| Name | Description |
|---|---|
| CTF Walkthroughs | HighOn.Coffee CTF Walkthroughs |
| OpenSOC Write Up | OpenSOC Write Up |
| Blue Team Villiage OpenSOC Write Up | Blue Team Villiage OpenSOC |
| Awesome CTF Cheatsheet | Awesome CTF Cheatsheet |
| Name | Description |
|---|---|
| Awesome-CTF | Awesome-CTF |
| Hack the Box | HTB |
| Hack the Box Academy | Hack the Box Academy |
| Web Security Academy | Web Security Academy |
| OWASP Juice Shop | OWASP Juice Shop |
| Pentester Lab | Pentester Lab |
| VULNHUB | VULNHUB |
| TryHackMe | TryHackMe |
| Pentester Academy | Pentester Academy |
| Attack & Defense | [Attack and Defense] |
| HackingLAB | [Hacking LAB] |
| Over the Wire | Over the Wire |
| CTF Time | [CTF Time] |
| Mutillidae | [Mutillidae] |
| Damn Vulnerable Web Application | [DVWA] |
| Metasploitable 2 | [Metasploitable 2] |
| Metasploitable 3 | [Metasploitable 3] |
| Name | Description |
|---|---|
| Naming Conventions | Cyber Threat Actor Naming Conventions |
| APT & CyberCriminal Campaign Collection | CyberMonitor |
| Threat Hunter Playbook | Cyb3rWard0g Threat Hunter Playbook |
| APT Threat Tracking | APT Threat Tracking |
| Name | Description |
|---|---|
| Penetration Testing Framework 0.59 | Penetration Testing Framework |
| The Penetration Testing Execution Standard | PTES |
| Open Source Security Testing Methodology Manual (OSSTMM) | OSSTMM |
| NIST Guideline on Network Security Testing | NIST SP800-115 |
| OWASP Testing Guide | OWASP Testing Guide |
| Name | Description |
|---|---|
| urlscan.io | urlscan |
| echotrail.io | echotrail |
| any.run | any.run |
| Threat Connect | Threat Connect |
| AlienVault OTX | AlientVault OTX |
| IBM X-Force Exchange | IBM X-Force Exchange |
| Threat Crowd | Threat Crowd |
| Threat Miner | Threat Miner |
| Virus Total | Virus Total |
| Hybrid Analysis | Hybrid Analysis |
| Passive Total | Passive Total |
| URL Void | URL Void |
| IP Void | IP Void |
| Zmap Project | Zmap Project |
| Zmap Project Research | Zmap Project Research |
| SIEMonster | SIEMonster |
| Keeping Infrastructure as Code Secure-KICS | KICS |
| Velociraptor | Velociraptor |
| Blue Hound | Blue Hound |
| Name | Description |
|---|
| Name | Description |
|---|---|
| Network Segmentation | Best Practices for Network Segmentation |
| OWASP Network Segmentation | OWASP Network Segmentation |
| Name | Description |
|---|---|
| Malware Archaeology | Malware Archaeology Cheet Sheets |
| Malware Archaelogy Powershell logging Cheatsheet | MA Powershell Logging Cheatsheet |
| Powershell & Commandline Logging | Powershell & Commandline Logging |
| Command Shell Logging ATT&CK ID: DS0017 -> T1059.003 | Red Canary Command Shell Logging |
| Command Shell Logging ATT&CK ID: DS0017 -> T1059.001 | Red Canary Powershell Logging |
| Name | Description |
|---|---|
| Blackfog State of Ransomware | Blackfog State of Ransomware |
| ThreatMon Advanced Ransomware Monitoring | ThreatMon |
| DataBreaches.net | DataBreaches.net |
| Mitre ATT&CK | Mitre ATT&CK |
| Name | Description |
|---|---|
| Verizon DBIR | Verizon DBIR |
| Mandiant M-Trends | M-Trends Report |
| CrowdStrike Global Threat Report | CrowdStrike Global Threat Report |
| Red Canary Threat Detection Report | Red Canary Threat Detection Report |
