├── Blue Team ├── Data Protection Officer (DPO) │ ├── Skills.json │ ├── Books & Podcasts.json │ ├── Labs & Training.json │ ├── Courses & Certifications.json │ └── DPO.md ├── Cybersecurity Awareness & Training Instructor │ ├── Labs & Training.json │ ├── Courses & Certifications.json │ └── Skills.json ├── Cyber Forensics Investigator │ ├── Labs & Training.json │ ├── Courses & Certifications.json │ └── CFI.md ├── Cybersecurity Governance Risk and Compliance Specialist │ ├── Labs & Training.json │ ├── Books & Podcasts.json │ ├── Courses & Certifications.json │ └── CGRCS.md ├── Cybersecurity Consultant │ ├── Courses & Certifications.json │ ├── Labs & Training.json │ ├── CC.md │ └── Skills.json ├── Cybersecurity Security Operations Center (SOC) Analyst │ ├── Labs & Training.json │ ├── Books & Podcasts.json │ └── Skills.json ├── Cybersecurity Project Manager │ ├── Courses & Certifications.json │ └── CPM.md ├── Cloud Security Analyst │ ├── Labs & Training.json │ ├── CSA.md │ └── Books & Podcasts.json ├── ICS Cyber Security(OT) │ ├── Courses & Certifications.json │ ├── Books & Podcasts.json │ ├── Labs & Training.json │ └── ICS.md ├── Endpoint Security Analyst │ ├── Skills.json │ ├── Courses & Certifications.json │ └── Labs & Training.json ├── Network & System Security Administrator │ ├── Skills.json │ ├── Labs & Training.json │ └── Courses & Certifications.json ├── Network Defender & Engineer │ ├── Labs & Training.json │ └── Courses & Certifications.json ├── Intrusion Detection and Prevention Systems (IDPS) Analyst │ ├── IDPS.md │ ├── Labs & Training.json │ ├── Books & Podcasts.json │ ├── Courses & Certifications.json │ └── Skills.json ├── Cybersecurity Operations & Security Manager │ ├── Courses & Certifications.json │ ├── COM.md │ └── Books & Podcasts.json ├── Malware Analyst │ ├── Courses & Certifications.json │ ├── Skills.json │ └── MAL.md ├── Cryptography Specialist │ ├── Skills.json │ └── CRS.md ├── Identity and Access Management (IAM) Analyst │ ├── Books & Podcasts.json │ └── Labs & Training.json └── Cyber Threat Hunter (Blue) │ ├── Skills.json │ ├── CTH.md │ └── Labs & Training.json ├── .github ├── _site │ └── tree.md └── FUNDING.yml ├── Purple Team ├── Security Assesment Manager │ ├── Courses & Certifications.json │ ├── Books & Podcasts.json │ └── SAM.md ├── Security Metrics & Testing Specialist │ ├── Courses & Certifications.json │ └── Books & Podcasts.json ├── Vulnerability Management Analyst │ ├── Books & Podcasts.json │ └── Courses & Certifications.json ├── Purple Team Lead │ └── Books & Podcasts.json └── Red & Blue Team Coordinator │ ├── Skills.json │ └── RTO.md ├── Red Team ├── Adversarial Threat Emulation Specialist │ ├── Courses & Certifications.json │ └── Labs & Training.json ├── Cybersecurity Researcher │ ├── Skills.json │ ├── Labs & Training.json │ └── Courses & Certifications.json ├── Vulnerability Assessor │ ├── Books & Podcasts.json │ └── Courses & Certifications.json ├── Incident Responder │ ├── Labs & Training.json │ ├── Books & Podcasts.json │ └── Skills.json ├── Red Team Lead │ ├── Books & Podcasts.json │ └── Courses & Certifications.json ├── Cyber Security Engineer & Architect │ └── Labs & Training.json ├── Penetration Tester │ ├── Skills.json │ └── PEN.md ├── Ethical Hacker │ ├── Courses & Certifications.json │ └── ETH.md └── Cyber Threat Hunter │ ├── Skills.json │ ├── THR.md │ └── Labs & Training.json ├── LICENSE └── README.md /Blue Team/Data Protection Officer (DPO)/Skills.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Blue Team/Data Protection Officer (DPO)/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Blue Team/Data Protection Officer (DPO)/Labs & Training.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Blue Team/Data Protection Officer (DPO)/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.github/_site/tree.md: -------------------------------------------------------------------------------- 1 | # Tree STructure 2 | New implement for the tree structure to display every job roles on the website 3 | -------------------------------------------------------------------------------- /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | # Help us fund for our first domain and buy us a coffee 3 | 4 | github: [@d3vobed} 5 | gumroad domain donations: [https://d3vp1.gumroad.com/l/cyb3r] 6 | buy me a coffee: [https://www.buymeacoffee.com/everythingcyb3r] 7 | -------------------------------------------------------------------------------- /Purple Team/Security Assesment Manager/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "name": "Certified Information Systems Security Professional (CISSP)", 5 | "link": "https://www.isc2.org/Certifications/CISSP" 6 | }, 7 | { 8 | "name": "Certified Information Security Manager (CISM)", 9 | "link": "https://www.isaca.org/cism" 10 | }, 11 | { 12 | "name": "Certified in Risk and Information Systems Control (CRISC)", 13 | "link": "https://www.isaca.org/crisc" 14 | }, 15 | { 16 | "name": "CompTIA Security+", 17 | "link": "https://www.comptia.org/certifications/security" 18 | }, 19 | { 20 | "name": "Certified Ethical Hacker (CEH)", 21 | "link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/" 22 | }, 23 | { 24 | "name": "AWS Certified Security - Specialty", 25 | "link": "https://aws.amazon.com/certification/certified-security-specialty/" 26 | }, 27 | { 28 | "name": "Certified Cloud Security Professional (CCSP)", 29 | "link": "https://www.isc2.org/Certifications/CCSP" 30 | } 31 | ] 32 | } 33 | -------------------------------------------------------------------------------- /Red Team/Adversarial Threat Emulation Specialist/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "name": "Offensive Security Certified Professional (OSCP)", 5 | "link": "https://www.offsec.com/courses/pen-200/" 6 | }, 7 | { 8 | "name": "Certified Red Team Professional (CRTP) by Pentester Academy", 9 | "link": "https://www.credential.net/group/140735" 10 | }, 11 | { 12 | "name": "Advanced Penetration Tester (APT) by Infosec Academy", 13 | "link": "https://www.infosecacademy.io/advanced-penetration-testing-apt-ec-council.html" 14 | }, 15 | { 16 | "name": "Certified Expert Penetration Tester (CEPT) by Infosec Institute", 17 | "link": "https://www.infosecinstitute.com/skills/learning-paths/certified-expert-penetration-tester-cept/" 18 | } 19 | ], 20 | "trainingCourses": [ 21 | { 22 | "name": "PEN-300: Advanced Evasion Techniques and Breaching Defenses", 23 | "link": "https://www.offsec.com/courses/pen-300/" 24 | }, 25 | { 26 | "name": "WEB-300: Advanced Web Attacks and Exploitation", 27 | "link": "https://www.offsec.com/courses/web-300/" 28 | } 29 | ] 30 | } 31 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Awareness & Training Instructor/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "cybersecurity_training_resources": [ 3 | { 4 | "title": "Hack The Box - Business Cyber Security Training", 5 | "link": "https://www.hackthebox.com/business-cyber-security-training" 6 | }, 7 | { 8 | "title": "CISA - Cybersecurity Training Exercises", 9 | "link": "https://www.cisa.gov/cybersecurity-training-exercises" 10 | }, 11 | { 12 | "title": "Hack The Box - Capture The Flag (CTF)", 13 | "link": "https://www.hackthebox.com/hacker/ctf" 14 | }, 15 | { 16 | "title": "BYU - Capture The Flag (CTF) Training", 17 | "link": "https://cybersecurity.byu.edu/ctf-training" 18 | }, 19 | { 20 | "title": "TryHackMe - Hacktivities", 21 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=info&type=all" 22 | }, 23 | { 24 | "title": "Bit Sentinel - Cybersecurity Training and Awareness", 25 | "link": "https://bit-sentinel.com/cybersecurity-training-and-awareness/" 26 | }, 27 | { 28 | "title": "Cyber Defenders", 29 | "link": "https://cyberdefenders.org/" 30 | } 31 | ] 32 | } 33 | -------------------------------------------------------------------------------- /Blue Team/Cyber Forensics Investigator/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "hacktivities": [ 3 | { 4 | "platform": "TryHackMe", 5 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=forensics" 6 | }, 7 | { 8 | "platform" : "NSA CODE TESTING", 9 | "link" : "https://code.nsa.gov/" 10 | }, 11 | { 12 | "platform": "Cyber Defenders", 13 | "link": "https://cyberdefenders.org/blueteam-ctf-challenges/" 14 | }, 15 | { 16 | "platform": "Cyber Talents", 17 | "link": "https://cybertalents.com/competitions/digital-forensics-ctf" 18 | }, 19 | { 20 | "platform": "Hack The Box", 21 | "link": "https://www.hackthebox.com/hacker/ctf" 22 | }, 23 | { 24 | "platform": "DFIR Diva", 25 | "link": "https://training.dfirdiva.com/listing-category/dfir-blue-team-ctfs" 26 | }, 27 | { 28 | "platform": "CSC", 29 | "link": "https://www.csc.ac.za/?page_id=249" 30 | }, 31 | { 32 | "platform": "Osiris", 33 | "link": "https://osiris.cyber.nyu.edu/" 34 | }, 35 | { 36 | "platform": "Champlain College Online", 37 | "link": "https://online.champlain.edu/blog/top-skills-required-for-computer-forensics-careers" 38 | } 39 | ] 40 | } 41 | 42 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Everything including text and images in this project are protected by the copyright laws. 2 | You are allowed to use this material for personal use but are not allowed to use it for 3 | any other purpose including publishing the images, the project files or the content in the 4 | images in any form either digital, non-digital, textual, graphical or written formats. 5 | You are allowed to share the links to the repository or the website roadmap.sh but not 6 | the content for any sort of usage that involves the content of this repository taken out 7 | of the repository and be shared from any other medium including but not limited to blog 8 | posts, articles, newsletters, you must get prior consent from the understated. These 9 | conditions do not apply to the readonly GitHub forks created using the Fork button on 10 | GitHub with the whole purpose of contributing to the project. 11 | 12 | Copyright © 2023 D3vObed 13 | 14 | Please note that I am really flexible with allowing the usage of the content in this 15 | repository. If you reach out to me with a brief detail of why and how you would like 16 | to use this content, there is a good chance that I will allow you to use it. The reason 17 | behind this strictness in the license is to stop the people who have been using these 18 | roadmaps in ill manners e.g. ripping people off with suggesting random affiliate links, 19 | redistributing these roadmaps just for the sake of monetizing the traffic. 20 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Governance Risk and Compliance Specialist/Labs & Training.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "TryHackMe", 4 | "author": "TryHackMe", 5 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=policy" 6 | }, 7 | { 8 | "title": "Lighthouse Labs - Cyber Security", 9 | "author": "Lighthouse Labs - Cyber Security", 10 | "link": "https://www.lighthouselabs.ca/en/cyber-security" 11 | }, 12 | { 13 | "title": "Cyber Defenders - Blue Team CTF Challenges", 14 | "author": "Cyber Defenders - Blue Team CTF Challenges", 15 | "link": "https://cyberdefenders.org/blueteam-ctf-challenges/" 16 | }, 17 | { 18 | "title": "GRC Course - Cyber Security", 19 | "author": "CyberRik Africa", 20 | "link": "https://docs.google.com/forms/d/e/1FAIpQLSdh9l8DBD5s6KxO72jVQl-aoNcZcG45lOfQrzZEERAr02rIjg/viewform" 21 | }, 22 | { 23 | "title": "GRC eLearning - Cyber Security", 24 | "author": "GRC eLearning - Cyber Security", 25 | "link": "https://www.grcelearning.com/category/cyber-security" 26 | }, 27 | { 28 | "title": "Practice Labs", 29 | "author": "Practice Labs", 30 | "link": "https://store.practice-labs.com/" 31 | }, 32 | { 33 | "title": "Association of Certified Fraud Examiners - Training Events and Products", 34 | "author": "Association of Certified Fraud Examiners - Training Events and Products", 35 | "link": "https://www.acfe.com/training-events-and-products/all-events/virtual-events-and-webinars" 36 | } 37 | ] 38 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Consultant/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "CISSP. Certified Information Systems Security Professional", 4 | "link": "https://www.isc2.org/certifications/cissp", 5 | "authors": "isc2" 6 | }, 7 | { 8 | "title": "CPP. Certified Protection Professional", 9 | "link": "https://www.asisonline.org/certification/certified-protection-professional-cpp/", 10 | "authors": "ASIS Homepage" 11 | }, 12 | { 13 | "title": "CSC. Certified Security Consultant", 14 | "link": "https://iapsc.org/about/certification/", 15 | "authors": "IAPSC" 16 | }, 17 | { 18 | "title": "GIAC. Security Certification", 19 | "link": "https://www.giac.org/certifications/security-essentials-gsec/", 20 | "authors": "SANS" 21 | }, 22 | { 23 | "title": "IAPSC. International Association of Professional Security Consultants", 24 | "link": "https://iapsc.org/about/certification/", 25 | "authors": "IAPSC" 26 | }, 27 | { 28 | "title": "OSCP. Offensive Security Certified Professional", 29 | "link": "https://www.offsec.com/courses/pen-200/", 30 | "authors": "Offensive Sec" 31 | }, 32 | { 33 | "title": "PSP. Physical Security Professional", 34 | "link": "https://www.asisonline.org/certification/physical-security-professional/", 35 | "authors": "ASIS" 36 | }, 37 | { 38 | "title": "GIAC Information Security Professional Certification (GISP)", 39 | "link": "https://www.giac.org/certifications/information-security-professional-gisp/", 40 | "authors": "SANS" 41 | } 42 | ] 43 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Security Operations Center (SOC) Analyst/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "resources": [ 3 | { 4 | "title": "Blue Team Analyst Level 1", 5 | "author": "CTF Hack The Box", 6 | "link": "https://ctf.hackthebox.com/pack/blue-team-analyst-level-1" 7 | }, 8 | { 9 | "title": "Let's Defend", 10 | "author": "letsdefend.io", 11 | "link": "https://letsdefend.io/" 12 | }, 13 | { 14 | "title": "CyberNow Labs", 15 | "author": "cybernowlabs.com", 16 | "link": "https://cybernowlabs.com/" 17 | }, 18 | { 19 | "title": "SOC Analyst Path", 20 | "author": "Hack The Box Academy", 21 | "link": "https://academy.hackthebox.com/path/preview/soc-analyst" 22 | }, 23 | { 24 | "title": "Tips for Building a SOC Analyst Home Lab", 25 | "author": "Devo", 26 | "link": "https://www.devo.com/blog/tips-for-building-a-soc-analyst-home-lab/" 27 | }, 28 | { 29 | "title": "Blue Team Labs", 30 | "author": "Cyber Defenders", 31 | "link": "https://cyberdefenders.org/blue-team-labs/" 32 | }, 33 | { 34 | "title": "CyberTalents Certified SOC Analyst", 35 | "author": "CyberTalents", 36 | "link": "https://cybertalents.com/learn/cybertalents-certified-soc-analyst" 37 | }, 38 | { 39 | "title": "SOC Level 1", 40 | "author": "TryHackMe", 41 | "link": "https://tryhackme.com/path/outline/soclevel1" 42 | }, 43 | { 44 | "title": "CTF Event 263", 45 | "author": "CTF Time", 46 | "link": "https://ctftime.org/ctf/263/" 47 | } 48 | ] 49 | } 50 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Project Manager/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "title": "Certified Security Project Manager (CSPM) Certification", 5 | "organization": "Security Industry", 6 | "link": "https://www.securityindustry.org/professional-development/cspm-certification/" 7 | }, 8 | { 9 | "title": "Applying Project Management to Cybersecurity", 10 | "organization": "CompTIA", 11 | "link": "https://www.comptia.org/certifications/project" 12 | }, 13 | { 14 | "title": "Certified in Risk and Information Systems Control® (CRISC®)", 15 | "organization": "ISACA", 16 | "link": "https://www.isaca.org/credentialing/crisc" 17 | }, 18 | { 19 | "title": "Project Management in IT Security Certification Preparation (PMITS)", 20 | "organization": "National Initiative for Cybersecurity Careers and Studies (NICCS)", 21 | "link": "https://niccs.cisa.gov/education-training/catalog/institute-information-technology/project-management-it-security" 22 | }, 23 | { 24 | "title": "Certified Protection Professional (CPP)", 25 | "organization": "ASIS", 26 | "link": "https://specifiermvc2.azurewebsites.net/Resource/ResourcesCertsProf" 27 | }, 28 | { 29 | "title": "GIAC Certified Project Manager (GCPM)", 30 | "organization": "SANS", 31 | "link": "https://www.giac.org/certifications/certified-project-manager-gcpm/" 32 | } 33 | ], 34 | "additional_resources": [ 35 | { 36 | "title": "Full Certifications by SANS (Management Focus)", 37 | "link": "https://www.giac.org/focus-areas/management/" 38 | } 39 | ] 40 | } 41 | -------------------------------------------------------------------------------- /Purple Team/Security Metrics & Testing Specialist/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "title": "Cybersecurity Fundamentals Certificate", 5 | "url": "https://www.isaca.org/credentialing/cybersecurity-fundamentals-certificate" 6 | }, 7 | { 8 | "title": "Systems Security Certified Practitioner (SSCP)", 9 | "url": "https://www.isc2.org/certifications/sscp" 10 | }, 11 | { 12 | "title": "Associate of (ISC)²", 13 | "url": "https://www.isc2.org/certifications/associate" 14 | }, 15 | { 16 | "title": "GIAC Information Security Fundamentals (GISF)", 17 | "url": "https://www.giac.org/certifications/information-security-fundamentals-gisf/" 18 | }, 19 | { 20 | "title": "CompTIA Security+", 21 | "url": "https://www.comptia.org/certifications/security" 22 | }, 23 | { 24 | "title": "CompTIA A+", 25 | "url": "https://www.comptia.org/certifications/a" 26 | }, 27 | { 28 | "title": "ISTQB Certified Tester - Security Tester (CT-SEC)", 29 | "url": "https://isqi.org/en/18-istqb-certified-tester-security-tester-ct-sec.html" 30 | }, 31 | { 32 | "title": "Certified Chief Information Security Officer (CCISO)", 33 | "url": "https://www.eccouncil.org/train-certify/certified-chief-information-security-officer-cciso/" 34 | }, 35 | { 36 | "title": "CompTIA Advanced Security Practitioner (CASP+)", 37 | "url": "https://www.comptia.org/certifications/comptia-advanced-security-practitioner" 38 | }, 39 | { 40 | "title": "Cisco Certified Network Associate (CCNA)", 41 | "url": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html" 42 | } 43 | ] 44 | } 45 | 46 | -------------------------------------------------------------------------------- /Blue Team/Cloud Security Analyst/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Resources": [ 3 | { 4 | "Title": "SC-200 Microsoft Security Operations Analyst", 5 | "Link": "https://cloudlabs.ai/sc-200/", 6 | "Authors": ["SC-200 Microsoft Security Operations Analyst"] 7 | }, 8 | { 9 | "Title": "Cloud Security Labs", 10 | "Link": "https://github.com/cloud-security-labs", 11 | "Authors": ["Cloud Security Labs"] 12 | }, 13 | { 14 | "Title": "Hack The Box Professional Labs - Cloud Labs: BlackSky", 15 | "Link": "https://www.hackthebox.com/business/professional-labs/cloud-labs-blacksky", 16 | "Authors": ["Hack The Box Professional Labs - Cloud Labs: BlackSky"] 17 | }, 18 | { 19 | "Title": "Cloud Security - AWS On-Demand", 20 | "Link": "https://bootcamps.pentesteracademy.com/course/cloud-security-aws-on-demand", 21 | "Authors": ["Cloud Security - AWS On-Demand"] 22 | }, 23 | { 24 | "Title": "AWS Well-Architected Labs - Security", 25 | "Link": "https://wellarchitectedlabs.com/security/", 26 | "Authors": ["AWS Well-Architected Labs - Security"] 27 | }, 28 | { 29 | "Title": "Hack The Box Certified Defensive Security Analyst (CDSA) Certification", 30 | "Link": "https://academy.hackthebox.com/preview/certifications/htb-certified-defensive-security-analyst", 31 | "Authors": ["Hack The Box Certified Defensive Security Analyst (CDSA) Certification"] 32 | }, 33 | { 34 | "Title": "TryHackMe Cloud Hacktivities", 35 | "Link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=cloud", 36 | "Authors": ["TryHackMe Cloud Hacktivities"] 37 | } 38 | ] 39 | } 40 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Consultant/Labs & Training.json: -------------------------------------------------------------------------------- 1 | "Resources": [ 2 | { 3 | "title": "Hack The Box - Business Cyber Security Training", 4 | "link": "https://www.hackthebox.com/business-cyber-security-training" 5 | }, 6 | { 7 | "title": "CISA - Cybersecurity Training Exercises", 8 | "link": "https://www.cisa.gov/cybersecurity-training-exercises" 9 | }, 10 | { 11 | "title": "Hack The Box - Capture The Flag (CTF)", 12 | "link": "https://www.hackthebox.com/hacker/ctf" 13 | }, 14 | { 15 | "title": "BYU - Capture The Flag (CTF) Training", 16 | "link": "https://cybersecurity.byu.edu/ctf-training" 17 | }, 18 | { 19 | "title": "TryHackMe - Hacktivities", 20 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=info&type=all" 21 | }, 22 | { 23 | "title": "Bit Sentinel - Cybersecurity Training and Awareness", 24 | "link": "https://bit-sentinel.com/cybersecurity-training-and-awareness/" 25 | }, 26 | { 27 | "title": "Cyber Defenders", 28 | "link": "https://cyberdefenders.org/" 29 | }, 30 | { 31 | "title": "AntiSyphon Training - John Strand Training Lab", 32 | "link": "https://www.antisyphontraining.com/john-strand-training-lab-download-instructions/" 33 | }, 34 | { 35 | "title": "TryHackMe - Security Hacktivities", 36 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=security" 37 | }, 38 | { 39 | "title": "CyberWox Academy - Building a Cybersecurity Homelab for Detection and Monitoring", 40 | "link": "https://cyberwoxacademy.com/building-a-cybersecurity-homelab-for-detection-monitoring/" 41 | } 42 | ] 43 | } 44 | 45 | 46 | 47 | 48 | -------------------------------------------------------------------------------- /Blue Team/ICS Cyber Security(OT)/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "resources": [ 3 | {"url": "https://www.eccouncil.org/train-certify/ics-scada-cybersecurity/", "author": "EC-Council"}, 4 | {"url": "https://www.robertmlee.org/a-collection-of-resources-for-getting-started-in-icsscada-cybersecurity", "author": "Robert M. Lee"}, 5 | {"url": "https://www.giac.org/focus-areas/industrial-control-systems/", "author": "Global Information Assurance Certification (GIAC)"}, 6 | {"url": "https://www.cisa.gov/ics-training-available-through-cisa", "author": "Cybersecurity and Infrastructure Security Agency (CISA)"}, 7 | {"url": "https://www.sans.org/cyber-security-courses/ics-scada-cyber-security-essentials/", "author": "SANS Institute"}, 8 | {"url": "https://www.isc2.org/certifications/sscp", "author": "International Information System Security Certification Consortium (ISC)²"}, 9 | {"url": "https://ics-cybersecurity.academy/our-trainings/custom-training/", "author": "ICS Cybersecurity Academy"}, 10 | {"url": "https://www.isc2.org/certifications/issap", "author": "International Information System Security Certification Consortium (ISC)²"}, 11 | {"url": "https://instrumentationtools.com/free-industrial-control-system-ics-cyber-security-training-course/", "author": "Instrumentation Tools"}, 12 | {"url": "https://www.isc2.org/certifications/cissp", "author": "International Information System Security Certification Consortium (ISC)²"}, 13 | {"url": "https://www.isaca.org/credentialing/cism", "author": "ISACA"}, 14 | {"url": "https://www.offsec.com/courses/pen-300/", "author": "Offensive Security"}, 15 | {"url": "https://comptia.org/certifications/comptia-advanced-security-practitioner", "author": "CompTIA"}, 16 | {"url": "https://www.comptia.org/certifications/cybersecurity-analyst", "author": "CompTIA"}, 17 | {"url": "https://www.comptia.org/certifications/security", "author": "CompTIA"} 18 | ] 19 | } 20 | -------------------------------------------------------------------------------- /Red Team/Cybersecurity Researcher /Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Technical Skills": [ 3 | { 4 | "Title": "Network Security", 5 | "Source": "CISCO", 6 | "Link": "https://www.netacad.com/courses/cybersecurity/network-security" 7 | }, 8 | { 9 | "Title": "Malware Analysis", 10 | "Source": "Udemy - Nikola Milosevic", 11 | "Link": "https://www.udemy.com/course/malware-analysis-and-reverse-engineering/" 12 | }, 13 | { 14 | "Title": "Cryptography", 15 | "Source": "Udemy - Logix Academy", 16 | "Link": "https://www.udemy.com/course/cybersecurity-from-beginner-to-expert/" 17 | }, 18 | { 19 | "Title": "Penetration Testing", 20 | "Source": "eJPT", 21 | "Link": "https://security.ine.com/certifications/ejpt-certification/" 