文件列表:

Additional Files/ (0, 2023-11-21)
Additional Files/Active Directory Attacks.pdf (432726, 2023-11-21)
Additional Files/CISSP Cheat Sheet Series.pdf (611965, 2023-11-21)
Additional Files/Digital forensics and incident response (DFIR) cheatsheet.pdf (5989996, 2023-11-21)
Additional Files/Linux-Forensics-Workshop-Manual.pdf (1700511, 2023-11-21)
Additional Files/Linux-Forensics-Workshop-Slides.pdf (3836394, 2023-11-21)
Additional Files/Network Security Checklist.pdf (455424, 2023-11-21)
Additional Files/Splunk Queries for SOC Analyst.pdf (344518, 2023-11-21)
Additional Files/Windows Event Log Analysis & Incident.pdf (616324, 2023-11-21)
Additional Files/cybersecurity questions.pdf (111444, 2023-11-21)
Credential dumping.pdf (17167600, 2023-11-21)
Home Labs Ideas.md (397, 2023-11-21)
OSINT.md (11215, 2023-11-21)
OSINTAutomation.sh (1153, 2023-11-21)
Source_exploitation_guide.xlsx (384345, 2023-11-21)
Virus_Total_Intelligence_Cheatsheet.pdf (969325, 2023-11-21)

# Resources  - [CAREER/RESUME/LINKEDIN](#career) - [BLOGS](#blogs) - [BOOKS](#books) - [CTF/CHALLANGES/LABS](#ctf) - [PODCAST](#podcast) - [SECURITY NEWS](#news) - [SECURITY REPORTS](#reports) - [YOUTUBE](#youtube) - [NEWSLETTERS](#newsletters) ___________________________________________ - [ACTIVE DIRECTORY](#ad) - [BASH](#bash) - [BUG BOUNTY](#bug) - [CyberChef](#chef) - [CLOUD](#cloud) - [DFIR](#DFIR) - [DOCKER](#docker) - [INFOSEC ANALYST](#analyst) - [KUBERNETES](#kube) - [LINUX](#linux) - [MALWARE](#malware) - [NETWORK](#network) - [OSINT](#osint) - [PENTEST](#pentest) - [POWERSHELL](#powershell) - [PRIVACY](#privacy) - [PYTHON](#python) - * [REGEX](#regex) - [REVERSE ENGINEERING](#reverse) - [SQL](#sql) - [THREAT HUNTING](#TH) - [TRAINING COURSES](#traning) - [VULNERABILITY MANAGEMENT](#vuln) - [OTHER](#other) ### CAREER/RESUME/LINKEDIN - [Heatmap](https://www.cyberseek.org/heatmap.html) - [Certification Road Map](https://pauljerimy.com/security-certification-roadmap/) - [Workforce Framework for Cybersecurity](https://www.youtube.com/watch?v=oozqj7axNYM&ab_channel=CareerHackingVillage) - [LinkedIn Summary](https://www.youtube.com/watch?v=5hNsdH6Y2Mg&lc=&ab_channel=JeffSu) - [Why Being #OpenToWork on LinkedIn is Working Against You](https://www.youtube.com/watch?v=eEfF7yROrjA&ab_channel=JordanCarroll-TheRemoteJobCoach) - [Mind the Gap: Leveraging mind maps & self-assessments to develop a personal training plan](https://klrgrz.medium.com/mind-the-gap-leveraging-mind-maps-self-assessments-to-develop-a-personal-training-plan-8210137f3f92) - [How to Professionally Say](https://howtoprofessionallysay.akashrajpurohit.com/) - [Recovering from burnout](https://kierantie.com/a/burnout) - [Burning out and quitting](https://mayakaczorowski.com/blogs/burnout) - [Cybersecurity Job Interview Simulation (Entry-level)](https://www.youtube.com/watch?v=ep9VJIzfObw&ab_channel=CyberGoldenRetriever) ### BLOGS - [ADSecurity](https://adsecurity.org/) - [Didier Stevens](https://blog.didierstevens.com/) - malware analysis - [harmj0y](https://blog.harmj0y.net/blog/) - [Jason Turley's Website](https://jasonturley.xyz/blog/) - CTF and tips - [Inversecos](https://www.inversecos.com/) - DFIR and malware analysis - [DFIR Science](https://dfir.science/) - [The Book of Secret Knowledge ](https://github.com/trimstray/the-book-of-secret-knowledge#your-daily-knowledge-and-news-toc) - collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more - [SOC radar blog](https://socradar.io/blog/) - [Dawid Baut](https://dawidbalut.com/) - [CyberWatch](https://whitehatcheryl.com/) - [threathuntergir](https://threathuntergirl.com/?blog) - [Chris Sanders](https://chrissanders.org/blog/) - [Hacking Articles](www.hackingarticles.in) - [Bushidotoken](https://blog.bushidotoken.net/) - [The Packet Thrower](https://the-packet-thrower.com/) - [Darknet](https://www.darknet.org.uk/) - [Exploit Reversing](https://exploitreversing.com/) - Malware Analysis Series - [Web Breacher](https://webbreacher.com/) - posts related to OSINT - [Windows Commandline](https://www.windows-commandline.com/) - not updated anymore but good posts - [Chappell University Labs](https://www.chappell-university.com/lauras-lab) -articles related to Wireshark and packet capture - [Gregor Reimling](https://www.reimling.eu/) - Azure cloud - [Thomas Maurer](https://www.thomasmaurer.ch/) - Azure cloud - [Bruce Schneier](https://www.schneier.com/) - writing about security issues - [Curmudgeonly Ways](https://jerichoattrition.wordpress.com/) - [We Hack People](https://wehackpeople.wordpress.com/blog/) - [The Book of Secret Knowledge](https://github.com/trimstray/the-book-of-secret-knowledge) - [You should turn off autofill in your password manager](https://marektoth.com/blog/password-managers-autofill/?fbclid=IwAR1klyRUhFFlzv_5McgYtDv1Lvqa_qkv-dekHuRImIYRJi7S3yvGUlQyxaY) - [Matt's DFIR Blog](https://mgreen27.github.io/) - [nixCraft](https://www.cyberciti.biz/) - for Linux fans - [Detectify](https://labs.detectify.com/) - [Mark's Blog](https://docs.microsoft.com/en-us/archive/blogs/markrussinovich/) - blog covering topics such as Windows troubleshooting, technologies and security. - [Windows Blog Archive](https://techcommunity.microsoft.com/t5/windows-blog-archive/bg-p/Windows-Blog-Archive/label-name/Mark%20Russinovich) - [Learn in public](https://www.swyx.io/learn-in-public/) - [High on coffee](https://highon.coffee/blog/) - [X33U](https://www.x33u.org/blog/) - [OpenSecurity](https://opensecurity.pl/) - [hackstreetboys](https://atom.hackstreetboys.ph/) - good blog post about Privilege Escalation - [Become a Cyberwarrior](https://www.hackers-arise.com/getting-started) - [The security Noob](https://thesecuritynoob.com/) - [El Kentaro](https://medium.com/@elkentaro) - wardriving, warwalking blog - [The Mayor](https://medium.themayor.tech/) - hunting tips - [Counter Intelligence](https://counterintelligence.pl/) - [Reversing Labs](https://blog.reversinglabs.com/blog) - [CISA Alerts](https://www.cisa.gov/uscert/ncas/alerts) - [Google Project Zero](https://googleprojectzero.blogspot.com/) - [Packet Storm](https://packetstormsecurity.com/) - information about exploits - [Cyble](https://blog.cyble.com/) - [mr eerie](https://mreerie.com/) - DFIR blog - [ThinkDFIR](https://thinkdfir.com/) - DFIR blog - [Cheeky4n6Monkey](https://cheeky4n6monkey.blogspot.com/) - Forensics - [The Binary Hick](https://thebinaryhick.blog/) - Thoughts From a Digital Forensic Practitioner - [dfir.blog](https://dfir.blog/) - Digital forensics, web browsers, visualizations, & open source tools - [Yogesh Khatri's forensic blog](https://www.swiftforensics.com/) - All things forensic and security related - [ZENA