431 lines
32 KiB
Markdown
431 lines
32 KiB
Markdown
# Awesome Privacy & Securty [](https://awesome.re) [](http://makeapullrequest.com) [](https://creativecommons.org/licenses/by/4.0/) [](https://github.com/Lissy93/personal-security-checklist/graphs/contributors)
|
||
|
||
> A curated list of useful tools and resources online, that help protect your privacy and keep you safe.
|
||
|
||
**See also**: [Personal Security Checklist](https://github.com/Lissy93/personal-security-checklist/blob/master/README.md) | [Privacy-Respecting Software](https://github.com/Lissy93/personal-security-checklist/blob/master/5_Privacy_Respecting_Software.md) 🔐
|
||
|
||
|
||
- **Information and Guides**
|
||
- [Specific How-To Guides](#how-to-guides)
|
||
- [Notable Articles](#notable-articles)
|
||
- [Blogs](#blogs)
|
||
- **Media**
|
||
- [Books](#books)
|
||
- [Podcasts](#podcasts)
|
||
- [Videos](#videos)
|
||
- **Websites & Services**
|
||
- [Online Tools](#online-tools)
|
||
- [Interesting Websites](#interesting-websites)
|
||
- [Privacy-Respecting Software](#privacy-respecting-software)
|
||
- **Research**
|
||
- [Data and API's](#data-apis-and-visualisations)
|
||
- [Academic](#academic)
|
||
- **Organisations**
|
||
- [Foundations](#foundations)
|
||
- [Government Organisations](#government-organisations)
|
||
- **More Lists**
|
||
- [Mega Guides](#mega-guides)
|
||
- [Other GitHub Security Lists](#more-awesome-github-lists)
|
||
|
||
|
||
## How-To Guides
|
||
|
||
- **Threat Protection**
|
||
- Protect against SIM-swap scam: via [wired](https://www.wired.com/story/sim-swap-attack-defend-phone)
|
||
- How to spot a phishing attack: via [EFF](https://ssd.eff.org/en/module/how-avoid-phishing-attacks)
|
||
- Protection from Identity Theft: via [Restore Privacy](https://restoreprivacy.com/identity-theft-fraud)
|
||
- **Netowkring**
|
||
- How to enable DNS over HTTPS: via [geekwire](https://geekwire.co.uk/privacy-and-security-focused-dns-resolver)
|
||
- How to resolve DNS leak issue: via [DNSLeakTest](https://www.dnsleaktest.com/how-to-fix-a-dns-leak.html)
|
||
- Protect against WebRTC Leaks: via [Restore Privacy](https://restoreprivacy.com/webrtc-leaks)
|
||
- ISP and DNS privacy tips: via [bluz71](https://bluz71.github.io/2018/06/20/digital-privacy-tips.html)
|
||
- Complete guide to configureing Firefox for Privacy + Speed: via [12bytes](https://12bytes.org/7750)
|
||
- Beginners guide on getting started with Tor: via [ProPrivacy](https://proprivacy.com/privacy-service/guides/ultimate-tor-browser-guide)
|
||
- Beginners guide to I2P: via [The Tin Hat](https://thetinhat.com/tutorials/darknets/i2p.html)
|
||
- How to Use a VPN and Tor together: via [ProPrivacy](https://proprivacy.com/vpn/guides/using-vpn-tor-together)
|
||
- **Communication**
|
||
- Email Self-Defense, Configure your mail client securly, from scratch - via [FSF.org](https://emailselfdefense.fsf.org)
|
||
- How to avoid Phishing Attacks: via [EFF](https://ssd.eff.org/en/module/how-avoid-phishing-attacks)
|
||
- How to use PGP: Via EFF - [Windows](https://ssd.eff.org/en/module/how-use-pgp-windows), [MacOS](https://ssd.eff.org/en/module/how-use-pgp-mac-os-x) and [Linux](https://ssd.eff.org/en/module/how-use-pgp-linux)
|
||
- **Devices**
|
||
- Layers of Personal Tech Security: via [The Wire Cutter](https://thewirecutter.com/blog/internet-security-layers)
|
||
- Improving security on iPhone: via [lifehacker](https://lifehacker.com/the-privacy-enthusiasts-guide-to-using-an-iphone-1792386831)
|
||
- Guide to scrubbing Windows OSs from forensic investigation: by u/moschles, via [Reddit](https://www.reddit.com/r/security/comments/32fb1l/open_guide_to_scrubbing_windows_oss_from_forensic)
|
||
- A curated list of Windows Domain Hardening techniques: by @PaulSec, via: [GitHub](https://github.com/PaulSec/awesome-windows-domain-hardening)
|
||
- How to Delete your Data Securely: Via EFF - [Windows](https://ssd.eff.org/en/module/how-delete-your-data-securely-windows), [MacOS](https://ssd.eff.org/en/module/how-delete-your-data-securely-macos) and [Linux](https://ssd.eff.org/en/module/how-delete-your-data-securely-linux)
|
||