22 | }, 23 | { 24 | "Title": "Incident Response", 25 | "Source": "Coursera", 26 | "Link": "https://www.coursera.org/learn/incident-response" 27 | } 28 | ], 29 | "Soft Skills": [ 30 | { 31 | "Title": "Analytical Thinking", 32 | "Source": "Coursera", 33 | "Link": "https://www.coursera.org/courses?query=critical%20thinking" 34 | }, 35 | { 36 | "Title": "Problem Solving", 37 | "Source": "Coursera - University of California, Irvine", 38 | "Link": "https://www.coursera.org/learn/problem-solving" 39 | }, 40 | { 41 | "Title": "Communication Skills", 42 | "Source": "Coursera - Imperial College London", 43 | "Link": "https://www.coursera.org/learn/creative-thinking-techniques-and-tools-for-success" 44 | }, 45 | { 46 | "Title": "Teamwork and Collaboration", 47 | "Source": "Udemy - Athena e-learn", 48 | "Link": "https://www.udemy.com/course/learn-teamwork-collaboration-and-relationship-development" 49 | } 50 | ] 51 | } 52 | -------------------------------------------------------------------------------- /Red Team/Cybersecurity Researcher /Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "labs_and_training": [ 3 | { 4 | "name": "Penetration Testing Lab", 5 | "url": "https://www.virtualhackinglabs.com/labs/penetration-testing-lab/" 6 | }, 7 | { 8 | "name": "Virtual Beginner/Advanced Lab", 9 | "url": "https://www.virtualhackinglabs.com/beginner-advanced-lab/" 10 | }, 11 | { 12 | "name": "Ethical Hacking", 13 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/ndg-ethical-hacking-v2" 14 | }, 15 | { 16 | "name": "Network Security Fundamentals", 17 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/network-security-fundamentals" 18 | }, 19 | { 20 | "name": "Security Operations Fundamentals", 21 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/security-operations-fundamentals" 22 | }, 23 | { 24 | "name": "Cloud Security Fundamentals", 25 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/cloud-security-fundamentals" 26 | }, 27 | { 28 | "name": "CyberOps Associate", 29 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/cisco-cyberops-associate" 30 | }, 31 | { 32 | "name": "Infosec Institute", 33 | "url": "https://www.infosecinstitute.com/" 34 | }, 35 | { 36 | "name": "ISC2", 37 | "url": "https://www.isc2.org/" 38 | }, 39 | { 40 | "name": "Offensive Security", 41 | "url": "https://www.offensive-security.com/" 42 | }, 43 | { 44 | "name": "SecureNinja", 45 | "url": "https://secureninja.com" 46 | }, 47 | { 48 | "name": "Global Information Assurance Certification", 49 | "url": "https://www.giac.org/" 50 | }, 51 | { 52 | "name": "FedVTE (Federal Virtual Training Environment)", 53 | "url": "https://fedvte.usalearning.gov/" 54 | } 55 | ] 56 | } -------------------------------------------------------------------------------- /Blue Team/Endpoint Security Analyst/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoint_security_analyst_skills": [ 3 | { 4 | "skill": "Foundational Networking", 5 | "sites": ["https://www.coursera.org/learn/computer-networking", "https://www.udemy.com/course/networking-fundamentals/"] 6 | }, 7 | { 8 | "skill": "Operating Systems Knowledge", 9 | "sites": ["https://www.udacity.com/course/introduction-to-operating-systems--ud923"] 10 | }, 11 | { 12 | "skill": "Security Protocols and Encryption", 13 | "sites": ["https://www.tutorialspoint.com/cryptography/index.htm"] 14 | }, 15 | { 16 | "skill": "Fundamental Security Concepts", 17 | "sites": ["https://www.sans.org/cyber-security-courses/security-essentials-network-endpoint-cloud/"] 18 | }, 19 | { 20 | "skill": "Endpoint Security Technologies", 21 | "sites": ["https://www.opswat.com/partners/certification"] 22 | }, 23 | { 24 | "skill": "Incident Response", 25 | "sites": ["https://www.sans.org/cyber-security-courses/incident-handlers-developers"] 26 | }, 27 | { 28 | "skill": "Network Security", 29 | "sites": ["https://www.coursera.org/learn/network-security", "https://www.udemy.com/course/learn-computer-networking/"] 30 | }, 31 | { 32 | "skill": "Scripting and Automation", 33 | "sites": ["https://www.codecademy.com/learn/learn-python"] 34 | }, 35 | { 36 | "skill": "Advanced Endpoint Security", 37 | "sites": ["https://codered.eccouncil.org/learning-path/Endpoint-Security-Professional"] 38 | }, 39 | { 40 | "skill": "Security Certifications", 41 | "sites": ["https://www.comptia.org/certifications/security", "https://www.isc2.org/certifications/cissp"] 42 | }, 43 | { 44 | "skill": "Hands-On Practice", 45 | "sites": ["https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=Endpoint+Security+Analyst"] 46 | } 47 | ] 48 | } 49 | -------------------------------------------------------------------------------- /Red Team/Cybersecurity Researcher /Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "Training Courses": [ 3 | { 4 | "name": "Cloud Security Fundamentals", 5 | "link": "https://www.simplilearn.com/learn-cloud-security-basics-skillup" 6 | }, 7 | { 8 | "name": "Cybersecurity Tools and Techniques", 9 | "link": "https://www.coursera.org/learn/cybersecurity-tools-and-technologies" 10 | }, 11 | { 12 | "name": "Ethical Hacking and Responsible Disclosure", 13 | "link": "https://www.udemy.com/course/complete-ethical-hacking-course-bug-bounty/" 14 | } 15 | ], 16 | "Certifications": [ 17 | { 18 | "name": "Certified Information Systems Security Professional (CISSP)", 19 | "link": "https://www.isc2.org/certifications/cissp" 20 | }, 21 | { 22 | "name": "Certified Information Security Manager (CISM)", 23 | "link": "https://www.isaca.org/credentialing/cism" 24 | }, 25 | { 26 | "name": "CompTIA Network+", 27 | "link": "https://www.comptia.org/certifications/network" 28 | }, 29 | { 30 | "name": "CompTIA A+", 31 | "link": "https://www.comptia.org/certifications/a" 32 | }, 33 | { 34 | "name": "CompTIA Cybersecurity Analyst (CySA+) Certification ", 35 | "link": "https://www.comptia.org/certifications/cybersecurity-analyst" 36 | }, 37 | { 38 | "name": "CompTIA Security+", 39 | "link": "https://www.comptia.org/certifications/security" 40 | }, 41 | { 42 | "name": "Certified Information Systems Auditor (CISA)", 43 | "link": "https://www.isaca.org/credentialing/cisa" 44 | }, 45 | { 46 | "name": "Certified Information Systems Manager (CRISC)", 47 | "link": "https://www.isaca.org/credentialing/crisc" 48 | }, 49 | { 50 | "name": "Certified Information Security Technician (CIST)", 51 | "link": "https://identitymanagementinstitute.org/cist-application/" 52 | } 53 | ] 54 | } 55 | -------------------------------------------------------------------------------- /Purple Team/Security Metrics & Testing Specialist/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "resources": [ 3 | { 4 | "type": "book", 5 | "title": "Security Metrics Management: Measuring the Effectiveness and Efficiency of a Security Program", 6 | "url": "https://www.everand.com/book/329351493/Security-Metrics-Management-Measuring-the-Effectiveness-and-Efficiency-of-a-Security-Program" 7 | }, 8 | { 9 | "type": "book", 10 | "title": "Security Metrics", 11 | "url": "https://www.goodreads.com/book/show/549267.Security_Metrics" 12 | }, 13 | { 14 | "type": "book", 15 | "title": "The Art of Software Security Testing: Identifying Software Security Flaws", 16 | "url": "https://www.amazon.com/Art-Software-Security-Testing-Identifying/dp/0321304861" 17 | }, 18 | { 19 | "type": "book", 20 | "title": "The Basics of Hacking and Penetration Testing, Second Edition", 21 | "url": "https://wqreytuk.github.io/Patrick+Engebretson+The+Basics+of+Hacking+and+Penetration+Testing,+Second+Edition+%282013%29.pdf" 22 | }, 23 | { 24 | "type": "website", 25 | "title": "EvilTester", 26 | "url": "https://www.eviltester.com/show/" 27 | }, 28 | { 29 | "type": "podcast", 30 | "title": "The Changelog", 31 | "url": "https://changelog.com/podcast/398" 32 | }, 33 | { 34 | "type": "podcast", 35 | "title": "TestGuild Automation Podcast", 36 | "url": "https://podcasts.apple.com/us/podcast/testguild-automation-podcast/id826722706" 37 | }, 38 | { 39 | "type": "podcast", 40 | "title": "AB Testing Podcast: Episode 133 - Test Ownership and Test Automation", 41 | "url": "https://podcasters.spotify.com/pod/show/abtesting/episodes/Episode-133-Test-Ownership-and-Test-Automation-epoct4" 42 | }, 43 | { 44 | "type": "podcast", 45 | "title": "Test and Code Podcast: Episode 129", 46 | "url": "https://testandcode.com/129" 47 | }, 48 | { 49 | "type": "website", 50 | "title": "SecurityMetrics Podcast", 51 | "url": "https://www.securitymetrics.com/learn/podcast" 52 | } 53 | ] 54 | } 55 | 56 | -------------------------------------------------------------------------------- /Blue Team/Network & System Security Administrator/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "endpoint_security_analyst_skills": [ 3 | { 4 | "skill": "Foundational Networking", 5 | "sites": ["https://www.coursera.org/learn/computer-networking", "https://www.udemy.com/course/networking-fundamentals/"] 6 | }, 7 | { 8 | "skill": "Operating Systems Knowledge", 9 | "sites": ["https://www.udacity.com/course/introduction-to-operating-systems--ud923"] 10 | }, 11 | { 12 | "skill": "Security Protocols and Encryption", 13 | "sites": ["https://www.tutorialspoint.com/cryptography/index.htm"] 14 | }, 15 | { 16 | "skill": "Fundamental Security Concepts", 17 | "sites": ["https://www.sans.org/cyber-security-courses/security-essentials-network-endpoint-cloud/"] 18 | }, 19 | { 20 | "skill": "Endpoint Security Technologies", 21 | "sites": ["https://www.opswat.com/partners/certification"] 22 | }, 23 | { 24 | "skill": "Incident Response", 25 | "sites": ["https://www.sans.org/cyber-security-courses/incident-handlers-developers"] 26 | }, 27 | { 28 | "skill": "Network Security", 29 | "sites": ["https://www.coursera.org/learn/network-security", "https://www.udemy.com/course/learn-computer-networking/"] 30 | }, 31 | { 32 | "skill": "Scripting and Automation", 33 | "sites": ["https://www.codecademy.com/learn/learn-python"] 34 | }, 35 | { 36 | "skill": "Advanced Endpoint Security", 37 | "sites": ["https://codered.eccouncil.org/learning-path/Endpoint-Security-Professional"] 38 | }, 39 | { 40 | "skill": "Security Certifications", 41 | "sites": ["https://www.comptia.org/certifications/security", "https://www.isc2.org/certifications/cissp"] 42 | }, 43 | { 44 | "skill": "Hands-On Practice", 45 | "sites": ["https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=Endpoint+Security+Analyst"] 46 | } 47 | ] 48 | } 49 | 50 | -------------------------------------------------------------------------------- /Red Team/Vulnerability Assessor/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ResourceName": "Practical Vulnerability Management", 4 | "Link": "https://www.amazon.com/Practical-Vulnerability-Management-Andrew-Magnusson/dp/1593279884", 5 | "Author": "Andrew Magnusson", 6 | "Description": "A practical guide to vulnerability management." 7 | }, 8 | { 9 | "ResourceName": "VulDB - Vulnerability Database", 10 | "Link": "https://vuldb.com/", 11 | "Author": "VulDB", 12 | "Description": "Access a comprehensive vulnerability database." 13 | }, 14 | { 15 | "ResourceName": "The Web Application Hacker's Handbook", 16 | "Link": "https://www.amazon.com/dp/B00C0OBZI0", 17 | "Author": "Dafydd Stuttard and Marcus Pinto", 18 | "Description": "An excellent resource for understanding web application vulnerabilities and security testing." 19 | }, 20 | { 21 | "ResourceName": "Network Security Essentials", 22 | "Link": "https://www.amazon.com/dp/B01F9G4686?tag=bblpage-20", 23 | "Author": "William Stallings", 24 | "Description": "This book covers fundamental concepts in network security." 25 | }, 26 | { 27 | "ResourceName": "The Foundations of Vulnerability Management", 28 | "Link": "https://www.amazon.com/dp/1804614971/ref=sspa_dk_detail_2?psc=1&pd_rd_i=1804614971&content-id=amzn1.sym.eb7c1ac5-7c51-4df5-ba34-ca810f1f119a&s=books&sp_csd=d2lkZ2V0TmFtZT1zcF9kZXRhaWw", 29 | "Author": "Various Authors", 30 | "Description": "A comprehensive guide to the foundations of vulnerability management." 31 | }, 32 | { 33 | "ResourceName": "NIST Glossary - Vulnerability", 34 | "Link": "https://csrc.nist.gov/glossary/term/vulnerability", 35 | "Author": "NIST (National Institute of Standards and Technology)", 36 | "Description": "Access the NIST glossary definition of vulnerability." 37 | }, 38 | { 39 | "ResourceName": "Podcast - Vulnerability", 40 | "Link": "https://player.fm/podcasts/Vulnerability", 41 | "Author": "Various Podcast Hosts", 42 | "Description": "Explore podcasts related to vulnerability topics." 43 | } 44 | ] 45 | -------------------------------------------------------------------------------- /Blue Team/Cyber Forensics Investigator/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "title": "SANS Cyber Security Courses", 5 | "authors": ["SANS"], 6 | "link": "https://www.sans.org/cyber-security-courses/?focus-area=digital-forensics" 7 | }, 8 | { 9 | "title": "EnCase Certified Examiner", 10 | "authors": ["EnCase"], 11 | "link": "https://www.digitalforensics.com/certifications/encase-certified-examiner" 12 | }, 13 | { 14 | "title": "Computer Hacking Forensic Investigator (CHFI)", 15 | "authors": ["EC-Council"], 16 | "link": "https://www.eccouncil.org/train-certify/computer-hacking-forensic-investigator-chfi/" 17 | }, 18 | { 19 | "title": "Certified Computer Forensics Examiner (CFCE)", 20 | "authors": ["IACIS"], 21 | "link": "https://www.iacis.com/certification/cfce/" 22 | }, 23 | { 24 | "title": "AccessData Certified Examiner", 25 | "authors": ["AccessData"], 26 | "link": "https://www.digitalforensics.com/certifications/accessdata-certified-examiner" 27 | }, 28 | { 29 | "title": "Intella Email Investigation", 30 | "authors": ["Intella"], 31 | "link": "https://www.digitalforensics.com/certifications/intella-email-investigation" 32 | }, 33 | { 34 | "title": "Certified OSForensics Examiner", 35 | "authors": ["OSForensics"], 36 | "link": "https://www.digitalforensics.com/certifications/certified-osforensics-examiner" 37 | }, 38 | { 39 | "title": "AccessData Mobile Examiner", 40 | "authors": ["AccessData"], 41 | "link": "https://www.digitalforensics.com/certifications/accessdata-mobile-examiner" 42 | }, 43 | { 44 | "title": "Cellebrite UFED Physical Pro", 45 | "authors": ["Cellebrite"], 46 | "link": "https://www.digitalforensics.com/certifications/cellebrite-ufed-physical-pro" 47 | }, 48 | { 49 | "title": "MathWorks Image Processing", 50 | "authors": ["MathWorks"], 51 | "link": "https://www.digitalforensics.com/certifications/mathworks-image-processing" 52 | } 53 | ] 54 | } 55 | -------------------------------------------------------------------------------- /Purple Team/Vulnerability Management Analyst/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ResourceName": "Practical Vulnerability Management", 4 | "Link": "https://www.amazon.com/Practical-Vulnerability-Management-Andrew-Magnusson/dp/1593279884", 5 | "Author": "Andrew Magnusson", 6 | "Description": "A practical guide to vulnerability management." 7 | }, 8 | { 9 | "ResourceName": "VulDB - Vulnerability Database", 10 | "Link": "https://vuldb.com/", 11 | "Author": "VulDB", 12 | "Description": "Access a comprehensive vulnerability database." 13 | }, 14 | { 15 | "ResourceName": "The Web Application Hacker's Handbook", 16 | "Link": "https://www.amazon.com/dp/B00C0OBZI0", 17 | "Author": "Dafydd Stuttard and Marcus Pinto", 18 | "Description": "An excellent resource for understanding web application vulnerabilities and security testing." 19 | }, 20 | { 21 | "ResourceName": "Network Security Essentials", 22 | "Link": "https://www.amazon.com/dp/B01F9G4686?tag=bblpage-20", 23 | "Author": "William Stallings", 24 | "Description": "This book covers fundamental concepts in network security." 25 | }, 26 | { 27 | "ResourceName": "The Foundations of Vulnerability Management", 28 | "Link": "https://www.amazon.com/dp/1804614971/ref=sspa_dk_detail_2?psc=1&pd_rd_i=1804614971&content-id=amzn1.sym.eb7c1ac5-7c51-4df5-ba34-ca810f1f119a&s=books&sp_csd=d2lkZ2V0TmFtZT1zcF9kZXRhaWw", 29 | "Author": "Various Authors", 30 | "Description": "A comprehensive guide to the foundations of vulnerability management." 31 | }, 32 | { 33 | "ResourceName": "NIST Glossary - Vulnerability", 34 | "Link": "https://csrc.nist.gov/glossary/term/vulnerability", 35 | "Author": "NIST (National Institute of Standards and Technology)", 36 | "Description": "Access the NIST glossary definition of vulnerability." 37 | }, 38 | { 39 | "ResourceName": "Podcast - Vulnerability", 40 | "Link": "https://player.fm/podcasts/Vulnerability", 41 | "Author": "Various Podcast Hosts", 42 | "Description": "Explore podcasts related to vulnerability topics." 43 | } 44 | ] 45 | -------------------------------------------------------------------------------- /Blue Team/Network Defender & Engineer/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "resources": [ 3 | { 4 | "title": "TryHackMe Paths", 5 | "link": "https://tryhackme.com/paths", 6 | "author": "TryHackMe" 7 | }, 8 | { 9 | "title": "TryHackMe Network Hacktivities", 10 | "link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=network", 11 | "author": "TryHackMe" 12 | }, 13 | { 14 | "title": "OWASP Juice Shop", 15 | "link": "https://owasp.org/www-project-juice-shop/", 16 | "author": "OWASP" 17 | }, 18 | { 19 | "title": "Cyber Defenders Blue Team CTF Challenges", 20 | "link": "https://cyberdefenders.org/blueteam-ctf-challenges/?status=&difficulty=&categories=&mitre_tactics=&sort=&labtype=&q=", 21 | "author": "Cyber Defenders" 22 | }, 23 | { 24 | "title": "Blue Team Labs Online", 25 | "link": "https://blueteamlabs.online/", 26 | "author": "Blue Team Labs" 27 | }, 28 | { 29 | "title": "PicoCTF Practice", 30 | "link": "https://play.picoctf.org/practice/", 31 | "author": "PicoCTF" 32 | }, 33 | { 34 | "title": "Security Blue Team", 35 | "link": "https://www.securityblue.team/", 36 | "author": "Security Blue Team" 37 | }, 38 | { 39 | "title": "Let's Defend Training", 40 | "link": "https://app.letsdefend.io/training", 41 | "author": "Let's Defend" 42 | }, 43 | { 44 | "title": "SANS Cyber Ranges", 45 | "link": "https://www.sans.org/cyber-ranges/", 46 | "author": "SANS Institute" 47 | }, 48 | { 49 | "title": "MemLabs CTF Using Volatility Labs 4-6", 50 | "link": "https://ellisstannard.medium.com/memlabs-ctf-using-volatility-labs-4-6-bf4ddf19e7fd", 51 | "author": "Ellis Stannard" 52 | }, 53 | { 54 | "title": "Wireshark Sample Captures", 55 | "link": "https://wiki.wireshark.org/SampleCaptures", 56 | "author": "Wireshark" 57 | }, 58 | { 59 | "title": "Netresec Pcap Files", 60 | "link": "https://www.netresec.com/?page=PcapFiles", 61 | "author": "Netresec" 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /Purple Team/Security Assesment Manager/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ResourceName": "Practical Vulnerability Management", 4 | "Link": "https://www.amazon.com/Practical-Vulnerability-Management-Andrew-Magnusson/dp/1593279884", 5 | "Author": "Andrew Magnusson", 6 | "Description": "A practical guide to vulnerability management." 7 | }, 8 | { 9 | "ResourceName": "VulDB - Vulnerability Database", 10 | "Link": "https://vuldb.com/", 11 | "Author": "VulDB", 12 | "Description": "Access a comprehensive vulnerability database." 13 | }, 14 | { 15 | "ResourceName": "The Web Application Hacker's Handbook", 16 | "Link": "https://www.amazon.com/dp/B00C0OBZI0", 17 | "Author": "Dafydd Stuttard and Marcus Pinto", 18 | "Description": "An excellent resource for understanding web application vulnerabilities and security testing." 19 | }, 20 | { 21 | "ResourceName": "Network Security Essentials", 22 | "Link": "https://www.amazon.com/dp/B01F9G4686?tag=bblpage-20", 23 | "Author": "William Stallings", 24 | "Description": "This book covers fundamental concepts in network security." 25 | }, 26 | { 27 | "ResourceName": "The Foundations of Vulnerability Management", 28 | "Link": "https://www.amazon.com/dp/1804614971/ref=sspa_dk_detail_2?psc=1&pd_rd_i=1804614971&content-id=amzn1.sym.eb7c1ac5-7c51-4df5-ba34-ca810f1f119a&s=books&sp_csd=d2lkZ2V0TmFtZT1zcF9kZXRhaWw", 29 | "Author": "Various Authors", 30 | "Description": "A comprehensive guide to the foundations of vulnerability management." 31 | }, 32 | { 33 | "ResourceName": "NIST Glossary - Vulnerability", 34 | "Link": "https://csrc.nist.gov/glossary/term/vulnerability", 35 | "Author": "NIST (National Institute of Standards and Technology)", 36 | "Description": "Access the NIST glossary definition of vulnerability." 37 | }, 38 | { 39 | "ResourceName": "Podcast - Vulnerability", 40 | "Link": "https://player.fm/podcasts/Vulnerability", 41 | "Author": "Various Podcast Hosts", 42 | "Description": "Explore podcasts related to vulnerability topics." 43 | } 44 | ] 45 | 46 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Security Operations Center (SOC) Analyst/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "books": [ 3 | { 4 | "title": "Managing Modern Security Operations Center: Building Perfect Career as SOC Analyst", 5 | "link": "https://www.barnesandnoble.com/w/managing-modern-security-operations-center-building-perfect-career-as-soc-analyst-publicancy-ltd/1143989775", 6 | "author": "Publicancy Ltd" 7 | }, 8 | { 9 | "title": "Jump Start Your SOC Analyst Career", 10 | "link": "https://books.apple.com/gb/book/jump-start-your-soc-analyst-career/id1556687842", 11 | "author": "Not specified" 12 | }, 13 | { 14 | "title": "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software", 15 | "link": "https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901", 16 | "author": "Michael Sikorski, Andrew Honig" 17 | }, 18 | { 19 | "title": "Applied Network Security Monitoring: Collection, Detection, and Analysis", 20 | "link": "https://www.perlego.com/book/1809957/applied-network-security-monitoring-collection-detection-and-analysis-pdf", 21 | "author": "Chris Sanders, Jason Smith" 22 | }, 23 | { 24 | "title": "Effective Threat Investigation for SOC Analysts", 25 | "link": "https://www.amazon.com/Effective-Threat-Investigation-SOC-Analysts/dp/1837634785", 26 | "author": "Syed Ali, Rashid Alnemry" 27 | } 28 | ], 29 | "podcasts": [ 30 | { 31 | "title": "What Does a SOC Analyst Do? - Cybersecurity Career Series", 32 | "link": "https://podcasts.apple.com/sk/podcast/what-does-a-soc-analyst-do-cybersecurity-career-series/id1419689068?i=1000548451806", 33 | "author": "Not specified" 34 | }, 35 | { 36 | "title": "Hacked", 37 | "link": "https://podcasts.apple.com/us/podcast/hacked/id1049420219", 38 | "author": "Not specified" 39 | }, 40 | { 41 | "title": "Security Now (Audio)", 42 | "link": "https://podcasts.apple.com/us/podcast/security-now-audio/id79016499", 43 | "author": "Steve Gibson, Leo Laporte" 44 | }, 45 | { 46 | "title": "Darknet Diaries", 47 | "link": "https://darknetdiaries.com/", 48 | "author": "Jack Rhysider" 49 | } 50 | ] 51 | } 52 | 53 | -------------------------------------------------------------------------------- /Red Team/Vulnerability Assessor/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "CertificationName": "Certified Vulnerability Assessor (CVA)", 4 | "Link": "https://niccs.cisa.gov/education-training/catalog/mile2/certified-vulnerability-assessor-cva", 5 | "Author": "Mile2", 6 | "Description": "Become a Certified Vulnerability Assessor with this certification." 7 | }, 8 | { 9 | "CertificationName": "Certified Information Systems Security Professional (CISSP)", 10 | "Link": "https://www.isc2.org/Certifications/CISSP", 11 | "Author": "ISC² (International Information System Security Certification Consortium)", 12 | "Description": "Obtain the CISSP certification in information security." 13 | }, 14 | { 15 | "CertificationName": "Certified Information Security Manager (CISM)", 16 | "Link": "https://www.isaca.org/certifications/cism", 17 | "Author": "ISACA (Information Systems Audit and Control Association)", 18 | "Description": "Get certified as an Information Security Manager." 19 | }, 20 | { 21 | "CertificationName": "Certified Ethical Hacker (CEH)", 22 | "Link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/", 23 | "Author": "EC-Council", 24 | "Description": "Become a Certified Ethical Hacker." 