Rawsec's CyberSecurity Inventory

An inventory of tools and resources about CyberSecurity.

Resources

Note: Paid resources may exist in a free limited version or a demo version

Bug bounty and disclosure platforms

Name Link Description Price
Bounty Factory [Website] European bug bounty platform based on the legislation and rules in force in european countries, by YesWeHack Free
bugcrowd [Website] Bug bounty platform Free
FireBounty [Website] Bug bounty program aggregator Free
HackerOne [Website] Bug bounty platform Free
Open Bug Bounty [Website] Non-profit bug bounty platform Free
SSD [Website] SecuriTeam.com Secure Disclosure Free
ZeroDisclo.com [Website] Coordinated disclosure platform by YesWeHack Free

Challenges platforms

Name Link Description Price
ae27ff [Website] Challenge platform Free
Backdoor [Website] Practice area with some past CTF challenges Free
Begin.re [Website] Binary reverse guided challenges for beginners Free
CanYouHack.It [Website] Challenge platform Free
Challenge Land [Website] Challenge platform Free
Cryptopals [Website] Crypto challenges platform Free
CTFLearn [Website] Challenge platform Free
Electrica [Website] Programming, cryptography challenges Free
EnigmaGroup [Website] Challenge platform Free
Exploit Exercises [Website] VMs, documentation and challenges Free
Gekkó [Website] Challenge platform Free
Graker [Website] Binary challenges having a slow learning curve, and write-ups for each level (SSH connection) Free
Hack The Box [Website] Challenge platform Free
Hack This Site [Website] Challenge platform and community Free
HackBBS [Website] Challenge platform and community Free
HackCenter [Website] Private challenge platforms Free
Hacker Gateway [Website] Challenge platform Free
Hacker.org [Website] Challenge platform Free
Hacking Lab [Website] Challenge platform with teachers and solutions Free
HackThis!! [Website] Challenge platform Free
IO [Website] Binary challenges (SSH connection) Free
LOST-Chall [Website] Challenge platform Free
Mod-X [Website] Challenge platforms through a fictional game Free
Net-Force [Website] Challenge platform Free
NCP [Website] NICE Challenge Project by the NIST and the NSA (for American students only) Free
Over The Wire [Website][Source] Challenge platform Free
PentesterLab [Website] Pentest lab Paid
Practical Pentest Labs [Website] Pentest lab Paid
Pwnable.kr [Website] Pwn challenges Free
pwnable.tw [Website] Pwn challenges Free
PwnerRank [Website] Challenge platform Free
Rankk [Website] Programming, cryptography challenges Free
RedTigers Hackit [Website] PHP / SQL challenge platform Free
Reversing.Kr [Website] Cracking and Reverse Code Engineering challenge platform Free
Revolution Elite [Website] Math and programming challenges Free
Ringzer0Team [Website] Challenge platform Free
Root-me [Website] Challenge platform Free
RoseCode [Website] Challenge platform Free
Security Traps [Website] Challenge platform Free
SmashTheStack [Website] Mostly binary challenges Free
Solve Me [Website] Challenge platform Free
SPOJ [Website] Programming challenges Free
Stereotyped Challenges [Website] Web challenges Free
Tasteless [Website] Challenge platform Free
TheBlackSheep [Website] Challenge platform Free
ThisisLegal.com [Website] Challenge platform Free
TryThis0ne [Website] Challenge platform Free
Valhalla [Website] Challenge platform and community Free
VulnHub [Website] VM-based challenges Free
WebHacking [Website] Web challenges Free
W3Challs [Website] Challenge platform Free
WeChall [Website] Challenge platform Free
wixxerd [Website] Challenge platform Free
WTHack [Website] Challenge platform Free
yoire [Website] Challenge platform Free
Zenk-security [Website] Challenge platform and community Free
ZSIS CTF [Website] Challenge platform Free
µContest [Website] Programming challenges Free