- **Software**
|
||
- How to use Vera Crypt: via [howtogeek](https://www.howtogeek.com/108501/the-how-to-geek-guide-to-getting-started-with-truecrypt)
|
||
- How to use KeePassXC: via [EFF](https://ssd.eff.org/en/module/how-use-keepassxc)
|
||
- **Physical Security**
|
||
- Hiding from Physical Surveillance: via [Snallabolaget](http://snallabolaget.com/hiding-from-surveillance-how-and-why)
|
||
- Guide to opting-out of public data listings and marketing lists: via [World Privacy Forum](https://www.worldprivacyforum.org/2015/08/consumer-tips-top-ten-opt-outs)
|
||
- **Reference Info**
|
||
- A direcory of websites, apps and services supporting 2FA: via [TwoFactorAuth.org](https://twofactorauth.org)
|
||
- A directory of direct links to delete your account from web services: via [JustDeleteMe.xyz](https://justdeleteme.xyz)
|
||
|
||
## Notable Articles
|
||
|
||
- **Encryption**
|
||
- Overview of projects working on next-generation secure email: via [OpenTechFund](https://github.com/OpenTechFund/secure-email)
|
||
- **Surveillance**
|
||
- Twelve Million Phones, One Dataset, Zero Privacy: via [NY Times](https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-cell-phone.html)
|
||
- Windows data sending: via [The Hacker News](https://thehackernews.com/2016/02/microsoft-windows10-privacy.html)
|
||
- Is your Anti-Virus spying on you: via [Restore Privacy](https://restoreprivacy.com/antivirus-privacy)
|
||
- What does your car know about you?: via [Washington Post](https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out)
|
||
- Turns Out Police Stingray Spy Tools Can Indeed Record Calls: via [Wired](https://www.wired.com/2015/10/stingray-government-spy-tools-can-record-calls-new-documents-confirm)
|
||
- UK Police Accessing Private Phone Data Without Warrant: via [Restore Privacy](https://restoreprivacy.com/uk-police-accessing-phone-data)
|
||
|
||
|
||
## Blogs
|
||
- [Spread Privacy](https://spreadprivacy.com) - Raising the standard of trust online, by DuckDuckGo
|
||
- [Restore Privacy](https://restoreprivacy.com) - Tools and guides about privacy and security
|
||
- [That One Privacy Site](https://thatoneprivacysite.net) - impartial comparisons and discussions
|
||
- [The Hated One](https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q) - Privacy and security videos
|
||
- [12Bytes](https://12bytes.org/articles/tech) - Opinion Articles about Tech, Privacy and more
|
||
- [BringBackPrivacy](https://bringingprivacyback.com) - Easy-reading, sharable privacy articles
|
||
- [Heimdal](https://heimdalsecurity.com/blog) - Cyber Security Blog
|
||
- [Tech Crunch](https://techcrunch.com/tag/cybersecurity-101) - Cyber Security 101
|
||
- [OONI](https://ooni.org/post), Internet freedom and analysis on blocked sites
|
||
- [Pixel Privacy](https://pixelprivacy.com/resources) - Online privacy guides
|
||
- [The Privacy Project](https://www.nytimes.com/interactive/2019/opinion/internet-privacy-project.html) - Articles and reporting on Privacy, by the NYT
|
||
- [The Tin Hat](https://thetinhat.com) - Tutorials and Articles for Online Privacy
|
||
- [FOSS Bytes- Cyber Security](https://fossbytes.com/category/security) - News about the latest exploits and hacks
|
||
- [EFF SSD](https://ssd.eff.org) - Tips for safer online communications
|
||
- [PrivacyTools.io]( https://www.privacytools.io) - Tools to protect against mass surveillance
|
||
- [PrismBreak](https://prism-break.org/en/all) - Secure app alternatives
|
||
- [The VERGE guide to privacy](https://bit.ly/2ptl4Wm) - Guides for securing mobile, web and home tech
|
||
- [Email Self-Defense](https://emailselfdefense.fsf.org) - Complete guide to secure email
|
||
- [Security Planner](https://securityplanner.org) - Great advise for beginners
|
||
- [My Shaddow](https://myshadow.org) - Resources and guides, to help you take controll of your data
|
||
|
||
|
||
## Books
|
||
- [Permanent Record](https://www.amazon.co.uk/Permanent-Record-Edward-Snowden/dp/1529035651) by Edward Snowden
|
||
- [Sandworm](https://www.amazon.co.uk/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405) by Andy Greenberg: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
