Cybersecurity Links Dump

Table of Contents →

• Labs & Workshops
• Tools
  • AI Tools
  • Web, Mobile & Source
  • AD, M365, OSCP & Pentesting
  • Cloud & Containers
  • Network Security
  • Other Technical
• General Cybersec
  • Pentesting & OSCP
  • CTF & Bug Bounty
  • Cybersecurity
• Others
  • Miscellaneous
  • Productivity & Quality of Life
  • Home Lab & OSS
• Cloud Security
• Application Security
• Study

---

Labs & Workshops

• Cider Security - CICD Goat
• Joshua J - GCP Goat
• OWASP - iGoat
• DigiNinja - Damn Vulnerable Web App
• BishopFox - IAM Vulnerable
• Payatu - DIVA Android
• RhinoSec - Cloud Goat
• Madhukala - Kubernetes Goat
• Under The Wire Powershell Labs
• IKnowJason - Awesome Cloud Labs
• AWS Control Tower Workshop
• NCC Group - Sad Cloud
• BridgeCrew - Terragoat
• FrankWXU - Digital Forensics Lab
• INE Labs - AWS Goat
• Righettod - GraphQL Labs
• OWASP - Web Goat
• DolevF - Damn Vulnerable GraphQL App
• flAWS Cloud
• flAWS 2 Cloud
• flAWS Cloud
• Dhammon - AI Goat
• IKnowJason - PurpleCloud Azure Terraform
• Step Security - GitHub Actions Goat
• Ermetic - CNAPPgoat
• Wiz Labs - K8s Lan Party
• Orca Security - AI Goat
• DERE-ad2001 - Frida Labs
• Bishop Fox - JSON Interop Vuln Lab
• WIZ - EKS Cluster Games
• XMCyber - Azure Goat
• Thunder CTF Cloud

Tools

AI Tools

• Chat GPT
• Jasper AI
• Copy AI Tools
• Brandmark
• Podcastle
• Sea Art
• Futurepedia
• Big Speak AI
• IMG Larger
• This Person Does Not Exist
• AIVA
• Synthesia
• My Heritage
• Civit AI
• Fooocus
• Steve AI
• Fly Fin Tax AI

Web, Mobile & Source

• Frida
• Jaeles
• S0md3v - URO
• NikitaStupin - GraphQL Clairvoyance
• SkyLot - JADX
• Praetorian - NoseyParker
• SensePost - Objection
• BishopFox - GitGot
• SNR DAST Web App Scanner
• ShiftLeftSecurity - SAST-Scan
• Grep App
• CodeGrepper
• AquaSec - Trivy
• Synacktiv - NORD Stream
• Alibaba - Arthas
• set1421 - SecretBench
• Mobile Security Framework
• Streaak - KeyHacks
• Insider Sec - Insider
• Analysis Tools Dev - Static Analysis Tools
• FuzzFaster u Fool
• BreenMachine - HTTP Screenshot
• ProjectDiscovery - Katana
• ProjectDiscovery - HTTPX
• Mschwager - Route Detect
• RedSiege - EyeWitness
• BishopFox - H2C Smuggler
• DoyenSec - InQL
• LC - GetAllUrls
• Hakluke - Hakrawler
• ChiChou - GrapeFruit
• Hakluke - HakTLDExtract
• PortSwigger - Elastic Burp
• Protect AI - VulnHuntr
• SwissKeyRepo - GraphQL Map
• OJ - GoBuster
• HoppScotch
• IvanGoncharov - GraphQL Voyager
• DataDog - DASH
• HahWul - DalFox
• Cloudflare - Flan
• Retire JS
• LC - SubJS
• Hannob - SnallyGaster
• SQL Map
• AloneMonkey - Frida iOS Dump
• Y2Z - Monolith
• SensePost - GoWitness
• Hakluke - HakOriginFinder
• Tomnomnom - HTTProbe
• 1N3 - BlackWidow

