VirusBay is a web-based, collaboration platform that connects security operations center (SOC) professionals with relevant malware researchers.
VirusBay is designed to help organizations effectively respond to and recover from an IT security incident when it is not possible for an external expert to visit their facility.
IOCs
VirusBay enables an affected enterprise to collaborate with malware researchers on Indicators of Compromise and the creation of an incident report, among other things. In return, the researcher gains access to malware samples for analysis to improve detection for all.
The ultimate goal of VirusBay is to build a community of expertise and data sharing.
https://beta.virusbay.io/
The project platform is ready for beta-sharing and is currently being presented to the research community for feedback and expressions of interest.
VirusBay is designed to help organizations effectively respond to and recover from an IT security incident when it is not possible for an external expert to visit their facility.
IOCs
VirusBay enables an affected enterprise to collaborate with malware researchers on Indicators of Compromise and the creation of an incident report, among other things. In return, the researcher gains access to malware samples for analysis to improve detection for all.
The ultimate goal of VirusBay is to build a community of expertise and data sharing.
https://beta.virusbay.io/
The project platform is ready for beta-sharing and is currently being presented to the research community for feedback and expressions of interest.
Forwarded from cissp (Alireza Ghahrood)
https://t.me/cissp
International channel for Transmission Knowledge In the field of Cyber Security with a Focus on the Content of the CISSP-ISC2 course
+also group:
@cisspgroup
International channel for Transmission Knowledge In the field of Cyber Security with a Focus on the Content of the CISSP-ISC2 course
+also group:
@cisspgroup
Telegram
cissp
@cissp
International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course
- - - - - - - - - -
+also group: https://t.me/cisspgroup
—————————
@alirezaghahrood
International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course
- - - - - - - - - -
+also group: https://t.me/cisspgroup
—————————
@alirezaghahrood
soc
Bug bounty
Hunting
data anayltics
SANS
Cert
Cyber security
elearn
ceh
ecsa
Programming
Forensic
Pentest
windows os
And els
and many. more the link expires on March 15
Download :
https://mega.nz/#F!2fRgmYSa!dvEPOubQEBUiRaXu7SktBg
Bug bounty
Hunting
data anayltics
SANS
Cert
Cyber security
elearn
ceh
ecsa
Programming
Forensic
Pentest
windows os
And els
and many. more the link expires on March 15
Download :
https://mega.nz/#F!2fRgmYSa!dvEPOubQEBUiRaXu7SktBg
ANSI:American National Standard Institute
www.ansi.org
EIA:Elctronuc Industrial Alliance
www.eia.org
TIA:Telecommunications Industry
www.tiaonline.org
ICEA:Insulated Cable Engineers Association
www icea.net
NFPA:National Fire Protection Association
www.nfpa.org
NEMA:National Electrical Manufacturers Association
www.nema.org
FCC:Federal Communication Commission
www.fcc.gov
UL:Underwriters Laboratories
www.ul.com
ISO:International Organization for Standardization
www.iso.org
IEC:International Electrotechnical Commission
www.iec.ch
IEEE:Institute of Electrical and Electronic Engineers
www.ieee.org
NIST:National Institute of Standards and Technology
www.nist.gov
ITU:International Telecommunications Union
www.itu.int
CSA :Canadian Standard Association
www.csa.ca
ETSI:European Telecommunications Standards Institute
www.etsi.org
BICSI:Building Industry Consulting Services International
www.bicsi.org
OSHA:Occupational Safety and Health Administration
www.osha.gov
www.ansi.org
EIA:Elctronuc Industrial Alliance
www.eia.org
TIA:Telecommunications Industry
www.tiaonline.org
ICEA:Insulated Cable Engineers Association
www icea.net
NFPA:National Fire Protection Association
www.nfpa.org
NEMA:National Electrical Manufacturers Association
www.nema.org
FCC:Federal Communication Commission
www.fcc.gov
UL:Underwriters Laboratories
www.ul.com
ISO:International Organization for Standardization
www.iso.org
IEC:International Electrotechnical Commission
www.iec.ch
IEEE:Institute of Electrical and Electronic Engineers
www.ieee.org
NIST:National Institute of Standards and Technology
www.nist.gov
ITU:International Telecommunications Union
www.itu.int
CSA :Canadian Standard Association
www.csa.ca
ETSI:European Telecommunications Standards Institute
www.etsi.org
BICSI:Building Industry Consulting Services International
www.bicsi.org
OSHA:Occupational Safety and Health Administration
www.osha.gov
Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.
github.com/gophish/gophish
github.com/gophish/gophish
GitHub
GitHub - gophish/gophish: Open-Source Phishing Toolkit
Open-Source Phishing Toolkit. Contribute to gophish/gophish development by creating an account on GitHub.
