Security resources that I collected over the course of 2016

f165_resources-20161222054300.md

Table of contents

1. Bookmarks: Research
2. Bookmarks: Tools
3. Podcasts
4. RSS Feeds

---

Bookmarks: Research

CTF

• Facebook
• Introduction | CTF Field Guide
• Exploit Exercises
• Practice CTF List / Permanant CTF List

Datavis

Dynamic

• Attack Map - Crowdsourced map on recent terrorist attacks around the world
• Blueliv - Cyber Threat Map
• DBIR Attack Graph Analysis
• Digital Attack Map
• FireEye Cyber Threat Map
• Flightradar24.com - Live flight tracker!
• Fortinet Threat Map
• goGeo - Twitter Map
• Home | ESET Virusradar
• InternetAWACS | Jesterscourt
• Kaspersky Cyberthreat real-time map
• Location-based Search | Echosec
• MLS - Map
• Norse Attack Map
• Penetration test lab "Test lab" | Pentestit
• TorFlow
• RIPEstat — Internet Measurements and Analysis
• SenderBase
• https://laurent22.github.io/so-injections/

Infographic

• Anatomy of a Penetration Test
• CAIDA Posters
• Submarine Cable Map
• World’s Biggest Data Breaches & Hacks — Information is Beautiful
• GitHut - Programming Languages and GitHub
• Targeted Cyberattacks Logbook
• Make Your Own DBIR Charts! Part 1 of 4: The tools! | Security Blog
• Visualization Types - Introduction to Data Visualization - LibGuides at Duke University

DFIR

• DFIR and Threat Hunting: Answering those needed questions
• DFIR and Threat Hunting: IR Do's and Don'ts
• Digital Forensics Training | Incident Response Training | SANS
• InfoSec Handlers Diary Blog - Windows Events log for IR/Forensics ,Part 1
• Windows Events log for IR/Forensics ,Part 2 - SANS Internet Storm Center

Exploits

• CVE - Products & Services by Country
• CVE security vulnerability database. Security vulnerabilities, exploits, references and more
• CWE - Common Weakness Enumeration
• CXSECURITY.COM Free Security List
• Exploitalert - database of exploits
• Exploits Database by Offensive Security
• ExploitSearch.net
• Full Disclosure Mailing List
• kernel exploits
• NVD - Search
• OpenBL.org - Abuse Reporting and Blacklisting
• Report a Phishing Page
• Report Suspected Phishing Sites
• SecurityFocus
• Vulnerability & Exploit Database | Rapid7
• Vulnerability Database
• Vulnerability Lab - VULNERABILITY RESEARCH LABORATORY
• Vulnerability Notes
• Vulners - Vulnerability Data Base
• Zero Day Initiative
• WPScan Vulnerability Database

Cheat sheets

Linux

• An A-Z Index of the Bash command line | SS64.com
• ILNMgoa.png (2880×1316)
• Linux Commands - A practical reference
• Linux Newbie Guide: Shortcuts And Commands
• Linux/Unix/BSD Post-Exploitation Command List - Google Docs
• Snifer/security-cheatsheets: A collection of cheatsheets for various infosec tools and topics.
• System Hardening Guide
• TB Unix Cheat Sheet
• Basic Linux Privilege Escalation
• Local Linux Enumeration & Privilege Escalation Cheatsheet - Rebootuser

Mac

• drduh/OS-X-Security-and-Privacy-Guide: A practical guide to securing OS X

• OSX Post-Exploitation - Google Docs

• An A-Z Index of the Apple OS X command line | SS64 Command line reference

Metasploit

• Metasploit 4.5.0-dev.15713 Cheat Sheet by huntereight - Cheatography.com: Cheat Sheets For Every Occasion
• Metasploit Cheat Sheet and Video - TunnelsUP
• Metasploit Post Exploitation Command List - Google Docs
• misc_tools_sheet_v1.pdf
• Msfconsole Commands - Metasploit Unleashed

Misc

• GitHub - nwinkler/atom-keyboard-shortcuts: A list of keyboard shortcuts for the Atom text editor
• W3m cheat sheet · janosgyerik/cheatsheets Wiki
• Hackerstrip - Photo stories made with Exposure
• Wolfram|Alpha: Computational Knowledge Engine

