From 3f9b679533e043276e089a1473c6f44a3db85540 Mon Sep 17 00:00:00 2001 From: ch0ic3 Date: Wed, 18 Dec 2024 06:36:31 -0800 Subject: [PATCH] added in resources and sections --- README.md | 176 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 107 insertions(+), 69 deletions(-) diff --git a/README.md b/README.md index 1d9c868..3bab702 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,10 @@ Many resources are inspired by and built upon the foundation of [Awesome Cyber S 4. [Bug Bounty](#bug-bounty) 5. [Social Engineering](#social-engineering) 6. [Reverse Engineering](#reverse-engineering) +7. [Binary Exploitation](#binary-exploitation) +8. [Operating Systems](#operating-systems) +9. [Programming Languages](#programming-languages) +10. [Contributions](#contributions) --- @@ -53,93 +57,127 @@ With the rise of smartphones and IoT devices, Android security has become a crit --- -### **Malware Analysis** -Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether you’re detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is an essential discipline for cybersecurity professionals. +## Malware Analysis +Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is essential. -#### **Steps in Malware Analysis** -1. **Static Analysis**: Examine the malware without running it. This includes inspecting file metadata, strings, and disassembling code. -2. **Dynamic Analysis**: Observe the malware in action by running it in a controlled sandbox or virtual environment. -3. **Behavioral Analysis**: Identify the changes the malware makes, such as file creation, registry modification, or network connections. -4. **Reverse Engineering**: Use tools like IDA Pro, Ghidra, or Radare2 to decompile and understand the malware's inner workings. +### **Steps in Malware Analysis** +1. **Static Analysis**: Examine the malware without running it. +2. **Dynamic Analysis**: Observe the malware in action using sandboxes or virtual environments. +3. **Behavioral Analysis**: Identify system changes, like file creations or network activity. +4. **Reverse Engineering**: Decompile and analyze the malware's internal logic. -#### **Recommended Tools** +### **Recommended Tools** - **Sandboxing**: [Cuckoo Sandbox](https://cuckoosandbox.org), [Any.Run](https://any.run) - **Reverse Engineering**: [IDA Pro](https://hex-rays.com/ida-pro/), [Ghidra](https://ghidra-sre.org/) -- **Network Analysis**: [Wireshark](https://www.wireshark.org/) - **Static Analysis**: [PEStudio](https://www.winitor.com/), [Binwalk](https://github.com/ReFirmLabs/binwalk) -#### **Essential Resources** -0. [Awesome malware analysis](https://theredteam.tech/ch0ic3/awesome-malware-analysis) - git list like this one but only with malware resources -1. [Malware Unicorn’s Training](https://malwareunicorn.org/#/workshops) - Excellent workshops and guides for malware analysis. -2. [Practical Malware Analysis Labs](http://practicalmalwareanalysis.com/labs/) - Hands-on exercises to practice analysis. -3. [Remnux](https://remnux.org/) - A Linux distribution specifically tailored for malware analysis. -4. [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html) - A reverse engineering CTF designed for malware analysts. +### **Hands-On Activities** +- Practical Malware Analysis Labs: [Download here](http://practicalmalwareanalysis.com/labs/) +- Honeypots: Capture malware samples with tools like [Dionaea](https://github.com/DinoTools/dionaea). -#### **Further Reading** -- [Real Digital Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Real%20Digital%20Forensics.pdf) - Incident response and forensic techniques. -- [Mastering Malware Analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Mastering%20Malware%20Analysis.pdf) - A comprehensive guide to combating advanced threats. -- [The Art of Memory Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20Art%20of%20Memory%20Forensics.pdf) - Detecting malware in memory. - -#### **Hands-On Activities** -- Set up a virtual lab using VMware or VirtualBox with tools like [FLARE VM](https://github.com/mandiant/flare-vm). -- Use honeypots like [Dionaea](https://github.com/DinoTools/dionaea) to capture malware samples. -- Practice capturing network traffic from malicious executables using Wireshark. +### **Books** +- [Practical malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Malware%20Analysis.pdf) +- [learning malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Learning%20Malware%20Analysis%20Explore%20the%20concepts%2C%20tools%2C%20and%20techniques%20to%20analyze%20and%20investigate%20Windows%20malware%20%28Monnappa%20K%20A%29.pdf) +- [Malware