Cyber Security Resources

Date: 2023-03-04

I am glad to find so many people in my college being interested in Cyber Security. I would like to assure you that you have come to the right place to start your journey in this field. Let's cut the introduction short and get to the point, I hope we'll get to know each other better as time progresses. This WhatsApp group is to help you learn and get better in your domain(s) of interest in Cyber Security.

So, what are these domains I am talking about?

Malware Analysis

Malware analysis is the process of understanding the behavior and purpose of a suspicious file or URL. The output of the analysis aids in the detection and mitigation of the potential threat.

Resources :

Practical Malware Analysis Book

https://www.youtube.com/watch?v=uHhKkLwT4Mk&list=PLBf0hzazHTGMSlOI2HZGc08ePwut6A2Io

https://www.youtube.com/c/JohnHammond010

https://www.youtube.com/c/MalwareAnalysisForHedgehogs

https://www.first.org/global/sigs/malware/resources/

https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Digital Forensics and Incident Response

Digital forensics and incident response (DFIR) is a specialized field focused on identifying, remediating, and investigating cyber security incidents. Digital forensics includes collecting, preserving, and analyzing forensic evidence to paint a full, detailed picture of events.

Resources :

https://dfirdiva.com/getting-into-dfir/

https://www.youtube.com/watch?v=-IUJnDs6rbE

https://www.youtube.com/c/SANSDigitalForensics/playlists

https://www.youtube.com/c/DFIRScience

https://itmasters.edu.au/free-short-course-information-security-incident-handling/

https://www.youtube.com/channel/UCjFuM88y9_awcgxsek85YyQ

Practice :

https://github.com/stuxnet999/MemLabs

https://www.netresec.com/?page=PcapFiles

https://www.malware-traffic-analysis.net/

Reverse Engineering

Reverse engineering covers a broad range of areas, including decompiling and disassembling of executable files and libraries, and analysis of system data. In the field of computer security, reverse engineering is used to study malware activity and create tools to neutralize it.

Resources :

The Reversing Secrets of a Reverse Engineer book is pretty good, especially the 3 indexes in the back of the book.

https://github.com/OpenToAllCTF/REsources

https://www.youtube.com/playlist?list=PL_tws4AXg7auglkFo6ZRoWGXnWL0FHAEi

https://www.youtube.com/watch?v=a2EkORFcSZo

https://www.youtube.com/watch?v=fnYp2DN_XZc

Practice :

https://crackmes.one/

Binary Exploitation

Binary exploitation is the process of subverting a compiled application such that it violates some trust boundary in a way that is advantageous to you, the attacker. In this module we are going to focus on memory corruption.

Resources :

https://www.hoppersroppers.org/roadmap/training/pwning.html

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g

https://ir0nstone.gitbook.io/notes/types/stack/introduction

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

https://corruptedprotocol.medium.com/

Practice :

https://ropemporium.com/

https://dojo.pwn.college/

Security Operations Center

A security operations center — commonly referred to as a SOC — is a team that continuously monitors and analyzes the security procedures of an organization. It also defends against security breaches and actively isolates and mitigates security risks

Resources :

https://www.youtube.com/channel/UCfcDMqKt72afteeXBk99cmg/playlists

https://www.youtube.com/c/AnandGuruSOCExperts/playlists

Practice :

https://letsdefend.io/

Web Application Pentesting

Web application penetration testing involves a methodological series of steps aimed at gathering information about the target system, finding vulnerabilities or faults in them, researching for exploits that will succeed against those faults or vulnerabilities and compromise the web application.

Resources :

Book : The Web Application Hacker's Handbook

https://www.youtube.com/watch?v=2_lswM1S264

https://owasp-academy.teachable.com/

Practice :

https://portswigger.net/web-security (Portswigger Labs) Damn Vulnerable Web Application

OWASP Juice Shop

OWASP Broken Web Apps

Cryptography

Cryptography is the study of secure communications techniques that allow only the sender and intended recipient of a message to view its contents. The term is derived from the Greek word kryptos, which means hidden.

Resources :

https://www.youtube.com/playlist?list=PL1H1sBF1VAKU05UWhDDwl38CV4CIk7RLJ

https://www.youtube.com/playlist?list=PL60F3F917709C7DD5

Important Algorithms :

  • AES
  • RSA
  • DES
  • Diffie Hellman
  • ECC

Practice :

https://cryptohack.org/

Other Domains in Cyber Security Include :

  • Network Security
  • Hardware Security
  • Threat Intelligence
  • Social Engineering
  • OSINT

BASICS

Python Basics : https://www.youtube.com/watch?v=8DvywoWv6fI

Linux - https://www.youtube.com/watch?v=VbEx7B_PTOE&list=PLIhvC56v63IJIujb5cyE13oLuyORZpdkL

Bash Scripting- https://www.youtube.com/watch?v=LTuuMtQR1uQ&list=PLBf0hzazHTGMJzHon4YXGscxUvsFpxrZT

https://overthewire.org/wargames/bandit/

Web : https://www.youtube.com/c/HackerSploit/search?query=webapp%20pentesting