Here is a list of resources (Twitter, Tools, blogs, youtube channels, etc) for cyber security profesionnal. Feel free to suggest any
Twitter accounts
Top
| Account | Quick description |
|---|---|
| SecurityWeek | Cybersecurity News, Threats, Insights and Expert Analysis |
| Hackread.com | Cybersecurity news platforms |
| The Hacker News | Breaking news and tech coverage on cybersecurity |
| HackerOne | The only official HackerOne Twitter account |
| Black Hat | The World's Premier Technical Security Conference Series |
| Cyberwatch | French EVM |
Other accounts
| Account | Quick description |
|---|---|
| FIC_eu | French "Forum International de la Cybersécurité" |
| ComcyberFR | Compte officiel du Commandement de la cyberdéfense française |
| leHACK | Hacking conferences (french) |
| OpexNews | Veille sur les questions militaires et de défense |
| CVEnew | Latests CVEs (warning, can tweet quiet a lot) |
| vx-underground | The largest collection of malware source code, samples, and papers |
| NetBlocks | Tracking network disruptions and shutdowns |
| PortSwigger Research | Web security research from the PortSwigger team |
| HITBSecConf | Conference series held annually around the world |
| CERT-FR | Centre gouvernemental de veille, d'alerte et de réponse aux attaques informatiques |
| ANSSI | Agence nationale de la sécurité des systèmes d'information |
| DGA | Compte officiel de la Direction générale de l'armement |
| BreizhCTF 2022 | Annual CTF |
| Hacking is NOT a Crime | A nonprofit organization advocating global policy reform to decriminalize hacking |
| Chromium Disclosed Security Bugs | Automatic report of Chromium disclosed security bugs |
| RedTeamVillage | Group of red teamers (Red Team Village) |
| BlueHat IL | Cyber security conferences |
| Gareth Heyes | Security payloads and other funny code tricks |
| Insomni'hack | Ethical Hacking Contest |
| Bad Packets | Cyber threatintel on emerging threats, DDoS botnets, and network abuse |
| Almond | Entreprise de la Cybersécurité, du Cloud et des Infrastructures. |
| NoLimitSecu | Podcast francophone dédié à la cybersécurité |
| Le Comptoir Sécu | Le podcast traitant des enjeux de la sécurité informatique |
| Defense Digital Service | We are tech experts tackling the DOD's toughest problems |
| NotSoSecure | Company delivering high-end IT security consultancy |
| 44CON | UK Information Security Conference and training event |
| Offensive Security | Kali and OSCP makers |
| SANS Offensive Operations | Training, Certification, and Research |
| Synacktiv | Offensive security company |
| BugBountyHQ | Bug bounty news |
| DEF CON | Hacking Conference |
Cyber security researchers
- Mathias
- Orange Tsai
- Benjamin Delpy
- jermainlaforce
- LiveOverflow
- Ryan Hanson
- 偉
- Caitlin Condon
- James Kettle
Websites
Tools
| Site | Usage |
|---|---|
| HackTricks | Lot of resources, tips and such |
| Kali | The OS |
| Open PGP Keys | Email public encryption keys registry |
| HTTP Request Inspector | Internet-exposed temporary HTTP server for C2 |
| MOHMal | Anonymous disposable email |
| Crack Station | Hash reverse database |
| Security Headers scanner | Analyze web servers response headers |
| OSINT Framework | List of OSINT tools |
| Wayback machine | Archiveds web pages (OSINT and bug bounty proofs) |
| Damn Vulnerable Web Application | Training application for finding simple web vulnerabilities |
| NMap | Network scanner |
| NetCraft | Find what's powering a server, from its responses |
| PasteBin | Share texts (publicly) |
| OpenVAS | Vulnerability scanner |
| APNIC | IP (ranges, cidr) transfers and history |
| Cipher Suite | Infos on TLS ciphersuites |
| CenSys | Threat intel scan |
| FotoForensics | Image analysis and metadata searching |
| Metasploit Doc | Documentation for the Kali's Metaploit framework |
| IPInfo | Who owns and where is a specific IP |
| Zonemaster | DNS check |
| RSA Calculation | For CTF |
| EPIEOS | Infos about any email address |
| Security Trails | DNS history and infos, plus other similar stuff |
CVE, POC
Github
- LinEnum
- Linuxprivchecker.py
- Red Canary (atomic red team)
- Tsunami scanner
- ICS Pentesting Tools
- LinPEAS
- Payloads All The Things
- dnSpy
- Magic hashes
- JS package names
Blogs
- Trusted Sec
- SIM (cards) hack
- Dark Readings
- Pentest Lab
- The Hitchhiker’s Guide to Online Anonymity
- Live cyber threat map
- Blue team blog
- ALPACA Attack
- Synacktiv
- OSCP Guide
- ANSSI Logo Challenge
- No More Ransom
Security conferences and groups
Labs & trainings
- Newbie Contest
- SecNum (MOOC ANSSI)
- RingZero Team online CTF
- Hack The Box
- Offensive Security (certs and trains)
- Portswigger (BURP makers)
Bug Bounty
Cheat sheets
- Subdomains enumeration
- Windows x86-64 syscalls
- Reverse Shell Generator
- Linux Syscall
- 80x86 instructions
Docs, Specs etc
CTF
Youtube accounts
- Black Hat
- CODE BLUE
- DEFCON Conference
- Hack In The Box Security Conference
- John Hammond
- LiveOverflow
- LockPickingLawyer
- Orange Tsai
- PwnFunction
- Metasploit
- HackerSploit
- HackerOne
- GynvaelEN
- DeviantOllam (lockpick)
- Cybercrime Magazine
- Cyberspatial
- GOTO Conferences
- Adrian Crenshaw
- CarolinaConVideos
- Christiaan008