/infosec-writeups

Archive of useful sources I keep collecting during my information security journey

GNU General Public License v3.0GPL-3.0

infosec-writeups

Archive of useful sources I keep collecting during my information security journey

Useful Resources

Malware Analysis & Reverse Engineering Corner

Malware Sources

  • Koodous - Samples from Play Market and community.
  • MalShare - Access to samples, malicious feeds, and Yara results.

Techniques

Tools

Blogs

Threat Intelligence Corner

Resources

  • TI Playbooks Project - Open source project developed to share threat hunting concepts.
  • IntelligenceX - Search engine and data archive.
  • Maigret - OSINT engine to search people.
  • OSINT Tools - Various OSINT tools and scripts.
  • Awesome Treat Intelligence - An extensive repository with TI tools and techniques.
  • Awesome IOCs - An awesome collection of indicators of compromise (and a few IOC related tools).
  • Gruja RS - Demonstration of ransomware attack video review.
  • CSIRT Gadgets - Applied research, content and tools to help you solve real problems.
  • ThreatCrowd - A search engine for threats.
  • OSINT Framework - Project focused on gathering information from free tools or resources.

Feeds

  • ThreatFeeds - List of free feeds, with status checks.
  • UnderAttack - Daily feeds containing only relevant events worldwide.
  • Malicious URLs - A project of abuse.ch with the goal of sharing malicious URLs.
  • Ransomware Tracker - A project of abuse.ch with the goal of sharing ransomware indicators (discontinued).
  • [Feodo Tracker]https://feodotracker.abuse.ch/) - A project of abuse.ch with the goal of sharing botnet C&C servers associated with the Feodo malware family.
  • SSLdb - A project of abuse.ch with the goal of detecting malicious SSL connections.
  • FireHOL IP Feed - This site analyses all available security IP Feeds.
  • TI Feeds from Independet Researcher - This website has a collection of open feeds and is being updated regularly.

Tools

  • MISP - Malware Information Sharing Platform, CIRCL.
  • MineMeld - An extensible indicator processing framework.
  • Yeti - Open, distributed, machine and analyst-friendly threat intelligence repository.
  • GOSINT - Open Source Threat Intelligence Gathering and Processing Framework.
  • Crits - A web-based tool which combines an analytic engine with a cyber threat database.
  • MalTrail - A malicious traffic detection system.
  • TheHive - Open Source, Free and Scalable Cyber Threat Intelligence & Security Incident Response Solutions.

APT

Deface | Leaks

  • Zone-H - Unrestricted Information.
  • Mirror-H - Website snapshots.
  • Defacer - Defaced websites.
  • OverflowZone - Most vulnerable countries by websites.
  • Disclose.io - A cross-industry, vendor-agnostic standardization project for safe harbor best practices to enable good-faith security research.

Honeypots

  • Thug - Python low-interaction honeyclient aimed at mimicing the behavior of a web browser.

SOC Corner

Resources

Blogs

Forensics Corner

Tools

Offensive Corner

Exploits

Communities

  • Chaos Computer Club - (CCC) is Europe's largest association of hackers.
  • hackint - A communicaton network for hacker community.
  • DefCon Groups - A list of verified DC communities worldwide.
  • DefCon-UA - Ukrainian DefCon commutiny, which organized a famous dcua CTF team.
  • DefCon Moscow - Russian DefCon community, posting whitepapers and translations.

Challenges

  • Hacking Lab - A comprehensive attack/defense CTF system.

Blogs

Media

Devices

  • Purism/Librem - Devices aimed at privacy protection.
  • BladeRF - SDR with both receiver and transmitter possibilities.

Books