├── EDX-course-notes.ctb
├── EDX-course-notes.pdf
├── MalwareLabSetup.pdf
├── README.md
├── WebappAttacks-2019.ctb
├── WebappAttacks-2019.pdf
├── compTIANetworking.ctb
├── compTIANetworking.pdf
├── ghidraTips.md
└── imgs
    └── functionediting.png


/EDX-course-notes.ctb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/EDX-course-notes.ctb


--------------------------------------------------------------------------------
/EDX-course-notes.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/EDX-course-notes.pdf


--------------------------------------------------------------------------------
/MalwareLabSetup.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/MalwareLabSetup.pdf


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Resource dump for learning cybersec related concepts
  2 | 
  3 | ![Security Certification Progression Chart 2020](https://i.redd.it/yo33xlys53141.png)
  4 | 
  5 | 
  6 | 1. [Coding Books & Courses](https://github.com/1d8/CybersecLearning#coding-books--courses)
  7 | 2. [Linux resources](https://github.com/1d8/CybersecLearning#operating-system-books)
  8 | 3. [Pentesting Resources](https://github.com/1d8/CybersecLearning#pentesting-resources)
  9 | 4. [Defensive Security Books](https://github.com/1d8/CybersecLearning#defensive-security-books)
 10 | 5. [Technical Resources](https://github.com/1d8/CybersecLearning#technical-readings)
 11 | 6. [Computer Forensics Resources](https://github.com/1d8/CybersecLearning#computer-forensics)
 12 | 7. [Networking Resources](https://github.com/1d8/CybersecLearning#networking-books)
 13 | 8. [Cybersec Story Style Books](https://github.com/1d8/CybersecLearning#cybersec-story-books)
 14 | 9. [Cryptocurrency Books](https://github.com/1d8/CybersecLearning#cryptocurrency-books)
 15 | 10. [Online Learning Resources](https://github.com/1d8/CybersecLearning#online-learning-resources)
 16 | 11. [Hardware Resources](https://github.com/1d8/CybersecLearning#hardware-resources)
 17 | 12. [Mobile Security Resources](https://github.com/1d8/CybersecLearning#mobile-security-resources)
 18 | 13. [Reverse Engineering - Malware Analysis Included](https://github.com/1d8/CybersecLearning#reverse-engineering-resources-malware-analysis-resources-included)
 19 | 14. [Privacy-Oriented Alternatives to Software](https://github.com/1d8/CybersecLearning#privacy-oriented-alternatives-to-software)
 20 | 15. [Misc.](https://github.com/1d8/CybersecLearning#misc)
 21 | 16. [Windows resources](https://github.com/1d8/CybersecLearning/blob/master/README.md#windows-books)
 22 | 17. [Social Engineering Resources]()
 23 | 
 24 | ## Coding books & courses
 25 | 
 26 | * Python Data Science Handbook
 27 | * Python Machine Learning
 28 | * Python for Finance
 29 | * Think like a Programmer (Anton Spraul)
 30 | * Windows Powershell in Action
 31 | * Learn Windows Powershell in a Month of Lunches
 32 | * Data Science from Scratch
 33 | * Perl One-Liners: 130 Programs That Get Things Done
 34 | * Wicked Cool Shell Scripts: 101 Scripts for Linux, OS X, & Unix Systems
 35 | * Javascript the Definitive Guid
 36 | * Designing Data Intensive Applications
 37 | * Developing 2D Games with Unity: Independent Game Programming with C#
 38 | * Learning React Native: Building Native Mobile Apps with JavaScript
 39 | * [NSA Python course](https://nsa.sfo2.digitaloceanspaces.com/comp3321.pdf)
 40 | * [Free full stack dev course](https://fullstackopen.com/en/)
 41 | * [List of free coding books](https://github.com/EbookFoundation/free-programming-books/blob/master/free-programming-books.md)