FORENSICS](https://blog.digital-forensics.it/) - [Initialization vectors](https://abrignoni.blogspot.com/) - Digital Forensics and Incident Response. All things InfoSec - [TheHexNinja](https://www.thehexninja.com/) - [forensicmike1](https://forensicmike1.com/) - [mac4n6](http://www.mac4n6.com/) - MacOS forensics - [Another Forensics Blog](https://az4n6.blogspot.com/) - [LinuxSleuthing](https://linuxsleuthing.blogspot.com/) - [Sketchymoose's Blog ](https://sketchymoose.blogspot.com/) - [cyb3rward0g](https://cyb3rward0g.medium.com/) - covers Azure & Sentinel - [securityinbits](https://www.securityinbits.com/) - DFIR - [Malwology](https://malwology.com/) ### BOOKS - [Blue Team Handbook: SOC, SIEM, and Threat Hunting](https://www.amazon.com/Blue-Team-Handbook-Condensed-Operations/dp/1091493898/ref=sr_1_1?dchild=1&keywords=blue+team+handbook&qid=1625404261&sr=8-1) - [Blue Team Handbook: Incident Response](https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756/ref=sr_1_2?dchild=1&keywords=blue+team+handbook&qid=1625404261&sr=8-2) - [Ten Strategies of a World-Class Cybersecurity Operations Center](https://www.mitre.org/sites/default/files/publications/pr-13-1028-mitre-10-strategies-cyber-ops-center.pdf) - [Malware Analyst's Cookbook](https://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=sr_1_5?crid=17A6KY3JMD2CS&dchild=1&keywords=malware+analysis&qid=1625404377&sprefix=malware+analys%2Caps%2C258&sr=8-5) - [Practical Malware Analysis](https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/ref=sr_1_2?crid=17A6KY3JMD2CS&dchild=1&keywords=malware+analysis&qid=1625404377&sprefix=malware+analys%2Caps%2C258&sr=8-2) ### CTF/CHALLANGES/LABS - [AWS Well-Architected Labs](https://wellarchitectedlabs.com/) - [Backdoors&Breaches](https://www.blackhillsinfosec.com/projects/backdoorsandbreaches/) - [Blue Team Labs](https://blueteamlabs.online/) - [bWAPP](http://itsecgames.com) - buggy web application - [Command Challenge](https://cmdchallenge.com/) - challenges to write single line bash commands for the given task - [CryptoHack](https://cryptohack.org/) - learn cryptography - [CTF Learn](https://ctflearn.com/) - [Cyber Defenders](https://cyberdefenders.org/) - [Digital Forensic Challenge Images](https://www.ashemery.com/dfir.html) 7 DFIR challanges by Ali Hadi - [ExploitMe Mobile Android Labs](https://securitycompass.github.io/AndroidLabs/index.html) - [flAWS Cloud](http://flaws.cloud) - learn about common mistakes and gotchas when using Amazon Web Services (AWS) - [Immersive Labs](https://immersivelabs.online/signin) - [IO](http://io.netgarage.org/) - the modern exploit mitigation techniques, like better ASLR - [Java Vulnerable Lab](https://github.com/CSPF-Founder/JavaVulnerableLab) - [Lets Defend](https://letsdefend.io/) - [Hacker101](https://www.hacker101.com/) - [Hack This Site](https://www.hackthissite.org/) - [Hacking Loops](https://www.hackingloops.com/) - [Hacksplaining](https://www.hacksplaining.com/lessons) - [Hacktoria](https://hacktoria.com/) - OSINT CTFs - [HackTheBox](https://www.hackthebox.eu/) - [MemLabs](https://github.com/stuxnet999/MemLabs) - memory forensics - [Microcorruption](https://microcorruption.com/login) - Security CTF - [OWASP Juice Shop](https://juice-shop.herokuapp.com/#/) - [PentesterLab](https://pentesterlab.com/) - [Pico CTF](https://play.picoctf.org/login?redirect=/login) - [Smash