Resources

Threat Intelligence Platforms

Crafting the InfoSec Playbook on SecurityListing: A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.

Certifications

Infosec4tc CISSP® Exam Preparation Training Course on SecurityListing: CISSP exam prep training course covering 8 (ISC)2 knowledge domains

Penetration Testing

Cybrary on SecurityListing: Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.

Threat Intelligence Platforms

Naked Security and Sophos News on SecurityListing: Naked Security by Sophos offers expert insights and practical advice on cybersecurity threats and protection strategies.

Industry Reports

2024 Data Breach Investigations Report on SecurityListing: Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.

Guides

gvfs on SecurityListing: GVfs is a userspace virtual filesystem implementation for GIO with various backends and features.

Blogs and News

BadCyber on SecurityListing: A curated list of important security news, helping readers stay up-to-date with the latest developments in cybersecurity.

Guides

Hacker101 on SecurityListing: Free online class for web security and hacking

Write-ups

Crypto Drainer Attack on SecurityListing: A deep dive into the Ledger connect-kit compromise decryption process.

Guides

GreHack 2018 Conference Videos on SecurityListing: Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.

Guides

Incident Response & Computer Forensics, Third Edition on SecurityListing: A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

Certifications

Infosec4tc CISM Latest Exam Questions on SecurityListing: CISM exam prep with 620 practice questions across 4 online simulators

Risk Assessment

Beazley Spotlight on Cyber & Technology Risk 2024 on SecurityListing: Industry report on cyber and technology risks for 2024

Threat Hunting

Incident Response with Threat Intelligence on SecurityListing: A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.

Blogs and News

CybersecNews Weekly on SecurityListing: A weekly newsletter covering computer security news and tutorials

Guides

Incident Response Techniques for Ransomware Attacks on SecurityListing: A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.

Industry Reports

June's Sophisticated npm Attack Attributed to North Korea on SecurityListing: A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.

Guides

Incident Response Flowchart on SecurityListing: A structured approach to managing and responding to suspected security events or incidents.

Penetration Testing

Nmap Cheat Sheet v1.0 on SecurityListing: A comprehensive reference guide to Nmap's scripting engine and its various options, scripts, and target specifications.

Blogs and News

Cybersecurity News on SecurityListing: A cybersecurity news platform providing updates on threats, vulnerabilities, and breaches.

Guides

PyCon.DE 2018 on SecurityListing: A conference featuring talks and workshops on various Python-related topics.

Guides

Harden the World on SecurityListing: Community project for developing common guidelines and best practices for secure configurations.

Blogs and News

Cyberscoop on SecurityListing: CyberScoop is a leading media brand providing news and event coverage to top cybersecurity leaders through its website, newsletter, events, radio, and TV.

Guides

Basic Linux Privilege Escalation - g0tmi1k RSS BlogArchives on SecurityListing: A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.

Blogs and News

RuCTFE 2020 Conference on SecurityListing: Online cybersecurity conference with speakers' talks and interactive Q&A sessions.

VPN

Gh0st Networks News Feed on SecurityListing: Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.

Industry Reports

Majestic Million CSV on SecurityListing: A daily updated list of the top 1 million websites in the world, ordered by referring subnets.

Blogs and News

McAfee Blogs on SecurityListing: Explore cybersecurity insights and tips on McAfee Blogs to stay safe online.

Blogs and News

MUlliNER.ORG/NET/DE on SecurityListing: Personal website of Collin R. Mulliner with a focus on security research and mobile platforms.

Blogs and News

Graham Cluley on SecurityListing: Graham Cluley offers expert cybersecurity insights and commentary through various media including podcasts and speaking engagements.

Offensive Security

Guide to Ethical Hacking on SecurityListing: A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.

Certifications

Open Security Training on SecurityListing: Free and open-source cybersecurity training classes with multi-class learning paths for high-skill, high-pay job skills.

Guides

Operator Handbook: Red Team + OSINT + Blue Team Reference on SecurityListing: A detailed manual for cybersecurity professionals focusing on red team, OSINT, and blue team strategies.

