A collection of awesome-*
repos (curated resources) related to cybersecurity.
For more awesome repos that are not yet included in this repo, there’s the primary awesome repo and a whole awesome category on GitHub with repos covering many, many subject areas.
This repo is intended for security professionals that are able to adequately assess their personal and corporate threat models. The links provided below have not been deeply evaluated and there is no guarantee whatsoever about their content and risks associated with visiting these links or running programs found in the below repos.
Some repos may contain malware samples and programs like OONI Probe that may expose you to risks such as legal penalties and sanctions depending on your jurisdiction.
Further, due to the adversarial nature of cybersecurity and hacking, it's best to browse these links with a browser that has JavaScript disabled, blocks known malicious hosts, and has had other security hardening and mitigations applied. Suggestions follow.
Proceed Carefully! Some repos may contain harmful content!
Firefox can be dramatically hardened by enabling and disabling specific features. Some good examples of which features should be modified and how, consult the below repositories:
- arkenfox/user.js: Firefox privacy, security and anti-fingerprinting: a comprehensive user.js template for configuration and hardening
- pyllyukko/user.js: user.js -- Firefox configuration hardening
- firefox-legacy-user-profile-customizations: Scripts to configure Firefox profiles
Internet ads have become a popular threat vector. JavaScript also represents a broad attack surface. Disabling these dangerous features is always recommended, but even more so when conducting security research.
- uBlock: uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
- scriptsafe: a browser extension to bring security and privacy to chrome, firefox, and opera
- noscript: The popular NoScript Security Suite browser extension.
- behave: Behave! A monitoring browser extension for pages acting as "bad boi"
- ClearURLs: an add-on that will automatically remove tracking elements from URLs to help protect your privacy when browse the Internet.
Ideally, in depth security research should be conducted from a dedicated machine running a secure OS such as:
Not that while Kali Linux, is designed for "Penetration Testing and Ethical Hacking" it is poorly hardened against attacks itself. DO NOT USE Kali as a daily OS.
General tools and starting points.
- the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
- awesome-cybersecurity-blueteam: A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
- awesome-forensics
- awesome-reversing
- awesome-osint
- awesome-ml-for-cybersecurity
- awesome-yara
- awesome-honeypots
- awesome-cybersecurity-blueteam
- awesome-pcaptools
- awesome-iocs
- Awesome-Hacking-Resources
- Awesome-Hacking
- awesome-pentest-cheat-sheets
- awesome-malware-analysis
- awesome-hacking
- awesome-pentest
- awesome-cve-poc
- macOS-Security-and-Privacy-Guide
- osx-security-awesome
- security-checklist
- personal-security-checklist
- osx-and-ios-security-awesome
- Awesome-Application-Security-Checklist
- Free-Security-eBooks
- awesome-linux-android-hacking
- awesome-serverless-security
- awesome-container-security
- awesome-cloud-security
- awesome-security-audits
- awesome-sdn-security
- awesome-rails-security
- awesome-frontend-security
- awesome-bluetooth-security
- awesome-aws-security
- awesome-security
- awesome-web-security
- awesome-security-trivia