On this page
š”
This site uses affiliate links. Click here to learn more.
Awesome Lists
Awesome lists are carefully curated collections of projects and resources contributed by the community. These lists cover a wide range of topics, from command-line interface applications to fantasy literature, offering something for nearly every interest.
GitHub - sindresorhus/awesome: š Awesome lists about all kinds of interesting topics
š Awesome lists about all kinds of interesting topics - sindresorhus/awesome
sindresorhusTL;DR:
- DeepSeek AI
- Application Security
- Security
- CTF: Capture The Flag.
- Cyber Security University: Free educational resources that focus on learning by doing.
- Malware Analysis
- Android Security
- Hacking
- Hacking Spots
- Honeypots: Deception trap, designed to entice an attacker into attempting to compromise the information systems in an organization.
- Incident Response
- Vehicle Security and Car Hacking
- Web Security: Security of web apps & services.
- Lockpicking: The art of unlocking a lock by manipulating its components without the key.
- Cybersecurity Blue Team: Groups of individuals who identify security flaws in information technology systems.
- Fuzzing: Automated software testing technique that involves feeding pseudo-randomly generated input data.
- Embedded and IoT Security
- GDPR: Regulation on data protection and privacy for all individuals within the EU.
- DevSecOps: Integration of security practices into DevOps.
- Executable Packing: Packing and unpacking executable formats.
- Malware Persistence: Techniques that adversaries use to keep access to systems across restarts.
- EVM Security: Understanding the Ethereum Virtual Machine security ecosystem.
- Password Cracking: The process of recovering passwords from data that has been stored in or transmitted by a system in scrambled form.
- Security Card Games: Train your skills and discuss various security topics.
- Suricata: Intrusion detection/prevention system and network security monitoring engine.
- Prompt Injection: A type of vulnerability that specifically targets machine learning models.
- Detection Engineering: Design, build, and operate detective cybersecurity controls.
Blogs
Many security experts utilize blogs as a medium to disseminate knowledge, increase awareness, and foster the development of the cybersecurity community. Blogs serve as a vital link between technical specialists, businesses, and the public, offering insights, updates, and guidance in a format that is easy to understand.
Go Make Things
A simpler, more resilient way to make things for the web.
Books
More:
Communities
Infosec Exchange
A Mastodon instance for info/cyber security-minded people.
Home page - Black Hills Information Security
We specialize in penetration testing, red teaming, and threat hunting. Let us help you find the holes in your security.
ā My-Ngoc Nguyen
Conferences
Cybersecurity Conferences 2025 - 2026 | Over 3.4K Events
Discover expert insights on cybersecurity trends and best practices. Stay ahead with our comprehensive guides and analysis.
defcon.org
The largest hacking and security conference with presentations, workshops, contests, villages and the premier Capture The Flag Contest.
The Dark Tangent
Security BSides (@SecurityBSidesGlobal@infosec.exchange)
1.47K Posts, 84 Following, 2.16K Followers Ā· Security BSides Global account, managed (for now) by @jack_daniel@mastodon.social.
(Note: tried but canāt verify the wiki, it doesnāt support the rel tag)
Wild West Hackinā Fest @ Mile High 2025 - Wild West Hackinā Fest
This NEW Denver Cybersecurity Conference is taking InfoSec to new heights in 2025! Join us for Wild West Hackinā Fest @ Mile High! Conference and training tickets are now available.
Events
HTB Events
Meetups, webinars, CTFs, industry trade shows, here are all the events Hack The Box is either organizing or attending. Come say hi!
CTFs
A Capture the Flag (CTF) challenge is a competitive event where participants tackle cybersecurity-related tasks to capture āflags,ā which serve as digital trophies. This interactive, game-like format allows individuals and teams to hone their cybersecurity expertise, discover new methods, and enjoy the process.
CTFtime.org / All about CTF (Capture The Flag)
Capture The Flag, CTF teams, CTF ratings, CTF archive, CTF writeups
ctftime team
picoCTF - CMU Cybersecurity Competition
picoCTF is a free computer security education program with original content built on a capture-the-flag framework created by security and privacy experts at Carnegie Mellon University.
National Cyber League
The NCL is a learning-centered cybersecurity competition and community for high school and college students.
Games
Backdoors & Breaches - Black Hills Information Security
This is Backdoors & Breaches, an Incident Response Card Game, from Black Hills Information Security and Active Countermeasures. Backdoors & Breaches contains 52 unique cards to help you conduct incident [ā¦]
Artificial Intelligence
AI - X64
We are an independent publication dedicated to driving innovation, dismantling barriers, and making the impossible a reality across all things cyber.
Machine Learning
Generative Pre-trained Transformer (GPT) is a more recent type of advanced artificial intelligence model developed primarily for generating and understanding human-like text. Itās like having a highly intelligent text-based assistant that can answer questions, create content, translate languages, summarize text, and more.