Linux- Pentest os
1. TAILS: The Amnesiac Incognito Live System
2. JonDo Live-DVD
3. Whonix
4. Qubes OS
5. UPR (Ubuntu Privacy Remix)
1. TAILS: The Amnesiac Incognito Live System
2. JonDo Live-DVD
3. Whonix
4. Qubes OS
5. UPR (Ubuntu Privacy Remix)
These tools can boost DevOps and DevSecOps efforts by integrating security into the development process
A key concept to understand in application security is that of the Software Development Lifecycle (SDLC). In that process, there are stages for code development, deployment and ongoing maintenance. As part of that lifecycle there are a number of critical application security approaches.
-Static Analysis: At the foundational level is the security of the application code as it is being developed, which is often an area where static code analysis tools (SCAT) can play a role. This area is called static application security testing, or SAST.
-Dynamic Analysis: For code that is running, dynamic application security testing (DAST) enables the detection of different types of security risks.
-Interactive Application Security Testing: Combining both DAST and SAST approaches is the domain of Interactive Application Security Testing (IAS).
-Software Composition Analysis (SCA): There can also be configuration issues with applications that can potentially be exploited. There are also software dependency and libraries that have known vulnerabilities, which is where vulnerability management capabilities fit in
• Acunetix
Acunetix provides a web application security scanner platform that can help organizations of any size identify potential issues in deployed applications.
• Checkmarx
CheckMarx positions itself as a platform for managing and understanding software exposure risk. It is well suited for mid-to-large organizations looking for the ability to do static code analysis and interactive application testing in a scalable approach.
• Micro Focus Fortify
Fortify is a good option for organizations looking for an easy to use solution for application security testing and monitoring.
• NowSecure
NowSecure is focused on mobile security and enabling developers to integrate secure practices and code as part of the mobile DevOps lifecycle.
• Rapid7
Rapid7's insightAppSec is well suited for organizations of any size that are looking for dynamic application security testing that provides developers with the ability to also test if a fix actually works.
• Snyk
Snyk's technology enables organizations to monitor applications for potential risks stemming from underlying application dependencies that can change over time.
• Synopsys
Synopsys has a broad portfolio of application security tools that can meet different needs, as well as a new overarching platform that can take a more holistic approach than point products.
• Veracode
Veracode's Application Security Platform is well suited for both developers and security professionals at organizations of any size looking for multiple application security scanning capabilities.
• Whitehat
Whitehat's platform provides a solid basis for organizations with separate developer and security teams to stay on top of potential risks and identify both known and unknown application vulnerabilities.
A key concept to understand in application security is that of the Software Development Lifecycle (SDLC). In that process, there are stages for code development, deployment and ongoing maintenance. As part of that lifecycle there are a number of critical application security approaches.
-Static Analysis: At the foundational level is the security of the application code as it is being developed, which is often an area where static code analysis tools (SCAT) can play a role. This area is called static application security testing, or SAST.
-Dynamic Analysis: For code that is running, dynamic application security testing (DAST) enables the detection of different types of security risks.
-Interactive Application Security Testing: Combining both DAST and SAST approaches is the domain of Interactive Application Security Testing (IAS).
-Software Composition Analysis (SCA): There can also be configuration issues with applications that can potentially be exploited. There are also software dependency and libraries that have known vulnerabilities, which is where vulnerability management capabilities fit in
• Acunetix
Acunetix provides a web application security scanner platform that can help organizations of any size identify potential issues in deployed applications.
• Checkmarx
CheckMarx positions itself as a platform for managing and understanding software exposure risk. It is well suited for mid-to-large organizations looking for the ability to do static code analysis and interactive application testing in a scalable approach.
