added in resources and sections

This commit is contained in:
ch0ic3 2024-12-18 06:36:31 -08:00
parent 7040fb8e1a
commit 3f9b679533

172
README.md
View File

@ -14,6 +14,10 @@ Many resources are inspired by and built upon the foundation of [Awesome Cyber S
4. [Bug Bounty](#bug-bounty)
5. [Social Engineering](#social-engineering)
6. [Reverse Engineering](#reverse-engineering)
7. [Binary Exploitation](#binary-exploitation)
8. [Operating Systems](#operating-systems)
9. [Programming Languages](#programming-languages)
10. [Contributions](#contributions)
---
@ -53,86 +57,120 @@ With the rise of smartphones and IoT devices, Android security has become a crit
---
### **Malware Analysis**
Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether youre detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is an essential discipline for cybersecurity professionals.
## Malware Analysis
Malware analysis is a vital skill in the fight against cyber threats. It involves dissecting malicious software to understand its behavior, purpose, and impact. Whether detecting ransomware, analyzing advanced persistent threats (APTs), or studying botnets, malware analysis is essential.
#### **Steps in Malware Analysis**
1. **Static Analysis**: Examine the malware without running it. This includes inspecting file metadata, strings, and disassembling code.
2. **Dynamic Analysis**: Observe the malware in action by running it in a controlled sandbox or virtual environment.
3. **Behavioral Analysis**: Identify the changes the malware makes, such as file creation, registry modification, or network connections.
4. **Reverse Engineering**: Use tools like IDA Pro, Ghidra, or Radare2 to decompile and understand the malware's inner workings.
### **Steps in Malware Analysis**
1. **Static Analysis**: Examine the malware without running it.
2. **Dynamic Analysis**: Observe the malware in action using sandboxes or virtual environments.
3. **Behavioral Analysis**: Identify system changes, like file creations or network activity.
4. **Reverse Engineering**: Decompile and analyze the malware's internal logic.
#### **Recommended Tools**
### **Recommended Tools**
- **Sandboxing**: [Cuckoo Sandbox](https://cuckoosandbox.org), [Any.Run](https://any.run)
- **Reverse Engineering**: [IDA Pro](https://hex-rays.com/ida-pro/), [Ghidra](https://ghidra-sre.org/)
- **Network Analysis**: [Wireshark](https://www.wireshark.org/)
- **Static Analysis**: [PEStudio](https://www.winitor.com/), [Binwalk](https://github.com/ReFirmLabs/binwalk)
#### **Essential Resources**
0. [Awesome malware analysis](https://theredteam.tech/ch0ic3/awesome-malware-analysis) - git list like this one but only with malware resources
1. [Malware Unicorns Training](https://malwareunicorn.org/#/workshops) - Excellent workshops and guides for malware analysis.
2. [Practical Malware Analysis Labs](http://practicalmalwareanalysis.com/labs/) - Hands-on exercises to practice analysis.
3. [Remnux](https://remnux.org/) - A Linux distribution specifically tailored for malware analysis.
4. [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html) - A reverse engineering CTF designed for malware analysts.
### **Hands-On Activities**
- Practical Malware Analysis Labs: [Download here](http://practicalmalwareanalysis.com/labs/)
- Honeypots: Capture malware samples with tools like [Dionaea](https://github.com/DinoTools/dionaea).
#### **Further Reading**
- [Real Digital Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Real%20Digital%20Forensics.pdf) - Incident response and forensic techniques.
- [Mastering Malware Analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Mastering%20Malware%20Analysis.pdf) - A comprehensive guide to combating advanced threats.
- [The Art of Memory Forensics](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20Art%20of%20Memory%20Forensics.pdf) - Detecting malware in memory.
#### **Hands-On Activities**
- Set up a virtual lab using VMware or VirtualBox with tools like [FLARE VM](https://github.com/mandiant/flare-vm).
- Use honeypots like [Dionaea](https://github.com/DinoTools/dionaea) to capture malware samples.
- Practice capturing network traffic from malicious executables using Wireshark.