the Stack](http://www.smashthestack.org/) - [TryHackMe](https://tryhackme.com/) - [VulnHub](https://www.vulnhub.com/) - [War games](https://overthewire.org/wargames/) - OverTheWire community can help you to learn and practice security concepts - [XSS Game](https://xss-game.appspot.com/) - [Cybersec Labs](https://www.cyberseclabs.co.uk/) - reports, analysis of attacks, IOCs - [Unit42 Paoalto Networks](https://unit42.paloaltonetworks.com/) - reports, analysis of attacks, IOCs ### PODCAST - [Malicious Life](https://malicious.life/) - [DARKNET DIARIES](https://darknetdiaries.com/) - [The Privacy, Security, and OSINT Show](https://inteltechniques.com/podcast.html) - [Digital Forensic Survival Podcast](https://digitalforensicsurvivalpodcast.com/) - [Down the Security Rabbithole Podcast](http://podcast.wh1t3rabbit.net/) - [The OSINT Curious Project](https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy84OTkyZGY0L3BvZGNhc3QvcnNz) - [Cyberlaw](https://www.lawfareblog.com/topic/cyberlaw-podcast!) - [SANS Daily Stormcast](https://isc.sans.edu/podcast.html) - [CISO Series: Headlines, Why Discussions](https://podcasts.google.com/feed/aHR0cHM6Ly9jaXNvc2VyaWVzLmxpYnN5bi5jb20vcnNz?sa=X&ved=0CAMQ9sEGahgKEwi4lNrr2pj0AhUAAAAAHQAAAAAQthA) - [What the Shell?](https://whattheshell.podbean.com/) - [Cyber Sector 7](https://cybersector7.com/) ### SECURITY/TECH NEWS - [All InfoSec News](https://allinfosecnews.com/) - The InfoSec & Cyber news aggregator - [ZDNET](https://www.zdnet.com/) - [Bleeping Computer](https://www.bleepingcomputer.com/) - [Cyber Scoop](https://www.cyberscoop.com/) - [The Register](https://www.theregister.com/) - [Tech Beacon](https://techbeacon.com/security) - [The Cyber Post](https://thecyberpost.com/) - [Cyber News](https://cybernews.com/) - [TechURLs](https://techurls.com/) - [The Daily Sqing](https://portswigger.net/daily-swig) - [ASEC](https://asec.ahnlab.com/en/) - AhnLab security emergency reponse center. - [IronNet](https://www.ironnet.com/blog) - Executive commentary, threat research, and analysis from the IronNet team. - [Zimperium](https://www.zimperium.com/blog/) ### SECURITY REPORTS - [FireEye Threat Research](https://www.fireeye.com/blog/threat-research.html) - [THE DFIR REPORT](https://thedfirreport.com/) ### YOUTUBE - [0x4rk](https://www.youtube.com/c/0x4rk%C3%98) - OSINT, Vulnerability Management - [HackerSploit](https://www.youtube.com/c/HackerSploit) - [Black Hills Information Security](https://www.youtube.com/c/BlackHillsInformationSecurity) - security tranings - [Nahamsec](https://www.youtube.com/c/Nahamsec/videos) - [STK](https://www.youtube.com/c/STOKfredrik) - Bug hunting - [The Cyber Mentor](https://www.youtube.com/c/TheCyberMentor) - hacking, OSINT - [BlackPerl](https://www.youtube.com/c/BlackPerl) - [InsiderPhD](https://www.youtube.com/c/InsiderPhD) - [DC CyberSec](https://www.youtube.com/c/DCcybersec/featured) - [John Hammond](https://www.youtube.com/c/JohnHammond010) - [The OSINT Curious Project](https://www.youtube.com/c/TheOSINTCuriousProject) - OSINT tips - [Data Rescue Labs](https://www.youtube.com/c/DataRescueLabsIncMississauga) - Digital Forensic - [Gerald Auger - Simply Cyber](https://www.youtube.com/c/GeraldAuger/videos) - cybersecurity career, interview, begginer information - [Neil Fox](https://www.youtube.com/c/0xf0x/videos) - Malware