The Cyber Ledger · Resources
Community
Resource Library
A curated library of tools, platforms, and references used by the TCL community — from first CTF to professional red team ops.
Must-Know
Featured Resources
The four tools and platforms every TCL member should have bookmarked — regardless of your specialisation.
★ Featured
PortSwigger Web Security Academy
The definitive free platform for web application hacking. Labs, theory, and hands-on challenges built by the makers of Burp Suite.
★ Featured
TryHackMe
Browser-based learning paths for beginners through advanced. Guided rooms, pre-built VMs, structured roadmaps.
★ Featured
HackTheBox
Intermediate to advanced hacking labs, pro labs, and a competitive community. The industry benchmark for practical skills.
★ Featured
OWASP Foundation
The gold standard for web security references. OWASP Top 10, Testing Guide, WSTG, and hundreds of community-maintained projects.
★ Featured
PwnedLabs
The gold standard for web security references. OWASP Top 10, Testing Guide, WSTG, and hundreds of community-maintained projects.
Offensive Security
Exploitation frameworks, enumeration tools, payload libraries, and attack references used in pentests, bug bounty, and red team ops.
Burp Suite
Intermediate The professional standard for web app pentesting and interception.
Metasploit Framework
Intermediate World's most used exploitation framework for network pentesting.
Nmap
Beginner Network discovery and security auditing. The essential recon tool.
Gobuster
Beginner Fast directory/file brute-forcer for web recon and fuzzing.
SQLmap
Intermediate Automated SQL injection detection and database takeover tool.
PayloadsAllTheThings
Massive repo of payloads and bypasses for every attack category.
GTFOBins
Intermediate Unix binaries that can bypass local security and escalate privileges.
RevShells
Beginner One-click reverse shell generator for any language and listener.
Amass
Intermediate In-depth attack surface mapping and asset discovery via DNS enumeration.
Subfinder
Beginner Passive subdomain enumeration tool with multiple data source integrations.
httpx
Intermediate Fast multi-purpose HTTP toolkit for probing web servers at scale.
ffuf
Beginner Fast web fuzzer for directory, parameter, and vhost discovery.
Feroxbuster
Beginner Recursive, fast content discovery tool written in Rust.
Naabu
Beginner High-speed port scanner with SYN/CONNECT scan modes from ProjectDiscovery.
Masscan
Intermediate Internet-scale port scanner capable of scanning the entire IPv4 space.
Aquatone
Intermediate Visual inspection tool for web targets — screenshots domains at scale.
WhatWeb
Beginner Web scanner that identifies CMS, frameworks, and server technologies.
CrackMapExec / NetExec
Intermediate Swiss army knife for Windows/AD network pentesting — SMB, WinRM, LDAP.
Impacket
Advanced Python library and scripts for low-level Windows network protocol interaction.
BloodHound
Intermediate Reveals hidden attack paths in Active Directory using graph theory.
Responder
Intermediate LLMNR/NBT-NS/mDNS poisoner for credential capturing on Windows networks.
Evil-WinRM
Intermediate WinRM shell for pentesting. Fully interactive PowerShell access to Windows.
Certipy
Advanced Tool for enumerating and abusing Active Directory Certificate Services.
Kerbrute
Intermediate Fast Kerberos user enumeration and password spraying against AD.
LinPEAS
Beginner Linux Privilege Escalation Awesome Script — comprehensive local recon.
WinPEAS
Beginner Windows Privilege Escalation Awesome Script — thorough local enumeration.
PSPY
Intermediate Monitor Linux processes without root — great for scheduled task discovery.
Ligolo-ng
Intermediate Advanced tunneling tool for pivoting through internal networks.
Chisel
Intermediate Fast TCP/UDP tunnel transported over HTTP. Ideal for firewall traversal.
Sliver C2
Advanced Modern, open-source C2 framework with mTLS, WireGuard, and HTTP(S) support.
Havoc C2
Advanced Modern, malleable C2 framework with advanced evasion capabilities.