AD, M365, OSCP & Pentesting

• SwissKyrepo - PayloadsAllTheThings
• DirkJanm - BloodHound Python
• CISAGov - ScubaGear
• SnaffCon - Snaffler
• RopNOP - KerBrute
• G3han - PowerShell for AD
• J3ssie - Osmedeus
• 1N3 - Sn1per
• Frohoff - YSoSerial
• J3ssie - MetaBigOr
• M8Sec - CrossLinked
• GTFOBins
• LOLBAS
• AAD Internals
• Sensity AI - Deepfake Offensive Toolkit
• ZeroNetworks - BlueHound
• MattKeely - Spoofy
• PowerShellMafia - PowerSploit
• Guardicore - Infection Monkey
• S3cur3Th1sSh1t - PowerSharp
• Mandiant - GoCrack
• BlackLanternSecurity - ManSpider
• Zyn3rgy - LDAPRelayScan
• Ly4k - Certipy
• MPGN - CrackMapExec
• WADComs
• KGretzky - EvilGinx2
• GoPhish
• Beelzebub Honeypot
• Project Discovery - CVEMap

Cloud & Containers

• AquaSecurity - CloudSploit
• Project Discovery - Cloudlist
• Google - GCP Scanner
• Salesforce - CloudSplaining
• DataDog - KubeHound
• GitLab - GCP Enum Script
• GitLab - GCP Open Resource Enum
• Vectra AI - Halbred
• Aquia - SCP Kit
• AWS - IAM Access Key Report
• WellDoneCloud - AWS List Resources
• AWS - IAM CTL
• AWS - EC2 Metadata Mock
• AWS - Cloudformation Guard
• AWS Labs - GuardDuty Tester
• Scribe Public - GitGat
• CridgeCrew - AirIAM
• CloudQuery
• Mondoo - CNQuery
• Invictus IR - Invictus AWS
• Turner Labs - Antiope
• IKnowJason - Edge
• NetSPI - AWS Consoler
• RhinoSecurityLabs - PACU
• NoqDev - IAMbic
• Iann0036 - IAM Live
• IKnowJason - Az Recon
• AWS Labs - K8s Network Policy Migrator
• StealthCopter - DEEPCE
• GoodWithTech - Dockle
• DataDog - Managed Kubernetes Audit Toolkit
• Stackrox
• Shopify - KubeAudit
• Orca Security - IAM AWS Policy Evaluator (APE)
• HauSec - PowerZure
• BridgeCrew - Checkov
• Prowler
• Praetorian - GATO
• Init String - Cloud Enum
• Lyft - Cartography
• VChinniPilli - KubeStriker
• BishopFox - CloudFox
• OpenTofu
• GitLab - Red Team Public Group
• WithSecureLabs - IAMSpy
• NetSPI - GCPwn
• DataDog - Undocumented AWS API Hunter
• Netflix - RepoKid
• RedSkyCyber - AWS Security Resource Dump
• RedHuntLabs - Bucket Loot
• Netflix Skunkworks - Policy Universe
• sleeptok3n - RoleCrawl
• Iximiuz - Kubernetes Explorer
• Alestic - AWS CLI Multi Account Sessions
• SilverHack - Monkey 365
• cr0hn - DockerScan
• OSSF - Scorecard
• ControlPlaneIO - Simulator
• OneMorePerEira - AWS SSO Reported
• Aquia - AWS GuardDuty Runbook Generator
• RhinoSecurityLabs - Cloud Container Attack Tool
• HackmichNet - Az Token Finder
• RhinoSecurityLabs - GCP IAM Privescs
• BloodHoundAD - AzureHound
• Avolens - Kubefuzz
• Falco
• NCC Group - ScoutSuite
• TruffleSec - Driftwood
• Twilio Labs - SOCless

Network Security

• Haccer - SubJack
• Ge0rg3 - AWS API Gateway IP Rotator
• DrWetter - TestSSL.sh
• Aploium - Shootback
• OWASP - Amass
• S0md3v - SMAP
• Hakluke - Hakrevdns
• MiTMProxy
• Tomnomnom - AssetFinder
• ProjectDiscovery - Naabu
• Kaspersky Lab - Tiny Check
• ProjectDiscovery - Nuclei
• Praetorian - FingerprintX
• ProjectDiscovery - SimpleHTTPServer
• ProjectDiscovery - InteractSH
• Erebe - WSTunnel
• ProjectDiscovery - SubFinder
• ProjectDiscovery - DNSX
• ProjectDiscovery - Proxify
• OpenCoff - GoTunnel
• ProjectDiscovery - Uncover
• Ginuerzh - GoST
• NiteFood - ASN
• JPillora - Chisel
• SelaDB - PcapPlusPlus
• Ice3Man543 - SubOver