25 | }, 26 | { 27 | "CertificationName": "Certified Information Systems Auditor (CISA)", 28 | "Link": "https://www.isaca.org/certifications/cisa", 29 | "Author": "ISACA (Information Systems Audit and Control Association)", 30 | "Description": "Obtain the CISA certification in information systems auditing." 31 | }, 32 | { 33 | "CertificationName": "Certified Information Security Technician (CIST)", 34 | "Link": "https://www.mile2.com/certified-information-security-technician.html", 35 | "Author": "Mile2", 36 | "Description": "Get certified as an Information Security Technician." 37 | }, 38 | { 39 | "CertificationName": "Certified Information Systems Manager (CISM)", 40 | "Link": "https://www.isaca.org/certifications/cism", 41 | "Author": "ISACA (Information Systems Audit and Control Association)", 42 | "Description": "Become a Certified Information Systems Manager." 43 | } 44 | ] 45 | -------------------------------------------------------------------------------- /Purple Team/Vulnerability Management Analyst/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "CertificationName": "Certified Vulnerability Assessor (CVA)", 4 | "Link": "https://niccs.cisa.gov/education-training/catalog/mile2/certified-vulnerability-assessor-cva", 5 | "Author": "Mile2", 6 | "Description": "Become a Certified Vulnerability Assessor with this certification." 7 | }, 8 | { 9 | "CertificationName": "Certified Information Systems Security Professional (CISSP)", 10 | "Link": "https://www.isc2.org/Certifications/CISSP", 11 | "Author": "ISC² (International Information System Security Certification Consortium)", 12 | "Description": "Obtain the CISSP certification in information security." 13 | }, 14 | { 15 | "CertificationName": "Certified Information Security Manager (CISM)", 16 | "Link": "https://www.isaca.org/certifications/cism", 17 | "Author": "ISACA (Information Systems Audit and Control Association)", 18 | "Description": "Get certified as an Information Security Manager." 19 | }, 20 | { 21 | "CertificationName": "Certified Ethical Hacker (CEH)", 22 | "Link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/", 23 | "Author": "EC-Council", 24 | "Description": "Become a Certified Ethical Hacker." 25 | }, 26 | { 27 | "CertificationName": "Certified Information Systems Auditor (CISA)", 28 | "Link": "https://www.isaca.org/certifications/cisa", 29 | "Author": "ISACA (Information Systems Audit and Control Association)", 30 | "Description": "Obtain the CISA certification in information systems auditing." 31 | }, 32 | { 33 | "CertificationName": "Certified Information Security Technician (CIST)", 34 | "Link": "https://www.mile2.com/certified-information-security-technician.html", 35 | "Author": "Mile2", 36 | "Description": "Get certified as an Information Security Technician." 37 | }, 38 | { 39 | "CertificationName": "Certified Information Systems Manager (CISM)", 40 | "Link": "https://www.isaca.org/certifications/cism", 41 | "Author": "ISACA (Information Systems Audit and Control Association)", 42 | "Description": "Become a Certified Information Systems Manager." 43 | } 44 | ] 45 | -------------------------------------------------------------------------------- /Blue Team/Intrusion Detection and Prevention Systems (IDPS) Analyst/IDPS.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING INTRUSION DETECTION AND PREVENTION SYSTEM 2 | 3 | ![Identity and Access Management (IAM) Analyst](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/c941402f-d1e6-45f5-93e7-7dac9a9d3916) 4 | 5 | OR USE THE PDF ;) 6 | 7 | [Identity and Access Management (IAM) Analyst.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13617291/Identity.and.Access.Management.IAM.Analyst.pdf) 8 | 9 | 10 | # Our roadmap to becoming an Intrusion Detection And Prevention System (IDPS) Analyst 11 | 12 | 13 | Networking Fundamentals: 14 | 15 | Understanding TCP/IP protocols, subnetting, OSI model, and common network topologies. 16 | Knowledge of network devices, their functions, and how they interact within a network. 17 | 18 | Security Fundamentals: 19 | 20 | Deep understanding of cybersecurity principles, common attack vectors, and threat landscape. 21 | Familiarity with security protocols, encryption, and authentication mechanisms. 22 | 23 | IDPS Tools and Technologies: 24 | 25 | Proficiency in configuring, deploying, and managing IDPS solutions. 26 | Hands-on experience with IDPS tools like Snort, Suricata, Bro/Zeek, and familiarity with their rule syntax. 27 | 28 | Network Traffic Analysis: 29 | 30 | Ability to analyze network traffic patterns and identify anomalies that could indicate potential security threats. 31 | Understanding how to interpret and respond to alerts generated by IDPS systems. 32 | 33 | Incident Response and Investigation: 34 | 35 | Knowledge of incident response procedures and methodologies. 36 | Experience in investigating security incidents, identifying the root cause, and recommending remediation steps. 37 | 38 | Continuous Learning and Adaptability: 39 | 40 | Commitment to staying updated with the latest security trends, emerging threats, and IDPS advancements. 41 | Adaptability to rapidly changing security landscapes and evolving attack techniques. 42 | 43 | Soft Skills: 44 | 45 | Effective communication skills for collaborating with teams and conveying complex security findings. 46 | Problem-solving and critical-thinking abilities to analyze and respond to security incidents effectively. 47 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Operations & Security Manager/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "title": "Project Management Professional (PMP)", 5 | "provider": "PMI", 6 | "link": "https://www.pmi.org/certifications/project-management-pmp" 7 | }, 8 | { 9 | "title": "Cisco Certified Network Associate (CCNA)", 10 | "provider": "Cisco", 11 | "link": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html" 12 | }, 13 | { 14 | "title": "Physical Security Certification (PSC)", 15 | "provider": "Center for Development of Security Excellence", 16 | "link": "https://www.cdse.edu/Certification/About-SP%C4%93D-Certification/Physical-Security-Certification/" 17 | }, 18 | { 19 | "title": "Information Technology Infrastructure Library (ITIL)", 20 | "provider": "IBM", 21 | "link": "https://www.ibm.com/topics/it-infrastructure-library" 22 | }, 23 | { 24 | "title": "Certified Protection Professional (CPP)", 25 | "provider": "ASIS International", 26 | "link": "https://www.asisonline.org/certification/certified-protection-professional-cpp/" 27 | }, 28 | { 29 | "title": "Certified in Cybersecurity (CC)", 30 | "provider": "ISC2", 31 | "link": "https://www.isc2.org/certifications/cc" 32 | }, 33 | { 34 | "title": "Security5 Certification", 35 | "provider": "PracticeTests", 36 | "link": "https://www.practicetests.info/infowiki/index.php?title=Security5-Certification" 37 | }, 38 | { 39 | "title": "Blue Team Level 2 Advanced Security Operations Certification", 40 | "provider": "SecurityBlue", 41 | "link": "https://www.securityblue.team/btl2" 42 | }, 43 | { 44 | "Certification":"Certified Information Security Manager (CISM)", 45 | "Authors":[ 46 | "ISACA" 47 | ], 48 | "Link":"https://www.isaca.org/certification/cism-certified-information-security-manager" 49 | }, 50 | { 51 | "title": "Cybersecurity Certifications", 52 | "provider": "National Initiative for Cybersecurity Careers and Studies (NICCS)", 53 | "link": "https://niccs.cisa.gov/education-training/cybersecurity-certifications" 54 | } 55 | ] 56 | } 57 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Governance Risk and Compliance Specialist/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "Resources": [ 3 | { 4 | "title": "Cyber Security Management, Governance, and Compliance", 5 | "author": "Cyber Security Management, Governance, and Compliance", 6 | "link": "https://www.amazon.ca/Cyber-Security-Management-Governance-Compliance/dp/1472432096" 7 | }, 8 | { 9 | "title": "IT Governance USA Books", 10 | "author": "IT Governance USA Books", 11 | "link": "https://www.itgovernanceusa.com/shop/category/it-governance-usa-books" 12 | }, 13 | { 14 | "title": "How Cyber Security Works", 15 | "author": "How Cyber Security Works", 16 | "link": "https://oreilly.com/library/view/how-cyber-security/9781787781979/xhtml/Chapter_01.html" 17 | }, 18 | { 19 | "title": "Compliance Podcast Network", 20 | "author": "Compliance Podcast Network", 21 | "link": "https://compliancepodcastnetwork.net/" 22 | }, 23 | { 24 | "title": "What's Ethical?", 25 | "author": "What's Ethical?", 26 | "link": "https://www.corporatecomplianceinsights.com/whats-ethical/" 27 | }, 28 | { 29 | "title": "Culture of Compliance", 30 | "author": "Culture of Compliance", 31 | "link": "https://podcasts.apple.com/us/podcast/culture-of-compliance/id1391198218" 32 | }, 33 | { 34 | "title": "Global Risk Community", 35 | "author": "Global Risk Community", 36 | "link": "https://globalriskcommunity.libsyn.com/" 37 | }, 38 | { 39 | "title": "Security and Compliance Weekly", 40 | "author": "Security and Compliance Weekly", 41 | "link": "https://www.scmagazine.com/podcast-show/security-and-compliance-weekly" 42 | }, 43 | { 44 | "title": "Security Ledger Podcasts", 45 | "author": "Security Ledger Podcasts", 46 | "link": "https://securityledger.com/category/podcasts/" 47 | }, 48 | { 49 | "title": "1st Talk Compliance", 50 | "author": "1st Talk Compliance", 51 | "link": "https://www.healthcarenowradio.com/programs/1st-talk-compliance/" 52 | }, 53 | { 54 | "title": "GRC & Me", 55 | "author": "GRC & Me", 56 | "link": "https://podcast.logicgate.com/public/30/GRC-%26-Me-d0046b6b" 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /Blue Team/Malware Analyst/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "GIAC Reverse Engineering Malware (GREM)", 4 | "link": "https://www.giac.org/certifications/reverse-engineering-malware-grem/", 5 | "author": "GIAC" 6 | }, 7 | { 8 | "title": "Practical JavaScript Malware Analysis", 9 | "link": "https://certifications.tcm-sec.com/pjmr/", 10 | "author": "TCM Security" 11 | }, 12 | { 13 | "title": "Malware Analysis Courses - Class Central", 14 | "link": "https://www.classcentral.com/subject/malware-analysis", 15 | "author": "Class Central" 16 | }, 17 | { 18 | "title": "ISC² Certified Malware Analyst", 19 | "link": "https://enroll.isc2.org/product?catalog=ISC2-MalAnalysis-CERT-FINAL-PUB", 20 | "author": "ISC²" 21 | }, 22 | { 23 | "title": "ISAC Certified Malware Analyst (ICMA)", 24 | "link": "https://isacfoundation.org/isac-certified-malware-analyst-icma/", 25 | "author": "ISAC Foundation" 26 | }, 27 | { 28 | "title": "INE Malware Analysis Professional", 29 | "link": "https://ine.com/learning/paths/malware-analysis-professional", 30 | "author": "INE" 31 | }, 32 | { 33 | "title": "Red Team Academy - Malware Analysis Course", 34 | "link": "https://redteamacademy.com/courses/malware-analysis-course-online/", 35 | "author": "Red Team Academy" 36 | }, 37 | { 38 | "title": "Certified Malware Analyst - RedTeam360", 39 | "link": "https://redteam360.com/courses/certified-malware-analyst/", 40 | "author": "RedTeam360" 41 | }, 42 | { 43 | "title": "Hacker Associate - MARE (Malware Analysis and Reverse Engineering)", 44 | "link": "https://hackerassociate.com/mare-malware-analysis-and-reverse-engineering/", 45 | "author": "Hacker Associate" 46 | }, 47 | { 48 | "title": "MOSSE Institute - MRE (Certified Reverse Engineer)", 49 | "link": "https://www.mosse-institute.com/certifications/mre-certified-reverse-engineer.html", 50 | "author": "MOSSE Institute" 51 | }, 52 | { 53 | "title": "EC-Council - Malware Analysis Fundamentals", 54 | "link": "https://codered.eccouncil.org/course/malware-analysis-fundamentals", 55 | "author": "EC-Council" 56 | } 57 | ] 58 | -------------------------------------------------------------------------------- /Blue Team/Cryptography Specialist/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "programming_languages": [ 3 | { 4 | "language": "C#", 5 | "learning_site": "https://www.codecademy.com/learn/learn-c-sharp" 6 | }, 7 | { 8 | "language": "C++", 9 | "learning_site": "https://www.codecademy.com/catalog/language/c-plus-plus" 10 | }, 11 | { 12 | "language": ".NET", 13 | "learning_site": "https://dotnet.microsoft.com/en-us/learn" 14 | }, 15 | { 16 | "language": "Java", 17 | "learning_site": "https://www.codecademy.com/catalog/language/java" 18 | }, 19 | { 20 | "language": "R", 21 | "learning_site": "https://www.codecademy.com/catalog/language/r" 22 | }, 23 | { 24 | "language": "PHP", 25 | "learning_site": "https://www.codecademy.com/catalog/language/php" 26 | }, 27 | { 28 | "language": "Python", 29 | "learning_site": "https://www.codecademy.com/catalog/language/python" 30 | } 31 | ], 32 | "it_security": { 33 | "software_hardware_solutions": "Knowledge of IT security software, hardware, and solutions", 34 | "learning_site": "https://www.cybrary.it/" 35 | }, 36 | "operating_systems": [ 37 | { 38 | "os": "MS Windows", 39 | "learning_site": "https://www.microsoft.com/en-us/itpro/windows" 40 | }, 41 | { 42 | "os": "Linux", 43 | "learning_site": "https://linuxjourney.com/" 44 | }, 45 | { 46 | "os": "UNIX", 47 | "learning_site": "https://www.tutorialspoint.com/unix/" 48 | } 49 | ], 50 | "source_code_development": { 51 | "skill": "Source Code Development", 52 | "learning_site": "https://www.udemy.com/topic/source-code/" 53 | }, 54 | "cryptography": { 55 | "skills": [ 56 | "Fluency in symmetric cryptography, such as hash functions and message authentication codes", 57 | "Understanding of number theories", 58 | "Knowledge of public key and private key encryption", 59 | "Knowledge of linear and matrix algebra" 60 | ], 61 | "learning_site": "https://www.coursera.org/courses?query=cryptography" 62 | }, 63 | "additional_qualities": [ 64 | "Excellent written and verbal communication", 65 | "Ability to multitask", 66 | "Interest in solving puzzles", 67 | "Critical thinking", 68 | "Problem-solving", 69 | "Interest in working in a team setting" 70 | ] 71 | } 72 | -------------------------------------------------------------------------------- /Blue Team/Endpoint Security Analyst/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "CoursesAndCertifications": [ 3 | { 4 | "title": "OPSWAT Certification", 5 | "site": "https://www.opswat.com/partners/certification" 6 | }, 7 | { 8 | "title": "The Complete Cyber Security Course - Endpoint Protection", 9 | "site": "https://www.udemy.com/course/the-complete-cyber-security-course-end-point-protection/" 10 | }, 11 | { 12 | "title": "Qualys EDR Foundation", 13 | "site": "https://www.qualys.com/training/course/edr-foundation/" 14 | }, 15 | { 16 | "title": "SANS Security Essentials Network, Endpoint, Cloud", 17 | "site": "https://www.sans.org/cyber-security-courses/security-essentials-network-endpoint-cloud/" 18 | }, 19 | { 20 | "title": "Certified SOC Analyst (CSA)", 21 | "site": "https://www.eccouncil.org/train-certify/certified-soc-analyst-csa/" 22 | }, 23 | { 24 | "title": "Certified Network Security Course", 25 | "site": "https://www.eccouncil.org/train-certify/certified-network-security-course/" 26 | }, 27 | { 28 | "title": "Endpoint Security Professional Learning Path", 29 | "site": "https://codered.eccouncil.org/learning-path/Endpoint-Security-Professional" 30 | }, 31 | { 32 | "title": "Microsoft Certified: Security Operations Analyst Associate", 33 | "site": "https://learn.microsoft.com/en-us/credentials/certifications/security-operations-analyst/" 34 | }, 35 | { 36 | "title": "CompTIA Network+ Certification", 37 | "site": "https://www.comptia.org/certifications/network" 38 | }, 39 | { 40 | "title": "CompTIA Cybersecurity Analyst (CySA+)", 41 | "site": "https://www.comptia.org/certifications/cybersecurity-analyst" 42 | }, 43 | { 44 | "title": "CompTIA Advanced Security Practitioner (CASP+)", 45 | "site": "https://www.comptia.org/certifications/comptia-advanced-security-practitioner" 46 | }, 47 | { 48 | "title": "GIAC Information Security Fundamentals (GISF)", 49 | "site": "https://www.giac.org/certifications/information-security-fundamentals-gisf/" 50 | }, 51 | { 52 | "title": "ISC2 Certified Information Systems Security Professional (CISSP)", 53 | "site": "https://www.isc2.org/certifications/cissp" 54 | } 55 | ] 56 | } 57 | -------------------------------------------------------------------------------- /Red Team/Incident Responder/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Simulation Labs": [ 3 | { 4 | "Name": "Cyber Practice Labs and Games by Circadence", 5 | "Link": "https://circadence.com/project-ares-lab-and-game-formats/", 6 | "Author": "Circadence" 7 | }, 8 | { 9 | "Name": "Free Cyber Ranging Experience by Cyberranges", 10 | "Link": "https://www.cyberranges.com/free-access/", 11 | "Author": "Cyberranges" 12 | }, 13 | { 14 | "Name": "Hacktivities(Incident Response) by THM", 15 | "Link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=incident+response", 16 | "Author": "TryHackMe" 17 | }, 18 | { 19 | "Name": "Incident Responder Training by Group IB", 20 | "Link": "https://www.group-ib.com/cybersecurity-education/technical-training-programs/incident-responder/", 21 | "Author": "Group IB" 22 | }, 23 | { 24 | "Name": "2 Day - Incident Response Training by AWSN", 25 | "Link": "https://www.awsn.org.au/initiatives/2-day-incident-response-training/", 26 | "Author": "AWSN" 27 | }, 28 | { 29 | "Name": "Digital Forensics and Incident Response (DFIR) Content Series by Cybrary", 30 | "Link": "https://www.cybrary.it/cybrary-select/digital-forensics-and-incident-response-dfir-content-series", 31 | "Author": "Cybrary" 32 | }, 33 | { 34 | "Name": "Training by DFIR", 35 | "Link": "https://dfirdiva.com/training/", 36 | "Author": "DFIR" 37 | }, 38 | { 39 | "Name": "Cyber Training Labs by Cyber Stronger", 40 | "Link": "https://www.cyberstronger.com/cyber-training-labs", 41 | "Author": "Cyber Stronger" 42 | }, 43 | { 44 | "Name": "Incident Response by infosecinstitute", 45 | "Link": "https://www.infosecinstitute.com/skills/learning-paths/incident-response/", 46 | "Author": "InfoSec Institute" 47 | }, 48 | { 49 | "Name": "Find a Scholarship by Cyversity", 50 | "Link": "https://www.cyversity.org/develop-your-skills/find-a-scholarship/", 51 | "Author": "Cyversity" 52 | }, 53 | { 54 | "Name": "free-incident-response-training-plan by DFIR", 55 | "Link": "https://dfirdiva.com/free-incident-response-training-plan/", 56 | "Author": "DFIR" 57 | } 58 | ] 59 | } 60 | 61 | -------------------------------------------------------------------------------- /Red Team/Adversarial Threat Emulation Specialist/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "labs": [ 3 | { 4 | "name": "AT&T Cybersecurity", 5 | "link": "https://cybersecurity.att.com/products/adversary-simulation-service" 6 | }, 7 | { 8 | "name": "Caldera Labs Attack/Defense", 9 | "link": "https://caldera.mitre.org/" 10 | }, 11 | { 12 | "name": "NetSpi Dark Side Ops Adversary Simulation", 13 | "link": "https://www.netspi.com/training/dark-side-ops-adversary-simulation/" 14 | }, 15 | { 16 | "name": "AtomicRed Team Training", 17 | "link": "https://atomicredteam.io/" 18 | }, 19 | { 20 | "name": "DarkRelay Building Red and Blue Team Infrastructure for Adversary Emulation", 21 | "link": "https://www.darkrelay.com/post/red-and-blue-team-labs" 22 | }, 23 | { 24 | "name": "Altered Security Windows Red Team Labs", 25 | "link": "https://www.alteredsecurity.com/redteamlab" 26 | }, 27 | { 28 | "name": "Red Team Labs Training", 29 | "link": "https://theredteamlabs.com/" 30 | }, 31 | { 32 | "name": "Opentech Labs Red Team Lab", 33 | "link": "https://www.opentech.fund/labs/red-team-lab/" 34 | }, 35 | { 36 | "name": "Netitude Labs Advanced Threat Actor Simulation and Red Team Training", 37 | "link": "https://labs.nettitude.com/training/advanced-threat-actor-simulation-and-red-team-training/" 38 | }, 39 | { 40 | "name": "Cyber Ranges Threat Emulation", 41 | "link": "https://www.cyberranges.com/threat-emulation/" 42 | }, 43 | { 44 | "name": "Offensive Security Red Team Training", 45 | "link": "https://www.offsec.com/labs/individual/" 46 | }, 47 | { 48 | "name": "AttackIQ Intermediate Breach & Attack Simulation", 49 | "link": "https://www.academy.attackiq.com/learning-path/intermediate-breach-attack-simulation" 50 | }, 51 | { 52 | "name": "AttackIQ Intermediate MITRE ATT&CK", 53 | "link": "https://www.academy.attackiq.com/learning-path/intermediate-mitre-attck" 54 | }, 55 | { 56 | "name": "Obscurity Labs Adversary Emulation Labs", 57 | "link": "https://obscuritylabs.com/adversary-emulation/" 58 | }, 59 | { 60 | "name": "FourCore.io Top 10 Open Source Adversary Emulation Tools", 61 | "link": "https://fourcore.io/blogs/top-10-open-source-adversary-emulation-tools" 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /Blue Team/ICS Cyber Security(OT)/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "sites": [ 3 | { 4 | "url": "https://www.amazon.com/Industrial-Cybersecurity-Efficiently-critical-infrastructure/dp/1788395158", 5 | "author": "Author Name" 6 | }, 7 | { 8 | "url": "https://github.com/PacktPublishing/Industrial-Cybersecurity-Second-Edition", 9 | "author": "Packt Publishing" 10 | }, 11 | { 12 | "url": "https://books.google.com.ng/books/about/Practical_Industrial_Cybersecurity.html?id=EYm2zgEACAAJ&redir_esc=y", 13 | "author": "Author Name" 14 | }, 15 | { 16 | "url": "https://www.amazon.fr/Cybersecurity-Industrial-Control-Systems-English-ebook/dp/B0071ART60", 17 | "author": "Author Name" 18 | }, 19 | { 20 | "url": "https://www.pdfdrive.com/guide-to-industrial-control-systems-ics-security-cyber-security-e7011845.html", 21 | "author": "Author Name" 22 | }, 23 | { 24 | "url": "https://shop.elsevier.com/books/applied-cyber-security-and-the-smart-grid/knapp/978-1-59749-998-9", 25 | "author": "Knapp" 26 | }, 27 | { 28 | "url": "https://shop.elsevier.com/books/industrial-network-security/knapp/978-0-12-420114-9", 29 | "author": "Knapp" 30 | }, 31 | { 32 | "url": "https://www.amazon.com/Hacking-Exposed-Industrial-Control-Systems/dp/1259589714/", 33 | "author": "Author Name" 34 | }, 35 | { 36 | "url": "https://www.amazon.com/Pentesting-Industrial-Control-Systems-compromising/dp/1800202385", 37 | "author": "Author Name" 38 | }, 39 | { 40 | "url": "https://www.amazon.com/Industrial-Cybersecurity-Efficiently-cybersecurity-environment/dp/1800202091", 41 | "author": "Author Name" 42 | }, 43 | { 44 | "url": "https://iclass.eccouncil.org/product/ics-scada-textbook/", 45 | "author": "Author Name" 46 | }, 47 | { 48 | "url": "https://waterfall-security.com/ot-insights-center/", 49 | "author": "Waterfall Security" 50 | }, 51 | { 52 | "url": "https://isc.sans.edu/podcast.html", 53 | "author": "SANS Internet Storm Center" 54 | }, 55 | { 56 | "url": "https://www.infosecinstitute.com/podcast/", 57 | "author": "Infosec Institute" 58 | }, 59 | { 60 | "url": "https://podcasts.apple.com/us/podcast/beerisac-ot-ics-security-podcast-playlist/id1459741251", 61 | "author": "BeerISAC" 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /Purple Team/Purple Team Lead/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "Books": [ 3 | { 4 | "Title": "Purple People Leader: A Leadership Politics Book for Everyone", 5 | "Author": "Patti Dobrowolski", 6 | "Link": "https://www.amazon.com/Purple-People-Leader-Politics-Everyone/dp/1500965898" 7 | }, 8 | { 9 | "Title": "Purple Team Strategies", 10 | "Author": "Packt Publishing", 11 | "Link": "https://github.com/PacktPublishing/Purple-Team-Strategies" 12 | } 13 | ], 14 | "Podcasts": [ 15 | { 16 | "Title": "The Purple Team Podcast", 17 | 18 | "Link": "https://podcasts.apple.com/us/podcast/the-purple-team-podcast/id1518088802" 19 | }, 20 | { 21 | "Title": "Resilient Cyber Podcast - Offensive Security & Purple Teaming", 22 | "Host": "John D. (Podcast link provided)", 23 | "Link": "https://johndcyber.com/resilient-cyber-podcast-offensive-security-purple-teaming-13c629d31b0a" 24 | }, 25 | { 26 | "Title": "Purple Team Podcast", 27 | "Host": "Lithify", 28 | "Link": "https://lithify.co.uk/?view=article&id=120:purple-team-podcast&catid=8" 29 | }, 30 | { 31 | "Title": "The Evolution of Purple Teaming", 32 | "Host": "Steven Bowcut (Podcast link provided)", 33 | "Link": "https://podcasters.spotify.com/pod/show/steven-bowcut/episodes/The-Evolution-of-Purple-Teaming-e2bmajn" 34 | } 35 | ], 36 | "Other Resources": [ 37 | { 38 | "Title": "Purple Teaming Enablement", 39 | "Source": "Cymulate", 40 | "Link": "https://cymulate.com/solutions/purple-teaming-enablement/" 41 | }, 42 | { 43 | "Title": "Improve Your Defensive Success with Purple Team Exercises", 44 | "Source": "mnemonic", 45 | "Link": "https://www.mnemonic.io/resources/blog/improve-your-defensive-success-with-purple-team-exercises/" 46 | }, 47 | { 48 | "Title": "Lessons Learned from a Year of Delivering Purple Team Exercises", 49 | "Source": "mnemonic", 50 | "Link": "https://www.mnemonic.io/resources/blog/lessons-learned-from-a-year-of-delivering-purple-team-exercises/" 51 | }, 52 | { 53 | "Title": "YouTube Video - Purple Teaming Explained", 54 | 55 | "Link": "https://www.youtube.com/watch?v=WoX2qBEegmE" 56 | } 57 | ] 58 | } 59 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Awareness & Training Instructor/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "resources": [ 3 | { 4 | "link": "https://securityawareness.usalearning.gov/cybersecurity/index.htm#", 5 | "title": "Security Awareness Training", 6 | "author": "USA Learning" 7 | }, 8 | { 9 | "link": "https://niccs.cisa.gov/education-training/catalog/supremus-group-llc/certified-cybersecurity-awareness-professional-ccap", 10 | "title": "Certified Cybersecurity Awareness Professional (CCAP)", 11 | "author": "Supremus Group LLC" 12 | }, 13 | { 14 | "link": "https://www.sans.org/cyber-security-courses/?msc=home-header", 15 | "title": "SANS Cyber Security Courses", 16 | "author": "SANS Institute" 17 | }, 18 | { 19 | "link": "https://www.comptia.org/certifications/security", 20 | "title": "CompTIA Security+", 21 | "author": "CompTIA" 22 | }, 23 | { 24 | "link": "https://www.isc2.org/Certifications/CISSP", 25 | "title": "Certified Information Systems Security Professional (CISSP)", 26 | "author": "(ISC)²" 27 | }, 28 | { 29 | "link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/", 30 | "title": "Certified Ethical Hacker (CEH)", 31 | "author": "EC-Council" 32 | }, 33 | { 34 | "link": "https://www.isaca.org/credentialing/cism", 35 | "title": "Certified Information Security Manager (CISM)", 36 | "author": "ISACA" 37 | }, 38 | { 39 | "link": "https://www.offensive-security.com/courses-and-certifications/oscp/", 40 | "title": "Offensive Security Certified Professional (OSCP)", 41 | "author": "Offensive Security" 42 | }, 43 | { 44 | "link": "https://www.hhs.gov/about/agencies/asa/ocio/cybersecurity/security-awareness-training/index.html", 45 | "title": "HHS Cybersecurity Awareness Training", 46 | "author": "U.S. Department of Health & Human Services (HHS)" 47 | }, 48 | { 49 | "link": "https://cofense.com/knowledge-center/online-security-awareness-training/", 50 | "title": "Cofense Security Awareness Training", 51 | "author": "Cofense" 52 | }, 53 | { 54 | "link": "https://www.eset.com/us/business/cybersecurity-awareness-training/?ref=AFC-CJ&attr=8028369&pub=14451291&shop=0043-3561-3088-2150-7783&cjevent=1f2f86017ff211ee807d16250a18ba72", 55 | "title": "ESET Cybersecurity Awareness Training", 56 | "author": "ESET" 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /Red Team/Incident Responder/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "Podcasts": [ 3 | { 4 | "Title": "Applied Incident Response By Steve Anson", 5 | "Link": "https://archive.org/details/applied-incident-response-by-steve-anson_202107" 6 | }, 7 | { 8 | "Title": "IR Resources by Applied Incident Response", 9 | "Link": "https://www.appliedincidentresponse.com/resources" 10 | }, 11 | { 12 | "Title": "Incident Response & Computer Forensics, Third Edition", 13 | "Link": "https://www.amazon.com/Incident-Response-Computer-Forensics-Third/dp/0071798684", 14 | "Authors": "Jason T. Luttgens, Matthew Pepe, Kevin Mandia", 15 | "Edition": "3rd" 16 | }, 17 | { 18 | "Title": "Incident-Response Podcast by Player.fm", 19 | "Link": "https://player.fm/podcasts/Incident-Response" 20 | }, 21 | { 22 | "Title": "Darknetdiaries", 23 | "Author": "Jack Rhysider", 24 | "Link": "https://darknetdiaries.com/" 25 | }, 26 | { 27 | "Title": "Incident-Response Podcast by IMF Security", 28 | "Link": "https://www.imfsecurity.com/podcast" 29 | }, 30 | { 31 | "Title": "Computer Forensics and Digital Investigations Specialization by Coursera", 32 | "Link": "https://www.coursera.org/specializations/computer-forensics" 33 | }, 34 | { 35 | "Title": "Incident Response and Forensics by SANS Institute", 36 | "Link": "https://www.sans.org/cyber-security-courses/incident-response-forensics" 37 | }, 38 | { 39 | "Title": "CyberRanges Podcasts" 40 | "Link" : "https://www.cyberranges.com/podcasts/" 41 | }; 42 | { 43 | "Title": "Digital Forensics and Incident Response by Cybrary", 44 | "Link": "https://www.cybrary.it/course/digital-forensics-and-incident-response/" 45 | }, 46 | { 47 | "Title": "Incident Response Fundamentals by Pluralsight", 48 | "Link": "https://www.pluralsight.com/courses/incident-response-fundamentals" 49 | }, 50 | { 51 | "Title": "Windows Forensics and Incident Recovery by Cybrary", 52 | "Link": "https://www.cybrary.it/course/windows-forensics-incident-recovery/" 53 | }, 54 | { 55 | "Title": "Incident Response Playbook by TheHive Project", 56 | "Link": "https://github.com/TheHive-Project/playbook" 57 | } 58 | ] 59 | } 60 | -------------------------------------------------------------------------------- /Red Team/Red Team Lead/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "Books":[ 3 | { 4 | "Title":"Red Team Development and Operations: A practical guide", 5 | "Format":"Paperback", 6 | "Publication Date":"January 20, 2020", 7 | "Authors":[ 8 | "Joe Vest (Author)", 9 | "James Tubberville (Author)" 10 | ], 11 | "URL":"https://www.amazon.com/Red-Team-Development-Operations-practical/dp/B083XVG633" 12 | }, 13 | { 14 | "Title":"Red Team: How to Succeed By Thinking Like the Enemy", 15 | "Format":"Audio CD", 16 | "Publication Date":"November 1, 2016", 17 | "Authors":[ 18 | "Micah Zenko (Author)", 19 | "Christopher Lane (Reader)" 20 | ], 21 | "URL":"https://www.amazon.com/Red-Team-Succeed-Thinking-Enemy/dp/1501274899" 22 | }, 23 | { 24 | "Title":"Red Teaming: How Your Business Can Conquer the Competition by Challenging Everything", 25 | "Format":"Hardcover", 26 | "Publication Date":"May 16, 2017", 27 | "Authors":[ 28 | "Bryce G. Hoffman (Author)" 29 | ], 30 | "URL":"https://www.amazon.com/Red-Teaming-Competition-Challenging-Everything/dp/1101905972" 31 | } 32 | ], 33 | "Podcasts":[ 34 | { 35 | "Title":"Red Team Podcast by Redteams.net", 36 | "URL":"https://www.podchaser.com/podcasts/red-team-podcast-585628/episodes/recent" 37 | }, 38 | { 39 | "Title":"Red Team Podcast by Player Fm Podcasts", 40 | "URL":"https://player.fm/podcasts/Red-Team" 41 | }, 42 | { 43 | "Title":"True stories from the dark side of the Internet by Jack Rhysider", 44 | "URL":"https://darknetdiaries.com/" 45 | }, 46 | { 47 | "Title":"Security Episodes by smashingsecurity", 48 | "URL":"https://www.smashingsecurity.com/episodes/" 49 | }, 50 | { 51 | "Title":"Control Loop: The OT Cybersecurity Podcast by CyberWire", 52 | "URL":"https://thecyberwire.com/podcasts/control-loop" 53 | }, 54 | { 55 | "Title":"Shadowspeak by Cyber", 56 | "URL":"https://thecyberwire.com/podcasts/shadowspeak" 57 | }, 58 | { 59 | "Title":"security-weekly by SCmagazine", 60 | "URL":"https://www.scmagazine.com/security-weekly" 61 | }, 62 | { 63 | "Title":"Red Team Podcast", 64 | "URL":"https://toppodcast.com/podcast_feeds/red-team-podcast/" 65 | } 66 | ] 67 | } 68 | -------------------------------------------------------------------------------- /Red Team/Cyber Security Engineer & Architect/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Security Labs and Training Resources": [ 3 | { 4 | "name": "Immersive Labs Hands-On Labs", 5 | "link": "https://www.immersivelabs.com/hands-on-labs/", 6 | "author": "Cyberanges" 7 | }, 8 | { 9 | "name": "Hack The Box Practical Hacking Labs", 10 | "link": "https://www.hackthebox.com/hacker/hacking-labs", 11 | "author": "Hack The Box" 12 | }, 13 | { 14 | "name": "Cloud Security Labs by Blacksky & HTB", 15 | "link": "https://www.hackthebox.com/business/professional-labs/cloud-labs-blacksky", 16 | "author": "Blacksky & Hack The Box" 17 | }, 18 | { 19 | "name": "Business Cyber Security Training by HTB", 20 | "link": "https://www.hackthebox.com/business-cyber-security-training", 21 | "author": "Hack The Box" 22 | }, 23 | { 24 | "name": "TryHackMe Security Engineer Training", 25 | "link": "https://tryhackme.com/path/outline/security-engineer-training", 26 | "author": "TryHackMe" 27 | }, 28 | { 29 | "name": "Cybersecurity Labs by Nova Labs", 30 | "link": "https://www.pbs.org/wgbh/nova/labs/lab/cyber/", 31 | "author": "Nova Labs" 32 | }, 33 | { 34 | "name": "Become a Security Engineer by Cybernowlabs", 35 | "link": "https://cybernowlabs.com/engineer/", 36 | "author": "Cybernowlabs" 37 | }, 38 | { 39 | "name": "Google Professional Cloud Security Engineer", 40 | "link": "https://cloud.google.com/learn/certification/cloud-security-engineer", 41 | "author": "Google" 42 | }, 43 | { 44 | "name": "Blue Team Labs by Blue Team Labs", 45 | "link": "https://blueteamlabs.online/", 46 | "author": "Blue Team Labs" 47 | }, 48 | { 49 | "name": "IBM Security Learning Academy", 50 | "link": "https://www.securitylearningacademy.com/", 51 | "author": "IBM" 52 | }, 53 | { 54 | "name": "SANS Institute Cyber Security Training", 55 | "link": "https://www.sans.org/cyber-security-courses", 56 | "author": "SANS Institute" 57 | }, 58 | { 59 | "name": "Cisco Learning Network Security Training", 60 | "link": "https://learningnetwork.cisco.com/s/security-training", 61 | "author": "Cisco" 62 | }, 63 | { 64 | "name": "EC-Council Certified Ethical Hacker (CEH)", 65 | "link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/", 66 | "author": "EC-Council" 67 | } 68 | ] 69 | } 70 | -------------------------------------------------------------------------------- /Blue Team/Network & System Security Administrator/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Security Labs and Training Resources": [ 3 | { 4 | "name": "Immersive Labs Hands-On Labs", 5 | "link": "https://www.immersivelabs.com/hands-on-labs/", 6 | "author": "Cyberanges" 7 | }, 8 | { 9 | "name": "Hack The Box Practical Hacking Labs", 10 | "link": "https://www.hackthebox.com/hacker/hacking-labs", 11 | "author": "Hack The Box" 12 | }, 13 | { 14 | "name": "Cloud Security Labs by Blacksky & HTB", 15 | "link": "https://www.hackthebox.com/business/professional-labs/cloud-labs-blacksky", 16 | "author": "Blacksky & Hack The Box" 17 | }, 18 | { 19 | "name": "Business Cyber Security Training by HTB", 20 | "link": "https://www.hackthebox.com/business-cyber-security-training", 21 | "author": "Hack The Box" 22 | }, 23 | { 24 | "name": "TryHackMe Security Engineer Training", 25 | "link": "https://tryhackme.com/path/outline/security-engineer-training", 26 | "author": "TryHackMe" 27 | }, 28 | { 29 | "name": "Cybersecurity Labs by Nova Labs", 30 | "link": "https://www.pbs.org/wgbh/nova/labs/lab/cyber/", 31 | "author": "Nova Labs" 32 | }, 33 | { 34 | "name": "Become a Security Engineer by Cybernowlabs", 35 | "link": "https://cybernowlabs.com/engineer/", 36 | "author": "Cybernowlabs" 37 | }, 38 | { 39 | "name": "Google Professional Cloud Security Engineer", 40 | "link": "https://cloud.google.com/learn/certification/cloud-security-engineer", 41 | "author": "Google" 42 | }, 43 | { 44 | "name": "Blue Team Labs by Blue Team Labs", 45 | "link": "https://blueteamlabs.online/", 46 | "author": "Blue Team Labs" 47 | }, 48 | { 49 | "name": "IBM Security Learning Academy", 50 | "link": "https://www.securitylearningacademy.com/", 51 | "author": "IBM" 52 | }, 53 | { 54 | "name": "SANS Institute Cyber Security Training", 55 | "link": "https://www.sans.org/cyber-security-courses", 56 | "author": "SANS Institute" 57 | }, 58 | { 59 | "name": "Cisco Learning Network Security Training", 60 | "link": "https://learningnetwork.cisco.com/s/security-training", 61 | "author": "Cisco" 62 | }, 63 | { 64 | "name": "EC-Council Certified Ethical Hacker (CEH)", 65 | "link": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/", 66 | "author": "EC-Council" 67 | } 68 | ] 69 | } 70 | 71 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Governance Risk and Compliance Specialist/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "Certifications": [ 3 | { 4 | "title": "GIAC Strategic Planning, Policy, and Leadership (GSTRT)", 5 | "author": "SANS", 6 | "link": "https://www.giac.org/certifications/strategic-planning-policy-leadership-gstrt/" 7 | }, 8 | { 9 | "title": "CISSP - Certified Information Systems Security Professional", 10 | "author": "isc2", 11 | "link": "https://www.isc2.org/certifications/cissp" 12 | }, 13 | { 14 | "title": "CGRC – Governance, Risk and Compliance Certification", 15 | "author": "isc2", 16 | "link": "https://www.isc2.org/Certifications/CGRC" 17 | }, 18 | { 19 | "title": "How to integrate GRC best practices into cybersecurity strategies", 20 | "author": "travasecurity", 21 | "link": "https://travasecurity.com/learn-with-trava/articles/governance-risk-compliance-grc-cybersecurity" 22 | }, 23 | { 24 | "title": "GRC Analyst Master Class", 25 | "author": "TCM security", 26 | "link": "https://academy.tcm-sec.com/p/grc" 27 | }, 28 | { 29 | "title": "Governance, Risk, & Compliance (GRC) Training", 30 | "author": "trutekacademy", 31 | "link": "https://www.trutekacademy.com/home/course/cybersecurity-third-party-risk-management-compliance-tprm-training/45" 32 | }, 33 | { 34 | "title": "CMMC 2.1", 35 | "author": "grcacademy", 36 | "link": "https://grcacademy.io/cmmc/" 37 | }, 38 | { 39 | "title": "ISAC CERTIFIED Cybersecurity Governance Professional", 40 | "author": "ISAC", 41 | "link": "https://www.isacindia.org/isac-certified-cyber-security-governance-professional-nccsgp/" 42 | }, 43 | { 44 | "title": "SANS GIAC Information Security Fundamentals (GISF)", 45 | "author": "SANS", 46 | "link": "https://www.giac.org/certifications/information-security-fundamentals-gisf/" 47 | }, 48 | { 49 | "title": "GIAC Security Leadership (GSLC)", 50 | "author": "SANS", 51 | "link": "https://www.giac.org/certifications/security-leadership-gslc/" 52 | }, 53 | { 54 | "title": "Certified Six Sigma Black Belt™ (CSSBB™) Certification Program", 55 | "author": "sixsigma", 56 | "link": "https://www.sixsigma-institute.org/Certified_Six_Sigma_Black_Belt_CSSBB_Program.php" 57 | }, 58 | { 59 | "title": "The GRC Approach to Managing Cybersecurity", 60 | "author": "University System of Georgia Courses", 61 | "link": "https://www.classcentral.com/course/grc-approach-to-managing-cybersecurity-20793" 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /Blue Team/Identity and Access Management (IAM) Analyst/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "Digital Identity and Access Management", 4 | "site": "https://www.igi-global.com/book/digital-identity-access-management/55281", 5 | "author": "IGI Global" 6 | }, 7 | { 8 | "title": "Identity and Access Management", 9 | "site": "https://www.amazon.com/Identity-Access-Management-Amar-Zulejhic/dp/B0BCNX9359", 10 | "author": "Amar Zulejhic" 11 | }, 12 | { 13 | "title": "Top 5 Identity Access Management Books to Read in 2022", 14 | "site": "https://www.zluri.com/blog/identity-access-management-books/", 15 | "author": "Zluri" 16 | }, 17 | { 18 | "title": "Focus on IAM: Identity and Access Management Simplified", 19 | "site": "https://www.amazon.com/Focus-IAM-Identity-Access-Management/dp/0991320530", 20 | "author": " Kiran Kumar Pabbathi " 21 | }, 22 | { 23 | "title": "An Advanced Guide to Identity Management and Security", 24 | "site": "https://www.jamf.com/resources/e-books/an-advanced-guide-to-identity-management-and-security/", 25 | "author": "Jamf" 26 | }, 27 | { 28 | "title": "Zero Trust and the Evolving Role of Identity and Access Management", 29 | "site": "https://securityintelligence.com/media/podcast-zero-trust-and-the-evolving-role-of-identity-and-access-management/", 30 | "author": "Security Intelligence" 31 | }, 32 | { 33 | "title": "Let's Talk About Digital Identity Podcast", 34 | "site": "https://www.ubisecure.com/lets-talk-about-digital-identity-podcast/", 35 | "author": "Ubisecure" 36 | }, 37 | { 38 | "title": "Identity & Access Management Best Practices, with Stuart Powell | GRC & Cyber Leaders", 39 | "site": "https://podcasts.apple.com/za/podcast/podcast/id1610565744?i=1000627717429", 40 | "author": "GRC & Cyber Leaders" 41 | }, 42 | { 43 | "title": "Identity Governance and Administration Podcast", 44 | "site": "https://www.oneidentity.com/identity-governance-and-administration-podcast/", 45 | "author": "One Identity" 46 | }, 47 | { 48 | "title": "Is IAM Really Fun? And How to Stay Ahead of the Curve in Cloud IAM", 49 | "site": "https://cloud.withgoogle.com/cloudsecurity/podcast/ep127-is-iam-really-fun-and-how-to-stay-ahead-of-the-curve-in-cloud-iam/", 50 | "author": "Google Cloud" 51 | }, 52 | { 53 | "title": "Manage Engine Identity & Access MAnagement Podcast", 54 | "site": "https://open.spotify.com/show/0BoPdoRktOX2KjFmNh4Q9o?si=c4515fd05f7e42c4", 55 | "author": "ManageEngine" 56 | } 57 | ] 58 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![EverythingCyberLogo](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/deb2a309-175f-4cb5-84b4-4afd7773ec77) 2 | 3 | # EverythingCyb3R 4 | 5 | Welcome to EverythingCyb3R, the GitHub repository that paves the way for your journey into the captivating world of cybersecurity. We've created an engaging and user-friendly framework that simplifies the complexities of the industry, making it fun and easy to understand. 6 | 7 | EverythingCyb3R is your trusted companion, designed with beginners in mind, guiding you through various cybersecurity job roles, essential skills, labs & training exercises, books & podcasts, and the certifications that validate your expertise. We understand that not all resources are one-size-fits-all, especially for those new to the field. That's why we curate content with your needs in focus, ensuring a smooth and comprehensive learning experience. 8 | 9 | We've transformed learning into an adventure, where each step brings you closer to unlocking new opportunities. With clear descriptions and interactive elements, EverythingCyb3R ensures that you can explore different pathways and discover your true passion in the dynamic field of cybersecurity. Embark on this exciting quest, expand your knowledge, and embrace the thrill of becoming a cybersecurity professional. 10 | 11 | Join us on everythingcyb3r.com as we navigate the ever-evolving landscape together, keeping in mind that your journey is unique, and we're here to support your individual learning needs. 12 | 13 | 14 | 15 | 16 | # For Update Notifications 17 | 18 | Follow me on Twitter: @obedeee_Jr - https://twitter.com/obedeee_Jr 19 | 20 | Watch or star the project on Github: https://github.com/d3vobed/EverythingCyb3R 21 | 22 | Suggestions, Comments, Feedback 23 | 24 | Feedback or new tool suggestions are extremely welcome! Please feel free to submit a pull request or open an issue on github or reach out on Twitter. 25 | 26 | 27 | 28 | # Contribute with a GitHub Pull Request 29 | 30 | 1. Update the future.json file in the format shown below. If this isn't the first entry for a folder, add a comma to the last closing brace of the previous entry. 31 | 32 | { 33 | "name": "Example Name", 34 | "author": "Example Author", 35 | "url": "http://example.com" 36 | } 37 | 38 | 2. Submit pull request! 39 | 40 | Thank you! 41 | 42 | # Please Note 43 | 44 | Before any links, resources, or files are shared here, they undergo a thorough review by our team of experts. Additionally, proper credit is attributed to all cyber and non-cyber related books, podcasts, repositories, websites, forums, and other materials hosted on this platform. Your cooperation is appreciated, and we encourage your continued engagement. 45 | 46 | # Checkout our LICENSE & SUPPORT PAGE 47 | -------------------------------------------------------------------------------- /Blue Team/ICS Cyber Security(OT)/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "cyberLabsAndTraining": [ 3 | { 4 | "url": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=ot", 5 | "author": "TryHackMe" 6 | }, 7 | { 8 | "url": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=industrial", 9 | "author": "TryHackMe" 10 | }, 11 | { 12 | "url": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=red+team+", 13 | "author": "TryHackMe" 14 | }, 15 | { 16 | "url": "https://www.sans.org/cyber-security-courses/ics-scada-cyber-security-essentials/", 17 | "author": "SANS Institute" 18 | }, 19 | { 20 | "url": "https://www.cisa.gov/ics-training-available-through-cisa", 21 | "author": "CISA" 22 | }, 23 | { 24 | "url": "https://ics-cybersecurity.academy/next-trainings/online-training/", 25 | "author": "ICS Cybersecurity Academy" 26 | }, 27 | { 28 | "url": "https://www.dragos.com/resource/dragos-ics-ot-cybersecurity-training-datasheet/", 29 | "author": "Dragos" 30 | }, 31 | { 32 | "url": "https://www.udemy.com/course/ics-scada-cyber-security/", 33 | "author": "Udemy" 34 | }, 35 | { 36 | "url": "https://scadahacker.com/training.html", 37 | "author": "SCADAhacker" 38 | }, 39 | { 40 | "url": "https://icscsi.org/", 41 | "author": "ICSCSI" 42 | }, 43 | { 44 | "url": "https://www.icscybersecurityconference.com/training/", 45 | "author": "ICS Cybersecurity Conference" 46 | }, 47 | { 48 | "url": "https://www.cybrary.it/course/ics-scada-fundamentals", 49 | "author": "Cybrary" 50 | }, 51 | { 52 | "url": "https://www.hackthebox.com/hacker/ctf", 53 | "author": "Hack The Box" 54 | }, 55 | { 56 | "url": "https://biplav.xyz/posts/lighttheway/", 57 | "author": "Author Name" 58 | }, 59 | { 60 | "url": "http://icssecurity.net/ctf", 61 | "author": "ICS Security" 62 | }, 63 | { 64 | "url": "https://www.infosec-city.com/post/sin18-ctf-ics-scada", 65 | "author": "Infosec City" 66 | }, 67 | { 68 | "url": "https://www.securonix.com/wp-content/uploads/2021/09/RSAC_2019_Scada_Attack_Detection_101.pdf", 69 | "author": "Securonix" 70 | }, 71 | { 72 | "url": "https://archive.conference.hitb.org/hitbsecconf2018dxb/scada-ctf-village-by-nshc/", 73 | "author": "NSHC" 74 | } 75 | ] 76 | } 77 | -------------------------------------------------------------------------------- /Red Team/Penetration Tester/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Penetration Tester Skills": { 3 | "Networking Fundamentals": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications.html", 4 | "Operating Systems": "https://linuxjourney.com/, https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines", 5 | "Programming and Scripting": "https://www.codecademy.com/learn/learn-python, https://ryanstutorials.net/bash-scripting-tutorial/, https://docs.microsoft.com/en-us/powershell/", 6 | "Web Application Security": "https://owasp.org/www-project-top-ten/, https://portswigger.net/web-security", 7 | "Network Security": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications.html", 8 | "Vulnerability Assessment": "https://www.tenable.com/learn/education", 9 | "Wireless Security": "https://www.wireshark.org/education.html", 10 | "Cryptography": "https://crypto101.io/, https://www.coursera.org/courses?query=cryptography", 11 | "Reverse Engineering": "https://www.begin.re/, https://courses.cs.washington.edu/courses/cse484/19sp/", 12 | "Exploit Development": "https://www.metasploitunleashed.com/, https://www.corelan-training.com/index.php/training/", 13 | "Social Engineering": "https://www.social-engineer.org/", 14 | "Penetration Testing Frameworks": "https://www.metasploitunleashed.com/, https://portswigger.net/burp, https://nmap.org/book/", 15 | "Web and Mobile App Testing": "https://portswigger.net/web-security, https://www.coursera.org/specializations/mobile-security", 16 | "Cloud Security": "https://aws.amazon.com/training/, https://docs.microsoft.com/en-us/learn/certifications/az-900?view=azure-203", 17 | "IoT Security": "https://www.coursera.org/courses?query=IoT%20Security", 18 | "Physical Security": "https://www.securitymagazine.com/articles/93459-physical-security-concepts-and-principles", 19 | "Report Writing": "https://resources.infosecinstitute.com/report-writing-best-practices-for-penetration-testers/", 20 | "Legal and Compliance Knowledge": "https://www.coursera.org/courses?query=cybersecurity%20law", 21 | "Continuous Learning": "https://www.cyberscoop.com/, https://threatpost.com/", 22 | "Communication and Collaboration": "https://www.skillsyouneed.com/communication-skills.html, https://www.atlassian.com/team-playbook", 23 | "Problem-Solving": "https://www.skillsyouneed.com/lead/critical-thinking.html", 24 | "Ethics and Professionalism": "https://www.eccouncil.org/ceh/code-of-ethics/", 25 | "Certifications": "https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/, https://www.offsec.com/certifications/oscp/, https://www.isc2.org/Certifications/CISSP, https://www.comptia.org/certifications/security+" 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /Blue Team/Intrusion Detection and Prevention Systems (IDPS) Analyst/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Simulation Labs": [ 3 | { 4 | "Name": "Cyber Practice Labs and Games by Circadence", 5 | "Link": "https://circadence.com/project-ares-lab-and-game-formats/", 6 | "Author": "Circadence" 7 | }, 8 | { 9 | "Name": "Free Cyber Ranging Experience by Cyberranges", 10 | "Link": "https://www.cyberranges.com/free-access/", 11 | "Author": "Cyberranges" 12 | }, 13 | { 14 | "Name": "Hacktivities(Incident Response) by THM", 15 | "Link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=incident+response", 16 | "Author": "TryHackMe" 17 | }, 18 | { 19 | "Name": "Hacktivities(Intrusion Detection) by THM" 20 | "Link": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=intrusion" 21 | "Author": "TryHackMe" 22 | }, 23 | { 24 | "Name": "Incident Responder Training by Group IB", 25 | "Link": "https://www.group-ib.com/cybersecurity-education/technical-training-programs/incident-responder/", 26 | "Author": "Group IB" 27 | }, 28 | { 29 | "Name": "2 Day - Incident Response Training by AWSN", 30 | "Link": "https://www.awsn.org.au/initiatives/2-day-incident-response-training/", 31 | "Author": "AWSN" 32 | }, 33 | { 34 | "Name": "Digital Forensics and Incident Response (DFIR) Content Series by Cybrary", 35 | "Link": "https://www.cybrary.it/cybrary-select/digital-forensics-and-incident-response-dfir-content-series", 36 | "Author": "Cybrary" 37 | }, 38 | { 39 | "Name": "Training by DFIR", 40 | "Link": "https://dfirdiva.com/training/", 41 | "Author": "DFIR" 42 | }, 43 | { 44 | "Name": "Cyber Training Labs by Cyber Stronger", 45 | "Link": "https://www.cyberstronger.com/cyber-training-labs", 46 | "Author": "Cyber Stronger" 47 | }, 48 | { 49 | "Name": "Incident Response by infosecinstitute", 50 | "Link": "https://www.infosecinstitute.com/skills/learning-paths/incident-response/", 51 | "Author": "InfoSec Institute" 52 | }, 53 | { 54 | "Name": "Find a Scholarship by Cyversity", 55 | "Link": "https://www.cyversity.org/develop-your-skills/find-a-scholarship/", 56 | "Author": "Cyversity" 57 | }, 58 | { 59 | "Name": "free-incident-response-training-plan by DFIR", 60 | "Link": "https://dfirdiva.com/free-incident-response-training-plan/", 61 | "Author": "DFIR" 62 | } 63 | ] 64 | } 65 | 66 | 67 | -------------------------------------------------------------------------------- /Blue Team/Cyber Forensics Investigator/CFI.