|
||
- [Ghost in the Wires](https://www.amazon.co.uk/gp/product/B00FOQS8D6) by Kevin Mitnick: Kevin tells his story of being the world's most wanted hacker
|
||
|
||
## Podcasts
|
||
- [Darknet Diaries] by Jack Rhysider: Stories from the dark sides of the internet. Listen on [Stitcher][da-stitch]
|
||
- Listen on [Stitcher][da-stitch], [iTunes][da-itunes], [Spotify][da-spotify], [PocketCasts][cy-pocketcasts]
|
||
- [CYBER] by Motherboard: News and analysis about the latest cyber threats
|
||
- Listen on [Stitcher][cy-stitch], [SoundCloud][cy-soundcloud], [iTunes][cy-itunes], [Spotify][cy-spotify], [PocketCasts][cy-pocketcasts]
|
||
- [The Privacy, Security, & OSINT Show] by Michael Bazzell: Comprehensive guides on Privacy and OSINT
|
||
- Listen on [Stitcher][tp-stitcher], [SoundCloud][tp-soundcloud], [iTunes][tp-itunes], [Spotify][tp-spofify], [PocketCasts][tp-pocketcasts]
|
||
- [Smashing Security] by Graham Cluley and Carole Theriault: Casual, opinionated and humerous chat about current cybersecurity news
|
||
- Listen on [Stitcher][sm-stitcher], [iTunes][sm-itunes], [Spotify][sm-spofify], [PocketCasts][sm-pocketcasts]
|
||
|
||
More Security Podcasts on [player.fm](https://player.fm/featured/security)
|
||
|
||
More Podcasts (Verification Required): [Naked Security](https://nakedsecurity.sophos.com) | [Open Source Security Podcast](opensourcesecuritypodcast.com) | [Defensive Security Podcast](https://defensivesecurity.org) | [Malicious Life](https://malicious.life) | [Down the Security Rabbit Hole](http://podcast.wh1t3rabbit.net) | [Cyber Wire](https://thecyberwire.com/podcasts/daily-podcast) | [Hacking Humans](https://thecyberwire.com/podcasts/hacking-humans) | [Security Now](https://twit.tv/shows/security-now) | [Cyber Security Interviews](https://cybersecurityinterviews.com) | [Security Weekly](https://securityweekly.com) | [The Shared Security Podcast](https://sharedsecurity.net) | [Risky Business](https://risky.biz/netcasts/risky-business) | [Crypto-Gram Security Podcast](https://crypto-gram.libsyn.com) | [Off the Hook](https://player.fm/series/off-the-hook-84511)
|
||
|
||
|
||
[Darknet Diaries]: https://darknetdiaries.com
|
||
[da-stitch]: https://www.stitcher.com/podcast/darknet-diaries
|
||
[da-itunes]: https://podcasts.apple.com/us/podcast/darknet-diaries/id1296350485
|
||
[da-spotify]: https://open.spotify.com/show/4XPl3uEEL9hvqMkoZrzbx5
|
||
[da-pocketcasts]: https://pca.st/darknetdiaries
|
||
|
||
[CYBER]: https://www.vice.com/en_us/article/59vpnx/introducing-cyber-a-hacking-podcast-by-motherboard
|
||
[cy-stitch]: https://www.stitcher.com/podcast/vice-2/cyber
|
||
[cy-soundcloud]: https://soundcloud.com/motherboard
|
||
[cy-itunes]: https://podcasts.apple.com/us/podcast/cyber/id1441708044
|
||
[cy-spotify]: https://open.spotify.com/show/3smcGJaAF6F7sioqFDQjzn
|
||
[cy-pocketcasts]: https://pca.st/z7m3
|
||
|
||
[The Privacy, Security, & OSINT Show]: https://inteltechniques.com/podcast.html
|
||
[tp-stitcher]: https://www.stitcher.com/podcast/michael-bazzell/the-complete-privacy-security-podcast
|
||
[tp-soundcloud]: https://soundcloud.com/user-98066669
|
||
[tp-itunes]: https://podcasts.apple.com/us/podcast/complete-privacy-security/id1165843330
|
||
[tp-spofify]: https://open.spotify.com/show/6QPWpZJ6bRTdbkI7GgLHBM
|
||
[tp-pocketcasts]: https://pca.st/zdIq
|
||
|
||
[Smashing Security]: https://www.smashingsecurity.com
|
||
[sm-stitcher]: https://www.stitcher.com/podcast/smashing-security
|
||
[sm-itunes]: https://podcasts.apple.com/gb/podcast/smashing-security/id1195001633
|
||
[sm-spofify]: https://open.spotify.com/show/3J7pBxEu43nCnRTSXaan8S
|
||
[sm-pocketcasts]: https://pca.st/47UH
|
||
|
||
## Videos
|
||
- **General**
|
||
- [You are being watched](https://youtu.be/c8jDsg-M6qM) by The New York Times
|
||
- [The Power of Privacy](https://youtu.be/KGX-c5BJNFk) by The Guardian
|
||
- [Why Privacy matters, even if you have nothing to hide](https://youtu.be/Hjspu7QV7O0) by The Hated One
|
||
- **TED Talks**
|
||
- [How Online Trackers Track You, and What To Do About It](https://youtu.be/jVeqAemtC6w) by Luke Crouch