Other Technical

• Quick Reference
• Sploitus - Exploit Search
• AutoRegex
• GodBolt - Compiler Explorer
• Ciphey
• Google - Tsunami Scanner
• ProjectDiscovery - AIX
• AbdulRhmanAlfaifi - Fennec
• JLess
• Neilotoole - SQ
• GitHub Project Readme Creator
• S0md3v - Dump
• Detection Lab - AD Environment
• Abbbi - SSEnv

General Cybersec

Pentesting & OSCP

• Linux Syscalls 32 bit
• Ignite Technologies - Privesc CheatSheet
• Infosecnayam - OSCP Resources
• AdithyaNayak - OSCP Guide
• Orange CyberDefense - AD Pentesting Cheatsheet
• AD Attacks - AD Pentesting Guide
• HTB - AD Pentesting Cheatsheet
• TurgenSec - Shodan Guide
• Pentesting BIBLE
• WtsxDev - Pentesting Resources
• Linux Syscalls 64 bit
• EnaqX - Awesome Pentest
• 0xffsec - HandBook
• Cure53 - Pentesting Contracts

CTF & Bug Bounty

• 0x0539 - CTF
• Steganography Resources
• Ignite Tech - VulnHub Writeups
• Microcorruption - Embedded CTF
• NGalongC - Bug Bounty Reference
• Devansh B - Bug Bounty Writeups

Cybersecurity

• Bishop Fox - Fuzzing
• Antonio Morales - Fuzzing 101
• Zero Trust Architecture Roadmap
• MSKRP - Hacker Roadmap
• YeahHub Hacking Ebooks
• The Hacker Recipes
• Veeral Patel - How to secure anything
• Cybersecurity Professional Development
• HackTricks
• Cipher387 - Dorks Collection
• Ignite Technologies - Security Mindmaps

Others

Miscellaneous

• Project Based Learning
• Roadmaps for Study
• Cloudsecurity Jobs
• AppSec Interview Questions
• Tech Interview Handbook
• Coding Horror - Basic Computer Games
• Awesome Privacy
• Awesome - Piracy

Productivity & Quality of Life

• Slidesgo Templates
• Cloudwards - Security Tools Reviewed
• Google's .new Registry
• Security List - Personal Security and Privacy
• Fake Name Generator
• Killed By Google
• Privacy Tools IO
• Oh Shit Git
• BenBusby - Whoogle
• Cymath - Math Problem Solver
• Killed By Tech
• NamesoGen - Credit Card Generator
• DanOctavian - Awesome Anti-Censorship
• TinyWow
• Untools
• DoNotPay
• ToS;DR

Home Lab & OSS

• Dockge
• Standard Notes - File Send
• Local Send
• LinkAce
• Formspree GitHub
• PBoGre - JetLog
• Plex
• LardBit - Nefarious
• Proxmox
• NetData
• AdGuard Home
• Portainer
• HayKot - Home Box
• Nginx Proxy Manager
• CorentinTh - IT Tools
• Alexta69 - Me Tube
• Yacht
• BenPhelps - Homepage
• Noco DB
• Frooodle - Stirling PDF
• Omnivore
• Memos
• QBitTorrent (LSIO)
• Casa OS
• Codex Docs
• Paperless NGX
• Excalidraw
• Actual Budget
• SissBruecker - LinkDing
• LinkWarden
• HomeLab OS
• Hoarder - Bookmark Everything
• Awesome SelfHosted
• Tandoor Recipes
• Lago
• Fasten Health
• Asciinema
• KRTirtho - SpoTube
• ToEverything - Affine
• Flameshot Screenshots
• Seal - Video Downloader
• Uptime Kuma
• Formbricks
• StreetWriters - Notesnook
• InvoiceNinja
• Kimai
• BigCapital
• Learnhouse
• Koel
• DocuSeal
• Kestra Orchestratiom
• GCHQ - CyberChef
• Private GPT - Zylon AI
• Solid Invoice
• Baby Buddy
• Facebook - Docusaurus
• EvanBuss - OpenBooks
• SSD Dan Brown - RSS Feed Aggregator
• Monica - Personal Relationship Manager
• Reactive Resume
• Navidrome
• Firefly iii
• Midarr - Media Server
• Rallly
• Huginn
• M4TT72 - Terminal Website
• BookStack
• Docmost
• Flomp - Wanderer
• Swing Music
• 0x2E - Fusion
• Jellyfin
• Tanq16 - Local Content Share
• Tube Archivist
• DeepJyoti30 - YTM-DL
• FileBrowser
• Traggo
• Home Assistant
• Deiucanta - ChatPad