Analyst Cookbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Malware%20Analyst%27s%20Cookbook.pdf) +- [Antivirus hackers handbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Antivirus%20hackers%20handbook.pdf) +### **Additional Resources** +- [Malware Unicorn’s Training](https://malwareunicorn.org/#/workshops) +- [Remnux](https://remnux.org/) +- [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html) --- -## Bug Bounty -Bug bounty programs offer ethical hackers a chance to find and report vulnerabilities in return for rewards. It’s an excellent way to test your skills in real-world scenarios. - -### **Resources** -- [Awesome Bug Bounty](https://theredteam.tech/ch0ic3/awesome-bug-bounty) - ---- - -### **Social Engineering** -Social engineering exploits human psychology to gain unauthorized access or gather sensitive information. It remains one of the most effective attack vectors in cybersecurity. - -#### **Types of Social Engineering Attacks** -1. **Phishing**: Sending fake emails to trick users into revealing sensitive information. -2. **Spear Phishing**: Highly targeted phishing aimed at specific individuals or organizations. -3. **Pretexting**: Creating a fabricated scenario to manipulate victims into divulging information. -4. **Baiting**: Using physical or digital bait, like infected USB drives, to trick users. -5. **Tailgating**: Gaining access to secure areas by following authorized personnel. - -#### **Recommended Tools** -- **Phishing Simulations**: [Gophish](https://getgophish.com/) - Test your organization's resilience to phishing. -- **OSINT Gathering**: [Maltego](https://www.maltego.com/), [SpiderFoot](https://www.spiderfoot.net/) -- **Human Risk Assessment**: [Social-Engineer Toolkit (SET)](https://github.com/trustedsec/social-engineer-toolkit) - -#### **Practical Tips to Avoid Social Engineering** -1. Train employees to recognize phishing attempts. -2. Verify the identity of individuals before sharing sensitive information. -3. Use multifactor authentication to secure accounts. -4. Monitor for unusual activity, such as unauthorized login attempts. - -#### **Further Reading** -1. [Social Engineering: The Science of Human Hacking by Christopher Hadnagy MISSING]() -2. [Social Engineering Framework](https://www.social-engineer.org/framework/) - Comprehensive resource for understanding social engineering tactics. -3. [The Psychology of Information Security MISSING]() - Learn about human factors in cybersecurity. - -#### **Hands-On Activities** -- Conduct phishing campaigns in a controlled environment using [Gophish](https://getgophish.com/). -- Practice OSINT techniques with tools like [Sherlock](https://github.com/sherlock-project/sherlock). -- Participate in social engineering CTFs to test your skills. - ## Reverse Engineering -Reverse engineering involves analyzing software or hardware to understand its design and behavior. This skill is essential for malware analysis, vulnerability research, and exploit development. +Reverse engineering involves dissecting software to understand its design and functionality. Essential for malware analysis and exploit development. -### **Recommended Books** -1. [Practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Reverse%20Engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20Reversing%20Tools%2C%20and%20Obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%29.pdf) -2. [The IDA Pro Book MISSING]() +### **Books** +- [Implementing Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Implementing%20Reverse%20Engineering%20The%20Real%20Practice%20of%20X86%20Internals%2C%20Code%20Calling%20Conventions%2C%20Ransomware%20Decryption%2C...%20%28Jitender%20Narula%29.pdf) +- [practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20reverse%20engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20reversing%20tools%2C%20and%20obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%20etc.