• Micro Focus Fortify
Fortify is a good option for organizations looking for an easy to use solution for application security testing and monitoring.
• NowSecure
NowSecure is focused on mobile security and enabling developers to integrate secure practices and code as part of the mobile DevOps lifecycle.
• Rapid7
Rapid7's insightAppSec is well suited for organizations of any size that are looking for dynamic application security testing that provides developers with the ability to also test if a fix actually works.
• Snyk
Snyk's technology enables organizations to monitor applications for potential risks stemming from underlying application dependencies that can change over time.
• Synopsys
Synopsys has a broad portfolio of application security tools that can meet different needs, as well as a new overarching platform that can take a more holistic approach than point products.
• Veracode
Veracode's Application Security Platform is well suited for both developers and security professionals at organizations of any size looking for multiple application security scanning capabilities.
• Whitehat
Whitehat's platform provides a solid basis for organizations with separate developer and security teams to stay on top of potential risks and identify both known and unknown application vulnerabilities.
Trend- ebOok 4 Hacking
1.
Advanced Penetration Testing
269 Pages
2.
The Basics of Web Hacking
179 Pages
3.
The Basics of Hacking and Penetration Testing
178 Pages
4.
The Art of Deception by Kevin Mitnick
577 Pages
5.
SQL Injection Attacks and Defense
761 Pages
6.
Metasploit – The Penetration Tester’s Guide
332 Pages
7.
Ethical Hacking and Penetration Testing Guide
523 Pages
8.
Network Attacks and Exploitation – A Framework
219 Pages
9.
Python Web Penetration Testing Cookbook
224 Pages
10.
Wireshark for Security Professionals
391 Pages
11.
Mastering Modern Web Penetration Testing
298 Pages
12.
The Shellcoder’s Handbook
745 Pages
13.
The Little Black Book of Computer Viruses
183 Pages
14.
XSS Attacks – Cross Site Scripting Exploits and Defense
482 Pages
15.
The Web Application Hacker’s Handbook
771 Pages
16.
Ethical Hacking and Countermeasures
239 Pages
17.
Reversing – Secrets of Reverse Engineering
619 Pages
18.
Network Security Bible
697 Pages
19.
Hacking Web Applications – Hacking Exposed
416 Pages
20.
Hacking for Dummies
387 Pages
21.
Hacking Wireless Network for Dummies
387 Pages
22.
Ninja Hacking – Unconventional Penetration Testing Tacting and Techniques
314 pages
23.
Professional Penetration Testing
525 Pages
24.
Gray Hat Hacking – The Ethical Hacker’s Handbook
577 Pages
25.
Hack Attacks Testing
561 Pages
26.
Basic Security Testing with Kali Linux
242 Pages
27.
Mastering Kali Linux for Advanced Penetration Testing
356 Pages
28.
Kali Linux CTF Blueprints
190 Pages
29.
Kali Linux Cookbook
261 Pages
30.
Kali Linux – Assuring Security by Penetration Testing
454 Pages
31.
Information Security Management Handbook
3206 Pages
32.
Computer and Information Security Handbook
877 Pages
33.
CISSP – Certified Information Systems Security Professional
804 Pages
34.
Computer Security and Cryptography
542 Pages
35.
Python for Kids
348 Pages
36.
End to End Network Security – Defense-in-Depth
469 Pages
37.
A Guide to Computer Network Security
483 Pages
38.
Essential Computer Security
321 Pages
39.
Security in Wireless Mesh Networks
548 Pages
40.
Hacking Windows XP (OLD)
379 Pages
41.
Hacking Exposed – Windows Security, Secrets and Solutions
482 Pages
42.
Hacking Exposed – Network Security, Secrets and Solutions
736 Pages
43.
Information Security – Principles and Pratice
413 Pages
44.
Nessus, Snort and Ethereal Power Tools
472 Pages
45.
Active Defense – A Comprehensive Guide to Network Security
374 Pages
46.
Information Security Fundamentals
262 Pages
47.
Wireless Network Security
422 Pages
48.
Red Hat Linux Security and Optimization
721 Pages
49.
