Alerts

• CISA - Cybersecurity Alerts and Advisories
• Internet Storm Center - SANS

Awareness

• KnowBe4
• SANS Security Awareness Tip of The Day
• SANS Security Awareness Training

Blogs

• Blackberry Security
• CyberCrime and Doing Time - GarWarner
• Errata Security
• f-secure Blog
• Google Security Blog
• IT Security Guru
• j4vv4d
• Schneier on Security
• Securosis
• TaoSecurity - Richard Bejtlich
• Tenable Blog
• VIPRE
• We Live Security - ESET
• Lenny Zeltser Information Security in Business

BlueTools

• AhnLab
• Avast
• AVG
• Avira
• AV-Test.org
• BitDefender
• ClamAV
• Eset
• F-Secure
• Kaspersky
• McAfee
• Panda Software
• Sophos
• SpywareBlaster
• Symantec
• Trend Micro

BugHunting

• Google Project Zero
• hackerone
• reddit Bug Bounties
• Zero Day Initiative

Challenges

• Global CyberLympic
• Maryland Cyber Challenge
• Mid-Atlantic Collegiate Cyber Defense Competition
• Mitre Cyber Academy
• reddit Security CTF
• US Cyber Challenge

Charity

• Hackers for Charity

Compliance

• CMMC - Cybersecurity Maturity Model Certification
  • Chief Information Officer CMMC
  • CMMC Accreditation Body
  • CMMC Youtube channel
  • reddit CMMC
• FedRAMP - Federal Risk and Authorization Management Program
  • FedRAMP.gov
• FISMA - Federal Information Security Modernization Act of 2014
  • CISA FISMA
  • NIST CSRC FISMA
• GDPR - General Data Protection Regulation
  • GDPR.eu
  • GDPR Documentation
• HIPAA - Health Information Portability and Accountability
  • HHS.gov Health Information Privacy
• ISO
  • ISO/IEC 27001 - Information Security Management (for purchase)
• NIST
  • NIST Computer Security Resource Center
  • NIST CSRC Glossary
  • NIST Cybersecurity Framework
  • NIST CSRC Publications
• PCI
  • PCI ComplianceGuide.org
  • PCI Standards
• STIGs (Security Technical Implementation Guides) - DISA
  • STIGs - DoD Cyber Exchange

Crime

• Computer Crime Research Center
• CyberCrime Tracker (insecure)
• DoD Cyber Crime Center (DC3)
• DOJ Computer Crime and Intellectual Property Section (CCIPS)
• FBI Cyber Most Wanted
• FBI Internet Crime Complaint Center (IC3)
• FTC ID Theft
• High Technology Crime Investigation Assoc - HTCIA
• Multi-State Information Sharing and Analysis Center (MS-ISAC)
• National Insurance Crime Bureau
• reddit CyberCrime

Crypto

• reddit Crypto
• StackEchange Cryptography

DataBreach

• haveibeenpwned?

DataDestruction

• NAID

DFIR

• FIRST
• Forensic Focus
• Forensics Wiki
• NIST National Software Reference Library
• Open Source Computer Security Incident Response Team (concluded)
• reddit Computer Forensics
• SANS Digital Forensics and Incident Response
• TechTalk Top 20 Free Incident Response Tools

Email

email header notes 

Evaluation

• Common Criteria
• NIAP Common Criteria Evaluation and Validation Scheme

Exploits

• exploit-db
• Packet Storm Exploits
• reddit ExploitDev

GeneralReference

• AntiOnline Forums
• Awesome-Security-Tool-List
• CyberChef
• reddit
  • AskNetsec
  • blackhat
  • cyberlaws
  • cybersecurity
  • CyberSecurityAdvice
  • cybersecurity101
  • HackBloc
  • hackernews
  • hackers
  • hacking
  • Hacking_Tutorials
  • HowToHack
  • Infosec
  • netsec
  • netsecstudents
  • pwned
  • security
  • securityonion
  • talesfromsecurity
• StackExchange Security
• StackOverflow Security

Government

• Cybersecurity and Infrastructure Security Agency (CISA)
• DHS CyberSecurity
• Defense Information Systems Agency (DISA)
• DigiKnow - Cyber Security in Delaware
• DoD Cyber Exchange
• MD Dept of Info Tech Cybersecurity
• National Security Agency (NSA)

GovernmentNews

• ExecutiveGov
• FCW Security
• Federal News Network - CyberSecurity
• Fifth Domain: Cyber
• Government Computer News - Security/Cybersecurity
• Government Technology - Security
• GovInfo Security
• Homeland Security News Wire - Cybersecurity (insecure)
• nextgov Cybersecurity