Mythic C2
Advanced Collaborative, multi-operator C2 framework with a web UI and modular agents.
Web App Security
Specialized tools for finding and exploiting web application vulnerabilities — XSS, SSRF, SQLi, JWT attacks, and more.
XSStrike
Intermediate Advanced XSS detection suite with fuzzing, crawling, and WAF bypass.
Dalfox
Intermediate Fast parameter analysis and XSS scanner with a focus on automation.
Commix
Intermediate Automated all-in-one OS command injection and exploitation tool.
Arjun
Intermediate HTTP parameter discovery suite — finds hidden GET/POST/JSON parameters.
JWT Tool
Intermediate Test and exploit JSON Web Tokens — forging, brute-forcing, and algo confusion.
ParamSpider
Beginner Mining parameters from web archives for hidden attack surface discovery.
SSRFmap
Intermediate Automatic SSRF fuzzer and exploitation tool for web applications.
tplmap
Intermediate Automatic server-side template injection (SSTI) detection and exploitation.
NoSQLMap
Intermediate Automated NoSQL injection and exploitation tool targeting MongoDB and others.
InQL
Intermediate Burp extension and CLI for GraphQL security testing and introspection abuse.
Password Attacks
Password cracking, brute-forcing, and wordlist generation tools for credential-based attacks.
Hashcat
Intermediate World's fastest CPU/GPU-based password recovery tool. Supports 300+ hash types.
John the Ripper
Beginner Classic and versatile password cracker supporting many hash formats.
Hydra
Beginner Fast, parallelized network login brute-forcer supporting 50+ protocols.
CeWL
Beginner Custom wordlist generator that spiders a website for relevant keywords.
CUPP
Beginner Common User Passwords Profiler — builds targeted wordlists from personal info.
Defensive Security
SIEM platforms, network analysis, detection engineering, and incident response tools used by blue teams and SOC analysts.
Elastic SIEM
Intermediate Open-core SIEM with powerful detection and threat hunting capabilities.
Splunk Free
Intermediate Industry-leading SIEM. Free tier for learning log analysis and SPL.
Wireshark
Beginner The definitive packet analyzer for network traffic inspection.
Zeek
Advanced Network security monitor that creates high-fidelity logs for analysis.
Sigma Rules
Intermediate Generic SIEM detection rule format. Vendor-agnostic threat detection.
MITRE ATT&CK
The definitive adversary tactics and techniques knowledge base.
TheHive
Advanced Scalable, open source incident response platform for SOC teams.
Wazuh
Intermediate Open source XDR and SIEM for threat detection and compliance.
Security Onion
Intermediate Free Linux distro for intrusion detection, threat hunting, and log management.
Velociraptor
Advanced Advanced endpoint visibility and digital forensics response platform.
Chainsaw
Intermediate Rapidly search and hunt through Windows event logs for threat activity.
Hayabusa
Intermediate Fast Windows event log analysis and threat hunting tool using Sigma rules.
Sysmon
Intermediate Microsoft Sysinternals tool for deep Windows system activity logging.
DFIR
Digital forensics and incident response tools for artifact collection, memory analysis, disk forensics, and investigation.
Volatility3
Advanced The leading open-source memory forensics framework for incident response.
Autopsy
Intermediate GUI-based digital forensics platform for disk image and file system analysis.
KAPE
Intermediate Kroll Artifact Parser and Extractor — fast triage and artifact collection.
Redline
Intermediate FireEye's free endpoint forensic tool for memory and file analysis.
Malware Analysis
Static and dynamic analysis tools, sandboxes, and reverse engineering resources for dissecting malicious code.
Any.Run
Beginner Interactive online sandbox for real-time malware behavior analysis.
Cuckoo Sandbox
Advanced Open-source automated malware analysis sandbox — self-hosted.
Hybrid Analysis
Beginner Free online malware analysis service powered by CrowdStrike Falcon Sandbox.
PEStudio
Intermediate Static malware analysis of PE files — imports, strings, entropy, indicators.
