Hacking is essentially the application of computer skills to solve a particular problem. It involves the use of advanced programming skills to breach security protocols and gain unauthorized access to devices or networks. Not all hacking is unauthorized or malicious, and there are several types of hackers, each with unique motivations and methods 1.
- Black Hat Hackers: These are cybercriminals that illegally crack systems with malicious intent. Their aim is to gain unauthorized access to computer systems and exploit any discovered vulnerabilities, often by implanting viruses or other types of malware. Ransomware attacks are also a common method used by black hat hackers 1.
- White Hat Hackers: Also known as ethical security hackers, white hat hackers identify and fix vulnerabilities. They hack into systems with the permission of the organizations they hack into, with the aim of uncovering system weaknesses to fix them and strengthen overall internet security 1.
- Gray Hat Hackers: Gray hat hackers may not have the criminal or malicious intent of a black hat hacker, but they also don’t have the prior knowledge or consent of those whose systems they hack into. When they uncover weaknesses, they report them rather than fully exploiting them. However, they may demand payment in exchange for providing full details of what they uncovered 1.
- Blue Hat Hackers: Experts employed by companies to test and improve their cybersecurity 1.
- Purple Hat Hackers: Self-trainers who hack their own systems to learn in a controlled environment 1.
- Red Hat Hackers: Vigilante hackers who use aggressive tactics to target black hat communities 1.
- Green Hat Hackers: Inexperienced hackers who lack technical skills but can still cause harm 1.
- Hacktivists: Purpose-driven hackers using “ethical” hacking to support a political or social cause 1.
- Script Kiddies: Novices who use pre-created scripts and programs for hacking 1.
- Whistleblowers: Employees or insiders who expose illegal or unethical activities within organizations 1.
- Botnet Hackers: Those who use networks to control swarms of infected devices for large-scale malware campaigns or DDoS attacks 1.
- Cryptohackers: Hackers who use phishing and software tools to steal coins and manipulate crypto exchanges 1.
- Cryptojackers: People who infect or exploit devices to mine cryptocurrency without paying overhead 1.
- Cyberterrorists: Digital terrorists who disrupt infrastructure and spread fear or propaganda to advance an ideology 1.
- Elite Hackers: Highly skilled professionals who innovate and create new cybersecurity threats 1.
- Gaming Hackers: Trolls or hackers who target online gamers for login credentials, in-game assets, or account details 1.
- Malicious Insiders: Employees who operate within organizations with personal motivations to expose data or attack networks 1.
- State-Sponsored Hackers: Government-employed hackers targeting individuals and organizations of adversaries 1.
There are three primary methods a hacker uses to infiltrate digital systems: network hacking, social engineering, and hardware hacking 2. Network hacking involves exploiting vulnerabilities in a computer network, social engineering involves tricking users into revealing confidential information, and hardware hacking involves physically tampering with a device.
| Repository | Description |
|---|---|
| Android Security | Collection of Android security related resources |
| AppSec | Resources for learning about application security |
| Asset Discovery | List of resources which help during asset discovery phase of a security assessment engagement |
| Bug Bounty | List of Bug Bounty Programs and write-ups from the Bug Bounty hunters |
| Capsulecorp Pentest | Vagrant+Ansible virtual network penetration testing lab. Companion to "The Art of Network Penetration Testing" by Royce Davis |
| CTF | List of CTF frameworks, libraries, resources and softwares |
| Cyber Skills | Curated list of hacking environments where you can train your cyber skills legally and safely |
| DevSecOps | List of awesome DevSecOps tools with the help from community experiments and contributions |
| Embedded and IoT Security | A curated list of awesome resources about embedded and IoT security |
| Exploit Development | Resources for learning about Exploit Development |
| Fuzzing | List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis |
| Hacking | List of awesome Hacking tutorials, tools and resources |
| Hacking Resources | Collection of hacking / penetration testing resources to make you better! |
| Honeypots | List of honeypot resources |
| Incident Response | List of tools for incident response |
| Industrial Control System Security | List of resources related to Industrial Control System (ICS) security |
| InfoSec | List of awesome infosec courses and training resources |
| IoT Hacks | Collection of Hacks in IoT Space |
| Mainframe Hacking | List of Awesome Mainframe Hacking/Pentesting Resources |
| Malware Analysis | List of awesome malware analysis tools and resources |
| OSINT | List of amazingly awesome Open Source Intelligence (OSINT) tools and resources |
