Helpful Links
Cybersecurity Resources
We are thankful for the cybersecurity community members that create and/or curate content – as well as IOCs – to share with others. Also, for the organizations that host threat exchange platforms to facilitate free access to community-sourced data. We publish indicators to Alien Vault OTX and Blueliv Threat Exchange Network.
Education and Research Links
Our team compiled a list of cybersecurity resources that they have used or saved during the course of their work. These links are organized by category and shared below. Due to the vast amount of information to which these links lead, Malware Patrol cannot endorse them or ensure their accuracy however.
Feel free to contact us if you have additional resources to suggest.
DDoS
Advanced DDoS Mitigation Techniques (NIST)
How distributed denial of service attacks are evolving (CSO)
Distributed Denial Of Service (DDOS) Attacks (Identity Theft Scout)
What is a DDoS Attack? (Cloudflare)
DNS
Building a DNS Blackhole with FreeBSD
DNS Privacy Frequently Asked Questions (FAQ) (InternetSociety.org)
DNS Response Policy Zone (RPZ) (Barry Greene/Vernon Schryver)
DNS Security (Part 1): Issues in DNS Security (TechGenix)
DNS Security (Part 2): DNS Security Steps Prior to Deploying DNSSEC (TechGenix)
Education & Research Tools
10 Free or Low-Cost Security Tools (Dark Reading)
51 Tools for Security Analysts (WordFence)
The Book of Secret Knowledge (@trimstray, Github)
Community Tools (Crowdstrike)
CSIRT Services Framework (FIRST)
Database Security Tools (Infosec Institute)
Free & Open Source Computer Forensics Tools (Infosec Institute)
Online Security Classes (Open Security Training)
OSINT IntelTechniques (Michael Bazzell)
OWASP (OWASP)
Pentest Tools (Carrie Roberts/Tripwire)
SANS Investigative Forensic Toolkit (SIFT)
Security APIs (Alexander Jäger)
Malware
BinDiff and BinNavi Reverse Engineering Software (Zynamics)
Explained: Packer, Crypter, and Protector (Malwarebytes)
Malware Reports (SecureList)
Malware Stats & Trends (Barkly)
What are exploits? (And why you should care) (Malwarebytes)
Why Domain Generating Algorithms (DGAs)? (TrendMicro)
Phishing
6 Common Phishing Attacks and How to Protect Against Them (TripWire)
A Technical Demonstration of an Email Phishing Attack (Bsides Philly)
FTC Guidance for Handling Phishing Scams (National Law Review)
Typosquatting: Awareness and Hunting (SANS)
What is Phishing? (Phishing.org)
Ransomware
Before You Pay that Ransomware Demand (Brian Krebs)
GandCrab Decryption Tool (BitDefender)
Ransomware Detection and Decryption Tools (VinRansomware)
Ransomware: Expert advice on how to keep safe and secure (ESET)
Ransomware Listing (NJCCIC)