Information Research and Content Categorization

Profile image for therapture
November 10, 2017 | Views: 73447

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here


By: The Rapture and fellow contributing Cybrarians

Today’s Estimated Link Count: 1470

Updated 11/10/17

 

I will continue to keep this article up to date on a fairly regular basis. (update: I have been working a lot in the last year, and have so much I need to add, so bear with me on updates, everyone!)

So for everyone who wants a list of resources to check out, this is it. I have copied all of my favorite links and you guys have added a ton to it, making this the place for anyone who would like to learn just about ANYTHING. I have categorized everything; from just getting started with Information Technology all the way up to more advanced things; this is the best list I can make for you.  

 

Tips:

  • You might want to use CTRL + F to find things easier  once your browse it initially since this article houses so many resources!
  • Thank you all so very much for your support and Cybyte Tips!  (It takes a lot of time to keep an article like this updated, so I appreciate your feedback very much!)
  • Feel free to comment with any feedback you might have (I do actually read the comments regularly and try to respond to each of them)  
  • I also ask that if you quote this article anywhere else, that you include a link back to this as reference.  

 

Disclaimers: I should probably note that although a vast majority of these links have been visited and vetted, there is no guarantee that they are safe at all times.  As we all know, attackers can compromise any site at any time and cause trouble for visitors.  Myself and Cybrary.it are not responsible for any malicious activity or damage done to anyone or any organization due to traveling to any of these links.  Any and all tools contained in this page are for educational use only, and are not intended for malicious use.

 

 

The Rapture’s Favorite InfoSec Charity

===========================================================

http://www.hackersforcharity.org/

I want to put this up at the top here so that people notice them, because I think that they don’t get enough credit for what they do.  While Johnny Long (The Godfather of Google Dorking) moved to Uganda to make a difference there, his work is not confined to one location.  This guy truly helps out all over the world, and I think very highly of the guy.  If you want to support a charity, I wholeheartedly recommend HFC.

 

 

The Rapture’s most used links

===========================================================

A mentor once told me that I needed to read this story, and be like Rowan.  At the time, I had no idea what he meant, but after reading this article, I think it is one of the most influential pieces of literature I have ever read. I highly recommend that if you want to be “THE” professional that everyone wants to hire, this is what will get you there.  Go deliver that message! – http://www.benning.army.mil/infantry/199th/ocs/content/pdf/Message%20to%20Garcia.pdf

 

  • I see a ton of people asking how to get your foot in the door in the penetration testing field, and so I wanted to share this resource with you all because I feel it is a great answer to this common question: https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/
  • https://dev.windows.com/en-us/microsoft-edge/tools/vms/windows/  – Windows VMs  Microsoft offers 90 day trial VMs for people to test IE versions 6-Edge browser.  You can Download XP, Vista, 7, 8, 8.1, and 10 to try out.  They also have these operating systems packaged up for VirtualBox, Vagrant, HyperV, VPC, and VMware for a no fuss approach.  Just download whatever OS you want to play with, and load it on up.
  • https://www.infosecindustry.com/ – This place has it all: Alerts, News, Podcasts, Videos, Etc. It’s like a dashboard to the InfoSec world. It makes a good home page.
  • http://securityweekly.com/ – This is a great video/audio podcast/livestream to learn about InfoSec news and what fellow hackers are doing on a weekly basis. Paul has been doing this show for a few years, and has many interesting guests on his show. They love to have a few drinks (and Cigars) and talk about InfoSec. The most entertaining show about Security I’ve ever listened to.
  • http://www.TWiT.tv – Great place to start if you are just wanting to listen/watch to tech news on a daily basis. They have tons of shows from beginner to shows about technology law. It’s a good place to start learning about all kinds of different tech stuff. (Before I got started into InfoSec, this was the place that I went to get familiar with tech terms and learn about current issues and events in the tech world.)
  • http://www.Shodan.io – This site is really useful for all kinds of reasons. Shodan is the world’s first search engine for Internet-connected devices.  It also turns out that if you send an email (to jmath@shodan.io) from an EDU account letting them know you are a student and your trial account login name, they will upgrade your account to a full membership for free.  (Thanks again John Matherly for the info and the upgrade!)
  • https://haveibeenpwned.com/ – Another pretty cool site where you can check an email address to see if it has been listed in any major breaches. You can also use their API to create your own stuff and do more creative searches. They also have the ability to search across a whole domain for breached accounts, but you have to verify that you own that domain, of course.
  • https://www.censys.io/tutorial – Censys is a search engine that enables researchers to ask questions about the hosts and networks that compose the Internet.
  • https://letsencrypt.org/ – Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).
  • https://ninite.com/ – Great for getting many of the tools you need when you rebuild machines. It installs and updates all of your needed programs all at once for you so you don’t have to go get them individually.
  • https://wigle.net/ – This site is dedicated to wireless network discovery and recon. You can go to an area on the map and see what Wifi SSIDs have been discovered by wardrivers.  Pretty sweet!
  • https://www.calm.com/ – Because sometimes you just want/need to chill out after a long day.  =)
  • https://zerossl.com/ – Honestly, one of the quickest ssl cert sites I’ve ever used.

