A curated list of high-quality cybersecurity resources, tools, frameworks, and communities to protect systems, networks, and data.
Cybersecurity is essential to securing digital infrastructure, ensuring privacy, and defending against cyber threats. This list is intended for security professionals, developers, students, researchers, and anyone interested in cybersecurity.
- Learning & Education
- Threat Intelligence
- Vulnerability Assessment & Penetration Testing
- Malware Analysis & Reverse Engineering
- Network Security
- Web Application Security
- Security Tools
- Incident Response & Forensics
- Authentication & Identity
- Cloud Security
- Security Certifications
- Communities & Conferences
- Related Awesome Lists
- Cybrary – Free and paid cybersecurity courses and career paths.
- Hack The Box – Platform to learn and test hacking skills in virtual labs.
- TryHackMe – Beginner-friendly cybersecurity learning platform with gamified challenges.
- Open Security Training – In-depth free security training courses.
- Blue Team Labs Online – Interactive blue team labs and simulations.
- AlienVault OTX – Open threat intelligence sharing platform.
- Abuse.ch – Malware and threat intelligence trackers.
- MISP – Open-source threat intelligence sharing platform.
- VirusTotal – Analyze files and URLs for malware, share results with the community.
- Kali Linux – Linux distribution with penetration testing tools.
- Metasploit Framework – Popular penetration testing platform.
- Burp Suite – Web vulnerability scanner and proxy tool.
- Nmap – Network scanner for discovery and security auditing.
- OWASP ZAP – Open-source web application security scanner.
- REMnux – Linux distro for malware analysis.
- Cuckoo Sandbox – Automated malware analysis system.
- Radare2 – Open-source reverse engineering framework.
- Ghidra – NSA’s open-source reverse engineering tool suite.
- Wireshark – Protocol analyzer for network troubleshooting and analysis.
- Suricata – Open-source network threat detection engine.
- Zeek – Network analysis framework for security monitoring.
- Snort – Intrusion prevention and detection system (IDS/IPS).
- OWASP Top Ten – Key risks in web application security.
- Web Security Academy – Free learning resources on web vulnerabilities.
- Security Headers – Analyze HTTP response headers for best practices.
- SQLMap – Automatic SQL injection and database takeover tool.
- Shodan – Search engine for internet-connected devices.
- TheHarvester – OSINT gathering tool for domains, emails, IPs.
- Amass – In-depth DNS enumeration and network mapping.
- Autopsy – GUI for digital forensics and incident response.
- Sleuth Kit – Forensic analysis tools for disk images.
- Volatility – Memory forensics framework.
- GRR Rapid Response – Incident response framework by Google.
- DFIR Training – Free and paid digital forensics and incident response resources.
- Keycloak – Open-source identity and access management.
- Auth0 – Identity-as-a-service for authentication and authorization.
- Passbolt – Self-hosted open-source password manager for teams.
- Have I Been Pwned – Check if your credentials have been exposed.
- Cloud Security Alliance – Best practices and resources for cloud security.
- ScoutSuite – Multi-cloud security auditing tool.
- Prowler – AWS security best practices assessment tool.
- kube-bench – Kubernetes CIS benchmark compliance tool.
- CompTIA Security+ – Entry-level cybersecurity certification.
- Certified Ethical Hacker (CEH) – Penetration testing certification.
- Certified Information Systems Security Professional (CISSP) – Advanced security management certification.
- GIAC Certifications – Certifications for cybersecurity professionals from SANS.
- r/netsec (Reddit) – Community for security professionals and enthusiasts.
- DEF CON – One of the world's largest hacker conventions.
- Black Hat – Leading information security conference.
- BSides – Community-driven security conferences worldwide.
- Awesome OSINT – Open-source intelligence tools and resources.
- Awesome Privacy – Tools and resources for personal data protection.
- Awesome Digital Rights – Advocacy tools and organizations defending online rights.
- Awesome Threat Intelligence – Curated resources for threat intel.
Contributions are welcome!
