Josh Brade

RESUME

Cybersecurity Link Collection

I’ve put together a collection of Cybersecurity web links that I’ve gathered over the years, featuring tools, resources, news, tutorials, and more. I’m always adding new links, so the list keeps growing. Some of the links are still unsorted, but I think you’ll find plenty of useful information here. Take a look and see if anything catches your eye!

Security

Cybersecurity Stash – A Curated Directory of Tools and Resources

AI

What Is Microsoft Security Copilot? A Comprehensive Guide

BlueTeam

Download – PingCastle
Interactive Online Malware Analysis Sandbox – ANY.RUN
D3FEND Matrix | MITRE D3FEND™
AURORA Agent – Nextron Systems
Sigma – SIEM Detection Format | The shareable detection format for security professionals.
(667) Learn Qualys Vulnerability Management (Home Lab) – YouTube
Building Blue Team Home Lab Part 10 – SIEM Part 1 | facyber
Welcome :: Velociraptor – Digging deeper!
ZAP
SpyGuard/SpyGuard: SpyGuard is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.
GitHub – cisagov/decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
GitHub – infosecn1nja/awesome-mitre-attack: A curated list of awesome resources related to Mitre ATT&CK™ Framework

–SOC

AbuseIPDB – IP address abuse reports – Making the Internet safer, one IP at a time
Cisco Talos Intelligence Group – Comprehensive Threat Intelligence
GitHub – splunk/botsv3: Splunk Boss of the SOC version 3 dataset.
SOCRadar LABS – Tests On Your Security Posture
LetsDefend – Blue Team Training Platform
horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
qeeqbox/honeypots: 30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)
GitHub – illusconsulting/CDM-Generator: Generate a matrix based on an inventory of InfoSec tools

Test for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS and DANE.
Netcraft | Cybercrime Disruption, Cybersecurity Solutions & PCI Security Services
Advanced Persistent Threat (APT) Groups & Threat Actors
GitHub – alivx/CIS-Ubuntu-20.04-Ansible: Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
CVE – CVE
GitHub – n00py/GetFGPP: Get Fine Grained Password Policy
mandiant/flare-fakenet-ng: FakeNet-NG – Next Generation Dynamic Network Analysis Tool
GitHub – 34N0/awesome-fedora-security: Awesome Fedora Security: A curated collection of projects, featuring hardening scripts, configurations, spins, labs, and environments designed to secure and fortify the Fedora distribution.
Security Onion Solutions
Active Directory Security Assessment | Purple Knight
GitHub – ansible-lockdown/Windows-2022-CIS: CIS Baseline Ansible Role for Windows 2022
PacketFence | Open Source NAC
Privacy is sexy 🍑🍆 – Enforce privacy & security on Windows, macOS and Linux
Safing Portmaster – Easy Privacy
GitHub – dradis/dradis-ce: Dradis Framework: Colllaboration and reporting for IT Security teams
Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns

CloudSec

flAWS
AWS Policy Generator
GitHub – gladstomych/AHHHZURE: AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.
Visual Subnet Calculator
Amazon Web Services In Plain English
CISA shares free tools to help secure data in the cloud
MetaDefender Cloud | Advanced threat prevention and detection
GitHub – aws-solutions/aws-waf-security-automations: This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
Administrator Portals | MSPortals.io – Microsoft Portals

CyberSecNews

Welcome to Feedly

CryptoSec-BlockChain

Ledger Nano X | Ledger

Certs to do

Practical Junior Penetration Tester (PJPT) Exam Attempt – TCM Security
TryHackMe | Cyber Defense Training
TryHackMe | SOC Level 1 Training
Windows Event Logs & Finding Evil Course | HTB Academy
Introduction to Active Directory Course | HTB Academy
Intro to Network Traffic Analysis Course | HTB Academy
Wireshark for Beginners: Capture Packets
Analyze Network Traffic with TCPDump
Microsoft Windows Defender and Firewall for Beginners
Mastering SQL Injection – The Ultimate Hands-On Course | Udemy
Google IT Automation with Python Professional Certificate | Coursera
Investigating Windows Endpoints
DUO Security Cert

DataDecoding

CyberChef

Educational

Open Source Cybersecurity Projects
What You Need to Know If You Are Thinking of Taking the SANS SEC504: Hacker Tools, Technique, and Incident Handling and the GIAC Certified Incident Handler Certification Exam – N00b_H@ck3r
The Ultimate List of SANS Cheat Sheets | SANS Institute
explainshell.com – match command-line arguments to their help text
How to Pass SANS Exams
SecurityZines
Cyber101 – Free Cybersecurity Awareness Training
QuantumSh3ll – Welcome!

