This is the dedicated location to news sources, tools, people and more relating to IT security/administration. Some of the resources here I personally benefit from each and everyday, others keep me updated and aware of emerging threats in this ever changing landscape. This will be in no way exhaustive and will be updated overtime.


None of this is sponsored, paid for or here due to any type of paid promo. This list is not a repository of “attack” tools and anything highlighted here is for the sake of knowledge.

The use of this knowledge is not the responsibility of this author, this blog or anyone other than those that use this knowledge.

https://www.theregister.co.uk/security  – Also known as El Reg this Tech news source is one I check daily and most often has been not only the first to report outbreaks/exploits/attack vectors but I can also attest to how exclusive some of their sources are.

https://www.shodan.io – A very powerful “search engine” with various applications. At a glance this is just a massive port scanner, however it’s practical application is far greater. Searching all the external IP addresses on the net specific protocols, systems, types of computers and more can easily be exposed (or systems tested). The capabilities and conjunction with Shodan (along with it’s API being easily available) makes this site really worth knowing. Kudos to John Matherly for it’s creation!

https://pulsedive.com/ – Good info/recon tool for websites/DNS

https://www.virustotal.com/ – Have a file your unsure of? Want to check a suspicious attachment? This tool is a very useful file analyzer which basically utilizes multiple antivirus engines against a file. This isn’t a perfect tool for 100% determining if a file is infected or contains malicious code (as from personal experience, I’ve uploaded samples that came back clean which later on where detected as malicious) but due to it’s wide use, ability to comment on files uploaded by other users and how reliably accurate it’s been in the past I would highly recommend this tool not only for security staff but also for any SYSadmin. I’ve personally used this to demonstrate to clients just how dangerous a file actually is.

https://mxtoolbox.com/ – For anything email related, be it troubleshooting, be it DNS queries (such as MX/SPF checks), blacklist checks and more this website is a MUST. The useful options available (Free of charge!) make this tool recommended by sysadmins worldwide. In personal experience, I’ve had Microsoft engineers direct me to this site and in my day-to-day duties I find myself visiting here routinely.

https://www.haveibeenpwned.com – A tool created by a the Microsoft Regional Director (not a job role but a title fitting to his Awesome work) Troy Hunt. Utilising various data sources such as released password dumps, breach lists (and more), this tool compares any email account entered to publicly listed compromised accounts. I’m not just highlighting this tool but the man himself (Troy Hunt) has had major input into the IT security world and I can personally say I follow his work out of admiration. Troy really does care about real-world privacy concerns and his free service is a testament to his motivations and what he cares for (making you secure!)

https://gotphish.com https://decentsecurity.com/ – a great repository of report channels/portals used for reporting malicious URLS/phishing/spam emails. This is a great collection of resources good for the proactive sysadmin or do-good whitehat. They also have a collection of security recommendations and tools.

https://www.kali.org – Once known as BackTrack, this is one of many Linux distributions utilised for penetration testing. Kali however, is one of the most infamous, most useful and developed that I’ve ever known. Exploitation of multiple network types, an extensive arsenal and dedicated development make this not just a great tool, but an entire workshop. They offer .ISO images, full virtual machines and a variety of download options.

https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html – Released March 2019 “Commando VM” is a Windows pentesting distribution created by FireEye. It boasts over 140+ tools and is an alternative for the Linux based Kali Linux.

https://www.kali.org/kali-linux-nethunter/ – Kali NetHunter is an Android exploitation framework specifically made for Nexus devices (but now supporting OnePlus). A variety of tools/exploits/attack types can be performed through this and framework itself is very similar to Kali Linux. Notably there are USB/HID type of attacks and MITM attacks that are capable with NetHunter and can be a great tool for both demonstration and testing networks.

https://www.kali.org/news/kali-nethunter-app-store/ – The Kali Nethunter Appstore is an “appstore” for trusted apk’s and apps used specifically for penetration testing. Made by Offensive Security, the creators of Kali Linux (formely known as BackTrack) the appstore hopes to provide hacking apps that you can trust and not otherwise find iin Google’s playstore.

