Collection of resources on a variety of topics that I’ve found useful over the years (Continuously updated).
Tools - Meta Packages
- Kali Linux
- Linux Distribution full of various security tools useful for penetration testing
- Linux Distribution with a number of security tools, useful for DFIR.
- Flare VM
- Metapackage for Windows DFIR tools
- Pentesters Framework
- Python Script to auto-magically handle installing and managing various security tools (mostly for pentesting)
Security Sources for Practice (CTFs, ect.)**
- Hack the Box
- Capture the Flag site with vpn access to vulnerable network, crackme challenges, and reversing challenges.
- Pico CTF
- Website with a ton of vulnerable virtual machines for you to practice on
- Virtual Machine with many vulnerabilities that have exploits available in metasploit.
- Windows VMs
- Variety of windows virtual machines. They stop working after 30 days so create a snap shot and just revert. Password is Passw0rd!
- Suite of useful windows tools.
- Part of the sysinternals suite. A tool to add more robust logging for windows. Especially useful with a good config and logs being sent to a log management system like ELK, Splunk, etc.
- Good Sysmon Config
- Process Hacker
- Like task manager in windows but more useful.
Twitter: Security Professionals
- I’m use twitter combined with Nuzzel as a pretty effective notification system for cyber news. Nuzzel connects to your twitter account and notifies you when 3 (adjustable threshold) or more people that you follow retweet the same thing.
- Unsupervised Learning
- Bi-Weekly Newsletter for the top security news and technical news
- Cyberscoop = Daily Threat Reports —-
Malware Analysis and Reverse Engineering Links
Other Security Blogs
- Hacking: The Art of Exploitation
- The Art of Memory Forensics
- Practical Malware Analysis