Links for Cyber Security Professionals
Penetration Testing Resources
Penetration Testing Distributions
  • Kali – GNU/Linux distribution designed for digital forensics and penetration testing.
Multi-paradigm Frameworks
  • Metasploit – Software for offensive security teams to help verify vulnerabilities and manage security assessments.
  • Faraday – Faraday introduces a new concept – IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distribution, indexation and analysis of the data generated during a security audit.
Vulnerability Scanners
  • Nessus – Commercial vulnerability management, configuration, and compliance assessment platform, sold by Tenable.
  • OpenVAS – Free software implementation of the popular Nessus vulnerability assessment system.
Web Scanners
  • Nikto – Noisy but fast black box web server and web application vulnerability scanner.
  • Arachni – Scriptable framework for evaluating the security of web applications.
  • WPScan – Black box WordPress vulnerability scanner.
Network Tools
  • nmap – Free security scanner for network exploration & security audits.
  • tcpdump/libpcap – Common packet analyzer that runs under the command line.
  • Wireshark – Widely-used graphical, cross-platform network protocol analyzer.
Web Application Testing
  • OWASP Zed Attack Proxy (ZAP) – Feature-rich, scriptable HTTP intercepting proxy and fuzzer for penetration testing web applications.
  • Fiddler – Free cross-platform web debugging proxy with user-friendly companion tools.
  • Burp Suite – Integrated platform for performing security testing of web applications.
Windows Utilities
  • Maltego – Proprietary software for open source intelligence and forensics, from Paterva.
  • Shodan – World’s first search engine for Internet-connected devices.
  • recon-ng – Full-featured Web Reconnaissance framework written in Python.
  • Virus Total – VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
Penetration Testing Report Templates
Vulnerability Databases
Security Courses
  • Cybrary – Build your cyber security or IT career, for free. Join the world’s largest cyber security workforce development community now!
Awesome Lists
  • Cybrary’s Open Blog – is a user contributed cyber security knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.
  • Cybrary’s Official Company Blog – You’ll find official announcements and other news and stories from the team and our friends in the cyber security industry.
  • Twitter – Cyber Security Twitter Profiles to Follow.
  • EC-Council Official Blog – Keep up with the latest Cybersecurity trends, official EC-Council news, and advice from the industry experts!
  • Bleeping Computer – Millions of visitors come to every month to learn about the latest security threats, technology news, ways to stay protected online, and how to use their computer more efficiently.
  • The Hacker News – is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts.
  • Threatpost – is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.
  • Hacker Noon – is everything hackers need at noon.
  • TechNative – is to offer the latest product and user news, in-depth features, reports and podcast & video interviews with the leaders in business technology.
  • Infosecurity Magazine – has over ten years of experience providing knowledge and insight into the information security industry.
  • Dark Reading – Long one of the most widely-read cyber security news sites on the Web, Dark Reading is now the most trusted online community for security professionals like you.
  • GBHackers – is Advanced Persistent Cyber Security Online platform which including Cyber Security Research,Web Application and Network Penetration Testing, Hacking Tutorials,Live Security Updates, Technology updates, Security investigations With dedicated Cyber security Expert Team and help to community more secure.
  • CIS Resources – CIS® (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.
  • Heimdal Security Blog – 50+ Amazing Internet Security Blogs You Should Be Following.
  • Feedspot Security Blog – Top 100 Amazing Cyber Security Blogs You Should Be Following.
  • IEEE Spectrum – IEEE is the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity.