Cyber Resources

This page consolidates my go-to resources for pentesting, CTF challenges, SOC operations, threat intelligence, OSINT, and malware analysis. Each resource includes a link, a brief description of why it's valuable, and a screenshot to give you a visual sense of the content. These are the tools and guides I rely on to sharpen my skills and tackle challenges like those on Hack The Box. Resources are color-coded by type: SOC Tools, Threat Intel, OSINT, Malware, and Pentesting.

Have I Been Pwned

Check if your email has been compromised in a data breach, a critical tool for SOC analysts monitoring credential exposure.

Have I Been Pwned

MX Toolbox

A versatile tool for checking DNS MX records and diagnosing email delivery issues, essential for SOC email security tasks.

MX Toolbox

AbuseIPDB

A database for reporting and checking IP address abuse, helping SOC teams identify malicious network activity.

AbuseIPDB

OSINT Dojo

A curated collection of OSINT tools and resources, ideal for gathering open-source intelligence efficiently.

OSINT Dojo

Grabify IP Logger & URL Shortener

A tool for creating trackable URLs to log IP addresses, useful for OSINT investigations with caution.

Grabify

URLVoid

Analyzes websites for malicious behavior or scams, aiding threat intelligence by assessing URL safety.

URLVoid

VirusTotal URL Analysis

VirusTotal scans URLs for malicious content, a staple for threat intelligence and malware detection.

VirusTotal

CyberChef

A web-based tool for data transformation and analysis, widely used in SOC for decoding and analyzing logs.

CyberChef

Diffchecker

Compares text differences, useful for SOC analysts reviewing configuration changes or log anomalies.

Diffchecker

Downdetector

Monitors service outages and disruptions, helping SOC teams stay informed about platform availability issues.

Downdetector

Reverse Shell Generator

An online tool for generating reverse shell payloads, useful for pentesting and CTF challenges.

Reverse Shell Generator

HackTricks: Linux Capabilities

A detailed guide on Linux privilege escalation via capabilities, invaluable for pentesting and CTF scenarios.

HackTricks Linux Capabilities

Siren Security: Linux Privilege Escalation Resources

A curated list of Linux privilege escalation techniques, perfect for pentesters diving into Linux security.

Siren Security Blog

GTFOBins

A comprehensive list of binaries exploitable for privilege escalation, a must-have for pentesters.

GTFOBins

PyWhisker

A Python tool for Active Directory enumeration and exploitation, ideal for pentesting AD environments.

PyWhisker

Certipy

A tool for Active Directory certificate services enumeration and abuse, useful for advanced pentesting.

Certipy

Shell Reverse Cheatsheet

A cheatsheet for crafting reverse shells, essential for pentesting and gaining remote access.

Shell Reverse Cheatsheet

Server-Side Template Injection (SSTI)

A guide on exploiting SSTI vulnerabilities, critical for pentesting modern web applications.

SSTI Guide

Hybrid Analysis

Open source online sandbox for dynamic analysis.

hybrid-analysis

Joes Sandbox

Open source online sandbox for dynamic analysis.

joessandbox

Log Poisoning

Guide with examples of LFI with Log Poisoning to obtain shell.

logp

Malpedia

Resource for threat intel on malware and threat actors who employ malware.

malpedia

Common Ports List

Resource for quick reference on common ports.

ports

Want to Add More?

These are some of my favorite resources, but I’m always discovering new ones. If you have recommendations or want me to add more to this list, let me know! I’ll keep this page updated as I explore new tools and guides.