| The DFIR Report | The DFIR Year in Review Report |
| Microsoft Digital Defense Report | Microsoft Digital Defense Report |
| Orange Cyberdefense Security Navigator | Orange Cyberdefense Security Navigator |
| Name | Description |
|---|---|
| Top 20 and 200 most scanned ports in the cybersecurity industry | Top 20 and 200 most scanned ports |
| Intelligence Concepts - F3EAD | Intelligence Concepts - F3EAD |
| Cyber Threat Intelligence SIG - Intelligence Lifecycle - F3EAD Cycle | FIRST Intelligence Lifecycle - F3EAD |
| Kill Chain - (F2T2EA, 4F's, 5F's, Cyber Kill Chain, Mitre, and Unified Kill Chain) | Kill Chains |
| Diamond Model of Intrusion Analysis | Diamond Model of Intrusion Analysis |
| Diamond Model used in Practice by ThreatConnect | Diamond Model used on Chinese APT |
| 30 Best Blue Team Tools | 30 Best Blue Team Tools |
| Security Soup | Security Soup |
| Jai Minton DFIR Resources | Digital Forensics and Incident Response Cheetsheet |
| Name | Description |
|---|---|
| Bellingcat's Digital Forensics Tools | Digital Forensics Tools |
| Github Jivoi Awesome OSINT | Jivoi Awesome OSINT |
| Name | Description |
|---|---|
| Cyber Threat Intelligence Self-Study Plan | CTI Self-Study Plan |
| Intelligence Concepts - F3EAD | Intelligence Concepts - F3EAD |
| Cyber Threat Intelligence SIG - Intelligence Lifecycle - F3EAD Cycle | FIRST Intelligence Lifecycle - F3EAD |
| Using the Estimative Language Taxonomy in MISP | Using the Estimative Language Taxonomy in MISP |
| Analytic Levels of Confidence and Probability Yardstick | Levels of Confidence & Probability Yardstick |
| Name | Description |
|---|---|
| OSCP-Survival-Guide | Getsecnow |
| Detailed Guide to OSCP Prep | Detailed Guide to OSCP Prep |
| Offensive Security's PWK & OSCP Review | Offensive Security's PWK & OSCP Review |
| OSCP: Offensive Security Certification & PWK Review | intrd-OSCP Review |
| OSCP: Hakluke's Ultimate Guide | Haklukes OSCP Guide |
| OSCP: A Detailed Guide on OSCP Preparation | JasonMax at Peerlyst OSCP Guide |
| OSCP: Peerlyst Wiki Collection | How to Get the OSCP Wiki |
| awesomeinfosec | awesomeinfosec |
| Awesome-Hacking | Awesome-Hacking |
| Bettercap Tutorial | A Bettercap Tutorial |
| Pentesters Lab | Pentesters Lab |
| DoGByTe-ZN | Infosec-resources-for-all |
| GIAC - GPEN Reference | MeteorMusic |
| Awesome Malware Analysis | rshipp |
| How to Build a Treat Hunting Platform using ELK Stack | Threat Hunting ELK Stack |
| Network Security Monitoring | CNIT50: Network Security Monitoring |
| Incident Response | CNIT 152: Incident Response |
| Practical Malware Analysis | CNIT 126: Practical Malware Analysis |
| Samsclass | Samsclass |
| The Easiest Metasploit Guide You'll Ever Read | Metasploit Guide |
| Malware Analysis | RPISEC Malware Analysis |
| Awesome Hacking Resources | Vitalysim Hacking Resources |
| Tools and Resources to Prepare for a CTF | InfoSec Institute |
| Awesome Security | Awesome Security |
| Awesome CTF | Awesome CTF |
| Awesome Incident Response | Awesome Incident Response |
| Incident Response | IncidentResponse |
| Blue Team Labs | Blue Team Labs |
| Boss of the SOC | BOTS Boss of the SOC |
| Splunk Threat Hunting | Splunk Threat Hunting |
| OpenSOC | OpenSOC |
| How to install Elastic SIEM and Elastic EDR | Install Elastic SIEM and Elastic EDR |