Networking

• CaptureFilters - The Wireshark Wiki
• DisplayFilters - The Wireshark Wiki
• https://www.snort.org/rule_docs/
• Packetlevel.ch
• Router Security Checklist
• SampleCaptures - The Wireshark Wiki
• WPS Flaw Vulnerable Devices - Google Sheets
• Cheat Sheets - PacketLife.net
• https://gist.githubusercontent.com/jgamblin/da795e571fb5f91f9e86a27f2c2f626f/raw/0e5e53b97e372a21cb20513d5064fde11aed844c/commonssids.txt
• https://www.gasmi.net/tcp.php
• OSI MODEL
• snort rule infographic final nobleed

Papers

• All Publications | The MITRE Corporation
• Black Hat | Archives
• ICS-CERT Monitor Newsletters | ICS-CERT
• IEEE Xplore Digital Library
• Incident Management Research | The CERT Division
• Internet Engineering Task Force (IETF)
• NASA Technical Reports Server (NTRS) - Basic Search
• National Institute of Standards and Technology
• NIST Computer Security Publications - Home
• Research at Google
• Research Publications - NSA/CSS
• SANS Institute: Reading Room
• Security Response White Papers | Symantec
• Service Name and Transport Protocol Port Number Registry
• STI Information Security Laboratory
• Technical White Papers

Pentesting

Cheat sheets

• Articles | Corelan Team
• Cheat Sheets
• Cheat Sheets | pentestmonkey
• FuzzySecurity | Tutorials
• pentestmonkey | Taking the monkey work out of pentesting
• PwnWiki.io
• Payloads · hak5darren/USB-Rubber-Ducky Wiki · GitHub
• HarmJ0y/CheatSheets: Cheat sheets for various projects.
• IT and Information Security Cheat Sheets
• jshaw87/Cheatsheets: Penetration Testing/Security Cheatsheets
• osintframework.com

Lists

• The Ultimate List of 100+ Information Security Resources - Hacker Lists

• SANS List of Penetration Testing Tips Sheets, Downloads and pdfs

• Security_list/README.md at master · zbetcheckin/Security_list

• Offensive Security Bookmarks – EK

• juliocesarfort/public-pentesting-reports: Curated list of public penetration test reports released by several consulting firms and academic security groups

• GitHub - enaqx/awesome-pentest: A collection of awesome penetration testing resources, tools and other shiny things

• Google Code Archive - Long-term storage for Google Code Project Hosting.

• Mind Maps

• Penetration Testing Framework 0.59

• Penetration Testing Methodology - 0DAYsecurity.com

• Penetration Testing Tips & Tricks - Paul's Security Weekly

• shell-storm | Shellcodes Database

• rule_based_attack * hashcat wiki

• Obscure Systems (AIX, Embeded, etc) Post-Exploit Command List - Google Docs

Physical

• Dictionary of Locksmithing Terms
• Lockwiki

Reversing

• 26 Awesome Android Reverse Engineering Tools - Hacker Lists
• asmjit/asmdb: Database of a complete X86/X64 instruction set.
• Calling conventions
• cheat sheet reverse v5.png (2495×1701)
• GDB Cheat Sheet
• gdb-refcard.pdf
• Intel Assembler CodeTable 80x86 - Overview of instructions
• pwndbg/FEATURES.md at master · pwndbg/pwndbg

Web

Cheat sheets

• HTML5 Security Cheatsheet
• OWASP Cheat Sheet Series - OWASP
• OWASP Top Ten Cheat Sheet - OWASP
• security-guide-for-developers/security-checklist.md at master · FallibleInc/security-guide-for-developers
• Web Application Security Testing Cheat Sheet - OWASP
• XSS Filter Evasion Cheat Sheet - OWASP
• xss-owasp-cheatsheet
• FallibleInc/security-guide-for-developers: Security Guide for Developers (实用性开发人员安全须知)
• OpenStack Docs: OpenStack Security Guide
• paragonie/awesome-appsec: A curated list of resources for learning about application security
• Reverse Shell Implementation in PHP5
• Secure Messaging Scorecard | Electronic Frontier Foundation
• SecurePasswords.info | Home
• The OWASP Testing Framework - OWASP
• The Web Application Security Consortium / Threat Classification
• Wiki | droidsec.org

