My Cybersecurity Links Collection

Easier navigation via TOC on the right (hamburger bullet list icon next to where it says "README.md").

Cybersecurity

• Veeral Patel - How to secure anything
• YeahHub Hacking Ebooks
• Antonio Morales - Fuzzing 101
• Bishop Fox - Fuzzing
• Zero Trust Architecture Roadmap
• MSKRP - Hacker Roadmap
• HackTricks
• The Hacker Recipes
• Cipher387 - Dorks Collection
• Cybersecurity Professional Development
• Ignite Technologies - Security Mindmaps

Cloud Security

• Gaining Control over Azure Function Apps
• Microsoft Portals Reference Guide
• O3-Cyber - Azure Security Survival Kit
• GoogleCloudPlatform - Security Analytics
• Cloud Security Wiki
• PacketMischief - PoLP with Cloudformation StackSets
• Kubernetes - KubeCTL Cheat Sheet
• Cloud Native Security Talks
• BishopFox - Kubernetes Bad Pods
• Wiz Security - Cloud Middleware Dataset
• Blackberry - Falco Bypasses
• Pulumi - Examples
• Futurice - Terraform Examples
• AWS Security Cookbook
• CloudSecList
• HackTricks - Cloud
• AWS IAM - Policy Evaluation Logic
• Krol3 - Container Security Checklist
• Primeharbor - Sensitive IAM Actions List
• List of GCP Blogs - 2021
• AWS Security - Managing Temporary Elevated Access
• AWS Samples - SCP Examples
• AWS IAM - Policies and Permissions in IAM
• Zoph IO - AWS Security Survival Kit
• Security Wiki - Cloud
• NotSoSecure - Hacking AWS Cognito Misconfigurations
• Glassechidna - TrackIAM
• AWS Samples - AWS Customer Playbook Framework
• GCP Developer Cheat Sheet
• AWS Labs - AWS Break Glass Role
• AWS EKS Best Practices Guides
• HackTricks - Kubernetes Pentesting
• AidenSteele - AWS Centralized Logs
• KelseyHightower - Kubernetes the Hard Way
• Houey - Awesome SCPs
• TrustOnCloud - S3 Threat Model
• Invictus IR - AWS Cheat Sheet
• LittleHack3r - Awesome GCP Security
• GCP Networking 101 Cheat Sheet
• HackTricks - Pentesting Docker
• RhinoSecurityLabs - GCP IAM Privilege Escalation
• CloudSecDocs
• Hacking The Cloud

Home Lab

• Plex
• Jellyfin
• Tube Archivist
• Portainer
• Tanq16 - Local Content Share
• Nginx Proxy Manager
• HayKot - Home Box
• NetData
• AdGuard Home
• CorentinTh - IT Tools
• Frooodle - Stirling PDF
• Alexta69 - Me Tube
• Yacht
• DeepJyoti30 - YTM-DL
• Traggo
• Omnivore
• Noco DB
• BenPhelps - Homepage
• Memos
• FileBrowser
• QBitTorrent (LSIO)
• Casa OS
• Codex Docs
• Home Assistant
• Deiucanta - ChatPad
• Excalidraw
• Actual Budget
• SissBruecker - LinkDing
• Dockge
• HomeLab OS
• LinkWarden
• LinkAce
• Proxmox

Pentesting & OSCP

• Infosecnayam - OSCP Resources
• Ignite Technologies - Privesc CheatSheet
• Linux Syscalls 32 bit
• 0xffsec - HandBook
• AdithyaNayak - OSCP Guide
• Orange CyberDefense - AD Pentesting Cheatsheet
• AD Attacks - AD Pentesting Guide
• HTB - AD Pentesting Cheatsheet
• Linux Syscalls 64 bit
• Cure53 - Pentesting Contracts
• Pentesting BIBLE
• EnaqX - Awesome Pentest
• WtsxDev - Pentesting Resources
• TurgenSec - Shodan Guide

CTF & Bug Bounty

• NGalongC - Bug Bounty Reference
• 0x0539 - CTF
• Steganography Resources
• Ignite Tech - VulnHub Writeups
• Microcorruption - Embedded CTF
• Devansh B - Bug Bounty Writeups

Web & Mobile Security

• OffSecML
• Bypassing Cloudflare
• Frida Codeshare
• OWASP MASVS CheatSheet
• OWASP - MASTG
• Ignite Technologies - Web App Pentesting CheatSheet
• OWASP CheatSheets
• HackTricks - Pentesting GraphQL
• BishopFox - JSON Interoperability Vulnerabilities
• ChentSulin - Awesome GraphQL