FLOSS
Intermediate FireEye Labs Obfuscated String Solver — extracts strings from obfuscated malware.
Detect It Easy
Intermediate Flexible file type identifier and packer/compiler detection tool.
Reverse Engineering
Disassemblers, debuggers, decompilers, and frameworks for binary analysis and exploit development.
Ghidra
Intermediate NSA's open-source reverse engineering suite with disassembler and decompiler.
x64dbg
Intermediate Open-source x64/x32 debugger for Windows with an active plugin ecosystem.
radare2
Advanced Powerful open-source reverse engineering framework and hex editor.
pwndbg
Advanced GDB plug-in that makes exploit development and binary analysis easier.
dnSpy
Intermediate .NET debugger and assembly editor — decompile, edit, and debug .NET apps.
Frida
Advanced Dynamic instrumentation toolkit for black-box process analysis and hooking.
Cloud Security
Tools and platforms for auditing, attacking, and defending AWS, Azure, GCP, and Kubernetes environments.
Pacu
Advanced AWS exploitation framework for testing cloud environments — modular and extensible.
ScoutSuite
Intermediate Multi-cloud security auditing tool for AWS, Azure, and GCP.
Prowler
Intermediate Open-source cloud security tool for AWS, Azure, and GCP security assessments.
Trivy
Beginner Comprehensive vulnerability scanner for containers, IaC, and filesystems.
kube-bench
Intermediate Checks Kubernetes clusters against CIS Kubernetes Benchmark.
Falco
Intermediate Cloud-native runtime security and threat detection for containers and Kubernetes.
CloudGoat
Intermediate Rhino Security's vulnerable-by-design AWS environment for cloud attack practice.
Threat Intelligence
Platforms and feeds for IOC enrichment, malware intelligence, and adversary tracking.
VirusTotal
Beginner Aggregate malware scanning service using 70+ antivirus engines and URL scanners.
AbuseIPDB
Beginner Community IP reputation database for reporting and checking malicious IPs.
AlienVault OTX
Beginner Open Threat Exchange — community-driven threat intelligence feeds and pulses.
URLScan.io
Beginner Scan and analyze websites — screenshots, network requests, DOM, and indicators.
MISP
Advanced Open source threat intelligence sharing platform — IOCs, malware, and correlation.
GreyNoise
Intermediate Identifies internet background noise vs. targeted attacks using scan data.
ThreatFox
Beginner Free IOC sharing platform by abuse.ch — focused on malware C2 indicators.
OSINT
Open source intelligence tools and frameworks for reconnaissance, threat intel, and investigative research.
OSINT Framework
Visual map of every OSINT tool categorized by data type and target.
Maltego
Intermediate Graph-based OSINT and link analysis platform used by professionals.
Shodan
Intermediate Search engine for internet-connected devices. Indispensable for recon.
theHarvester
Beginner Email, subdomain, and host harvesting from public sources.
Google Dorks
Beginner Advanced Google operators for targeted information gathering.
IntelTechniques
Michael Bazzell's OSINT workbook, tools, and podcast. Community staple.
Censys
Intermediate Internet-wide scan data for hosts, certs, and attack surface analysis.
Sherlock
Beginner Hunt down social media accounts by username across 300+ platforms.
PhoneInfoga
Beginner Advanced phone number OSINT tool with carrier, location, and social lookups.
SpiderFoot
Intermediate Automated OSINT collection with 200+ modules for comprehensive target profiling.
Mobile Security
Android and iOS security testing tools for static analysis, dynamic instrumentation, and app assessment.
MobSF
Intermediate Mobile Security Framework — automated static and dynamic analysis for Android and iOS.
jadx
Intermediate Dex to Java decompiler — readable source from Android APKs.
apktool
Intermediate Reverse engineer Android APKs — decode, rebuild, and analyze resources.
Objection
Intermediate Runtime mobile exploration toolkit powered by Frida — no jailbreak required.
Drozer
Intermediate Android security assessment framework — test app attack surface from the device.