Windows

Cheat sheets

• An A-Z Index of the Windows CMD command line | SS64.com
• C:\Users\wframe\Downloads\PowerShell Cheat Sheet.xps
• EasyDOS Command Index
• JPCERT/CC Blog: Windows Commands Abused by Attackers
• Keyboard Shortcuts for the Windows PowerShell ISE
• List Of All Available Windows CMD Commands
• Powershell Reconnaissance - TrustedSec - Information Security
• These Aren’t Yo Momma’s WMIC Commands – Half Full of Security
• Windows command prompt Keyboard shortcuts | Windows CMD | SS64.com
• Windows Post-Exploitation Command List - Google Docs

Lists

• GitHub - enddo/awesome-windows-exploitation: A curated list of awesome Windows Exploitation resources, and shiny things. Inspired by awesom
• Microsoft Malware Protection Center - Malware help
• Microsoft Patch Days - SANS Internet Storm Center
• Microsoft Support Lifecycle
• SANS Digital Forensics and Incident Response Blog | WMIC for incident response | SANS Institute

---

Bookmarks: Tools

Defensive security

DLP

• MyDLP | Download Data Leakage Prevention Software from Comodo
• OpenDLP - Free & Open-Source Data Loss Prevention (DLP) Tool - Darknet

Lists

• ThreatHunting/hunts at master · ThreatHuntingProject/ThreatHunting
• Download Microsoft Baseline Security Analyzer 2.3 (for IT Professionals) from Official Microsoft Download Center
• Drive Permissions Auditor - Google Sheets add-on
• GRC's | Password Haystacks: How Well Hidden is Your Needle?
• unfurlr

Digital Forensics

• Automated Memory Analyzer For Malware Samples: VolatilityBot
• binvis.io
• Category:Tools - ForensicsWiki
• Digital Image Forensic Analyzer - imageforensic.org
• EXIF Data Viewer
• Fast Copy
• Forensically, free online photo forensics tools - 29a.ch
• Free IT forensic software | Free computer forensic software tools | Forensic Control
• RT for Incident Response — Best Practical Solutions
• WMI Explorer - Home
• 8 Best Memory Analysis Tools in September 2016 - Hacker Lists
• Autopsy
• DEFT Linux - Computer Forensics live CD |
• CAINE Live USB/DVD - computer forensics digital forensics
• SANS SIFT Kit/Workstation: Investigative Forensic Toolkit Download

Exploits/malware

Scanners

Malware

• Automated Malware Analysis - Joe Sandbox Reports
• Deepviz - Analyze
• Free Automated Malware Analysis Service - powered by VxStream Sandbox
• FREE Online Website Malware Scanner | Website Security Monitoring & Malware Removal | Quttera
• Google Custom Search
• Gooligan Checker | Check Point Software
• Malwr - Malware Analysis by Cuckoo Sandbox
• Manalyzer
• Sucuri SiteCheck - Free Website Malware Scanner
• VirusTotal - Free Online Virus, Malware and URL Scanner
• ZeuS Tracker :: Monitor

Ransomware

• Breaking Free: A list of ransomware decryption tools and keys - Security Thinking Cap by Eric Vanderburg
• ID Ransomware
• MD5 Decrypter - MD5 Decryption, Free MD5 Decryptor, Online MD5 Cracker, MD5 Security
• MD5 Online | MD5 Decrypter - Free Online MD5 Hash Decoder, Decrypt Password
• Online Free Hash Identification : analyze 250+ algorithms | Online Hash Crack
• SSL Server Test (Powered by Qualys SSL Labs)
• The No More Ransom Project

Website

• Is it Hacked?

