This is not a curated, ranked directory. This is a link dump.
Some of these are brilliant. Some are questionable. Some might ruin your weekend.
We don’t judge. We just link.
Nothing here is an endorsement. Use your brain, your lab, and your legal team.
Security Affairs — High-volume cyber news, sometimes ahead of mainstream outlets, sometimes… a lot. 🌐 https://securityaffairs.com
Schneier on Security — Essays, commentary, and a legendary blog that’s older than some junior analysts. 🌐 https://www.schneier.com
Bruce Dawson’s Blog (Random ASCII) — Deep dives into debugging, systems behavior, and things that make software cry. 🌐 https://randomascii.wordpress.com
Troy Hunt’s Blog — Breaches, password habits, and people reusing “P@ssw0rd123” in 2025. 🌐 https://www.troyhunt.com
Motherboard (VICE Tech) — Cybercrime, hacking culture, random chaos, and “this really shouldn’t be plugged into the internet.” 🌐 https://www.vice.com/en/section/tech
Project Zero (Google) — Exploit writeups, 0-day details, and long posts you’ll “skim later.” 🌐 https://googleprojectzero.blogspot.com
Synacktiv Blog — Offensive security research, exploitation, and “wait, Windows does what?” moments. 🌐 https://www.synacktiv.com/publications
Qualys Research Team — Vulnerability deep dives and “why this CVE matters more than the CVSS score suggests.” 🌐 https://blog.qualys.com
Rapid7 Blog — Research, Metasploit bits, and vulnerability commentary. 🌐 https://www.rapid7.com/blog/
Corelight Labs — Network-focused detection research and Zeek-related goodness. 🌐 https://corelight.com/blog
Any.Run — Interactive malware sandbox. Watch bad things run in a browser so you don’t have to brick your VM. 🌐 https://any.run
Hybrid Analysis — Static + dynamic malware analysis with community submissions and reports. 🌐 https://www.hybrid-analysis.com
Malware Traffic Analysis — PCAPs, infection chains, and real-world infection traffic captures. 🌐 https://www.malware-traffic-analysis.net
Exploit Database (OffSec) — Public exploit PoCs, shellcode, and proof that “what could go wrong” usually did. 🌐 https://www.exploit-db.com
GTFOBins — Living off the land for Unix. If it’s installed, someone has tried to abuse it. 🌐 https://gtfobins.github.io
LOLBAS (Living Off the Land Binaries and Scripts) — The Windows equivalent of “your tools are my tools now.” 🌐 https://lolbas-project.github.io
Shodan — The search engine for things that definitely should not be on the internet, and yet are. 🌐 https://www.shodan.io
Censys — Internet-wide scanning and asset discovery for people who like graphs of their attack surface. 🌐 https://censys.io
Have I Been Pwned? — Email breach checking powered by other people’s bad security decisions. 🌐 https://haveibeenpwned.com
Security Headers — Check HTTP security headers and confirm that, yes, some sites still live in 2010. 🌐 https://securityheaders.com
Okta Security Blog — Identity, SSO, and “maybe don’t give the same token to everything” content. 🌐 https://sec.okta.com
Cloudflare Blog — Outages, DDoS insights, and big-internet postmortems written by people who stare at BGP for fun. 🌐 https://blog.cloudflare.com
1Password Blog — Passwords, passkeys, and stories from the side of “please stop using Excel as a vault.” 🌐 https://blog.1password.com
GitHub Security Blog — Software supply chain, advisories, and “maybe don’t commit that token.” 🌐 https://github.blog/tag/security/
The Tangled Web (Michal Zalewski) — Not a site, but if you like browser security and pain, you’ll want the book. 🌐 https://lcamtuf.coredump.cx
USENIX Security Conference — Papers, talks, and “I should read this whole PDF” energy. 🌐 https://www.usenix.org/conferences/byname/108
Black Hat Briefings (Archives) — Slides and whitepapers from talks that made vendors panic. 🌐 https://www.blackhat.com/html/archives.html
DEF CON Media Server — Talks, slides, and video from the con where sleep goes to die. 🌐 https://media.defcon.org
If something here looks broken, cursed, or unexpectedly useful, that’s kind of the point. This is a living link pile. Expect changes, additions, and the occasional “why is this even here?” moment.
For the serious, ranked, and actually curated list we use for the newsletter, check out the InfoSec.Watch Directory.