Forensics

GitHub – cristianzsh/forensictools: Collection of forensic tools
GitHub – ufrisk/MemProcFS: MemProcFS
GitHub – frankwxu/digital-forensics-lab: Free hands-on digital forensics labs for students and faculty
Information RegCool
SRUM: Forensic Analysis of System Resource Utilization Monitor
The DFIR Report – Real Intrusions by Real Attackers, The Truth Behind the Intrusion

GRC

Home Page | CISA
security.txt: Proposed standard for defining security policies

IncidentResponse

FIRST – Improving Security Together
Chain of Custody Form
Blameless | Incident Management Workflow Solution
Investigation Theory

IDS/IPS

5 Open Source Intrusion Detection Tools That Are Too Good to Ignore

IP SCANNERS

Cisco Talos Intelligence Group – Comprehensive Threat Intelligence

Job Search

Jobs and talents in InfoSec / Cybersecurity | infosec-jobs.com

Malware Analysis

MalwareBazaar | Malware sample exchange
MalShare
SOC Prime Platform
ssdeep – Fuzzy hashing program
d4rksystem/VMwareCloak: A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
Interactive Online Malware Analysis Sandbox – ANY.RUN
REMnux: A Linux Toolkit for Malware Analysts
ghidra/GhidraDocs/GhidraClass at master · NationalSecurityAgency/ghidra
Cuckoo Sandbox – Automated Malware Analysis

News

GitHub – RoseSecurity/CloudPulse: A tool to curate compelling news on cloud technologies and cybersecurity. By aggregating information from RSS feeds and Reddit, it identifies the most noteworthy and impactful updates in the tech industry.
Hacker News | Latest Cyber Hacking News | Recent Internet Hacking News | Cyware
Dark Reading | Security | Protect The Business
Vx Underground
Explore – Infosec Exchange
BleepingComputer | Cybersecurity, Technology News and Support
Blog | hackers-arise

OSINT

GitHub – smicallef/spiderfoot: SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
OSINT Framework
DNSdumpster.com – dns recon and research, find and lookup dns records
crt.sh | Certificate Search
Shodan Search Engine
The Shadowserver Foundation
Find email addresses in seconds • Hunter (Email Hunter)
Phonebook.cz – Intelligence X
Have I Been Pwned: Check if your email has been compromised in a data breach
DeHashed — #FreeThePassword
Intelligence X
GitHub – clr2of8/GatherContacts: A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
IP Address Lookup | Geolocation
Torrent downloads and distributions for IP 152.44.3.240
Google Hacking – Free Google Dorks for Recon – Pentest-Tools.com
Leak – Lookup | Data Breach Search Engine
GitHub – insidetrust/statistically-likely-usernames: Wordlists for creating statistically likely username lists for use in password attacks and security testing
IntelTechniques Search Tool
AS13335 Cloudflare, Inc. details – IPinfo.io
IP Transit – Hurricane Electric Internet Services

Pentesting

–C2

The C2 Matrix

–Persistent reverse shell

GitHub – Null-byte-00/LOTL: Living Off The Land (LOTL) persistent Reverse shell

–PrivEsc

Privilege Escalation in Google Cloud Platform – Part 1 (IAM) – Rhino Security Labs

–Passwords

GitHub – ad0nis/ntlm_relay_gat

–Password Guessing

GitHub – lanjelot/patator: Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Ncrack Reference Guide (Man Page) | Table of Contents
How to use the Hydra password-cracking tool | TechTarget
Hashes and Password Cracking | Metasploit Documentation Penetration Testing Software, Pen Testing Security
Bruteforce Attacks | Metasploit Documentation

–Wifi

GitHub – AleksaMCode/WiFi-password-stealer: Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
WiFiChallenge Lab v2.0

