Shodan Tools - https://github.com/n0x08/ShodanTools
Various shodan queries you can utilize to identify various devices on the internet.
Online Investigation Toolset - https://t.co/5vewV5ab5N
A huge number of online tools compiled into a Google Doc. Have fun exploring!
Google Hacking Database - https://www.exploit-db.com/google-hacking-database
An enormous database of various dorks folks have submitted for identifying potentially vulnerable sites.
WIRED Article on Mirai (6000 words, ~30m) - https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet/
Love how this builds the story around how it came to be, how the security community responded, and just ties so many threads of this fascinating story together.
WannaCry Ransomware (Wikipedia) - https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
Covers a decent amount of the story of WannaCry in short form.
WIRED Article on WannaCry’s Unlikely Hero (15000 words, ~1h15m) - https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/
I love how this gets into the life of a hacker who tried to turn good and had their past come to haunt them. I love @MalwareTech on Twitter and so glad that @DeviantOllam and @Tarah came to his rescue.
Splunk Security Datasets Project (?hrs) - https://live.splunk.com/splunk-security-dataset-project
This is a guided walkthrough of the dataset for Splunk’s Boss of the SOC v1, which does an excellent job showing off what Splunk can do with centralized logging. Make sure to run the searches yourself to get familiar with the query logic!
SANS Forensics Posters - https://digital-forensics.sans.org/community/posters
These are GREAT and I still reference regularly, particularly “Evidence of…” and “Hunt Evil” - this distills some of the primary indicators, events, and artifacts you can use to hunt for badness!
Professor Messer’s Security+ Course (?hrs) - https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAy
I’ve introduced you to various concepts through my classes but Mr. Messer is going to prepare you to get that CompTIA Security+ certification that you will need to get into this industry. He is a great teacher. Make sure to take notes, and practice our learning tools of recall, preview, memory palace, and spaced repetition!
Still a gold standard for the Incident Response lifecycle. Try reading through the document and making an outline of what you learn, then focusing on a particular phase of the lifecycle and building a set of policies, standards, procedures, and guidelines based on what you read there. Don’t be afraid to google other articles!
Gold standard for setting up security controls in an enterprise environment. Again, try reading through the document and outlining what you learn, then focus on a particular area and write some policy, standards, and procedures with these as your guidelines.