### **Books**
- [Practical malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Malware%20Analysis.pdf)
- [learning malware analysis](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Learning%20Malware%20Analysis%20Explore%20the%20concepts%2C%20tools%2C%20and%20techniques%20to%20analyze%20and%20investigate%20Windows%20malware%20%28Monnappa%20K%20A%29.pdf)
- [Malware Analyst Cookbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Malware%20Analyst%27s%20Cookbook.pdf)
- [Antivirus hackers handbook](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Antivirus%20hackers%20handbook.pdf)
### **Additional Resources**
- [Malware Unicorns Training](https://malwareunicorn.org/#/workshops)
- [Remnux](https://remnux.org/)
- [Flare-On](https://www.fireeye.com/services/freeware/flare-on.html)
---
## Bug Bounty
Bug bounty programs offer ethical hackers a chance to find and report vulnerabilities in return for rewards. Its an excellent way to test your skills in real-world scenarios.
### **Resources**
- [Awesome Bug Bounty](https://theredteam.tech/ch0ic3/awesome-bug-bounty)
---
### **Social Engineering**
Social engineering exploits human psychology to gain unauthorized access or gather sensitive information. It remains one of the most effective attack vectors in cybersecurity.
#### **Types of Social Engineering Attacks**
1. **Phishing**: Sending fake emails to trick users into revealing sensitive information.
2. **Spear Phishing**: Highly targeted phishing aimed at specific individuals or organizations.
3. **Pretexting**: Creating a fabricated scenario to manipulate victims into divulging information.
4. **Baiting**: Using physical or digital bait, like infected USB drives, to trick users.
5. **Tailgating**: Gaining access to secure areas by following authorized personnel.
#### **Recommended Tools**
- **Phishing Simulations**: [Gophish](https://getgophish.com/) - Test your organization's resilience to phishing.
- **OSINT Gathering**: [Maltego](https://www.maltego.com/), [SpiderFoot](https://www.spiderfoot.net/)
- **Human Risk Assessment**: [Social-Engineer Toolkit (SET)](https://github.com/trustedsec/social-engineer-toolkit)
#### **Practical Tips to Avoid Social Engineering**
1. Train employees to recognize phishing attempts.
2. Verify the identity of individuals before sharing sensitive information.
3. Use multifactor authentication to secure accounts.
4. Monitor for unusual activity, such as unauthorized login attempts.
#### **Further Reading**
1. [Social Engineering: The Science of Human Hacking by Christopher Hadnagy MISSING]()
2. [Social Engineering Framework](https://www.social-engineer.org/framework/) - Comprehensive resource for understanding social engineering tactics.
3. [The Psychology of Information Security MISSING]() - Learn about human factors in cybersecurity.
#### **Hands-On Activities**
- Conduct phishing campaigns in a controlled environment using [Gophish](https://getgophish.com/).
- Practice OSINT techniques with tools like [Sherlock](https://github.com/sherlock-project/sherlock).
- Participate in social engineering CTFs to test your skills.
## Reverse Engineering
Reverse engineering involves analyzing software or hardware to understand its design and behavior. This skill is essential for malware analysis, vulnerability research, and exploit development.
Reverse engineering involves dissecting software to understand its design and functionality. Essential for malware analysis and exploit development.
### **Recommended Books**
1. [Practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20Reverse%20Engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20Reversing%20Tools%2C%20and%20Obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%29.pdf)
2. [The IDA Pro Book MISSING]()
### **Books**
- [Implementing Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Implementing%20Reverse%20Engineering%20The%20Real%20Practice%20of%20X86%20Internals%2C%20Code%20Calling%20Conventions%2C%20Ransomware%20Decryption%2C...%20%28Jitender%20Narula%29.pdf)
- [practical Reverse Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Practical%20reverse%20engineering%20x86%2C%20x64%2C%20ARM%2C%20Windows%20Kernel%2C%20reversing%20tools%2C%20and%20obfuscation%20%28Bruce%20Dang%2C%20Alexandre%20Gazet%2C%20Elias%20Bachaalany%20etc.%29%20%28Z-Library%29.pdf)
- [Reverse Engineering for beginners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20for%20Beginners%28Understanding%20Assembly%20Language%29%20%28Dennis%20Yurichev%29%20%28Z-Library%29.pdf)
- [Reverse Engineering of object oriented code](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Reverse%20Engineering%20of%20Object%20Oriented%20Code%20%28Paolo%20Tonella%2C%20Alessandra%20Potrich%29%20%28Z-Library%29.pdf)
- [The Ghidra Book](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/theghidrabook.pdf)
- [X86 Software Reverse-Engineering](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/x86%20Software%20Reverse-Engineering%2C%20Cracking%20-%20Stephanie%20Domas.pdf)
### **Recommended Tools**
- [IDA Free](https://hex-rays.com/ida-free/)
- [Ghidra](https://ghidra-sre.org/)
- [Radare2](https://rada.re/n/)
### **Hands-On Resources**
- [Reversing Hero](https://reversinghero.com)
- [Microcorruption](https://microcorruption.com)
---
## Binary Exploitation
Binary exploitation focuses on finding and leveraging vulnerabilities at the binary level.
