Cybersecurity Resources

Get Started. It's Free
or sign up with your email address
Rocket clouds
Cybersecurity Resources by Mind Map: Cybersecurity Resources

1. Pentesting

1.1. Tools

1.1.1. Password Cracking

1.1.1.1. Hydra

1.1.1.1.1. https://github.com/vanhauser-thc/thc-hydra

1.1.1.1.2. Cybersecurity - Attack and Defense Strategies

1.1.1.2. John The Ripper

1.1.1.3. AWS/GPU

1.1.1.3.1. How to Crack Passwords in the Cloud with GPU Acceleration (Kali 2017) - Black Hills Information Security

1.1.1.4. Wordpress Bruteforce

1.1.1.4.1. leo-lb/wpbrute-rs

1.1.2. Password Spray

1.1.2.1. xFreed0m/RDPassSpray

1.1.3. Network Enumeration and Monitoring

1.1.3.1. nmap

1.1.3.2. Pentesting Dropbox on Steroids - Black Hills Information Security

1.1.4. Exploit Kits

1.1.4.1. GTFOBins

1.1.4.2. pymetasploit3 – Metasploit Automation Library

1.1.5. Work Streamlining

1.1.5.1. PyFunnels: Data Normalization for InfoSec Workflows - Black Hills Information Security

1.1.6. Physical

1.1.6.1. Building up a basic Physical Red Team toolkit and skillset.

1.1.6.2. Marcus Mengs on Twitter

1.1.6.2.1. Thread by @mame82: "Personal challenge today: 1) Work on something I'm not good at 2) Do something calming Solution: Do some soldering and reduce footprint of c […]"