- Code Copilot: Code Smarter, Build FasterāWith the Expertise of a 10x Programmer by Your Side.
- Cover Letter By masterinterview.ai: Boost interviews with compelling cover letters tailored to job applicationsāsimple, quick, effective.
- Python By Maryam Eskandari: A Python assistant for all skills levels, pre-trained on python.org and stackoverflow.com.
- Python By Nicholas Barker: A highly sophisticated GPT tailored for Python programmers. Optimized for GPT-4o.
Labs
Best Online Cybersecurity Courses & Certifications | HTB Academy
Master cybersecurity with guided and interactive cybersecurity training courses and certifications (created by real hackers and professionals from the field).
HTB Academy
Codewars - Achieve mastery through coding practice and developer mentorship
A coding practice website for all programming levels ā Join a community of over 3 million developers and improve your coding skills in over 55 programming languages!
Vanessa GreeneJanuary 22, 2024
malwareunicorn.org
Provides workshops and resources for reverse engineering in the infosec space.
Master Web Hacking and Security Code Review!
Master penetration testing and security codereview with 600+ exercises and 700+ videos on PentesterLab. Perfect for all skill levels. Start your learning journey today!
Newsletters
Citation Needed
Citation Needed features critical coverage of the cryptocurrency industry and of issues in the broader technology world. It is independently published by Molly White, and entirely supported by readers like you.
OffSec
Offensive Security (OffSec) is a proactive, adversarial approach to cybersecurity, focusing on identifying and exploiting flaws in systems, networks, or applications to enhance their security. The goal of offensive security is to think and act like an attacker to identify weaknesses before they can be exploited.
Get Kali | Kali Linux
Home of Kali Linux, an Advanced Penetration Testing Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.
Download BlackArch
Downloads the netinstall or the live iso by torrent, http or ftp
Programming
The Ultimate Python Beginnerās Handbook
Python has become one of the fastest-growing programming languages over the past few years. Not only it is widely used, it is also an awesome language to tackle if you want to get into the world of programming. This Python Guide for Beginners allows you to learn the core of
Renan Moura Ferreira
More:
Ranges / War Games
Cyber Ranges | SANS Institute
SANS Cyber Ranges focus on the practical application and assessment of cybersecurity training. The ranges enable you and your team to apply skills youāve learned in a curated and isolated environment, that gives you insight into what you are excelling at, and what you need to focus more on.
Umar Javed
Research
arXiv.org e-Print archive
Semantic Scholar | AI-Powered Research Tool
Semantic Scholar uses groundbreaking AI and engineering to understand the semantics of scientific literature to help Scholars discover relevant research.
Tools
GitHub - gchq/CyberChef: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - gchq/CyberChef
gchqTraining
Free Cyber Security Training & Resources | SANS Institute
Free Cyber Security
Web Security Academy: Free Online Training from PortSwigger
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.
Hacking Training For The Best
From beginners to experts, this is where hackers level up! Join today and learn how to hack.
TryHackMe | Cyber Security Training
An online platform for learning and teaching cyber security, all through your browser.
Cybersecurity Training To Face Evolving Threats - Immersive Labs
Cybersecurity training, drills, exercises, and ranges. Immersive Labs strengthens Cyber Workforce Resilience. Get The Human Edge against cyber threats.
Web Application Security
OWASP Foundation, the Open Source Foundation for Application Security | OWASP Foundation
OWASP Foundation, the Open Source Foundation for Application Security on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
Olle Johansson and Benji Visser
OWASP Juice Shop | OWASP Foundation
Probably the most modern and sophisticated insecure web application for security trainings, awareness demos and CTFs. Also great voluntary guinea pig for your security tools and DevSecOps pipelines!
Web Development
This website is built on some exceptional technologies, both open source and freemium.
Publishing Platforms
Open Subscription Platforms
A shared movement for independent subscription data.
Ghost: The best open source blog & newsletter platform
Beautiful, modern publishing with email newsletters and paid subscriptions built-in. Used by Platformer, 404Media, Lever News, Tangle, The Browser, and thousands more.
Ghost Blog Themes
Porto - Multipurpose Ghost theme for blog and newsletter.
Porto is a multipurpose Ghost theme suitable for personal, professional, magazine, brand blogs, and newsletters. The theme is built with a minimalistic approach but it is a fully featured-packedā¦
Web Icons
Remix Icon - Open source icon library
Remix Icon is a set of open source neutral style system symbols elaborately crafted for designers and developers. All of the icons are free to use for both personal and commercial.
Writeups
Writeups are a detailed technical document describing the process of solving a particular challenge, exploit, or security problem in the corporate and academic world. Writeups are typically created after solving CTF challenges, building labs, or even as lessons learned from real-world incidents. They serve as an educational resource, helping the community to understand the steps, tools, and thought processes involved in identifying and addressing vulnerabilities or solving complex technical problems.
InfoSec Write-ups
A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/.
Anangsha Alammyan