Being a senior engineer, I spend most of my time searching the web for a solution. Part of being experienced is knowing just how much you don’t know. If you are lucky, you remember coming across a problem before, which gives you a rough direction to guide the search.
> It would be cool if more senior engineers would admit that they don’t have everything all figured out so the junior folks didn’t have such unrealistic expectations.
~Open Source Security Tool of the Day~
Malwoverview is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
Intro to Hunting Adversaries Using the Attack Lifecycle Methodology
Indicator of Emulation
Leveraging Critical YARA Skills
Low Value Indicators For High Value Decisions
Practical Advice on Threat Hunting Panel
Incident Response & ATT&CK Matrix
Reversing 2020 - Virtual con on June 30th regarding Yara
"Where Threat Hunters Go Deep on YARA!"
Happening on June 30
List of well-known web sites that port scan their visitors https://www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/
A list of 370 unique host names that utilize the same fraud protection service https://docs.google.com/spreadsheets/d/1Nu4lpyZ5PQUIpiLJBddXnr67t5-1y0u40dzyzSYj1gc/edit#gid=0
I wrote a blog post on how to use KMS key policies to act as a separate access control for data in Amazon S3. https://aws.amazon.com/blogs/security/how-to-use-kms-and-iam-to-enable-independent-security-controls-for-encrypted-data-in-s3/
OWASP Juice Shop Tool Project
The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities.
Checking out OWASP DefectDojo (open source vulnerability management tool) on Docker
Though they have a live demo at https://defectdojo.readthedocs.io/en/latest/getting-started.html#live-demo
AWS Overview and Security Tips https://static.peerlyst.com/image/upload/v1505748735/post-attachments/Cyber_Security_Amazon_Course_1_tqtsxy.pdf
A Mastodon instance for info/cyber security-minded people.