Security

OWASP Top 10 for LLM Applications

genai.owasp.org

the reference list.

MITRE ATLAS

atlas.mitre.org

adversarial threat landscape for AI systems.

NIST AI Risk Management Framework

www.nist.gov

NIST AI Risk Management Framework resource in AI Security & Red-Teaming.

AI Incident Database

incidentdatabase.ai

searchable real-world incidents.

garak

github.com

NVIDIA's LLM vulnerability scanner.

PyRIT

github.com

Microsoft's Python Risk Identification Toolkit for AI.

Promptfoo

www.promptfoo.dev

eval + red-team framework, CI-friendly.

Giskard

www.giskard.ai

open-source LLM testing.

DeepEval

github.com

pytest-style LLM evals.

Inspect AI

inspect.aisi.org.uk

UK AISI's eval framework.

Lakera Guard

www.lakera.ai

prompt-injection/PII firewall.

Protect AI

protectai.com

ML supply-chain security.

HiddenLayer

hiddenlayer.com

model security platform.

NeMo Guardrails

github.com

NVIDIA, programmable rails.

LLM Guard

llm-guard.com

open-source input/output guard.

Anthropic alignment & red-team research

www.anthropic.com

Anthropic alignment & red-team research resource in AI Security & Red-Teaming.

Apollo Research

www.apolloresearch.ai

deceptive-alignment evals.

METR

metr.org

autonomy/capability evaluations.

UK AI Safety Institute (AISI)

www.aisi.gov.uk

UK AI Safety Institute (AISI) resource in AI Security & Red-Teaming.

US AISI (at NIST)

www.nist.gov

US AISI (at NIST) resource in AI Security & Red-Teaming.

Simon Willison — prompt injection tag

simonwillison.net

best running coverage.

Embrace The Red

embracethered.com

Johann Rehberger, AI red-team blog.

HackAPrompt writeups

www.learnprompting.org

Learn Prompting.

DEF CON AI Village

aivillage.org

DEF CON AI Village resource in AI Security & Red-Teaming.

OWASP Foundation

owasp.org

Open community producing free resources, tools, and standards for improving software security worldwide.

PortSwigger Web Security Academy

portswigger.net

Free, world-class web security training with hands-on labs covering every major vulnerability class.

CWE — Common Weakness Enumeration

cwe.mitre.org

MITRE's community-developed list of software and hardware weakness types used in vulnerability classification.

HackTricks

book.hacktricks.xyz

Continuously updated hacking and pentesting reference covering techniques, tools, and CTF tricks.

Semgrep

semgrep.dev

Static analysis tool for finding bugs and security issues in source code with a large rule registry.

OWASP ZAP

zaproxy.org

Open-source DAST scanner and proxy for automatically finding security vulnerabilities in web applications.

Snyk

snyk.io

Developer security platform for scanning code, dependencies, containers, and IaC for vulnerabilities.

SonarQube

sonarqube.org

Continuous code quality and security inspection platform supporting 30+ languages.

Trivy

trivy.dev

Comprehensive open-source security scanner for containers, filesystems, IaC, and git repositories.

Content Security Policy (CSP) Evaluator

csp-evaluator.withgoogle.com

Google tool for analysing CSP header configurations and identifying common misconfigurations and bypasses.

Cloud Security Alliance

cloudsecurityalliance.org

Non-profit defining cloud security best practices through research, certifications (CCSK), and the CCM framework.

Prowler

prowler.com

Open-source cloud security tool for auditing, hardening, and continuous compliance across AWS, Azure, and GCP.

ScoutSuite

github.com

NCC Group's multi-cloud security auditing tool that produces an HTML report of misconfigurations.

Trivy

trivy.dev

Comprehensive scanner for container images, IaC files, git repos, and Kubernetes clusters.

Checkov

checkov.io

Static analysis tool for Terraform, Kubernetes, Dockerfile, and CloudFormation to catch misconfigurations pre-deploy.

Falco

falco.org

CNCF runtime security tool for detecting anomalous behaviour in containers and Kubernetes workloads.

AWS Security Hub

aws.amazon.com

Centralised AWS security posture management aggregating findings from GuardDuty, Inspector, Macie, and third-party tools.

Steampipe

steampipe.io

Query cloud APIs with SQL; includes prebuilt compliance benchmarks for AWS, Azure, GCP, and Kubernetes.

