Defensive Methodology / SIEM / EDR / XDR
- BOTS by Splunk : https://bots.splunk.com
- AD Security : https://adsecurity.org
- The DFIR Report : https://thedfirreport.com
- MITRE ATT&CK® : https://attack.mitre.org
- MITRE D3FFND® : https://d3fend.mitre.org
- DETTECT : https://github.com/rabobank-cdc/DeTTECT
- CVE : https://cve.mitre.org / https://www.cvedetails.com
- CWE : https://cwe.mitre.org
- NVD : https://nvd.nist.gov
- Alien Vault : https://otx.alienvault.com
- Filesec.io : https://filesec.io
- Lolbas : https://lolbas-project.github.io
- WADcoms : https://wadcoms.github.io
- Exploit DB : https://www.exploit-db.com
- Ranson DB : https://www.ransom-db.com
- Have I Been Pwned : https://haveibeenpwned.com
- Dehashed : https://www.dehashed.com
- UnProtect : https://www.unprotect.it
- Grayhat Warfare : https://buckets.grayhatwarfare.com
Tools
- Virus Total : https://www.virustotal.com/gui/home/upload
- Hybrid Analysis : https://www.hybrid-analysis.com
- Url Scan : https://urlscan.io
- Any Run : https://app.any.run
- Browserling : https://www.browserling.com
- Gephi : https://gephi.org
- MX Toolbox : https://mxtoolbox.com
- Emkei's Fake Mailer : http://elenco.leoalfre.altervista.org/beta/FakeMail/index.html
- Hurricane Electric BGP : https://bgp.he.net
- 10minutemail : https://10minutemail.com
- DNSPedia : https://dnpedia.com/tlds/daily.php
- DNSlytics : https://dnslytics.com
- Namecheap : https://www.namecheap.com
Softwares
- Splunk Security : https://www.splunk.com/en_us/products/cyber-security.html
- Elastic Security : https://www.elastic.co/fr/security
- Wazuh : https://wazuh.com
- Crowdsec : https://www.crowdsec.net
- Redline : https://www.fireeye.com/content/dam/fireeye-www/services/freeware/ug-redline.pdf
- Phistool : https://www.phishtool.com
- Threat Connect : https://threatconnect.com
- Hunter AI : https://www.hunters.ai
- Velociraptor : https://docs.velociraptor.app
Roadmap