--- To be Updated ---
-
HTML5 Security Cheatsheet: What your browser does when you look away
-
Moonshine - Moonshine is a C2 framework with a custom Lua interpreter
-
C2Matrix - C2 framework document
-
The Art of Red Teaming - Blog about red teaming methodologies and techniques by a former NSA Red Teamer
-
Red Team Alliance - An online community of red teamers and security professionals that provides resources, training, and networking opportunities
-
Adversary Emulation Resources - A curated list of tools, techniques, and resources for adversary emulation
-
Offensive Infrastructure Resources - A curated list of tools, techniques, and resources for setting up and maintaining offensive infrastructure
-
EXPLOIT.EDUCATION: exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues
-
Sectools Top 125 Network Security Tools
-
Fiddler: Web Debugging Proxy Tool: Capture all HTTP(S) traffic between your computer and the Internet with Fiddler HTTP(S) proxy. Inspect traffic, set breakpoints, and fiddle with requests & responses
- Maldev Academy - Maldev Academy is a comprehensive malware development course that focuses on x64 malware development, providing knowledge from basic to advanced level
- Full Disclosure Mailing List: A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community
- Bugtraq Mailing List - The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
- BruteLogic Brute XSS: Master the art of Cross Site Scripting
- Philippeharewood Blog These aren't the access_tokens you're looking for
- Tisiphone Blog by Lesley Carhart, Full Spectrum Cyber-Warrior Princess, 20+ year IT industry veteran,speaks and writes about digital forensics and incident response, Industrial Control System Security, OSINT, and information security careers
- Hackaday Hackaday serves up Fresh Hacks Every Day from around the Internet
- Pentester Land: A blog about penetration testing and bug bounty hunting with a focus on automation and tooling.
- PortSwigger Research: Blog by the creators of Burp Suite, covering a wide range of web security topics, from introductory tutorials to advanced exploitation techniques.
- The Hacker Blog: Blog by a team of ethical hackers, covering topics such as web application security, mobile application security, IoT security, and more.
- PwnFunction: A blog focused on cybersecurity research, with articles covering various topics including exploit development, reverse engineering, malware analysis, and more.
- Hacking Articles: A blog with a wide range of tutorials and articles covering various aspects of cybersecurity, from basic concepts to advanced techniques.
- SecureLayer7 Blog: A blog covering various topics related to application security, including vulnerability assessments, penetration testing, and secure development practices.
- FireEye Blog: A blog from cybersecurity firm FireEye, covering topics such as threat intelligence, incident response, and malware analysis.
- Tenable Blog: A blog covering topics related to vulnerability management, network security, and compliance.
- Schneier on Security: A blog by renowned security expert Bruce Schneier, covering a wide range of security topics from cryptography to privacy to surveillance.