InfoSec Resources

Welcome to the 0Research resource center! We've decided to move our resources to GitHub so others may easily contribute.

Want to contribute? Read our guidelines at the bottom of this page.


Table of Content


Books

Notice: All book hyperlinks contain Amazon referral links. To support help this project please consider using these links!

DFIR

Malware

Operating Systems

Penetration Testing

Programming


Cheat Sheets


Courses


Podcasts


Tools

Anonymity

  • FreeNET - A peer-to-peer platform for censorship-resistant communication and publishing.
  • GNUnet - An alternative network stack for building secure, decentralized and privacy-preserving distributed applications.
  • I2P - An anonymous overlay network - a network within a network.
  • TOR - Tor is free software for enabling anonymous communication.

Offensive Security

Bruteforce

  • Hydra - A brute force password tool.
  • Patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

Exploit Development and Debuggers

  • IDA - Multi-processor disassembler and debugger that offers so many features it is hard to describe them all.
  • PEDA - Python exploit development assistance for GDB.
  • ROPME - A set of python scripts to generate ROP gadgets and payload.
  • Ropper - Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC).
  • Shellconv - Small tool for disassembling shellcode ( using odjdump ).
  • OllyDbg - A 32-bit assembler level analysing debugger for windows.Emphasis on binary code analysismakes it particularly useful in cases where source is unavailable.
  • PWNTools - CTF framework and exploit development library.
  • radare -
  • ysoserial - A PoC tool for generating payloads that exploit unsafe Java object deserialization.

Password Cracking

  • GoCrack - Manage password cracking tasks across multiple GPU servers.
  • Hashcat - World's fastest and most advanced password recovery utility.
  • John the Ripper - A fast password cracker, currently available for many flavors.

Mobile

Android
  • APKInspecter - APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
  • APKTook - A tool for reverse engineering 3rd party, closed, binary Android apps.
  • APK Sign - Sign.jar automatically signs an apk with the Android test certificate.
  • Cydia Substrate - The powerful code modification platform behind Cydia.
  • Xposed Framework - A framework for modules that can change the behavior of the system and apps without touching any APKs.
  • Drozer - The Leading Security Assessment Framework for Android.
  • JustTrustMe - An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning.
  • MobSF - Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
  • SUPER Android Analyzer - Secure, Unified, Powerful and Extensible Rust Android Analyzer
iOS
  • MobSF - Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
  • Needle - The iOS Security Testing Framework.
  • Objection - Runtime mobile exploration toolkit, powered by Frida.
  • otool - The otool command displays specified parts of object files or libraries.

Phishing

  • GoPhish - A powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.
  • Phishing Frenzy - Ruby on Rails Phishing Framework
  • ReelPhish - Real time 2FA phishing tool.
  • SET - The Social-Engineering Toolkit has a number of custom attack vectors that allow you to make a believable attack quickly.

Reconnaissance

  • Aquatone - A tool for domain flyovers.
  • Creepy - A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.
  • Datasploit - Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
  • Discover - For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks.
  • EyeWitness - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  • Gitrob - Reconnaissance tool for GitHub organizations
  • InstaLooter - Another API-less Instagram pictures and videos downloader.
  • IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer.
  • Intrigue.io - Discover your attack surface
  • LHF - A modular recon tool for pentesting.
  • Maltego - Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
  • NMAP - An open source tool for networking exploration and security auditing.
  • Recon-NG - A full featured web reconnaissance framework written in python.
  • Shodan - Use Shodan to discover which of your devices are connected to the Internet, where they are located and who is using them.
  • SimplyEmail - Email recon made fastr and easy, with a framework to build on.
  • theHarvester - E-Mails, sub-domains, and name harvester.

Rootkits

  • Azazel - A userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.

Security Bypass

  • AVET - AntiVirus Evasion Tool.
  • GreatSCT - Great SCT is an open source project to generate application white list bypass.
  • Veil - Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions.

Shells

  • Black Arch Webshells - Various webshell collections written in asp, aspx, cfm, jsp, perl, php.
  • cmdsql - A webshell used for executing system commands, parse web.config files, and execute sql queries

Web Application

  • Burp Suite - An integrated platform for performing security testing of web applications.
  • Commix - Automated All-in-One OS command injection and exploitation tool.
  • Nikto - Open Source web server scanner which performs comprehensive tests against web servers for multiple items.
  • OWASP - Automatically find security vulnerabilities in your web applications while you are developing and testing your applications.
  • WPScan - WPScan is a black box WordPress vulnerability scanner

Defensive Security

DFIR

  • ActiveDirectory_FQDN_IP - Extract a list of FQDNs and correlated IP addresses from networks.
  • Kansa - A Powershell incident response framework
  • Rekall - Rekall Framework is a completely open collection of tools, implemented in Python

IDS IPS

  • Bro - A powerful network analysis framework that is much different from the typical IDS you may know.
  • OSSEC - Unix system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring
  • Snort - an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.

Log Management

  • GoAccess - An open source real-time web log analyzer and interactive viewer that runs in a terminal.
  • Graylog - An open source enterprise log management.
  • Logstatsh - An open soure, server-side data processing pipeline that ingests data from a multitude of sources.

Vulnerability Scanners

  • OpenVAS - OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
  • InsightVM - Commercial network vulnerability scanner
  • Vuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go.

Videos

Documentaries

Technical Talks

Websites

  • Exploit-DB - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
  • PRISM-Break - Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Help make mass surveillance of entire populations uneconomical!

Whitepapers

  • 0Day Today Papers - An archived security research platform with various of languages.
  • SANS Reading Room - The SANS Reading Room features over 2,780 original computer security white papers in 106 different categories.

Contribution Guidelines

Ensure your pull request adheres to the following:

  • Please make sure before adding a new resource that it's not a duplicate.
  • Add new resource under it's appropriate category.
  • Use the following format: [Name](link) - Description.
  • New categories or re-organization improvements are welcome.

Thanks for the contribution!

Never Stop Researching