Productivity & Quality of Life

• Slidesgo Templates
• Google's .new Registry
• Cloudwards - Security Tools Reviewed
• Standard Notes - File Send
• DoNotPay
• Fake Name Generator
• Security List - Personal Security and Privacy
• Killed By Google
• Privacy Tools IO
• Formspree GitHub
• Oh Shit Git
• TinyWow
• Untools
• ToS;DR
• DanOctavian - Awesome Anti-Censorship
• Cymath - Math Problem Solver
• Killed By Tech
• Rallly

Courses & Study

• Nightmare Binary Exploitation Course
• WalidShaari - Certified Kubernetes Security Specialist
• Donne Martin - System Design Primer
• TCMSec - Practical Ethical Hacking Resources
• YouTube - Kubernetes Hacking Masterclass
• AgeRon - Hands-on ML
• BurpSuite Certified Practitioner Study
• Google Cloud Skills Boost
• Linux foundation - Building the Simplest Possible Linux System
• FreeCodeCamp - Network Pentesting for Beginners
• TrekhLeb - JS Data Structures & Algorithms
• RPISec - Modern Binary Exploitation

Labs & Workshops

• DigiNinja - Damn Vulnerable Web App
• BishopFox - IAM Vulnerable
• Joshua J - GCP Goat
• Cider Security - CICD Goat
• Payatu - DIVA Android
• OWASP - iGoat
• Righettod - GraphQL Labs
• NCC Group - Sad Cloud
• BridgeCrew - Terragoat
• IKnowJason - Awesome Cloud Labs
• Under The Wire Powershell Labs
• OWASP - Web Goat
• Madhukala - Kubernetes Goat
• FrankWXU - Digital Forensics Lab
• INE Labs - AWS Goat
• RhinoSec - Cloud Goat
• AWS Control Tower Workshop
• XMCyber - Azure Goat
• flAWS Cloud
• DolevF - Damn Vulnerable GraphQL App
• flAWS 2 Cloud
• Bishop Fox - JSON Interop Vuln Lab
• WIZ - EKS Cluster Games
• flAWS Cloud
• DERE-ad2001 - Frida Labs
• Thunder CTF Cloud
• Ermetic - CNAPPgoat
• Step Security - GitHub Actions Goat

Miscellaneous

• Project Based Learning
• Roadmaps for Study
• Cloudsecurity Jobs
• AppSec Interview Questions
• Tech Interview Handbook
• Coding Horror - Basic Computer Games

AI Tools

• Chat GPT
• Jasper AI
• Copy AI Tools
• Brandmark
• Futurepedia
• Podcastle
• Sea Art
• Big Speak AI
• IMG Larger
• This Person Does Not Exist
• AIVA
• Synthesia
• Steve AI
• My Heritage
• Fly Fin Tax AI
• Civit AI
• Fooocus

Tools - AD, M365, OSCP & Pentesting

• DirkJanm - BloodHound Python
• RopNOP - KerBrute
• SnaffCon - Snaffler
• CISAGov - ScubaGear
• G3han - PowerShell for AD
• Frohoff - YSoSerial
• J3ssie - Osmedeus
• J3ssie - MetaBigOr
• 1N3 - Sn1per
• M8Sec - CrossLinked
• Sensity AI - Deepfake Offensive Toolkit
• LOLBAS
• GTFOBins
• Guardicore - Infection Monkey
• MattKeely - Spoofy
• ZeroNetworks - BlueHound
• PowerShellMafia - PowerSploit
• S3cur3Th1sSh1t - PowerSharp
• MPGN - CrackMapExec
• BlackLanternSecurity - ManSpider
• Ly4k - Certipy
• Zyn3rgy - LDAPRelayScan
• WADComs
• SwissKyrepo - PayloadsAllTheThings
• KGretzky - EvilGinx2
• Project Discovery - CVEMap

