Quick Reference
Standards, Frameworks
& Sources
Standards, frameworks, regulations, OSINT tools, penetration testing resources, and threat-intel feeds. Search, filter, jump to the source.
- 01
ISO/IEC 27001:2022
International standard for establishing, implementing, and maintaining an information security management system (ISMS).
- 02
ISO/IEC 27002:2022
Reference set of information security controls and implementation guidance, companion to 27001.
- 03
NIST Cybersecurity Framework (CSF) 2.0
Voluntary framework of standards, guidelines, and best practices for managing cybersecurity risk. Updated 2024 with Govern function.
- 04
NIST SP 800-53 Rev. 5
Catalogue of security and privacy controls for federal information systems and organisations.
- 05
NIST SP 800-171 Rev. 3
Protecting Controlled Unclassified Information (CUI) in non-federal systems. Basis for CMMC compliance.
- 06
CIS Controls v8.1
Prioritised set of 18 cybersecurity safeguards mapped to common attack patterns.
- 07
CIS Benchmarks
Consensus-developed secure configuration guidelines for operating systems, cloud, network devices, and software.
- 08
COBIT 2019
Governance and management framework for enterprise IT by ISACA.
- 09
Cyber Essentials (UK NCSC)
UK government-backed scheme with five technical controls to guard against common cyber attacks.
- 10
SOC 2 (AICPA)
Trust Services Criteria for service organisations — security, availability, processing integrity, confidentiality, privacy.
- 11
PCI DSS v4.0.1
Payment Card Industry Data Security Standard — requirements for handling cardholder data.
- 12
NIST Zero Trust Architecture (SP 800-207)
Defines zero trust architecture concepts, deployment models, and use cases.
- 13
CISA Zero Trust Maturity Model v2
Roadmap across five pillars: identity, devices, networks, applications, data.
- 14
DoD Zero Trust Reference Architecture
US Department of Defense Zero Trust strategy and reference architecture.
- 15
CSA Cloud Controls Matrix (CCM) v4
Cloud-specific security control framework by the Cloud Security Alliance.
- 16
AWS Well-Architected — Security Pillar
AWS best practices for IAM, detection, infrastructure, data protection, and incident response.
- 17
Azure Security Benchmark v3
Microsoft's cloud security best practices aligned with CIS Controls and NIST SP 800-53.
- 18
Google Cloud Security Foundations
Opinionated security architecture guide for GCP landing zones and guardrails.
- 19
NIST SP 800-190 — Container Security
Application container security guide: images, registries, orchestrators, runtimes.
- 20
OWASP Top 10 (2021)
Standard awareness document for web application security — the ten most critical risks.
- 21
OWASP ASVS 4.0
Application Security Verification Standard — framework of security requirements and tests.
- 22
OWASP SAMM
Software Assurance Maturity Model — measurable framework to improve the secure SDLC.
- 23
OWASP Cheat Sheet Series
Concise, high-value guides on specific application security topics.
- 24
OWASP WSTG
Web Security Testing Guide — comprehensive manual for testing web applications.
- 25
GDPR
General Data Protection Regulation — EU law on data protection and privacy.
- 26
NIS2 Directive
EU directive establishing cybersecurity risk-management and incident-reporting obligations.
- 27
DORA
Digital Operational Resilience Act — EU regulation for ICT risk management in finance.
- 28
EU AI Act
European regulation establishing harmonised rules on AI with risk-based classification.
- 29
HIPAA Security Rule
US regulation establishing standards to protect electronic protected health information.
- 30
MITRE ATT&CK
Knowledge base of adversary tactics, techniques, and procedures based on real-world observations.
- 31
MITRE D3FEND
Knowledge graph of cybersecurity countermeasures mapped to ATT&CK techniques.
- 32
MITRE CAR
Cyber Analytics Repository — analytics developed by MITRE based on ATT&CK.
- 33
Sigma Rules
Generic signature format for SIEM systems — shareable, vendor-agnostic detection rules.
- 34
YARA
Pattern matching tool for malware researchers — the pattern-matching Swiss army knife.
- 35
NIST SP 800-61 Rev. 2
Computer security incident handling guide: prepare, detect, contain, eradicate, recover.
- 36
NIST SP 800-92 — Log Management
Guide to computer security log management, policies, and analysis capabilities.
- 37
ENISA Threat Landscape
Annual report by the EU Agency for Cybersecurity on top threats and trends.
- 38
CISA Known Exploited Vulnerabilities (KEV)
Authoritative source of vulnerabilities that have been exploited in the wild.
