added in resources and sections
This commit is contained in:
parent
7040fb8e1a
commit
3f9b679533
172
README.md
172
README.md
@ -14,6 +14,10 @@ Many resources are inspired by and built upon the foundation of [Awesome Cyber S
|
|||||||
4. [Bug Bounty](#bug-bounty)
|
4. [Bug Bounty](#bug-bounty)
|
||||||
5. [Social Engineering](#social-engineering)
|
5. [Social Engineering](#social-engineering)
|
||||||
6. [Reverse Engineering](#reverse-engineering)
|
6. [Reverse Engineering](#reverse-engineering)
|
||||||
|
7. [Binary Exploitation](#binary-exploitation)
|
||||||
|
8. [Operating Systems](#operating-systems)
|
||||||
|
9. [Programming Languages](#programming-languages)
|
||||||
|
10. [Contributions](#contributions)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
@ -53,86 +57,120 @@ With the rise of smartphones and IoT devices, Android security has become a crit
|
|||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
### **Malware Analysis**
|
## Malware Analysis
|
||||||
Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether you’re detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is an essential discipline for cybersecurity professionals.
|
Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is essential.
|
||||||
|
|
||||||
#### **Steps in Malware Analysis**
|
### **Steps in Malware Analysis**
|
||||||
1. **Static Analysis**: Examine the malware without running it. This includes inspecting file metadata, strings, and disassembling code.
|
1. **Static Analysis**: Examine the malware without running it.
|
||||||
2. **Dynamic Analysis**: Observe the malware in action by running it in a controlled sandbox or virtual environment.
|
2. **Dynamic Analysis**: Observe the malware in action using sandboxes or virtual environments.
|
||||||
3. **Behavioral Analysis**: Identify the changes the malware makes, such as file creation, registry modification, or network connections.
|
3. **Behavioral Analysis**: Identify system changes, like file creations or network activity.
|
||||||
4. **Reverse Engineering**: Use tools like IDA Pro, Ghidra, or Radare2 to decompile and understand the malware's inner workings.
|
4. **Reverse Engineering**: Decompile and analyze the malware's internal logic.
|
||||||
|
|
||||||
#### **Recommended Tools**
|
### **Recommended Tools**
|
||||||
- **Sandboxing**: [Cuckoo Sandbox](https://cuckoosandbox.org), [Any.Run](https://any.run)
|
- **Sandboxing**: [Cuckoo Sandbox](https://cuckoosandbox.org), [Any.Run](https://any.run)
|
||||||
- **Reverse Engineering**: [IDA Pro](https://hex-rays.com/ida-pro/), [Ghidra](https://ghidra-sre.org/)
|
- **Reverse Engineering**: [IDA Pro](https://hex-rays.com/ida-pro/), [Ghidra](https://ghidra-sre.org/)
|
||||||
- **Network Analysis**: [Wireshark](https://www.wireshark.org/)
|
|
||||||
- **Static Analysis**: [PEStudio](https://www.winitor.com/), [Binwalk](https://github.com/ReFirmLabs/binwalk)
|
- **Static Analysis**: [PEStudio](https://www.winitor.com/), [Binwalk](https://github.com/ReFirmLabs/binwalk)
|
||||||
|
|
||||||
#### **Essential Resources**
|
### **Hands-On Activities**
|
||||||
0. [Awesome malware analysis](https://theredteam.tech/ch0ic3/awesome-malware-analysis) - git list like this one but only with malware resources
|
- Practical Malware Analysis Labs: [Download here](http://practicalmalwareanalysis.com/labs/)
|
||||||
1. [Malware Unicorn’s Training](https://malwareunicorn.org/#/workshops) - Excellent workshops and guides for malware analysis.
|
- Honeypots: Capture malware samples with tools like [Dionaea](https://github.com/DinoTools/dionaea).
|
||||||
2. [Practical Malware Analysis Labs](http://practicalmalwareanalysis.com/labs/) - Hands-on exercises to practice analysis.