|
||
- [Why you should switch off your home WiFi](https://youtu.be/2GpNhYy2l08) by Bram Bonné
|
||
- [Why Privacy Matters](https://www.ted.com/talks/glenn_greenwald_why_privacy_matters), by Glenn Greenwald
|
||
- [Fighting viruses, defending the net](https://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net), by Mikko Hypponen
|
||
- [The 1s and 0s behind cyber warfare](https://www.ted.com/talks/chris_domas_the_1s_and_0s_behind_cyber_warfare), by Chris Domas
|
||
- [State Sanctioned Hacking - The Elephant in the Room](https://youtu.be/z-A2MxHmnU4) - Historic, economic and demographic overview of the growing threat to the U.S. from Chinese cyber invasions, by Frank Heidt
|
||
- [How the IoT is Making Cybercrime Investigation Easier](https://youtu.be/9CemONO6vrY) - How our data is changing the nature of "evidence" in digital forensics, by Jonathan Rajewski
|
||
- [Online Privacy Doesn't Exist](https://youtu.be/LgWrD3EJ1Do) - The unexpected dangers our digital breadcrumbs can lead to, by Denelle Dixon
|
||
- [Data is the new gold, who are the new thieves?](https://youtu.be/XNF-rGiGb50) - Introduction and demonstration of the power of data, by Tijmen Schep
|
||
- **Conferences**
|
||
- [DEF CON 27](https://www.youtube.com/playlist?list=PL9fPq3eQfaaA4qJEQQyXDYtTIfxCNA0wB) - Collection of talks from DEF CON 2019, Vegas
|
||
- [RSA Conference](https://www.youtube.com/user/RSAConference) - Collection of security talks from the RSA conferences
|
||
- [Administraitor.video](https://administraitor.video) - A regularly updated collection of new and interesting security confrence talks
|
||
- **Misc**
|
||
- [Through a PRISM, Darkly](https://youtu.be/e4woRYs0mM4) - Everything we know about NSA spying, by Kurt Opsahl
|
||
|
||
See also: [awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) by @PaulSec
|
||
|
||
|
||
## Online Tools
|
||
|
||
- **Check and Test**
|
||
- [εxodus](https://reports.exodus-privacy.eu.org) - Check which trackers any app on the Play Store has
|
||
- [Have I been Pwned](https://haveibeenpwned.com) and [Dehashed](https://www.dehashed.com) - Check if your details have been compromised
|
||
- [Redirect Detective](https://redirectdetective.com) - Check where a suspicious URL redirects to
|
||
- **Utilities**
|
||
- [ExifRemove](https://www.exifremove.com) - Remove Meta/ EXIF data online
|
||
- [Secure Password Check](https://password.kaspersky.com) - Fun little tool, to demonstrate how long it could take to crack a password
|
||
- [33Mail](http://33mail.com/Dg0gkEA) or [Anonaddy](https://anonaddy.com) or [SimpleLogin](https://simplelogin.io?slref=bridsqrgvrnavso) Protect your email address, by auto-generating unique permeant aliases for each account, so all emails land in your primary inbox
|
||
- [Deseat Me](https://www.deseat.me) - Clean up your online presence
|
||
- **Anti-Tracking Analysis**
|
||
- [Panopticlick](https://panopticlick.eff.org) - Check if, and how your browser is tracking you
|
||
- [Browser Leaks](https://browserleaks.com) - Check which information is being leaked by your browser
|
||
- [DNSLeakTest](https://www.dnsleaktest.com) - Check for and fix a DNS leak
|
||
- [IP Leak](https://ipleak.net) - IP Leak test
|
||
- [Am I Unique?](http://amiunique.org) - If your fingerprint is unique, then websites can track you
|
||
- **Phishing, Hacking and Abuse**
|
||
- [VirusTotal](https://www.virustotal.com) - Analyse a suspicious web resource for malware
|
||
- [ScamAdviser](https://www.scamadviser.com) - Check if a website is a scam, before buying from it
|
||
- [Abuse IP DB](https://www.abuseipdb.com) - Report an IP address for abuse, spam or attacks, and check the status of any IP
|
||
- [Phish Tank](https://www.phishtank.com) - Check if a link is a known phishing URL, Submit a phishing URL, browse recent phishing URLs
|
||
- [Is It Hacked?](http://www.isithacked.com) - Check if a website or page appears to be hacked, hijacked or generally suspicious
|
||
- **IP, Domain and Network Tools**
|
||
- [Qualys SSL Client Test](https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html) - Check the SSL/TLS capabilities of your browser