- 39
NVD — National Vulnerability Database
US government repository of standards-based vulnerability management data.
- 40
CVE.org
Authoritative catalogue of publicly disclosed cybersecurity vulnerabilities.
- 41
Exploit-DB
Archive of public exploits and corresponding vulnerable software maintained by OffSec.
- 42
GreyNoise
Internet background noise analysis — identifies scanners and mass-exploitation activity.
- 43
AlienVault OTX
Open Threat Exchange — community-powered threat intelligence sharing platform.
- 44
abuse.ch
Threat intel feeds: MalwareBazaar, URLhaus, ThreatFox, Feodo Tracker, SSLBL.
- 45
OSINT Framework
Web-based collection of OSINT tools and resources organised by category.
- 46
Bellingcat Online Investigation Toolkit
Community-maintained toolkit of OSINT resources for investigators and journalists.
- 47
Shodan
Search engine for internet-connected devices, services, and exposed infrastructure.
- 48
Censys
Internet-wide scanning data for hosts, certificates, and exposed services.
- 49
FOFA
Cyberspace search engine for fingerprinting internet assets.
- 50
crt.sh
Certificate transparency log search — enumerate subdomains via issued certificates.
- 51
SecurityTrails
Historical DNS, WHOIS, and passive data for attack surface mapping.
- 52
Have I Been Pwned
Breach notification service to check if an account has been compromised.
- 53
DNSDumpster
Free domain research tool to discover hosts related to a domain.
- 54
IntelTechniques Tools
Michael Bazzell's collection of OSINT search tools and guides.
- 55
GitHub Search (Dorking)
Find secrets, keys, and sensitive data accidentally committed to public repositories.
- 56
Google Dorking / GHDB
Google Hacking Database — curated dorks for discovering exposed information.
- 57
PTES — Penetration Testing Execution Standard
Standard defining a common language and scope for performing penetration tests.
- 58
OSSTMM
Open Source Security Testing Methodology Manual — peer-reviewed testing methodology.
- 59
NIST SP 800-115
Technical Guide to Information Security Testing and Assessment.
- 60
HackTricks
Comprehensive reference of pentesting techniques, tricks, and cheat sheets.
- 61
PayloadsAllTheThings
Huge collection of payloads and bypasses for web application security and pentesting.
- 62
GTFOBins
Curated list of Unix binaries that can be exploited to bypass local security restrictions.
- 63
LOLBAS
Living Off The Land Binaries And Scripts — Windows equivalent of GTFOBins.
- 64
HackerOne Hacktivity
Public bug bounty disclosures — real-world vulnerability reports and writeups.
- 65
PortSwigger Web Security Academy
Free online training for web security, from the makers of Burp Suite.
- 66
OffSec / Kali Linux
Industry-standard penetration testing distribution and training by OffSec.
- 67
NIST AI Risk Management Framework (AI RMF 1.0)
Framework to manage risks of AI systems throughout their lifecycle.
- 68
OWASP Top 10 for LLMs
Top 10 security risks specific to large language model applications.
- 69
MITRE ATLAS
Adversarial Threat Landscape for AI Systems — ATT&CK-style matrix for ML.
- 70
IEC 62443 — Industrial Cybersecurity
Series of standards for securing industrial automation and control systems (IACS/OT).
- 71
VirusTotal
Multi-engine file, URL, domain, and IP scanner with a vast community-contributed indicator graph.
- 72
urlscan.io
Sandbox that visits and screenshots URLs, exposing requests, DOM, and indicators for analysis.
- 73
Hybrid Analysis
Free malware analysis service powered by CrowdStrike Falcon Sandbox.
- 74
ANY.RUN
Interactive online malware sandbox with real-time process and network telemetry.
- 75
Joe Sandbox
Deep malware analysis sandbox covering Windows, Linux, macOS, Android, and iOS samples.
- 76
MalwareBazaar
Public repository of malware samples for researchers, by abuse.ch.
- 77
Vulners
Vulnerability database aggregating vendor advisories, exploits, news, and bug bounty data.
- 78
Microsoft Defender Threat Intelligence
Formerly RiskIQ — internet-scale graph of infrastructure, certificates, and threat campaigns.
- 79
Mandiant Advantage
Google Cloud / Mandiant's threat intelligence and attack surface management platform.
- 80
Recorded Future
Commercial threat intelligence platform with extensive open-source and dark-web telemetry.
- 81
MISP
Open-source threat intelligence sharing platform used by CSIRTs and ISACs worldwide.
- 82
OpenCTI
Open-source threat intel platform for structuring, sharing, and visualising STIX 2.1 knowledge.