|
|
||||||
3. [Remnux](https://remnux.org/) - A Linux distribution specifically tailored for malware analysis.
|
|
||||||
4. [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html) - A reverse engineering CTF designed for malware analysts.
|
|
||||||
|
|
||||||
#### **Further Reading**
|
### **Books**
|
||||||
- [Real Digital Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Real%20Digital%20Forensics.pdf) - Incident response and forensic techniques.
|
- [Practical malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Malware%20Analysis.pdf)
|
||||||
- [Mastering Malware Analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Mastering%20Malware%20Analysis.pdf) - A comprehensive guide to combating advanced threats.
|
- [learning malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Learning%20Malware%20Analysis%20Explore%20the%20concepts%2C%20tools%2C%20and%20techniques%20to%20analyze%20and%20investigate%20Windows%20malware%20%28Monnappa%20K%20A%29.pdf)
|
||||||
- [The Art of Memory Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20Art%20of%20Memory%20Forensics.pdf) - Detecting malware in memory.
|
- [Malware Analyst Cookbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Malware%20Analyst%27s%20Cookbook.pdf)
|
||||||
|
- [Antivirus hackers handbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Antivirus%20hackers%20handbook.pdf)
|
||||||
#### **Hands-On Activities**
|
|
||||||
- Set up a virtual lab using VMware or VirtualBox with tools like [FLARE VM](https://github.com/mandiant/flare-vm).
|
|
||||||
- Use honeypots like [Dionaea](https://github.com/DinoTools/dionaea) to capture malware samples.
|
|
||||||
- Practice capturing network traffic from malicious executables using Wireshark.
|
|
||||||
|
|
||||||
|
### **Additional Resources**
|
||||||
|
- [Malware Unicorn’s Training](https://malwareunicorn.org/#/workshops)
|
||||||
|
- [Remnux](https://remnux.org/)
|
||||||
|
- [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Bug Bounty
|
|
||||||
Bug bounty programs offer ethical hackers a chance to find and report vulnerabilities in return for rewards. It’s an excellent way to test your skills in real-world scenarios.
|
|
||||||
|
|
||||||
### **Resources**
|
|
||||||
- [Awesome Bug Bounty](https://theredteam.tech/ch0ic3/awesome-bug-bounty)
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
### **Social Engineering**
|
|
||||||
Social engineering exploits human psychology to gain unauthorized access or gather sensitive information. It remains one of the most effective attack vectors in cybersecurity.
|
|
||||||
|
|
||||||
#### **Types of Social Engineering Attacks**
|
|
||||||
1. **Phishing**: Sending fake emails to trick users into revealing sensitive information.
|
|
||||||
2. **Spear Phishing**: Highly targeted phishing aimed at specific individuals or organizations.
|
|
||||||
3. **Pretexting**: Creating a fabricated scenario to manipulate victims into divulging information.
|
|
||||||
4. **Baiting**: Using physical or digital bait, like infected USB drives, to trick users.
|
|
||||||
5. **Tailgating**: Gaining access to secure areas by following authorized personnel.
|
|
||||||
|
|
||||||
#### **Recommended Tools**
|
|
||||||
- **Phishing Simulations**: [Gophish](https://getgophish.com/) - Test your organization's resilience to phishing.
|
|
||||||
- **OSINT Gathering**: [Maltego](https://www.maltego.com/), [SpiderFoot](https://www.spiderfoot.net/)
|
|
||||||
- **Human Risk Assessment**: [Social-Engineer Toolkit (SET)](https://github.com/trustedsec/social-engineer-toolkit)
|
|
||||||
|
|
||||||
#### **Practical Tips to Avoid Social Engineering**
|
|
||||||
1. Train employees to recognize phishing attempts.
|
|
||||||
2. Verify the identity of individuals before sharing sensitive information.
|
|
||||||
3. Use multifactor authentication to secure accounts.
|
|
||||||
4. Monitor for unusual activity, such as unauthorized login attempts.
|
|
||||||
|
|
||||||
#### **Further Reading**
|
|
||||||
1. [Social Engineering: The Science of Human Hacking by Christopher Hadnagy MISSING]()
|
|
||||||
2. [Social Engineering Framework](https://www.social-engineer.org/framework/) - Comprehensive resource for understanding social engineering tactics.