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBER FORENSICS 2 | 3 | ![Cyber-ForensicsInvestigator](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/d1f24968-831e-40db-879f-4f9aa73ef506) 4 | 5 | 6 | OR USE THE PDF :) 7 | [Cyber-ForensicsInvestigator.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13314181/Cyber-ForensicsInvestigator.pdf) 8 | 9 | 10 | 11 | # Our guide to becoming a cyber forensics investigator 12 | 13 | 1. Build a Strong Foundation: 14 | Skills Required: 15 | Computer Science Fundamentals 16 | Operating System Knowledge (Windows, Linux) 17 | Networking Basics 18 | 19 | 2. Digital Forensics Fundamentals: 20 | Skills Required: 21 | Understanding of Digital Forensics Principles 22 | Resources: 23 | Digital Forensics Guide by NIST 24 | Introduction to Digital Forensics by SANS 25 | 26 | 3. Computer Operating Systems Knowledge: 27 | Skills Required: 28 | In-depth knowledge of Windows and Linux operating systems 29 | Resources: 30 | Windows Forensic Analysis by SANS 31 | Linux Forensic Analysis by SANS 32 | 33 | 4. Network Forensics: 34 | Skills Required: 35 | Understanding of network protocols and traffic analysis 36 | Resources: 37 | Network Forensics Basics by CyberPunk 38 | 39 | 5. Memory Forensics: 40 | Skills Required: 41 | Proficiency in memory forensics techniques 42 | Resources: 43 | Introduction to Memory Forensics by Volatility 44 | 45 | 6. Incident Response: 46 | Skills Required: 47 | Incident handling and response procedures 48 | Resources: 49 | Incident Response Fundamentals by SANS 50 | 51 | 7. Legal and Ethical Considerations: 52 | Skills Required: 53 | Knowledge of laws and regulations related to digital forensics 54 | Resources: 55 | Digital Forensics and the Legal System by Cyber Security Courses 56 | 57 | 8. Forensic Tools Proficiency: 58 | Skills Required: 59 | Hands-on experience with forensic tools 60 | Resources: 61 | Sleuth Kit and Autopsy 62 | EnCase Forensic 63 | Wireshark 64 | 65 | 9. Continual Learning: 66 | Skills Required: 67 | Stay updated with the latest forensic techniques and tools 68 | Resources: 69 | Attend conferences, webinars, and workshops 70 | Engage with the cybersecurity community 71 | 72 | 10. Certifications: 73 | Relevant Certifications: 74 | Certified Computer Forensics Examiner (CCFE) 75 | Certified Digital Forensics Examiner (CDFE) 76 | EnCase Certified Examiner (EnCE) 77 | Resources: 78 | SANS Institute 79 | EC-Council 80 | 81 | 11. Build a Portfolio: 82 | Skills Required: 83 | Document your practical experiences and case studies 84 | Resources: 85 | Create a blog or portfolio showcasing your projects and findings 86 | -------------------------------------------------------------------------------- /Blue Team/Intrusion Detection and Prevention Systems (IDPS) Analyst/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "Network Intrusion Detection", 4 | "site": "https://www.amazon.com/Network-Intrusion-Detection-Stephen-Northcutt/dp/0735712654", 5 | "author": "Stephen Northcutt" 6 | }, 7 | { 8 | "title": "Intrusion Detection Systems: A Complete Guide (2021 Edition)", 9 | "site": "https://www.everand.com/book/484873016/Intrusion-Detection-Systems-A-Complete-Guide-2021-Edition", 10 | "author": "EVERANDs" 11 | }, 12 | { 13 | "title": "Intrusion Detection", 14 | "site": "https://www.amazon.com/Intrusion-Detection-Rebecca-Gurley-Bace/dp/1578701856", 15 | "author": "Rebecca Gurley Bace" 16 | }, 17 | { 18 | "title": "Network Intrusion Detection (O'Reilly)", 19 | "site": "https://www.oreilly.com/library/view/network-intrusion-detection/0735712654/", 20 | "author": "O'Reilly" 21 | }, 22 | { 23 | "title": "Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century", 24 | "site": "https://www.abebooks.com/9780321591807/Practical-Intrusion-Analysis-Prevention-Detection-0321591801/plp", 25 | "author": "ABEBOOKS" 26 | }, 27 | { 28 | "title": "Practical Intrusion Analysis (O'Reilly)", 29 | "site": "https://www.oreilly.com/library/view/practical-intrusion-analysis/9780321591890/", 30 | "author": "O'Reilly" 31 | }, 32 | { 33 | "title": "Intrusion Detection Systems: Technologies and Challenges", 34 | "site": "https://dl.acm.org/doi/abs/10.5555/1394397", 35 | "author": "DL.ACM" 36 | }, 37 | { 38 | "title": "Intrusion Detection in Wireless Sensor Networks: A Comprehensive Review", 39 | "site": "https://pubs.sciepub.com/jcn/4/1/5/index.html", 40 | "author": "SCIEPUBS" 41 | }, 42 | { 43 | "title": "Intrusion Detection Systems in Cloud Computing: A Comprehensive Review", 44 | "site": "https://www.intechopen.com/chapters/14370", 45 | "author": "INTECHOPEN" 46 | }, 47 | { 48 | "title": "OSSEC SIEM Logging LIDS", 49 | "site": "https://atomicorp.com/ossec-siem-logging-lids/", 50 | "author": "Atomicorp" 51 | }, 52 | { 53 | "title": "Living at the Edge: Visibility into Edge Devices (Episode 98)", 54 | "site": "https://waterfall-security.com/ot-insights-center/power/living-at-the-edge-visibility-into-edge-devices-episode-98/", 55 | "author": "Waterfall Security" 56 | }, 57 | { 58 | "title": "Intrusion Detection Evasion: Current and Future Trends", 59 | "site": "https://www.sans.org/white-papers/366/?show=366.php&cat=detection", 60 | "author": "SANS Institute" 61 | } 62 | ] 63 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Governance Risk and Compliance Specialist/CGRCS.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBERSECURITY CONSULTING 2 | 3 | ![Cybersecurity Governance Risk Compliance Specialist](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/8326616b-3ca5-406c-82aa-71683052b0b1) 4 | 5 | 6 | OR USE THE PDF :) 7 | [Cybersecurity Governance Risk & Compliance Specialist.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13385121/Cybersecurity.Governance.Risk.Compliance.Specialist.pdf) 8 | 9 | 10 | 11 | # Our roadmap to becoming a cybersecurity governance risk and compliance specialist 12 | 13 | Gain Technical Skills: 14 | 15 | Develop a strong understanding of cybersecurity concepts, technologies, and best practices. 16 | Familiarize yourself with risk management frameworks such as ISO 27001, NIST Cybersecurity Framework, and COBIT. 17 | 18 | Understanding Governance: 19 | 20 | Learn about governance principles, frameworks, and standards. 21 | Understand how to align cybersecurity strategies with business goals. 22 | 23 | Risk Management Proficiency: 24 | 25 | Develop skills in risk assessment and management. 26 | Understand the various risk assessment methodologies and tools. 27 | 28 | Compliance Knowledge: 29 | 30 | Gain knowledge of regulatory compliance requirements relevant to your industry (e.g., GDPR, HIPAA, PCI DSS). 31 | Stay updated on changes in compliance standards. 32 | 33 | Legal and Ethical Considerations: 34 | 35 | Understand legal and ethical aspects of cybersecurity, including privacy laws and regulations. 36 | 37 | Soft Skills: 38 | 39 | Develop strong communication skills to effectively convey cybersecurity risks and compliance requirements to non-technical stakeholders. 40 | Cultivate problem-solving and critical thinking skills. 41 | 42 | Networking and Industry Involvement: 43 | 44 | Attend cybersecurity conferences, workshops, and webinars to stay updated on industry trends. 45 | Join professional organizations and networks related to cybersecurity and compliance. 46 | 47 | Gain Practical Experience: 48 | 49 | Seek internships or entry-level positions in cybersecurity to gain hands-on experience. 50 | Work on real-world projects that involve governance, risk management, and compliance. 51 | 52 | Continued Learning: 53 | 54 | Stay informed about the evolving cybersecurity landscape by reading industry publications, blogs, and research papers. 55 | Pursue continuous education through workshops, online courses, and seminars. 56 | 57 | Build a Professional Portfolio: 58 | 59 | Showcase your skills, certifications, and relevant projects in a professional portfolio. 60 | Create a LinkedIn profile highlighting your achievements and contributions to the cybersecurity field. 61 | -------------------------------------------------------------------------------- /Red Team/Incident Responder/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills and Resources": [ 3 | { 4 | "Skills": [ 5 | "Cybersecurity Fundamentals", 6 | "Understanding cybersecurity principles", 7 | "Knowledge of cyber threats and attack vectors", 8 | "Familiarity with security best practices", 9 | "Operating System Security", 10 | "Security Policies and Procedures", 11 | "Network Security Basics", 12 | "Authentication and Access Control" 13 | ], 14 | "Resources": [ 15 | "Cybrary (https://www.cybrary.it/)", 16 | "SANS Institute (https://www.sans.org/)", 17 | "Security+ Certification from CompTIA (https://www.comptia.org/certifications/security)" 18 | ] 19 | }, 20 | { 21 | "Skills": [ 22 | "Incident Detection and Analysis", 23 | "Recognizing signs of a security incident", 24 | "Incident categorization and prioritization", 25 | "Incident handling procedures", 26 | "Intrusion Detection Systems (IDS)", 27 | "Security Information and Event Management (SIEM)", 28 | "Threat detection tools", 29 | "Identifying anomalies in network traffic" 30 | ], 31 | "Resources": [ 32 | "AlienVault (https://www.alienvault.com/)", 33 | "Splunk (https://www.splunk.com/)", 34 | "Snort IDS (https://www.snort.org/)" 35 | ] 36 | }, 37 | { 38 | "Skills": [ 39 | "Digital Forensics", 40 | "Disk and memory forensics", 41 | "File system analysis", 42 | "Data recovery techniques", 43 | "Evidence preservation and handling", 44 | "Chain of custody", 45 | "Forensic tools like EnCase and FTK", 46 | "Forensic investigation procedures" 47 | ], 48 | "Resources": [ 49 | "SANS Digital Forensics and Incident Response (https://www.sans.org/dfir)", 50 | "EnCase Forensic (https://www.guidancesoftware.com/)" 51 | ] 52 | }, 53 | { 54 | "Skills": [ 55 | "Network Analysis", 56 | "Malware Analysis", 57 | "Security Tools and Technologies", 58 | "Incident Response Frameworks", 59 | "Incident Triage", 60 | "Threat Intelligence", 61 | "Log Analysis", 62 | "System and Network Administration" 63 | ], 64 | "Resources": [ 65 | "FireEye (https://www.fireeye.com/)", 66 | "IBM X-Force Red (https://www.ibm.com/security/services/xforce-red-cyber-range)", 67 | "Circadence Project Ares (https://www.circadence.com/products/project-ares/)", 68 | "Certified Incident Responder (eCIR) by eLearn-Security (https://security.ine.com/certifications/ecir-certification/)" 69 | ] 70 | } 71 | ] 72 | } 73 | 74 | -------------------------------------------------------------------------------- /Red Team/Ethical Hacker/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "Courses": [ 3 | { 4 | "Title": "Ethical Hacking Essentials (EHE) by Ec-Council", 5 | "Author": "Ec-Council", 6 | "Link": "https://codered.eccouncil.org/course/ethical-hacking-essentials" 7 | }, 8 | { 9 | "Title": "Ethical Hacking (13hrs) - Youtube Hindi", 10 | "Author": "Unknown", 11 | "Link": "https://www.youtube.com/watch?v=x3IwvPvDpKE" 12 | }, 13 | { 14 | "Title": "Practical Ethical Hacking by TCM Security", 15 | "Author": "TCM Security", 16 | "Link": "https://academy.tcm-sec.com/p/practical-ethical-hacking-the-complete-course" 17 | }, 18 | { 19 | "Title": "Certified Ethical Hacker v12 by Ec-Council", 20 | "Author": "Ec-Council", 21 | "Link": "https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh-v12/" 22 | }, 23 | { 24 | "Title": "PEN-200: Penetration Testing with Kali Linux by Offsec", 25 | "Author": "Offsec", 26 | "Link": "https://www.offsec.com/courses/pen-200/" 27 | }, 28 | { 29 | "Title": "CISSP - Certified Information Systems Security Professional by ISC2", 30 | "Author": "ISC2", 31 | "Link": "https://www.isc2.org/certifications/cissp" 32 | }, 33 | { 34 | "Title": "GIAC Penetration Tester Certification (GPEN) by SANS Institute", 35 | "Author": "SANS Institute", 36 | "Link": "https://www.giac.org/certifications/penetration-tester-gpen/" 37 | }, 38 | { 39 | "Title": "Pentest+ by CompTIA", 40 | "Author": "CompTIA", 41 | "Link": "https://www.comptia.org/certifications/pentest" 42 | }, 43 | { 44 | "Title": "Certified Professional Technical Communicator (CPTC™) by APMG International", 45 | "Author": "APMG International", 46 | "Link": "https://apmg-international.com/product/cptc" 47 | }, 48 | { 49 | "Title": "EXP-401: Advanced Windows Exploitation (OSEE Certification) by Offsec", 50 | "Author": "Offsec", 51 | "Link": "https://www.offsec.com/courses/exp-401/" 52 | }, 53 | { 54 | "Title": "Certified Expert Penetration Tester (CEPT) by Infosec Institute", 55 | "Author": "Infosec Institute", 56 | "Link": "https://www.infosecinstitute.com/skills/learning-paths/certified-expert-penetration-tester-cept/" 57 | }, 58 | { 59 | "Title": "Computer Hacking Forensic Investigator (CHFI) by Ec-Council", 60 | "Author": "Ec-Council", 61 | "Link": "https://www.eccouncil.org/train-certify/computer-hacking-forensic-investigator-chfi/" 62 | } 63 | ] 64 | } 65 | -------------------------------------------------------------------------------- /Red Team/Cyber Threat Hunter/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills": [ 3 | { 4 | "Skill": "Cybersecurity Fundamentals", 5 | "Resource": "https://www.cybrary.it/course/cyber-security-fundamentals/" 6 | }, 7 | { 8 | "Skill": "Networking", 9 | "Resource": "https://www.coursera.org/specializations/computer-networking" 10 | }, 11 | { 12 | "Skill": "Firewalls, IDS/IPS", 13 | "Resource": "https://www.coursera.org/specializations/cyber-security" 14 | }, 15 | { 16 | "Skill": "SIEM (Security Information and Event Management)", 17 | "Resource": "https://www.splunk.com/en_us/training.html" 18 | }, 19 | { 20 | "Skill": "Endpoint Detection and Response (EDR)", 21 | "Resource": "https://www.carbonblack.com/resources/edr-resources/" 22 | }, 23 | { 24 | "Skill": "Threat Intelligence", 25 | "Resource": "https://www.circl.lu/services/misp-malware-information-sharing-platform-threat-sharing/" 26 | }, 27 | { 28 | "Skill": "Behavioral Analysis", 29 | "Resource": "https://securityintelligence.com/posts/how-to-identify-malware-through-behavioral-analysis/" 30 | }, 31 | { 32 | "Skill": "Indicators of Compromise (IoC)", 33 | "Resource": "https://www.us-cert.gov/ncas/tips/ST00086" 34 | }, 35 | { 36 | "Skill": "Tactics, Techniques, and Procedures (TTPs)", 37 | "Resource": "https://attack.mitre.org/matrices/enterprise/" 38 | }, 39 | { 40 | "Skill": "Hunting Methodologies", 41 | "Resource": "https://www.sans.org/course/advanced-threat-hunting" 42 | }, 43 | { 44 | "Skill": "Data Analysis Tools (Python)", 45 | "Resource": "https://www.learnpython.org/" 46 | }, 47 | { 48 | "Skill": "Data Visualization", 49 | "Resource": "https://www.tableau.com/learn/training" 50 | }, 51 | { 52 | "Skill": "Malware Analysis", 53 | "Resource": "https://www.malware-traffic-analysis.net/" 54 | }, 55 | { 56 | "Skill": "Exploit Techniques", 57 | "Resource": "https://owasp.org/www-project-top-ten/" 58 | }, 59 | { 60 | "Skill": "Social Engineering", 61 | "Resource": "https://www.social-engineer.org/framework/general-discussion/" 62 | }, 63 | { 64 | "Skill": "Capture The Flag (CTF) Challenges", 65 | "Resource": "https://ctftime.org/" 66 | }, 67 | { 68 | "Skill": "Certifications (CISSP, CEH, CTIA)", 69 | "Resource": "https://www.isc2.org/Certifications/CISSP" 70 | }, 71 | { 72 | "Skill": "Stay Informed", 73 | "Resource": "https://www.securityweek.com/" 74 | }, 75 | { 76 | "Skill": "Networking (Professional Networking)", 77 | "Resource": "https://www.linkedin.com/learning/me" 78 | } 79 | ] 80 | } 81 | -------------------------------------------------------------------------------- /Blue Team/Cyber Threat Hunter (Blue)/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills": [ 3 | { 4 | "Skill": "Cybersecurity Fundamentals", 5 | "Resource": "https://www.cybrary.it/course/cyber-security-fundamentals/" 6 | }, 7 | { 8 | "Skill": "Networking", 9 | "Resource": "https://www.coursera.org/specializations/computer-networking" 10 | }, 11 | { 12 | "Skill": "Firewalls, IDS/IPS", 13 | "Resource": "https://www.coursera.org/specializations/cyber-security" 14 | }, 15 | { 16 | "Skill": "SIEM (Security Information and Event Management)", 17 | "Resource": "https://www.splunk.com/en_us/training.html" 18 | }, 19 | { 20 | "Skill": "Endpoint Detection and Response (EDR)", 21 | "Resource": "https://www.carbonblack.com/resources/edr-resources/" 22 | }, 23 | { 24 | "Skill": "Threat Intelligence", 25 | "Resource": "https://www.circl.lu/services/misp-malware-information-sharing-platform-threat-sharing/" 26 | }, 27 | { 28 | "Skill": "Behavioral Analysis", 29 | "Resource": "https://securityintelligence.com/posts/how-to-identify-malware-through-behavioral-analysis/" 30 | }, 31 | { 32 | "Skill": "Indicators of Compromise (IoC)", 33 | "Resource": "https://www.us-cert.gov/ncas/tips/ST00086" 34 | }, 35 | { 36 | "Skill": "Tactics, Techniques, and Procedures (TTPs)", 37 | "Resource": "https://attack.mitre.org/matrices/enterprise/" 38 | }, 39 | { 40 | "Skill": "Hunting Methodologies", 41 | "Resource": "https://www.sans.org/course/advanced-threat-hunting" 42 | }, 43 | { 44 | "Skill": "Data Analysis Tools (Python)", 45 | "Resource": "https://www.learnpython.org/" 46 | }, 47 | { 48 | "Skill": "Data Visualization", 49 | "Resource": "https://www.tableau.com/learn/training" 50 | }, 51 | { 52 | "Skill": "Malware Analysis", 53 | "Resource": "https://www.malware-traffic-analysis.net/" 54 | }, 55 | { 56 | "Skill": "Exploit Techniques", 57 | "Resource": "https://owasp.org/www-project-top-ten/" 58 | }, 59 | { 60 | "Skill": "Social Engineering", 61 | "Resource": "https://www.social-engineer.org/framework/general-discussion/" 62 | }, 63 | { 64 | "Skill": "Capture The Flag (CTF) Challenges", 65 | "Resource": "https://ctftime.org/" 66 | }, 67 | { 68 | "Skill": "Certifications (CISSP, CEH, CTIA)", 69 | "Resource": "https://www.isc2.org/Certifications/CISSP" 70 | }, 71 | { 72 | "Skill": "Stay Informed", 73 | "Resource": "https://www.securityweek.com/" 74 | }, 75 | { 76 | "Skill": "Networking (Professional Networking)", 77 | "Resource": "https://www.linkedin.com/learning/me" 78 | } 79 | ] 80 | } 81 | -------------------------------------------------------------------------------- /Blue Team/Network & System Security Administrator/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "EC-Council Product Job Role Sheet", 4 | "link": "https://cert.eccouncil.org/images/doc/EC-Council-Product-Job-Role-Sheet.pdf", 5 | "author": "EC-Council" 6 | }, 7 | { 8 | "title": "Microsoft Certified: Azure Security Engineer Associate", 9 | "link": "https://learn.microsoft.com/en-us/credentials/certifications/azure-security-engineer/", 10 | "author": "Microsoft" 11 | }, 12 | { 13 | "title": "Microsoft Certified: Microsoft 365 Certified: Modern Desktop Administrator Associate", 14 | "link": "https://learn.microsoft.com/en-us/credentials/certifications/m365-administrator-expert/", 15 | "author": "Microsoft" 16 | }, 17 | { 18 | "title": "Microsoft Certified: Azure Solutions Architect Expert", 19 | "link": "https://learn.microsoft.com/en-us/credentials/certifications/azure-solutions-architect/", 20 | "author": "Microsoft" 21 | }, 22 | { 23 | "title": "Cisco Certified Technician (CCT)", 24 | "link": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/entry/technician-cct.html", 25 | "author": "Cisco" 26 | }, 27 | { 28 | "title": "Cisco Certified Network Associate (CCNA)", 29 | "link": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html", 30 | "author": "Cisco" 31 | }, 32 | { 33 | "title": "Computer Network Support Specialists - O*NET", 34 | "link": "https://www.onetonline.org/link/certinfo/3037-A", 35 | "author": null 36 | }, 37 | { 38 | "title": "CompTIA Network+", 39 | "link": "https://www.comptia.org/certifications/network", 40 | "author": "CompTIA" 41 | }, 42 | { 43 | "title": "GIAC Systems and Network Auditor (GSNA)", 44 | "link": "https://www.giac.org/certifications/systems-network-auditor-gsna/", 45 | "author": "GIAC" 46 | }, 47 | { 48 | "title": "ISC² Certified Information Systems Security Professional (CISSP)", 49 | "link": "https://www.isc2.org/Certifications/CISSP", 50 | "author": "ISC²" 51 | }, 52 | { 53 | "title": "ISACA Certified in Risk and Information Systems Control (CRISC)", 54 | "link": "https://www.isaca.org/credentialing/crisc", 55 | "author": "ISACA" 56 | }, 57 | { 58 | "title": "CompTIA Advanced Security Practitioner (CASP+)", 59 | "link": "https://www.comptia.org/certifications/comptia-advanced-security-practitioner", 60 | "author": "CompTIA" 61 | }, 62 | { 63 | "title": "VMware Certification", 64 | "link": "https://www.vmware.com/learning/certification.html", 65 | "author": "VMware" 66 | } 67 | ] 68 | -------------------------------------------------------------------------------- /Blue Team/Intrusion Detection and Prevention Systems (IDPS) Analyst/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "Google Data Analytics Professional Certificate", 4 | "site": "https://www.coursera.org/professional-certificates/google-data-analytics", 5 | "author": "Coursera" 6 | }, 7 | { 8 | "title": "GIAC Certified Intrusion Analyst (GCIA)", 9 | "site": "https://www.giac.org/certifications/certified-intrusion-analyst-gcia/", 