- 83
TheHive Project
Scalable open-source security incident response platform with case and observable management.
- 84
Wazuh
Open-source XDR / SIEM platform with agent-based host telemetry, FIM, and compliance.
- 85
Security Onion
Free Linux distribution for threat hunting, network security monitoring, and log management.
- 86
Elastic Security
Open detection rules and SIEM/EDR built on the Elastic Stack.
- 87
osquery
Operating-system instrumentation framework that exposes the OS as a relational database.
- 88
Falco
Cloud-native runtime security project — kernel-level threat detection for containers and hosts.
- 89
Velociraptor
Endpoint visibility and digital forensics tool for hunting and incident response at scale.
- 90
Volatility 3
Advanced memory forensics framework for extracting digital artefacts from volatile memory.
- 91
The Sleuth Kit / Autopsy
Open-source digital forensics platform for analysing disk images, file systems, and timelines.
- 92
Wireshark
The de-facto network protocol analyser for packet capture and deep inspection.
- 93
Zeek (formerly Bro)
Powerful network analysis framework focused on security monitoring and high-fidelity logs.
- 94
Suricata
High-performance open-source IDS/IPS, NSM, and PCAP processing engine.
- 95
Snort 3
Cisco-maintained open-source intrusion prevention system with a large community ruleset.
- 96
Wayback Machine
Internet Archive's historical web snapshots — invaluable for OSINT and incident timelines.
- 97
Maltego
Graph-based link analysis tool for OSINT, transforms, and entity relationship mapping.
- 98
SpiderFoot
Automated OSINT collection tool with 200+ modules for footprinting and recon.
- 99
theHarvester
Email, subdomain, and name harvester from public sources for early-phase recon.
- 100
Hunter.io
Email lookup service for finding addresses and verifying corporate contacts.
- 101
TinEye
Reverse image search engine using image fingerprints rather than keywords.
- 102
WiGLE
Crowdsourced wireless network database mapping Wi-Fi and cell tower observations worldwide.
- 103
GrayHatWarfare
Searchable index of public S3 buckets and other open cloud storage.
- 104
Nmap
The network mapper — canonical tool for host discovery, port scanning, and service detection.
- 105
Masscan
Internet-scale TCP port scanner capable of scanning the entire IPv4 space in minutes.
- 106
Metasploit Framework
The most widely used open-source exploitation framework, with thousands of modules and payloads.
- 107
Burp Suite
PortSwigger's web application proxy and testing platform — the standard for web pentesting.
- 108
OWASP ZAP
Open-source web application security scanner and intercepting proxy maintained by OWASP.
- 109
Nuclei
Fast, template-based vulnerability scanner by ProjectDiscovery with a huge community template set.
- 110
SQLMap
Automatic SQL injection detection and exploitation tool with broad DBMS support.
- 111
BloodHound
Active Directory and Azure attack-path analysis using graph theory.
- 112
Impacket
Python classes and ready-to-use scripts for working with Windows network protocols.
- 113
NetExec (formerly CrackMapExec)
Network execution tool for assessing and exploiting Windows / Active Directory environments.
- 114
Hashcat
World-class GPU password recovery and cracking tool supporting hundreds of hash modes.
- 115
John the Ripper
Long-running, extensible CPU/GPU password cracker with many community formats.
- 116
Responder
LLMNR, NBT-NS, and MDNS poisoner with built-in NTLM challenge/response capture.
- 117
MITRE Caldera
Adversary emulation platform built on ATT&CK for automated red and purple team exercises.
- 118
Atomic Red Team
Library of small, portable tests mapped to MITRE ATT&CK techniques for detection validation.
- 119
Sliver
Open-source cross-platform adversary emulation / C2 framework by Bishop Fox.
- 120
Trivy
Comprehensive scanner for container images, file systems, IaC, and Kubernetes by Aqua Security.
- 121
Grype & Syft
Anchore vulnerability scanner (Grype) and SBOM generator (Syft) for containers and filesystems.
- 122
Checkov
Static analysis for infrastructure-as-code (Terraform, CloudFormation, Kubernetes, ARM, etc.).
- 123
Semgrep
Lightweight static analysis with rules that look like the code they target — fast, multi-language.
- 124
CodeQL
GitHub's semantic code analysis engine — query code as data to find security vulnerabilities.
- 125
TruffleHog
Scanner for secrets in git history, repos, S3 buckets, Slack, and many other sources.
- 126
gitleaks
Fast, lightweight secret-scanning tool for git repos and CI pipelines.