InfoSec_Reference

An Information Security Reference That Doesn't Suck

Goal:

• Be an awesome Information Security Reference
• List of techinques, tools and tactics to learn from/reference.
  • Rich resource of infosec knowledge for anyone to browse through as a jumping off point for various niches OR as a reference/recall method for stuff.
  • Something like a "Yellow Pages" in the sense of you know something exists, but what was it called....
    • 'If you give a man a fish, he is hungry again in an hour. If you teach him to catch a fish, you do him a good turn.'
• Always accepting more links/stuff. Feel free to make a pull request or a complaint through a pull request or filing a bug
• Why Do You Care?
  • Don't have to constantly google for tools/reminder.
  • Easily browsable list of tools, techniques, papers, and research in all sorts of areas.
  • Want to read some good info.
• Why Do I Care?
  • I do this as a resource to learn and help others, and offer it publicly as a way of giving back to the general community.
  • To be clear, these aren't personal notes. I keep this repo maintained as a way of having pointers to information that I feel might help build someone's skillset or increase their understanding of attacks/methods/defenses. This is not meant to condone illegal or malicious activities.
• This page
  • This page isn't terrible the best on mobile. Use https://rmusser.net/docst for better mobile formatting.
  • For latest content updates, check the git history.
  • Contributions are encouraged/appreciated.
  • If this resource has helped you in any way, please consider making a donation to Doctors Without Borders or Amnesty International.

Index - Table of Contents

• Pre-ATT&CK
• ATT&CK Stuff
• Anonymity/OpSec/Privacy
• 🔰 Basic Security Information 🔰
• BIOS/UEFI/Firmware Attacks/Defense
• 🔨Building a Testing Lab🔨
• 🚗 Car hacking 🚗
• 💸Career💸
• Cheat Sheets
• 📹Conferences/Recordings📹
• 🍱Containers🍱
• ⭐Courses & Training⭐
• 🎲Cryptography & Encryption🎲
• 🏁 CTFs & Wargames 🏁
• Darknets
• Data Anaylsis & Visualization
• 🌅 Defense 🌅
• 📰 Documentation & Reporting 📰
• Embedded Device Security
• Exfiltration
• 🌈 Exploit Development 🌈
• Forensics & Incident Response
• 🐛 Fuzzing & Bug Hunting 🐛
• 🎮 Game Hacking 🎮
• 🍯Honeypots🍯
• Interesting Things & Useful Information
• Logging, Monitoring, & Threat Hunting
• 💀Malware💀
• ⚠️Network Attacks & Defense⚠️
• 🚩Network Security Monitoring & Logging🚩
• 🔭Open Source Intelligence Gathering - OSINT🔭
• Passwords
• 🎣Phishing🎣
• 🚪Physical Security🚪
• Privilege Escalation and Post-Exploitation
• AppSec/Programming Stuff
• 🍋Rants & Writeups🍋
• 🏮 Red Teaming/Penetration Testing Stuff 🏮
• REMATH Reverse Engineering
• Reverse Engineering
• Rootkits
• 😃Social Engineering😃
• 🔩 System Internals (Linux/Windows) 🔩
• Threat Modeling
• 🔥UI/UX Design🔥
• 🌻 Web 🌻
• 📶 Wireless Networks and RF Devices 📶
• Notable Policy Docs
  • Insurance Data Security Model Law
  • NIST Cyber Security Framework
  • PCI-DSS V3.2.1