Cloud Security

• Cloud Security Wiki
• Gaining Control over Azure Function Apps
• AWS Samples - Security Reference Architecture Examples
• Rupert BG - AWS Public Account IDs
• AWS EKS Best Practices Guides
• Microsoft Portals Reference Guide
• O3-Cyber - Azure Security Survival Kit
• GoogleCloudPlatform - Security Analytics
• SecurityRunners - CloudCommotion
• PacketMischief - PoLP with Cloudformation StackSets
• Kubernetes - KubeCTL Cheat Sheet
• BishopFox - Kubernetes Bad Pods
• Wiz Security - Cloud Middleware Dataset
• Pulumi - Examples
• AWS Security Cookbook
• AWS Security - Managing Temporary Elevated Access
• CloudSecList
• Primeharbor - Sensitive IAM Actions List
• HackTricks - Cloud
• AWS IAM - Policy Evaluation Logic
• Krol3 - Container Security Checklist
• Glassechidna - TrackIAM
• AWS Samples - AWS Customer Playbook Framework
• AWS IAM - Policies and Permissions in IAM
• Security Wiki - Cloud
• NotSoSecure - Hacking AWS Cognito Misconfigurations
• AWS Samples - SCP Examples
• Zoph IO - AWS Security Survival Kit
• AWS Labs - AWS Break Glass Role
• ClutchSecurity - Federator
• GCP Developer Cheat Sheet
• KelseyHightower - Kubernetes the Hard Way
• GCP Permissions Reference
• AWS Permissions Reference
• Kyuu-Ji - Awesome Azure Pentest
• Siigil - Entra ID Terraform
• GCP Networking 101 Cheat Sheet
• Wiz Security - Public IOC Database
• Hacking The Cloud
• LutzenFried - Offensive Cloud TTPs
• LittleHack3r - Awesome GCP Security
• CloudSecDocs
• Houey - Awesome SCPs
• List of GCP Blogs - 2021
• AidenSteele - AWS Centralized Logs
• Invictus IR - AWS Cheat Sheet
• TrustOnCloud - S3 Threat Model
• RhinoSecurityLabs - GCP IAM Privilege Escalation
• Blackberry - Falco Bypasses
• Cloud Native Security Talks
• Futurice - Terraform Examples
• HackTricks - Kubernetes Pentesting
• HackTricks - Pentesting Docker

Application Security

• OffSecML
• Bypassing Cloudflare
• Frida Codeshare
• OWASP MASVS CheatSheet
• HackTricks - Pentesting GraphQL
• BishopFox - JSON Interoperability Vulnerabilities
• ChentSulin - Awesome GraphQL
• TLDR Sec - Prompt Injection Defenses
• Ignite Technologies - Web App Pentesting CheatSheet
• OWASP - MASTG
• OWASP CheatSheets

Study

• Nightmare Binary Exploitation Course
• WalidShaari - Certified Kubernetes Security Specialist
• Donne Martin - System Design Primer
• BurpSuite Certified Practitioner Study
• AgeRon - Hands-on ML
• YouTube - Kubernetes Hacking Masterclass
• TCMSec - Practical Ethical Hacking Resources
• Google Cloud Skills Boost
• Linux foundation - Building the Simplest Possible Linux System
• FreeCodeCamp - Network Pentesting for Beginners
• TrekhLeb - JS Data Structures & Algorithms
• RPISec - Modern Binary Exploitation
• TechiesCamp - Kubernetes Learning Path
• CodeCrafters - Build Your Own X