–Unsorted

The-Art-of-Hacking/h4cker: This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
NetSecFocus Trophy Room – Google Drive
GitHub – Hacking-Notes/RedTeam: This repository contains notes and resources related to ethical hacking. Here, you'll find a wealth of information on various aspects of hacking, including information gathering, scanning and enumeration, web hacking, exploitation, and windows/linux hacking.
OSCP Tips – tjc.im
GitHub – RedSiege/EyeWitness: EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
GitHub – TheCyb3rAlpha/BobTheSmuggler: "Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).
GitHub – The-Z-Labs/linux-exploit-suggester: Linux privilege escalation auditing tool
PEASS-ng/linPEAS at master · carlospolop/PEASS-ng · GitHub
GitHub – ine-labs/AzureGoat: AzureGoat : A Damn Vulnerable Azure Infrastructure
GitHub – WebGoat/WebGoat: WebGoat is a deliberately insecure application
GitHub – redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.
GitHub – mitre/caldera: Automated Adversary Emulation Platform
Home – Stratus Red Team
GitHub – RhinoSecurityLabs/pacu: The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
GitHub – RhinoSecurityLabs/cloudgoat: CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
GitHub – NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure security
GitHub – hfiref0x/UACME: Defeating Windows User Account Control
GitHub – yuankong666/Ultimate-RAT-Collection: For educational purposes only, samples of old & new malware builders including screenshots!
GitHub – Warxim/deluder: Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡
GitHub – AykutSarac/jsoncrack.com: ✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.
GitHub – sysdream/ligolo: Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
GitHub – nicocha30/ligolo-ng: An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Online Python Obfuscator
Nmap Command Examples For Linux Users / Admins – nixCraft
penetration testing – freeCodeCamp.org
NullArray/AutoSploit: Automated Mass Exploiter
FFUF.me
Kubernetes LAN Party – by Wiz
Active Directory Security – Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…
Introduction – The Hacker Tools
gwen001 (Gwendal Le Coguic) · GitHub
OWASP Amass | OWASP Foundation
PSExec Pass the Hash – Metasploit Unleashed
jhaddix’s gists · GitHub
GitHub – Orange-Cyberdefense/GOAD: game of active directory
KC7 – A Cybersecurity Game
GitHub – projectdiscovery/subfinder: Fast passive subdomain enumeration tool.
GitHub – davidprowe/BadBlood: BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
commonexploits (Daniel Compton) · GitHub
GitHub – JacksonVD/PwnedPasswordsDLL-API: Open source solution to check prospective AD passwords against previously breached passwords
Tools | Exploits Revealed
Grayhatwarfare
SSL and SSL Certificates Explained For Beginners
What is ired.team notes? – Red Team Notes
Intigriti – Bug Bounty & Agile Pentesting Platform
Home – BloodHound Enterprise
GitHub – clong/DetectionLab: Automate the creation of a lab environment complete with security tooling and logging best practices
GitHub – illsk1lls/ZipRipper: A CMD script to crack password protected ZIP, RAR, 7z and PDF files, using JohnTheRipper
Pentest Reporting and Collaboration Platform – PlexTrac
Shellter | AV Evasion Artware

Policies

Information Security Policy Templates | SANS Institute

Programming

Regular Expressions (RegEx)

Regex Cheat Sheet
RegExr: Learn, Build, & Test RegEx
Regex Pattern – Useful Regular Expressions

Recon

Search People FREE, Address Lookup, & Reverse Phone
Have I Been Pwned: Check if your email has been compromised in a data breach
DNSdumpster.com – dns recon and research, find and lookup dns records
GitHub – freelabz/secator: Secator
GitHub – 21y4d/nmapAutomator: A script that you can run in the background!
GitHub – Tib3rius/AutoRecon: AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
GitHub – gwen001/github-subdomains: Find subdomains on GitHub.
URL and website scanner – urlscan.io
ViewDNS.info – Your one source for DNS related tools!
A down and dirty script for finding GitHub PATs in public repositories · GitHub
GitHub – yogeshojha/rengine: reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Steganography

Steganography – A list of useful tools and resources – 0xRick’s Blog

Training

Training – LetsDefend
Rust for n00bs – Zero-Point Security
SEC505 Securing Windows with PowerShell Training | SANS Institute
So you want to be an ethical hacker? 21 ways to get started – Safe and Savvy Blog by F-Secure
Dashboard | Web Security Academy – PortSwigger
(33) Cyber Security Training – YouTube
Best Websites To Learn Ethical Hacking
Hack Like a Pro: How to Spy on Anyone, Part 1 (Hacking Computers) « Null Byte :: WonderHowTo
OverTheWire: Wargames
API Penetration Testing
Voltaire
(722) Zero to Hero Pentesting: Episode 1 – Course Introduction, Notekeeping, Introductory Linux, and AMA – YouTube
Blue Team Labs Online – Cyber Range
Virtual Hacking Labs | Penetration Testing Training Labs & Courses

ThreatHunting

Threat Hunting — Suspicious Windows Service | by mthcht | Jan, 2024 | Detect FYI | Detect FYI
Linux Threat Hunting Persistence | 0xMatheuZ
delorean/gaynoise: high fidelity threat intelligence generator (heehee) – gaynoise – SuperNETs Git
GitHub – telekom-security/tpotce: 🍯 T-Pot – The All In One Honeypot Platform 🐝

Vulnerability Scanners

Nessus Vulnerability Scanner: Network Security Solution | Tenable®
Nikto2 | CIRT.net
OpenVAS – Open Vulnerability Assessment Scanner
CVE security vulnerability database. Security vulnerabilities, exploits, references and more
NVD – Home
Open source security tools driving cloud native innovation

WifiPenTesting

GitHub – wifiphisher/wifiphisher: The Rogue Access Point Framework

Networking

IPv4 Subnetting Practice

Email

Learn and Test DMARC