|
|
||||||
3. [The Psychology of Information Security MISSING]() - Learn about human factors in cybersecurity.
|
|
||||||
|
|
||||||
#### **Hands-On Activities**
|
|
||||||
- Conduct phishing campaigns in a controlled environment using [Gophish](https://getgophish.com/).
|
|
||||||
- Practice OSINT techniques with tools like [Sherlock](https://github.com/sherlock-project/sherlock).
|
|
||||||
- Participate in social engineering CTFs to test your skills.
|
|
||||||
|
|
||||||
## Reverse Engineering
|
## Reverse Engineering
|
||||||
Reverse engineering involves analyzing software or hardware to understand its design and behavior. This skill is essential for malware analysis, vulnerability research, and exploit development.
|
Reverse engineering involves dissecting software to understand its design and functionality. Essential for malware analysis and exploit development.
|
||||||
|
|
||||||
### **Recommended Books**
|
### **Books**
|
||||||
1. [Practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Reverse%20Engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20Reversing%20Tools%2C%20and%20Obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%29.pdf)
|
- [Implementing Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Implementing%20Reverse%20Engineering%20The%20Real%20Practice%20of%20X86%20Internals%2C%20Code%20Calling%20Conventions%2C%20Ransomware%20Decryption%2C...%20%28Jitender%20Narula%29.pdf)
|
||||||
2. [The IDA Pro Book MISSING]()
|
- [practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20reverse%20engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20reversing%20tools%2C%20and%20obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%20etc.%29%20%28Z-Library%29.pdf)
|
||||||
|
- [Reverse Engineering for beginners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20for%20Beginners%28Understanding%20Assembly%20Language%29%20%28Dennis%20Yurichev%29%20%28Z-Library%29.pdf)
|
||||||
|
- [Reverse Engineering of object oriented code](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20of%20Object%20Oriented%20Code%20%28Paolo%20Tonella%2C%20Alessandra%20Potrich%29%20%28Z-Library%29.pdf)
|
||||||
|
- [The Ghidra Book](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/theghidrabook.pdf)
|
||||||
|
- [X86 Software Reverse-Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/x86%20Software%20Reverse-Engineering%2C%20Cracking%20-%20Stephanie%20Domas.pdf)
|
||||||
|
### **Recommended Tools**
|
||||||
|
- [IDA Free](https://hex-rays.com/ida-free/)
|
||||||
|
- [Ghidra](https://ghidra-sre.org/)
|
||||||
|
- [Radare2](https://rada.re/n/)
|
||||||
|
|
||||||
|
### **Hands-On Resources**
|
||||||
|
- [Reversing Hero](https://reversinghero.com)
|
||||||
|
- [Microcorruption](https://microcorruption.com)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Binary Exploitation
|
||||||
|
Binary exploitation focuses on finding and leveraging vulnerabilities at the binary level.
|
||||||
|
|
||||||
|
### **Recommended Topics**
|
||||||
|
- Buffer Overflows
|
||||||
|
- Return-Oriented Programming (ROP)
|
||||||
|
- Heap Exploitation
|
||||||
|
|
||||||
|
### **Hands-On Resources**
|
||||||
|
- [Pwnable.kr](http://pwnable.kr)
|
||||||
|
- [Pwnable.xyz](https://pwnable.xyz)
|
||||||
|
- [ROP Emporium](https://ropemporium.com)
|
||||||
|
- [Exploit Education](https://exploit.education/)
|
||||||
|
- [pwn.college](https://pwn.college)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Operating Systems
|
||||||
|
Operating systems are foundational for cybersecurity work, especially Linux.
