| description | Curated cyber security resources for SOC analysts, pentesters, DFIR practitioners, threat intelligence analysts, AppSec teams, and security learners. |
|---|
I'm the s0cm0nkey: a security analyst, threat hunter, pentester, researcher, and CTF enthusiast. By day, I run a SOC team and teach cyber security. By night, I play CTFs, hack things, and eat a professional volume of tacos. Ping me any time. I love to talk about all things security.
@s0cm0nkeysec
Check out my online course with Applied Network Defense: Command Line Essentials for Security Analysts!
https://www.networkdefense.co/courses/cli/
There are so many security guides, tools, and writeups floating around the internet that it is hard to know where they all are and which ones are worth your time. I built this reference guide by leaning into my true skill in security: finding other people's hard work.
This is a curated set of resources I have found useful across cyber security: defensive operations, offensive testing, DFIR, cloud, engineering fundamentals, privacy, and training. Each page should give enough context to help you choose the right resource without turning into a textbook.
If you are new or trying to jump into a specific role, start with the guided paths and resource index:
{% content-ref url="start-here.md" %} start-here.md {% endcontent-ref %}
{% content-ref url="resource-index.md" %} resource-index.md {% endcontent-ref %}
- Red is for authorized offensive operations, testing methodology, exploitation, and red/purple team resources.
- Blue is for defensive operations, detection, hardening, packet analysis, and DFIR.
- Yellow is for supporting engineering fundamentals: cloud, containers, logging architecture, code, CLI, networking, sysadmin, and AI/ML.
- Grey is for privacy, Tor, PGP, and OPSEC references.
- Training is the home for courses, labs, books, CTFs, certifications, and Awesome lists.
{% hint style="info" %} Note: These are my personal notes and links curated for public use. The notes and comments are not all of my own. If someone has written something better than I, I will use it and link to their work. I do not claim any copyright or creative content. {% endhint %}
{% hint style="danger" %} Warning: Do not use any of the mentioned tools referenced here for illegal, unethical, or questionable purposes. These tools are for legitimate/approved testing and research only. {% endhint %}
Mentions:
{% embed url="https://labs.detectify.com/2021/08/24/hakluke-list-resources-for-beginner-hackers-2021/" %}
Other Publications:
Logging strategy - also referenced in the Security Logging section.
