Infosec resources and readings

Throughout my career I have collected a handful of links and resources that I have found useful. I wanted to share these in case they’re useful for others! Enjoy.

Readings

Historical stories about threat actors and campaigns are really important to understanding the mindset of both attackers and defenders. The Cuckoo’s Egg is my recommended introduction book, and the others are good follow on books.

• The Cuckoo’s Egg
• Sandworm
• Countdown to Zero Day

CTF

A great way to learn new concepts is through challenges. In cybersecurity, there are Capture the Flag challenges/competitions that typically revolve around cryptography, ethical hacking, web exploitation, reverse engineering, and forensics.

• picoCTF (beginner)
• OverTheWire

General Cybersecurity

• Tufts: Defense Against The Dark Arts
• OWASP Top 10

General Programming

• CS50 by Harvard

Application Security

• Introduction to Web Application Security
• Damn Vulnerable Web Application
• VulnWeb - vulnerable PHP and all other stacks

Crypto

• Crypto 101

Incident Response

• PCAP analysis
• Intelligence-Driven Incident Response
• DFIR Report

Threat Detection

• Practical Threat Detection Engineering
• What Are SIGMA Rules: Beginner’s Guide
• On Detection series
• Detection Engineering Weekly newsletter
• Learning Sliver C2
• Detecting and decrypting Sliver C2 – a threat hunter’s guide
• Linux auditd for Threat Detection
• Prioritization of the Detection Engineering Backlog

Threat Management

• Protocol Handlers

Malware

• An Introduction to Bypassing User Mode EDR Hooks

Resources

• CTF Field Guide
• PayloadsAllTheThings

Useful tools

• Triage
• ANY.RUN
• VirusTotal
• IPinfo
• IPQS
• CyberChef

ATT&CK

• Overview & Dashboard
• Pyramid of Pain

Podcasts

• Malicious Life
• The CyberWire
• Smashing Security
• Darknet Diaries

List of lists

• Awesome Forensics
• Awesome Malware Analysis
• Infosec Reference
• Awesome Web Security
• ThreatHunting Reading List
• Incident Response cheatsheet