Bug Bounty
Platforms, learning resources, and community channels for getting started and succeeding in bug bounty hunting.
HackerOne
Beginner The world's largest bug bounty and VDP platform with thousands of programs.
Bugcrowd
Beginner Crowdsourced security platform with bug bounty and pen test programs.
Intigriti
Beginner European bug bounty platform with high-quality programs and community.
Bug Bounty Hunter
Beginner Dedicated resource hub for hunters — tools, methodology, writeups, and wordlists.
PentesterLand
Intermediate Curated writeup aggregator and bug bounty news — stay on top of techniques.
DevSecOps
Tools for integrating security into CI/CD pipelines — SAST, SCA, secrets scanning, and IaC security.
Semgrep
Intermediate Static analysis for finding security bugs in code at scale.
Snyk
Beginner Developer-first security platform for code, dependencies, containers, and IaC.
GitLeaks
Beginner Detect secrets and sensitive data committed to git repositories.
TruffleHog
Beginner Searches through git repos for secrets, digging deep into commit history.
Checkov
Intermediate Static analysis for Terraform, CloudFormation, Kubernetes, and other IaC.
SonarQube
Intermediate Continuous code quality and security analysis platform — detect OWASP Top 10.
Wireless & Hardware
Tools and hardware for WiFi, Bluetooth, RF, and IoT security testing.
Flipper Zero
Beginner Portable multi-tool for hardware hacking — RFID, NFC, IR, sub-GHz, and more.
HackRF
Advanced Open source software-defined radio for transmitting and receiving RF signals.
WiFi Pineapple
Intermediate Dedicated wireless auditing platform for man-in-the-middle and rogue AP attacks.
Aircrack-ng
Intermediate Complete suite for WiFi security auditing — cracking, capturing, and injection.
Bettercap
Intermediate Swiss army knife for network attacks and MitM — WiFi, BLE, and more.
CTF & Labs
Capture The Flag platforms, intentionally vulnerable machines, and writeup resources for practical skill building.
TryHackMe
Beginner Beginner-friendly guided rooms with pre-built attack/defense scenarios.
HackTheBox
Intermediate Competitive labs and pro tracks. Respected by hiring managers globally.
PicoCTF
Beginner Carnegie Mellon's beginner CTF with a huge archive of past challenges.
CTFtime
The global CTF calendar and team rating board. Find your next event.
OverTheWire
Beginner Classic Linux wargames — Bandit, Natas, Narnia. Perfect for basics.
VulnHub
Intermediate Downloadable vulnerable VMs for offline, isolated practice.
IppSec (YouTube)
The best HTB machine walkthroughs on the internet. Methodology gold.
PwnTools
Advanced CTF framework and exploit development library for Python.
DVWA
Beginner Damn Vulnerable Web Application — PHP/MySQL practice target for web hacking.
Juice Shop
Beginner OWASP's intentionally insecure web app — covers the entire OWASP Top 10.
CyberDefenders
Intermediate Blue team-focused CTF platform with DFIR, network, and malware analysis challenges.
Blue Team Labs Online
Beginner Hands-on blue team labs for SOC skills, log analysis, and incident response.
Certifications
Industry-recognized credentials from beginner to expert — with provider, level, and cost clearly marked.
eJPT
Beginner eLearnSecurity Junior Penetration Tester. Best first cert for practical pentesting.
OSCP
Advanced Offensive Security Certified Professional. The gold standard for pentesters.
CEH
Intermediate Certified Ethical Hacker by EC-Council. Widely recognized in enterprise hiring.
CompTIA Security+
Beginner Baseline vendor-neutral security cert. DoD 8570 compliant, globally respected.
Google Cybersecurity
Beginner Google's professional certificate on Coursera. Excellent free-tier entry point.
BTL1
Beginner Blue Team Labs Level 1. Practical SOC and defensive skills certification.
PNPT
Intermediate Practical Network Penetration Tester by TCM Security. Hands-on, well-respected.
