List of websites that can be useful resources for ethical hackers, bug bounty hunters, and penetration testers.
- hackxpert labs - Practise labs for ethical hacking.
- Bugcrowd - Another popular bug bounty platform that offers a wide range of programs and resources for security researchers.
- Intigriti - A crowdsourced security platform that connects companies with a global community of security researchers to identify and resolve vulnerabilities.
- OWASP - The Open Web Application Security Project provides a wealth of resources on web application security, including guides, tools, and training materials.
- Exploit Database - A comprehensive database of known exploits and vulnerabilities, maintained by the Offensive Security team.
- CVE Details - A searchable database of Common Vulnerabilities and Exposures (CVEs), with information on affected products and available patches.
- Shodan - A search engine for internet-connected devices, which can be used to identify potential targets for penetration testing.
- Censys - A search engine for internet-connected devices and networks, which can be used to identify vulnerabilities and gather intelligence.
- VulDB - A comprehensive vulnerability database that provides information on vulnerabilities in a wide range of products.
- Nessus - A popular vulnerability scanner that can be used to identify vulnerabilities in target systems.
- OpenVAS - An open source vulnerability scanner that can be used to identify vulnerabilities in target systems.
- Hacker101 - A website that offers a wide range of hacking tutorials and resources for beginners and advanced users alike.
- HackerOne - A leading bug bounty platform that connects companies with security researchers to identify and resolve vulnerabilities.
- Packet Storm - A comprehensive resource for security tools, exploits, and advisories.
- CWE-Common Weakness Enumeration - A list of common software security weaknesses and vulnerabilities.
- National Vulnerability Database - A U.S. government repository of standards-based vulnerability management data.
- VirusTotal - A service for analyzing suspicious files and URLs to detect malware.
- Dark Reading - A cybersecurity news platform providing insights, analysis, and research.
- echoCTF - Practise labs for ethical hacking.
- WPScan - A tool for testing the security of WordPress websites, including identifying vulnerabilities and weak passwords.
- BinaryEdge - A search engine and API for internet-connected devices, with a focus on security.
- Hack The Box - An online platform that provides various penetration testing challenges and virtual labs.
- WiGLE - This search engine is used for wireless network mapping. It merges the information of remote systems worldwide into a midway database.
- Malwarebytes Labs - Blog providing insights, research, and analysis on malware and cybersecurity threats.
- Cyberchef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.
- Hash Analyzer - Online tool to help identify a hash type.
- crt.sh - Certificate search, useful for subdom enumeration.
- Hunter - This search engine helps to discover email addresses and links you to multiple connections working in an organization.
- The Hacker News - Popular cybersecurity publication for information security professionals seeking breaking news.
- Malware Must Die! - Blog and community focused on malware research and analysis.