FREE CYBER RESOURCES

HACKERsPUNK

FREE CYBER RESOURCES


An awesome list of resources for training, conferences, speaking, labs, reading, etc that are **free** all the time that cybersecurity professionals with downtime can take advantage of to improve their skills and marketability to come out on the other side ready to rock.


‍ lets connect more: netslutter ( Telegram )

 TRAINING

Labs, seminars, videos. Its all training resources up in here.

BOOKS

Knoweldge can be gained from reading a book. Here are a few cyber books for you to chew on .

COLLEGE COURSES

Did you know some schools do free full courses. Check them out.

PODCASTS

Get your cybers in audio format. Great way to stay engaged while driving or doing anything.

YOUTUBE CHANNELS

There are so may cybersecurity people sharing their knowledge on YouTube. Check them all out.

NEWS

How do you stay current on relevant news? Try these resources.

PROFESSIONAL NETWORKING

Networking is so important to success in the field. Check out these options and opportunities.

REFERENCES / TOOLS / CHEAT SHEETS

Bookmark this part. SO MUCH resources in this section. Cheat sheets for everybody.

MILITARY VETERANS

Thank you for your service. Here is a boat-load of cyber resources accessible to former/active military. OO-RAH!

CYBER RESUME TEMPLATES

Multiple Cyber tailored resume templates. Free to use, compliments of SimplyCyber friend Joe Hudson.

TRAINING

  1. Nox Cyber Jay Jay Davey site full of curated cybersecurity training resources. https://noxcyber.co.uk/

  2. WebSecurity Academy Free online web security training from the creators of Burp Suite https://portswigger.net/web-security

  3. Mosse Cyber Security Institute Introduction to cybersecurity free certification with 100+ hours of training, no expiry/renewals, https://www.mosse-institute.com/certifications/mics-introduction-to-cyber-security.html

  4. BugCrowd University Free bug hunting resources and methodologies in form of webinars, education and training. https://www.bugcrowd.com/hackers/bugcrowd-university/

  5. Certified Network Security Specialist Certification and training; Expires Aug 31 2020 Use coupon code #StaySafeHome during checkout to claim your free access. Offer is valid till 31/08/2020.  £500.00 Value https://www.icsi.co.uk/courses/icsi-cnss-certified-network-security-specialist-covid-19

  6. Metasploit Unleashed Most complete and in-depth Metasploit guide available, with contributions from the authors of the No Starch Press Metasploit Book. https://www.offensive-security.com/metasploit-unleashed/

  7. AWS Cloud Certified Get skills in AWS to be more marketable. Training is quality and free. https://www.youtube.com/watch?v=3hLmDS179YE Have to create an AWS account, Exam is $100.

  8. SANS Faculty Free Tools List of OSS developed by SANS staff. https://www.sans.org/media/free/free-faculty-tools.pdf?msc=sans-free-lp

  9. "Using ATT&CK for Cyber Threat Intelligence Training" - 4 hour training The goal of this training is for students to understand the following:  at:  https://attack.mitre.org/resources/training/cti/

  10. Coursera -"Coursera Together: Free online learning during COVID-19" Lots of different types of free training. https://blog.coursera.org/coursera-together-free-online-learning-during-covid-19/

  11. Fortinet Security Appliance Training Free access to the FortiGate Essentials Training Course and Network Security Expert courses 1 and 2 https://www.fortinet.com/training/cybersecurity-professionals.html

  12. Chief Information Security Officer (CISO) Workshop Training - The Chief Information Security Office (CISO) workshop contains a collection of security learnings, principles, and recommendations for modernizing security in your organization. This training workshop is a combination of experiences from Microsoft security teams and learnings from customers. - https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop

  13. CLARK Center Plan C - Free cybersecurity curriculum that is primarily video-based or provide online assignments that can be easily integrated into a virtual learning environments https://clark.center/home

  14. Hack.me is a FREE, community based project powered by eLearnSecurity. The community can build, host and share vulnerable web application code for educational and research purposes. It aims to be the largest collection of "runnable" vulnerable web applications, code samples and CMS's online. The platform is available without any restriction to any party interested in Web Application Security. https://hack.me/

  15. Hacker101 - Free classes for web security - https://www.hacker101.com/

  16. ElasticStack - Free on-demand Elastic Stack, observability, and security courses. https://training.elastic.co/learn-from-home Hoppers Roppers - Community built around a series of free courses that provide training to beginners in the security field. https://www.hoppersroppers.org/training.html

  17. IBM Security Learning Academy Free technical training for IBM Security products. https://www.securitylearningacademy.com/

  18. M.E. Kabay Free industry courses and course materials for students, teachers and others are welcome to use for free courses and lectures. http://www.mekabay.com/courses/index.htm

  19. Open P-TECH Free digital learning on the tech skills of tomorrow. https://www.ptech.org/open-p-tech/

  20. Udemy - Online learning course platform "collection from the free courses in our learning marketplace" https://www.udemy.com/courses/free/

  21. Enroll Now Free: PCAP Programming Essentials in Python https://www.netacad.com/courses/programming/pcap-programming-essentials-python Python is the very versatile, object-oriented programming language used by startups and tech giants, Google, Facebook, Dropbox and IBM. Python is also recommended for aspiring young developers who are interested in pursuing careers in Security, Networking and Internet-of-Things. Once you complete this course, you are ready to take the PCAP – Certified Associate in Python programming. No prior knowledge of programming is required.

  22. Packt Web Development Course Web Development Get to grips with the fundamentals of the modern web Unlock one year of free online access. https://courses.packtpub.com/pages/free?fbclid=IwAR1FtKQcYK8ycCmBMXaBGvW_7SgPVDMKMaRVwXYcSbiwvMfp75gazxRZlzY

  23. Stanford University Webinar - Hacked! Security Lessons from Big Name Breaches 50 minute cyber lecture from Stanford.You Will Learn: -- The root cause of key breaches and how to prevent them; How to measure your organization’s external security posture; How the attacker lifecycle should influence the way you allocate resources

    1. https://www.youtube.com/watch?v=V9agUAz0DwI

  24. Stanford University Webinar - Hash, Hack, Code: Emerging Trends in Cyber Security Join Professor Dan Boneh as he shares new approaches to these emerging trends and dives deeper into how you can protect networks and prevent harmful viruses and threats. 50 minute cyber lecture from Stanford.