Health

• Information Technology Burnout Project
• Security Burnout (insecure)

History

• Shoulders of InfoSec Wiki (insecure)

IDS/IPS

• Snort

IoT

• SPLICE project

Jobs

• HackerX
• reddit Cyber Security Jobs

Kids

• Hacker Highschool
• Savvy Cyber Kids

Linux

• LinuxSecurity.com

LocalGroups

• DC
• capsecdc
• HacDC
• General
• Hackerspaces Wiki
• Maryland
• Baltimore Hackerspace
• Baltimore Node
• CharmSec (insecure)
• Unallocatedspace
• Virginia
• NoVA Hackers
• Nova Labs

Lockpick

• reddit Lockpicking
• TOOOL

Network

• Iron Skillet template documentation
• Palo Alto Device Framework
• Palo Alto Knowledgebase
• Palo Alto Live
• Palo Alto Networks
• Palo Alto Networks Security Advisories
• Palo Alto Networks Support
• Panorama Documentation
• reddit paloaltonetworks
• Tsunami network security scanner

News

• Ars Technica Security News
• BankInfo Security
• BleepingComputer
• CISO Mag
• CNET Security News
• Computerworld Security
• Computing UK Security News
• CSO Online (login)
• CyberDefense Magazine
• CyberNews
• CyberScoop
• CyberWire
• The Daily Swig
• Dark Reading (login)
• DigitalMunition
• DZone Security Zone
• E Hacking News
• Engadget Security
• eSecurity Planet
• ESET WeLiveSecurity
• Ethical Hacker Network
• eWeek Security
• Feedspot Cybersecurity RSS news feeds
• Forbes Cybersecurity (disable ad blocker)
• Gizmodo Privacy and Security
• Graham Cluley
• The Hacker News
• Hackaday
• HackerStorm News
• HackRead
• Help Net Security
• HOTforSecurity
• IAPP Daily Dashboard
• InfoSec News
• InfoSecurity Magazine
• InfoSecurity News Mailing List
• InfoWorld Security Channel
• InternetStormCenter News Summary
• IT Pro Security (disable ad blocker)
• IT World Security
• Kim Komando Security and Privacy
• KrebsOnSecurity.com
• MakeUseOf - security
• Malwarebytes Labs
• Medium - cybersecurity
• MorningStar Security News
• Naked Security - Sophos
• Network World Security
• Packet Storm Security News
• PCWorld Security News
• Recorded Future Blog
• The Register Security News - UK
• SC Magazine - UK
• SC Magazine - US
• SearchSecurity
• SecLists.org Security Mailing Lists
• Securelist - Kaspersky
• SecureWorld
• SecurityBoulevard
• SecurityEngineer (insecure)
• SecurityIntelligence
• The Security Ledger
• SecurityWeek
• Slashdot YRO
• Softpedia.com - Security News
• SpiderLabs blog
• TechCrunch Security
• TechNadu Security
• TechRepublic Security
• TechSpective Security
• Techworm Security News
• TechXplore Security News
• Threat Post - Kaspersky
• Threat Vector - BlackBerry Cylance
• The Verge - Cybersecurity
• Wired Security
• YCombinator Hacker News
• ZDNet

OnlineSafety

• Center for Cyber Safety and Education
• Common Sense Media Privacy and Internet Safety
• ConnectSafely
• Family Online Safety Institute (FOSI)
• GetNetWise
• Get Safe Online
• NetSmartz - NCMEC
• Privacy, Identity and Online Security - FTC
• SafeKids.com
• Stay Safe Online - National Cyber Security Alliance
• StopBadware.org
• Stop.Think.Connect - DHS
• STOP cyberbullying (insecure - Under Construction)
• Two Factor Auth List

Orgs

• ACM Special Interest Group on Security, Audit and Control (SIGSAC)
• ASIS International
• Center for Internet Security
• CERT - Carnegie Mellon Software Engineering Institute
• Cloud Security Alliance
• IEEE Committee on Security and Privacy
• Information Systems Audit and Control Assoc - ISACA
• Inst. for Security and Open Methodologies
• ISC2
• ISC2 CPE Portal
• Information Systems Security Association - ISSA
• Internet Security Alliance
• National Cryptologic Foundation

OSINT

• Awesome OSINT
• eInvestigator
• IntelTechniques
• OSINT Combine
• OSINT Framework
• Search Party - Trace Labs

