Hacking tools

A personal collection of bookmarks to useful tools and resources for Infosec.
This list is updated from time to time. Please note that I am no longer accepting suggestions for this list.


International Information Systems Security Certification Consortium


CVE - Common Vulnerabilities and Exposures
OWASP - Open Web Application Security Project
Seclists.org - Security lists mailing archive
Bugtraq mailing list (discontinued)
have i been pwned - Check if you have an account that has been compromised in a data breach
DNSCrypt.eu - Free DNSSEC-enabled, non-logged, uncensored DNSCrypt service
Bobby Tables - How to write code resistant to SQL injections
SANS Infosec Reading Room
Heartbleed vulnerability check (discontinued)
List of websites where to practice pentesting skills
Hack The Box - Penetration testing lab
Hack This Site - Penetration testing lab


Sectools.org - Top security tools
Metasploit - Framework for pentesting and exploits
Aircrack-ng - Complete suite of WiFi security tools (sniffers, crackers, exploits)
Qubes OS - A secure OS that provides process compartmentalization


Shodan - Search engine and remote scanner for Internet-connected devices
Netcraft's Site Report - Provides a bulk of information about a website
Google Hacking Database - Search terms (Google dorks) for exposed content
List of Google Search operators


zxcvbn - Password strength analyzer
Plaintext Offenders - Websites that store your password in plaintext
John the Ripper - Password cracker


Email privacy tester to test your mailclient for privacy leaks and security bugs
Open Relay check - Is your mailserver an Open Relay?
ProtonMail - End-to-end encrypted webmail provider, hosted in Switzerland
Tutanota - End-to-end encrypted webmail provider
Sendy.org - Send anonymous e-mail
10 Minute Mail - Disposable email service, providing you an email address during 10 minutes


SSL Certificates guide
SSL knowledge base
OpenSSL manuals
SSL test - Test several SSL parameters of a HTTPS site
Let's Encrypt - Free and automated CA as a campaign to spread the use of HTTPS
HTTP Shaming - Websites that are supposed to use HTTPS but instead use HTTP
A website that never uses HTTPS, useful for an easy redirect to Wi-Fi login pages


F-Secure Remove Threats - Online AV scan, sample testing, and health check
VirusTotal - File sample submission for multiple AV analysis
Symantec Security Check - Check against online threats
Google Safe Browsing - Malware diagnostics for websites
Norton Safe Web - Malware diagnostics for websites
AV-TEST - Independent IT Security institute providing AV evaluations
Spyware Warrior's Rogue/Suspect Anti-Spyware Products (obsolete)

Privacy & Anonymity

Tails - Agnostic live OS that leaves no traces on the machine
Whonix - A Debian-derived secure OS for privacy and anonymity
Tor - The Onion Router, a system for anonymous communication on the Internet
Panopticlick - A tool to analyze how well your browser protects you against online tracking
Me and my Shadow - Tactical Tech project that helps you learn and control your data traces
Electronic Frontier Foundation - Helps you in defending your rights on the digital world
Electronic Privacy Information Center
Privacy International
Chaos Computer Club - Europe's largest hacktivist group
The Winston Smith Project
The Big Brother Awards to those who have excelled in the violation of our privacy
The Invisible Internet Project
Freenet, a peer-to-peer platform for censorhip-resistant communications
We Fight Censorship - RSF project aimed at promoting the flow of information
Bugged Planet - Info about SIGINT/COMINT technology
Cryptolaw - Survey on current laws and regulations on cryptography
PixelPrivacy - A compendium of articles about digital privacy and security


PhishTank - Database of phishing websites


Utrace - IP address geolocator
WorldIP - IP geolocation database, service, and tools
Show private IP address
IPinfo.info - IP checks
IPVOID - IP blacklist check
Whois.net - WHOIS domain tools
Domain finder
MX Toolbox - DNS lookup
Broadband speed test in HTML5, no Java or Flash browser plugins needed
Broadband speed test
Broadband speed test
MAC address vendor finder
List of TCP/UDP port numbers
TCP/UDP port numbers
IANA - Root zone TLD, IP address allocation, protocol port numbers
RFC Sourcebook
PacketLife's cheat sheets

World Wide Web

Archive.is - Webpage archiver, in both text and image format
Internet Archive's Wayback machine
URL obfuscation
DoNotLink - Link to a site without improving its search engine position (dead link)
BugMeNot - Bypass compulsory registration
Terms of Service; Didn't Read - Digest and rating of ToS from various websites
Dive Into HTML5 - HTML5 guide


FreeFormatter - Base64 encoder, JSON validator, HTML formatter, and more
ExtendsClass - Converters, testers, formatters, and other free tools
Awesome Sysadmin - List of Open Source sysadmin resources
Regular Expression tester


Bruce Schneier's Schneier on Security
Kaspersky's Securelist
Troy Hunt
Richard Bejtlich's TaoSecurity
Dave Lewis' Liquidmatrix
Brian Krebs' Krebs on Security
Google Online Security Blog
Didier Stevens - Code exploits
Jeff Atwood's Coding Horror - Programming and human factors
GFI Labs' TechTalk (formerly All Spammed Up)
Matteo Flora's Last Knight
Niklas Femerstrand's qnrq (out of date)
Mark Russinovich - Windows technicals and hacks (out of date)
Alan Shimel's Still Secure After All These Years (out of date)
Grugq's Hacker OPSEC (out of date)
Social Hacking - Security in social networks (out of date)
Martin McKeay (out of date)
SpywareGuide Greynets Blog / FaceTime Security Labs (out of date)
Andrea Draghetti (previously Over Security) - In Italian language
Security Bloggers Network (dead link)
Sherri Davidoff's Philosecurity (dead link)

Hacking in Switzerland

DC4131 - DEF CON group for Switzerland
BoT meetings - Informal meetings of DEF CON DC4131
CERN Micro Club
Swiss CyberSecurity
Post Tenebras Lab - Hackerspace in Geneva
SDG Solution Space - Hackerspace in Geneva
Onl'Fait FabLab - Hackerspace in Geneva
FIXME Hackerspace - Hackerspace in Lausanne
Lausanne Hackers Meetup
Chaos Computer Club Switzerland

page created on 1 January 2011        page last changed on 30 November 2020