    1. https://www.youtube.com/watch?v=544rhbcDtc8

  25. Kill Chain: The Cyber War on America's Elections (Documentary) (Referenced at GRIMMCON), In advance of the 2020 Presidential Election, Kill Chain: The Cyber War on America’s Elections takes a deep dive into the weaknesses of today’s election technology, an issue that is little understood by the public or even lawmakers. https://www.hbo.com/documentaries/kill-chain-the-cyber-war-on-americas-elections

  26. Intro to Cybersecurity Course  (15 hours) Learn how to protect your personal data and privacy online and in social media, and why more and more IT jobs require cybersecurity awareness and understanding. Receive a certificate of completion. https://www.netacad.com/portal/web/self-enroll/c/course-1003729

  27. Cybersecurity Essentials (30 hours) Foundational knowledge and essential skills for all cybersecurity domains, including info security, systems sec, network sec, ethics and laws, and defense and mitigation techniques used in protecting businesses. https://www.netacad.com/portal/web/self-enroll/c/course-1003733

  28. Pluralsight and Microsoft Partnership to help you become an expert in Azure. With skill assessments and over 200+ courses, 40+ Skill IQs and 8 Role IQs, you can focus your time on understanding your strengths and skill gaps and learn Azure as quickly as possible.https://www.pluralsight.com/partners/microsoft/azure

  29. Blackhat Webcast Series Monthly webcast of varying cyber topics. I will post specific ones in the training section below sometimes, but this is worth bookmarking and checking back. They always have top tier speakers on relevant, current topics. https://www.blackhat.com/html/webcast/webcast-home.html

  30. Federal Virtual Training Environment - US Govt sponsored free courses. There are 6 available, no login required. They are 101 Coding for the Public,  101 Critical Infrastructure Protection for the Public, Cryptocurrency for Law Enforcement for the Public, Cyber Supply Chain Risk Management for the Public, 101 Reverse Engineering for the Public, Fundamentals of Cyber Risk Management. https://fedvte.usalearning.gov/public_fedvte.php

  31. Harrisburg University CyberSecurity Collection of 18 curated talks. Scroll down to CYBER SECURITY section. You will see there are 4 categories Resource Sharing, Tools & Techniques, Red Team (Offensive Security) and Blue Teaming (Defensive Security). Lot of content in here; something for everyone. https://professionaled.harrisburgu.edu/online-content/

  32. OnRamp 101-Level ICS Security Workshop Starts this 4/28.  10 videos, Q&A / discussion, bonus audio, great links. Get up to speed fast on ICS security. It runs for 5 weeks. 2 videos per week. Then we keep it open for another 3 weeks for 8 in total. https://onramp-3.s4xevents.com

  33. HackXOR WebApp CTF Hackxor is a realistic web application hacking game, designed to help players of all abilities develop their skills. All the missions are based on real vulnerabilities I've personally found while doing pentests, bug bounty hunting, and research. https://hackxor.net/

  34. Suricata Training 5-part training module using a simulation as a backdrop to teach how to use Suricata. https://rangeforce.com/resource/suricata-challenge-reg/

  35. flAWS System Through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS). Multiple levels, "Buckets" of fun. http://flaws.cloud/

  36. Stanford CS 253 Web Security A free course from Stanford providing a comprehensive overview of web security. The course begins with an introduction to the fundamentals of web security and proceeds to discuss the most common methods for web attacks and their countermeasures. The course includes video lectures, slides, and links to online reading assignments. https://web.stanford.edu/class/cs253

  37. Linux Journey A free, handy guide for learning Linux. Coverage begins with the fundamentals of command line navigation and basic text manipulation. It then extends to more advanced topics, such as file systems and networking. The site is well organized and includes many examples along with code snippets. Exercises and quizzes are provided as well. https://linuxjourney.com

  38. Ryan's Tutorials A collection of free, introductory tutorials on several technology topics including: Linux command line, Bash scripting, creating and styling webpages with HTML and CSS, counting and converting between different number systems, and writing regular expressions. https://ryanstutorials.net

  39. The Ultimate List of SANS Cheat Sheets Massive collection of free cybersecurity cheat sheets for quick reference (login with free SANS account required for some penetration testing resources). https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

  40. CYBER INTELLIGENCE ANALYTICS AND OPERATIONS Learn:The ins and outs of all stages of the intelligence cycle from collection to analysis from seasoned intel professionals. How to employ threat intelligence to conduct comprehensive defense strategies to mitigate potential compromise. How to use TI to respond to and minimize impact of cyber incidents. How to generate comprehensive and actionable reports to communicate gaps in defenses and intelligence findings to decision makers. https://www.shadowscape.io/cyber-intelligence-analytics-operat

  41. Linux Command Line for Beginners 25 hours of training - In this course, you’ll learn from one of Fullstack’s top instructors, Corey Greenwald, as he guides you through learning the basics of the command line through short, digestible video lectures. Then you’ll use Fullstack’s CyberLab platform to hone your new technical skills while working through a Capture the Flag game, a special kind of cybersecurity game designed to challenge participants to solve computer security problems by solving puzzles. Finally, through a list of carefully curated resources through a series of curated resources, we’ll introduce you to some important cybersecurity topics so that you can understand some of the common language, concepts and tools used in the industry. https://prep.fullstackacademy.com/

  42. Hacking 101 6 hours of free training - First, you'll take a tour of the world and watch videos of hackers in action across various platforms (including computers, smartphones, and the power grid). You may be shocked to learn what techniques the good guys are using to fight the bad guys (and which side is winning). Then you'll learn what it's like to work in this world, as we show you the different career paths open to you and the (significant) income you could make as a cybersecurity professional. https://cyber.fullstackacademy.com/prepare/hacking-101

  43. Choose Your Own Cyber Adventure Series: Entry Level Cyber Jobs Explained YouTube Playlist (videos from my channel #simplyCyber) This playlist is a collection of various roles within the information security field, mostly entry level, so folks can understand what different opportunities are out there. https://www.youtube.com/playlist?list=PL4Q-ttyNIRAqog96mt8C8lKWzTjW6f38F

  44.  NETINSTRUCT.COM Free Cybersecurity, IT and Leadership Courses - Includes OS and networking basics. Critical to any Cyber job. https://netinstruct.com/courses

