An Information Security Reference That Doesn't Suck
- Be an awesome Information Security Reference
- List of techinques, tools and tactics to learn from/reference.
- Rich resource of infosec knowledge for anyone to browse through as a jumping off point for various niches OR as a reference/recall method for stuff.
- Something like a "Yellow Pages" in the sense of you know something exists, but what was it called....
- 'If you give a man a fish, he is hungry again in an hour. If you teach him to catch a fish, you do him a good turn.'
- Always accepting more links/stuff. Feel free to make a pull request or a complaint through a pull request or filing a bug
- Why Do You Care?
- Don't have to constantly google for tools/reminder.
- Easily browsable list of tools, techniques, papers, and research in all sorts of areas.
- Want to read some good info.
- Why Do I Care?
- I do this as a resource to learn and help others, and offer it publicly as a way of giving back to the general community.
- To be clear, these aren't personal notes. I keep this repo maintained as a way of having pointers to information that I feel might help build someone's skillset or increase their understanding of attacks/methods/defenses.
- This is not meant to condone illegal or malicious activities.
- This page
- To see a better looking version on mobile: use https://rmusser.net/docs(horribly colored, but nicely formatted version).
- For latest content updates, check the git history.
- Want to contribute a link? Anything relevant that isn't already in or covered would be/is appreciated.
- If this resource has helped you in any way(and didn't increase your frustration), please consider making a donation to Doctors Without Borders or Amnesty International.
Index - Table of Contents
- ATT&CK Stuff
- Attacking & Securing Active Directory
🔰Basic Security Information 🔰
- BIOS/UEFI/Firmware Attacks/Defense
🔨Building a Testing Lab 🔨 🚗Car hacking 🚗 💸Career 💸
- Cheat Sheets
📹Conferences/Recordings 📹 🍱Containers 🍱 ⭐Courses & Training ⭐ 🎲Cryptography & Encryption 🎲 🏁CTFs & Wargames 🏁
- Data Anaylsis & Visualization
🌅Defense 🌅 📰Documentation & Reporting 📰
- Embedded Device Security
🌈Exploit Development 🌈
- Forensics & Incident Response
🐛Fuzzing & Bug Hunting 🐛 🎮Game Hacking 🎮 🍯Honeypots 🍯
- Interesting Things & Useful Information
- Logging, Monitoring, & Threat Hunting
💀Malware 💀 ⚠️Network Attacks & Defense ⚠️ 🚩Network Security Monitoring & Logging 🚩 🔭Open Source Intelligence Gathering - OSINT 🔭
🎣Phishing 🎣 🚪Physical Security 🚪
- Privilege Escalation and Post-Exploitation
- AppSec/Programming Stuff
🍋Rants & Writeups 🍋 🏮Red Teaming/Penetration Testing Stuff 🏮
- REMATH Reverse Engineering
- Reverse Engineering
😃Social Engineering 😃 🔩System Internals (Linux/Windows) 🔩
- Threat Modeling
🔥UI/UX Design 🔥 🌻Web 🌻 📶Wireless Networks and RF Devices 📶
- Notable Policy Docs
- A Quote:
As the Americans learned so painfully in Earth's final century, free flow of information is the only safeguard against tyranny. The once-chained people whose leaders at last lose their grip on information flow will soon burst with freedom and vitality, but the free nation gradually constricting its grip on public discourse has begun its rapid slide into despotism. Beware of he who would deny you access to information, for in his heart he dreams himself your master."
- Commissioner Pravin Lal, Peacekeeping Forces (Alpha Centauri, 1999)