|
||
- [Qualys SSL Server Test](https://www.ssllabs.com/ssltest) - Perform a deep analysis of the configuration of any SSL web server on the public Internet
|
||
- [Hetrix Tools - Blacklist Check](https://hetrixtools.com/blacklist-check) - Check if your Domain or IP appears on any common blacklists
|
||
- [RIPEstat](https://stat.ripe.net) - Detailed analysis of IP Addresses (Routing, DNS, Abuse History, Activity etc)
|
||
- [Multirbl](http://multirbl.valli.org) - Complete IP check for sending Mailservers
|
||
- [IPVoid](https://www.ipvoid.com) - Full suit of Domain, IP, and DNS tools for Tracing, Lookup, Checking and Pinging
|
||
- **Net Neutrality**
|
||
- [Blocked by ORG](https://www.blocked.org.uk) - Check if your website is blocked by certain ISPs
|
||
- [Data Rights Finder](https://www.datarightsfinder.org) - Find, understand and use information from privacy policies
|
||
- **Anonymous Services** - The following sites host a veriety of anonymous online services
|
||
- [NixNet](https://nixnet.services)
|
||
- [Snopyta](https://snopyta.org)
|
||
- [Disroot](https://disroot.org)
|
||
|
||
|
||
## Interesting Websites
|
||
- [The Intercept: Surveillance Catalogue](https://theintercept.com/surveillance-catalogue) - A database secret of government and military surveillance equpment, that was leaked in the Snowden files
|
||
- See also: The source code for these projects, on WikiLeaks [Vault7](https://wikileaks.org/vault7) and [Vault8](https://wikileaks.org/vault8), and the accompanying [press release](https://wikileaks.org/ciav7p1)
|
||
|
||
## Privacy-Respecting Software
|
||
|
||
This section has moved to [here](https://github.com/Lissy93/personal-security-checklist/blob/master/5_Privacy_Respecting_Software.md)
|
||
|
||
|
||
|
||
## Data, API's and Visualisations
|
||
|
||
- **Information Tables**
|
||
- [That One Privacy Site](https://thatoneprivacysite.net/#detailed-vpn-comparison) - Detailed VPN Comparison Data
|
||
- Hosts to block: [someonewhocares/ hosts](https://someonewhocares.org/hosts) and [StevenBlack/ hosts](https://github.com/StevenBlack/hosts)
|
||
- [File Signature Table](https://www.garykessler.net/library/file_sigs.html) - An up-to-date list of magic numbers, used to identify / verify the content of a file to ensure it has not been tampered with
|
||
- [Nirsoft - Country IP](https://www.nirsoft.net/countryip) - List of IP address ranges per country
|
||
- **Databases**
|
||
- [Exploit Database](https://www.exploit-db.com) - A database or Current software vulnerabilities
|
||
- [Exodus](https://reports.exodus-privacy.eu.org/en/trackers/stats) - Trackers in Android Apps
|
||
- [URLScan](https://urlscan.io) - Service scanning for malicious domains
|
||
- [Dehashed](https://www.dehashed.com/breach) - Data Breaches and Credentials
|
||
- [VirusTotal](https://developers.virustotal.com/v3.0/reference) - Detailed virus scans of software
|
||
- [Abuse IP DB](https://www.abuseipdb.com) - Database of IPs reported for abuse
|
||
- [SnusBase](https://snusbase.com) - Long standing database hosting breached data
|
||
- [OpenPhish](https://openphish.com) - A feed of current phishing endpoints
|
||
- [Default Password](https://default-password.info) - Database of default passwords for various devices by manufacturer and model
|
||
- [HashToolkit](http://hashtoolkit.com) - Database of 'cracked' hashes
|
||
- [SecLists](https://github.com/danielmiessler/SecLists) - Starter list of leaked databases, passwords, usernames etc (Great for programming)
|
||
- [Qualys SSL Pulse](https://www.ssllabs.com/ssl-pulse) - A continuous and global dashboard for monitoring the quality of SSL / TLS support over time across 150,000 SSL- and TLS-enabled websites, based on Alexa’s list of the most popular sites in the world
|
||
- **Fun with Live Data** 🌠
|
||
- [Tor Flow](https://torflow.uncharted.software) - Real-time data flow between Tor nodes
|
||
- [Submarine Cable Map](https://www.submarinecablemap.com) - An up-to-date map of major global internet cables (see also [he.net globe](https://he.net/3d-map) and [this map](https://submarine-cable-map-2016.telegeography.com))
|
||