 42 | * [Various python concepts](https://www.pythonprogramming.net/)
 43 | * [How to solve it, get you thinking in terms of alogrithms](https://www.amazon.com/How-Solve-Aspect-Mathematical-Method-ebook/dp/B0073X0IOA/ref=sr_1_1?dchild=1&keywords=how+to+solve+it&qid=1587586334&sr=8-1)
 44 | * [C programming manual Kerninghan & Ritchie](https://hikage.freeshell.org/books/theCprogrammingLanguage.pdf)
 45 | 
 46 | ## Linux Books
 47 | 
 48 | * Linux Firewalls: Attack Detection & Response w/iptables, psad, & fwsnort
 49 | * How Linux Works: What Every Superuser Should Know
 50 | * Absolute FreeBSD: The Complete Guide to FreeBSD
 51 | * Modern Operating Systems
 52 | * [AT&T archives - Unix OS](https://www.youtube.com/watch?v=tc4ROCJYbm0)
 53 | * [Explain Shell - explains different shell cmds](https://explainshell.com/)
 54 | * [Linux journey](https://linuxjourney.com/)
 55 | * [Operating systems: 3 easy pieces](https://www.amazon.com/Operating-Systems-Three-Easy-Pieces/dp/198508659X/ref=sr_1_1?dchild=1&keywords=Operating+Systems%3A+Three+Easy+Pieces&qid=1591410786&sr=8-1)
 56 | * [How Linux Works](https://www.amazon.com/How-Linux-Works-2nd-Superuser/dp/1593275676/ref=sr_1_1?dchild=1&keywords=How+Linux+Works&qid=1591410842&sr=8-1)
 57 | * [The Linux Bible](https://www.amazon.com/Linux-Bible-Christopher-Negus/dp/1119578884/ref=sr_1_1?dchild=1&keywords=The+Linux+Bible%3A&qid=1591410897&sr=8-1)
 58 | * [Unix & Linux sysadmin](https://www.amazon.com/Evi-Nemeth/dp/0134277554/ref=sr_1_2?dchild=1&keywords=Unix+and+Linux+System+Administration+Handbook%3A&qid=1591410920&sr=8-2)
 59 | * [Linux Programming Interface](https://www.amazon.com/Linux-Programming-Interface-System-Handbook/dp/1593272200/ref=sr_1_2?dchild=1&keywords=Linux+Programming+Interface%3A&qid=1591410946&sr=8-2)
 60 | * [Build Linux distro from scratch](http://www.linuxfromscratch.org/)
 61 | * [Linux internals simplified](https://www.amazon.com/Linux-Internals-Simplified-beginners-guide-ebook/dp/B087ZKXGRC/ref=sr_1_1?dchild=1&keywords=Linux+internals+simplified&qid=1591411012&sr=8-1)
 62 | 
 63 | ## Windows Books
 64 | 
 65 | * [Win internals](https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189/ref=sr_1_1?dchild=1&keywords=windows+internals&qid=1591411119&sr=8-1)
 66 | * [Intro to winapi with C](http://zetcode.com/gui/winapi/)
 67 | * [Winapi coding with C](http://www.winprog.org/tutorial/start.html)
 68 | 
 69 | ## Pentesting Resources
 70 | 
 71 | * Hands on Pentesting w/Python
 72 | * Kali Linux Revealed
 73 | * CEH Certification books
 74 | * Understanding Network Hacks: Attack & Defenses w/Python
 75 | * Web Application Hacker's Handbook: Finding & Exploiting Security Flaws
 76 | * Hands on Penetration Testing
 77 | * Kali Linux Web Penetration Testing
 78 | * Hands on Red Team Tactics
 79 | * Hands on AWS Penetration Testing w/Kali Linux
 80 | * Learning Windows Penetration Testing using Kali Linux
 81 | * Mobile Application Hacker's Handbook
 82 | * [Pentest blog](https://www.hackingarticles.in/penetration-testing/)
 83 | * [Exploit-db](https://www.exploit-db.com/)
 84 | * [CVE details](https://www.cvedetails.com/)
 85 | * [Cyberchef](https://gchq.github.io/CyberChef/)
 86 | * https://www.immuniweb.com/websec/#latest
 87 | * https://www.irongeek.com/xss-sql-injection-fuzzing-barcode-generator.php
 88 | * https://github.com/hfiref0x/UACME
 89 | * [privesc exploits pack](https://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Pack)
 90 | * [awesome pentest](https://github.com/enaqx/awesome-pentest)