Tools - Cloud & Containers

• AquaSecurity - CloudSploit
• Project Discovery - Cloudlist
• Google - GCP Scanner
• Salesforce - CloudSplaining
• AWS - IAM Access Key Report
• AWS - IAM CTL
• WellDoneCloud - AWS List Resources
• Aquia - SCP Kit
• TruffleSec - Driftwood
• CridgeCrew - AirIAM
• AWS - Cloudformation Guard
• AWS - EC2 Metadata Mock
• Scribe Public - GitGat
• AWS Labs - GuardDuty Tester
• Mondoo - CNQuery
• Invictus IR - Invictus AWS
• Turner Labs - Antiope
• IKnowJason - Edge
• CloudQuery
• NetSPI - AWS Consoler
• NoqDev - IAMbic
• Iann0036 - IAM Live
• RhinoSecurityLabs - PACU
• SilverHack - Monkey 365
• StealthCopter - DEEPCE
• DataDog - Managed Kubernetes Audit Toolkit
• GoodWithTech - Dockle
• AWS Labs - K8s Network Policy Migrator
• Avolens - Kubefuzz
• Stackrox
• Shopify - KubeAudit
• Alestic - AWS CLI Multi Account Sessions
• Orca Security - IAM AWS Policy Evaluator (APE)
• Aquia - AWS GuardDuty Runbook Generator
• OneMorePerEira - AWS SSO Reported
• RhinoSecurityLabs - GCP IAM Privescs
• HackmichNet - Az Token Finder
• HauSec - PowerZure
• BloodHoundAD - AzureHound
• BridgeCrew - Checkov
• cr0hn - DockerScan
• RhinoSecurityLabs - Cloud Container Attack Tool
• VChinniPilli - KubeStriker
• Lyft - Cartography
• BishopFox - CloudFox
• Twilio Labs - SOCless
• Prowler
• Init String - Cloud Enum
• Praetorian - GATO
• Falco
• NCC Group - ScoutSuite
• RedHuntLabs - Bucket Loot
• RedSkyCyber - AWS Security Resource Dump
• sleeptok3n - RoleCrawl

Tools - Network Security

• Haccer - SubJack
• OWASP - Amass
• Ge0rg3 - AWS API Gateway IP Rotator
• DrWetter - TestSSL.sh
• Aploium - Shootback
• MiTMProxy
• Tomnomnom - AssetFinder
• Kaspersky Lab - Tiny Check
• ProjectDiscovery - Naabu
• ProjectDiscovery - Nuclei
• Praetorian - FingerprintX
• ProjectDiscovery - Proxify
• ProjectDiscovery - SubFinder
• ProjectDiscovery - DNSX
• ProjectDiscovery - SimpleHTTPServer
• ProjectDiscovery - InteractSH
• Erebe - WSTunnel
• NiteFood - ASN
• SelaDB - PcapPlusPlus
• ProjectDiscovery - Uncover
• Hakluke - Hakrevdns
• Ice3Man543 - SubOver
• OpenCoff - GoTunnel
• Ginuerzh - GoST
• JPillora - Chisel
• S0md3v - SMAP

Tools - Other Technical

• S0md3v - Dump
• Sploitus - Exploit Search
• AutoRegex
• GodBolt - Compiler Explorer
• Ciphey
• AbdulRhmanAlfaifi - Fennec
• ProjectDiscovery - AIX
• Google - Tsunami Scanner
• Abbbi - SSEnv
• Detection Lab - AD Environment
• JLess
• GitHub Project Readme Creator

Tools - Web, Mobile & Source

• Frida
• Jaeles
• SkyLot - JADX
• Praetorian - NoseyParker
• BishopFox - GitGot
• Synacktiv - NORD Stream
• SNR DAST Web App Scanner
• ShiftLeftSecurity - SAST-Scan
• AquaSec - Trivy
• Grep App
• CodeGrepper
• Alibaba - Arthas
• set1421 - SecretBench
• Insider Sec - Insider
• Streaak - KeyHacks
• Analysis Tools Dev - Static Analysis Tools
• ProjectDiscovery - HTTPX
• S0md3v - URO
• ProjectDiscovery - Katana
• BishopFox - H2C Smuggler
• Mschwager - Route Detect
• RedSiege - EyeWitness
• BreenMachine - HTTP Screenshot
• FuzzFaster u Fool
• DoyenSec - InQL
• LC - GetAllUrls
• Hakluke - Hakrawler
• Hakluke - HakTLDExtract
• PortSwigger - Elastic Burp
• SensePost - GoWitness
• NikitaStupin - GraphQL Clairvoyance
• SwissKeyRepo - GraphQL Map
• IvanGoncharov - GraphQL Voyager
• HoppScotch
• OJ - GoBuster
• DataDog - DASH
• HahWul - DalFox
• Retire JS
• Cloudflare - Flan
• Tomnomnom - HTTProbe
• LC - SubJS
• Hannob - SnallyGaster
• 1N3 - BlackWidow
• SQL Map
• ChiChou - GrapeFruit
• Mobile Security Framework
• AloneMonkey - Frida iOS Dump
• SensePost - Objection