This page will be always » work in progress «
List of links for websites with updates on Cyber Security and other knowledges areas on Computer Science Knowledge
https://www.youtube.com/user/schafer5/playlists - Corey Schafer
- https://www.youtube.com/playlist?list=PLhr1KZpdzukfdjsOHZ-BazZt1iK1J8UUw - AWS Knowledge Center Videos
- https://www.youtube.com/user/AWSwebinars/videos - AWS Online Tech Talks
- https://www.youtube.com/playlist?list=PLhr1KZpdzukcaA06WloeNmGlnM_f1LrdP - AWS Management and Governance
- https://github.com/carlospolop?tab=repositories -
PEASS-ng for priviledge escalation
PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation
- https://www.flickr.com/photos/[email protected]/ -
Domain of Science - Dominic Walliman
Steve Gibson at grc.com
Security Now podcast by Steve Gibson and Leo Laporte
- https://securityprofession.blog.gov.uk/ - Government security
- https://hodigital.blog.gov.uk/ - Home Office Digital, Data and Technology
Gov UK > Digital Marketplace > Cloud hosting, software and support > Cloud > softwareImmersive Labs
- https://www.flashpoint-intel.com/blog/threat-intelligence-lifecycle/ - Threat Intelligence Lifecycle
- The threat intelligence lifecycle is considered to comprise five stages, each of which helps to ensure quality CTI data which can be utilised to support cyber defence.
- 1) Planning and direction: Set the scope and objectives for core intel roles and processes.
- 2) Collection: Deploy data gathering and processing techniques and sources.
- 3) Analysis: Translate raw intel into meaningful and taxonomized actors, events, and attributes.
- 4) Production: Assess intel significance and severity based on business and environmental context.
- 5) Dissemination and feedback: Report on finished intel, considering urgency and confidentiality.
Planning and direction This stage involves defining a business strategy and goals which the CTI program will support.
It will cover the information and processes to be protected, priorities, and CTI required to complete this goal.
Collection This stage involves defining what information should be collected in order to resolve a full picture of the threat landscape.
Threat data will be collected from numerous sources and formats; this data will need to be deduplicated and normalised before use.
Analysis The analysis stage of the CTI lifecycle involves analysts processing the collected data against the guidance and requirements laid out in the planning and direction stage.
The analysis should determine the reliability and relevance of the data collected.
Production The results of the analysis stage should be delivered to the necessary teams within the organisation.
The CTI should be distributed to stakeholders in a manner which is suitable for consumption, whether this is a report, presentation, or other format.
- Dissemination and feedback
Teams that receive CTI should be part of the CTI lifecycle.
They should report whether the information proved to be valuable against the goals laid out in the planning and direction stages.
This feedback will be used in the next planning and direction cycle stage.
- https://www.youtube.com/c/JohnHammond010/videos -
link to free-course
- https://help.offensive-security.com/hc/en-us/sections/6970444968596-Penetration-Testing-with-Kali-Linux-PEN-200- -
https://replit.com/pricing <– collaborative coding and learning via browser
https://twit.tv/shows/security-now - Security Now
- https://ugc.futurelearn.com/uploads/files/3f/d3/3fd36a66-d941-4595-b587-1a7b41998ae9/Week_3_Sophos_Threatsaurus_AZ.pdf -
Sophos Threatsaurus AZ
- https://takahiro-oda.medium.com/ -
takahiro oda, good whireshark tutorials and others.
https://www.youtube.com/user/advexon/videos - Advexon Science Network
https://www.youtube.com/user/ProgrammingKnowledge/videos - ProgrammingKnowledge
- https://www.zaproxy.org/videos/ -
- https://www.youtube.com/c/StackHawk/videos -
StackHawk makes it simple for developers to find, triage, and fix application security bugs. Scan your application for AppSec bugs in the code your team wrote, triage and fix with provided documentation, and automate in your pipeline to prevent future bugs from hitting prod.