- [Insecam](http://www.insecam.org) - A directory and feed of insecure or public live webcams
|
||
- [BGP Stream](https://bgpstream.com) - Shows all current outages
|
||
- [FlightRadar24](https://www.flightradar24.com) - World-wide map of live aircraft positions
|
||
- [Airport WiFi Map](https://www.google.com/maps/d/u/0/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY) - Shows WiFi networks and their passwords for airports around the world
|
||
- [Wiggle](https://wigle.net) - Worlds largest WiFi Map showing personal hotspot statistics geographically
|
||
- **Threat Maps** - Real-time hack attempts (malware, phishing, exploit and spam), visualised geographically
|
||
- [Checkpoint](https://threatmap.checkpoint.com)
|
||
- [FortiGuard](https://threatmap.fortiguard.com)
|
||
- [Fire Eye](https://www.fireeye.com/cyber-map/threat-map.html)
|
||
- [Kaspersky](https://cybermap.kaspersky.com)
|
||
- [BitDefender](https://threatmap.bitdefender.com)
|
||
- [ESET](https://www.virusradar.com)
|
||
- [Threat But Map](https://threatbutt.com/map)
|
||
- [Digital Attack Map](https://www.digitalattackmap.com)
|
||
- [Kaspersky LogBook](https://apt.securelist.com) - Historic Threat Time Line
|
||
|
||
|
||
## Academic
|
||
|
||
- **Journals**
|
||
- [Crypto Paper](https://github.com/cryptoseb/cryptopaper) by Crypto Seb- Privacy, Security, and Anonymity For Every Internet User
|
||
- **Implementations and Standards**
|
||
- [The GNU Privacy Guard](https://www.gnupg.org)
|
||
- [OpenPGP JavaScript Implementation](https://openpgpjs.org)
|
||
- [WireGuard](https://www.wireguard.com/papers/wireguard.pdf)
|
||
- [Nym](https://as93.link/nym-blog-post) - Next Generation of Privacy infrastructure
|
||
|
||
|
||
|
||
|
||
## Foundations
|
||
|
||
- [Contract for the Web](https://contractfortheweb.org)
|
||
- [Electronic Frountier Foundation](https://www.eff.org) - Defending digital privacy + more
|
||
- [OWASP Foundation](https://www.owasp.org)
|
||
- [Freedom House](https://freedomhouse.org) - Fighting for freedom on the net
|
||
- [Privacy International](https://privacyinternational.org)
|
||
- [Open Tech Fund](https://www.opentech.fund)
|
||
- [Freedom of the Press Foundation](https://freedom.press)
|
||
- [Open Rights Group](https://www.openrightsgroup.org)
|
||
- [LEAP Encryption Access Project](https://leap.se)
|
||
- [The Guardian Project](https://guardianproject.info)
|
||
- [Foundation for Applied Privacy](https://applied-privacy.net)
|
||
- [Safe + Secure](https://safeandsecure.film) - advise for journalists and film makers
|
||
- [Citizen Lab](https://citizenlab.ca)
|
||
- [Electronic Privacy Information Center](https://epic.org)
|
||
- [American Civil Liberties Union](https://www.aclu.org/issues/privacy-technology)
|
||
- [Free Software Foundation](https://www.fsf.org)
|
||
- [Courage Foundation](https://www.couragefound.org) - Supports those who risk life / liberty to make significant contributions to the historical record
|
||
- [Fight for the Future](https://www.fightforthefuture.org) - Fighting for a future where technology liberates
|
||
- [Public Citizen](https://www.citizen.org) - Standing up to corporate power and hold the government accountable
|
||
|
||
|
||
|
||
## Government Organisations
|
||
|
||
- **Citizen/ Small business Advice and Infrormation**
|
||
- [UK National Cyber Security Center](https://www.ncsc.gov.uk)
|
||
- [US Cybersecurity - NIST](https://www.nist.gov/topics/cybersecurity)
|
||
- [Stay Safe Online](https://staysafeonline.org) - US government-backed project, aimed to inform and educate individuals and small businesses about basic digital security
|
||
- **Cybercrime**
|
||
- [Consumer Fraud Reporting](http://consumerfraudreporting.org) - US's Catalogue of online scams currently circulating, and a means to report cases
|
||
- [Action Fraud](https://www.actionfraud.police.uk) - UK’s national reporting centre for fraud and cyber crime
|
||
- **CERT** - Your local jurisdiction will likely have a Computer emergency response team (historically known as CERT). Who is in charge of handline handles domestic and international computer security incidents.
