Useful websites: Difference between revisions

Below are many websites which provide useful information for security practitioners and those learning about security. This topic is going to eventually get unmanageable, and will need reorganized and broken down into some categories. However, until I start filling in more valuable sites, I'm not sure how I'm going to break it down. Expect format changes in the future.

• AD Security - An infrequently updated but useful guide to attacking and defending Active Directory
• Awesome Cybersecurity Blue Team - A GitHub page loaded with resources for blue team specialists.
• DFIR Diva's Digital Forensics and Incident Response Blog - Geared towards beginners, this links free and affordable training, resources, and a job board
• Five Pillars of an Information/Cyber Security Professional - A guide to the 5 key areas of proficiency necessary to excel in security
• The hacking sub-reddit wiki - Much of the collected wisdom and guidance of /r/hacking, with a glossary, movie recommendations, an FAQ, hacking resources, and so much more. Well worth leaving this page to peruse
• HackTricks - Penetration testing, red team testing, and CTF tips
• Have I Been Pwned? - A site for checking whether your email or password is in a data breach
• LOLBAS - Living off the Land Binaries, Scripts, and Libraries - A site dedicated to helping you take advantage of common tools that might already be loaded on your target system
• m0nad's Awesome Privilege Escalation - A collection of Linux, Windows, Docker, and Cloud privilege escalation tips.
• Shodan web search engine - "Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions."
• Vulnhub - A collection of intentionally vulnerable, downloadable virtual machines to practice your security skills
• VX-Underground - The largest collection of malware source code, samples, and papers on the internet. For more information, also follow the vx-underground Twitter account