10 | "author": "GIAC" 11 | }, 12 | { 13 | "title": "CREST Certified Network Intrusion Analyst", 14 | "site": "https://www.crest-approved.org/skills-certifications-careers/crest-certified-network-intrusion-analyst/", 15 | "author": "CREST" 16 | }, 17 | { 18 | "title": "GIAC Certified Intrusion Analyst (GCIA) - Cool.osd.mil", 19 | "site": "https://www.cool.osd.mil/usn/credential/index.html?cert=gcia3238&nav=examprep", 20 | "author": "Cool.osd.mil" 21 | }, 22 | { 23 | "title": "GIAC Experienced Intrusion Analyst (GXIA)", 24 | "site": "https://www.giac.org/certifications/experienced-intrusion-analyst-gxia/", 25 | "author": "GIAC" 26 | }, 27 | { 28 | "title": "Network Monitoring and Threat Detection - SANS Institute", 29 | "site": "https://www.sans.org/cyber-security-courses/network-monitoring-threat-detection/", 30 | "author": "SANS Institute" 31 | }, 32 | { 33 | "title": "Certified Threat Intelligence Analyst (CTIA) - EC-Council", 34 | "site": "https://www.eccouncil.org/train-certify/certified-threat-intelligence-analyst-ctia/", 35 | "author": "EC-Council" 36 | }, 37 | { 38 | "title": "Intrusion Detection & Intrusion Prevention - LightCyberCents", 39 | "site": "https://niccs.cisa.gov/education-training/catalog/light-cybercents/intrusion-detection-intrusion-prevention", 40 | "author": "LightCyberCents" 41 | }, 42 | { 43 | "title": "Intrusion Detection and Prevention Systems (IDPS) Fundamentals - Rapid7", 44 | "site": "https://www.rapid7.com/fundamentals/intrusion-detection-and-prevention-systems-idps/", 45 | "author": "Rapid7" 46 | }, 47 | { 48 | "title": "Certified Cybersecurity Analyst (C-CSA)", 49 | "site": "https://www.netec.com/product-page/c-csa-certified-cybersecurity-analyst", 50 | "author": "Netec" 51 | }, 52 | { 53 | "title": "SOC Analyst Level 1 Career Path", 54 | "site": "https://www.cybrary.it/career-path/soc-analyst-level-1", 55 | "author": "Cybrary" 56 | }, 57 | { 58 | "title": "Cisco Network Security: Intrusion Detection and Prevention - LinkedIn Learning", 59 | "site": "https://www.classcentral.com/course/linkedin-learning-cisco-network-security-intrusion-detection-and-prevention-29744", 60 | "author": "LinkedIn Learning" 61 | } 62 | ] 63 | -------------------------------------------------------------------------------- /Blue Team/Intrusion Detection and Prevention Systems (IDPS) Analyst/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills and Resources": [ 3 | { 4 | "Skills": [ 5 | "Cybersecurity Fundamentals", 6 | "Understanding cybersecurity principles", 7 | "Knowledge of cyber threats and attack vectors", 8 | "Familiarity with security best practices", 9 | "Operating System Security", 10 | "Security Policies and Procedures", 11 | "Network Security Basics", 12 | "Authentication and Access Control" 13 | ], 14 | "Resources": [ 15 | "Cybrary (https://www.cybrary.it/)", 16 | "SANS Institute (https://www.sans.org/)", 17 | "Security+ Certification from CompTIA (https://www.comptia.org/certifications/security)" 18 | ] 19 | }, 20 | { 21 | "Skills": [ 22 | "Incident Detection and Analysis", 23 | "Recognizing signs of a security incident", 24 | "Incident categorization and prioritization", 25 | "Incident handling procedures", 26 | "Intrusion Detection Systems (IDS)", 27 | "Security Information and Event Management (SIEM)", 28 | "Threat detection tools", 29 | "Identifying anomalies in network traffic" 30 | ], 31 | "Resources": [ 32 | "AlienVault (https://www.alienvault.com/)", 33 | "Splunk (https://www.splunk.com/)", 34 | "Snort IDS (https://www.snort.org/)" 35 | ] 36 | }, 37 | { 38 | "Skills": [ 39 | "Digital Forensics", 40 | "Disk and memory forensics", 41 | "File system analysis", 42 | "Data recovery techniques", 43 | "Evidence preservation and handling", 44 | "Chain of custody", 45 | "Forensic tools like EnCase and FTK", 46 | "Forensic investigation procedures" 47 | ], 48 | "Resources": [ 49 | "SANS Digital Forensics and Incident Response (https://www.sans.org/dfir)", 50 | "EnCase Forensic (https://www.guidancesoftware.com/)" 51 | ] 52 | }, 53 | { 54 | "Skills": [ 55 | "Network Analysis", 56 | "Malware Analysis", 57 | "Security Tools and Technologies", 58 | "Incident Response Frameworks", 59 | "Incident Triage", 60 | "Threat Intelligence", 61 | "Log Analysis", 62 | "System and Network Administration" 63 | ], 64 | "Resources": [ 65 | "FireEye (https://www.fireeye.com/)", 66 | "IBM X-Force Red (https://www.ibm.com/security/services/xforce-red-cyber-range)", 67 | "Circadence Project Ares (https://www.circadence.com/products/project-ares/)", 68 | "Certified Incident Responder (eCIR) by eLearn-Security (https://security.ine.com/certifications/ecir-certification/)" 69 | ] 70 | } 71 | ] 72 | } 73 | 74 | 75 | -------------------------------------------------------------------------------- /Blue Team/Malware Analyst/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills": [ 3 | { 4 | "Skill": "Cybersecurity Fundamentals", 5 | "Resource": "https://www.cybrary.it/course/cyber-security-fundamentals/" 6 | }, 7 | { 8 | "Skill": "Networking", 9 | "Resource": "https://www.coursera.org/specializations/computer-networking" 10 | }, 11 | { 12 | "Skill": "Firewalls, IDS/IPS", 13 | "Resource": "https://www.coursera.org/specializations/cyber-security" 14 | }, 15 | { 16 | "Skill": "SIEM (Security Information and Event Management)", 17 | "Resource": "https://www.splunk.com/en_us/training.html" 18 | }, 19 | { 20 | "Skill": "Endpoint Detection and Response (EDR)", 21 | "Resource": "https://www.carbonblack.com/resources/edr-resources/" 22 | }, 23 | { 24 | "Skill": "Threat Intelligence", 25 | "Resource": "https://www.circl.lu/services/misp-malware-information-sharing-platform-threat-sharing/" 26 | }, 27 | { 28 | "Skill": "Behavioral Analysis", 29 | "Resource": "https://securityintelligence.com/posts/how-to-identify-malware-through-behavioral-analysis/" 30 | }, 31 | { 32 | "Skill": "Indicators of Compromise (IoC)", 33 | "Resource": "https://www.us-cert.gov/ncas/tips/ST00086" 34 | }, 35 | { 36 | "Skill": "Tactics, Techniques, and Procedures (TTPs)", 37 | "Resource": "https://attack.mitre.org/matrices/enterprise/" 38 | }, 39 | { 40 | "Skill": "Hunting Methodologies", 41 | "Resource": "https://www.sans.org/course/advanced-threat-hunting" 42 | }, 43 | { 44 | "Skill": "Data Analysis Tools (Python)", 45 | "Resource": "https://www.learnpython.org/" 46 | }, 47 | { 48 | "Skill": "Data Visualization", 49 | "Resource": "https://www.tableau.com/learn/training" 50 | }, 51 | { 52 | "Skill": "Malware Analysis", 53 | "Resource": "https://www.malware-traffic-analysis.net/" 54 | }, 55 | { 56 | "Skill": "Exploit Techniques", 57 | "Resource": "https://owasp.org/www-project-top-ten/" 58 | }, 59 | { 60 | "Skill": "Social Engineering", 61 | "Resource": "https://www.social-engineer.org/framework/general-discussion/" 62 | }, 63 | { 64 | "Skill": "Capture The Flag (CTF) Challenges", 65 | "Resource": "https://ctftime.org/" 66 | }, 67 | { 68 | "Skill": "Certifications (CISSP, CEH, CTIA)", 69 | "Resource": "https://www.isc2.org/Certifications/CISSP" 70 | }, 71 | { 72 | "Skill": "Stay Informed", 73 | "Resource": "https://www.securityweek.com/" 74 | }, 75 | { 76 | "Skill": "Networking (Professional Networking)", 77 | "Resource": "https://www.linkedin.com/learning/me" 78 | } 79 | ] 80 | } 81 | 82 | -------------------------------------------------------------------------------- /Red Team/Cyber Threat Hunter/THR.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO BECOMING A THREAT HUNTER 2 | ![Threat Hunter](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/f65dbd96-236c-4652-9601-21416dfe5eb9) 3 | 4 | 5 | 6 | OR USE THE PDF:) 7 | 8 | [Threat Hunter.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13222584/Threat.Hunter.pdf) 9 | 10 | 11 | # Our Guide to Becoming a Threat Hunting Expert 12 | 13 | 14 | 1. Build a Strong Foundation: 15 | 16 | Cybersecurity Fundamentals: Start by mastering the basics of cybersecurity, including understanding threats, vulnerabilities, and security controls. 17 | 18 | Networking: Gain a deep understanding of network protocols, architecture, and security. 19 | 20 | 2. Learn Security Technologies: 21 | 22 | Firewalls, IDS/IPS: Understand how firewalls and Intrusion Detection/Prevention Systems work. 23 | 24 | SIEM (Security Information and Event Management): Learn to use SIEM tools like Splunk, ELK Stack, or QRadar. 25 | 26 | Endpoint Detection and Response (EDR): Familiarize yourself with EDR solutions like CrowdStrike, Carbon Black, or SentinelOne. 27 | 28 | Threat Intelligence: Learn how to collect and analyze threat intelligence data. 29 | 30 | 3. Develop Threat Hunting Skills: 31 | 32 | Behavioral Analysis: Understand the behaviors of normal and potentially malicious activities. 33 | 34 | Indicators of Compromise (IoC): Learn to identify IoCs such as IP addresses, domains, and file hashes. 35 | 36 | Tactics, Techniques, and Procedures (TTPs): Study adversary tactics and techniques to recognize patterns. 37 | 38 | Hunting Methodologies: Explore various threat hunting methodologies like the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK Framework. 39 | 40 | 4. Data Analysis and Visualization: 41 | 42 | Data Collection: Learn how to collect and normalize data from various sources, including logs, traffic data, and endpoint telemetry. 43 | 44 | Data Analysis Tools: Master data analysis tools like Python, Jupyter notebooks, and data visualization libraries. 45 | 46 | Data Visualization: Develop skills in creating dashboards and visualizations to identify anomalies. 47 | 48 | 5. Understand Adversarial Techniques: 49 | 50 | Malware Analysis: Study malware families, their behaviors, and analysis techniques. 51 | 52 | Exploit Techniques: Learn about common vulnerabilities and exploitation techniques. 53 | 54 | Social Engineering: Understand how attackers use social engineering to manipulate victims. 55 | 56 | 6. Practical Experience: 57 | 58 | Capture The Flag (CTF) Challenges: Participate in CTF challenges to apply your skills in a controlled environment. 59 | 60 | Real-world Scenarios: Practice threat hunting in lab environments that simulate real-world attacks. 61 | 62 | 7. Certifications: 63 | 64 | Consider obtaining certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Threat Intelligence Analyst (CTIA) to validate your knowledge. 65 | -------------------------------------------------------------------------------- /Red Team/Red Team Lead/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | { 5 | "Red Team Lead Certifications":[ 6 | { 7 | "Certification":"Certified Information Systems Security Professional (CISSP)", 8 | "Authors":[ 9 | "ISC2" 10 | ], 11 | "Link":"https://www.isc2.org/Certifications/CISSP" 12 | }, 13 | { 14 | "Certification":"Red Team Courses)", 15 | "Authors":[ 16 | "Class Central" 17 | ], 18 | "Link":"https://www.classcentral.com/subject/red-team" 19 | }, 20 | { 21 | "Certification":"Certified Ethical Hacker (CEH)", 22 | "Authors":[ 23 | "EC-Council" 24 | ], 25 | "Link":"https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/" 26 | }, 27 | { 28 | "Certification":"Offensive Security Certified Professional (OSCP)", 29 | "Authors":[ 30 | "Offensive Security" 31 | ], 32 | "Link":"https://www.offensive-security.com/pwk-oscp/" 33 | }, 34 | { 35 | "Certification":"Certified Information Security Manager (CISM)", 36 | "Authors":[ 37 | "ISACA" 38 | ], 39 | "Link":"https://www.isaca.org/certification/cism-certified-information-security-manager" 40 | }, 41 | { 42 | "Certification":"Certified Red Team Operator (CRTOP)", 43 | "Authors":[ 44 | "eLearnSecurity" 45 | ], 46 | "Link":"https://www.elearnsecurity.com/certification/ertp/" 47 | }, 48 | { 49 | "Certification":"GIAC Certified Penetration Tester (GPEN)", 50 | "Authors":[ 51 | "Global Information Assurance Certification (GIAC)" 52 | ], 53 | "Link":"https://www.giac.org/certification/certified-penetration-tester-gpen" 54 | }, 55 | { 56 | "Certification":"GIAC Certified Web Application Penetration Tester (GWAPT)", 57 | "Authors":[ 58 | "Global Information Assurance Certification (GIAC)" 59 | ], 60 | "Link":"https://www.giac.org/certification/web-application-penetration-tester-gwapt" 61 | }, 62 | { 63 | "Certification":"GIAC Certified Forensic Analyst (GCFA)", 64 | "Authors":[ 65 | "Global Information Assurance Certification (GIAC)" 66 | ], 67 | "Link":"https://www.giac.org/certification/forensics-analyst-gcfa" 68 | }, 69 | { 70 | "Certification":"Certified Information Systems Auditor (CISA)", 71 | "Authors":[ 72 | "ISACA" 73 | ], 74 | "Link":"https://www.isaca.org/certification/cisa" 75 | }, 76 | { 77 | "Certification":"Certified Red Team Expert (CRTE)", 78 | "Authors":[ 79 | "eLearnSecurity" 80 | ], 81 | "Link":"https://www.elearnsecurity.com/certification/certified-red-team-expert/" 82 | } 83 | ] 84 | } 85 | -------------------------------------------------------------------------------- /Blue Team/Identity and Access Management (IAM) Analyst/Labs & Training.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "title": "IAA - Identity and Access Management in AWS", 4 | "site": "https://tryhackme.com/room/iaaaidm", 5 | "author": "TryHackMe" 6 | }, 7 | { 8 | "title": "IAM Hacktivities on TryHackMe", 9 | "site": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=iam", 10 | "author": "TryHackMe" 11 | }, 12 | { 13 | "title": "Capture The Flag (CICDont) - AWS", 14 | "site": "https://github.com/Hacking-the-Cloud/htc-ctfs/tree/main/aws/cicdont", 15 | "author": "Hacking the Cloud" 16 | }, 17 | { 18 | "title": "Virginia Cyber Range - Getting Started for Instructors", 19 | "site": "https://kb.virginiacyberrange.org/getting-started/virginia-instructors-getting-instructor-account.html", 20 | "author": "Virginia Cyber Range" 21 | }, 22 | { 23 | "title": "Hacker Associate Challenges", 24 | "site": "https://hackerassociate.com/challenges/", 25 | "author": "Hacker Associate" 26 | }, 27 | { 28 | "title": "Capture The Flag (CICDont) - AWS", 29 | "site": "https://hackingthe.cloud/aws/capture_the_flag/cicdont/", 30 | "author": "Hacking the Cloud" 31 | }, 32 | { 33 | "title": "Cloud Village", 34 | "site": "https://cloud-village.org/", 35 | "author": "Cloud Village" 36 | }, 37 | { 38 | "title": "Cyber Ranges", 39 | "site": "https://www.cyberranges.com/", 40 | "author": "Cyber Ranges" 41 | }, 42 | { 43 | "title": "Access Control, Identity Management, and Public Key Infrastructure", 44 | "site": "https://www.amazon.com/Access-Control-Identity-Management-Cloud/dp/1284214753", 45 | "author": "Amazon" 46 | }, 47 | { 48 | "title": "Implement Identity and Access Management - Cybrary", 49 | "site": "https://www.cybrary.it/practice-lab/implement-identity-and-access-management", 50 | "author": "Cybrary" 51 | }, 52 | { 53 | "title": "AWS Identity and Access Management (IAM) - Digital Cloud Training", 54 | "site": "https://digitalcloud.training/aws-identity-and-access-management/", 55 | "author": "Digital Cloud Training" 56 | }, 57 | { 58 | "title": "Blue Team CTF Challenges - Cyber Defenders", 59 | "site": "https://cyberdefenders.org/blueteam-ctf-challenges/?status=&difficulty=&categories=&mitre_tactics=&sort=&labtype=&q=", 60 | "author": "Cyber Defenders" 61 | }, 62 | { 63 | "title": "Hack The Box Challenges", 64 | "site": "https://app.hackthebox.com/challenges", 65 | "author": "Hack The Box" 66 | }, 67 | { 68 | "title": "Multi-Cloud Security - c0c0n", 69 | "site": "https://india.c0c0n.org/2022/multi-cloud-security", 70 | "author": "c0c0n" 71 | } 72 | ] 73 | -------------------------------------------------------------------------------- /Red Team/Ethical Hacker/ETH.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO BECOMING ETHICAL HACKER 2 | 3 | ![Ethical Hacker](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/a58a0a32-ebdc-4225-8968-5a3edcf6dee2) 4 | 5 | OR USE THE PDF:) 6 | 7 | [Ethical Hacker.pdf](https://github.com/d3vobed/EverythingCyb3R/files/12889075/Ethical.Hacker.pdf) 8 | 9 | # Our Guide to Becoming a Ethical Hacker 10 | 11 | 12 | Networking: Understanding network protocols, TCP/IP, and network architecture is fundamental for ethical hackers. Knowledge of how data moves through networks is crucial. 13 | 14 | Operating Systems: Proficiency in various operating systems, including Windows, Linux, and macOS, is essential. Ethical hackers often need to work on different platforms. 15 | 16 | Programming and Scripting: Proficiency in programming languages such as Python, C/C++, and scripting languages like Bash and PowerShell is crucial for writing and executing scripts to automate tasks. 17 | 18 | Cybersecurity Fundamentals: A strong foundation in cybersecurity principles, including risk management, threat analysis, and security policies, is necessary. 19 | 20 | Web Application Security: Knowledge of web technologies, understanding common web application vulnerabilities (e.g., OWASP Top Ten), and web security testing techniques are critical. 21 | 22 | Cryptography: Understanding encryption and decryption, cryptographic algorithms, and protocols is vital for securing data and breaking security mechanisms when necessary. 23 | 24 | Penetration Testing Tools: Familiarity with tools like Metasploit, Nmap, Wireshark, and Burp Suite is essential for assessing vulnerabilities and conducting penetration tests. 25 | 26 | Vulnerability Assessment: The ability to identify and assess security vulnerabilities in systems, networks, and applications is a core skill. 27 | 28 | Reverse Engineering: Proficiency in reverse engineering to analyze malware and understand how malicious code operates. 29 | 30 | Wireless Security: Knowledge of wireless network security, including Wi-Fi hacking and securing wireless networks. 31 | 32 | Social Engineering: Understanding social engineering techniques and how to defend against them. 33 | 34 | Incident Response: Knowing how to respond to security incidents, including analyzing breaches and mitigating damage. 35 | 36 | Forensics: Knowledge of digital forensics to investigate security incidents and gather evidence. 37 | 38 | Database Security: Understanding database systems and the security measures required to protect sensitive data. 39 | 40 | Cloud Security: Knowledge of cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based environments. 41 | 42 | IoT Security: Understanding the security challenges of Internet of Things (IoT) devices and networks. 43 | 44 | Continuous Learning: Staying updated with the latest security threats, vulnerabilities, and mitigation techniques is crucial in the ever-evolving field of ethical hacking. 45 | 46 | 47 | 48 | -------------------------------------------------------------------------------- /Blue Team/Cyber Threat Hunter (Blue)/CTH.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO BECOMING A THREAT HUNTER 2 | ![Threat Hunter](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/f65dbd96-236c-4652-9601-21416dfe5eb9) 3 | 4 | 5 | 6 | OR USE THE PDF:) 7 | 8 | [Threat Hunter.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13222584/Threat.Hunter.pdf) 9 | 10 | 11 | # Our Guide to Becoming a Threat Hunting Expert 12 | 13 | 14 | 1. Build a Strong Foundation: 15 | 16 | Cybersecurity Fundamentals: Start by mastering the basics of cybersecurity, including understanding threats, vulnerabilities, and security controls. 17 | 18 | Networking: Gain a deep understanding of network protocols, architecture, and security. 19 | 20 | 2. Learn Security Technologies: 21 | 22 | Firewalls, IDS/IPS: Understand how firewalls and Intrusion Detection/Prevention Systems work. 23 | 24 | SIEM (Security Information and Event Management): Learn to use SIEM tools like Splunk, ELK Stack, or QRadar. 25 | 26 | Endpoint Detection and Response (EDR): Familiarize yourself with EDR solutions like CrowdStrike, Carbon Black, or SentinelOne. 27 | 28 | Threat Intelligence: Learn how to collect and analyze threat intelligence data. 29 | 30 | 3. Develop Threat Hunting Skills: 31 | 32 | Behavioral Analysis: Understand the behaviors of normal and potentially malicious activities. 33 | 34 | Indicators of Compromise (IoC): Learn to identify IoCs such as IP addresses, domains, and file hashes. 35 | 36 | Tactics, Techniques, and Procedures (TTPs): Study adversary tactics and techniques to recognize patterns. 37 | 38 | Hunting Methodologies: Explore various threat hunting methodologies like the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK Framework. 39 | 40 | 4. Data Analysis and Visualization: 41 | 42 | Data Collection: Learn how to collect and normalize data from various sources, including logs, traffic data, and endpoint telemetry. 43 | 44 | Data Analysis Tools: Master data analysis tools like Python, Jupyter notebooks, and data visualization libraries. 45 | 46 | Data Visualization: Develop skills in creating dashboards and visualizations to identify anomalies. 47 | 48 | 5. Understand Adversarial Techniques: 49 | 50 | Malware Analysis: Study malware families, their behaviors, and analysis techniques. 51 | 52 | Exploit Techniques: Learn about common vulnerabilities and exploitation techniques. 53 | 54 | Social Engineering: Understand how attackers use social engineering to manipulate victims. 55 | 56 | 6. Practical Experience: 57 | 58 | Capture The Flag (CTF) Challenges: Participate in CTF challenges to apply your skills in a controlled environment. 59 | 60 | Real-world Scenarios: Practice threat hunting in lab environments that simulate real-world attacks. 61 | 62 | 7. Certifications: 63 | 64 | Consider obtaining certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Threat Intelligence Analyst (CTIA) to validate your knowledge. 65 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Security Operations Center (SOC) Analyst/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "Skills": [ 3 | { 4 | "Skill": "Cybersecurity Fundamentals", 5 | "Resource": "https://www.cybrary.it/course/cyber-security-fundamentals/" 6 | }, 7 | { 8 | "Skill": "Networking", 9 | "Resource": "https://www.coursera.org/specializations/computer-networking" 10 | }, 11 | { 12 | "Skill": "Firewalls, IDS/IPS", 13 | "Resource": "https://www.coursera.org/specializations/cyber-security" 14 | }, 15 | { 16 | "Skill": "SIEM (Security Information and Event Management)", 17 | "Resource": "https://www.splunk.com/en_us/training.html" 18 | }, 19 | { 20 | "Skill": "Endpoint Detection and Response (EDR)", 21 | "Resource": "https://www.carbonblack.com/resources/edr-resources/" 22 | }, 23 | { 24 | "Skill": "Threat Intelligence", 25 | "Resource": "https://www.circl.lu/services/misp-malware-information-sharing-platform-threat-sharing/" 26 | }, 27 | { 28 | "Skill": "Behavioral Analysis", 29 | "Resource": "https://securityintelligence.com/posts/how-to-identify-malware-through-behavioral-analysis/" 30 | }, 31 | { 32 | "Skill": "Indicators of Compromise (IoC)", 33 | "Resource": "https://www.us-cert.gov/ncas/tips/ST00086" 34 | }, 35 | { 36 | "Skill": "Tactics, Techniques, and Procedures (TTPs)", 37 | "Resource": "https://attack.mitre.org/matrices/enterprise/" 38 | }, 39 | { 40 | "Skill": "Hunting Methodologies", 41 | "Resource": "https://www.sans.org/course/advanced-threat-hunting" 42 | }, 43 | { 44 | "Skill": "Data Analysis Tools (Python)", 45 | "Resource": "https://www.learnpython.org/" 46 | }, 47 | { 48 | "Skill": "Data Visualization", 49 | "Resource": "https://www.tableau.com/learn/training" 50 | }, 51 | { 52 | "Skill": "Malware Analysis", 53 | "Resource": "https://www.malware-traffic-analysis.net/" 54 | }, 55 | { 56 | "Skill": "Exploit Techniques", 57 | "Resource": "https://owasp.org/www-project-top-ten/" 58 | }, 59 | { 60 | "Skill": "Social Engineering", 61 | "Resource": "https://www.social-engineer.org/framework/general-discussion/" 62 | }, 63 | { 64 | "Skill": "Capture The Flag (CTF) Challenges", 65 | "Resource": "https://ctftime.org/" 66 | }, 67 | { 68 | "Skill": "Certifications (CISSP, CEH, CTIA)", 69 | "Resource": "https://www.isc2.org/Certifications/CISSP" 70 | }, 71 | { 72 | "Skill": "Stay Informed", 73 | "Resource": "https://www.securityweek.com/" 74 | }, 75 | { 76 | "Skill": "Networking (Professional Networking)", 77 | "Resource": "https://www.linkedin.com/learning/me" 78 | } 79 | ] 80 | } 81 | 82 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Consultant/CC.