Rawsec is a collection of sites organized around cybersecurity resources, maintained by noraj, a cybersecurity engineer, penetration tester, and ethical hacker. The main page highlights core components including Rawsec's CyberSecurity Inventory, the Rawsec blog, Write-up factory, The Hacking Tool Trove, an official domain list, source code repositories, and sponsorship links. It is not a firewall, EDR, WAF, or cloud security platform in the traditional sense; it is better understood as a knowledge base, resource index, and tool discovery service.
In terms of protection type, Rawsec mainly provides inventory and search capabilities for cybersecurity tools and resources, helping users find security-related content. The blog covers Linux and security topics and hosts write-ups for CTF, TryHackMe, HackTheBox, and similar challenges. Write-up factory is a multi-platform write-up search engine, while The Hacking Tool Trove provides TL;DR-style man pages and comments for hacking tools. For deployment, the available information only indicates online access via the website; there is no mention of local deployment, private deployment, or an enterprise edition. Management and alerting capabilities are not disclosed, and there are no enterprise security platform features such as log monitoring, threat detection, alert orchestration, or response workflows. In terms of integrations, only source code repository links are mentioned; there is no visible support for APIs, SIEM, SOAR, SSO, or ticketing system integrations.
The page does not show paid plans, subscription pricing, or commercial licensing. It appears more like a public resource service, with sponsorship channels such as GitHub Sponsor, IssueHunt, Ko-fi, and Liberapay. As for compliance certifications, the page does not mention ISO 27001, SOC 2, GDPR, or any other security compliance attestations, so it should not be regarded as an enterprise security service with formal compliance backing.
Its strengths are a clear positioning and the aggregation of security tools, blog posts, write-ups, and quick-reference manuals, making it practical for learners, CTF players, and penetration testers. The combination of write-ups and tool documentation can also reduce the time spent searching for materials. The downside is the lack of enterprise-grade product information: there is no SLA, support channel, data protection statement, management console, or alerting mechanism, and it does not provide actual protection capabilities. As a result, it is best used as an entry point for security knowledge rather than as a production security defense layer.
Rawsec is suitable for cybersecurity beginners, CTF/TryHackMe/HackTheBox users, penetration testers, and researchers who need to quickly look up security tool resources. The source text does not provide information about access from China, so domain reachability, speed, and payment availability all need to be tested in practice. Sponsorship channels such as GitHub Sponsor, Ko-fi, and Liberapay may offer an uncertain payment experience for users in mainland China. Alternative resources worth following include HackTricks, GTFOBins, PayloadsAllTheThings, Exploit-DB, and Kali Tools.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on raw.pm official site.
raw.pm is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach raw.pm directly.