|
||
- Australia - [auscert.org.au](https://www.auscert.org.au)
|
||
- Austria - [cert.at](https://www.cert.at)
|
||
- Bangladesh - [cirt.gov.bd](https://www.cirt.gov.bd)
|
||
- Bolivia - [cgii.gob.bo](https://cgii.gob.bo)
|
||
- Brazil - [cert.br](https://www.cert.br)
|
||
- Canada - [cyber.gc.ca](https://cyber.gc.ca/en/about-cyber-centre)
|
||
- China - [cert.org.cn](https://www.cert.org.cn)
|
||
- Columbia - [colcert.gov.co](http://www.colcert.gov.co)
|
||
- Croatia - [carnet.hr](https://www.carnet.hr)
|
||
- Czech Republic - [csirt.cz](https://csirt.cz)
|
||
- Denmark - [cert.dk](https://www.cert.dk)
|
||
- Ecuador - [ecucert.gob.ec](https://www.ecucert.gob.ec)
|
||
- Egypt - [egcert.eg](https://www.egcert.eg)
|
||
- Estonia - [ria.ee / CERT-EE](https://ria.ee/en/cyber-security/cert-ee.html)
|
||
- Finland - [kyberturvallisuuskeskus.fi](https://www.kyberturvallisuuskeskus.fi/en/homepage)
|
||
- France - [cert.ssi.gouv.fr](https://www.cert.ssi.gouv.fr)
|
||
- Germany - [cert-bund.de](https://www.cert-bund.de)
|
||
- Ghana - [nca-cert.org.gh](https://nca-cert.org.gh)
|
||
- Hong Kong - [hkcert.org](https://www.hkcert.org)
|
||
- Iceland - [cert.is](https://www.cert.is)
|
||
- India - [CERT-IN](https://www.cert-in.org.in)
|
||
- Indonesia - [idsirtii.or.id](https://idsirtii.or.id)
|
||
- Iran - [cert.ir](https://cert.ir)
|
||
- Italy - [cert-pa.it](https://www.cert-pa.it)
|
||
- Japan - [JPCERT](https://www.jpcert.or.jp)
|
||
- Kyrgyzstan - [cert.gov.kg](http://cert.gov.kg)
|
||
- Luxembourg - [circl.lu](https://circl.lu)
|
||
- Macau - [mocert.org](www.mocert.org)
|
||
- Malaysia - [mycert.org.my](http://www.mycert.org.my)
|
||
- Morocco - [educert.ma](http://www.educert.ma)
|
||
- Netherlands - [ncsc.nl](https://www.ncsc.nl)
|
||
- New Zealand - [cert.govt.nz](https://www.cert.govt.nz)
|
||
- Nigeria - [cert.gov.ng](https://cert.gov.ng)
|
||
- Norway - [norcert](https://www.nsm.stat.no/norcert)
|
||
- Pakistan - [pakcert.org](http://www.pakcert.org)
|
||
- Papua New Guinea - [pngcert.org.pg](https://www.pngcert.org.pg)
|
||
- Philippines - [cspcert.ph](https://cspcert.ph)
|
||
- Poland - [cert.pl](https://www.cert.pl)
|
||
- Portugal - [cncs.gov.pt/certpt](https://www.cncs.gov.pt/certpt)
|
||
- Qatar - [qcert.org](https://qcert.org)
|
||
- Rep of Ireland - [ncsc.gov.ie](https://www.ncsc.gov.ie)
|
||
- Romania - [cert.ro](https://www.cert.ro)
|
||
- Russia - [gov-cert.ru](http://www.gov-cert.ru) / [cert.ru](https://www.cert.ru)
|
||
- Singapore - [csa.gov.sg/singcert](https://www.csa.gov.sg/singcert)
|
||
- Slovenia - [sk-cert.sk](https://www.sk-cert.sk)
|
||
- South Korea - [krcert.or.kr](https://www.krcert.or.kr)
|
||
- Spain - [incibe.es](https://www.incibe.es)
|
||
- Sri Lanka - [cert.gov.lk](https://www.cert.gov.lk)
|
||
- Sweden - [cert.se](https://www.cert.se)
|
||
- Switzerland - [govcert.ch](https://www.govcert.ch)
|
||
- Taiwan - [twcert.org.tw](https://www.twcert.org.tw)
|
||
- Thailand - [thaicert.or.th](https://www.thaicert.or.th)
|
||
- Tonga [cert.to](https://www.cert.to)
|
||
- Ukraine - [cert.gov.ua](https://cert.gov.ua)
|
||
- UAE - [tra.gov.ae/aecert](https://www.tra.gov.ae/aecert)
|
||
- United Kingdom - [ncsc.gov.uk](https://www.ncsc.gov.uk)
|
||
- United States - [us-cert.gov](https://www.us-cert.gov)
|
||
|
||
|
||
## Mega Guides
|
||
- by [Fried](https://fried.com/privacy)
|
||
- by [ivpn](https://www.ivpn.net/privacy-guides)
|
||
- by [ProPrivacy](https://proprivacy.com/guides/the-ultimate-privacy-guide)
|
||
- by [Heimdal Security](https://heimdalsecurity.com/blog/cyber-security-mega-guide)
|
||
- by [Wired](https://www.wired.com/2017/12/digital-security-guide)
|
||
- by [Vice](https://www.vice.com/en_us/article/d3devm/motherboard-guide-to-not-getting-hacked-online-safety-guide)
|
||
|
||
## More Awesome GitHub Lists
|
||
|
||
- **Awesome Open Source Apps**
|
||
- [awesome-windows-apps](https://github.com/Awesome-Windows/Awesome)
|
||
- [awesome-macOS-apps](https://github.com/iCHAIT/awesome-macOS) by @iCHAIT
|
||
- [awesome-linux-software](https://github.com/luong-komorebi/Awesome-Linux-Software) by @luong-komorebi
|
||
- [open-source-ios-apps](https://github.com/dkhamsing/open-source-ios-apps) by @dkhamsing