 91 | * [malware development](https://0xpat.github.io/Malware_development_part_1/)
 92 | * [Kontra appsec training](https://application.security/free-application-security-training)
 93 | * [Breaking & pwning AWS & Azure apps & servers](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)
 94 | * [Red team blog](https://lockboxx.blogspot.com/)
 95 | * [Bugcrowd university webapp course](https://github.com/bugcrowd/bugcrowd_university)
 96 | * [Onlycybersecurity, ethical hacking tutorials/readings](https://www.onlycybersecurity.com/)
 97 | 
 98 | ## Defensive Security Books
 99 | 
100 | * Computer Security [art & science]
101 | * Cybersecurity for Beginners 2nd Edition
102 | * Practical Cyber Intelligence
103 | * Security Operations Analyst
104 | * Blue Team Field Manual
105 | * Defensive Security Handbook
106 | * Practical Malware Analysis
107 | 
108 | ## Technical Readings
109 | 
110 | * [2014 CTF writeups](https://github.com/ctfs/write-ups-2014)
111 | * [Learning Exploit dev](https://null-byte.wonderhowto.com/how-to/exploit-development-everything-you-need-know-0167801/)
112 | * https://philippeharewood.com/
113 | * https://docs.splunk.com/Documentation/Splunk/8.0.1/Data/Configuredatetimexml
114 | * [Network engineer certs](https://www.routerfreak.com/top-10-certifications-network-engineers/)
115 | * https://community.turgensec.com/ssh-hacking-guide/
116 | * https://objective-see.com/blog/blog_0x52.html
117 | * https://securityaffairs.co/wordpress/77442/hacking/weaponized-microsoft-office-documents.html
118 | * github.com/rednaga/training
119 | * github.com/strazzere/android-unpacker/blob/master/AHPL0.pdf
120 | * github.com/strazzere/anti-emulator/tree/master/slides
121 | * droidsec.org/wiki/#whitepapers
122 | * androidcracking.blogspot.com
123 | * unicorn-engine.org
124 | * [Exploiting AV software](https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software/)
125 | * [Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts](https://samcurry.net/abusing-http-path-normalization-and-cache-poisoning-to-steal-rocket-league-accounts/)
126 | * [Osint investigation: Cerberus & the INPS](https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html)
127 | * [Tearing down Android Stalkerware](https://traced.app/2020/02/22/in-the-wild-stalkerware-analysis-mobile-tracker-free/)
128 | * [Notwannasigh CTF Writeup](https://um.wtf/articles/04-notwannasigh-wpictf-2020-writeup.html)
129 | 
130 | ## Computer Forensics
131 | 
132 | * [images to analyze](https://aboutdfir.com/resources/tool-testing/]
133 | * [more images to analyze](https://www.dfir.training/resources/downloads/ctf-forensic-test-images)
134 | * [Linux forensics material by Hal Pomeranz, 32gb, contains lab VM](https://ia801406.us.archive.org/6/items/HalLinuxForensics/HalLinuxForensics_archive.torrent)
135 | * [File system forensics](https://www.amazon.com/System-Forensic-Analysis-Brian-Carrier/dp/0321268172#ace-g8881249860)
136 | * [HTB Shocker walkthrough](https://medium.com/@RainSec/shocker-a-htb-walkthrough-576dcf87092e)
137 | * [linux forensics course](https://archive.org/details/HalLinuxForensics/page/n4/mode/2up)
138 | 
139 | ## Networking Books
140 | 
141 | * The Art of Network Architecture: Business* Driven Design (Networking Technology) 1st Edition
142 | * [The Practice of network security monitoring](https://www.amazon.com/Practice-Network-Security-Monitoring-Understanding/dp/1593275099/ref=sr_1_2?dchild=1&keywords=network+security+monitoring&qid=1591411186&sr=8-2)
143 | 
144 | ## Cybersec Story Books
145 | 
146 | * At War - Shane Harris
147 | * Tribe of Hackers