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBERSECURITY CONSULTING 2 | 3 | ![Cybersecurity Consultant](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/0d12c4c2-0319-4524-b867-831a8326f07d) 4 | 5 | 6 | OR USE THE PDF :) 7 | 8 | [Cybersecurity Consultant.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13342890/Cybersecurity.Consultant.pdf) 9 | 10 | 11 | # Our guide to becoming a cybersecurity consultant 12 | 13 | Foundational Technical Skills: 14 | Networking: 15 | 16 | Learn networking fundamentals and protocols. 17 | Operating Systems: 18 | 19 | Gain proficiency in both Windows and Linux systems. 20 | Programming and Scripting: 21 | 22 | Acquire scripting skills, especially in Python and Bash. 23 | Security Fundamentals: 24 | 25 | Understand basic security concepts, cryptography, and security frameworks. 26 | 27 | Ethical Hacking and Penetration Testing: 28 | 29 | Dive into ethical hacking and penetration testing methodologies. 30 | Web Application Security: 31 | 32 | Learn about common web vulnerabilities and secure coding practices. 33 | Incident Response: 34 | 35 | Understand incident response procedures and practices. 36 | Security Certifications: 37 | 38 | Pursue certifications like Security +. 39 | 40 | Specialized Areas: 41 | 42 | Choose a specialization such as malware analysis, cloud security, or IoT security. 43 | 44 | Obtain advanced certifications like Certified Information Systems Security Professional (CISSP). 45 | Security Architecture: 46 | 47 | Learn to design secure systems and architectures. 48 | 49 | Communication Skills: 50 | 51 | Develop effective communication skills for client interactions. 52 | Business Acumen: 53 | 54 | Understand business operations to align security solutions with organizational goals. 55 | Project Management: 56 | 57 | Acquire project management skills to handle consulting projects. 58 | 59 | Networking: 60 | 61 | Join cybersecurity communities, attend conferences, and build a professional network. 62 | Online Presence: 63 | 64 | Establish an online presence through blogs, forums, or social media. 65 | Mentorship: 66 | 67 | Seek mentorship from experienced cybersecurity consultants. 68 | 69 | Internships and Entry-Level Positions: 70 | 71 | Gain practical experience through internships or entry-level positions. 72 | Build a Portfolio: 73 | 74 | Showcase your skills and projects through a professional portfolio. 75 | 76 | Stay Updated: 77 | 78 | Keep abreast of the latest cybersecurity trends, threats, and technologies. 79 | Advanced Degrees (Optional): 80 | 81 | Consider pursuing advanced degrees or specialized certifications based on career goals. 82 | 83 | Advanced Roles: 84 | 85 | Progress into roles like security architect, cybersecurity manager, or chief information security officer (CISO). 86 | Leadership Skills: 87 | 88 | Develop leadership skills for managing cybersecurity teams. 89 | -------------------------------------------------------------------------------- /Blue Team/Network Defender & Engineer/Courses & Certifications.json: -------------------------------------------------------------------------------- 1 | { 2 | "certifications": [ 3 | { 4 | "title": "Certified Network Security Course", 5 | "link": "https://www.eccouncil.org/train-certify/certified-network-security-course/", 6 | "author": "EC-Council" 7 | }, 8 | { 9 | "title": "VMware Certified Technical Associate - Data Center Virtualization", 10 | "link": "https://www.vmware.com/learning/certification/vcta-dcv.html", 11 | "author": "VMware" 12 | }, 13 | { 14 | "title": "Cisco Certified Network Associate (CCNA)", 15 | "link": "https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html", 16 | "author": "Cisco" 17 | }, 18 | { 19 | "title": "CompTIA Network+", 20 | "link": "https://www.comptia.org/certifications/network", 21 | "author": "CompTIA" 22 | }, 23 | { 24 | "title": "Juniper Networks Certified Associate - Junos (JNCIA-Junos)", 25 | "link": "https://www.juniper.net/us/en/training/certification/tracks/junos/jncia-junos.html", 26 | "author": "Juniper Networks" 27 | }, 28 | { 29 | "title": "SolarWinds Certified Professional", 30 | "link": "https://support.solarwinds.com/solarwinds-certified-professional-program", 31 | "author": "SolarWinds" 32 | }, 33 | { 34 | "title": "Aruba Certified Mobility Associate", 35 | "link": "https://www.arubanetworks.com/support-services/training-services/certified-mobility-associate/", 36 | "author": "Aruba Networks" 37 | }, 38 | { 39 | "title": "Network Security Courses for Your Cyber Security Career", 40 | "link": "https://www.simplilearn.com/network-security-courses-for-your-cyber-security-career-article", 41 | "author": "Simplilearn" 42 | }, 43 | { 44 | "title": "GIAC Certified Enterprise Defender (GCED)", 45 | "link": "https://www.giac.org/certifications/certified-enterprise-defender-gced/", 46 | "author": "GIAC" 47 | }, 48 | { 49 | "title": "Certified Information Systems Security Professional (CISSP)", 50 | "link": "https://www.isc2.org/certifications/cissp", 51 | "author": "ISC²" 52 | }, 53 | { 54 | "title": "Information Systems Security Engineering Professional (ISSEP)", 55 | "link": "https://www.isc2.org/certifications/issep", 56 | "author": "ISC²" 57 | }, 58 | { 59 | "title": "Information Systems Security Architecture Professional (ISSAP)", 60 | "link": "https://www.isc2.org/certifications/issap", 61 | "author": "ISC²" 62 | }, 63 | { 64 | "title": "ISACA Networks and Infrastructure Fundamentals Certificate", 65 | "link": "https://www.isaca.org/credentialing/networks-and-infrastructure-fundamentals-certificate", 66 | "author": "ISACA" 67 | }, 68 | { 69 | "title": "Network Defense and Network Security", 70 | "link": "https://ine.com/learning/courses/network-defense-network-security", 71 | "author": "INE" 72 | } 73 | ] 74 | } 75 | -------------------------------------------------------------------------------- /Blue Team/Endpoint Security Analyst/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "labs_and_training": [ 3 | { 4 | "name": "Penetration Testing Lab", 5 | "url": "https://www.virtualhackinglabs.com/labs/penetration-testing-lab/" 6 | }, 7 | { 8 | "name": "Virtual Beginner/Advanced Lab", 9 | "url": "https://www.virtualhackinglabs.com/beginner-advanced-lab/" 10 | }, 11 | { 12 | "name": "Ethical Hacking", 13 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/ndg-ethical-hacking-v2" 14 | }, 15 | { 16 | "name": "Network Security Fundamentals", 17 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/network-security-fundamentals" 18 | }, 19 | { 20 | "name": "Security Operations Fundamentals", 21 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/security-operations-fundamentals" 22 | }, 23 | { 24 | "name": "Cloud Security Fundamentals", 25 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/cloud-security-fundamentals" 26 | }, 27 | { 28 | "name": "CyberOps Associate", 29 | "url": "https://www.netdevgroup.com/online/courses/cybersecurity/cisco-cyberops-associate" 30 | }, 31 | { 32 | "name": "SecureNinja", 33 | "url": "https://secureninja.com" 34 | }, 35 | { 36 | "name": "Global Information Assurance Certification", 37 | "url": "https://www.giac.org/" 38 | }, 39 | { 40 | "name": "FedVTE (Federal Virtual Training Environment)", 41 | "url": "https://fedvte.usalearning.gov/" 42 | }, 43 | { 44 | "name": "TryHackMe - Endpoint Security Analyst", 45 | "url": "https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all&searchTxt=Endpoint+Security+Analyst" 46 | }, 47 | { 48 | "Title": "HBH Ctfs", 49 | "Link": "https://hbh.sh/home" 50 | }, 51 | { 52 | "Title": "Wargames by Overthewire", 53 | "Link": "https://overthewire.org/wargames/" 54 | }, 55 | { 56 | "Title": "SecurityShepherd by OWASP", 57 | "Link": "https://github.com/OWASP/SecurityShepherd" 58 | }, 59 | { 60 | "Title": "Game of Hacks", 61 | "Link": "https://www.gameofhacks.com/" 62 | }, 63 | { 64 | "Title": "Root me Vulnerable machines and ctfs by Rootme", 65 | "Link": "https://www.root-me.org/?lang=en" 66 | }, 67 | { 68 | "Title": "CTFs for learning cybersecurity by CTFlearn", 69 | "Link": "https://ctflearn.com/" 70 | }, 71 | { 72 | "Title": "PicoGym by Picoctf", 73 | "Link": "https://picoctf.org/index.html#picogym" 74 | }, 75 | { 76 | "Title": "2023 SANS Holiday Hack Challenge & KringleCon by SANS", 77 | "Link": "https://www.sans.org/mlp/holiday-hack-challenge-2023/" 78 | }, 79 | { 80 | "Title": "Hacker101 by Hacker1", 81 | "Link": "https://www.hacker101.com/" 82 | } 83 | ] 84 | } 85 | -------------------------------------------------------------------------------- /Blue Team/Cyber Threat Hunter (Blue)/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Training Resources": [ 3 | { 4 | "Resource": "Active Countermeasures - Threat Hunting Training", 5 | "Author": "Active Countermeasures", 6 | "Link": "https://www.activecountermeasures.com/hunt-training/#lab-downloads" 7 | }, 8 | { 9 | "Resource": "University of North Carolina Charlotte - Cyber Threat Hunting Labs", 10 | "Author": "UNC Charlotte", 11 | "Link": "https://sites.google.com/uncc.edu/cyberthreathunting/labs?authuser=0" 12 | }, 13 | { 14 | "Resource": "Network Defense - Practical Threat Hunting", 15 | "Author": "Network Defense", 16 | "Link": "https://www.networkdefense.io/library/practical-threat-hunting-29861/87345/about/" 17 | }, 18 | { 19 | "Resource": "OTRF Threat Hunter Playbook Papers", 20 | "Author": "OTRF", 21 | "Link": "https://github.com/OTRF/ThreatHunter-Playbook/tree/master/resources/papers" 22 | }, 23 | { 24 | "Resource": "Immersive Labs - Blue Team Training", 25 | "Author": "Immersive Labs", 26 | "Link": "https://www.immersivelabs.com/platform/blue-team-training-cyberpro/" 27 | }, 28 | { 29 | "Resource": "ThreatHuntingProject - Threat Hunting Resources", 30 | "Author": "ThreatHuntingProject", 31 | "Link": "https://github.com/ThreatHuntingProject/ThreatHunting/tree/master/hunts" 32 | }, 33 | { 34 | "Resource": "TryHackMe - Cyber Threat Intelligence Module", 35 | "Author": "TryHackMe", 36 | "Link": "https://tryhackme.com/module/cyber-threat-intelligence" 37 | }, 38 | { 39 | "Resource": "TryHackMe - Threat Hunting Module", 40 | "Author": "TryHackMe", 41 | "Link": "https://tryhackme.com/module/threat-hunting" 42 | }, 43 | { 44 | "Resource": "Hack The Box - Introduction to Threat Hunting", 45 | "Author": "Hack The Box", 46 | "Link": "https://academy.hackthebox.com/course/preview/introduction-to-threat-hunting--hunting-with-elastic" 47 | }, 48 | { 49 | "Resource": "Active Countermeasures - AC Hunter CTF Challenge", 50 | "Author": "Active Countermeasures", 51 | "Link": "https://www.activecountermeasures.com/ac-hunter-ctf-challenge/" 52 | }, 53 | { 54 | "Resource": "Cyber Defenders - Blue Team CTF Challenges", 55 | "Author": "Cyber Defenders", 56 | "Link": "https://cyberdefenders.org/blueteam-ctf-challenges/" 57 | }, 58 | { 59 | "Resource": "Corelight - Hunt from Home", 60 | "Author": "Corelight", 61 | "Link": "https://go.corelight.com/hunt-from-home" 62 | }, 63 | { 64 | "Resource": "Threat Hunt CTF", 65 | "Author": "Threat Hunt CTF", 66 | "Link": "https://thunt.ctfd.io/" 67 | }, 68 | { 69 | "Resource": "JYVSECTEC - Blue Team CTF", 70 | "Author": "JYVSECTEC", 71 | "Link": "https://jyvsectec.fi/services/exercises/blueteam-ctf/" 72 | }, 73 | { 74 | "Resource": "OpenSOC", 75 | "Author": "OpenSOC", 76 | "Link": "https://opensoc.io/" 77 | } 78 | ] 79 | } 80 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Project Manager/CPM.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBERSECURITY PROJECT MANAGEMENT 2 | 3 | ![Cybersecurity Project Manager ](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/de03bcf1-834c-4b8b-bd67-0bde9cc77966) 4 | 5 | 6 | OR USE THE PDF :) 7 | 8 | [Cybersecurity Project Manager .pdf](https://github.com/d3vobed/EverythingCyb3R/files/13385096/Cybersecurity.Project.Manager.pdf) 9 | 10 | 11 | # Our roadmap to becoming a cybersecurity project manager 12 | 13 | Gain Technical Proficiency: 14 | Acquire a solid understanding of cybersecurity concepts, including network security, encryption, penetration testing, and incident response. 15 | Obtain certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and CompTIA Sec 16 | 17 | Develop Soft Skills: 18 | Hone communication, leadership, and interpersonal skills. Cybersecurity project managers often need to communicate technical information to non-technical stakeholders. 19 | 20 | Agile and Scrum Methodologies: 21 | 22 | Familiarize yourself with Agile and Scrum methodologies, commonly used in cybersecurity project management. 23 | 24 | Risk Management: 25 | 26 | Learn about risk management and assessment in the context of cybersecurity projects. 27 | 28 | Cybersecurity Governance: 29 | 30 | Understand cybersecurity governance frameworks and best practices. 31 | 32 | Leadership Development: 33 | 34 | Explore leadership development programs and resources to enhance your leadership skills. 35 | 36 | Communication and Reporting Skills: 37 | Cybersecurity Policy and Compliance: 38 | 39 | Gain knowledge of cybersecurity policies, standards, and compliance requirements. 40 | 41 | Effective Communication for Project Managers: 42 | 43 | Enhance your communication skills specific to project management. 44 | 45 | Cybersecurity Incident Response Communication: 46 | 47 | Understand how to communicate effectively during cybersecurity incidents. 48 | 49 | Stakeholder Management: 50 | 51 | Learn techniques for managing and communicating with diverse stakeholders. 52 | 53 | Cybersecurity Project Management Courses & Books: 54 | 55 | Enroll in courses specifically focused on cybersecurity project management and Explore books on cybersecurity project management for in-depth knowledge. 56 | 57 | Networking and Professional Development: 58 | Join professional organizations related to cybersecurity and project management. 59 | Attend conferences, webinars, and workshops to stay updated on industry trends and expand your professional network. 60 | 61 | Seek Leadership Opportunities: 62 | Look for opportunities to lead cybersecurity projects or initiatives within your organization. 63 | Showcase your ability to manage projects effectively, demonstrating your understanding of both cybersecurity and project management principles. 64 | 65 | Continuous Learning: 66 | Cybersecurity is a dynamic field, so commit to continuous learning. Stay updated on emerging threats, technologies, and best practices. 67 | 68 | Consider an Advanced Degree: 69 | Depending on your career goals, consider pursuing an advanced degree, such as an MBA with a focus on cybersecurity or project management. 70 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Operations & Security Manager/COM.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBERSECURITY OPERATIONS MANAGEMENT 2 | 3 | ![CybersecurityOperationsManager](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/21129d92-2227-404d-a473-841bc9770965) 4 | 5 | OR USE THE PDF :) 6 | [CybersecurityOperationsManager.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13385116/CybersecurityOperationsManager.pdf) 7 | 8 | 9 | # Our roadmap to becoming a cybersecurity operations manager 10 | 11 | Gain Foundational Knowledge: 12 | Develop a strong understanding of computer networks, operating systems, and cybersecurity fundamentals. 13 | Learn about programming languages, scripting, and automation to enhance technical skills. 14 | 15 | 16 | Network and Systems Administration: 17 | Gain experience in network and systems administration to understand the infrastructure you'll be securing. 18 | 19 | Security Operations Center (SOC) Experience: 20 | Work in a Security Operations Center to gain hands-on experience in monitoring, detecting, and responding to security incidents. 21 | 22 | Incident Response Training: 23 | Get specialized training in incident response methodologies and tools. 24 | Obtain certifications such as GIAC Certified Incident Handler (GCIH). 25 | 26 | 27 | Security Information and Event Management (SIEM) Experience: 28 | Learn and work with SIEM tools to analyze and correlate security events. 29 | Gain experience in log analysis and threat detection. 30 | 31 | 32 | Security Certifications (Advanced): 33 | Pursue advanced certifications: 34 | Certified Information Systems Auditor (CISA). 35 | Offensive Security Certified Professional (OSCP) for penetration testing skills. 36 | Certified Ethical Hacker (CEH). 37 | 38 | 39 | Risk Management and Compliance: 40 | Understand risk management principles and compliance frameworks. 41 | Familiarize yourself with regulations such as GDPR, HIPAA, or industry-specific standards. 42 | 43 | Leadership and Management Skills: 44 | Develop soft skills, communication, and leadership abilities. 45 | Consider management and leadership courses. 46 | 47 | Advanced Degrees (Optional): 48 | Pursue a Master's degree in Cybersecurity, Information Assurance, or Business Administration (MBA). 49 | 50 | 51 | Stay Current and Continuous Learning: 52 | Cybersecurity is a rapidly evolving field, so stay informed about the latest threats, technologies, and industry best practices. 53 | Attend conferences, webinars, and participate in relevant communities. 54 | 55 | 56 | Networking and Professional Development: 57 | Join professional organizations and networks such as ISACA, (ISC)², and local cybersecurity groups. 58 | Attend industry conferences and seminars. 59 | 60 | 61 | Apply for Management Positions: 62 | Look for opportunities to transition into cybersecurity management roles, such as SOC Manager or Cybersecurity Operations Manager. 63 | 64 | Cybersecurity Operations Manager Position: 65 | With the right qualifications and experience, apply for and secure a Cybersecurity Operations Manager position. 66 | 67 | 68 | Continuous Improvement: 69 | The cybersecurity landscape is always changing, so continue learning, adapting, and improving your skills throughout your career. 70 | -------------------------------------------------------------------------------- /Red Team/Cyber Threat Hunter/Labs & Training.json: -------------------------------------------------------------------------------- 1 | { 2 | "Training Resources": [ 3 | { 4 | "Resource": "Active Countermeasures - Threat Hunting Training", 5 | "Author": "Active Countermeasures", 6 | "Link": "https://www.activecountermeasures.com/hunt-training/#lab-downloads" 7 | }, 8 | { 9 | "Resource": "University of North Carolina Charlotte - Cyber Threat Hunting Labs", 10 | "Author": "UNC Charlotte", 11 | "Link": "https://sites.google.com/uncc.edu/cyberthreathunting/labs?authuser=0" 12 | }, 13 | { 14 | "platform" : "NSA CODE TESTING", 15 | "link" : "https://code.nsa.gov/" 16 | }, 17 | { 18 | "Resource": "Network Defense - Practical Threat Hunting", 19 | "Author": "Network Defense", 20 | "Link": "https://www.networkdefense.io/library/practical-threat-hunting-29861/87345/about/" 21 | }, 22 | { 23 | "Resource": "OTRF Threat Hunter Playbook Papers", 24 | "Author": "OTRF", 25 | "Link": "https://github.com/OTRF/ThreatHunter-Playbook/tree/master/resources/papers" 26 | }, 27 | { 28 | "Resource": "Immersive Labs - Blue Team Training", 29 | "Author": "Immersive Labs", 30 | "Link": "https://www.immersivelabs.com/platform/blue-team-training-cyberpro/" 31 | }, 32 | { 33 | "Resource": "ThreatHuntingProject - Threat Hunting Resources", 34 | "Author": "ThreatHuntingProject", 35 | "Link": "https://github.com/ThreatHuntingProject/ThreatHunting/tree/master/hunts" 36 | }, 37 | { 38 | "Resource": "TryHackMe - Cyber Threat Intelligence Module", 39 | "Author": "TryHackMe", 40 | "Link": "https://tryhackme.com/module/cyber-threat-intelligence" 41 | }, 42 | { 43 | "Resource": "TryHackMe - Threat Hunting Module", 44 | "Author": "TryHackMe", 45 | "Link": "https://tryhackme.com/module/threat-hunting" 46 | }, 47 | { 48 | "Resource": "Hack The Box - Introduction to Threat Hunting", 49 | "Author": "Hack The Box", 50 | "Link": "https://academy.hackthebox.com/course/preview/introduction-to-threat-hunting--hunting-with-elastic" 51 | }, 52 | { 53 | "Resource": "Active Countermeasures - AC Hunter CTF Challenge", 54 | "Author": "Active Countermeasures", 55 | "Link": "https://www.activecountermeasures.com/ac-hunter-ctf-challenge/" 56 | }, 57 | { 58 | "Resource": "Cyber Defenders - Blue Team CTF Challenges", 59 | "Author": "Cyber Defenders", 60 | "Link": "https://cyberdefenders.org/blueteam-ctf-challenges/" 61 | }, 62 | { 63 | "Resource": "Corelight - Hunt from Home", 64 | "Author": "Corelight", 65 | "Link": "https://go.corelight.com/hunt-from-home" 66 | }, 67 | { 68 | "Resource": "Threat Hunt CTF", 69 | "Author": "Threat Hunt CTF", 70 | "Link": "https://thunt.ctfd.io/" 71 | }, 72 | { 73 | "Resource": "JYVSECTEC - Blue Team CTF", 74 | "Author": "JYVSECTEC", 75 | "Link": "https://jyvsectec.fi/services/exercises/blueteam-ctf/" 76 | }, 77 | { 78 | "Resource": "OpenSOC", 79 | "Author": "OpenSOC", 80 | "Link": "https://opensoc.io/" 81 | } 82 | ] 83 | } 84 | 85 | -------------------------------------------------------------------------------- /Purple Team/Security Assesment Manager/SAM.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING SECURITY ASSESMENT MANAGEMENT 2 | 3 | 4 | 5 | 6 | OR USE THE PDF :) 7 | 8 | 9 | 10 | 11 | # Our guide to becoming a security assesment manager 12 | 1. Foundational Security Knowledge: 13 | - Gain a solid understanding of information security fundamentals, including confidentiality, integrity, and availability (CIA), risk management, and security policies. 14 | 15 | 2. Security Certifications: 16 | - Pursue relevant certifications such as: 17 | - Certified Information Systems Security Professional (CISSP) 18 | - Certified Information Security Manager (CISM) 19 | - Certified in Risk and Information Systems Control (CRISC) 20 | 21 | 3. Governance, Risk, and Compliance (GRC): 22 | - Develop expertise in GRC frameworks and standards: 23 | - NIST Cybersecurity Framework 24 | - ISO/IEC 27001 25 | - COBIT 26 | 27 | 4. Security Assessment and Auditing: 28 | - Learn how to conduct security assessments and audits. 29 | - Familiarize yourself with tools like Nessus, OpenVAS, and Wireshark. 30 | 31 | 5. Incident Response: 32 | - Understand the basics of incident response and develop skills to manage security incidents effectively. 33 | - Explore tools like Splunk, ELK Stack, and incident response playbooks. 34 | 35 | 6. Secure Development Practices: 36 | - Acquire knowledge of secure coding practices and application security. 37 | - Explore tools such as OWASP ZAP and Burp Suite for web application security testing. 38 | 39 | 7. Security Architecture: 40 | - Dive into security architecture principles. 41 | - Learn about network security, firewall configurations, and secure network design. 42 | 43 | 8. Cloud Security: 44 | - Acquire expertise in cloud security, especially if your organization uses cloud services. 45 | - Understand the shared responsibility model and cloud security best practices. 46 | 47 | 9. Security Awareness and Training: 48 | - Develop programs to educate and train employees on security best practices. 49 | - Stay updated on social engineering tactics and phishing prevention. 50 | 51 | 10. Legal and Compliance Knowledge: 52 | - Stay informed about relevant laws and regulations impacting security, such as GDPR and HIPAA. 53 | 54 | 11. Vendor Security Management: 55 | - Develop skills in evaluating and managing third-party security risks. 56 | 57 | 12. Continual Learning: 58 | - Stay current with industry trends, vulnerabilities, and emerging technologies. 59 | - Attend conferences, webinars, and participate in a professional network. 60 | 61 | 13. Soft Skills: 62 | - Hone communication and leadership skills, as you'll be working with various teams and stakeholders. 63 | 64 | 14. Documentation and Reporting: 65 | - Learn how to create comprehensive security documentation and reports. 66 | 67 | 15. Security Metrics and KPIs: 68 | - Understand how to measure and report security performance using key metrics. 69 | -------------------------------------------------------------------------------- /Blue Team/Data Protection Officer (DPO)/DPO.