  45. HackerSploit - HackerSploit is the leading provider of free and open-source Infosec and cybersecurity training. https://hackersploit.org/

  46. CyberStart America - "A new program designed to give high school students in the US free access to cybersecurity learning resources written and developed by industry professionals, which can also be used to train and qualify for a National Cyber Scholarship." Sponsored by the SANS Institue and the National Cyber Scholarship Foundation, the program is open to high school students who are at least 13 years old and enrolled in 9th, 10th, 11th or 12th grade at a public or private school (or the homeschool equivalent) in the US. https://www.cyberstartamerica.orgPENTESTING TRAINING LABS (curated from https://github.com/michelbernardods/labs-pentest)

  47. Academy Hackaflag (Spanish) https://academy.hackaflag.com.br/

  48. Try Hack Me https://tryhackme.com/

  49. Attack-Defense https://attackdefense.com/

  50. alert to win https://alf.nu/alert1

  51. CTF Komodo Security https://ctf.komodosec.com/

  52. CMD Challenge https://cmdchallenge.com

  53. Explotation Education https://exploit.education/

  54. Google CTF https://capturetheflag.withgoogle.com/

  55. HackTheBox https://www.hackthebox.eu

  56. Hackthis https://www.hackthis.co.uk

  57. Hacksplaining https://www.hacksplaining.com/exercises

  58. Hacker101 https://ctf.hacker101.com

  59. Hacker Security https://capturetheflag.com.br/

  60. Hacking-Lab https://www.hacking-lab.com/index.html

  61. ImmersiveLabs https://immersivelabs.com/

  62. Labs Wizard Security https://labs.wizard-security.net

  63. NewbieContest https://www.newbiecontest.org/

  64. OverTheWire http://overthewire.org

  65. Practical Pentest Labs https://practicalpentestlabs.com

  66. Pentestlab https://pentesterlab.com/

  67. Penetration Testing Practice Labs http://www.amanhardikar.com/mindmaps/Practice.html

  68. PentestIT LAB https://lab.pentestit.ru

  69. PicoCTF https://picoctf.com

  70. PWNABLE https://pwnable.kr/play.php

  71. Root-Me https://www.root-me.org/

  72. SANS Cyber Aces 

  73. Root in Jail http://ctf.rootinjail.com

  74. Shellter https://shellterlabs.com/pt/

  75. SANS Challenger https://www.holidayhackchallenge.com/

  76. SmashTheStack http://smashthestack.org/wargames.html

  77. Try Hack Me https://tryhackme.com/

  78. The Cryptopals Crypto Challenges https://cryptopals.com/

  79. Vulnhub https://www.vulnhub.com

  80. W3Challs https://w3challs.com/

  81. WHO4REYOU https://34.73.111.210

  82. WeChall http://www.wechall.net/

  83. Zenk-Security https://www.zenk-security.com/epreuves.php

 

BOOKS

  1. Building Secure & Reliable Systems
    Best Practices for Designing, Implementing and Maintaining Systems (O'Reilly)
    By Heather Adkins, Betsy Beyer, Paul Blankinship, Ana Oprea, Piotr Lewandowski, Adam Stubblefield
    https://landing.google.com/sre/books/

  2. Security Engineering By Ross Anderson - A guide to building dependable distributed systems. (and Ross Anderson is brilliant //OP editorial) https://www.cl.cam.ac.uk/~rja14/book.html

  3. The Cyber Skill Gap By Vagner Nunes - The Cyber Skill Gap: How To Become A Highly Paid And Sought After Information Security Specialist! (Use COUPON CODE: W4VSPTW8G7 to make it free) https://payhip.com/b/PdkW

  4. The Beginner’s Guide to Information Security By Limor Elbaz - Offers insight and resources to help readers embark on a career in one of the 21st century’s most important—and potentially lucrative—fields. https://www.amazon.com/Beginners-Guide-Information-Security-Kickstart-ebook/dp/B01JTDDSAM

  5. Texas A&M Security Courses The web-based courses are designed to ensure that the privacy, reliability, and integrity of the information systems that power the global economy remain intact and secure. The web-based courses are offered through three discipline-specific tracks: general, non-technical computer users; technical IT professionals; and business managers and professionals. https://teex.org/program/dhs-cybersecurity/

 

COLLEGE COURSES

  1. Computer Science courses with video lectures Intent of this list is to act as Online bookmarks/lookup table for freely available online video courses. Focus would be to keep the list concise so that it is easy to browse. It would be easier to skim through 15 page list, find the course and start learning than having to read 60 pages of text. If you are student or from non-CS background, please try few courses to decide for yourself as to which course suits your learning curve best. https://github.com/Developer-Y/cs-video-courses?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

  2. Cryptography I -offered by Stanford University - Rolling enrollment - Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key. https://www.coursera.org/learn/crypto

  3. Software Security Rolling enrollment -offered by University of Maryland, College Park via Coursera - This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. https://www.coursera.org/learn/software-security

  4. Intro to Information Security Georgia Institute of Technology via Udacity  - Rolling Enrollment.  This course provides a one-semester overview of information security. It is designed to help students with prior computer and programming knowledge — both undergraduate and graduate — understand this important priority in society today. Offered at Georgia Tech as CS 6035 https://www.udacity.com/course/intro-to-information-security--ud459

  5. Cyber-Physical Systems Security Georgia Institute of Technology via Udacity - This course provides an introduction to security issues relating to various cyber-physical systems including industrial control systems and those considered critical infrastructure systems. 16 week course - Offered at Georgia Tech as CS 8803 https://www.udacity.com/course/cyber-physical-systems-security--ud279

  6. Finding Your Cybersecurity Career Path - University of Washington via edX - 4 weeks long - self paced - In this course, you will focus on the pathways to cybersecurity career success. You will determine your own incoming skills, talent, and deep interests to apply toward a meaningful and informed exploration of 32 Digital Pathways of Cybersecurity.
    https://www.edx.org/course/finding-your-cybersecurity-career-path

  7. Building a Cybersecurity Toolkit - University of Washington via edX - 4 weeks self-paced The purpose of this course is to give learners insight into these type of characteristics and skills needed for cybersecurity jobs and to provide a realistic outlook on what they really need to add to their “toolkits” – a set of skills that is constantly evolving, not all technical, but fundamentally rooted in problem-solving. https://www.edx.org/course/building-a-cybersecurity-toolkit