Windows Forensics Analysis
386 Pages
50.
Mobile and Wireless Network Security and Privacy
232 Pages
51.
Firewalls and Internet Security
456 Pages
52.
An Introduction to Computer Security – The NIST Handbook
290 Pages
53.
Unauthorized Access – Physical Penetration Testing for IT Security Teams
309 Pages
54.
Testing Web Security
297 Pages
55.
Maximum Security – A Hacker’s Guide to Protecting Your Internet Site and Network
670 Pages
56.
Information Resource Guide – Computer, Internet and Network Systems Security
325 Pages
57.
The Hacker’s Underground Handbook
116 Pages
58.
Guide to SCADA and Industrial Control Systems Security
164 Pages
59.
The International Handbook of Computer Security
274 Pages
60.
The Code Book – How to Make It, Break It, Hack It, Crack It
273 Pages
61.
Linux 101 Hacks
271 Pages
62.
Introduction to Linux – A Hands on Guide
223 Pages
63.
Bluetooth Security
222 Pages
64.
IT Governance – A Manager’s Guide to Data Security and ISO 27001/27002
385 Pages
65.
Batch File Programming
155 Pages
66.
Cracking the Coding Interview
310 Pages
67.
Dictionary of Networking
465 Pages
68.
Hacking Gmail
310 Pages
69.
Linux Complete Command Reference
1528 Pages
70.
Practical Hacking Techniques and Countermeasures
752 Pages
71.
The Art of Intrusion by Kevin Mitnick
291 Pages
72.
Hack Notes – Windows Security Portable Reference
289 Pages
73.
Hacing – The Next Generation
298 Pages
74.
Hacking the Cable Modem
1.
Advanced Penetration Testing
269 Pages
2.
The Basics of Web Hacking
179 Pages
3.
The Basics of Hacking and Penetration Testing
178 Pages
4.
The Art of Deception by Kevin Mitnick
577 Pages
5.
SQL Injection Attacks and Defense
761 Pages
6.
Metasploit – The Penetration Tester’s Guide
332 Pages
7.
Ethical Hacking and Penetration Testing Guide
523 Pages
8.
Network Attacks and Exploitation – A Framework
219 Pages
9.
Python Web Penetration Testing Cookbook
224 Pages
10.
Wireshark for Security Professionals
391 Pages
11.
Mastering Modern Web Penetration Testing
298 Pages
12.
The Shellcoder’s Handbook
745 Pages
13.
The Little Black Book of Computer Viruses
183 Pages
14.
XSS Attacks – Cross Site Scripting Exploits and Defense
482 Pages
15.
The Web Application Hacker’s Handbook
771 Pages
16.
Ethical Hacking and Countermeasures
239 Pages
17.
Reversing – Secrets of Reverse Engineering
619 Pages
18.
Network Security Bible
697 Pages
19.
Hacking Web Applications – Hacking Exposed
416 Pages
20.
Hacking for Dummies
387 Pages
21.
Hacking Wireless Network for Dummies
387 Pages
22.
Ninja Hacking – Unconventional Penetration Testing Tacting and Techniques
314 pages
23.
Professional Penetration Testing
525 Pages
24.
Gray Hat Hacking – The Ethical Hacker’s Handbook
577 Pages
25.
Hack Attacks Testing
561 Pages
26.
Basic Security Testing with Kali Linux
242 Pages
27.
Mastering Kali Linux for Advanced Penetration Testing
356 Pages
28.
Kali Linux CTF Blueprints
190 Pages
29.
Kali Linux Cookbook
261 Pages
30.
Kali Linux – Assuring Security by Penetration Testing
454 Pages
31.
Information Security Management Handbook
3206 Pages
32.
Computer and Information Security Handbook
877 Pages
33.
CISSP – Certified Information Systems Security Professional
804 Pages
34.
Computer Security and Cryptography
542 Pages
35.
Python for Kids
348 Pages
36.
End to End Network Security – Defense-in-Depth
469 Pages
37.
A Guide to Computer Network Security
483 Pages
38.
Essential Computer Security
321 Pages
39.
Security in Wireless Mesh Networks
548 Pages
40.
Hacking Windows XP (OLD)
379 Pages
41.
