Cybersecurity and CTF Resources

This repository is a comprehensive collection of resources tailored for both cybersecurity enthusiasts and CTF (Capture the Flag) competitors. Whether you are just starting your journey in cybersecurity or looking to enhance your skills, this guide offers a wide range of tools, blogs, cheat sheets, and platforms to support your learning and practice. Dive into roadmaps, engage with vibrant communities, and sharpen your skills with specialized tools and challenges designed to elevate your cybersecurity knowledge and capabilities.

Cybersecurity Resources

Cybersecurity Roadmap

• Vulnhub Mindmap by Ignitetechnologies
• Cybersecurity Roadmap

Communities / Blogs / Youtubers

• Hackers Arise
• RTL-SDR Blog
• DEFCON
• Nullcon
• SecurityFWD YouTube
• Null Byte YouTube
• ClicksAndBits YouTube
• John Hammond YouTube
• TheXSSrat YouTube
• David Bombal YouTube
• NetworkChuck YouTube
• HackerSploit YouTube
• zSecurity YouTube
• Vuln Machines YouTube
• TheHackerish YouTube
• Ippsec YouTube - HTB Walkthrough
• 247CTF YouTube - CTF Fundamentals
• NahamSec YouTube - Web Pentesting / Bug Bounty
• Chris Greer YouTube - Network / PCAP
• NetworkChuck YouTube - Networking / Linux Tutorials
• TheGaryTube YouTube - IT / Networking Tutorials
• David Bombal YouTube - Cisco Networking / CCNA / Cybersecurity

Popular Certifications

• OffSec Certified Professional (OSCP)
• Certified Ethical Hacker (C|EH)
• CompTIA Security+
• CC – Certified in Cybersecurity
• Web application Penetration Tester eXtreme
• Cisco Certified Network Associate (CCNA)

Cheatsheets

• Cybersec Cheatsheets
• Guifre

Additional Resources

• Link Lock - Secure Links
• WinDirStat - Disk Usage Stats
• Red Python Scripts
• Linux Shell Tips - SSH Commands Cheat Sheet

CTF Resources

CTF Tool List

• CTF Tools by Greg Alletti
• CTF-Tools

Web Pentesting

• Wappalyzer (For tech stack identification)
• CMSMap - CMS Scanner
• Dirsearch - Web Path Scanner
• Subfinder (subdomain finder)
• Sublist3r (subdomain finder)
• Declutter URLs - uro
• HttpX (HTTP probe)
• paramspider (parameter discovery)
• Arjun (parameter discovery)
• XSS Cheatsheet
• xsscrapy - XSS Vulnerability Scanner
• XSStrike (XSS scanner)
• XSS Payloads
• SQLMap (SQLi automation)
• JSQL Injection
• 3klCon - Web Recon Tool
• SpyHunt (recon tool)
• Amass (resource recon)
• Sn1per - Automated Pentest Recon Scanner
• 3klCon - Web Recon Tool
• Sn1per - Automated Pentest Recon Scanner
• nuclei (vulnerability scanner)
• WAFNinja - WAF Bypassing
• Joomla Mass Exploiter
• Wpscan (WordPress vulnerability scanner)
• WordPress Mass Exploiter

Audit Tools

• BurpSuite - Web Pentest Toolkit
• Caido - Security Auditing Tool
• FoxyProxy - Web Proxy
• Postman - API Audit
• DNS Analyzer - BurpSuite Extension

Mobile Pentest

• Mobile Security Framework (MobSF)
• APKLeaks - Extract APK Secrets
• WhatsApp Viewer
• WhatsApp Key DB Extractor
• IMSI Catcher Stingray Guide

Image Steganography

• StegOnline Checklist
• 0xffd700 Steganography
• StyleSuxx Steganography
• AperiSolve
• ZXing Barcode Decoder
• Exif Data Viewer
• Online Barcode Reader
• Photo Forensics
• Jimpl - Image Analysis

Password Hash Crack

• Hashcat - Password Cracking
• CrackStation
• CyberChef

Morse Code / Audio Steganography Decoder

• Audacity
• Lexilogos Morse Code Translator

Cryptography

• dCode
• Guballa Substitution Solver
• RSA Factor DB

Reverse Engineering

• IDA
• Ghidra
• x64DBG
• Dogbolt - Online Compiler
• Compiler Explorer
• Cheat Engine

Network Analysis

• Wireshark - Packet Capture
• TCPDump - Packet Capture
• IP Scanner
• Nmap - Network Scan Tool
• Smap (Nmap alternative)

OSINT / Social Engineering

• Photon - OSINT Crawler
• AdvPhishing
• CamPhish
• TBomb - SMS/Call Bomber
• GHunt - Google Account OSINT
• Trape - User Tracking
• Profil3r - OSINT
• Evilginx2 - Session Cookie and Credential Phishing
• Dorks - Bug Bounty Search Engine
• Google Explorer

DoS

• Saphyra
• hping3

RATs

• NjRAT Modded Source Code
• Lime-RAT
• AhMyth - Android RAT

CTF Training Platforms

• Hack The Box
• Try Hack Me

Beginner CTF

• Kioptrix Level 1 Installation
• Kioptrix Level 1
• Kioptrix Level 1.2
• Kioptrix Solution
  • Video 1
  • Video 2
  • Video 3
  • Writeup

Useful Websites for CTF Challenges

• 247CTF
• picoCTF
• GTFObins
• Exploit DB
• PacketStorm
• Rop Emporium
• OverTheWire
• Tools Watch

Additional Tools and Repositories

• CTF-Cheatsheet
• Awesome Hacking

Bug Bounty Resources

Bug Bounty Platforms

• Bug Crowd
• HackerOne
• YesWeHack
• Microsoft

Bug Bounty Tools

Enumeration / Recon

• Wappalyzer (For tech stack identification)
• 3klCon - Web Recon Tool
• CMSMap - CMS Scanner
• Dirsearch - Web Path Scanner
• SpyHunt (recon tool)
• Amass (resource recon)
• Subfinder (subdomain finder)
• Sublist3r (subdomain finder)
• Declutter URLs - uro
• paramspider (parameter discovery)
• Arjun (parameter discovery)
• HttpX (HTTP probe)
• XSStrike (XSS scanner)
• xsscrapy - XSS Vulnerability Scanner
• Smap (Nmap alternative)

Automation

• EchoPwn - Bug Bounty Automation
• Sn1per - Automated Pentest Recon Scanner
• SQLMap (SQLi automation)
• Wpscan (WordPress vulnerability scanner)
• nuclei (vulnerability scanner)
• JSQL Injection

Exploits

• WAFNinja - WAF Bypassing
• WordPress Mass Exploiter
• Joomla Mass Exploiter
• Vajra - Azure Cloud Pentester

Auditing Tools

• BurpSuite - Web Pentest Toolkit
• Caido - Security Auditing Tool
• FoxyProxy - Web Proxy
• Postman - API Audit
• DNS Analyzer - BurpSuite Extension

Bug Bounty Cheatsheets

• MRecon - Notion Page
• XSS Cheatsheet
• XSS Payloads

Conclusion

This repository offers a curated list of essential resources for anyone interested in cybersecurity and CTF challenges. From roadmaps and community links to specialized tools and cheat sheets, this guide is designed to support your journey through the complex world of cybersecurity.