Penetration Testing

Pivoting Cheat Sheet on SecurityListing: A pocket reference guide providing various options for navigating and pivoting through different environments and situations.

Blogs and News

CPO Magazine on SecurityListing: CPO Magazine is a cybersecurity news and information website providing articles, news, and insights on cybersecurity, privacy, and technology.

Guides

Dr. Fu's Security Blog: Malware Analysis Tutorials: a Reverse Engineering Approach on SecurityListing: A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.

Threat Intelligence Platforms

Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains on SecurityListing: A new approach to computer network defense that leverages knowledge about advanced persistent threats, using a kill chain model to describe phases of intrusions and map adversary kill chain indicators to defender courses of action.

Digital Forensics and Incident Response

Intelligence-Driven Incident Response on SecurityListing: ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.

Threat Hunting

Google Cloud Incident Response Cheat Sheet on SecurityListing: A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.

Industry Reports

Cybersecurity Ventures on SecurityListing: Cybersecurity Ventures is a leading research and market intelligence firm providing insights, news, and analysis on the cybersecurity industry.

Blogs and News

Detection Digest on SecurityListing: A newsletter service that tracks and reports weekly changes in detection engineering rules and updates across multiple GitHub repositories.

Blogs and News

GBHackers on SecurityListing: GBHackers offers up-to-date cybersecurity news and insights, focusing on threats, vulnerabilities, and innovative defense strategies.

Blogs and News

Krebs on Security on SecurityListing: Brian Krebs is a cybersecurity journalist and blogger, known for his in-depth reporting on cybercrime and cybersecurity issues.

Penetration Testing

Metasploit Unleashed on SecurityListing: Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.

Blogs and News

FreeBuf on SecurityListing: Cybersecurity industry portal offering articles, tools, and resources.

Guides

Hardwear.io Conference 2018 on SecurityListing: Recorded talks from the Hardwear.io Conference 2018 covering various hardware security topics.

Write-ups

Exposing Security Observability Gaps in AWS Native Security Tooling on SecurityListing: A comprehensive analysis of AWS IAM Access Analyzer, evaluating its capabilities, limitations, and effectiveness in identifying publicly exposed AWS resources.

Cheat Sheets

APFS File System Format Reference Sheet on SecurityListing: APFS is a proprietary file system developed by Apple for macOS, offering improved performance, security, and reliability.

Blogs and News

F-Secure Blog on SecurityListing: F-Secure Blog provides in-depth articles and research on cybersecurity threats and best practices.

Guides

Hardening OpenLDAP on Linux with AppArmor and systemd on SecurityListing: A comprehensive guide to hardening OpenLDAP on Linux using AppArmor and systemd, providing a defense in depth approach to securing LDAP deployments.

Blogs and News

InfoRisk Today on SecurityListing: InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.

Blogs and News

Google Security Blog on SecurityListing: Google's Security Blog provides the latest news and insights on security and safety on the Internet.

Guides

ARM Assembly Tutorial Series on SecurityListing: Comprehensive tutorial series on ARM Assembly covering various topics.

Guides

DistroWatch.com on SecurityListing: A website for information on Linux and BSD distributions.

Guides

PHP: The Right Way on SecurityListing: Comprehensive guide on best practices for PHP development.

Blogs and News

Paul's Security Weekly on SecurityListing: A leading cybersecurity podcast network offering in-depth discussions on current security trends and insights.

Cheat Sheets

John the Ripper Cheat Sheet on SecurityListing: A comprehensive cheat sheet for using JtR (John the Ripper), a password cracking tool.

Guides

Emulate Raspberry Pi with QEMU on SecurityListing: Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.

Blogs and News

Bad Sector Labs Blog - Last Week in Security (LWiS) on SecurityListing: Weekly summary of cybersecurity news and exploits.