CNAPP landscape — CNCF Security TAG

tag-security.cncf.io

CNCF's Security Technical Advisory Group producing white papers, assessments, and guidance on cloud-native security.

NIST Cybersecurity Framework

nist.gov

Voluntary framework of standards, guidelines, and practices for managing cybersecurity risk, now at version 2.0.

CIS Controls

cisecurity.org

Prioritised set of 18 defensive security controls developed by the Center for Internet Security.

ISO/IEC 27001

www.iso.org

International standard for information security management systems (ISMS) and its certification framework.

GDPR Info

gdpr-info.eu

Full text of the EU General Data Protection Regulation with recitals and cross-references.

PCI Security Standards Council

pcisecuritystandards.org

Governing body for PCI DSS, the payment card industry data security standard.

ENISA

enisa.europa.eu

EU Agency for Cybersecurity publishing threat landscapes, guidelines, and policy recommendations across the EU.

SOC 2 — AICPA

www.aicpa-cima.com

AICPA's Service Organization Control 2 framework for auditing security, availability, and confidentiality of cloud services.

NIS2 Directive

eur-lex.europa.eu

EU Network and Information Security Directive 2 expanding cybersecurity obligations to more sectors.

BSI — Federal Office for Information Security

bsi.bund.de

German federal authority for information security, publishing technical guidelines and IT-Grundschutz.

Cryptopals

cryptopals.com

Series of cryptography challenges teaching practical breaks of real-world crypto constructions.

Mozilla SSL Configuration Generator

ssl-config.mozilla.org

Generates secure TLS configurations for nginx, Apache, HAProxy, and other servers based on Mozilla guidelines.

Let's Encrypt

letsencrypt.org

Free, automated, and open certificate authority providing TLS certificates to the public.

OpenSSL

openssl.org

The widely-used open-source toolkit for SSL/TLS and general-purpose cryptography.

Libsodium

doc.libsodium.org

Modern, easy-to-use cryptographic library with opinionated, hard-to-misuse APIs for encryption, signing, and hashing.

Age

age-encryption.org

Simple, modern, and secure file encryption tool and library with a clean format specification.

Sigstore

sigstore.dev

Open-source project for signing, verifying, and protecting software supply chains with keyless code signing.

Have I Been Pwned

haveibeenpwned.com

Check if email addresses or passwords have appeared in known data breaches; free API for developers.

RFC Editor

rfc-editor.org

Authoritative source for Internet Standards and RFCs, including foundational security protocol specifications.

MITRE D3FEND

d3fend.mitre.org

Complementary framework to ATT&CK mapping defensive techniques to the offensive tactics they counter.

Sigma

github.com

Generic signature format for SIEM rules enabling detection content to be shared and converted across platforms.

YARA

virustotal.github.io

Pattern-matching tool for identifying and classifying malware samples based on textual or binary patterns.

Wazuh

wazuh.com

Open-source security platform combining SIEM, XDR, and CSPM for endpoint detection and log analysis.

Elastic Security

elastic.co

SIEM and endpoint security built on the Elastic Stack, with free detection rules and prebuilt dashboards.

TheHive Project

thehive-project.org

Scalable, open-source security incident response platform with case management and MISP integration.

Velociraptor

velocidex.com

Advanced DFIR and endpoint monitoring tool for fast artifact collection and threat hunting at scale.

OpenVAS / Greenbone

greenbone.net

Open-source vulnerability scanning and management solution with a large continuously updated feed of tests.

Zeek

zeek.org

Powerful network analysis framework that generates rich, structured logs for security monitoring and forensics.

Atomic Red Team

atomicredteam.io

Library of tests mapped to MITRE ATT&CK for validating defensive controls and detection coverage.

Keycloak

keycloak.org

Open-source identity and access management with SSO, OIDC, SAML, and fine-grained authorisation.

Authentik

goauthentik.io

Self-hosted identity provider supporting OIDC, SAML, LDAP, and Radius with a modern UI.

Authelia

authelia.com

Open-source authentication and authorisation server providing 2FA and SSO for reverse proxies.

HashiCorp Vault

vaultproject.io

Secrets management, encryption-as-a-service, and dynamic credentials for any infrastructure.

NIST SP 800-63 Digital Identity Guidelines

pages.nist.gov

NIST's authoritative guidelines for digital identity, authentication levels, and federation.

OpenID Connect

openid.net

Identity layer built on top of OAuth 2.0 enabling client applications to verify end-user identity.