%29%20%28Z-Library%29.pdf) +- [Reverse Engineering for beginners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20for%20Beginners%28Understanding%20Assembly%20Language%29%20%28Dennis%20Yurichev%29%20%28Z-Library%29.pdf) +- [Reverse Engineering of object oriented code](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20of%20Object%20Oriented%20Code%20%28Paolo%20Tonella%2C%20Alessandra%20Potrich%29%20%28Z-Library%29.pdf) +- [The Ghidra Book](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/theghidrabook.pdf) +- [X86 Software Reverse-Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/x86%20Software%20Reverse-Engineering%2C%20Cracking%20-%20Stephanie%20Domas.pdf) +### **Recommended Tools** +- [IDA Free](https://hex-rays.com/ida-free/) +- [Ghidra](https://ghidra-sre.org/) +- [Radare2](https://rada.re/n/) + +### **Hands-On Resources** +- [Reversing Hero](https://reversinghero.com) +- [Microcorruption](https://microcorruption.com) --- -## Contributions +## Binary Exploitation +Binary exploitation focuses on finding and leveraging vulnerabilities at the binary level. + +### **Recommended Topics** +- Buffer Overflows +- Return-Oriented Programming (ROP) +- Heap Exploitation + +### **Hands-On Resources** +- [Pwnable.kr](http://pwnable.kr) +- [Pwnable.xyz](https://pwnable.xyz) +- [ROP Emporium](https://ropemporium.com) +- [Exploit Education](https://exploit.education/) +- [pwn.college](https://pwn.college) + +--- + +## Operating Systems +Operating systems are foundational for cybersecurity work, especially Linux. + +### **Linux Distributions for Cybersecurity** +- **Kali Linux**: Penetration testing and red teaming. +- **Parrot OS**: Lightweight alternative to Kali. +- **Ubuntu**: User-friendly and versatile for general security work. +- **Arch Linux**: For those who want deep customization. + +--- + +## Programming Languages +Knowing programming languages is crucial for automating tasks and developing exploits. + +### **Languages and Resources** +1. **Python** + - Site: [Python](https://www.python.org/) + - Book: [Automate the Boring Stuff](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Automate%20the%20Boring%20Stuff%20with%20Python.pdf) + - Libraries: `pwntools`, `scapy`, `requests` + - Book: [Black hat Python](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/black%20hat%20python.pdf) + - Book: [Python One-Liners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20One-Liners%20-%20Write%20Concise%2C%20Eloquent%20Python%20Like%20a%20Professional.pdf) + - Book: [Python crash course](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Crash%20Course%20A%20Hands-On%2C%20Project-Based%20Introduction%20to%20Programming%20%28Eric%20Matthes%29%20%28Z-Library%29.pdf) + - Book: [Python Tricks](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Tricks%20-%20A%20Buffet%20of%20Awesome%20Python%20Features%20%28Dan%20Bader%29%20%28Z-Library%29.pdf) + - Site: [W3schools](https://www.w3schools.com/python/) - please learn the basic concepts here if you're starting out!. + +2. **C/C++** + - Book: [The C Programming Language (K&R)](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20C%20Programming%20Language%20%28Brian%20Kernighan%20and%20Dennis%20Ritchie%29%20%28Z-Library%29.pdf) + - site [w3schoolss](https://www.w3schools.com/c/index.php) - i recommend starting here + - Book: [Windows Security Internals](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Windows%20Security%20Internals%20%28James%20Forshaw%29.pdf) + - Book: [ComputerScienceOne](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/ComputerScienceOne.pdf) + +3. **Rust** + - Site: [The Rust Programming Language Book](https://doc.rust-lang.org/book/) + - Site: [Reverse engineering rustlang](https://brightprogrammer.netlify.app/post/reverse-engineering-rustlang-binaries-0x1-empty-program/) + - Book: [Black Hat Rust](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Black%20Hat%20Rust%20Deep%20dive%20into%20offensive%20security%20with%20the%20Rust%20programming%20language%20%28Sylvain%20Kerkour%29.pdf) + +4. **JavaScript** +I personally use JS for pretty much anything Web. + - Docs: [Node.js Docs](https://nodejs.org/docs/latest/api/) + - Book: [Javascript for hackers](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Gareth_Heyes_-_JavaScript_for_hackers_Learn_to_think_like_a_hacker_2022.pdf) + - Libary / package [Prisma Orm](https://www.prisma.io/) + - Libary / package [Express.js Minimalistic web framework](https://expressjs.com/) + +5. **Golang** + - BOOK: [blackhat Go](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/blackhatgo.pdf) + +--- + +## Contributions Contributions are welcome! Feel free to open issues or submit pull requests to add valuable resources or enhance existing content. --- -### Final Thoughts +### Final Thoughts This repository is a starting point for exploring diverse fields in cybersecurity. Use the recommended resources to build your skills, and don’t hesitate to seek help or clarification. Good luck on your journey!