Links Úteis

28-10-2023

Blogs

Youtubers

Github profiles

VMs & Distros

Web Scanners

Vazamento de Senhas e Dados - Leaks - Threat Intelligence

OSINT

Steganography / Esteganografia

  • https://www.aperisolve.com | Reune várias ferramentas de análise de imagem e uma única requisição web)
  • HxD | Visualizador hexdecimal de arquivos)
  • stegseek | Procura por palavras dentro de uma arquivo de imagem baseado em uma lista (rockyou, por exemplo)
  • binwalk | Usado principalmente para extrair outros arquivos escondidos dentro de outros arquivos
  • steghide | Inserir ou extrair outros arquivos inseridos e protegidos com senha em outros arquivos
  • strings | Comando strings, ferramenta linux que analisa possíveis strings de arquivos, locais, etc
  • exiftool | Comando/ferramenta linux que analisa as informações EXIF de um arquivo
  • goblyn | Captura de metada em arquivo de um website files
  • Artigo sobre importância dos metadados para a segurança: https://www.kaspersky.com.br/blog/office-documents-metadata/7192/

Web Tools

Tools

Pentest & Recon

Fuzz

  • Wfuzz

    1
    2
    3
    - Enumera subdiretórios baseado em wordlist
    - Exemplo => wfuzz -c -z file,/usr/share/wfuzz/wordlist/general/common.txt --hc 404 http://192.168.56.102/dvwa/FUZZ
    - Tem que ter o "FUZZ" no final, não é só exemplo
  • ffuf

    1
    - Comando exemplo => ffuf -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-big.txt -u http://198.211.107.250:1337/FUZZ --fs 169
  • Feroxbuster

    1
    2
    3
    4
    - Repo: https://github.com/epi052/feroxbuster
    - Comandos
    `sudo apt install -y feroxbuster`
    `feroxbuster -u https://some-example-site.com`

Browser plugins

  • DotGit
  • Link Gopher
  • Http Header Live
  • JS Beautifier
  • KeyFinder
  • Web scan
  • Wappalyzer

Pentest (DAST)

Analisadores de tráfego

Mobile

Listas

Sobre API keys

Sobre AWS

Criptografia, Hash databases e crackers

Wordlists

Aplicação para validação de web scanners

Databases para verificação de vulnerabilidade de bibliotecas

Verificação de DNS

E-mail Analysis

Malware Analysis

Mapas mentais, diagramas e prototipação

Compartilhamento de arquivos e textos

Emissão de certificado Https baixo ou nenhum custo

CORS ByPass

Reverse Tabnabbing

Third party libraries

CSP

Lax vs Strict
https://blog.benpri.me/blog/2019/05/13/samesite-cookies-in-practice/

CTF - Security Games & Learning

I Know What You Download
https://iknowwhatyoudownload.com/en/peer/

Regras de boas práticas para desenvolvimento do Sonar
https://rules.sonarsource.com/csharp

CheatSheets e prevenções

Geral - OWASP cheatsheetseries link
XSS - Portswigger XSS cheatsheet link
XSS - OWASP XSS cheatsheet link
DOM XSS - OWASP DOM XSS cheatsheet link
XSS - PayloadsAllTheThings payloads link
Markdown XSS - https://github.com/cujanovic/Markdown-XSS-Payloads/blob/master/Markdown-XSS-Payloads.txt
SQLi - Portswigger SQLi cheatsheet link
SQLi - Netsparker SQLi cheatsheet link
Privilege Escalation - https://github.com/Ignitetechnologies/Privilege-Escalation/
Burp - https://github.com/Ignitetechnologies/BurpSuite-For-Pentester
Malware - https://github.com/malwares

Sniping Insecure Cookies with XSS

Angular template injection

Web Cache Deception

Services

.Net

Calcular nível de vulnerabilidades

Coleção de relatórios de pentestes

Eventos

Eventos/Conferências Brasileiras de SI

Security Awareness

Personal Security Checklist

Cofre de senhas

Phishing

IA geradore de perfis que não existem

Critérios de segurança no código

Guides

HackTricks
https://book.hacktricks.xyz

The National Cyber Security Centre
https://www.ncsc.gov.uk/

CTO Security Checklist/Guide
https://www.goldfiglabs.com/guide/saas-cto-security-checklist/

OWASP Top 10 controle proativos
https://owasp.org/www-project-proactive-controls/

IoT Security
https://www.bekk.christmas/post/2021/14/segment-your-home-network-today

Bugbounty Tips
https://github.com/KingOfBugbounty/KingOfBugBountyTips

Verificação de assinaturas de arquivos
https://www.garykessler.net/library/file_sigs.html

Analisando mensagens HTTP com Burp Suite e FoxyProxy
https://luan-cf-bnu.medium.com/analisando-mensagens-http-com-burp-suite-e-foxyproxy-9fb0a32d6fa4

4 coisas que todo relatório deve ter
https://rhinosecuritylabs.com/penetration-testing/four-things-every-penetration-test-report/

Focar nos itens importantes do guide, como e o que utilizar
https://www.apriorit.com/dev-blog/622-qa-web-application-pen-testing-owasp-checklist

Security Design Guidelines for Web Services
https://msdn.microsoft.com/en-us/library/ff649737.aspx

Sobre HSTS
https://www.troyhunt.com/understanding-http-strict-transport

12 Discas contra DDoS
https://blog.4linux.com.br/12-metodos-para-prevenir-ddos/

Como implementar corretamente o Salt
https://crackstation.net/hashing-security.htm

Dicas para quem programa em .Net
https://cheatsheetseries.owasp.org/cheatsheets/DotNet_Security_Cheat_Sheet.html (Tópico ‘ASP NET Web Forms Guidance’, sobre CSRF e ViewState)

Comunicação segura: Jitsi, Signal ou Wire
https://thehackernews.com/2020/04/zoom-cybersecurity-hacking.html

For everything else that requires sharing sensitive information, there are more secure options like self-hosted Jitsi, Signal and Wire.

WCF: Dicas de client
https://www.oreilly.com/library/view/programming-wcf-services/9781449382476/ch01s13.html

Fundamentos do GC
https://docs.microsoft.com/en-us/dotnet/standard/garbage-collection/fundamentals?redirectedfrom=MSDN#background_server_garbage_collection

CVE-2021-44228 - Log4j

1
2
3
4
https://youtu.be/7qoPDq41xhQ

Exploit Demo: https://github.com/leonjza/log4jpwn
Shell Check: https://log4shell.huntress.com/

Livros

The Code Book: The Secrets Behind Codebreaking
The Art of Deception (Kevin Mitnick)

Cursos, certificados e conteúdos gratuítos

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Great Free Cyber Security Courses

↓ Core ↓
Cisco Network Essentials - https://www.netacad.com/courses/networking/networking-essentials
Palo Alto - https://www.paloaltonetworks.com/cyberpedia/free-cybersecurity-education-courses
AWS Cloud - https://explore.skillbuilder.aws/learn/signin
Azure Cloud - https://learn.microsoft.com/en-us/training/azure/
GCP Cloud - https://cloud.google.com/learn/training

↓ Fundamentals ↓
SANS Aces - https://www.sans.org/cyberaces/
ISC(2) Certified in Cyber - https://www.isc2.org/Certifications/CC
Coursera - https://www.coursera.org/learn/foundations-cybersecurity
EC-Council - https://www.eccouncil.org/cybersecurity-exchange/cyber-novice/free-cybersecurity-courses-beginners/
Cyber Security - https://www.classcentral.com/course/swayam-cyber-security-13978
Cisco Cyber Induction - https://www.netacad.com/courses/cybersecurity/introduction-cybersecurity
Fortinet NSE - https://www.fortinet.com/training/cybersecurity-professionals

↓ Penetration Testing ↓
TCM-Security - https://academy.tcm-sec.com/p/learn-penetration-testing-free
PortSwigger Web Hacking - https://portswigger.net/web-security
CodeRed Hacking Essentials - https://codered.eccouncil.org/course/ethical-hacking-essentials
RedTeaming - https://taggartinstitute.org/p/responsible-red-teaming
METASPLOIT UNLEASHED - https://www.offsec.com/metasploit-unleashed/
Hacker101 - https://www.hackerone.com/hackers/hacker101

↓ Vulnerability Management ↓
Qualys - https://www.qualys.com/training/
Class Central - https://www.classcentral.com/course/get-started-with-vulnerability-assessment-70775

↓ SIEM ↓
Splunk - https://www.splunk.com/en_us/training/free-courses/overview.html
QRadar - https://www.securitylearningacademy.com/local/navigator/index.php?level=siem01&roadmapId=65
Elastic - https://www.elastic.co/training/elastic-security-fundamentals-siem
XPERT - https://www.siemxpert.com/online-cybersecurity-courses.html

↓ Engineering ↓
Oxford - https://www.oxfordhomestudy.com/courses/cyber-security-courses/free-cyber-security-courses
IoT Privacy - https://www.edx.org/course/cybersecurity-and-privacy-in-the-iot
Secure Software Development - https://training.linuxfoundation.org/training/developing-secure-software-lfd121/
Maryland Software Security - https://www.classcentral.com/course/software-security-1728

𝗙𝗿𝗲𝗲 𝗩𝗶𝗱𝗲𝗼𝘀: ISO 27001, SOC 2, and PCI DSS Full Framework Reviews

1
2
3
4
5
6
7
8
9
10
11
𝟭. 𝗜𝗦𝗢 𝟮𝟳𝟬𝟬𝟭 𝗙𝘂𝗹𝗹 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸 𝗥𝗲𝘃𝗶𝗲𝘄 (https://youtu.be/Ou8cFdjMYWw?si=TeTT47YGVYCzCb3n)

We spend an hour covering every control in ISO 27001 Annex A line by line. We offer advice on how you can implement, what the auditor will look for, and a few tips.

𝟮. 𝗦𝗢𝗖 𝟮 𝗙𝘂𝗹𝗹 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸 𝗥𝗲𝘃𝗶𝗲𝘄 (https://www.youtube.com/watch?v=2rAz9VohEdE&ab_channel=risk3sixty)

This is one I did myself. SOC 2 criteria up on the screen. I cover every point of focus and common controls that will meet the SOC 2 criteria. I also give some tips on how to implement and what and auditor would look for.

𝟯. 𝗣𝗖𝗜 𝗗𝗦𝗦 𝗙𝘂𝗹𝗹 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸 𝗥𝗲𝘃𝗶𝗲𝘄 (https://www.youtube.com/watch?v=OIRrDbuRfO8&ab_channel=risk3sixty)

We spend an hour covering all 12 PCI DSS requirements. There is also a great breakdown of common assessment findings we see often during audits.