|
||||||
|
|
||||||
|
### **Linux Distributions for Cybersecurity**
|
||||||
|
- **Kali Linux**: Penetration testing and red teaming.
|
||||||
|
- **Parrot OS**: Lightweight alternative to Kali.
|
||||||
|
- **Ubuntu**: User-friendly and versatile for general security work.
|
||||||
|
- **Arch Linux**: For those who want deep customization.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Programming Languages
|
||||||
|
Knowing programming languages is crucial for automating tasks and developing exploits.
|
||||||
|
|
||||||
|
### **Languages and Resources**
|
||||||
|
1. **Python**
|
||||||
|
- Site: [Python](https://www.python.org/)
|
||||||
|
- Book: [Automate the Boring Stuff](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Automate%20the%20Boring%20Stuff%20with%20Python.pdf)
|
||||||
|
- Libraries: `pwntools`, `scapy`, `requests`
|
||||||
|
- Book: [Black hat Python](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/black%20hat%20python.pdf)
|
||||||
|
- Book: [Python One-Liners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20One-Liners%20-%20Write%20Concise%2C%20Eloquent%20Python%20Like%20a%20Professional.pdf)
|
||||||
|
- Book: [Python crash course](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Crash%20Course%20A%20Hands-On%2C%20Project-Based%20Introduction%20to%20Programming%20%28Eric%20Matthes%29%20%28Z-Library%29.pdf)
|
||||||
|
- Book: [Python Tricks](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Tricks%20-%20A%20Buffet%20of%20Awesome%20Python%20Features%20%28Dan%20Bader%29%20%28Z-Library%29.pdf)
|
||||||
|
- Site: [W3schools](https://www.w3schools.com/python/) - please learn the basic concepts here if you're starting out!.
|
||||||
|
|
||||||
|
2. **C/C++**
|
||||||
|
- Book: [The C Programming Language (K&R)](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20C%20Programming%20Language%20%28Brian%20Kernighan%20and%20Dennis%20Ritchie%29%20%28Z-Library%29.pdf)
|
||||||
|
- site [w3schoolss](https://www.w3schools.com/c/index.php) - i recommend starting here
|
||||||
|
- Book: [Windows Security Internals](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Windows%20Security%20Internals%20%28James%20Forshaw%29.pdf)
|
||||||
|
- Book: [ComputerScienceOne](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/ComputerScienceOne.pdf)
|
||||||
|
|
||||||
|
3. **Rust**
|
||||||
|
- Site: [The Rust Programming Language Book](https://doc.rust-lang.org/book/)
|
||||||
|
- Site: [Reverse engineering rustlang](https://brightprogrammer.netlify.app/post/reverse-engineering-rustlang-binaries-0x1-empty-program/)
|
||||||
|
- Book: [Black Hat Rust](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Black%20Hat%20Rust%20Deep%20dive%20into%20offensive%20security%20with%20the%20Rust%20programming%20language%20%28Sylvain%20Kerkour%29.pdf)
|
||||||
|
|
||||||
|
4. **JavaScript**
|
||||||
|
I personally use JS for pretty much anything Web.
|
||||||
|
- Docs: [Node.js Docs](https://nodejs.org/docs/latest/api/)
|
||||||
|
- Book: [Javascript for hackers](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Gareth_Heyes_-_JavaScript_for_hackers_Learn_to_think_like_a_hacker_2022.pdf)
|
||||||
|
- Libary / package [Prisma Orm](https://www.prisma.io/)
|
||||||
|
- Libary / package [Express.js Minimalistic web framework](https://expressjs.com/)
|
||||||
|
|
||||||
|
5. **Golang**
|
||||||
|
- BOOK: [blackhat Go](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/blackhatgo.pdf)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user