Content

• Content
• Awesomeness
• Blogs
  • Web
  • Databases
  • Binary/Reverse
  • Android
  • Cryptography
  • Windows
  • Forensics
  • other
• Articles (remainings)
• Podcasts (audio)
• Newspapers, magazines
• Threat Intelligence (rss/podcasts/news)
• Forums
• Events, meetups, webinars
• Meetings, Conferences and Companies archives

Awesomeness

• Lots of good security specialists exist in twitter.
• There is some worth telegram channels and groups
• List of bug bounty writeups
• seclists.org - security mailing list archive
• (5+) security blogs - list of security blogs
• Top 15 Pentest Blogs And Websites for Pentesters To Follow in 2018
• (5+) the top 20 online security blogs to look out for in 2017
• top 50 InfoSec blogs you should be reading
• link base - enormous base of security forums and blogs
• The best 35 information security blogs to follow (2015)
• Hackerspace IRC Channels - enormous list of hacker-related irc channels

Blogs

Multidirectional blogs:

• Schneier Security - Bruce Schneier is an internationally renowned security technologist, called a “security guru”
• fuzzysecurity.com - blog about privilege escalation (Windows and Linux), RFID, …
• pequalsnp-team.github.io - some good cheatsheets (crypto 101, stegano 101, socket basics for ctf, compiling/patching SSLDump for decrypting TLS)
• NCC group - NCC Group makes some really interesting researches
• stealthbits

• ripstech.com
• pentest.blog
• pentestlab.blog
• lcamtuf.blogspot.ru (reverse (afl, expl, …), web-browser (the tangled web, …))
  lcamtuf site’s main web-page - Noteworthy security tools, Security-related writings, Robotics and CNC, People you may want to know (e.g. other security specialists (to be investigated - !!!)), non-security but interesting stuff
• foxglove security
• Welcome to hack world (rafaybaloch.com) (look for categories in web-site)
• ethicalhackx.com (look for categories in web-site)

• yeahhub.com tutorials
• highon.coffee
• Blog of Osanda (osandamalith)
• Aditya Agrawal (manifestsecurity)
• On Web-Security and -Insecurity (web-in-security)
• Application Security (idontplaydarts)
• Random ideas, shared notes (darizotas)
• onsec
• netsec.ws
• pentestmonkey
• defconrussia (video)
• Pentura Labs’s Blog
• 0xbadc0de’s blog
• malicious.link’s blog
• myexploit

• youtube channel of webpwnized - a lot of good videos
• youtube channel of Александр Дмитренко (russian) - good videos

• securiteam (vulnerabilities)
• secureideas

Web

• securityidiots.com
• xssvulnerabilities
• Script Kiddie`s notes
• Взрывной блог (bo0om.ru), vk.com
• Raz0r.name
• websec
• XSS Jigsaw (innerht.ml)
• blog.g0tmi1k.com
• ZoczuS Blog
• Into the symmetry
• The nvisium blog
• My “Public Evernote” (httpsonly)
• PortSwigger Web Security Blog
• The Spanner (javascript)
• MKSB (mksben.l0.cm) (XSS)
• danielmiessler
• qualys

Databases

• red-database-security (oracle db)

Binary/Reverse

• CNIT 127: Exploit Development (2018) - videos + lections, awesome (by Sam Bowne)

• Corelan Team (list of articles) Corelan Team (multidirectional reverse: windows, ios, linux, heap, …)

  Exploit writing tutorial:

  • Exploit writing tutorial. Part 1. Stack Based Overflows
  • Exploit writing tutorial. Part 2. Stack Based Overflows – jumping to shellcode
  • Exploit writing tutorial. Part 3. SEH Based Exploits
  • Exploit writing tutorial. Part 3b. SEH Based Exploits – just another example
  • Exploit writing tutorial. Part 4. From Exploit to Metasploit – The basics
  • Exploit writing tutorial. Part 5. How debugger modules & plugins can speed up basic exploit development
  • Exploit writing tutorial. Part 6. Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR
  • Exploit writing tutorial. Part 7. Unicode – from 0x00410041 to calc
  • Exploit writing tutorial. Part 8. Win32 Egg Hunting
  • Exploit writing tutorial. Part 9. Introduction to Win32 shellcoding
  • Exploit writing tutorial. Part 10. Chaining DEP with ROP – the Rubik’s[TM] Cube
  • Exploit writing tutorial. Part 11. Heap Spraying Demystified
• BinaryAdventure (youtube) (video) (binary/reverse/exploit)
• xairy/linux-kernel-exploitation (reverse) (kernel exploitation)
• The Exploit Laboratory - hands-on exploit development training
• sploitFUN (the other guy 1) (binary/reverse)
• sploitFUN (the other guy 2) (reverse)
• The Shadow-File (binary)
• Le journal d’un reverser (0x90909090) (reverse)
• phrack.org
• reverse2learn
• j00ru//vx tech blog (reverse, os internals)
• LiveOverflow (video) (reverse)