• OpenPhish - Phishing Intelligence Feeds

• PhishTank | Join the fight against phishing

• Redirect Checker | Check your Statuscode 301 vs 302

• Rex Swain's HTTP Viewer

• Safe Browsing Site Status – Transparency Report – Google

• ThreatLog: Track Malicious Domains

• URL/IP Lookup | Webroot BrightCloud

• ShellCheck – shell script analysis tool

• Test your server for Heartbleed (CVE-2014-0160)

• Threat Crowd | Threatcrowd.org Open Source Threat Intelligence

• ThreatExpert - Automated Threat Analysis

• Unicode Converter - Unicode, decimal, and text converter

• AlienVault - Open Threat Exchange

Source

• Malc0de Database
• Malware - Clean MX - realtime
• Malware Domain List
• Open Malware
• Recent Malicious | Domain | Malwaregroup
• scumware.org - Just another free alternative for security and malware researchers.
• VX Vault
• ZeuS Tracker :: Monitor
• Library (VX heaven)
• The Malware Museum : Free Software : Download & Streaming : Internet Archive
• VirusShare.com
• Malware.lu - Home
• MalShare - Home
• contagio

Ransomware

• Breaking Free: A list of ransomware decryption tools and keys - Security Thinking Cap by Eric Vanderburg
• ID Ransomware
• MD5 Decrypter - MD5 Decryption, Free MD5 Decryptor, Online MD5 Cracker, MD5 Security
• MD5 Online | MD5 Decrypter - Free Online MD5 Hash Decoder, Decrypt Password
• Online Free Hash Identification : analyze 250+ algorithms | Online Hash Crack
• SSL Server Test (Powered by Qualys SSL Labs)
• The No More Ransom Project
• Automated Malware Analysis - Joe Sandbox Reports
• Deepviz - Analyze
• Free Automated Malware Analysis Service - powered by VxStream Sandbox
• FREE Online Website Malware Scanner | Website Security Monitoring & Malware Removal | Quttera
• Google Custom Search
• Is it Hacked?
• Malwr - Malware Analysis by Cuckoo Sandbox
• Manalyzer
• OpenPhish - Phishing Intelligence Feeds
• Redirect Checker | Check your Statuscode 301 vs 302
• Rex Swain's HTTP Viewer
• Safe Browsing Site Status – Transparency Report – Google
• ShellCheck – shell script analysis tool
• Sucuri SiteCheck - Free Website Malware Scanner
• Test your server for Heartbleed (CVE-2014-0160)
• Threat Crowd | Threatcrowd.org Open Source Threat Intelligence
• ThreatExpert - Automated Threat Analysis
• ThreatLog: Track Malicious Domains
• Unicode Converter - Unicode, decimal, and text converter
• URL/IP Lookup | Webroot BrightCloud
• urlquery.net - Free URL scanner
• VirusTotal - Free Online Virus, Malware and URL Scanner
• ZeuS Tracker :: Monitor
• Gooligan Checker | Check Point Software

Intelligence gathering

Breaches

• Find the source of your leaks
• Have I been pwned? Check if your email has been compromised in a data breach

Contacts

• B2B Database of Detailed & Accurate Contact Information | ZoomInfo
• Email Hunter - Find email addresses in seconds
• Lusha
• Namechk | Username & Domain Search
• Pipl - People Search
• Verify Email Address Online - Free Email Verifier - Free Email Address Verification

WHOIS

• ARIN WHOIS IP Address Database Search - iTools
• Censys
• DNSdumpster.com - dns recon and research, find and lookup dns records
• Identify websites involved in malware incidents, fraudulent and spamming activities
• Internet Archive: Digital Library of Free Books, Movies, Music & Wayback Machine
• IP Address Blacklist Checker Tool
• ip2host | Find hostnames resolving to the same IP address
• IVRE — Network recon framework
• Network Tools: DNS,IP,Email
• Open Port Check Tool - Test Port Forwarding on Your Router
• PunkSPIDER
• Shodan
• Whois Lookup, Domain Availability & IP Search - DomainTools
• ZoomEye - Cyberspace Search Engine
• Google Hacking Database, GHDB, Google Dorks
• Google Hacking Diggity Project Resources - Bishop Fox
• Google Trends
• Harmari Search
• Naming Schemes
• Oryon Portable - OSINTINSIGHT | Advanced OSINT Tools
• OSINT Search Tool by Michael Bazzell | Open Source Intelligence Techniques
• Terbium Labs Matchlight
• U.S. District Court and U.S. Court of Appeals Cases, Dockets and Filings :: Justia Dockets & Filings
• World of VNC
• Social Collider: ready to collide