| LetsDefend Blue Team Training | LetsDefend Blue Team Training |
| Blue Team Labs Online | Blue Team Labs Online |
| TCM Security Training | TCM Security Training |
| Cisco Live on Demand | Cisco Live on Demand |
| Name | Description |
|---|---|
| Github Awesome Security | Github Awesome Security Search |
| Github Awesome Security Sindresorhus | Sindresorhus Awesome-Security |
| Github Meirwah Awesome Incident Response | Awesome Incident Response |
| Github Hslatman Awesome Threat Intelligence | Awesome Threat Intelligence |
| Github Coreb1t Awesome Pentest Cheatsheets | Awesome Pen Test Cheatsheets |
| Github 0x4D31 Awesome Threat Detection | Awesome Threat Detection |
| Github Awesome Penetration Testing | Awesome Penetration Testing |
| Infosec Career Advice | Starting an InfoSec Career - The Megamix |
| Easily Report Phishing and Malware | Reporting Phishing and Malware |
| Github Awesome Windows Domain Hardening | Awesome Windows Domain Hardening |
| My Time at NetWars Tournament of Champions | NetWars Tournament Experience |
| Penetration Testing Tools Cheatsheet | Highon.Coffee Pentesting Cheatsheet |
| Peerlyst Infosec Cheatsheet | Complete List of Infosec Cheatsheets |
| PwnWiki.io | Pwn Wiki |
| Zeltser Blocklists | Zeltser Blocklists |
| Zeltser Cheatsheets | Zeltser Cheatsheets |
| Cyber Intel Sites | 8 Great Sites for Cyber Threat Intel |
| Threatintel.EU | A Study on Threat Intelligence Platforms (TIPs) |
| Linux Journey | Linux Journey |
| Threat Huning with HELK | Threat Hunting & Adversary Emulation |
| BrakeSec BDIR | BrakeSec BDIR |
| How to Build and Run SOC | Peerlyst Claus Houmann SOC Info |
| The Peerlyst Wiki | The Peerlyst Wiki |
| Information Security Reading List | MalwareJedi InfoSec Reading List |
| ROCK NSM | ROCK NSM |
| Red Teaming Simulation Toolkit | Red Teaming Adversary Simulation Toolkit |
| ADLabDeployer | ADLabDeployer |
| DetectionLab | DetectionLab |
| Awesome Cyber Security BlueTeam | Awesome Cyber Security Blue Team |
| RMusser InfoSec Resources | RMusser InfoSec Resources |
| Awesome Incident Response | Awesome Incident Response |
| Awesome Threat Detection and Hunting | Awesome Threat Detection and Hunting |
| Cyber Adversary Emulation | Install Setup Mitre Caldera The Automated Cyber Adversary Emulation System |
| How I get started into Threat Hunting | How I get started into Threat Hunting |
| Great List of Resources to Build an Enterprise Grade Home Lab | List of Resources to Build Enterprise Home Lab |
| Windows Privilege Escalation Fundamentals | Window Privesc & Good IR Scripts |
| Basics of Windows Incident Response by Jordan Potti | Basics of Windows IR |
| IR Tales From Hold My Beer Security | IR Tales |
| Cyberthreat Intelligence Study Plan | Cyberthreat Intelligence Study Plan |
| DFIRmadness 5pillars | 5pillars of Cybersecurity |
| DFIR Reference Frameworks | DFIR Reference Frameworks |
| TCM Practical-Ethical-Hacking-Resources | TCM Practical-Ethical-Hacking-Resources |
| Blackfog State of Ransomware | Blackfog State of Ransomware |
| APT Cyber Campaigns | APT Cyber Campaigns |
| Security Awareness Training Statistics & Trends 2022 Edition | Security Awareness Stats and Trends 2022 |
| The Record Ransomware Tracker | The Record Ransomware Tracker |