  8. Cybersecurity: The CISO's View - University of Washington via edX  - 4 weeks long self-paced - This course delves into the role that the CISO plays in cybersecurity operations. Throughout the lessons, learners will explore answers to the following questions: How does cybersecurity work across industries? What is the professionals' point of view? How do we keep information secure https://www.edx.org/course/cybersecurity-the-cisos-view

  9. Introduction to Cybersecurity - University of Washington via edX  - In this course, you will gain an overview of the cybersecurity landscape as well as national (USA) and international perspectives on the field. We will cover the legal environment that impacts cybersecurity as well as predominant threat actors. - https://www.edx.org/course/introduction-to-cybersecurity

  10. Cyber Attack Countermeasures New York University (NYU) via Coursera - This course introduces the basics of cyber defense starting with foundational models such as Bell-LaPadula and information flow frameworks. These underlying policy enforcements mechanisms help introduce basic functional protections, starting with authentication methods. Learners will be introduced to a series of different authentication solutions and protocols, including RSA SecureID and Kerberos, in the context of a canonical schema.  - https://www.coursera.org/learn/cyber-attack-countermeasures

  11. Introduction to Cyber Attacks New York University (NYU) via Coursera - This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades. https://www.coursera.org/learn/intro-cyber-attacks

  12. Enterprise and Infrastructure Security New York University (NYU) via Coursera - This course introduces a series of advanced and current topics in cyber security, many of which are especially relevant in modern enterprise and infrastructure settings. The basics of enterprise compliance frameworks are provided with introduction to NIST and PCI. Hybrid cloud architectures are shown to provide an opportunity to fix many of the security weaknesses in modern perimeter local area networks. https://www.coursera.org/learn/enterprise-infrastructure-security

  13. Network Security  Georgia Institute of Technology via Udacity - This course provides an introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering a number of seminal papers and monographs in a wide range of security areas. -  https://www.udacity.com/course/network-security--ud199

  14. Real-Time Cyber Threat Detection and Mitigation - New York University (NYU) via Coursera This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets. https://www.coursera.org/learn/real-time-cyber-threat-detection

 

PODCASTS

  1. Risky Business Published weekly, the Risky Business podcast features news and in-depth commentary from security industry luminaries. Hosted by award-winning journalist Patrick Gray, Risky Business has become a must-listen digest for information security professionals. https://risky.biz/

  2. Pauls Security Weekly This show features interviews with folks in the security community; technical segments, which are just that, very technical; and security news, which is an open discussion forum for the hosts to express their opinions about the latest security headlines, breaches, new exploits and vulnerabilities, “not” politics, “cyber” policies and more. https://securityweekly.com/category-shows/paul-security-weekly/

  3. Security Now - Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. https://twit.tv/shows/security-now

  4. Daily Information Security Podcast ("StormCast”) Stormcasts are daily 5-10 minute information security threat updates. The podcast is produced each work day, and typically released late in the day to be ready for your morning commute. https://isc.sans.edu/podcast.html

  5. ShadowTalk Threat Intelligence Podcast by Digital Shadow_. The weekly podcast highlights key findings of primary-source research our Intelligence Team is conducting, along with guest speakers discussing the latest threat actors, campaigns, security events and industry news. https://resources.digitalshadows.com/threat-intelligence-podcast-shadowtalk

  6. Don't Panic - The Unit 42 Podcast Don't Panic! is the official podcast from Unit 42 at Palo Alto Networks. We find the big issues that are frustrating cyber security practitioners and help simplify them so they don't need to panic. https://unit42.libsyn.com/

  7. Recorded Future Recorded Future takes you inside the world of cyber threat intelligence. We’re sharing stories from the trenches and the operations floor as well as giving you the skinny on established and emerging adversaries. We also talk current events, technical tradecraft, and offer up insights on the big picture issues in our industry. https://www.recordedfuture.com/resources/podcast/

  8. The Cybrary Podcast Listen in to the Cybrary Podcast where we discuss a range topics from DevSecOps and Ransomware attacks to diversity and how to retain of talent. Entrepreneurs at all stages of their startup companies join us to share their stories and experience, including how to get funding, hiring the best talent, driving sales, and choosing where to base your business.
    https://www.cybrary.it/info/cybrary-podcast/

  9. Cyber Life The Cyber Life podcast is for cyber security (InfoSec) professionals, people trying to break into the industry, or business owners looking to learn how to secure their data. We will talk about many things, like how to get jobs, cover breakdowns of hot topics, and have special guest interviews with the men and women "in the trenches" of the industry. https://redcircle.com/shows/cyber-life

  10. Career Notes Cybersecurity professionals share their personal career journeys and offer tips and advice in this brief, weekly podcast from The CyberWire. https://www.thecyberwire.com/podcasts/career-notes_Below podcasts Added from here: https://infosec-conferences.com/cybersecurity-podcasts/_

  11. Down the Security Rabbithole http://podcast.wh1t3rabbit.net/ Down the Security Rabbithole is hosted by Rafal Los and James Jardine who discuss, by means of interviewing or news analysis, everything about Cybersecurity which includes Cybercrime, Cyber Law, Cyber Risk, Enterprise Risk & Security and many more. If you want to hear issues that are relevant to your organization, subscribe and tune-in to this podcast.

  12. The Privacy, Security, & OSINT Show https://podcasts.apple.com/us/podcast/the-privacy-security-osint-show/id1165843330 The Privacy, Security, & OSINT Show, hosted by Michael Bazzell, is your weekly dose of digital security, privacy, and Open Source Intelligence (OSINT) opinion and news. This podcast will help listeners learn some ideas on how to stay secure from cyber-attacks and help them become “digitally invisible”.

  13. Defensive Security Podcast https://defensivesecurity.org/ Hosted by Andrew Kalat (@lerg) and Jerry Bell (@maliciouslink), the Defensive Security Podcasts aims to look/discuss the latest security news happening around the world and pick out the lessons that can be applied to keeping organizations secured. As of today, they have more than 200 episodes and some of the topics discussed include Forensics, Penetration Testing, Incident Response, Malware Analysis, Vulnerabilities and many more.