CRTP
Intermediate Certified Red Team Professional — hands-on Active Directory attack course.
CRTO
Advanced Certified Red Team Operator by Zero-Point Security. Cobalt Strike focused.
CARTP
Advanced Certified Azure Red Team Professional — Azure attack paths and AD integration.
CDSA
Intermediate HTB Certified Defensive Security Analyst — SOC-focused practical certification.
Podcasts
Top cybersecurity podcasts for staying current, learning attacker mindset, and professional development.
Darknet Diaries
True stories from the dark side of the internet — breaches, espionage, crime.
Risky Business
Weekly news and expert interviews. The industry-standard security podcast.
Smashing Security
Weekly cybersecurity news with a lighthearted, humorous take.
Books
Essential reading for offensive and defensive security practitioners — from foundational to advanced.
The Web Application Hacker's Handbook
Intermediate The definitive reference for web app pentesting — still essential despite its age.
Red Team Field Manual (RTFM)
Intermediate Compact cheat-sheet reference for red teamers — commands, tools, and techniques.
Practical Malware Analysis
Intermediate The hands-on guide to analyzing malicious software. A blue team essential.
The Hacker Playbook 3
Intermediate Red team tactics and techniques from real-world engagements.
Black Hat Python
Intermediate Python programming for hackers — network tools, exploits, and trojans.
Linux Basics for Hackers
Beginner Linux fundamentals framed around hacking — networking, scripting, and tools.
Communities
Forums, Discord servers, conferences, and local groups for networking and learning.
OWASP Chapters
Local and virtual OWASP chapter meetings worldwide — talks, labs, networking.
Reddit r/netsec
High-quality network security discussion, research links, and community Q&A.
DEF CON Groups
Local DEF CON chapters worldwide — hacking culture and meetups.
Blue Team Village
DEF CON village focused on defensive security content, talks, and CTF.
Career & Learning
Job boards, learning roadmaps, mentorship, and community-built resources to accelerate your cybersecurity career.
LinkedIn
Primary professional network for security job hunting and networking.
Glassdoor
Salary data and company reviews. Know your worth before you negotiate.
TCL Mentorship
Connect with experienced practitioners inside the TCL Discord community.
Roadmap.sh — Cyber
Community-driven visual roadmap for cybersecurity career paths.
HTB Academy
Beginner Structured skill-path learning from HackTheBox. Job-role aligned.
TCM Security
Beginner Affordable, practical cybersecurity courses from industry practitioners.
OffSec Learn
Intermediate Offensive Security's learning portal — PWK, OSCP prep, and more.
Security Blue Team
Beginner Defensive security courses and certifications — BTL1, SOC, and DFIR focus.
TCL YouTube
CyberConflux session recordings and community walkthroughs.
AI & Security
AI-assisted security research tools, LLM use cases, LLM red-teaming, and emerging technologies shaping the next wave of threat and defense.
ChatGPT for Security
LLM-assisted recon, code review, payload crafting, and threat research.
Nuclei
Intermediate Fast, template-based vulnerability scanner. Huge community template library.
Semgrep
Intermediate Static analysis for finding security bugs in code at scale.
Fabric
Intermediate AI framework for augmenting human capabilities in security research.
Garak
Intermediate LLM vulnerability scanner — probes AI models for prompt injection, jailbreaks, and data leaks.
LLM Guard
Intermediate Security toolkit for LLM interactions — prompt injection and sensitive data detection.
PyRIT
Advanced Microsoft's Python Risk Identification Toolkit for LLM red-teaming.
Ollama
Beginner Run large language models locally — privacy-first AI for security research.
CyberConflux Sessions
Looking for session-specific resources?
Every CyberConflux program page includes its own curated resource list — tools, references, and reading
material tailored to that session's topic. Find them all on the Programs page.
tcl@community:~$ submit_resource --community
Know a tool we should add?
This library is built by the community, for the community. If you use a tool, platform, or reference
that belongs here — submit it and we'll review it for inclusion.