awesome-cyber-security

0day.today - Biggest Exploits Database and 0day market - The Underground, is one of the world's most popular and comprehensive computer security web sites.

ATT&CK is a knowledge base of cyber adversary behavior and taxonomy for adversarial actions across their lifecycle. ATT&CK has two parts: ATT&CK for Enterprise, which covers behavior against enterprise IT networks and cloud, and ATT&CK for Mobile, which focuses on behavior against mobile devices.

Chinese government-run vulnerability database analoguous to the United States’s CVE database hosted by Mitre Corporation.

Search public GitHub proof-of-concept repositories by CVE identifier, with 30,000+ CVEs indexed and updated daily.

cve-search is accessible via a web interface and an HTTP API. cve-search is an interface to search publicly known information from security vulnerabilities in software and hardware along with their corresponding exposures.

(WLB2) World Laboratory of Bugtraq is a huge collection of information on data communications safety. Its main objective is to inform about errors in various applications.

A plethora of free cybersecurity courses and resources on all topics related to the field.

Dark Cubed’s cybersecurity resources page provides links to dozens of 100% free resources you can use for your own business or for your customers.

For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.

This page is devoted to helping cyber security experts find the resources they need to grow and thrive.

The listing of related sites provide additional sources to pursue the topic of Cybersecurity. The sites include Government organizations, including federal agencies, Department of Defense and military service agencies, commercial organizations, and academic institutions.

This guide is intended to provide actionable resources for everyone looking to learn more about the field.

A collection of awesome software, libraries, documents, books, resources and cool stuff about security.

A curated list of amazingly awesome tools and resources related to the use of machine learning for cyber security.

A curated list of awesome malware analysis tools and resources.

Maintained by @vaib25vicky with contributions from the security and developer communities.

A collection of awesome software, libraries, documents, books, resources and cool stuff about security.

collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources.

A curated list of storage open source tools. Backups, redundancy, sharing, distribution, encryption, etc.

SBOM standard for software supply chain transparency.

An intentionally vulnerable e-commerce web application for CTF use.

The top risks specific to API security.

Application Security Verification Standard for defining security requirements.

Pragmatic checklists and best practices for secure development.

Software Composition Analysis (SCA) to find vulnerable dependencies.

Guidance for organisations deploying a range of end user device platforms as part of a remote working solution

Para ayudar a la pyme a poner en marcha los procesos internos con los que mejorar su ciberseguridad presentamos una serie de documentos que hemos denominado como «políticas de seguridad».

This book is a compilation of best practices for evaluating weak spots in a product and company, and fostering a robust security culture.

Helping to make the UK the safest place to live and work online.