Hacking Exposed – Windows Security, Secrets and Solutions
482 Pages
42.
Hacking Exposed – Network Security, Secrets and Solutions
736 Pages
43.
Information Security – Principles and Pratice
413 Pages
44.
Nessus, Snort and Ethereal Power Tools
472 Pages
45.
Active Defense – A Comprehensive Guide to Network Security
374 Pages
46.
Information Security Fundamentals
262 Pages
47.
Wireless Network Security
422 Pages
48.
Red Hat Linux Security and Optimization
721 Pages
49.
Windows Forensics Analysis
386 Pages
50.
Mobile and Wireless Network Security and Privacy
232 Pages
51.
Firewalls and Internet Security
456 Pages
52.
An Introduction to Computer Security – The NIST Handbook
290 Pages
53.
Unauthorized Access – Physical Penetration Testing for IT Security Teams
309 Pages
54.
Testing Web Security
297 Pages
55.
Maximum Security – A Hacker’s Guide to Protecting Your Internet Site and Network
670 Pages
56.
Information Resource Guide – Computer, Internet and Network Systems Security
325 Pages
57.
The Hacker’s Underground Handbook
116 Pages
58.
Guide to SCADA and Industrial Control Systems Security
164 Pages
59.
The International Handbook of Computer Security
274 Pages
60.
The Code Book – How to Make It, Break It, Hack It, Crack It
273 Pages
61.
Linux 101 Hacks
271 Pages
62.
Introduction to Linux – A Hands on Guide
223 Pages
63.
Bluetooth Security
222 Pages
64.
IT Governance – A Manager’s Guide to Data Security and ISO 27001/27002
385 Pages
65.
Batch File Programming
155 Pages
66.
Cracking the Coding Interview
310 Pages
67.
Dictionary of Networking
465 Pages
68.
Hacking Gmail
310 Pages
69.
Linux Complete Command Reference
1528 Pages
70.
Practical Hacking Techniques and Countermeasures
752 Pages
71.
The Art of Intrusion by Kevin Mitnick
291 Pages
72.
Hack Notes – Windows Security Portable Reference
289 Pages
73.
Hacing – The Next Generation
298 Pages
74.
Hacking the Cable Modem
330 Pages
75.
Hackers Beware – Defending Your Network From The Wiley Hacker
817 Pages
76.
Hack Proofing Your Network
826 Pages
77.
Hack Attacks Revealed
837 Pages
78.
Dissecting the Hack – The F0rb1dd3n Network
441 Pages
79.
TCP/IP Guide
1671 Pages
80.
Offensive Security – Wireless Attacks – WiFu
385 Pages
81.
Google Hacking – For Penetration Testers
529 Pages
82.
Computer Forensics Investigating Network Intrusions and Cyber Crime
394 Pages
83.
Hakin9 Bible
207 Pages
84.
Network Forensics – Tracking Hackers Through Cyberspace
574 Pages
85.
Computer Forensics – Investigating Data and Image Files
227 Pages
86.
Penetration Testing and Network Defense
625 Pages
87.
Hacking Exposed – Malware and Rootkits
401 Pages
88.
Malware Analyst’s Cookbook
746 Pages
89.
Mobile Malware – Attacks and Defense
386 Pages
90.
Java 2 Network Security
702 Pages
91.
A Bug Hunter’s Diary
212 Pages
92.
Viruses Revealed – Undestand and Counter Malicious Software
721 Pages
93.
Figital Forensics With Open Source Tools
289 Pages
94.
SSH, The Secure Shell – The Definitive Guide
438 Pages
95.
Pro PHP Security
369 Pages
96.
Zero Day Exploit – Countdown to Darkness
363 Pages
97.
Metasploit Penetration Testing Cookbook
269 Pages
98.
24 Deadly Sins of Software Securtiy
433 Pages
99.
Botnets – The Killer Web App
482 Pages
100.
Hacker Highschool – Hack School for Beginners (ZIP)
https://hackingresources.com/hacking-security-ebooks/
75.
Hackers Beware – Defending Your Network From The Wiley Hacker
817 Pages
76.
Hack Proofing Your Network
826 Pages
77.
