logo  ONESTOPCYBERSHOP

  Tooling

Scripting | Vulnerability Assessment | Network Forensics | DFIR & Threat Hunting | Malware Analysis | Steganography
Reconnaissance | Delivery | Weaponization | Network Enumeration | Post Exploitation | Credential Harvesting | Command & Control 
OSINT | Threat Feeds | Dark Web 


SANS Institute

Active Countermeasures

abuse.ch

The Dark Source

InfoSec-Resources4All

Infosec Awesome

HomeLabResources

AWS Arsenal

GCP Diagramming



    Alternative Mail

10minutemail

maildrop

Guerrilla Mail

Lavabit

riseup

Tutanota



    Cyber Defence (Blue Team)

Awesome IR

Awesome Awesomeness

SANS DFIR

Security Awareness Planning

TheHive

Velociraptor

DFIRTrack

DFIRlogbook



    Scripting
PowerShell Core

Brew

Blue Team PowerShell

regex101

crontab guru

CyberChef

DeepBlueCLI

jq

freq

Sooty

wtfis

EpochConverter



python-iocextract



python-stix

Python Tools
Download 


    Vulnerability Assessment
Nessus

BurpSuite

OpenVAS

interactsh

SkyArk



    Network Forensics
Splunk

Elastic

Nagios

Snort

Zeek

Suricata

SiLK

NetreseC

SIGMA

Sigma2SplunkAlert

BruteShark



    DFIR & Threat Hunting
Eric Zimmerman Tools

The Sleuth Kit

TZWorks

KAPE

GRR

LinuxCatScale

FTK Imager

Registry Viewer

Process Capture

Sysmon

PowerForensics

HELK

analyzeMFT

RegRipper

evtx_dump

WELA

ShimCacheParser

Seatbelt

plaso

Timesketch

APT-Hunter

ThreatHunting

Sentinel ATT&CK

AzureHunter



    Memory Analysis
Redline

Volatility

SuperMem

WinPmem

osxpmem

linpmem

AVML

LiME

MemProcFS



    Malware Analysis

File Signatures

SysInternals Suite

Nirsoft Suite

YARA

Malware Analysis Repo

DidierStevens Suite

Wireshark

INetSim

fakedns

PhishingKitTracker

pehash

ssdeep



    Identifiers & Hex Viewers
ExifTool

TrID

xxd

Bless

Neo

Hexinator



    Process & Document Analysis
Process Hacker

ProcDOT

API Monitor

Regshot

WMI Explorer

Viper

cscript

wscript

PE-bear

PE Tree

peframe

petools

rtfdump

PDF Parser

peepdf

oletools

XLMMacroDeobfuscator



    Disassemblers/Debuggers
IDA Pro

OllyDBG

x64dbg

WinDbg

pestudio

Ghidra

Immunity Debugger

Cutter

Binary Ninja

Hopper

Fiddler

Radare2

Scylla

Java Decompiler

Beautifier

js-beautify

SpiderMonkey

pcodedmp



    Sandboxes
Hybrid Analysis

Any.Run

Joe Sandbox

Malwr

Yomi

Malware Jail

filescan.io

Cuckoo

CAPE

DetuxNG



    Malware Repositories

    Please take extra precautions when analysing and playing with malware.

Malshare

MalwareBazaar

URLhaus Database

theZoo

vx-underground

DasMalwerk.eu

Mac Malware

PacketTotal

VirusSign

The-MALWARE-Repo

Malware Feed



    Steganography
Xiao Steganography

Steghide

S-Tools

Hide'N'Send

Camouflage

InvisibleSecrets



    Offensive Cyber (Red Team)

Sample Pen Test Report

Red Team Tool Roundup

100 Best Hacking Tools

Yuki Chan

awesome-browser-exploit

Exploit DB



    Note Taking & Checklists
KeepNote

cherrytree

Greenshot

Flameshot

Trilium

joplin

OWASP Testing



    Reconnaissance
GTFOBins

haveibeenpwned

hunter.io

amass

Expired Domains

Subdomain Enumeration

xnLinkFinder

crt.sh

Security Headers

theHarvester

sumrecon

MASSCAN

MassDNS

httprobe

subbrute

NMAP

nrich

Angry IP Scanner



    Weaponization
Inceptor

macro_pack

Dotpack

EvilClippy

Chimera



    Delivery
Pafish

ThePhish

PhishTool

Evilginx2

Muraena

NecroBrowser



    Network Emuneration
BloodHound

impacket

mitm6

Snaffler

MFASweep



    Post Exploitation
Metasploit

PowerSploit

Empire

Cobalt Strike

Shellter

merlin

CrackMapExec

ADFSpoof



    Credential Harvesting
JohnTheRipper

Hashcat

L0phtcrack

CrackStation

mimikatz

breach-parse



    Command & Control
PoshC2

LimeLighter



    Threat Intelligence

    OSINT
SANS' "Must Have"
OSINT Tools

OSINT Resource
Discovery Toolkit

CTI & OSINT
Online Resources

start.me
OSINT Links

Download 
MISP

YETI

Maltego

VirusTotal

RiskIQ

URLScan

Shodan

Censys

Spyse

ThreatCrowd

DNS Dumpster

PasteBin

WhatsMyName

ZoomEye

WiGLE

IntelligenceX

FullHunt

GreyNoise

PublicWWW

Pulsedive

onyphe

SynapsInt

app.netlas.io

binaryedge.io

fofa.info

grep.app

ivre.rocks

leakix.net

searchcode.com

socradar.io

Threatool

vulners.com

MyOsint.Training

OSINT.games

osint.me

Karma

dnstwist

domfind

sherlock

TweetScraper



    Threat Feeds
AlienVault

Feodo Tracker

URLhaus

threatfeeds.io



    Dark Web

    Please note, these sites are only accessible thought the TOR browser.

Ahmia

Haystak

duckduckgo

Torch

Wiki

ProtonMail

MEGATor

PrivacyTools

    Coding Environments
VSCode

codepen

jsfiddle

COLAB

CoderPad

Node-RED



  With great power, comes great responsibility; this material has been collated to encourage learning and development, and not to be leveraged for unethical and/or illegal behaviour.
  By visiting any of these sites, you are doing so at your own risk.

  I would like to thank all of the authors, instructors, publishers, developers (and others) - both individuals and teams - for the content collated on this site. I must stress that none of the content referenced/linked on this site is my own.
  If you have any suggestions and/or content you feel is missing or would like included, please email me at oscybershop [at] gmail [dot] com