Networking

• About the HTCIA
• Check MX: DNS sanity checker.
• CloudShark - The easiest way to analyze and share network capture files. | CloudShark
• Free Dynamic DNS - Managed DNS - Managed Email - Domain Registration - No-IP
• Free Online Privacy Checkup - Provided by IPVanish
• Hotel WiFi Test: Find Hotels with Fast WiFi
• IANA — Root Zone Database
• Internet-Wide Scan Data Repository
• IP/DNS Detect - What is your IP, what is your DNS, what informations you send to websites.
• myLG - Network Diagnostic Tool
• Snort Rules and IDS Software Download
• Subnet.im - Subnet Calculator
• Web-based DNS Randomness Test | DNS-OARC
• ZMap · The Internet Scanner

Offensive security

Lists

• Kali Linux Tools Listing | Penetration Testing Tools
• Miscellaneous Pen Testing, Reverse Engineering and Forensic Tools. - Google Sheets
• Penetration Testing Tools Cheat Sheet
• Software used in Mr. Robot - AlternativeTo.net
• zardus/ctf-tools: Some setup scripts for security research tools.
• Top 10 Best Wi-Fi Hacking Apps For Android » TechWorm
• OSINT Tools - Recommendations List | Subliminal Hacking

Phishing

• Gophish - Open Source Phishing Framework
• Home - Phishing Frenzy - Manage Email Phishing Campaigns - Penetration Testing
• SecurityIQ - InfoSec Institute
• CrackStation - Online Password Hash Cracking - MD5, SHA1, Linux, Rainbow Tables, etc.
• FaradaySEC | Multiuser Pentest Environment
• Hpak - package manager for pentesters.
• KaliBrowser – JGamblin.com
• Pentest Networks from a Browser | Black Squirrel
• PentestBox Tools
• pwntools — pwntools 3.0.4 documentation
• Sandcat Browser - The Pen Tester's Browser
• Spoof Calls & Change Your Caller ID | SpoofCard
• Two Factor Auth List
• XSS Hunter

Privacy

• Dead Drops Database
• Inky
• Privacy Rights Clearinghouse
• Trackography - Who tracks you online?
• Try Matrix Now! | Matrix.org
• Send anonymous email with the most secure mailer
• That One Privacy Site | Simple VPN Comparison Chart
• DNS leak test - Test now your DNS and privacy settings | Hidester
• DNS leak test

Reverse engineering

• DevSpace
• Free Virtual Machines from IE8 to MS Edge - Microsoft Edge Development
• RunKit is Node prototyping
• x64dbg
• Project Springfield
• Home

System administration

• ChooseMyPC.net | Cookie Cutter PC Build Generator
• Codeshare - Share code real-time in your browser - Codeshare
• Desktop APM: actions per minute for every application
• Free Tool for AD Auditing
• MailTester.com
• maru
• Microsoft Surface Diagnostic Toolkit (Windows)
• NirSoft - freeware utilities: password recovery, system utilities, desktop utilities
• PowerCLI Core
• PowerShell Server | Secure Remote Access to PowerShell Over SSH
• Prey | Track & find stolen Phones, Tablets and Laptops
• Remmina | Remote Desktop Client for Linux
• SPF Query Tool
• TurnKey GNU/Linux: 100+ free ready-to-use system images for virtual machines, the cloud, and bare metal.
• Website Availability Test - Uptrends
• New Tab
• That One Privacy Site | Welcome