  14. Darknet Diaries https://darknetdiaries.com/episode/ Darknet Diaries Podcast is hosted and produced by Jack Rhysider that discuss topics related to information security. It also features some true stories from hackers who attacked or have been attacked. If you’re a fan of the show, you might consider buying some of their souvenirs here (https://shop.darknetdiaries.com/).

  15. Brakeing Down Security https://www.brakeingsecurity.com/ Brakeing Down Security started in 2014 and is hosted by Bryan Brake, Brian Boettcher, and Amanda Berlin. This podcast discusses everything about the Cybersecurity world, Compliance, Privacy, and Regulatory issues that arise in today’s organizations. The hosts will teach concepts that Information Security Professionals need to know and discuss topics that will refresh the memories of seasoned veterans.

  16. Open Source Security Podcast https://www.opensourcesecuritypodcast.com/ Open Source Security Podcast is a podcast that discusses security with an open-source slant. The show started in 2016 and is hosted by Josh Bressers and Kurt Siefried. As of this writing, they now posted around 190+ podcasts

  17. Cyber Motherboard https://podcasts.apple.com/us/podcast/cyber/id1441708044 Ben Makuch is the host of the podcast CYBER and weekly talks to Motherboard reporters Lorenzo Franceschi-Bicchierai and Joseph Cox. They tackle topics about famous hackers and researchers about the biggest news in cybersecurity. The Cyber- stuff gets complicated really fast, but Motherboard spends its time fixed in the infosec world so we don’t have to.

  18. Hak5 https://shop.hak5.org/pages/videos Hak5 is a brand that is created by a group of security professionals, hardcore gamers and “IT ninjas”. Their podcast, which is mostly uploaded on YouTube discusses everything from open-source software to penetration testing and network infrastructure. Their channel currently has 590,000 subscribers and is one of the most viewed shows when you want to learn something about security networks.

  19. Threatpost Podcast Series https://threatpost.com/category/podcasts/ Threatpost is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide. With an award-winning editorial team produces unique and high-impact content including security news, videos, feature reports and more, with their global editorial activities are driven by industry-leading journalist Tom Spring, editor-in-chief.

  20. CISO-Security Vendor Relationship Podcast https://cisoseries.com Co-hosted by the creator of the CISO/Security Vendor Relationship Series, David Spark, and Mike Johnson, in 30 minutes, this weekly program challenges the co-hosts, guests, and listeners to critique, share true stories. This podcast, The CISO/Security Vendor Relationship, targets to enlighten and educate listeners on improving security buyer and seller relationships.

  21. Getting Into Infosec Podcast Stories of how Infosec and Cybersecurity pros got jobs in the field so you can be inspired, motivated, and educated on your journey. - https://gettingintoinfosec.com/

  22. Unsupervised Learning Weekly podcasts and biweekly newsletters as a curated summary intersection of security, technology, and humans, or a standalone idea to provoke thought, by Daniel Miessler. https://danielmiessler.com/podcast/

  23. CISO Series - Daily Security Headlines - 7 minutes daily show that has the cyber news today. (This is what I personally listen to daily). https://cisoseries.com/category/podcast/cyber-security-headlines/

  24. Monica Talks Cyber - Monica Verma CISO podcast series interviewing industry experts on various cyber topics. https://monicatalkscyber.com/podcasts

 

CYBERSECURITY YOUTUBES

_This list was originally forked/curated from here: https://wportal.xyz/collection/cybersec-yt1 on (7/29/2020) Attribution and appreciation to d4rckh_

  1. SimplyCyber Weekly vids, Simply Cyber brings Information security related content to help IT or Information Security professionals take their career further, faster. Current cyber security industry topics and techniques are explored to promote a career in the field. Topics cover offense, defense, governance, risk, compliance, privacy, education, certification, conferences; all with the intent of professional development. https://www.youtube.com/c/GeraldAuger

  2. IPPSec https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

  3. Tradecraft Security Weekly - Want to learn about all of the latest security tools and techniques?
    https://wiki.securityweekly.com/Tradecraft_Security_Weekly

  4. Derek Rook - CTF/Boot2root/wargames Walkthrough - lots of lengthy screenshot instructional vids https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA Adrian Crenshaw - lots of lengthy con-style talks https://www.youtube.com/user/irongeek

  5. LionSec - lots of brief screenshot instructional vids, no dialog https://www.youtube.com/channel/UCCQLBOt_hbGE-b9I696VRow

  6. Zer0Mem0ry - lots of brief c++ security videos, programming intensive
    https://www.youtube.com/channel/UCDk155eaoariJF2Dn2j5WKA

  7. webpwnized - lots of brief screenshot vids, some CTF walkthroughs https://www.youtube.com/channel/UCPeJcqbi8v46Adk59plaaXg

  8. Waleed Jutt - lots of brief screenshot vids covering web security and game programming https://www.youtube.com/channel/UCeN7cOELsyMHrzfMsJUgv3Q

  9. Troy Hunt - lone youtuber, medium length news videos, 16K followers, regular content https://www.youtube.com/channel/UCD6MWz4A61JaeGrvyoYl-rQ

  10. Tradecraft Security Weekly - Want to learn about all of the latest security tools and techniques?https://wiki.securityweekly.com/Tradecraft_Security_Weekly

  11. SSTec Tutorials - lots of brief screenshot vids, regular updates https://www.youtube.com/channel/UCHvUTfxL_9bNQgqzekPWHtg

  12. Shozab Haxor - lots of screenshot style instructional vids, regular updates, windows CLI tutorial https://www.youtube.com/channel/UCBwub2kRoercWQJ2mw82h3A

  13. Seytonic - variety of DIY hacking tutorials, hardware hacks, regular updates https://www.youtube.com/channel/UCW6xlqxSY3gGur4PkGPEUeA

  14. Security Weekly - regular updates, lengthy podcast-style interviews with industry pros https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg

  15. SecureNinjaTV - brief news bites, irregular posting, 18K followers https://www.youtube.com/channel/UCNxfV4yR0nIlhFmfwcdf3BQ

  16. Samy Kamkar’s Applied hacking https://www.youtube.com/user/s4myk

  17. rwbnetsec - lots of medium length instructional videos covering tools from Kali 2.0, no recent posts. https://www.youtube.com/channel/UCAJ8Clc3188ek9T_5XTVzZQ