Blogs and News

Advisory Week on SecurityListing: Weekly security newsletter with advisories from major software vendors

Blogs and News

CSO Online on SecurityListing: A leading online publication providing news, analysis, and insights on cybersecurity, IT leadership, and technology trends.

Penetration Testing

PowerShell Cheat Sheet v. 4.0 on SecurityListing: A comprehensive PowerShell cheat sheet covering various tasks and techniques for file management, process management, network operations, and system administration.

Guides

ENISA Training Resources on SecurityListing: ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.

Certifications

Professor Messer IT Certification Training on SecurityListing: IT certification training for CompTIA exams with free resources.

Guides

Enigma on SecurityListing: A comprehensive guide to navigating the world of secure messaging apps, providing insights and recommendations to help you make an informed decision.

Guides

OpenBSD Manual Page Server on SecurityListing: Search OpenBSD manual pages by keyword, section, or manual page name

Cheat Sheets

Intrusion Discovery Cheat Sheet v2.0 on SecurityListing: A comprehensive guide for system administrators to detect and identify potential security threats on Windows 2000 systems.

Threat Intelligence Platforms

HTB Academy on SecurityListing: HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

Threat Hunting

INE Security on SecurityListing: INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.

Threat Hunting

Linux Detection Engineering - A primer on persistence mechanisms on SecurityListing: A comprehensive guide on Linux persistence mechanisms, focusing on scheduled tasks and jobs, their implementation, detection, and hunting strategies.

Guides

Universal Book Links on SecurityListing: Find books at your favorite store and stay updated on new features with Universal Book Links.

Certifications

SANS on SecurityListing: SANS Institute provides cyber security training, certifications, and degrees to empower cyber security practitioners and teams.

Penetration Testing

SSH Tunnelling to Punch Through Corporate Firewalls – Updated take on one of the oldest LOLBINs on SecurityListing: A comprehensive guide on utilizing advanced SSH tunneling techniques for network penetration testing and red team engagements, with a focus on Windows environments and firewall bypass methods.

Offensive Security

Paving The Way to DA - Complete Post (Pt 1,2 & 3) on SecurityListing: A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.

Blogs and News

Resmo's Cybersecurity Blog on SecurityListing: Resmo's Cybersecurity Blog provides expert insights and tools for securing SaaS applications and cloud documents for IT and security teams.

Guides

Reverse Engineering for Beginners on SecurityListing: A comprehensive guide to reverse engineering by Dennis Yurichev, available for free download in multiple languages and formats, with praise from cybersecurity experts.

Offensive Security

The Hacker News on SecurityListing: The Hacker News is a leading cybersecurity news platform providing updates, insights, and information to professionals and enthusiasts in the field.

Guides

Security Guide Red Hat Enterprise Linux 7 on SecurityListing: The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.

Blogs and News

Security Affairs on SecurityListing: Security Affairs provides comprehensive insights into global cybersecurity threats and protective measures.

Guides

Security Driven .NET on SecurityListing: A practical security handbook for .NET developers covering essential security controls, cryptographic functions, and secure coding practices.

Blogs and News

Securelist by Kaspersky Lab on SecurityListing: Securelist by Kaspersky Lab provides in-depth cybersecurity research and solutions across multiple industries.

Guides

Web Application Exploits and Defenses on SecurityListing: An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.

Cheat Sheets

SMB Access from Linux Cheat Sheet on SecurityListing: A comprehensive cheat sheet for accessing Windows systems from Linux hosts using smbclient and rpcclient tools, covering password management, user and group enumeration, and more.

Guides

The Anatomy of a Malicious Package on SecurityListing: Educational resource analyzing the structure and implementation of malicious packages in software ecosystems, with focus on JavaScript/NPM threat models.

Container Security

Ramblings from Jessie: Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs on SecurityListing: A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.

Guides

Teaching Security on SecurityListing: Teaching Security provides educational resources and lessons for teaching cybersecurity concepts to high school students.

Certifications

The SOC Academy (VirusTotal) on SecurityListing: The SOC Academy offers official VirusTotal certification courses to help cybersecurity professionals maximize its functionalities and advance their careers.