1.1.7. Steganography

1.1.7.1. Forensically, free online photo forensics tools

1.2. Techniques

1.2.1. Attacking Active Directory

1.2.1.1. Attack Methods for Gaining Domain Admin Rights in Active Directory

1.2.1.2. Domain Admin via IPv6 DNS Takeover

1.2.2. Attacking G Suite

1.2.2.1. G Suite is the Soft Underbelly of Your Environment - Black Hills Information Security

1.2.3. General

1.2.3.1. Five Pentesting Tools and Techniques (That Every Sysadmin Should Know)

1.2.3.2. About

1.2.4. Dorking

1.2.4.1. THE GROWTH HACKERS’ GUIDE TO GOOGLE DORKS

1.2.5. Persistence

1.2.5.1. Persistence – Netsh Helper DLL

1.2.6. Attacking GraphQL

1.2.6.1. GraphQL Batching Attack - Wallarm Blog

1.2.7. Bypass Virus Scanner

1.2.7.1. How to Bypass Anti-Virus to Run Mimikatz - Black Hills Information Security

1.2.8. Windows Internals

1.2.8.1. Reversing Windows Internals (Part 1) - Digging Into Handles, Callbacks & ObjectTypes

1.2.9. Case Mapping Collision

1.2.9.1. Hacking GitHub with Unicode's dotless 'i'.

2. Programming/Scripting

2.1. Git

2.1.1. Git Immersion

2.2. General coding

2.2.1. CodeKata

2.2.2. How to understand any programming task

2.2.3. Threat Modeling as Code - Omer Levi Hevroni

2.2.4. trendmicro/SecureCodingDojo

2.2.5. markjx/blank-checksums

2.2.6. ArleneAndrews/tester_katas

2.3. Languages

2.3.1. Python

2.3.1.1. Antivirus Evasion with Python

2.3.1.2. vinta/awesome-python

2.3.1.3. How To Fake A Python List In FactoryBoy Using Faker

2.3.1.4. duo-labs/dlint

2.3.1.5. Getting Started (Windows) -- Learning Python from Scratch

2.3.1.6. The Little Book of Python Anti-Patterns — Python Anti-Patterns documentation

2.3.2. Bash

2.3.3. Javascript

2.3.4. SQL

3. OSINT

3.1. Introductory info

3.1.1. Introduction to OSINT with Tracy Z Maleeff

3.2. Tools

3.2.1. Enumeration

3.2.1.1. MarviMalware/Xinger

3.3. Guides

3.3.1. Collecting and Crafting User Information from LinkedIn - Black Hills Information Security

3.3.2. IntelTechniques Blog » Blog Archive » Updated OSINT Flowcharts

3.3.3. Reddit OSINT Techniques

3.3.4. The World’s Best Sock Puppet…Not!

4. Misc.

4.1. Code Reviews

4.1.1. Paul Rollo – Medium_io/security-code-review-101-a3c593dc6854

4.1.2. Category:OWASP Code Review Project - OWASP

4.1.3. joho/awesome-code-review

4.1.4. SecureCodeReview

4.1.5. Effective code reviews: a primer - DeepSource

4.1.6. Ask HN: How do you review code? | Hacker News

4.1.7. Participating in Code Reviews as a Tester - Chris Kenst

4.1.8. The 10 commandments of navigating code reviews | TechBeacon

4.2. ISO 27001

4.2.1. What is ISO 27001? | A Brief Summary of the Standard

4.2.2. ISO 27001 checklist: 16 steps for the implementation

4.2.3. ISO 27001 Checklists [Free Download]

4.2.4. Complete Guide to the ISO 27001 Standard | NQAPhonemenuclose

4.2.5. ISO 27001 checklist: a step-by-step guide to implementation - IT Governance UK Blog

4.2.6. ISO 27001:2017: essential documents for certification

4.3. AWS

4.3.1. Security recommendations for hosting on AWS

4.4. Games/CTFs/Sims

4.4.1. Top Hacking Simulator Games Every Aspiring Hacker Should Play - Hack Ware News

4.4.2. Leap Security CTF 2018 – Information Security Blog | Leap Security

4.4.3. OWASP Juice Shop

4.4.3.1. Leap Security CTF 2018 Results – Information Security Blog | Leap Security

4.5. General Security Education/Discussion

4.5.1. Lets' discuss Security Ted Talks and how they relate to testing?

4.5.2. https://ministryoftesting.com/search?utf8=%E2%9C%93&q=security

4.5.3. https://www.cl.cam.ac.uk/~rja14/book.htm

4.5.4. Pushing Left, Like a Boss: Part 1

4.5.5. Improving Cybersecurity at Home

4.5.6. Root Cause Analysis

4.5.7. Marcus J. Carey 🏴‍☠️ 🇺🇸 🇳🇬 on Twitter

4.5.8. The Githubification of InfoSec

4.6. OWASP Top 10

4.6.1. How to test for the new OWASP Top 10 Vulnerabilities - AgileDC 2017

4.7. Documentation/Note Taking

4.7.1. Taking Note

4.7.2. Here's Lookin' at You

4.7.3. The nine rules of "Freddish": the positive, inclusive empathic language of Mr Rogers

4.8. Cryptography

4.8.1. https://towardsdatascience.com/security-and-cryptography-mistakes-you-are-probably-doing-all-the-time-7407c332944f

4.9. OSCP Exam Prep

4.9.1. Peerlyst

4.9.2. The Journey to Try Harder: TJnull’s Preparation Guide for PWK/OSCP

4.9.3. 59 Hosts to Glory — Passing the OSCP

4.10. Useful stuff

4.10.1. trimstray on Twitter

4.10.2. Index of /images/infographics

4.11. Job Hunting

4.11.1. How to Write a Resume for a Cybersecurity Position

5. Defence

5.1. Logging

5.1.1. Cheat-Sheets — Malware Archaeology

5.2. Threat Hunting

5.2.1. https://posts.specterops.io/threat-hunting-with-jupyter-notebooks-part-1-your-first-notebook-9a99a781fde7

5.3. Tools

5.3.1. ZAP

5.3.1.1. Automated Security Testing Using ZAP Python API

5.3.1.2. OWASP Zed Attack Proxy How-To

5.3.1.3. ZAP in Ten

5.4. Static Code Analysis

5.4.1. Category:OWASP Application Security Verification Standard Project - OWASP

5.4.2. https://www.linkedin.com/pulse/nightwatch-bdd-ui-test-automation-using-docker-chrome-akshaya-gupta/

5.5. Lab Building

5.5.1. Introducing: Detection Lab

5.5.2. Blocking Ads With A Raspberry Pi - PiHOLE

5.6. Killchain

5.6.1. Jake Williams on Twitter

5.7. Anti-Malware

5.7.1. How To Decloak Stealth Linux Cryptocurrency Mining Malware - Sandfly Security

5.8. Network monitoring

5.8.1. Nessus and Python Scripts

6. Podcasts