FIDO Alliance

fidoalliance.org

Industry consortium behind FIDO2, WebAuthn, and passkeys — the standard for passwordless authentication.

Zitadel

zitadel.com

Cloud-native, open-source IAM solution with multi-tenancy, passkeys, and audit log out of the box.

OAuth 2.0

oauth.net

The authorisation framework spec and resources — RFCs, security BCP, and implementation guides.

TheHive Project

thehive-project.org

Scalable, open-source security incident response platform with case and alert management and MISP integration.

Velociraptor

velocidex.com

Advanced endpoint visibility and DFIR tool for collecting artifacts and hunting at scale across thousands of hosts.

Autopsy

www.autopsy.com

Open-source digital forensics platform with a GUI front-end to The Sleuth Kit for disk image analysis.

Volatility Framework

volatilityfoundation.org

Leading open-source memory forensics framework for analysing RAM dumps from Windows, Linux, and macOS.

Eric Zimmerman's Tools

ericzimmerman.github.io

Collection of free Windows forensic tools for registry analysis, prefetch, event logs, shellbags, and more.

CyberChef

gchq.github.io

GCHQ's browser-based data analysis "Cyber Swiss Army Knife" for encoding, encryption, and data transformation.

DFIR.training

dfir.training

Curated directory of DFIR tools, training, and resources maintained by the community.

SANS Incident Handler's Handbook

www.sans.org

SANS guide to the six phases of incident response — preparation, identification, containment, eradication, recovery, lessons learned.

FTK Imager

www.exterro.com

Free disk imaging and preview tool from Exterro for acquiring forensic images of drives and memory.

Ghidra

ghidra-sre.org

NSA-developed free and open-source reverse engineering tool suite with a decompiler for major architectures.

Radare2

rada.re

Portable reverse engineering framework and disassembler with scripting, debugging, and binary patching capabilities.

x64dbg

x64dbg.com

Open-source x64/x32 debugger for Windows focused on malware analysis and reverse engineering.

Binary Ninja

binary.ninja

Commercial binary analysis platform with a powerful API and collaborative features for reverse engineering.

any.run

any.run

Interactive online malware sandbox for analysing suspicious files and URLs with real-time process monitoring.

Hybrid Analysis

hybrid-analysis.com

Free malware analysis service powered by CrowdStrike Falcon with YARA rule matching and network indicators.

Unpac.me

unpac.me

Automated malware unpacking service supporting 100+ packers and protectors.

REMnux

remnux.org

Linux distribution curated for reverse engineering and malware analysis, with 150+ pre-installed tools.

Awesome Malware Analysis

github.com

Curated list of malware analysis tools, resources, and guides maintained by the community.

Wireshark

wireshark.org

The world's most widely-used network protocol analyser for packet capture and deep inspection.

Suricata

suricata.io

High-performance, open-source network IDS, IPS, and network security monitoring engine.

Snort

snort.org

Pioneering open-source network intrusion detection and prevention system maintained by Cisco.

pfSense

pfsense.org

Open-source firewall and router platform based on FreeBSD with enterprise-grade features.

OPNsense

opnsense.org

FreeBSD-based open-source firewall and routing platform with modern UI and active development community.

Pi-hole

pi-hole.net

Network-wide DNS sinkhole that blocks ads and tracking domains before they reach any device on the LAN.

MXToolbox

mxtoolbox.com

Suite of DNS, MX, DMARC, SPF, and blacklist lookup tools for diagnosing email and domain security.

SSL Labs

ssllabs.com

Qualys free tool for deep analysis of SSL/TLS server configurations, graded A to F.

Cloudflare

cloudflare.com

Global network providing DDoS protection, WAF, CDN, Zero Trust access, and DNS security at scale.

Netbird

netbird.io

Open-source, WireGuard-based overlay network for zero-config secure peer-to-peer connectivity.

Krebs on Security

krebsonsecurity.com

Brian Krebs's investigative security blog known for deep reporting on cybercrime and breach investigations.

Schneier on Security

schneier.com

Bruce Schneier's blog on security, privacy, and technology policy — one of the most respected voices in security.

Dark Reading

darkreading.com

Enterprise security news covering vulnerabilities, threats, and security strategy for IT professionals.

SecurityWeek

securityweek.com

Security industry news covering breaches, vulnerabilities, malware, and enterprise security market.