Hack Attacks Revealed
837 Pages
78.
Dissecting the Hack – The F0rb1dd3n Network
441 Pages
79.
TCP/IP Guide
1671 Pages
80.
Offensive Security – Wireless Attacks – WiFu
385 Pages
81.
Google Hacking – For Penetration Testers
529 Pages
82.
Computer Forensics Investigating Network Intrusions and Cyber Crime
394 Pages
83.
Hakin9 Bible
207 Pages
84.
Network Forensics – Tracking Hackers Through Cyberspace
574 Pages
85.
Computer Forensics – Investigating Data and Image Files
227 Pages
86.
Penetration Testing and Network Defense
625 Pages
87.
Hacking Exposed – Malware and Rootkits
401 Pages
88.
Malware Analyst’s Cookbook
746 Pages
89.
Mobile Malware – Attacks and Defense
386 Pages
90.
Java 2 Network Security
702 Pages
91.
A Bug Hunter’s Diary
212 Pages
92.
Viruses Revealed – Undestand and Counter Malicious Software
721 Pages
93.
Figital Forensics With Open Source Tools
289 Pages
94.
SSH, The Secure Shell – The Definitive Guide
438 Pages
95.
Pro PHP Security
369 Pages
96.
Zero Day Exploit – Countdown to Darkness
363 Pages
97.
Metasploit Penetration Testing Cookbook
269 Pages
98.
24 Deadly Sins of Software Securtiy
433 Pages
99.
Botnets – The Killer Web App
482 Pages
100.
Hacker Highschool – Hack School for Beginners (ZIP)
https://hackingresources.com/hacking-security-ebooks/
😃
No matter how your:
⛔️ firewall configuration is off the shelf and does fit YOUR business
⛔️ Intrusion Detection Systems don’t actually monitor the whole network and can be evaded
⛔️Cryptography is reviewed internally and has never been externally validated
⛔️ Anti-virus software can be bypassed by a 12 year old
No matter how your:
⛔️ firewall configuration is off the shelf and does fit YOUR business
⛔️ Intrusion Detection Systems don’t actually monitor the whole network and can be evaded
⛔️Cryptography is reviewed internally and has never been externally validated
⛔️ Anti-virus software can be bypassed by a 12 year old
Top 5 Data Center Environmental Monitoring Systems
http://www.sphomerun.com/blog/top-5-data-center-environmental-monitoring-systems
http://www.sphomerun.com/blog/top-5-data-center-environmental-monitoring-systems
Dcsmi
Top 5 Data Center Environmental Monitoring Systems
What’s the climate like in your server rooms? Are you using a data center Environmental Monitoring System? Here’s why you should.
Cyber Threat Intelligence Tools List:
-Formats
Standardized formats for sharing Threat Intelligence (mostly IOCs)
-Frameworks and Platforms
Frameworks, platforms and services for collecting, analyzing, creating and sharing Threat Intelligence
-Tools
All kinds of tools for parsing, creating and editing Threat Intelligence. Mostly IOC based
-Research, Standards & Books
All kinds of reading material about Threat Intelligence. Includes (scientific) research and whitepapers
https://gbhackers.com/cyber-threat-intelligence-tools/
-Formats
Standardized formats for sharing Threat Intelligence (mostly IOCs)
-Frameworks and Platforms
Frameworks, platforms and services for collecting, analyzing, creating and sharing Threat Intelligence
-Tools
All kinds of tools for parsing, creating and editing Threat Intelligence. Mostly IOC based
-Research, Standards & Books
All kinds of reading material about Threat Intelligence. Includes (scientific) research and whitepapers
https://gbhackers.com/cyber-threat-intelligence-tools/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
50 Best Free Cyber Threat Intelligence Tools - 2026
Best Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in networks and applications.
Instantly diagnose slowdowns and anomalies in your infrastructure with thousands of metrics, interactive visualizations, and insightful health alarms.
https://my-netdata.io
https://my-netdata.io
www.netdata.cloud
Netdata: Monitoring and troubleshooting transformed
Real-time infrastructure monitoring with per-second metrics, ML anomaly detection, and AI troubleshooting. Open source, #1 on GitHub. Cut MTTR by 80%.