  18. Penetration Testing in Linux https://www.youtube.com/channel/UC286ntgASMskhPIJQebJVvA

  19. Pentester Academy TV - lots of brief videos, very regular posting, up to +8 a week https://www.youtube.com/channel/UChjC1q6Ami7W0E71TzPZELA

  20. Open SecurityTraining - lots of lengthy lecture-style vids, no recent posts, but quality info. https://www.youtube.com/channel/UCthV50MozQIfawL9a_g5rdg

  21. NetSecNow - channel of pentesteruniversity.org, seems to post once a month, screenshot instructional vids
    https://www.youtube.com/channel/UC6J_GnSAi7F2hY4RmnMcWJw

  22. Metasploitation - lots of screenshot vids, little to no dialogue, all about using Metasploit, no recent vids. https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZrg

  23. LiveOverflow - Lots of brief-to-medium instructional vids, covering things like buffer overflows and exploit writing, regular posts. https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

  24. LionSec - lots of brief screenshot instructional vids, no dialog https://www.youtube.com/channel/UCCQLBOt_hbGE-b9I696VRow
    Latest Hacking News 10K followers, medium length screenshot videos, no recent releases https://www.youtube.com/user/thefieldhouse/feed

  25. John Hammond - Solves CTF problems. contains penTesting tips and tricks https://www.youtube.com/user/RootOfTheNull

  26. JackkTutorials - lots of medium length instructional vids with some AskMe vids from the youtuber https://www.youtube.com/channel/UC64x_rKHxY113KMWmprLBPA

  27. iExplo1t - lots of screenshot vids aimed at novices, 5.7K Followers, no recent posts https://www.youtube.com/channel/UCx0HClQ_cv0sLNOVhoO2nxg/videos

  28. HACKING TUTORIALS - handful of brief screenshot vids, no recent posts. https://www.youtube.com/channel/UCbsn2kQwNxcIzHwbdDjzehA

  29. HackerSploit - regular posts, medium length screenshot vids, with dialog https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q

  30. GynvaelEN - Security streams from Google Researcher. Mainly about CTFs, computer security, programing and similar things. https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg

  31. Geeks Fort - KIF - lots of brief screenshot vids, no recent posts  https://www.youtube.com/channel/UC09NdTL2hkThGLSab8chJMw

  32.  Error 404 Cyber News - short screen-shot videos with loud metal, no dialog, bi-weekly https://www.youtube.com/channel/UC4HcNHFKshqj-aeyi6imW7Q

  33. Don Does 30 - amateur pen-tester posting lots of brief screenshot vids regularly, 9K Followers https://www.youtube.com/channel/UCarxjDjSYsIf50Jm73V1D7g

  34. Derek Rook - CTF/Boot2root/wargames Walkthrough - lots of lengthy screenshot instructional vids, https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA

  35. DemmSec - lots of pen testing vids, somewhat irregular uploads, 44K followers https://www.youtube.com/channel/UCJItQmwUrcW4VdUqWaRUNIg

  36. DEFCON Conference - lots of lengthy con-style vids from the iconical DEFCON https://www.youtube.com/channel/UC6Om9kAkl32dWlDSNlDS9Iw

  37. DedSec - lots of brief screenshot how-to vids based in Kali, no recent posts. https://www.youtube.com/channel/UCx34ZZW2KgezfUPPeL6m8Dw

  38. danooct1 - lots of brief screenshot, how-to vids regarding malware, regular content updates, 186K followers https://www.youtube.com/channel/UCqbkm47qBxDj-P3lI9voIAw

  39. BalCCon - Balkan Computer Congress - Long con-style talks from the Balkan Computer Congress, doesn’t update regularlyhttps://www.youtube.com/channel/UCoHypmu8rxlB5Axh5JxFZsA

  40. Corey Nachreiner - security newsbites, 2.7K subscribers, 2-3 videos a week, no set schedule https://www.youtube.com/channel/UC7dUL0FbVPGqzdb2HtWw3Xg

  41. Adrian Crenshaw - lots of lengthy con-style talks https://www.youtube.com/user/irongeek

  42. 0x41414141 - Channel with couple challenges, well explained https://www.youtube.com/channel/UCPqes566OZ3G_fjxL6BngRQ

  43. HackADay - Hackaday serves up Fresh Hacks Every Day from around the Internet. https://hackaday.com/

  44. TheCyberMentor - Heath Adams uploads regular videos related to various facets of cyber security, from bug bounty hunts to specific pentest methodologies like API, buffer overflows, networking. https://www.youtube.com/c/TheCyberMentor/

  45. Grant Collins - Grant uploads videos regarding breaking into cybersecurity, various cybersecurity projects, building up a home lab amongst many others. Also has a companion discord channel and a resource website. https://www.youtube.com/channel/UCTLUi3oc1-a7dS-2-YgEKmA/featured

  46. Security School "We go over how to stay anonymous online / ways to stay anonymous while hacking and browsing the web" https://www.youtube.com/securityschool

  47. Cybersecurity Meg - Meg discusses career tips, her experiences working as a female in Cybersecurity, trying to empower everyone to explore STEM fields, how she attained my certifications, getting started in Cyber... and dogs too https://www.youtube.com/c/CybersecurityMeg/

 

NEWS

  1. Krebs On Security In depth security news and investigation https://krebsonsecurity.com/

  2. Dark Reading Cyber security's comprehensive news site is now an online community for security professionals. https://www.darkreading.com/

  3. The Hacker News - The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts. https://thehackernews.com

  4. SecuriTeam - A free and independent source of vulnerability information. https://securiteam.com/

  5. SANS NewsBites - "A semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible." Published for free on Tuesdays and Fridays. https://www.sans.org/newsletters/newsbites

 

PROFESSIONAL NETWORKING

Professional Networking Discord and Slack (Networking and Communication Opportunities)
_I'm (Gerald Auger) personally a member of the following Discord/Slack groups and have validated their quality and integrity. Message me if you want in those channels Discord: Gerald.Auger | Slack Gerald_Auger_