The Hacker News

thehackernews.com

High-volume cybersecurity news site covering CVEs, breaches, hacking campaigns, and security tools.

Risky Biz

risky.biz

Weekly information security podcast and news site with high-quality interviews and briefings.

SANS Internet Storm Center

isc.sans.edu

Daily threat intelligence updates and diary posts from SANS handlers tracking live internet threats.

/r/netsec

reddit.com

Reddit community for technical information security content — high quality signal, minimal noise.

DEF CON

defcon.org

The world's largest underground hacking conference, with talks published free and a year-round community.

Black Hat

blackhat.com

Technical security conference series focused on advanced research, with free Briefings archives.

Kali Linux

kali.org

Debian-based Linux distribution maintained by Offensive Security and pre-loaded with hundreds of pentesting tools.

Metasploit Framework

metasploit.com

World's most used penetration testing framework; exploit modules, payloads, and post-exploitation tools.

Burp Suite

portswigger.net

Industry-standard web application security testing platform with proxy, scanner, and intruder modules.

HackTheBox

hackthebox.com

Online platform with intentionally vulnerable machines, labs, and Pro Labs for practising real-world attack techniques.

TryHackMe

tryhackme.com

Browser-based learning platform with guided pentesting labs covering beginner to advanced topics.

Offensive Security (OffSec)

offsec.com

Training and certification provider behind OSCP, OSEP, and other hands-on security certifications.

PayloadsAllTheThings

github.com

Comprehensive collection of payloads and bypasses for web app security, useful during CTFs and penetration tests.

SecLists

github.com

Curated collection of wordlists for usernames, passwords, URLs, fuzzing payloads, and more.

PentesterLab

pentesterlab.com

Hands-on web pentesting training with real exercises, from SQL injection to deserialization.

nmap

nmap.org

Network discovery and security auditing tool — port scanning, OS fingerprinting, and service version detection.

MITRE ATT&CK

attack.mitre.org

Globally-accessible knowledge base of adversary tactics, techniques, and procedures based on real observations.

VirusTotal

virustotal.com

Multi-engine file and URL scanner aggregating results from 70+ antivirus engines and threat intelligence feeds.

Shodan

shodan.io

Search engine for internet-connected devices — servers, IoT, industrial systems — with banner and vulnerability data.

Censys

censys.io

Internet-wide scanning service for attack surface management; maps exposed services, certs, and misconfigurations.

GreyNoise

greynoise.io

Filters internet background noise from real threats by categorising mass-scanning and exploit-broadcasting IPs.

AlienVault OTX

otx.alienvault.com

Open Threat Exchange — community-driven threat intelligence sharing platform with millions of indicators.

abuse.ch

abuse.ch

Non-profit running MalwareBazaar, URLhaus, Feodo Tracker, and ThreatFox for free threat intelligence feeds.

CIRCL

circl.lu

Computer Incident Response Center Luxembourg — publishes free threat intelligence feeds, MISP, and CVE tools.

CISA Known Exploited Vulnerabilities

www.cisa.gov

US CISA's authoritative catalog of CVEs actively exploited in the wild, with required remediation dates for federal agencies.

MISP Project

misp-project.org

Open-source threat intelligence sharing platform and format standard used by hundreds of organisations globally.

National Vulnerability Database

nvd.nist.gov

NIST's authoritative CVE database with CVSS scores, references, and patch advisories.

CVE Details

cvedetails.com

CVE browsing interface with per-vendor and per-product statistics and trend charts.

OSV — Open Source Vulnerabilities

osv.dev

Google's open database for vulnerabilities in open-source software, queryable by package.

GitHub Advisory Database

github.com

Security advisories for packages on npm, PyPI, Maven, RubyGems, and more, curated by GitHub.

Exploit Database

exploit-db.com

Offensive Security's archive of public exploits and shellcode, searchable by CVE or platform.

Packet Storm Security

packetstormsecurity.com

Long-running archive of exploits, advisories, tools, and whitepapers.

HackerOne

hackerone.com

Leading bug bounty platform connecting security researchers with program-running companies.

Bugcrowd

bugcrowd.com

Crowdsourced security platform for bug bounty programs and vulnerability disclosure.

Snyk Vulnerability DB

security.snyk.io

Developer-focused database of open-source package vulnerabilities with fix guidance.

VulnHub

vulnhub.com

Downloadable intentionally vulnerable VMs for hands-on vulnerability practice.