https://www.zimperium.com/zanti-mobile-penetration-testing – This Android based exploitation framework/toolkit brings ALOT of capabilities to your mobile devices. For mobile port scanning, network recon, wifi hacking, MITM attacks and more, this framework shouldn’t be judged lightly. The only downside is having to root a device (and the membership requirement) but for the amount this offers and how easy exploitation is, this toolkit is a MUST for any enthusiast.

https://github.com/Fun4Android/hackdroid – 250+ pen testing apps for android

https://www.andriller.com/ – No better way to put this then to copy the site’s description of this forensic toolkit, it works on both windows & linux: “Andriller – is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. It has features, such as powerful Lockscreen cracking for Pattern, PIN code, or Password; custom decoders for Apps data from Android (some Apple iOS & Windows) databases for decoding communications. Extraction and decoders produce reports in HTML and Excel formats. “

https://www.powershellempire.com/ – Powershell empire is a post-exploitation framework built on the readily available Windows Powershell. Powershell was the natural progression up from the CMD terminal within the Windows & Windows Server OS’s. The powerful capabilities of Powershell has made itself a valuable tool for hackers worldwide, this framework helps compile a variety of Powershell based techniques for easy exploitation.

https://www.wireshark.org/ – Widely used and known network protocol analyser, used for inspecting network traffic to the finest detail. Plug a laptop directly into your firewall/default gateway and launch this to get an overview of what data is being sent where and doing what. Used by hackers, security staff, sysadmins and engineers of all trades. Wonderful tool!

https://shop.hak5.org/ – The creators of the Rubberducky USB and more offensive/hacking hardware, HAK5 are a team of security pro’s who deserve praise. They’ve released and created hardware such as vampire taps, network implants and most famously their USB Rubberducky (a device that can execute scripts mimicking Human-Interface-Input-Devices which is mouse and keyboards to you and me).

https://otx.alienvault.com/  – The Open Threat Intelligence Community by Alienvault is a list of what they refer to as “pulses” which are basically indicators of malware, bad URL’s or websites distributing malware, hacking groups/state sponsored hackers, server and more linked to hacking/malware distribution.

https://cve.mitre.org/index.html  – This is the “official” (as official as it can be) list of publicly disclosed and known exploits/vulnerabilities. This covers multiple technologies, multiple areas and is recognised by big tech companies and systems world wide.

https://0day.today/ – Also known as “1337” day and “inj3ct0r” this is an underground market that resells known exploits. Take warning that many “replica” versions of this website exist and due to their nature of using cryptocurrencies there are scammers and imposters that use the infamy of this service to try convince others to hand over their money. The legality of this type of market is questionable however I recommend being aware of services like this to understand that exploitations are readily available (and often provide proof-of-concepts).

https://thatoneprivacysite.net/ – This is one of the most comprehensive VPN comparison charts/sites i’ve ever come across. With 0 Cost at all compare the prices and features of various VPN providers world wide to help maximise your anonymous browsing/web activities. I personally utilised this to choose a VPN that has 0 billing tied to my name (cryptocurrency) and with a country that either falls out of UK/US/EU jurisdiction or at the very minimum a VPN that uses a Warning Canary.

https://prism-break.org/en/ – A repository of privacy based tools/suggestions and applications built to break away from monitoring/surveillance programs like the NSA’s PRISM. There is no guarantee these tools can defend against state-sponsored surveillance due to how high this can occur (Internet service providers and above!) but this is still a very useful list of apps you might not be aware of.

https://www.privacytools.io/ – Another great set of privacy-orientated applications and tools to help you stay private. There are also good descriptions of surveillance arguments and a breakdown of The Fourteen Eyes.

https://droid-break.info/ – Similar as the PRISM break page above, this site focuses on security/privacy tools for the Android operating system (mobiles).

https://www.kitploit.com/ – A blog/repository dedicated to hacking tools, pentest tools and suites. A lot of interesting and cool tools.

https://www.securemessagingapps.com/ – Similar to the charts provided by ThatPrivacyGuy but this relates to secure messaging apps. A wonderful breakdown backed by good research to truly let you know if a “secure” messaging service is as “secure” as claimed.