---

Podcasts

• Brakeing Down Security podcast
• PVC Security
• The Social-Engineer Podcast
• The Cybersecurity Podcast
• The Standard Deviant Security Podcast
• Packet Pushers » Podcast Episodes
• Exchange Server Pro Podcast: Exchange On-Premises
• Paul's Security Weekly
• CyberSpeak's Podcast
• Risky Business
• Down the Security Rabbithole
• Liquidmatrix Security Digest Podcast
• SurfWatch Cyber Risk Roundup
• InfoSecond
• The Changelog
• The Southern Fried Security Podcast
• The CyberWire
• Hurricane Labs InfoSec Podcast
• The Cloudcast
• STEAL THIS SHOW
• RunAs Radio
• CyDefe
• CERT's Podcast Series
• Cigital » The Silver Bullet Security Podcast
• Defrag Tools
• Digital Forensic Survival Podcast
• Going Deep
• The Linux Action Show!
• Defensive Security Podcast
• Exploring Information Security
• Hak5
• LINUX Unplugged Podcast
• The Shared Security Podcast
• Security Current podcast
• Channel 9
• 2 Minute CyberSecurity Briefing
• Advanced Persistent Security
• The CyberJungle TrustedSec Security Podcast
• ROOT ACCESS
• Dallas Hackers Association/ShadowCast

---

RSS Feeds

Blogs

• [RSS] Exploit Monday
• [RSS] Another Forensics Blog
• [RSS] Hexacorn Ltd
• [RSS] The Invisible Things
• [RSS] Jump ESP, jump!
• [RSS] Hacks4Pancakes' tisiphone.net
• [RSS] Jeremiah Grossman
• [RSS] wirewatcher
• [RSS] Troy Hunt's Blog
• [RSS] Cheeky4n6Monkey
• [RSS] gkbrk.blog();
• [RSS] danielmiessler.com
• [RSS] CyberWatch
• [RSS] benjojo blog
• [RSS] rvrsh3ll’s Blog
• [RSS] Hacking Exposed Computer Forensics Blog
• [RSS] OSINT Heaven
• [RSS] Schneier on Security
• [RSS] Irongeek's Security Site
• [RSS] TrustedSec – Information Security
• [RSS] Carnal0wnage & Attack Research Blog
• [RSS] Room362
• [RSS] Reverse Engineering Mac OS X
• [RSS] @lnxdork ♘
• [RSS] Exploring Possibility Space
• [RSS] Collin R. Mulliner
• [RSS] ØSecurity
• [RSS] Misguided Security
• [RSS] Stories by Rob Fuller on Medium
• [RSS] Just another hacker
• [RSS] CQURE Academy
• [RSS] Frontline Sentinel
• [RSS] Security Padawan
• [RSS] nselby.github.io
• [RSS] g0tmi1k
• [RSS] red|blue
• [RSS] NetSec/Threat Intel
• [RSS] Windows Incident Response
• [RSS] Kelsey D. Atherton
• [RSS] Stories by tiffany jernigan on Medium
• [RSS] JestersCourt
• [RSS] idzer0
• [RSS] A Few Thoughts on Cryptographic Engineering
• [RSS] DFIR and Threat Hunting
• [RSS] Stories by Kevin Beaumont on Medium
• [RSS] Stories by Justin Schuh on Medium
• [RSS] Paul Graham
• [RSS] Malicious Link
• [RSS] Jessie Frazelle's Blog
• [RSS] harmj0y
• [RSS] Krebs on Security
• [RSS] Karaface
• [RSS] Miss Info Geek
• [RSS] WebBreacher's Hacking and Hiking Blog
• [RSS] malwarefor.me
• [RSS] jessysaurusrex
• [RSS] The Hacker who Rolls
• [RSS] Liquidmatrix Security Digest
• [RSS] Bulb Security
• [RSS] natashenka
• [RSS] Journey Into Incident Response
• [RSS] Simone Giertz
• [RSS] Liam Cleary [MVP]
• [RSS] Stories by Hunchly on Medium
• [RSS] Packet Foo | Analyzing network packets since 2003
• [RSS] Hot Monthly Questions
• [RSS] ColeSec Security
• [RSS] popped.io
• [RSS] The Code Files
• [RSS] sarahjeong dot net
• [RSS] Stories by the grugq on Medium
• [RSS] Lenny Zeltser
• [RSS] PenTesting
• [RSS] CSOAndy: Protecting a Better Internet
• [RSS] Eric Conrad
• [RSS] FoxGlove Security
• [RSS] SECURED.ORG
• [RSS] Thoughts on Security
• [RSS] Security Thinking Cap by Eric Vanderburg
• [RSS] Breaking Malware
• [RSS] GracefulSecurity
• [RSS] Coffee To Code
• [RSS] JL's stuff
• [RSS] CounterMeasures – A Security Blog
• [RSS] OJ's perspective
• [RSS] Mark Burgess, Oslo: Personal
• [RSS] mac4n6.com
• [RSS] Didier Stevens
• [RSS] XPN Security
• [RSS] JerryGamblin.com
• [RSS] Ben0xA
• [RSS] Mark Russinovich
• [RSS] The Security Sleuth
• [RSS] enigma0x3
• [RSS] Stderr
• [RSS] Security for Real People
• [RSS] Decent Security
• [RSS] Smarter Forensics
• [RSS] Security and risk
• [RSS] Stories by Matt Suiche on Medium
• [RSS] binary foray
• [RSS] This Week In 4n6
• [RSS] tekwizz123's Blog
• [RSS] Adam Elkus
• [RSS] Genuine Curiosity by Dwayne Melancon
• [RSS] Zone13.io
• [RSS] Idoneous Security
• [RSS] gynvael.coldwind//vx.log (en)
• [RSS] My thoughts on AppSec
• [RSS] ra6bit.com
• [RSS] Secure Ideas
• [RSS] Clever Title Goes Here
• [RSS] Shell is Only the Beginning
• [RSS] 4n6k
• [RSS] wald0.com
• [RSS] Errata Security
• [RSS] As I blog.
• [RSS] 4n6ir

Pentesting

• [RSS] Cybrary
• [RSS] Detectify Labs
• [RSS] Security Sift
• [RSS] The Road Less Traveled By
• [RSS] Cатсн²² (in)sесuяitу / ChrisJohnRiley
• [RSS] Secplicity
• [RSS] Forensic Focus
• [RSS] DEF CON Announcements!
• [RSS] PortSwigger Web Security Blog
• [RSS] Darknet – The Darkside
• [RSS] Metasploit
• [RSS] SANS Penetration Testing
• [RSS] DFIR blog
• [RSS] Ethical Hacking Tutorials, Tips and Tricks
• [RSS] Kali Linux
• [RSS] spylogic.net
• [RSS] BlackOps
• [RSS] Corelan Team
• [RSS] NetSPI Blog
• [RSS] Whitehatters Academy
• [RSS] Offensive Security
• [RSS] CyberPunk
• [RSS] Penetration Testing
• [RSS] pentestmonkey
• [RSS] tssci-security
• [RSS] SensePost
• [RSS] The World of IT & Cyber Security: ehacking.net
• [RSS] Question Defense
• [RSS] Portcullis Labs
• [RSS] Strategic Cyber LLC
• [RSS] Rapid7 Community
• [RSS] OpenDNS Umbrella Blog
• [RSS] DigiNinja
• [RSS] ToolsWatch.org – The Hackers Arsenal Tools Portal
• [RSS] Pentestmag
• [RSS] Bernardo Damele A. G.
• [RSS] Blog – NotSoSecure
• [RSS] Signal Sciences Labs - Medium
• [RSS] The Offensive Security Blog – Offensive Security
• [RSS] Security on the edge
• [RSS] Nullthreat Security
• [RSS] Null Byte « WonderHowTo

