A curated collection of essential cybersecurity reference sites, frameworks and tools.
Frameworks & Standards
MITRE ATT&CK
Adversary tactics, techniques and procedures (TTPs) used in real attacks
MITRE D3FEND
Defensive countermeasures mapped against ATT&CK techniques
MITRE CAR
Cyber Analytics Repository — detection analytics aligned with ATT&CK
NIST CSF 2.0
Cybersecurity Framework — Govern, Identify, Protect, Detect, Respond, Recover
NIST SP 800-61 Rev 3
Computer Security Incident Handling Guide — the authoritative IR reference
OWASP Top 10
The ten most critical web application security risks
CIS Controls
Prioritised set of actions for cyber defence — v8
ISO/IEC 27001
International standard for information security management systems
ENISA Threat Landscape
Annual EU threat landscape report covering top threats, actors and trends
Threat Intelligence
AlienVault OTX
Open Threat Exchange — community-driven IoC sharing platform
Shodan
Search engine for internet-connected devices and exposed services
GreyNoise
Distinguishes targeted attacks from internet background noise — reduces alert fatigue
URLhaus
Malware distribution URLs tracked by abuse.ch
MalwareBazaar
Malware sample repository and sharing platform
ThreatFox
IOC sharing platform by abuse.ch — indicators searchable by malware family
Feodo Tracker
Botnet C2 infrastructure tracking — block lists for Emotet, QakBot, Cobalt Strike
Malpedia
Malware family knowledge base — samples, YARA rules, threat actor mapping
AbuseIPDB
Community database of IPs reported for abusive behaviour
ransomware.live
Real-time ransomware victim tracking across all major groups
Vulnerability Databases
NIST NVD
National Vulnerability Database — authoritative CVE enrichment
CISA KEV Catalog
Known Exploited Vulnerabilities — mandatory patch list for U.S. agencies
FIRST EPSS
Exploit Prediction Scoring System — probability a CVE will be exploited in the wild
AttackerKB
Community exploitability assessments and vulnerability prioritization research
Exploit Database
Public exploit archive maintained by Offensive Security
Vulners
Full-text vulnerability search across NVD, exploits, advisories and patches
CVE Details
CVE statistics, vendor and product vulnerability history
CVSS Calculator
Official FIRST CVSS v3.1 base score calculator
Have I Been Pwned
Check if email addresses appear in known data breaches
Tools & References
CyberChef
Browser-based data transformation and analysis tool (GCHQ)
VirusTotal
File, URL and IP reputation scanning across 70+ AV engines
ANY.RUN
Interactive online malware sandbox and analysis environment
Hybrid Analysis
Free automated malware analysis powered by CrowdStrike Falcon
FileScan.io
Free sandbox with MITRE ATT&CK mapping and behavioral analysis
LOLBAS
Living Off The Land Binaries — Windows binaries abused by attackers
GTFOBins
Unix binaries exploitable for privilege escalation and escape
OSINT Framework
Categorised directory of OSINT tools and data sources for investigations
DNSDumpster
Free domain research and DNS reconnaissance tool
Malware Traffic Analysis
PCAP samples and network traffic exercises for malware analysis practice
News & Advisories
Krebs on Security
In-depth security journalism by Brian Krebs
The Hacker News
Breaking cybersecurity news and analysis
Bleeping Computer
Technical security news, ransomware coverage and malware analysis
Cisco Talos
Threat research, malware analysis and intelligence from Cisco's security team
Unit 42
Threat intelligence and research from Palo Alto Networks
Microsoft MSRC
Microsoft Security Response Center — patch advisories and CVE details
Google Project Zero
Zero-day vulnerability research and responsible disclosure from Google
BSI
German Federal Office for Information Security — advisories and alerts
NCSC (UK)
UK National Cyber Security Centre — alerts and guidance
SANS ISC
Internet Storm Center — daily threat diaries and port activity
Incident Response & Forensics
Eric Zimmerman's Tools
Free collection of Windows DFIR tools — Registry, event logs, artefact parsing
Velociraptor
Open source endpoint telemetry and DFIR platform — VQL-based hunting
Volatility
Memory forensics framework for analyzing RAM dumps from live systems
Autopsy
Free open source digital forensics platform with GUI — disk and file analysis
MISP
Open source threat intelligence sharing platform and IOC management
TheHive
Open source IR case management and collaboration platform
SANS DFIR Posters
Free quick-reference cheat sheets for Windows, Linux and memory forensics
Governance & Compliance
NIS2 Directive
EU network and information security directive — requirements for essential and important entities
BSI IT-Grundschutz
German IT baseline security standards and catalogues
EDPB Guidelines
EU Data Protection Board guidelines on GDPR application and breach notification
DORA
EU Digital Operational Resilience Act — ICT risk requirements for the financial sector
CSA Cloud Controls Matrix
Security controls framework for cloud services — maps to ISO 27001, NIST, PCI DSS
PCI DSS
Payment Card Industry Data Security Standard — requirements for card data environments
Training & Practice
TryHackMe
Guided, beginner-friendly security labs covering offensive and defensive topics
Hack The Box
Realistic practice labs for penetration testing, CTF and blue team skills
OverTheWire
Free wargames for learning Linux, networking and security fundamentals
CTFtime
CTF competition calendar, team rankings and writeup archive
SANS Reading Room
Extensive library of free security white papers and research
Cybrary
Free and paid cybersecurity training — SOC analyst, IR, penetration testing paths