• impureworld

• Kees Cook - linux kernel security

• цикл статей по безопасности UEFI BIOS от @coderush (хабрахабр) (статьи апреля 2016 и ранее)

Android

• androidcracking

Cryptography

• A Few Thoughts on Cryptographic Engineering
• Bristol Cryptography Blog

Windows

• Active Directory Security
• oldnewthing - blog about windows overall
• www.ultimatewindowssecurity.com
• blog.stealthbits.com author: Jeff-Warren
• To shell and back. Adventures in pentesting - pentest, privilege escalation, …
• Decoder’s Blog - blog about hacking windows
• Windows CLI gems
• Hacking and security
• Exploit monday - security research and esoteric PowerShell knowledge
• Still passing the hash 15 years later
• enigma0x3
• ReWolf’s blog

Forensics

• 13Cubed (youtube) - advanced forensics

other

• ProjectZero (kernel, hardware)
• My aimful life (cr4.sh) (firmware)
• sweepatic (reconnaissance)
• Chaotic Security

Articles (remainings)

• The InvisibleThings - list of articles related to virtualization technologies
• Building an Effective Active Directory Lab Environment for Testing

Podcasts (audio)

• Noisebit
• Defensive security podcast
• down the security rabbit hole (not engineering podcast)
• digital forensics survival podcast
• Darknet Diaries

Newspapers, magazines

• seclist.us

• www.kitploit.com

Nearly all in russian language

• darkreading (english)
• exploit.in
• Хакер (paid)

• packetstormsecurity.com (english)

• jounalists:

  • theregister.co.uk

• old / устарело

  • Cryptoworld (old) (устарело)

Threat Intelligence (rss/podcasts/news)

Threat intelligence - evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.

Cyber Threat Intelligence

• IOC - Indication of Compromise

  • Exists several systems for storing and exchange IOCs

    • Open IOC db
    • STIX - Structured Threat Information Expression; TAXII - Trusted Automated Exchange of Intelligence Information
    • CAPEC - Common Attack Pattern Enumeration and Classification
    • IODEF - Incident Object Description Exchange Format
  • Yara - tool aimed at helping malware researchers to identify and classify malware samples
    defacto looks like standard for storing IOC, many other tools supports it
  • CIF (Collective Intelligence Framework) - a cyber threat intelligence management system which allows you to combine known malicious threat information from many sources and use that information for identification (incident response), detection (IDS) and mitigation (null route)
  • Sigma - Generic Signature Format for SIEM Systems (“Sigma is for log files what Snort is for network traffic and YARA is for files”)

• RSS feeds

  • SANS diary - vulnerability rss feed
    SANS stormcast podcast - daily 5-10 minute information security threat updates
    e-mail notification SANS diary (rss archive)
  • US-CERT rss feeds (alerts, bulletins, tips, …)
  • (RU) security lab (Positive Technologies) (news, vulnerabilities, viruses, …)
  • securelist feed (Kaspersky)
  • nist gov rss feeds
  • AlienVault rss feed
  • https://malwr.com/ - IOC resource - offline
  • zeus trackers: ip lists domain lists
  • www.iocbucket.com

  news, etc.:

  • collection of 10: 10 Great Cybersecurity News Sources

  • Packet Storm (news, vulnerabilities, etc.)
  • ThreatPost (podcasts/rss feeds) (news, vulnerabilities, malware, web, …)
    ThreatPost (RU)
  • cso security newsletter (e-mail)

  CVE:

  • cvedetails
  • nvd
  • mitre

  Paid:

  • Kaspersky threat data feeds

  hpfeeds / hpfriends / honeypot social network - the idea of creating social network, where friends will exchange with IOCs

Forums

• http://sla.ckers.org/ (web archive sla.ckers)

Nearly all in russian language

• 4pda.ru/forum (smartphones, android, ios, windows phone)
• forum list (bo0om.ru) - список различных форумов
• reverse4you / r0 Crew
• RDot
• antichat

Events, meetups, webinars

Nearly all in russian language

• OWASP russia
• DEFCON Russia (twitch)
• DEFCON Нижний Новгород (youtube DC 7831 channel)
• Лаборатория Касперского TimePad
• CIS - center of internet security

Meetings, Conferences and Companies archives

(RU) Делимся ссылками на презентации/заметки/посты в блогах и обсуждаем их

• DEFCON® Hacking Conference (DEFCON (youtube))
• PHDays (PositiveTechnologies (youtube))
• H2HC - hackers to hackers conference
• recon.cx - conference with a focus on reverse engineering and advanced exploitation techniques
• NorthSec 2016 Conference (youtube) (previous years exists too)
• ruxcon
• …, ZeroNights (2015), ZeroNights (2016), ZeroNights (2017)

• SecurityTrainings – Advanced Malware Analysis Training
• PentesterAcademy - lessons
• SANS Institute - webcasts
• PENTESTIT (youtube)

• contagio - video archives of security conferences and workshops (<2014)
• Cisco, microsoft certification records

shops

• hak5.org
• hackshop.com