### **Recommended Topics**
- Buffer Overflows
- Return-Oriented Programming (ROP)
- Heap Exploitation
### **Hands-On Resources**
- [Pwnable.kr](http://pwnable.kr)
- [Pwnable.xyz](https://pwnable.xyz)
- [ROP Emporium](https://ropemporium.com)
- [Exploit Education](https://exploit.education/)
- [pwn.college](https://pwn.college)
---
## Operating Systems
Operating systems are foundational for cybersecurity work, especially Linux.
### **Linux Distributions for Cybersecurity**
- **Kali Linux**: Penetration testing and red teaming.
- **Parrot OS**: Lightweight alternative to Kali.
- **Ubuntu**: User-friendly and versatile for general security work.
- **Arch Linux**: For those who want deep customization.
---
## Programming Languages
Knowing programming languages is crucial for automating tasks and developing exploits.
### **Languages and Resources**
1. **Python**
- Site: [Python](https://www.python.org/)
- Book: [Automate the Boring Stuff](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Automate%20the%20Boring%20Stuff%20with%20Python.pdf)
- Libraries: `pwntools`, `scapy`, `requests`
- Book: [Black hat Python](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/black%20hat%20python.pdf)
- Book: [Python One-Liners](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20One-Liners%20-%20Write%20Concise%2C%20Eloquent%20Python%20Like%20a%20Professional.pdf)
- Book: [Python crash course](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Crash%20Course%20A%20Hands-On%2C%20Project-Based%20Introduction%20to%20Programming%20%28Eric%20Matthes%29%20%28Z-Library%29.pdf)
- Book: [Python Tricks](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Python%20Tricks%20-%20A%20Buffet%20of%20Awesome%20Python%20Features%20%28Dan%20Bader%29%20%28Z-Library%29.pdf)
- Site: [W3schools](https://www.w3schools.com/python/) - please learn the basic concepts here if you're starting out!.
2. **C/C++**
- Book: [The C Programming Language (K&R)](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/The%20C%20Programming%20Language%20%28Brian%20Kernighan%20and%20Dennis%20Ritchie%29%20%28Z-Library%29.pdf)
- site [w3schoolss](https://www.w3schools.com/c/index.php) - i recommend starting here
- Book: [Windows Security Internals](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Windows%20Security%20Internals%20%28James%20Forshaw%29.pdf)
- Book: [ComputerScienceOne](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/ComputerScienceOne.pdf)
3. **Rust**
- Site: [The Rust Programming Language Book](https://doc.rust-lang.org/book/)
- Site: [Reverse engineering rustlang](https://brightprogrammer.netlify.app/post/reverse-engineering-rustlang-binaries-0x1-empty-program/)
- Book: [Black Hat Rust](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Black%20Hat%20Rust%20Deep%20dive%20into%20offensive%20security%20with%20the%20Rust%20programming%20language%20%28Sylvain%20Kerkour%29.pdf)
4. **JavaScript**
I personally use JS for pretty much anything Web.
- Docs: [Node.js Docs](https://nodejs.org/docs/latest/api/)
- Book: [Javascript for hackers](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/Gareth_Heyes_-_JavaScript_for_hackers_Learn_to_think_like_a_hacker_2022.pdf)
- Libary / package [Prisma Orm](https://www.prisma.io/)
- Libary / package [Express.js Minimalistic web framework](https://expressjs.com/)
5. **Golang**
- BOOK: [blackhat Go](https://theredteam.tech/ch0ic3/My-Books/src/branch/main/blackhatgo.pdf)
---