|
||
- [open-source-android-apps](https://github.com/pcqpcq/open-source-android-apps) by @pcqpcq
|
||
- [awesome-selfhosted](https://github.com/awesome-selfhosted/awesome-selfhosted)
|
||
- [privacy-respecting](https://github.com/nikitavoloboev/privacy-respecting) by @nikitavoloboev
|
||
- [awesome-privacy](https://github.com/KevinColemanInc/awesome-privacy) by @KevinColemanInc
|
||
- [security-checklist: privacy-respecting-software](https://github.com/Lissy93/personal-security-checklist/blob/master/5_Privacy_Respecting_Software.md)
|
||
- **Security (Hacking / Pen Testing / Threat Inteligence / CFTs)**
|
||
- [Security_list](https://github.com/zbetcheckin/Security_list) by @zbetcheckin
|
||
- [awesome-security](https://github.com/sbilly/awesome-security) by @sbilly
|
||
- [awesome-sec-talks](https://github.com/PaulSec/awesome-sec-talks) by @PaulSec
|
||
- [awesome-threat-intelligence](https://github.com/hslatman/awesome-threat-intelligence) by @hslatman
|
||
- [awesome-incident-response](https://github.com/meirwah/awesome-incident-response) by @meirwah
|
||
- [awesome-anti-forensic](https://github.com/remiflavien1/awesome-anti-forensic) by @remiflavien1
|
||
- [awesome-malware-analysis](https://github.com/rshipp/awesome-malware-analysis) by @rshipp
|
||
- [awesome-honeypots](https://github.com/paralax/awesome-honeypots) by @paralax
|
||
- [awesome-hacking](https://github.com/carpedm20/awesome-hacking) by @carpedm20
|
||
- [awesome-pentest](https://github.com/enaqx/awesome-pentest) by @enaqx
|
||
- [awesome-ctf](https://github.com/apsdehal/awesome-ctf) by @apsdehal
|
||
- **Misc**
|
||
- [awesome-crypto-papers](https://github.com/pFarb/awesome-crypto-papers) by @pFarb
|
||
- **Awesome Lists of Awesome Lists**
|
||
- [awesome]( https://github.com/sindresorhus/awesome) by @sindresorhus
|
||
- [lists](https://github.com/jnv/lists) by @jnv
|
||
- **More In This Repo**
|
||
- [Personal Security Checklist](/README.md) by @lissy93
|
||
- [Privacy-Respecting Software](/5_Privacy_Respecting_Software.md)
|
||
- [Importance of Privacy & Security](/0_Why_It_Matters.md)
|
||
- [Digital Security Gadgets / DIY hardware](/6_Privacy_and-Security_Gadgets.md)
|
||
- [TLDR - Condensed Summary of this Repo](/2_TLDR_Short_List.md)
|
||
|
||
---
|
||
|
||
*Thanks for visiting, hope you found something useful here :) Contributions are welcome, and much appreciated - to propose an edit [raise an issue](https://github.com/Lissy93/personal-security-checklist/issues/new/choose), or [open a PR](https://github.com/Lissy93/personal-security-checklist/pull/new/master). See: [`CONTRIBUTING.md`](/.github/CONTRIBUTING.md).*
|
||
|
||
*Licensed under [Creative Commons, CC BY 4.0](https://creativecommons.org/licenses/by/4.0/), © [Alicia Sykes](https://aliciasykes.com) 2020*
|
||
|
||
[](https://github.com/Lissy93/personal-security-checklist/blob/master/LICENSE.md)
|
||
|
||
|
||
----
|
||
|
||
Found this helpful? Consider sharing it with others, to help them also improve their digital security 😇
|
||
|
||
[](http://twitter.com/share?text=Check%20out%20the%20Personal%20Cyber%20Security%20Checklist-%20an%20ultimate%20list%20of%20tips%20for%20protecting%20your%20digital%20security%20and%20privacy%20in%202020%2C%20with%20%40Lissy_Sykes%20%F0%9F%94%90%20%20%F0%9F%9A%80&url=https://github.com/Lissy93/personal-security-checklist)
|
||
[](
|
||
http://www.linkedin.com/shareArticle?mini=true&url=https://github.com/Lissy93/personal-security-checklist&title=The%20Ultimate%20Personal%20Cyber%20Security%20Checklist&summary=%F0%9F%94%92%20A%20curated%20list%20of%20100%2B%20tips%20for%20protecting%20digital%20security%20and%20privacy%20in%202020&source=https://github.com/Lissy93)
|
||
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A//github.com/Lissy93/personal-security-checklist&title=The%20Ultimate%20Personal%20Cyber%20Security%20Checklist&summary=%F0%9F%94%92%20A%20curated%20list%20of%20100%2B%20tips%20for%20protecting%20digital%20security%20and%20privacy%20in%202020&source=)
|
||
[](https://mastodon.social/web/statuses/new?text=Check%20out%20the%20Ultimate%20Personal%20Cyber%20Security%20Checklist%20by%20%40Lissy93%20on%20%23GitHub%20%20%F0%9F%94%90%20%E2%9C%A8)
|
||
|