Analyse - [Cybersecurity Meg](https://www.youtube.com/c/CybersecurityMeg/videos) - Security Career - [Nicolas Moy](https://www.youtube.com/c/NicolasMoy/videos) - Senior Cloud Security Instructor - [Thomas Maurer](https://www.youtube.com/c/ThomasMaurerCloud) - Azure cloud - [webpwnized](https://www.youtube.com/c/webpwnized/videos) - web, mobile and network penetration testing - [Andy Li](https://www.youtube.com/channel/UCKTs4jCh9yLbFfZHntSairQ) - pentesting journey - [247 CTF](https://www.youtube.com/247CTF) - [DFIRScience](https://www.youtube.com/@DFIRScience) - DFIR stuff - [Email Forensics by Metaspike](https://www.youtube.com/@Metaspike/videos) - Forensics - [Chris Greer](https://www.youtube.com/@ChrisGreer/videos) - chanell about Wireshark - [Practical Networking](https://www.youtube.com/@PracticalNetworking/videos) Conferences: - [DEFCON](https://defcon.org/) - [SAINTCON](https://www.youtube.com/c/SAINTCON/videos) - Security Advisory and Incident Network Team - [Blue Team Village](https://www.youtube.com/c/BlueTeamVillage/videos) - Defcon village - [Red Team Village](https://www.youtube.com/c/RedTeamVillage/videos) - Defcon village Polish: - [Kacper Szczurek](https://www.youtube.com/c/KacperSzurek) - [Maciej Kofel](https://www.youtube.com/c/MaciejKofel/videos) - [UW-TEAM.org](https://www.youtube.com/c/uwteamorg/videos) - [Niebezpiecznik](https://www.youtube.com/c/NiebezpiecznikTV/videos) - [Pasja informatyki](https://www.youtube.com/c/Pasjainformatykitutoriale/videos) - [Sekurak](https://www.youtube.com/c/SekurakTV/videos) ### NEWSLETTER - [This Week in Security](https://this.weekinsecurity.com/) - [Unsupervised Learning](https://danielmiessler.com/newsletter/) - [tl;dr sec](https://tldrsec.com/newsletter/) - [Intigriti](https://newsletter.intigriti.com/) - [Hacker newsletter](https://hackernewsletter.com/) - [SANS Newsletter](https://www.sans.org/newsletters/at-risk/) - [CISA](https://public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138) - [cybersecurityventures](https://cybersecurityventures.com/mailing-list/) - [Robin Oldham newsletter](https://rto.me.uk/newsletter/) - [Naked security](https://nakedsecurity.sophos.com/) _____________________________________________________________________________________________________ ### ACTIVE DIRECTORY - [Microsoft Evaluation Center](https://www.microsoft.com/en-us/evalcenter/) - iso for MS products - [AD Security](https://adsecurity.org/) - [Active Directory Security](https://www.active-directory-security.com/) - [Harmj0y](http://harmj0y.net/blog/) ### BASH - [Bash introduction for hackers part 1](https://hakin9.org/bash-introduction-for-hackers-part-1/) - [Bash introduction for hackers part 2](https://hakin9.org/bash-introduction-for-hackers-part-2/) - [Introduction to Bash Programming by InsiderPhD](https://www.youtube.com/watch?v=qy6TaUjyKcg&ab_channel=InsiderPhD) ### BUG BOUNTY - [OWASP juice Shop](https://pwning.owasp-juice.shop/) - learning about web app pentesting - [OWASP Testing guide](https://owasp.org/www-project-web-security-testing-guide/assets/archive/OWASP_Testing_Guide_v4.pdf) - [BugBountyHunter](https://www.bugbountyhunter.com) - Learning about web application vulnerabilities - [BRUTE XSS](https://brutelogic.com.br/blog/) - [The Bug Hunter's Methodology Full 2-hour Training by Jason