148 | * Dark Territory
149 | * Hacker's Heroes of the Computer Revolution
150 | * Cyberwar The Next Threat to National Security & What to do About It
151 | * Hackers & Painters: The Ideas From the Digital Age
152 | * Cuckoo's egg
153 | * Neuromancer
154 | * Hacking: The Art of Exploitation
155 | * POC | GTFO
156 | * The Tangled Web
157 | * [The Cybersecurity canon - "hall of fame" for cybersec books](https://cybercanon.paloaltonetworks.com/)
158 | 
159 | ## Cryptocurrency Books
160 | 
161 | * Bitcoin & Cryptocurrency Technologies
162 | 
163 | ## Online Learning Resources
164 | 
165 | * https://www.classcentral.com/
166 | * https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview#
167 | * https://github.com/sushilshinde/ebooks
168 | * https://tutorials.cyberaces.org/tutorials.html
169 | * https://github.com/bugcrowd/bugcrowd_university
170 | * https://github.com/bkimminich/juice* shop
171 | * https://explainshell.com/
172 | * https://www.reddit.com/r/netsec/wiki/start#wiki_full_online_courses
173 | * https://clark.center/
174 | * https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational
175 | * https://open.edu/openlearn/
176 | * [Discrete mathematics study guide](https://github.com/jongwoojeff/DiscreteMathematics/wiki)
177 | * [Cambridge CS books](https://drive.google.com/drive/folders/1tau1bZkJ8eB2T28Vc8VrAsYZv6wJH1Ec)
178 | * [Linear algebra done right](https://link.springer.com/book/10.1007/978-3-319-11080-6)
179 | * [Cloud security engineering w/AWS for beginners](https://www.youtube.com/watch?v=cRvzlot6l5I)
180 | * [Learn about security logs](https://securitylogwiki.miraheze.org/wiki/Main_Page)
181 | * [How to rob a bank](https://pastebin.com/raw/8rXhtqgr)
182 | 
183 | ## Hardware Resources
184 | 
185 | * https://github.com/virtualabs/btlejack
186 | * https://www.fcc.gov/oet/ea/fccid
187 | * https://samy.pl/
188 | * https://www.simform.com/iot-bluetooth-security-vulnerabilities/
189 | * Black Hat Physical Device Security: Exploiting Hardware and Software
190 | 
191 | ## Mobile Security Resources
192 | 
193 | * https://www.github.com/vaib25vicky/awesome-mobile-security
194 | 
195 | ## Reverse Engineering Resources (Malware analysis resources included)
196 | 
197 | * [Windbg cmds cheatsheet](http://www.windbg.info/doc/1-common-cmds.html)
198 | * [NY RE slides part 1](https://prezi.com/a5tm-lf0879-/reverse-engineering-101-nyupoly-2010/)
199 | * [NY RE slides part 2](https://prezi.com/e5a2tumdqocj/reverse-engineering-102-nyupoly-2010/)
200 | * [Getting started](https://www.reddit.com/r/ReverseEngineering/comments/12ajwc/how_to_start_out_in_reverse_engineering/)
201 | * [Exploit dev learning roadmap](https://www.reddit.com/r/ExploitDev/comments/7zdrzc/exploit_development_learning_roadmap/)
202 | * [Malware unicorn resources](https://malwareunicorn.org/#/resources)
203 | * [online IDE with assembly output & C side-by-side](https://godbolt.org/)
204 | * [Helpful RE related videos](https://0xevilc0de.com/category/video-series/)
205 | * [RE youtube vids](https://www.youtube.com/user/jstrosch)
206 | * [REing IOS apps](https://github.com/ivRodriguezCA/RE-IOS-Apps)
207 | * [GDB cheatsheet](https://darkdust.net/files/GDB%20Cheat%20Sheet.pdf)
208 | * [RE blog](https://www.megabeets.net/)
209 | * [Guide to disassemble](https://gist.github.com/jarun/ea47cc31f1b482d5586138472139d090)
210 | * [Assembly Tutorial](https://cs.lmu.edu/~ray/notes/nasmtutorial/)
211 | * [MIPS Assembly Playlist](https://m.youtube.com/playlist?list=PL5b07qlmA3P6zUdDf-o97ddfpvPFuNa5A)
212 | * [ARM Assembly Tutorial](https://azeria-labs.com/writing-arm-assembly-part-1)
213 | * Practical Reverse Engineering: x86, 64, ARM by Bruce Dang
214 | * Rootkits & Bootkits (Nostarch)
215 | * The Art of Memory Forensics
216 | * Practical Binary Analysis
217 | * The Antivirus Hacker's Handbook
218 | * [Binary deobfuscation](https://github.com/malrev/ABD/blob/master/README.md)
219 | * [Malware analysis resource dump](https://github.com/rshipp/awesome-malware-analysis)
220 | * [Reverse engineering resource dump](https://github.com/tylerha97/awesome-reversing)
221 | * [Malware analysis course-Cincinati Uni 2020](https://class.malware.re/)
222 | * [Malware analysis course-Cincinati Uni 2019](http://class.snusbaum.com/)
223 | * [Ghidra course](https://github.com/NationalSecurityAgency/ghidra/tree/master/GhidraDocs/GhidraClass/Beginner)
224 | * [REing blog](https://mrt4ntr4.github.io/categories)
225 | * [Malware Analysis tools set up](https://www.fireeye.com/blog/threat-research/2018/11/flare-vm-update.html)
226 | * [Malware Analysis VM set up](https://github.com/1d8/CybersecLearning/blob/master/MalwareLabSetup.pdf)
227 | * [Practical malware analysis course](https://samsclass.info/126/126_S17.shtml)
228 | * [RE book 1k pages](https://torus.company/9f0911c0a4bb7d20eb8bab286a2c109fa85c44c6/RE4B-EN.pdf)
229 | * [Malware samples zetsler](https://zeltser.com/malware-sample-sources/)
230 | * [Assembly course - text](https://revers.engineering/applied-re-accelerated-assembly-p1/)
231 | * [RE book 1k pages](https://torus.company/9f0911c0a4bb7d20eb8bab286a2c109fa85c44c6/RE4B-EN.pdf)
232 | * [Open security training](http://opensecuritytraining.info/) 
233 | * Practical malware analysis
234 | * Malware analyst's cookbook
235 | * Windows malware analysis essentials
236 | * [Malware unicorn workshop](https://malwareunicorn.org/workshops/re101.html#0) 
237 | * [Malware analysis - RPISEC](https://github.com/RPISEC/Malware)
238 | * [theZoo malware samples](https://github.com/ytisf/theZoo)
239 | * [Fireeye yearly REing CTF](https://www.fireeye.com/blog/threat-research/2017/10/2017-flare-on-challenge-solutions.html)
240 | * [Learn to program with C](https://www.youtube.com/watch?v=UILNmv2kFMc&feature=youtu.be)
241 | * [REing resources](https://github.com/wtsxDev/reverse-engineering)
242 | * [Getting started w/REing](https://lospi.net/developing/software/software%20engineering/reverse%20engineering/assembly/2015/03/06/reversing-with-ida.html)
243 | * [The self-organizing Computer course](https://www.youtube.com/watch?v=iE7YRHxwoDs)
244 | * [Attacking network protocols](https://www.amazon.com/Attacking-Network-Protocols-Analysis-Exploitation/dp/1593277504)
245 | * [Reverse engineering protocols](https://jhalon.github.io/reverse-engineering-protocols/)
246 | * [Binary deobfuscation](https://github.com/malrev/ABD/blob/master/README.md)
247 | * [Intro to assembly](https://revers.engineering/applied-re-accelerated-assembly-p1/)
248 | * [Configuring inetsim - should configure this with apateDNS](https://techanarchy.net/blog/installing-and-configuring-inetsim)
249 | * [objective-see - live malware samples](https://objective-see.com/malware.html)
250 | * [malshare - live malware samples](https://malshare.com/)
251 | * [malware writeups + samples](https://contagiodump.blogspot.com/)
252 | * [Malware writeups](https://malware.dontneedcoffee.com/blog/)
253 | * [dasmalwrk - live malware samples](https://www.dasmalwerk.eu/)
254 | 
255 | ## Privacy-Oriented Alternatives To Software
256 | 
257 | * [Prism break](https://prism-break.org/en/categories/)
258 | 
259 | ## Misc.