| Security Awareness Training | Security Awareness Training |
| Enterprise Grade Home Lab | List of Tools for Enterise Grade Home Lab |
| CyberScoop | CyberScoop |
| FedScoop | FedScoop |
| StateScoop | StateScoop |
| Blue Team Home Labs | Blue Team Home Labs |
| Ransomware Reports | Ransomware Reports |
| Awesome Phishing | Awesome Phishing |
| Curated Ukraine Cyber Crisis | Curated Intel |
| Ukraine Cyber Crisis | Ukraine Cyber Crisis Intel |
| SANS Ukraine Cyber Crisis | SANS Ukraine Cyber Crisis |
| Cisco Mappings to Cyber Frameworks | Cisco Mappings to Cyber Frameworks |
| Cisco Talos OSQueries | TALOS OSQueries |
| OSQuery ATT&CK | OSQuery ATT&CK |
| Air Force Intelligence and Security Doctrine | Air Force Doctrine Documents |
|---|---|
| Air Basic Doctrine Vol. 1 | Air Force Basic Doctrine Vol. 1 |
| Air Force Leadership Vol. 2 | Air Force Leadership Vol. 2 |
| AFPD 1-2 Air Force Glossary | Air Glossary |
| DOD Dictionary of Military Associated Terms | DOD Dictionary or Terms |
| AFPD 1-04 | Legal Support to Operations, 04 March 2012 |
| AFDP 2-0 Global Integrated Intelligence, Surveillance, & Reconnaissance Operations | Global Integrated ISR Ops |
| AFDP 3-0 Operations and Planning | Operations and Planning |
| AFPD 3-01 Counterair Ops | Counterair Operations |
| AFPD 3-2 Irregular Warfare | Irregular Warfare |
| AFPD 3-03 Counterland Operations | Counterland Operations |
| AFPD 3-04 Countersea Operations | Countersea Operations |
| AFPD 3-05 Special Operations | Special Ops |
| AFPD 3-10 Force Protection | Force Protection |
| AFPD 3-12 Cyberspace Operations | Cyberspace Operations |
| AFPD 3-13 Information Operations | Information Operations |
| AFDD 3-13.1 | Electronic Warfare, 5 November 2001, incorporating Change 1, 28 July 2011 |
| AFPD 3-14 Counterspace Operations | Counterspace Ops |
| AFDD 3-17 | Air Mobility Operations, 1 March 2006, incorporating Change 1, 28 July 2011 |
| AFPD 3-22 Foreign Internal Defense | Foreign Internal Defense |
| AFPD 3-27 Homeland Operations | Homeland Ops |
| AFPD 3-30 Command and Control | Command and Control |
| AFPD 3-50 Personnel Recovery Operations | Personnel Recovery |
| AFPD 3-59 Weather Operations | Weather Ops |
| AFPD 3-60 Targeting | Targeting |
| AFPD 3-61 Public Affairs Operations | Public Affairs |
| AFPD 3-70 Strategic Attack | Strategic Attack |
| AFPD 4-0 Combat Support | Combat Support |
| FAS Intelligence Resource Program | Air Force Doctrine Documents |
| U.S. Air Force Doctrine Site | U.S. Air Force Doctrine |
| Name | Description |
|---|---|
| Andrew Kalat | @Lerg |
| ATT&CK | @MITREattack |
| Bad Packets | @bad_packets |
| BenHeise | @benheise |
| bk Ben Koehl | @bkMSFT |
| Black Hills Information Security | @BHInfoSecurity |
| BleepingComputer | @BleepinComputer |
| Brett Shavers | @Brett_Shavers |
| briankrebs | @briankrebs |
| Bryan Brake | @bryanbrake |
| Christopher Hadnagy | @humanhacker |
| Cisco Talos Intelligence Group | @TalosSecurity |
| Center for Internet Security (CIS) | @CISecurity |
| Chris Crowley | @CCrowMontance |
| Chris Sanders | @chrissanders88 |
| Christopher Glyer | @cglyer |
| Cybersecurity and Infrastructure Security Agency | @CISAgov |
| Cybersecurity Canon | @CyberSecCanon |
| Cybersecurity and Infrastructure Security Agency | @CISAInfraSec |
