Hacking tools

A personal collection of bookmarks to useful tools and resources for Infosec and hacking.
This list is updated from time to time. Please note that I am no longer accepting suggestions for this list.

Organizations

DEF CON
Chaos Computer Club - Europe's largest hacktivist group
CERT
ISC2 - International Information Systems Security Certification Consortium

Hacker culture

Phrack - The best and longest-running hacker e-zine
The Jargon File - The New Hacker's Dictionary

Security

CVE - Common Vulnerabilities and Exposures
OWASP - Open Web Application Security Project
Seclists.org - Security lists mailing archive
Sectools.org - Top security tools
Metasploit - Framework for pentesting and exploits
Aircrack-ng - Complete suite of WiFi security tools (sniffers, crackers, exploits)
Qubes OS - A secure OS that provides process compartmentalization
have i been pwned - Check if you have an account that has been compromised in a data breach
DNSCrypt - Encrypts, authenticates, and anonymizes DNS communications between client and resolver
Bobby Tables - How to write code resistant to SQL injections
SANS Infosec Reading Room
OverTheWire - Wargames and penetration testing lab
Hack The Box - Penetration testing lab
Hack This Site - Penetration testing lab
Root Me - Penetration testing lab

Reconnaissance

Shodan - Search engine and remote scanner for Internet-connected devices
Netcraft's Site Report - Provides a bulk of information about a website
Greynoise collects data on IP addresses that saturate security tools with noise, so you can ignore them

Passwords

zxcvbn - Password strength analyzer
Plaintext Offenders - Lousy websites that store your password in plaintext
John the Ripper - Password cracker

Antimalware

VirusTotal - File sample submission for multiple AV analysis
F-Secure Remove Threats - Online AV scan, sample testing, and health check
Symantec Security Check - Check against online threats
Google Safe Browsing - Malware diagnostics for websites
Norton Safe Web - Malware diagnostics for websites
AV-TEST - Independent IT Security institute providing AV evaluations
Spyware Warrior's Rogue/Suspect Anti-Spyware Products (obsolete)

E-mail

Email privacy tester to test your mailclient for privacy leaks and security bugs
Open Relay check - Is your mailserver an Open Relay?
ProtonMail - End-to-end encrypted webmail provider, hosted in Switzerland
Tutanota - End-to-end encrypted webmail provider
Sendy.org - Send anonymous e-mail
10 Minute Mail - Disposable email service, providing you an email address during 10 minutes

HTTPS

SSL Certificates guide
SSL knowledge base
OpenSSL manuals
SSL test - Test several SSL parameters of a HTTPS site
Let's Encrypt - Free and automated CA as a campaign to spread the use of HTTPS
HTTP Shaming - Websites that use HTTP but should use HTTPS
A website that never uses HTTPS, useful for an easy redirect to Wi-Fi login pages

Privacy & Anonymity

Privacy tools - Privacy-friendly software alternatives
Tails - Agnostic live OS that leaves no traces on the machine
Whonix - A Debian-derived secure OS for privacy and anonymity
Tor - The Onion Router, a system for anonymous communication on the Internet
Panopticlick - A tool to analyze how well your browser protects you against online tracking
Tool that tells you what information is visible from your browser
DNS leak test
Electronic Frontier Foundation - Helps you in defending your rights on the digital world
Electronic Privacy Information Center
Privacy International
The Winston Smith Project
The Big Brother Awards to those who have excelled in the violation of our privacy
Me and my Shadow - Tactical Tech project that helps you learn and control your data traces
The Invisible Internet Project
Freenet - A peer-to-peer platform for censorhip-resistant communications
Bugged Planet - Info about SIGINT/COMINT technology
Cryptolaw - Survey on current laws and regulations on cryptography (out of date)
PixelPrivacy - A compendium of articles about digital privacy and security

Phishing

PhishTank - Database of phishing websites
Report a phishing page - provided by Google Safe Browsing
Report a phishing page - provided by the Swiss National Cyber Security Centre

Networking

Utrace - IP address geolocator
WorldIP - IP geolocation database, service, and tools
Show private IP address
IPinfo.info - IP checks
IPVOID - IP blacklist check
Whois.net - WHOIS domain tools
Domain finder
MX Toolbox - DNS lookup
Country IP Blocks - Generates ACLs to block IP addresses from specific countries
Broadband speed test in HTML5, no Java or Flash browser plugins needed
Broadband speed test
MAC address vendor finder
TCP/UDP port numbers
TCP/UDP port numbers
IANA - Root zone TLD, IP address allocation, protocol port numbers
RFC Sourcebook
PacketLife's cheat sheets

World Wide Web

Archive.is - Webpage archiver, in both text and image format
Internet Archive's Wayback machine
Google Hacking Database - Search terms (aka Google dorks) for exposed content
List of Google Search operators
Guide to a more efficient use of search engines (in Italian language)
Remote-controlled browsers to avoid exposing your own machine to shady websites
URL obfuscation
BugMeNot - Bypass compulsory registration
Terms of Service; Didn't Read - Digest and rating of ToS from various websites
Dive Into HTML5 - HTML5 guide

Various

FreeFormatter - Base64 encoder, JSON validator, HTML formatter, and more
ExtendsClass - Converters, testers, formatters, and other free tools
Awesome Sysadmin - List of Open Source sysadmin resources
Regular Expression tester

Blogs

Bruce Schneier's Schneier on Security
Edward Snowden's Continuing Ed
Paolo Attivissimo's Il Disinformatico (in Italian language)
F-Secure
Kaspersky's Securelist
Troy Hunt
Richard Bejtlich's TaoSecurity
Dave Lewis' Liquidmatrix
Brian Krebs' Krebs on Security
Google Online Security Blog
Didier Stevens - Code exploits
GFI Labs' TechTalk (formerly All Spammed Up)
Matteo Flora's Last Knight
Jeff Atwood's Coding Horror - Programming and human factors (out of date)
Grugq's Hacker OPSEC (out of date)
th3j35t3r (out of date)
Social Hacking - Security in social networks (out of date)
SpywareGuide Greynets Blog / FaceTime Security Labs (out of date)

In Switzerland

DC4131 - DEF CON group for Switzerland
BoT meetings - Informal meetings of DEF CON DC4131
Chaos Computer Club Switzerland
CERN Micro Club
Stephane Plantard's retrocomputing website
Post Tenebras Lab - Hackerspace in Geneva
SDG Solution Space - Hackerspace in Geneva
Onl'Fait FabLab - Hackerspace in Geneva
FIXME Hackerspace - Hackerspace in Lausanne
Swiss CyberSecurity
Insomni'hack
GULL - Free Software user group of Western Switzerland
SwissLinux
Musée Bolo - Computer Science museum, hosted by EPFL