A curated directory of industry-standard security tools alongside highly polished, downloadable quick-reference cheat sheets to boost your technical learning workflow.
High-quality, condensed cheat sheets optimized for quick lookups during labs and examinations.
Comprehensive scan flags, firewall evasion, script parameters, and speed controls.
2024 revised edition explaining injection, broken access, insecure design, and fixes.
Kernel vulnerabilities, SUID files, wildcards, cron jobs, and capabilities checklist.
Commands reference guide, listener configurations, multi-handlers, and msfvenom payloads.
Free and open-source utility software utilized by penetration testers and SOC analysts worldwide.
Nmap is a free and open-source utility for network discovery and security auditing. It performs lightning-fast host discovery, port scanning, operating system detection, and vulnerability scripting.
An absolute necessity for web application penetration testing. Burp acts as an intercepting proxy, enabling security professionals to capture, analyze, and manipulate HTTP/S traffic between browsers and target servers.
The world's foremost network protocol analyzer. It allows deep-dive inspection of live network packets and traffic capture file readouts, detailing individual layer parameters and protocols.
A highly popular penetration testing platform that enables security practitioners to discover vulnerabilities, manage security assessments, and execute automated exploit payloads.
A software reverse engineering suite developed by the National Security Agency (NSA). Features a highly advanced decompiler, disassembly engine, and program graphing framework for binary analysis.
Dubbed the 'Cyber Swiss Army Knife', CyberChef is a simple, intuitive web app for carrying out all kinds of operations in a web browser, such as XOR encoding, Base64, hashing, and regex extraction.