Work From Home Resources

Telework Security Basics – Use these tips from NIST to improve your telework security, whether you’re using your organizations’ laptop or smartphone, or your own personal desktop or tablet. Protecting Portable Devices: Data Security – In addition to taking precautions to protect your portable devices, it is important to add another layer of security by […]

Books

Holistic Info-Sec for Web Developers – Broad and deep coverage of what Web Developers and DevOps Engineers need to know in order to create robust, reliable, maintainable and secure software, networks and other, that are delivered continuously, on time, with no nasty surprises Docker Security – Quick Reference: For DevOps Engineers – A book on […]

Threat Intelligence

ThreatCrowd – A free threat intel tool for pivoting on domains/ips/emails/av/locations within the site / Maltego / Api. abuse.ch – ZeuS Tracker / SpyEye Tracker / Palevo Tracker / Feodo Tracker tracks Command&Control servers (hosts) around the world and provides you a domain- and an IP-blocklist. Emerging Threats – Open Source – Emerging Threats began […]

Honey Pot / Honey Net

awesome-honeypots – The canonical awesome honeypot list. HoneyPy – HoneyPy is a low to medium interaction honeypot. It is intended to be easy to: deploy, extend functionality with plugins, and apply custom configurations. Conpot – ICS/SCADA Honeypot. Conpot is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify […]

Threat Hunting

BeaKer – BeaKer visualizes Microsoft Sysmon network data to help threat hunters track down the source of suspicious network connections. The custom dashboard presents which users and executables created connections between two given IPs, how many times they’ve connected, the protocols and ports used, and much more..com/jpr5/ngrep Snort – Snort is a free and open […]

Monitoring / Logging

What2Log – Logging is essential in computer security. Computer logs can tell someone everything they need to know about what happened on a particular machine at a particular time. Events can be strung together to create a timeline of several events that happened during a time period. justniffer – Justniffer is a network protocol analyzer […]

Scanning / Pentesting

OpenVAS – OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Metasploit Framework – A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. Kali – Kali Linux is […]

Sniffer

wireshark – Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options. TShark – TShark is a network protocol analyzer. It lets you capture packet […]

Firewall

pfSense – Firewall and Router FreeBSD distribution. OPNsense – is an open source, easy-to-use and easy-to-build FreeBSD based firewall and routing platform. OPNsense includes most of the features available in expensive commercial firewalls, and more in many cases. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. […]

Fast Packet Processing

DPDK – DPDK is a set of libraries and drivers for fast packet processing. PFQ – PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission (10G and beyond), in-kernel functional processing and packets steering across sockets/end-points. PF_RING – PF_RING is a new type of network socket that […]