| OSX and iOS Security | OSX and iOS related security tools |
| Pcaptools | Collection of tools developed by researchers in the Computer Science area to process network traces |
| Pentest | List of awesome penetration testing resources, tools and other shiny things |
| PHP Security | Libraries for generating secure random numbers, encrypting data and scanning for vulnerabilities |
| Real-time Communications hacking & pentesting resources | Covers VoIP, WebRTC and VoLTE security related topics |
| Red Teaming | List of Awesome Red Team / Red Teaming Resources |
| Reversing | List of awesome reverse engineering resources |
| Reinforcement Learning for Cyber Security | List of awesome reinforcement learning for security resources |
| Sec Talks | List of awesome security talks |
| SecLists | Collection of multiple types of lists used during security assessments |
| Security | Collection of awesome software, libraries, documents, books, resources and cools stuffs about security |
| Serverless Security | Collection of Serverless security related resources |
| Social Engineering | List of awesome social engineering resources |
| Static Analysis | List of static analysis tools, linters and code quality checkers for various programming languages |
| The Art of Hacking Series | List of resources includes thousands of cybersecurity-related references and resources |
| Threat Intelligence | List of Awesome Threat Intelligence resources |
| Vehicle Security | List of resources for learning about vehicle security and car hacking |
| Vulnerability Research | List of resources about Vulnerability Research |
| Web Hacking | List of web application security |
| Windows Exploitation - Advanced | List of Awesome Advanced Windows Exploitation References |
| WiFi Arsenal | Pack of various useful/useless tools for 802.11 hacking |
| YARA | List of awesome YARA rules, tools, and people |
| Hacker Roadmap | A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking. |
| Repository | Description |
|---|---|
| Adversarial Machine Learning | Curated list of awesome adversarial machine learning resources |
| AI Security | Curated list of AI security resources |
| API Security Checklist | Checklist of the most important security countermeasures when designing, testing, and releasing your API |
| APT Notes | Various public documents, whitepapers and articles about APT campaigns |
| Bug Bounty Reference | List of bug bounty write-up that is categorized by the bug nature |
| Cryptography | Cryptography resources and tools |
| CTF Tool | List of Capture The Flag (CTF) frameworks, libraries, resources and softwares |
| CVE PoC | List of CVE Proof of Concepts (PoCs) |
| CVE PoC updated daily | List of CVE Proof of Concepts (PoCs) updated daily by Trickest |
| Detection Lab | Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices |
| Forensics | List of awesome forensic analysis tools and resources |
| Free Programming Books | Free programming books for developers |
| Gray Hacker Resources | Useful for CTFs, wargames, pentesting |
| GTFOBins | A curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions |
| Hacker101 | A free class for web security by HackerOne |
| Infosec Getting Started | A collection of resources, documentation, links, etc to help people learn about Infosec |
| Infosec Reference | Information Security Reference That Doesn't Suck |
| IOC | Collection of sources of indicators of compromise |
| Linux Kernel Exploitation | A bunch of links related to Linux kernel fuzzing and exploitation |
| Lockpicking | Resources relating to the security and compromise of locks, safes, and keys. |
| Machine Learning for Cyber Security | Curated list of tools and resources related to the use of machine learning for cyber security |
| Payloads | Collection of web attack payloads |
| PayloadsAllTheThings | List of useful payloads and bypass for Web Application Security and Pentest/CTF |
| Pentest Cheatsheets | Collection of the cheat sheets useful for pentesting |
| Pentest Wiki | A free online security knowledge library for pentesters / researchers |
| Probable Wordlists | Wordlists sorted by probability originally created for password generation and testing |
| Resource List | Collection of useful GitHub projects loosely categorised |
| Reverse Engineering | List of Reverse Engineering articles, books, and papers |
| RFSec-ToolKit | Collection of Radio Frequency Communication Protocol Hacktools |
| Security Cheatsheets | Collection of cheatsheets for various infosec tools and topics |
| Security List | Great security list for fun and profit |
| Shell | List of awesome command-line frameworks, toolkits, guides and gizmos to make complete use of shell |
| ThreatHunter-Playbook | A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns |
| Web Security | Curated list of Web Security materials and resources |
| Vulhub | Pre-Built Vulnerable Environments Based on Docker-Compose |
NOTE! Some of the resourses here are from external sourses. If I have added info from an external sourse I will add that user's "@" and or add a link to such repo/site By the way, Contributions are always accepted