Industry

• [RSS] Dark Reading
• [RSS] Cylance Blog
• [RSS] Nextgov - All Content
• [RSS] Blog – Bishop Fox
• [RSS] Acalvio » Feed
• [RSS] CSO Online News
• [RSS] Andrew Hay
• [RSS] Hakin9 – IT Security Magazine
• [RSS] Daily Dave
• [RSS] SecurityWatch
• [RSS] The State of Security
• [RSS] Cyber Defense
• [RSS] Info Security News
• [RSS] Jeremiah Grossman
• [RSS] The Security Blogger
• [RSS] Secure Coding
• [RSS] Carbon Black
• [RSS] Help Net Security
• [RSS] The Hacker News
• [RSS] Security Affairs
• [RSS] DigitalOcean Blog
• [RSS] Netsparker, Web Application Security Scanner
• [RSS] Active Directory Security
• [RSS] Microsoft Secure Blog
• [RSS] BreachExchange
• [RSS] Web App Security
• [RSS] InfoSec Resources
• [RSS] BankInfoSecurity.com RSS Syndication
• [RSS] Security Intelligence
• [RSS] Google Online Security Blog
• [RSS] Educause Security Discussion
• [RSS] AlienVault Labs Blog
• [RSS] Speaking of Security – The RSA Blog
• [RSS] CUInfoSecurity.com RSS Syndication
• [RSS] News ≈ Packet Storm
• [RSS] Graham Cluley
• [RSS] The Official Blog from Kaspersky Lab
• [RSS] Threatpost | The first stop for security news

Networking

• [RSS] NetCraftsmen
• [RSS] Packet Pushers - Blog Feed
• [RSS] PacketLife.net Blog
• [RSS] Palo Alto Networks Blog

General

• [RSS] D-Wave Systems
• [RSS] Product Hunt
• [RSS] Mahsa Alimardani
• [RSS] Docker Blog
• [RSS] TechWorm
• [RSS] Hackaday
• [RSS] ExtremeTechExtremeTech
• [RSS] Windows Secrets
• [RSS] Linux Journal - The Original Magazine of the Linux Community
• [RSS] Windows OS Hub
• [RSS] Open Source For You
• [RSS] Ars Technica
• [RSS] Signal v. Noise - Medium
• [RSS] Hacker Lists
• [RSS] Professor Messer IT Certification Training Courses
• [RSS] CCDCOE
• [RSS] From Ravikanth's Blog
• [RSS] Motherboard
• [RSS] Slashdot: Linux
• [RSS] CTFtime.org
• [RSS] Windows IT Pro

Privacy

• [RSS] Automating OSINT Blog
• [RSS] Security Through Education
• [RSS] Deep Dot Web
• [RSS] Guardian Project
• [RSS] The Intercept
• [RSS] TorrentFreak
• [RSS] The Torist

Research

• [RSS] The Laws of Vulnerabilities – Network Security Blog | Qualys, Inc.
• [RSS] Arbor Threat Intelligence
• [RSS] OpenDNS Umbrella Blog
• [RSS] Malwarebytes Labs
• [RSS] Light Blue Touchpaper
• [RSS] Threat Research – Cisco Blog
• [RSS] Portcullis Labs
• [RSS] HACKMAGEDDON
• [RSS] NIST News and Events
• [RSS] Talos Blog
• [RSS] Endgame's Blog
• [RSS] Volatility Labs
• [RSS] SANS Industrial Control Systems Security Blog
• [RSS] SANS Digital Forensics and Incident Response Blog
• [RSS] Microsoft Malware Protection Center
• [RSS] AppSec Street Fighter
• [RSS] Recorded Future
• [RSS] Automated Malware Analysis
• [RSS] The OpenStack Blog
• [RSS] CyberArk
• [RSS] MalwareTech
• [RSS] Threat Research Blog

Bulletins

• [RSS] SpiderLabs Blog from Trustwave
• [RSS] Advisory Files ≈ Packet Storm
• [RSS] CXSECURITY Database RSS Feed - CXSecurity.com
• [RSS] Snort Blog
• [RSS] Exploit Files ≈ Packet Storm
• [RSS] US-CERT Current Activity
• [RSS] Exploit-DB Updates
• [RSS] US-CERT Bulletins
• [RSS] SecurityFocus Vulnerabilities
• [RSS] OSVDB
• [RSS] Adobe Product Security Incident Response Team (PSIRT) Blog
• [RSS] Debian Security
• [RSS] Bugtraq
• [RSS] HackerOne
• [RSS] ZDI: Published Advisories
• [RSS] Microsoft Security Bulletins
• [RSS] US-CERT Alerts
• [RSS] National Vulnerability Database
• [RSS] CERT Recently Published Vulnerability Notes
• [RSS] Full Disclosure
• [RSS] Open Source Security

---

Published by OS-23785