 

 

Video Training /Training Sites:

===========================================================

 

 

Conferences/archives

===========================================================

 

Archives:

 

 

Lock Sport / Lock Picking / Lock Smithing

===========================================================

 

 

Various electronics/shops to buy tools/gadgets

===========================================================

 

 

Blogs & Resource Sites of Individuals

===========================================================

 

 

Forums

===========================================================

 

 

Intrusion Detection/Intrusion Prevention Information

===========================================================

  • https://security-onion-solutions.github.io/security-onion/ – Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

 

 

Penetration Testing

===========================================================

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Vulnerable Web Applications

===========================================================

 

 

Vulnerable Operating System Installations

===========================================================

 

 

Sites for Downloading Older Versions of Various Software

===========================================================

 

 

Sites by Vendors of Security Testing Software

===========================================================

 

 

Sites for Improving Your Hacking Skills

===========================================================

 

 

CTF Sites / Archives

===========================================================

 

Mobile Apps

===========================================================

 

 

Interesting Apps/Scripts/Programs

===========================================================

 

 

Products/Appliances

===========================================================

 

 

Host Forensics

===========================================================

 

 

Network Forensics

===========================================================

 

 

Malware Analysis

===========================================================

 

 

Forensics Online and CTFs

===========================================================

 

 

List of links for (specifically) different VMs/OSs: (for all you lab makers out there!)

===========================================================

 

 

Software/App Development

===========================================================

 

 

Cryptography Resources

===========================================================

 

 

Router Firmware Options

===========================================================

 

 

Miscellaneous

===========================================================

 

 

Threat Intel Links:

===========================================================

 

 

Anonymity/Privacy Links

===========================================================

 

 

Information Gathering/Footprinting/Intel Links

===========================================================

Infrastructure:

 

OSINT (Open Source Intelligence):

 

 

People Searching

===========================================================

 

 

Splunk Threat Intel Feeds:

===========================================================

 

 

Bounty Hunter Programs

===========================================================

 

 

Add-ons for Chrome/Firefox: (you can search for these in your browser’s plugin store)

===========================================================

 

 

Deep Web/Dark Net Information (new and needs improvement)

===========================================================

 

Books, Music, Audio, Software, Games, Films, TV, etc…

===========================================================

 

 

 

 

Cyber Security Policy

===========================================================

 

 

Cyber Kill Chain (Near and Dear to Incident Response Professionals)

===========================================================

Great Resource for those in Incident Response – http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf

 

 

Puzzles and Games

===========================================================

 

 

Automation build

===========================================================

 

 

Backup software

===========================================================

 

 

Build and software organization tools

===========================================================

 

 

Conversation-driven development and management. See http://www.reddit.com/r/chatops for more information

===========================================================

 

 

Managing software on desktop computers

===========================================================

 

 

Cloning software

===========================================================

 

 

Cloud Computing

===========================================================

 

 

Cloud Orchestration

===========================================================

 

 

Cloud Storage

===========================================================

 

 

Web Based collaborative code review system

===========================================================

  • https://code.google.com/p/gerrit/ – Based on the Git version control, it facilitates software developers to review modifications to the source code and approve or reject those changes.
  • http://phabricator.org/ – Code review tool build by facebook and used by WikiMedia, FB, dropbox etc. Comes with an integrated wiki, bug tracker, VC integration and a CLI tool called arcanist.
  • https://www.reviewboard.org/ – Available as free software under the MIT License.