260 | 
261 | * [Different cybersec learning pathways](https://twitter.com/Fox0x01/status/1238636233649250304)
262 | * https://www.gnu.org/software/pspp/ (IBM SPSS's Alternative)
263 | * https://digitaldefynd.com/best-it-support-courses-certification-training/
264 | * https://openlibrary.org/
265 | * https://application.security/free-application-security-training
266 | * https://www.wikihow.com/Move-from-Windows-to-Linux
267 | * http://the-gi-diet.org/lowgifoods/
268 | * https://www.examtopics.com/exams/comptia/
269 | * [Lecture notes for diff courses](https://www.studocu.com/en)
270 | * [University notes CS-centered](https://github.com/alptheexplorer/epflLectureNotes)
271 | * [Wiki's Educational Resource Corner](https://en.wikiversity.org/wiki/Wikiversity:Main_Page)
272 | * [Open source books](https://openstax.org/)
273 | * [Open source degrees](https://github.com/ossu/)
274 | * [Google resource doc by netsecfocus](https://docs.google.com/spreadsheets/d/12bT8APhWsLP8mBtWCYu4MLftwG1cPmIL25AEBtXDno/htmlview#)
275 | * [Udemy courses](http://freecoursesite.com)
276 | * [College books](https://m.imgur.com/gallery/y7KXKyG)
277 | * [Awesome Note Taking Software](https://linuxconfig.org/how-to-install-latex-on-ubuntu-18-04-bionic-beaver-linux)
278 | * [Hacking Resources](https://github.com/Hack-with-Github/Awesome-Hacking)
279 | * [MIT Open Courseware](https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/)
280 | * [OSINT related podcasts](https://www.learnallthethings.net/creepyosint)
281 | * [Beginner probability book](https://www.amazon.com/Probability-Enthusiastic-Beginner-David-Morin-ebook/dp/B06XJSHWCX/ref=sr_1_3?dchild=1&keywords=probability+for+the+enthusiastic+beginner&qid=1587585724&sr=8-3)
282 | * [Probability & statistics](https://www.amazon.com/Probability-Statistics-Morris-H-DeGroot-ebook/dp/B005H8DAXY/ref=sr_1_1?dchild=1&keywords=DeGroot+and+Schervish&qid=1587585781&sr=8-1)
283 | * [College textbooks](https://m.imgur.com/gallery/y7KXKyG)
284 | * [List of cybersec resources](https://docs.google.com/spreadsheets/d/12bT8APhWsL-P8mBtWCYu4MLftwG1cPmIL25AEBtXDno/htmlview#)
285 | * [Oracle certification](https://www.oracle.com/corporate/blog/free-certifications-oracle-oci-autonomous-033020.html)
286 | * [Windows 7 ISO](https://pcriver.com/operating-systems/windows-xp-professional-iso-download.html)
287 | * [Old school OS imgs](https://winworldpc.com)
288 | * [University Lecture Notes](https://lecturenotes.in/)
289 | 
290 | ## Social Engineering Resources
291 | 
292 | * Book - No Tech Hacking
293 | * Book - Social Engineering: The Art of Human Hacking
294 | * Framework - [Social Engineering Framework](https://www.social-engineer.org/framework/general-discussion/)
295 | 


--------------------------------------------------------------------------------
/WebappAttacks-2019.ctb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/WebappAttacks-2019.ctb


--------------------------------------------------------------------------------
/WebappAttacks-2019.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/WebappAttacks-2019.pdf


--------------------------------------------------------------------------------
/compTIANetworking.ctb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/compTIANetworking.ctb


--------------------------------------------------------------------------------
/compTIANetworking.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/compTIANetworking.pdf


--------------------------------------------------------------------------------
/ghidraTips.md:
--------------------------------------------------------------------------------
 1 | ***
 2 | # Reverse Engineering w/Ghidra
 3 | ***
 4 | ## Module 3
 5 | * tools are plugins & their configs (you interact w/these through the tool chest)
 6 | * plugins are what make up Ghidra
 7 | * the server component lets you collab on a shared project
 8 | * when performing auto-analysis, the *analysis options* screen presents you w/diff plugins to use
 9 | * Recall, 3 pushes and a call to a function can indicate a call to **main** and the 3 pushes being the 3 args (argc, argv, & envp)
10 | * cross references (XREFs) are every place where a call to that particular function is made
11 | 
12 | ## Main User Interface:
13 | 
14 | * *Program tree* - provides a high level view of the file format
15 | * *Symbol tree* - provides overview of all program symbols (EX: imports) 
16 | * *Data type manager*- structures & other data types identified
17 | * *Listing* - Disassembly
18 | 
19 | ## Module 4
20 | * you can select code in either the listing view or decompiler view to highlight it, to make the highlight permanent, right-click > select "Program highlight"
21 | * `command key/windows key + select a mnemonic (instruction)`
22 | in listing window will highlight every instance of that mnemonic
23 | * you can add annotations that link to external projects, URLs, or simply adding comments + more in the code browser
24 | * use the data type manager window to select the type you want to apply, it's as simple as dragging & dropping the data type to the location you want to apply it in (whether that be in the listing or decompiler)
25 | * function call graph shows function calls from current function **window > function call graph**
26 | * function call tree depicts a hierarchical relationship of function calls
27 | * the symbol tree allows for exploration of imports, exports & functions
28 | * Ghidra also allows for managing external programs, which means you can add additional programs (libraries such as user32.dll, etc) the program depends on, you'd need to add these libraries to your project
29 | * functions can be created, and edited. Editing includes changing: parameter types, calling conventions, undefining functions, etc
30 | # ![](https://github.com/1d8/CybersecLearning/blob/master/imgs/functionediting.png) 
31 | * symbols can be added, usually in the form of PDB files, but with malware this is rare but when working with programs that rely on Microsoft code this can help identify when calls to Microsoft libraries are made within the program
32 | 
33 | ## Module 5
34 | * clear code bytes can be used to convert disassembled code to raw data
35 | * after patching an instruction, you should **right click > select clear flow & repair** in order to go back through the program & analyze it again
36 | * headless mode is located at **ghidra_install\support\analyzeHeadless.(sh|bat)** along w/documentation (including use cases) in **analyzeHeadlessREADME.html**
37 | * with headless mode, you can import & analyze programs in bulk
38 | * Ghidra comes preloaded with tons of scripts & you can write your own scripts, view them in the script manager 
39 | 


--------------------------------------------------------------------------------
/imgs/functionediting.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/1d8/CybersecLearning/dc31cb4ed76e4cade82e9c0a130ddfd0720da05a/imgs/functionediting.png


--------------------------------------------------------------------------------