  1. Unofficial RangeForce (And HOME TO SIMPLYCYBER!) https://discord.gg/C8mtwCPuXq

  2. Metasploit Official Public Slack https://metasploit.com/slack

  3. BlackHills Information Security Discord https://discord.gg/FWykjNy

  4. The Cyber Mentor Discord https://discord.com/invite/REfpPJB

  5. DERPCON Discord - https://discord.gg/invite/859Zvrm

  6. InfoSecJobs Discord https://invite.infosecjobs.xyz/

  7. GRIMM Con - Public Discord https://discord.gg/bDdgyaV_The follow channels I'm not a member of and cuarted but have not validated their quality and integrity personally. If you are a member and can message me about these groups I will move them into a validated category_

  8. OWASP (Slack) The Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.  https://owasp.slack.com/

  9. DFIR Community Security folks interested in Digital Forensics & Incident Response. https://rishi28.typeform.com/to/sTbTI8

  10. Binary Ninja Slack This is a channel dedicated to reverse engineering. Reverse engineering also called back engineering is the processes of extracting knowledge or design information from anything man-made and reproducing it or reproducing anything based on the extracted information the process often involves disassembling something a mechanical device electronic component computer program or biological chemical or organic matter and analysing its components and workings in detail. https://slackin-sbhuzyheck.now.sh/

  11. Security HQ Slack SecurityHQ is a channel most welcoming for all the security professionals and every newbie who wanted to build a career on Information Security or Cyber Security is most welcome to this channel. https://securityhq.herokuapp.com/

  12. CentralSec Slack This is a community of people who are into everything in information security. https://launchpass.com/centralsec

  13. Penetration Testers Slack This is a group of ethical hackers and you’re most welcome to this channel if you wanted to start pentesting and find the vulnerabilities and exploits on any website or app and get more help from the fellow members of the channel. https://pentestpractice.slack.com/

    (Virtual) Meetups

  14. Cybersecurity Mentoring Hub Global session conducted over webex with a discussion/presentation on cybersecurity topic from within the community. Regular shoutouts on LinkedIn. https://cybersecmentorship.org/

  15. MeetCyber Regular sessions conducted over crowdcast, can be a training or a workshop, excellent networking and learning opportunities. https://meetcyber.net/

 

REFERENCES / TOOLS /CHEATSHEETS

References/Tools/Cheat SheetsMalware Analysis

  1. Cybersecurity Heatmap for cyber jobs in the US: https://www.cyberseek.org/heatmap.html

  2. VirusTotal - Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community https://www.virustotal.com/gui/

  3. Any.Run Malware hunting with live access to the heart of an incident https://any.run/

    CHEAT SHEETS

  4. Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
    https://github.com/Ignitetechnologies/Privilege-Escalation

  5. Malware analysis tools and resources. https://github.com/rshipp/awesome-malware-analysis

  6. Analyzing Malicious Documents Cheat Sheet
    https://zeltser.com/analyzing-malicious-documents/

  7. ReverseEngineering Cheat Sheet
    https://www.cybrary.it/wp-content/uploads/2017/11/cheat-sheet-reverse-v6.pn

  8. Nmap Cheat Sheet and Pro Tips
    https://hackertarget.com/nmap-cheatsheet-a-quick-reference-guide/

  9. PENTESTING LocalFileInclude Cheat Sheet
    https://highon.coffee/blog/lfi-cheat-sheet/

  10. Penetration Testing Tools Cheat Sheet
    https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

  11. Reverse Shell Cheat Sheet
    https://highon.coffee/blog/reverse-shell-cheat-sheet/nbtscan

  12. Cheat Sheet
    https://highon.coffee/blog/nbtscan-cheat-sheet/

  13. Linux Commands Cheat Sheet
    https://highon.coffee/blog/linux-commands-cheat-sheet/

  14. Kali Linux Cheat Sheet
    https://i.redd.it/9bu827i9tr751.jpg

  15. Hacking Tools Cheat Sheet (Diff tools)
    https://compass-security.com/fileadmin/Research/White_Papers/2019-01_hacking-tools-cheat-sheet.pdf

  16. Google Search Operators: The Complete List (42 Advanced Operators)
    https://ahrefs.com/blog/google-advanced-search-operators/

  17. (Multiple) (Good) Cheat Sheets - Imgur
    https://imgur.com/gallery/U5jqgik

  18. Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
    https://github.com/S1ckB0y1337/

  19. Active-Directory-Exploitation-Cheat-Sheet Shodan Query Filters
    https://github.com/JavierOlmedo/shodan-filters

  20. Getting Real with XSS - A reference on the new techniques to XSS
    https://labs.f-secure.com/blog/getting-real-with-xss/

  21. SANS Massive List of Cheat Sheets Curated from here: https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/

  22. Windows and Linux Terminals & Command Lines https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/bltea7de5267932e94b/5eb08aafcf88d36e47cf0644/Cheatsheet_SEC301-401_R7.pdf

  23. TCP/IP and tcpdump
    https://www.sans.org/security-resources/tcpip.pdf?msc=Cheat+Sheet+Blog

  24. IPv6 Pocket Guide
    https://www.sans.org/security-resources/ipv6_tcpip_pocketguide.pdf?msc=Cheat+Sheet+Blog

  25. Powershell Cheat Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf146e4f361db3938/5e34a7bc946d717e2eab6139/power-shell-cheat-sheet-v41.pdf

  26. Writing Tips for IT Professionals
    https://zeltser.com/writing-tips-for-it-professionals/

  27. Tips for Creating and Managing New IT Products
    https://zeltser.com/new-product-management-tips/

  28. Tips for Getting the Right IT Job
    https://zeltser.com/getting-the-right-it-job-tips/

  29. Tips for Creating a Strong Cybersecurity Assessment Report
    https://zeltser.com/security-assessment-report-cheat-sheet/

  30. Critical Log Review Checklist for Security Incidents
    https://zeltser.com/security-incident-log-review-checklist/

  31. Security Architecture Cheat Sheet for Internet Applications
    https://zeltser.com/security-architecture-cheat-sheet/

  32. Tips for Troubleshooting Human Communications
    https://zeltser.com/human-communications-cheat-sheet/

  33. Security Incident Survey Cheat Sheet for Server Administrators
    https://zeltser.com/security-incident-survey-cheat-sheet/