 

 

Collaborative software or groupware suites

===========================================================

 

 

Configuration management database (CMDB) software

===========================================================

 

 

Configuration management tools

===========================================================

 

 

Continuous integration/deployment software

===========================================================

 

 

Web hosting and server or service control panels

===========================================================

 

 

Tools and scripts to support deployments to your servers

===========================================================

 

 

Network distributed filesystems

===========================================================

 

 

DNS servers

===========================================================

 

 

Open source code editors

===========================================================

 

 

LDAP

===========================================================

 

 

Tools and web interfaces

===========================================================

 

 

IT Assets Management software

===========================================================

 

 

Log management tools: collect, parse, visualize …

===========================================================

 

 

Mail Clients

===========================================================

 

 

Webmail applications

===========================================================

 

 

Mail Delivery Agents (IMAP/POP3 software)

===========================================================

 

 

Mail Transfer Agents (SMTP servers)

===========================================================

 

 

Software for simple deployment of a mail server, e.g. for inexperienced or impatient admins

===========================================================

 

 

Monitoring software

===========================================================

 

 

Metric gathering and display software

===========================================================

 

 

Network configuration management tools

===========================================================

 

 

Newsletter software

===========================================================

 

 

NoSQL databases

===========================================================

 

 

Packaging

===========================================================

 

 

Web-based project management and bug tracking systems

===========================================================

 

 

Queuing

===========================================================

 

 

Relational DBMS

===========================================================

 

 

Security tools

===========================================================

 

 

Service Discovery

===========================================================

  • http://www.consul.io/ – Consul is a tool for service discovery, monitoring and configuration.
  • https://github.com/ha/doozerd – Doozer is a highly-available, completely consistent store for small amounts of extremely important data.
  • https://github.com/coreos/etcd – distributed K/V-Store, authenticating via SSL PKI and a REST HTTP Api for shared configuration and service discovery.
  • http://zookeeper.apache.org/ – ZooKeeper is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services.

 

 

Operating system–level virtualization

===========================================================

 

 

SSH tools

===========================================================

 

 

Analytics software

===========================================================

 

 

Status Pages

===========================================================

 

 

Web-based ticketing system

===========================================================

 

 

Troubleshooting Tools

===========================================================

  • https://grml.org/ – bootable Debian Live CD with powerful CLI tools.
  • http://mitmproxy.org/ – A Python tool used for intercepting, viewing and modifying network traffic. Invaluable in troubleshooting certain problems.
  • http://www.sysdig.org/ – Capture system state and activity from a running Linux instance, then save, filter and analyze.
  • http://www.wireshark.org/ – The world’s foremost network protocol analyzer.

 

 

Software versioning and revision control

===========================================================

 

 

Virtualization software

===========================================================

 

 

VPN software

===========================================================

 

XMPP servers

===========================================================

 

XMPP Web Clients

===========================================================

 

 

Web servers

===========================================================

 

 

Web Performance

===========================================================

  • http://www.haproxy.org/ – Software based load Balancing, SSL offloading and performance optimization, compression, and general web routing.
  • https://www.varnish-cache.org/ – HTTP based web application accelerator focusing on optimizing caching and compression.

 

 

Wiki Software

===========================================================


 

A big Thank You to all of the people who read this post, and an even bigger THANK YOU to the people who helped by adding to this post (You guys are awesome!):

www.amanhardikar.com     jholbrook    guitarmidi     elementhttp     Orion3999     n4s1r     ladyhacker     dantealighieri     lubuntufu     Infosectdk     hakimkt     Kn0

I was given a lot of links by Guitarmidi which I also found in a Google Code Archive written by Jason Haddix@ownpile@mubixNathan Drier & James Fitts of Strategic Security found here.

I was also given a lot of links by infosectdk from a compiled list of resources found here.

Share and Earn Cybytes
FacebookTwitterGoogle+LinkedInEmail
Save
+1
631
188
Use Cybytes and
Tip the Author!
Join
Share and Earn
Cybytes
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Be the Best at Whatever You Do.
We Have the Tools to Get You There.
Visit the NEW Marketplace of Over 500 Skill Enhancement Tools.
188 Comments
  1. Awesomeness! Gracias!

  2. Great list and kudos for creating this. Under the Malware Analysis you may wish to add Payload Security’s Hybrid Analysis site: https://www.hybrid-analysis.com/. It is quite handy when you want to quickly scan a suspicious file (exe, pdf, apk etc). It is similar to Cuckoo Sandbox.

Page 23 of 23« First...«1920212223

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel