ups both offensive and defensive operataions can utilize. |
| Sub-Category | Description |
|---|---|
| Music | Kick back relax and enjoy some entertainment. |
| Video | Talks, livestreams, and presentations. |
Shoutout to the following amazing individuals for suggesting and adding resources during our livestream.
Anonymous, 0xgnnr, 0xrom, Binary.rip, CyberLola, DevNullZen, EightBitOni, GoProSlowYo, JR0ch17, projectdp, PaWNmUnCher, RySkill, Vander_Grift, chadb_n00b, footpics4sale, goldyautomation, halfamomo, p4r4n0ir, skyfire100, theGwar, and zuphzuph.