📚 Library

All the books and articles that I’ve read and found interesting. 📖 reading now, ✔️ - read.

Purple Team

Copied from LinkedIn [𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 / 𝐏𝐔𝐑𝐏𝐋𝐄 𝐓𝐄𝐀𝐌]

Purple Team is born from the collaboration between Red Team and Blue Team. But what is it exactly? Check out this resources to know more about it

👉 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗣𝘂𝗿𝗽𝗹𝗲 𝗧𝗲𝗮𝗺 🌟 The Difference Between Red, Blue, and Purple Teams by Daniel Miessler https://lnkd.in/ePj9PdJn 🌟 Purple Teaming for dummies by Jonathan Relber, Ben Opel and Carl Wright: https://lnkd.in/g45jnejT 🌟 ENTERPRISE PURPLE TEAMING: AN EXPLORATORY QUALITATIVE STUDY (𝒘𝒊𝒕𝒉 𝒍𝒐𝒕𝒔 𝒐𝒇 𝒓𝒆𝒔𝒐𝒖𝒓𝒄𝒆𝒔) by Xena Olsen, DSc, MBA , Ch33r10 https://lnkd.in/gnGFfPbR

👉 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲 𝗮𝗻𝗱 𝗧𝗶𝗽𝘀 🌟 Check out this training by Christian Scott & Travis DeForge and register for 🚨𝘁𝗼𝗺𝗼𝗿𝗿𝗼𝘄’𝘀 𝘁𝗿𝗮𝗶𝗻𝗶𝗻𝗴 𝘀𝗲𝘀𝘀𝗶𝗼𝗻🚨 where you learn about Purple Teaming work and building a purpleteaming lab https://lnkd.in/eimvjzwE 🌟 Purple Team Exercise Framework by SCYTHE https://lnkd.in/e3cnDETB 🌟 Purple Teaming learning Path on AttackIQ https://lnkd.in/e3s_MrCA 🌟 Actionable Purple Teaming: Why and How You Can (and Should) Go Purple by Scythe https://lnkd.in/geNgDbsK 🌟 A post by Julien Provenzano ☁ with a hands-on Purple Team Workshop by Scythe and Jorge Orchilles https://lnkd.in/eRMv6-2m

👉 𝗧𝗼𝗼𝗹𝘀 🌟 PlumHound by Black Hills Information Security https://lnkd.in/ee2WJZQb 🌟 PurpleSharp by Mauricio Velazco https://lnkd.in/eHYZPWem

🚨🚨 𝐒𝐇𝐀𝐑𝐄 - Do you know other resources? Please share them in the comment🚨🚨

➡️ 𝐅𝐎𝐋𝐋𝐎𝐖 𝐌𝐄 on github for more pentest tips: https://github.com/CSbyGB ⬅️

Forensics

https://forensics.wiki/

• Digital forensics Diary series ✔️
• Practical Malware Analysis ✔️
• File System 📖
• eForensics Magazine 📖
  • MacOS Forensics
  • Hiding and carving data
  • Threat Hunting
• https://github.com/cugu/awesome-forensics

NTFS

[1] Maxim Suhanov’s blog, containing lots of research of NTFS. He also writes general DFIR and reverse engineering articles. His twitter acc.

• https://eforensicsmag.com/course/ntfs-forensics-w40/ (use the course plan to plan your study)

macOS and Linux Forensics

✅ https://digitalforensicsurvivalpodcast.com/2022/06/27/dfsp-332-bash-histories/ 📝 https://github.com/Dead-Simple-Scripts/AutoLLR - use the script to get how to perform and what artefacts to collect on a Linux and macOS machine.

👥 Sarah Edwards is the main researcher in this field.

Cloud Forensics

Windows Forensics

SANS Courses of interest

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics FOR518: Mac and iOS Forensic Analysis and Incident Response FOR509: Enterprise Cloud Forensics and Incident Response

FOR589: Dark Web Threat Hunting & Blockchain Forensics - NEW SANS DFIR Course FOR528: Ransomware for Incident Responders FOR608: Enterprise-Class Incident Response & Threat Hunting

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques FOR710: Reverse-Engineering Malware: Advanced Code Analysis

Case Studies

https://digitalforensicsurvivalpodcast.com/2021/09/28/dfsp-293-case-study-ransomware/ https://digitalforensicsurvivalpodcast.com/2021/11/16/dfsp-300-case-study-ocean-lotus/

Crypto

• MIT
  • https://ocw.mit.edu/courses/6-875-cryptography-and-cryptanalysis-spring-2005/
  • https://ocw.mit.edu/courses/6-876j-advanced-topics-in-cryptography-spring-2003/
  • https://ocw.mit.edu/courses/6-897-selected-topics-in-cryptography-spring-2004/
  • https://ocw.mit.edu/courses/15-s12-blockchain-and-money-fall-2018/
• Coursera
  • https://www.coursera.org/learn/cryptography/home/week/1

Pentest

• Web Application Hacking Handbook ✔️
• Hacking: the Art of Exploitation 📖
• Pentest Diary Series 📖

General

• Code, Charles Pitzhold 📖
• MIT lectures https://ocw.mit.edu/courses/6-858-computer-systems-security-fall-2014/resources/lecture-1-introduction-threat-models/

Podcasts

✔️ means subscribed, ✅ means I now listen to it regularily

• SANS DFIR WebCast
• SANS Stormcenter
• Digital Forensics Survival Podcast ✅
• SANS Blueprint
• Darknet Diaries

Blogs

Mathmetics

• Brilliant idea: https://mathigon.org/course/probability/monty-hall. I hope this project will evolve further
• Khan Academy, of course
• https://www.coursera.org/specializations/mathematics-machine-learning for machine learning
• https://howtolearnmachinelearning.com/

Courses

• Udemy Compute Forensics
• Udemy Mobile Forensics
• Udemy Network Forensics
• Udemy SDF Prefetch Forensics 🍔
• Udemy SDF Memory Forensics 1
• Udemy SDF Memory Forensics 2 👀 ❗
• Udemy SDF RAM Extraction Fundamentals ❗
• Udemy SDF LNK
• Udemy SDF Windows Shellbags
• Udemy SDF Shimcache
• Udemy SDF Weblog
• Udemy SDF Windows Explorer
• Udemy SDF Shadow Copy
• Udemy SDF Resolving Attached USBs
• Udemy SDF Imaging a Mac Fusion Drive (low priority)
• Udemy SDF Understanding OSX Timestamps (low priority)
• Udemy Python for Forensics 👀