| DarkReading | @DarkReading |
| DEF CON | @defcon |
| DFRLab | @DFRLab |
| Dutch Osint Guy Nico | @dutch_osintguy |
| Eric Capuano | @eric_capuano |
| Florian Roth | @Cyb3rops |
| GreyNoise | @GreyNoiseIO |
| Heath Adams | @thecybermentor |
| IO Link | @IOLink |
| Ismael Valenzuela | @aboutsecurity |
| Jake Williams | @MalwareJake |
| James Lyne | @jameslyne |
| Jason Blanchard | @BanjoCrashland |
| Jeremy Dallman | @jdallman |
| Johannes Ullrich | @johullrich |
| John Hammond | @_JohnHammond |
| John Hubbard | @SecHubb |
| John Hultquist | @JohnHultquist |
| Josh Brower | @DefensiveDepth |
| Justin Seitz | @xKaliSec |
| Justin Warner | @sixdub |
| KaliTut | @jms_dot_py |
| Katie Nickels | @likethecoins |
| kirbstr | @kirbstr |
| KitPloit - Hacker Tools | @KitPloit |
| Lenny Zeltser | @lennyzeltser |
| Lesley Carhart | @hacks4pancakes |
| Maliciouslink | @Maliciouslink |
| MalwareTech | @MalwareTechBlog |
| malware traffic analysis | @malware_traffic |
| Matt Bromiley | @_bromiley |
| Metacurity | @Metacurity |
| Microsoft Security | @msftsecurity |
| Microsoft Security Intelligence | @MsftSecIntel |
| MSTIC Team Members | @JohnLaTwC |
| NETRESEC | @netresec |
| Nick Carr | @ItsReallyNick |
| nixintel | @nixintel |
| Offensive Security | @offsectraining |
| Omar Ωr Santos | @santosomar |
| Phil Hagen | @santosomar |
| Phill Moore | @PhilHagen |
| Phillip Wylie | @PhillipWylie |
| Rachel Tobac | @RachelTobac |
| Ramin | @MalwareRE |
| RedHunt Labs | @RedHuntLabs |
| RedTeamVillage | @RedTeamVillage_ |
| ReversingLabs | @ReversingLabs |
| Rob Fuller | @mubix |
| Ryan "Chaps" Chapman | @rj_chap |
| SANS CyberDefense | @SANSDefense |
| SANS SANS DFIR | @sansforensics |
| SANS ISC | @sans_isc |
| SANS Institute | @SANSInstitute |
| SANS Offensive Operations | @SANSOffensive |
| Securitymapper | @SecurityMapper |
| SecurityTrails | @securitytrails |
| strandjs | @strandjs |
| Tim Medin | @TimMedin |
| Tinker | @TinkerSec |
| The CyberWire | @thecyberwire |
| Threatpost | @threatpost |
| Troy Hunt | @troyhunt |
| US-CERT | @USCERT_gov |
| We Are OSINTCurious | @OsintCurious |
| Whitney Champion | @shortxstack |
| Wild West Hackin' Fest | @WWHackinFest |
| Name | Description |
|---|---|
| Black Hills Information Security | Black Hills Information Security |
| Blueprint Podcast by John Hubbard | Blueprint Podcast |
| Breaking Down Security Podcast | Breaking Down Security Podcast |
| Cipher Brief Open Source Report | Cipher Brief Open Source Report |
| Cyberwire Daily | Cyberwire Daily |
| Darknet Diaries Podcast | Darknet Diaries Podcast |
| Defensive Security Podcast | Defensive Security Podcast |
| Internet Storm Center | Internet Storm Center |
| Malicious Life Podcast | Malicious Life Podcast |
| OSINT Curious Podcast | OSINT Curious Podcast |
| Privacy Security and OSINT Podcast | Privacy Security and OSINT Podcast |
| Recorded Future Podcast | Recorded Future Podcast |
| The Hacker Factory Podcast | Hacker Factory Podcast |
| 7 Minute Security | 7 Minute Security |
Disclaimer, I do not support, encourage, partake, or condone hacking, attacking or targeting users of any kind. This information is clearly meant to help cybersecurity teams in doing their jobs and learning skills necessary for Redteam/Blueteam activities.