PasswordMgmt

• KeePass
• LastPass

Passwords

• GeodSoft How-To: Good and Bad Passwords (insecure)
• Oracle default password list (insecure)
• Password Crackers Recovery Service
• Router Passwords

PenTest

• Metasploit
• Penetration Testing Tools Cheat Sheet
• SANS Pen Testing

Phishing

• Anti-Phishing Working Group
• Apivoid email reputation check
• Phishing Intelligence Engine - LogRhythm
• PhishingRegex
• PhishStats
• PhishTank

PhysicalSecurity

• Govee sensors
• PI Mall
• ring Home Security
• Security Info Net (insecure)
• SecurityInfoWatch
• Wyze Home Security

Podcasts

• Cybersecurity Interviews
• CyberWire
  • Daily
  • Hacking Humans
• Darknet Diaries
• Detections
• ISC Daily StormCast
• Infosec Institute
• risky.biz
• Security Now - Steve Gibson and Leo Laporte
• Security Voices
• Security Weekly
  • Paul's Security Weekly
  • Security Weekly News

Policies

• FIRST Best Practice Guide Library (BPGL)
• SANS Policy Templates

Privacy

• Am I FLoCed
• COTSE Privacy Resources
• Electronic Frontier Foundation
• Electronic Privacy Information Center
• Lumen Database - Web Content Removal Requests
• Privacy International
• PrivacyRights Clearinghouse
• reddit privacy

Ransomware

• No More Ransom Project
• reddit Ransomware

ReverseEngineering

• ghidra
• reddit Reverse Engineering
• Stack Exchange Reverse Engineering

Scams/Hoaxes

• Fix Scam
• Fraud Watch - Digital Brand Protection
• FTC Scam Alerts
• reddit Scams
• reddit scambait
• reddit ScamNumbers
• ScamBusters
• Scam Detector
• ScamSearch Database
• ScamWarners
• SSA OIG Scam Awareness
• Trustpilot
• TruthOrFiction.com
• 419 Eater

Schools

• SchoolSafety.gov

SecureSoftware

• Microsoft Security Development Lifecycle
• SANS Software Security

SocialEngineering

• reddit Social Engineering
• Social-Engineer.org

SocialMedia

• Mastodon - Infosec Exchange

Spam

• DetectSpam.com - Reverse Lookup
• DNSWatch Realtime Blackhole List Lookup
• Domain Name System Blacklists (DNSBL)
• MXToolBox Blacklist Check
• Simple Email Reputation
• Spam.org Check Blocklists
• SpamCop.net
• Spamhaus Project
• Sucuri SiteCheck
• SURBL URI Reputation Data (insecure)
• WhatIsMyIPAddress Blacklist Check

SSL

• mbedTLS
• mbedTLS - github
• OpenSSL

ThreatAnalysis

• Assemblyline
  • bitbucket repository
  • Canadian Centre for Cyber Security - Assemblyline
  • Google Group
• Awesome Malware Analysis Resources
• BrightCloud URL loopup
• Checkpoint Threat Wiki
• COVID-19 Cyber Threat Coalition
• CyberArk Labs Threat Research
• GreyNoise
• IPQualityScore Malicious URL Scanner
• Malware Must Die!
• Malware-Traffic-Analysis.net
• Malware Trends Tracker
• MITRE ATT&CK
• MS Defender Hunting Queries
• PacketTotal PCAP Analysis
• reddit Malware
• scarletsharksec Twitter
• Threat Crowd
• ThreatMiner.org
• Unit 42 Palo Alto Networks
• Univ of Cincinnati CS6038/CS5138 Malware Analysis
• VirusTotal

Training

• cybergamut
• EC Council
• High-Tech Crime Institute
• InfoSec Institute
• Information Security Careers Network
• JHU Information Security Institute
• MIS Training Institute
• Offensive Security
• SANS
• Security University

TrustedComputing

• Trusted Computing Group

VPN

• NordVPN

Vulnerability

• Bugtraq Mailing List
• CERT Vulnerability Notes DB
• Common Vulnerabilities and Exposures
• DoD Vulnerability Disclosure Program
• Full Disclosure Mailing List
• Hackerstorm Vuln Dashboard
• NIST National Vulnerability Database
• OpenCVE
• Security Database
• Vulmon - Vulnerability Intelligence Search Engine
• Scanners
  • HostedScan
  • Nikto2
  • OpenVAS scanner
  • OWASP Zed Attack Proxy (ZAP)

Web

• Open Web Application Security Project (OWASP)
• Web of Trust Protection plugin

Windows

• Microsoft Security Response Center
• Ultimate Windows Security