Offensive Security

The State of Security by Tripwire on SecurityListing: Sysreptor offers a customizable reporting solution for penetration testing and red teaming activities.

Guides

SP 800-82, Guide to Industrial Control Systems (ICS) Security on SecurityListing: A comprehensive guide to securing Industrial Control Systems (ICS) from cyber threats, published by NIST.

Threat Intelligence Platforms

The Practice of Network Security Monitoring on SecurityListing: A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.

Cheat Sheets

Windows and Linux Terminals & Command Lines on SecurityListing: A comprehensive cheat sheet for Windows and Linux terminals and command lines, covering essential commands and syntax for various tasks.

Penetration Testing

Windows Command Line Cheat Sheet on SecurityListing: A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.

Guides

YouTube on SecurityListing: A video-sharing platform for creators to share their content and for users to discover new content, with a focus on cybersecurity.

Penetration Testing

Infosec4TC Cyber Security Specialist on SecurityListing: Cybersecurity educational book covering network, web app, cloud, and mobile security

Penetration Testing

InfoSec4TC Cyber Security Courses on SecurityListing: Online cybersecurity training platform with 150+ courses and hands-on labs

Database Security

SQL Injection Cheat Sheet on SecurityListing: A comprehensive SQL injection cheat sheet covering various database management systems and techniques.

Guides

Reversing With Lena (Tutorials) on SecurityListing: Educational resources for reverse engineering tutorials by lena151.

Industry Reports

SteelCon 2018 on SecurityListing: Cybersecurity conference featuring talks on various hacking topics by industry experts.

Guides

Mandos Cyber Strategy OS on SecurityListing: Curated cybersecurity frameworks, templates & guides for security programs

Guides

Security Trainings on SecurityListing: Free training sessions on Reverse Engineering, Malware Analysis, and Exploit Development.

Cheat Sheets

Password Storage - OWASP Cheat Sheet Series on SecurityListing: Guidelines and best practices for securely storing passwords.

Threat Intelligence Platforms

Mandos Brief on SecurityListing: Weekly cybersecurity newsletter covering security incidents, AI, and leadership

Certifications

Coursera Together: Free online learning during COVID-19 on SecurityListing: Coursera offers free online learning resources and courses during the COVID-19 pandemic.

Blogs and News

NERC Alerts on SecurityListing: Receive important notifications and updates related to North American electric grid security.

Guides

Securing NFS Red Hat Enterprise Linux 7 on SecurityListing: Guidance on securing NFS in Red Hat Enterprise Linux 7

Guides

Security Tips - Apache HTTP Server Version 2.4 on SecurityListing: Security tips for setting up an Apache HTTP Server to prevent security issues.

Penetration Testing

Twitter's Vine Source Code Dump on SecurityListing: A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

Blogs and News

The Absurdly Underestimated Dangers of CSV Injection on SecurityListing: A blog post discussing the often overlooked dangers of CSV injection in applications.

Cheat Sheets

vi Editor Cheat Sheet on SecurityListing: A quick reference guide for the VI editor, covering commands and modes.

Guides

Windows Commands Abused by Attackers on SecurityListing: Malware allows attackers to execute Windows commands from a remote environment

Blogs and News

Security Week on SecurityListing: A general cybersecurity news site providing discussions and news on various cybersecurity topics.

Blogs and News

Mandos Cybersecurity Insights on SecurityListing: Blog providing cybersecurity, AI security, and leadership insights for CISOs

Threat Intelligence Platforms

Ryan Stillions: On TTPs on SecurityListing: In-depth analysis of real-world attacks and threat tactics

Certifications

SANS Institute on SecurityListing: Leading provider of free cybersecurity training resources

Certifications

SANS Cyber Aces on SecurityListing: Free cyber security training and resources for career development.

Blogs and News

Schneier on Security on SecurityListing: Schneier on Security provides expert analysis and commentary on a wide range of security issues.