https://www.adlice.com – Adlice’s Rogue Killer is a partly-free (has paid for versions with more features) antivirus tool that I’m listing here due to my personal experiences. Many antivirus tools are effective and I will not list reasons why I think some are better than others, but Adlice not only promote third party software (like malwarebytes, a big favourite amongst many) their own tool is especially powerful. I’ve often found that this tool has found regkeys, rootkits and some strains of malware that other tools simply couldn’t pick up. It also has built-in virus total upload diagnostics and from what I understand, it uses multiple antivirus engines to analyze files making detection rates higher. If you feel a machine is infected and have tried a list of tools, do not miss out Rogue Killer (which can run portably, at start-up or even on restricted systems).

https://www.whonix.org/ – A privacy focused OS built around the TOR network to make DNSleaks impossible and to make even root-priviledged malware incapable of revealing the user’s true IP address. Working as a VM, with user or command line interface, the OS recieves regular updates and boasts functionality/privacy advantages over Tails/QubeOS and TorBrowser. (See https://www.whonix.org/wiki/Comparison_with_Others )

https://www.nirsoft.net – A variety of freeware Windows utilities that have made my job doing forensics, IT administration, Troubleshooting and more oh so very easy. There are endless use-cases and scenarios where his tools come in handy. From remotely looking at browsing history over a network, recovering product keys, saved passwords and more! Take a look and if you ever read this, Thanks Nir Sofer! 🙂

https://www.hiren.info/pages/bootcd – Hiren’s Boot CD which has since evolved into: https://www.hirensbootcd.org/about/ is a bootable live media/CD which can be used to troubleshoot, diagnose and repair systems. Though it is a toolkit of multiple tools, it does have some security tools such as removing local administrative passwords and more. Has multiple applications and I’ve used it for years.

https://adsecurity.org/ – Active Directory is the keys to your kingdom (networkly speaking) and as such knowing it, the security holes it can have and the permissions you need to look out for is imperative for any blue or redteamer. This site houses a collection of security guides/principles/policies and schemas from multiple members of the security community and Microsoft. Really worth checking!!

https://app.any.run/ – A sandbox system used to run malicious or dangerous files. Let’s you spool a VM, run a virus and see the outcome! An amazing powerful tool which takes a step further from online analysis such as virus total. This really deserves more attention (and it only came to mine this year!)

https://attack.mitre.org/software/ – The software list provided by Mitre is a list composed of open source or public/privately created software/malware/tools and which threat actors/hacking groups/individuals they have been known to be used by. This data is collected from around the world, cited/sourced and with links provided where available. The names/creators and stories behind some of the most recent Trojans/RATS/Malware strains todate are listed here, though the list it not entirely exthaustive, it does house alot. The ATT&CK table provided by Mitre on their site is also worth checking out, it listed the various stages and techniques used during breaches and acts as a template for organisations/security researchers and individuals worldwide.

https://abelcheung.github.io/rifiuti2/ – Rifiuti2 is a Forensic tool used to look at Recyle bin data such as deletion, purge & restore times of files. When carrying out IT forensics often the data that is deleted/removed that can be just as important as the data that is left. This tool is an update to a previous script which now supports legacy (95/98) to win10.

https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview – TCPview is a tool provided by Microsoft via Sysinternals which shows all the TCP connections made by particular services/applications and files within a system. A great tool for forensics, troubleshooting and just identifying strange app behavior.

https://docs.microsoft.com/en-us/sysinternals/downloads/procmon – Processmonitor (also known as ProcMon) is a tool provided by Microsoft via Sysinternals (a site made by a Microsoft engineer to provide his own tools/utilities for Windows systems). The tool itself can help find processes/registries/handles utilized by a program/application or file and can help track which links it has and what processes are using it. This can be very useful on identifying locked files, issues with applications and even spotting malware (though it’s not made specifically for this). I do recommend looking at the entire sysinternals archive of tools as a general sysadmin I’ve found uses for many of them.
(Memory issues? Look up RamMap).

https://sectools.org/ – Though dated this is a great list of security tools (that work well with nmap and other famous tools). It should be noted most if not all of these are included with Kali Linux. see also seclists.org

https://distrochooser.de/en – Fancy using Linux but don’t know which? Well other than using Kali (for hacking) you might just want a normal linux distro. Answer this survey and you’ll be suggested the appropriate OS 🙂