CVE

Name Link Description Price
Archlinux security issues [Website] CVE affecting Archlinux Free
CVE Details [Website] Advanced CVE datasource Free
Debian security issues [Website] CVE affecting Debian Free
Mitre [Website] CVE datasource standard Free
NVD [Website] CVE datasource Free
Red Hat security issues [Website] CVE affecting Red Hat Free
Saucs [Website] Customizable CVE dashboard, track vulnerabilities that concern you Free
SUSE security issues [Website] CVE affecting SUSE Free
Ubuntu security issues [Website] CVE affecting Ubuntu Free

Events

Name Link Description Country Price
CTF TIME [Website] World CTF agenda Online Free
DEF CON [Website] Security contest: conferences, workshops and CTF United States of America Paid
FIC [Website] Security contest: forum, conferences, workshops and CTF France Free
GreHack [Website] Security contest: conferences, workshops and CTF France Paid
Hack In Paris [Website] Security conferences France Paid
Nuit Du Hack [Website] Security contest: conferences, workshops and CTF France Paid
SecurityCTF (reddit) [Website] Community for security CTF announcements and writeups Online Free
SSTIC [Website] Security conferences France Paid

Information

Knowledge and tools

Name Link Description Price
ctf-tools [Source] Setup scripts for security tools Free
Forensics Wiki [Website] Forensics tips and tools Free
Guifre [Website] Security, system and network cheatsheets Free
HTML5 Security Cheatsheet [Website] XSS vector making use of HTML5, HTML4, CSS, DOM, UFT7, SVG, JSON, etc ... Free
MD5 maxmin record [Website] Collection of various extremes of MD5 hashes Free
PTES [Website] The penetration testing execution standard covers all steps related to a penetration test Free

National security agencies and services

Name Country Link Description
ANSSI France [Website] Agence Nationale de la Sécurité des Systèmes d'Information, French service responsible for computer security
ASD Australia [Website] Australian Signals Directorate, Australian service responsible for computer security
CCB Belgium [Website] Centre for Cyber Security Belgium, Belgium service responsible for computer security
CNSS United States of America [Website] Committee on National Security Systems, USA intergovernmental organization for the security of the USA security systems
CSE/CST Canada [Website] Communications Security Establishment/Centre de la sécurité des télécommunications, Canadian service responsible for computer security
ENISA [Website] European Network and Information Security Agency, European Union service responsible for computer security
NCSC Great Britain [Website] National Cyber Security Center, United Kingdom service responsible for computer security
NIST United States of America [Website] National Institute of Standards and Technology, Metrology laboratory and non-regulatory agency of the USA Department of Commerce
NSA United States of America [Website] National Security Agency, United States of America service responsible for computer security

Non english

Name Language Link Description Price
Bamboofox Chinese [Website] CTF guide Free
ctfs.me Indonesian [Website] Challenges platform, challenges are in english Free
elhacker.net Spanish [Website] Challenges platform Free
Hacking-Challenges German [Website] Challenges platform Free
Happy-Security German [Website] Challenges platform Free
MIPT CTF Russian [Source] CTF guide Free
NewbieContest French [Website] Challenge platform Free
NOE Korean [Website] Challenge platform Free
SuNiNaTaS Korean [Website] Challenge platform Free
TDHack Polish [Website] Challenge platform Free
World of Wargame Spanish [Website] Challenge platform Free
XCTF Agenda Chinese [Website] World CTF agenda Free
Yashira Spanish [Website] Challenge platform Free

Trainings and courses

Name Link Description Price
Cybrary [Website] Cyber Security Learning, training and certification Free
SANS [Website] Escal Institute of Advanced Technologies provides courses, certifications and learning materials Paid

Tutorials

Writeups collections and challenges source

Name Link Description Price
Captf [Website] Dumped CTF challenges Free
CTFs write-ups [Source] Write-ups archive Free
pwntools writeups [Source] Write-ups using pwntools archive Free