Haddix](https://www.youtube.com/watch?v=uKWu6yhnhbQ&ab_channel=RedTeamVillage) - [CS 253 Web Security](https://www.youtube.com/playlist?list=PL1y1iaEtjSYiiSGVlL1cHsXN_kvJOOhu-) - This course is a comprehensive overview of web security. - [Playlist of live bug bounty by Nahamsec](https://www.youtube.com/watch?v=MIujSpuDtFY&list=PLKAaMVNxvLmAkqBkzFaOxqs3L66z2n8LA&ab_channel=Nahamsec) - [Script for recon](https://github.com/Gr1mmie/sumrecon) - [Security Headers](https://securityheaders.com/) - scan website to check headers ### CYBERCHEF - [Cyberchef Recipes](https://github.com/mattnotmax/cyberchef-recipes) - [CyberChef: Example DFIR Use Cases](https://betweentwodfirns.blogspot.com/2017/06/cyberchef-example-dfir-use-cases.html) - [CyberChef for Security Analysts](https://www.networkdefense.io/library/cyberchef-for-security-analysts-57976/200184/about/) - paid course that I recommand - [Podstawy narzdzia CyberChef](https://www.youtube.com/watch?v=PsJp0BNh5A0&t=9312s&ab_channel=KacperSzurek) - free 2h+ video in polish ### CLOUD - [AzureHunter](https://github.com/darkquasar/AzureHunter) ### DFIR - [unfur](https://dfir.blog/unfurl/) - [The Hitchhiker's Guide to DFIR: Experiences From Beginners and Experts](https://leanpub.com/TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts) - [Stark4n6's startme](https://start.me/p/q6mw4Q/forensics) - [Awesome Incident Response](https://github.com/meirwah/awesome-incident-response) - [Digital Forensics Guide](https://github.com/mikeroyal/Digital-Forensics-Guide) - [Intro to DFIR](https://dfir-training.basistech.com/collections) - free 3 h - [Playbooks](https://www.incidentresponse.com/playbooks/) - [SNAS youtube](https://www.youtube.com/user/robtlee73) - [Start.me Digital Forensics](https://start.me/p/ekq7Al/digital-forensics) - [Start.me Forensics](https://start.me/p/q6mw4Q/forensics) - [Memory Forensics with Vol(a|u)tility](https://www.youtube.com/watch?v=dB5852eAgpc&ab_channel=SecIC) - video - [Cobalt Strike, a Defender’s Guide](https://thedfirreport.com/2021/08/29/cobalt-strike-a-defenders-guide/) - [DFIR Madness](https://dfirmadness.com/) - examples of cases really useful! - [PowerShell Commands for Incident Response](https://www.securityinbits.com/incident-response/powershell-commands-for-incident-response/) - [Digital Forensics Essentials (DFE)](https://codered.eccouncil.org/course/digital-forensics-essentials) - free course - ['X-Ways Forensics' Video Clips](https://www.xwaysclips.co.uk/) #### DFIR TOOLS FOR DATA ACQUISITION - [processhacker](https://processhacker.sourceforge.io/downloads.php) - [PE Explorer](http://www.heaventools.com/overview.htm) - [regshot](https://sourceforge.net/projects/regshot/) - [ShellBags Explorer](https://www.sans.org/tools/shellbags-explorer/) - A GUI for browsing shellbags data. Handles locked files. - [USBDeview](https://www.nirsoft.net/utils/usb_devices_view.html) - lists all USB devices that currently connected to your computer, as well as all USB devices that you previously used. - [Thumbcache Viewer](https://thumbcacheviewer.github.io/) - extract thumbnail images from the thumbcache - [JumpListsView](https://www.nirsoft.net/utils/jump_lists_view.html) - displays the information stored by the 'Jump Lists' filename, data, event, id, size etc ... ...

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：