  34. Network DDoS Incident Response Cheat Sheet
    https://zeltser.com/ddos-incident-cheat-sheet/

  35. Information Security Assessment RFP Cheat Sheet
    https://zeltser.com/cheat-sheets/


_Digital Forensics and Incident Response_

  1. SIFT Workstation Cheat Sheet
    https://digital-forensics.sans.org/media/sift_cheat_sheet.pdf?msc=Cheat+Sheet+Blog

  2. Plaso Filtering Cheat Sheet
    https://digital-forensics.sans.org/media/Plaso-Cheat-Sheet.pdf?msc=Cheat+Sheet+Blog

  3. Tips for Reverse-Engineering Malicious Code
    https://digital-forensics.sans.org/media/reverse-engineering-malicious-code-tips.pdf?msc=Cheat+Sheet+Blog

  4. Usage Tips for Malware Analysis on Linux
    https://digital-forensics.sans.org/media/remnux-malware-analysis-tips.pdf?msc=Cheat+Sheet+Blog

  5. Analyzing Malicious Documents
    https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf?msc=Cheat+Sheet+Blog

  6. Malware Analysis and Reverse-Engineering Cheat Sheet
    https://digital-forensics.sans.org/media/malware-analysis-cheat-sheet.pdf?msc=Cheat+Sheet+Blog

  7. SQlite Pocket Reference Guide
    https://digital-forensics.sans.org/media/SQlite-PocketReference-final.pdf?msc=Cheat+Sheet+Blog

  8. Eric Zimmerman's tools Cheat Sheet
    https://digital-forensics.sans.org/media/EricZimmermanCommandLineToolsCheatSheet-v1.0.pdf?msc=Cheat+Sheet+Blog

  9. Rekall Memory Forensics Cheat Sheet
    https://digital-forensics.sans.org/media/rekall-memory-forensics-cheatsheet.pdf?msc=Cheat+Sheet+Blog

  10. Linux Shell Survival Guide
    https://digital-forensics.sans.org/media/linux-shell-survival-guide.pdf?msc=Cheat+Sheet+Blog

  11. Windows to Unix Cheat Sheet
    https://digital-forensics.sans.org/media/windows_to_unix_cheatsheet.pdf?msc=Cheat+Sheet+Blog

  12. Memory Forensics Cheat Sheet
    https://digital-forensics.sans.org/media/volatility-memory-forensics-cheat-sheet.pdf?msc=Cheat+Sheet+Blog

  13. Hex and Regex Forensics Cheat Sheet
    https://digital-forensics.sans.org/media/hex_file_and_regex_cheat_sheet.pdf?msc=Cheat+Sheet+Blog

  14. FOR518 Mac & iOS HFS+ Filesystem Reference Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blt61c336e02577e733/5eb0940e248a28605479ccf0/FOR518_APFS_CheatSheet_012020.pdf

  15. The majority of DFIR Cheat Sheets can be found here --> https://digital-forensics.sans.org/community/cheat-sheets?msc=Cheat+Sheet+Blog._Penetration
    Testing_

  16. Swiss Army Knife collection of PenTesting Cheatsheets
    https://github.com/swisskyrepo/PayloadsAllTheThings

  17. SQLite Injection Cheat Sheet
    https://github.com/unicornsasfuel/sqlite_sqli_cheat_sheet

  18. SSL/TLS Vulnerability Cheat Sheet
    https://github.com/IBM/tls-vuln-cheatsheet

  19. Windows Intrusion Discovery Cheat Sheet v3.0
    https://pen-testing.sans.org/retrieve/windows-cheat-sheet.pdf?msc=Cheat+Sheet+Blog

  20. Intrusion Discovery Cheat Sheet v2.0 (Linux)
    https://pen-testing.sans.org/retrieve/linux-cheat-sheet.pdf?msc=Cheat+Sheet+Blog

  21. Intrusion Discovery Cheat Sheet v2.0 (Windows 2000)
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/bltd6fa777a3215f34a/5eb08aae08d37e6d82ef77fe/win2ksacheatsheet.pdf

  22. Windows Command Line
    https://pen-testing.sans.org/retrieve/windows-command-line-sheet.pdf?msc=Cheat+Sheet+Blog

  23. Netcat Cheat Sheet
    https://pen-testing.sans.org/retrieve/netcat-cheat-sheet.pdf?msc=Cheat+Sheet+Blog

  24. Misc Tools Cheat Sheet
    https://pen-testing.sans.org/retrieve/misc-tools-sheet.pdf?msc=Cheat+Sheet+Blog

  25. Python 3 Essentials
    https://www.sans.org/blog/sans-cheat-sheet-python-3/?msc=Cheat+Sheet+Blog

  26. Windows Command Line Cheat Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blt4e45e00c2973546d/5eb08aae4461f75d77a48fd4/WindowsCommandLineSheetV1.pdf

  27. SMB Access from Linux Cheat Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blta6a2ae64ec0ed535/5eb08aaeead3926127b4df44/SMB-Access-from-Linux.pdf

  28. Pivot Cheat Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blt0f228a4b9a1165e4/5ef3d602395b554cb3523e7b/pivot-cheat-sheet-v1.0.pdf

  29. Google Hacking and Defense Cheat Sheet
    https://www.sans.org/security-resources/GoogleCheatSheet.pdf?msc=Cheat+Sheet+Blog

  30. Scapy Cheat Sheet
    https://wiki.sans.blue/Tools/pdfs/ScapyCheatSheet_v0.2.pdf Nmap Cheat Sheet
    https://assets.contentstack.io/v3/assets/blt36c2e63521272fdc/blte37ba962036d487b/5eb08aae26a7212f2db1c1da/NmapCheatSheetv1.1.pdf

    _Cloud Security_

  31. Multicloud Cheat Sheet
    https://www.sans.org/security-resources/posters/cloud/multicloud-cheat-sheet-215?msc=blog-ultimate-list-cheat-sheets_

All Around Defender Primers_

  1. Linux CLI 101 https://wiki.sans.blue/Tools/pdfs/LinuxCLI101.pdf

  2. Linux CLI
    https://wiki.sans.blue/Tools/pdfs/LinuxCLI.pdf

The following graphic 

  1. PowerShell Primer
    https://wiki.sans.blue/Tools/pdfs/PowerShell.pdf

  2. PowerShell Get-WinEvent
    https://wiki.sans.blue/Tools/pdfs/Get-WinEvent.pdfOffensive

  3. Exploit Database - The Exploit Database is maintained by Offensive Security, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. https://www.exploit-db.com/

The following table provides perspective on the multiple types of roles that can work in cybersecurity. (credit Naomi Buckwalter & Network Slutter )