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CYBERSECURITY DATA PROTECTION OFFICER 2 | 3 | ![Data Protection Officer (DPO)](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/b7e06721-b607-4c4c-af40-7da4e86a0ace) 4 | 5 | 6 | OR USE THE PDF ;) 7 | 8 | [Data Protection Officer (DPO).pdf](https://github.com/d3vobed/EverythingCyb3R/files/13398266/Data.Protection.Officer.DPO.pdf) 9 | 10 | 11 | # Our roadmap to becoming a Cybersecurity Data Protection Officer 12 | Legal and Compliance Knowledge: 13 | Develop a strong understanding of data protection laws and regulations, especially GDPR (General Data Protection Regulation) for the European Union or other relevant regulations in your jurisdiction. 14 | 15 | Certifications: 16 | Obtain certifications relevant to data protection and cybersecurity, such as: 17 | Certified Information Systems Security Professional (CISSP) 18 | Certified Information Privacy Professional (CIPP) 19 | Certified Data Protection Officer (CDPO) 20 | 21 | Privacy Impact Assessments (PIAs): 22 | Learn how to conduct Privacy Impact Assessments to identify and mitigate privacy risks in data processing activities. 23 | 24 | Risk Management: 25 | Acquire skills in risk assessment and management, as DPOs are often responsible for evaluating and addressing risks related to data processing. 26 | 27 | Technical Proficiency: 28 | Gain technical skills in cybersecurity, data encryption, and secure data handling practices. 29 | 30 | Communication Skills: 31 | Develop strong communication skills, as DPOs need to convey complex privacy and security concepts to non-technical stakeholders. 32 | 33 | Legal and Ethical Considerations: 34 | Understand the legal and ethical considerations related to data protection, ensuring that data processing activities comply with applicable laws and ethical standards. 35 | 36 | Networking: 37 | Attend conferences, seminars, and workshops related to data protection and cybersecurity to stay updated on industry trends and best practices. 38 | 39 | Practical Experience: 40 | Gain practical experience in cybersecurity and data protection through internships, work experience, or projects. 41 | 42 | 43 | Stay Informed: 44 | Regularly update your knowledge base as the field of data protection and cybersecurity is dynamic, with new regulations and threats emerging regularly. 45 | 46 | 47 | Continuous Learning: 48 | Engage in continuous learning through online courses, webinars, and industry publications to stay abreast of the latest developments. 49 | 50 | Legal Qualifications (Optional): 51 | Consider obtaining legal qualifications or collaborating with legal professionals to enhance your understanding of the legal aspects of data protection. 52 | 53 | Build a Professional Network: 54 | Connect with professionals in the data protection and cybersecurity community. Networking can provide valuable insights and career opportunities. 55 | 56 | Professional Membership: 57 | Consider joining professional organizations related to data protection, such as the International Association of Privacy Professionals (IAPP). 58 | -------------------------------------------------------------------------------- /Blue Team/Cryptography Specialist/CRS.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CRYPTOGRAPHY 2 | 3 | ![Cryptography Specialist](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/b3745c45-6bcc-4590-900a-0b6d62bc848a) 4 | 5 | Or you can use the pdf ;) 6 | 7 | [Cryptography Specialist.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13616686/Cryptography.Specialist.pdf) 8 | 9 | 10 | # Our guide to becoming a Cryptography Specialist 11 | Foundational Knowledge: 12 | Mathematics Fundamentals: 13 | Focus on discrete mathematics, number theory, and algebra. 14 | Programming Skills: 15 | Learn a programming language such as Python or C++. 16 | 17 | Cryptography Basics: 18 | Self-Study: 19 | Dive into books and online resources to understand the fundamental concepts of cryptography. 20 | Online Courses: 21 | Enroll in online courses covering introductory cryptography topics. 22 | 23 | Symmetric and Asymmetric Cryptography: 24 | Deep Dive: 25 | Study symmetric key algorithms (e.g., AES) and asymmetric key algorithms (e.g., RSA, ECC). 26 | Hands-On Practice: 27 | Implement cryptographic algorithms in code to reinforce understanding. 28 | 29 | Hash Functions and Message Authentication Codes (MACs): 30 | Study: 31 | Understand hash functions (e.g., SHA-256) and MACs. 32 | Practical Application: 33 | Implement hash functions and MACs in real-world scenarios. 34 | 35 | Digital Signatures and Public Key Infrastructure (PKI): 36 | Learn: 37 | Explore digital signatures and the role of PKI. 38 | Hands-On: 39 | Implement and work with digital signatures and certificate-based systems. 40 | 41 | Cryptographic Protocols: 42 | Study: 43 | Delve into common cryptographic protocols (e.g., SSL/TLS). 44 | Analysis: 45 | Understand the security and vulnerabilities of cryptographic protocols. 46 | 47 | Post-Quantum Cryptography: 48 | Stay Updated: 49 | Keep abreast of developments in post-quantum cryptography. 50 | Understand the potential impact of quantum computing on current cryptographic systems. 51 | 52 | Cryptographic Tools and Libraries: 53 | Explore: 54 | Familiarize yourself with cryptographic libraries and tools (e.g., OpenSSL). 55 | Application: 56 | Use these tools to secure applications and systems. 57 | 58 | Security Standards and Compliance: 59 | Study: 60 | Learn about security standards (e.g., FIPS 140-2) and compliance requirements. 61 | Application: 62 | Implement cryptographic solutions adhering to security standards. 63 | 64 | Continuous Learning and Research: 65 | Stay Updated: 66 | Follow research papers, conferences, and industry news in cryptography. 67 | Contribute: 68 | Contribute to open-source projects or collaborate on cryptographic research. 69 | 70 | Networking and Community Engagement: 71 | Join Communities: 72 | Participate in online forums, communities, and conferences related to cryptography. 73 | Collaborate: 74 | Engage with professionals and researchers in the field. 75 | -------------------------------------------------------------------------------- /Blue Team/Cloud Security Analyst/CSA.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING CLOUD SECURITY 2 | 3 | ![Cloud SecurityAnalyst](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/677b0e74-ef88-4bff-8064-e531c8507462) 4 | 5 | OR USE THE PDF :) 6 | [Cloud SecurityAnalyst.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13302403/Cloud.SecurityAnalyst.pdf) 7 | 8 | # Our guide to becoming a cloud security analyst 9 | 10 | 1. Foundational Knowledge: 11 | Cloud Platforms: Develop a strong understanding of major cloud platforms such as AWS, Azure, and Google Cloud. 12 | Networking Basics: Grasp fundamental networking concepts as they relate to cloud environments. 13 | 14 | 2. Educational Background: * 15 | Pursue a degree in Cybersecurity, Information Technology, or a related field. 16 | Consider cloud-specific certifications like AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer, or Google Cloud Certified - Professional Cloud Security Engineer. 17 | 18 | 3. Hands-on Experience: 19 | Lab Environments: Set up personal cloud lab environments for hands-on practice. 20 | Projects: Undertake personal projects to implement security measures in a cloud context. 21 | 22 | 4. Technical Skills: 23 | Identity and Access Management (IAM): Understand and implement IAM best practices. 24 | Encryption: Learn about data encryption mechanisms and key management in the cloud. 25 | Security Groups and Network ACLs: Gain expertise in configuring network security. 26 | Incident Response: Develop skills to respond to security incidents in cloud environments. 27 | 28 | 5. Security Services: 29 | Familiarize yourself with security services offered by cloud providers (e.g., AWS GuardDuty, Azure Security Center). 30 | Understand the capabilities of Cloud Access Security Brokers (CASBs). 31 | 32 | 6. Compliance and Legal Aspects: 33 | Learn about compliance frameworks relevant to cloud security (e.g., GDPR, HIPAA). 34 | Understand legal and regulatory aspects impacting cloud security. 35 | 36 | 7. Continuous Learning: 37 | Stay updated on the latest cloud security threats and vulnerabilities. 38 | Attend conferences, webinars, and join relevant forums to stay connected with the community. 39 | 40 | 8. Soft Skills: 41 | Develop communication and collaboration skills to effectively convey security recommendations. 42 | Stay adaptable and be open to continuous learning in the dynamic cloud security landscape. 43 | 44 | 9. Networking: 45 | Connect with professionals in the field through LinkedIn, local meetups, and industry conferences. 46 | Seek mentorship from experienced cloud security analysts. 47 | 48 | 10. Certifications (Advanced): 49 | Pursue advanced certifications as you gain experience, such as Certified Cloud Security Professional (CCSP) or Certified Information Systems Security Professional (CISSP). 50 | 51 | 11. Bug Bounty Programs: 52 | Participate in cloud-related bug bounty programs to apply skills in real-world scenarios. 53 | 54 | 12. Build a Portfolio: 55 | Document your projects, achievements, and skills in an online portfolio or resume. 56 | Remember, cloud security is a rapidly evolving field, so a commitment to lifelong learning and adaptability is key to success. Good luck on your journey to becoming a Cloud Security Analyst! 57 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Awareness & Training Instructor/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "roadmap": [ 3 | { 4 | "topic": "Phishing Awareness", 5 | "description": "Teaching employees how to recognize and deal with potential phishing emails.", 6 | "skills": ["Email Security", "Phishing Detection"], 7 | "resources": ["https://www.cisa.gov/sites/default/files/publications/Cybersecurity%20Awareness%20Month%202021%20-%20Phishing%20Tip%20Sheet.pdf"] 8 | }, 9 | { 10 | "topic": "Password Security", 11 | "description": "Instruction on using strong passwords and avoiding personal passwords.", 12 | "skills": ["Password Management", "Authentication Practices"], 13 | "resources": ["https://www.blackhillsinfosec.com/rotating-your-passwords-after-a-password-manager-breach/"] 14 | }, 15 | { 16 | "topic": "Privacy Issues", 17 | "description": "Instructions on how to protect sensitive data of customers, partners, other employees, and the company.", 18 | "skills": ["Data Privacy", "Policy Compliance"], 19 | "resources": ["https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/"] 20 | }, 21 | { 22 | "topic": "Compliance", 23 | "description": "Covering compliance for HIPAA, PCI, and GDPR.", 24 | "skills": ["Regulatory Compliance", "Legal Understanding"], 25 | "resources": ["Link to Compliance Training"] 26 | }, 27 | { 28 | "topic": "Insider Threats", 29 | "description": "Instructing employees how to recognize threats that may come from inside the organization.", 30 | "skills": ["Threat Recognition", "Insider Threat Management"], 31 | "resources": ["Link to Insider Threat Training"] 32 | }, 33 | { 34 | "topic": "CEO/Wire Fraud", 35 | "description": "Showing employees how attackers may impersonate a C-level executive to defraud the company.", 36 | "skills": ["Social Engineering Awareness", "Fraud Prevention"], 37 | "resources": ["Link to CEO/Wire Fraud Training"] 38 | }, 39 | { 40 | "topic": "Data in Motion", 41 | "description": "Helping employees understand how vulnerable data in motion is and how they can protect it.", 42 | "skills": ["Data Encryption", "Secure Communication"], 43 | }, 44 | { 45 | "topic": "Office Hygiene", 46 | "description": "Helping employees understand the best way to protect paper, desks, screens, and buildings.", 47 | "skills": ["Physical Security", "Clean Desk Policies"], 48 | 49 | } 50 | ], 51 | "essential_skills": [ 52 | "Effective Communication", 53 | "Training Design and Delivery", 54 | "Cybersecurity Knowledge", 55 | "Continuous Learning", 56 | "Analytical Skills" 57 | ], 58 | "additional_resources": [ 59 | { 60 | "link": "https://www.cybrary.it/", 61 | "title": "Cybrary", 62 | "author": "Cybrary" 63 | }, 64 | { 65 | "link": "https://www.linkedin.com/learning/", 66 | "title": "LinkedIn Learning", 67 | "author": "LinkedIn" 68 | }, 69 | { 70 | "link": "https://www.coursera.org/", 71 | "title": "Coursera", 72 | "author": "Coursera" 73 | } 74 | ] 75 | } 76 | 77 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Consultant/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "FoundationalTechnicalSkills": { 3 | "Networking": "Learn networking fundamentals and protocols.", 4 | "OperatingSystems": "Gain proficiency in both Windows and Linux systems.", 5 | "ProgrammingAndScripting": "Acquire scripting skills, especially in Python and Bash.", 6 | "SecurityFundamentals": "Understand basic security concepts, cryptography, and security frameworks.", 7 | "EthicalHackingAndPenetrationTesting": "Dive into ethical hacking and penetration testing methodologies.", 8 | "WebApplicationSecurity": "Learn about common web vulnerabilities and secure coding practices.", 9 | "IncidentResponse": "Understand incident response procedures and practices.", 10 | "SecurityCertifications": "Pursue certifications like Security +.", 11 | "SpecializedAreas": "Choose a specialization such as malware analysis, cloud security, or IoT security.", 12 | "ObtainAdvancedCertifications": "Obtain advanced certifications like Certified Information Systems Security Professional (CISSP).", 13 | "SecurityArchitecture": "Learn to design secure systems and architectures." 14 | }, 15 | "SoftSkills": { 16 | "CommunicationSkills": "Develop effective communication skills for client interactions.", 17 | "BusinessAcumen": "Understand business operations to align security solutions with organizational goals.", 18 | "ProjectManagement": "Acquire project management skills to handle consulting projects." 19 | } 20 | } 21 | 22 | 23 | 24 | { 25 | "Technical Skills": [ 26 | { 27 | "Title": "Network Security", 28 | "Source": "CISCO", 29 | "Link": "https://www.netacad.com/courses/cybersecurity/network-security" 30 | }, 31 | { 32 | "Title": "Malware Analysis", 33 | "Source": "Udemy - Nikola Milosevic", 34 | "Link": "https://www.udemy.com/course/malware-analysis-and-reverse-engineering/" 35 | }, 36 | { 37 | "Title": "Cryptography", 38 | "Source": "Udemy - Logix Academy", 39 | "Link": "https://www.udemy.com/course/cybersecurity-from-beginner-to-expert/" 40 | }, 41 | { 42 | "Title": "Penetration Testing", 43 | "Source": "eJPT", 44 | "Link": "https://security.ine.com/certifications/ejpt-certification/" 45 | }, 46 | { 47 | "Title": "Incident Response", 48 | "Source": "Coursera", 49 | "Link": "https://www.coursera.org/learn/incident-response" 50 | } 51 | ], 52 | "Soft Skills": [ 53 | { 54 | "Title": "Analytical Thinking", 55 | "Source": "Coursera", 56 | "Link": "https://www.coursera.org/courses?query=critical%20thinking" 57 | }, 58 | { 59 | "Title": "Problem Solving", 60 | "Source": "Coursera - University of California, Irvine", 61 | "Link": "https://www.coursera.org/learn/problem-solving" 62 | }, 63 | { 64 | "Title": "Communication Skills", 65 | "Source": "Coursera - Imperial College London", 66 | "Link": "https://www.coursera.org/learn/creative-thinking-techniques-and-tools-for-success" 67 | }, 68 | { 69 | "Title": "Teamwork and Collaboration", 70 | "Source": "Udemy - Athena e-learn", 71 | "Link": "https://www.udemy.com/course/learn-teamwork-collaboration-and-relationship-development" 72 | } 73 | ] 74 | } 75 | -------------------------------------------------------------------------------- /Purple Team/Red & Blue Team Coordinator/Skills.json: -------------------------------------------------------------------------------- 1 | { 2 | "roadmap": [ 3 | { 4 | "topic": "Phishing Awareness", 5 | "description": "Teaching employees how to recognize and deal with potential phishing emails.", 6 | "skills": ["Email Security", "Phishing Detection"], 7 | "resources": ["https://www.cisa.gov/sites/default/files/publications/Cybersecurity%20Awareness%20Month%202021%20-%20Phishing%20Tip%20Sheet.pdf"] 8 | }, 9 | { 10 | "topic": "Password Security", 11 | "description": "Instruction on using strong passwords and avoiding personal passwords.", 12 | "skills": ["Password Management", "Authentication Practices"], 13 | "resources": ["https://www.blackhillsinfosec.com/rotating-your-passwords-after-a-password-manager-breach/"] 14 | }, 15 | { 16 | "topic": "Privacy Issues", 17 | "description": "Instructions on how to protect sensitive data of customers, partners, other employees, and the company.", 18 | "skills": ["Data Privacy", "Policy Compliance"], 19 | "resources": ["https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/"] 20 | }, 21 | { 22 | "topic": "Compliance", 23 | "description": "Covering compliance for HIPAA, PCI, and GDPR.", 24 | "skills": ["Regulatory Compliance", "Legal Understanding"], 25 | "resources": ["Link to Compliance Training"] 26 | }, 27 | { 28 | "topic": "Insider Threats", 29 | "description": "Instructing employees how to recognize threats that may come from inside the organization.", 30 | "skills": ["Threat Recognition", "Insider Threat Management"], 31 | "resources": ["Link to Insider Threat Training"] 32 | }, 33 | { 34 | "topic": "CEO/Wire Fraud", 35 | "description": "Showing employees how attackers may impersonate a C-level executive to defraud the company.", 36 | "skills": ["Social Engineering Awareness", "Fraud Prevention"], 37 | "resources": ["Link to CEO/Wire Fraud Training"] 38 | }, 39 | { 40 | "topic": "Data in Motion", 41 | "description": "Helping employees understand how vulnerable data in motion is and how they can protect it.", 42 | "skills": ["Data Encryption", "Secure Communication"], 43 | }, 44 | { 45 | "topic": "Office Hygiene", 46 | "description": "Helping employees understand the best way to protect paper, desks, screens, and buildings.", 47 | "skills": ["Physical Security", "Clean Desk Policies"], 48 | 49 | } 50 | ], 51 | "essential_skills": [ 52 | "Effective Communication", 53 | "Training Design and Delivery", 54 | "Cybersecurity Knowledge", 55 | "Continuous Learning", 56 | "Analytical Skills" 57 | ], 58 | "additional_resources": [ 59 | { 60 | "link": "https://www.cybrary.it/", 61 | "title": "Cybrary", 62 | "author": "Cybrary" 63 | }, 64 | { 65 | "link": "https://www.linkedin.com/learning/", 66 | "title": "LinkedIn Learning", 67 | "author": "LinkedIn" 68 | }, 69 | { 70 | "link": "https://www.coursera.org/", 71 | "title": "Coursera", 72 | "author": "Coursera" 73 | } 74 | ] 75 | } 76 | 77 | -------------------------------------------------------------------------------- /Blue Team/ICS Cyber Security(OT)/ICS.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING INDUSTRIAL CONTROL SYSTEM (ICS) IN CYBERSECURITY 2 | 3 | ![CybersecurityIndustrial Control Systems Expert](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/478ed353-f0e8-4aa6-b17d-481bf09a9680) 4 | 5 | 6 | OR USE THE PDF ;) 7 | 8 | [CybersecurityIndustrial Control Systems Expert.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13481206/CybersecurityIndustrial.Control.Systems.Expert.pdf) 9 | 10 | # Our roadmap to becoming an Industrial Control System (ICS) Cybersecurity Expert 11 | 12 | Foundation: 13 | 14 | Networking Basics: 15 | Learn the fundamentals of networking, including TCP/IP, subnetting, and basic protocols. 16 | Operating Systems: 17 | Gain proficiency in operating systems commonly used in industrial environments, such as Windows and Linux. 18 | Cybersecurity Fundamentals: 19 | 20 | Security Concepts: 21 | Understand core cybersecurity concepts like confidentiality, integrity, and availability (CIA). 22 | Cryptography: 23 | Learn the basics of cryptography and its application in securing communications. 24 | Industrial Control Systems Basics: 25 | 26 | SCADA Systems: 27 | Familiarize yourself with Supervisory Control and Data Acquisition (SCADA) systems and their components. 28 | PLCs and RTUs: 29 | Understand how Programmable Logic Controllers (PLCs) and Remote Terminal Units (RTUs) work. 30 | Cybersecurity for ICS: 31 | 32 | ICS Security Standards: 33 | Study relevant ICS security standards such as ISA/IEC 62443 and NIST SP 800-82. 34 | Threat Landscape: 35 | Explore the specific threats and challenges faced by ICS environments. 36 | Incident Response and Recovery: 37 | 38 | ICS Incident Response: 39 | Develop skills in responding to and recovering from security incidents in ICS environments. 40 | Forensics: 41 | Learn ICS-specific forensics techniques for investigating incidents. 42 | Network Security for ICS: 43 | 44 | Segmentation: 45 | Understand the importance of network segmentation in ICS environments. 46 | Firewalls and Intrusion Detection Systems: 47 | Learn how to implement and configure firewalls and IDS tailored for ICS. 48 | Security Assessments and Auditing: 49 | 50 | Vulnerability Assessments: 51 | Conduct vulnerability assessments specific to ICS environments. 52 | Penetration Testing: 53 | Gain skills in penetration testing for ICS systems. 54 | Secure Development Practices: 55 | 56 | Secure Coding for ICS: 57 | Learn secure coding practices for developing software used in ICS. 58 | Secure Configurations: 59 | Understand and implement secure configurations for ICS components. 60 | Continuous Learning: 61 | 62 | Stay Updated: 63 | Regularly follow updates in ICS cybersecurity, new vulnerabilities, and emerging threats. 64 | Certifications: 65 | Consider obtaining relevant certifications such as ICS-CERT certifications, ISA/IEC 62443 Cybersecurity certificates, or others recognized in the field. 66 | Community Engagement: 67 | 68 | Participate in Forums: 69 | Join online forums and communities dedicated to ICS cybersecurity. 70 | Networking: 71 | Attend industry conferences and network with professionals in the field. 72 | -------------------------------------------------------------------------------- /Purple Team/Red & Blue Team Coordinator/RTO.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING RED & BLUE TEAM COORDINATION 2 | 3 | 4 | 5 | 6 | OR USE THE PDF :) 7 | 8 | 9 | 10 | 11 | # Our guide to becoming a red & blue team coordinator 12 | Foundation: 13 | 1. Basic Networking: 14 | - Understand TCP/IP, subnetting, routing, and basic network protocols. 15 | - Familiarize yourself with common networking tools. 16 | 17 | 2. Operating Systems: 18 | - Gain proficiency in both Windows and Linux operating systems. 19 | - Learn system administration tasks. 20 | 21 | 3. Programming and Scripting: 22 | - Learn scripting languages like Python or PowerShell. 23 | - Understand automation for repetitive tasks. 24 | 25 | Red Team Skills: 26 | 4. Ethical Hacking: 27 | - Study penetration testing methodologies. 28 | - Practice using tools like Metasploit, Burp Suite, and Nmap. 29 | 30 | 5. Web Application Security: 31 | - Learn about common web vulnerabilities (OWASP Top 10). 32 | - Practice exploiting and securing web applications. 33 | 34 | 6. Network Security: 35 | - Understand network vulnerabilities and attacks. 36 | - Learn to use tools like Wireshark for packet analysis. 37 | 38 | 7. Social Engineering: 39 | - Study social engineering techniques. 40 | - Learn to recognize and defend against social engineering attacks. 41 | 42 | 8. Advanced Techniques: 43 | - Gain knowledge of advanced techniques like privilege escalation, lateral movement, and persistence. 44 | 45 | Blue Team Skills: 46 | 9. Security Fundamentals: 47 | - Understand security principles and concepts. 48 | - Learn about encryption, authentication, and access controls. 49 | 50 | 10. Incident Response: 51 | - Study incident response processes. 52 | - Practice identifying and containing security incidents. 53 | 54 | 11. Security Information and Event Management (SIEM): 55 | - Familiarize yourself with SIEM tools like Splunk or ELK. 56 | - Learn to analyze logs and detect anomalies. 57 | 58 | 12. Firewalls and Intrusion Prevention Systems (IPS): 59 | - Gain expertise in configuring and managing firewalls and IPS. 60 | - Understand rule-based security. 61 | 62 | 13. Endpoint Protection: 63 | - Learn about antivirus, endpoint detection, and response (EDR) solutions. 64 | - Practice securing and monitoring endpoints. 65 | 66 | 14. Continuous Monitoring: 67 | - Implement continuous monitoring solutions. 68 | - Understand the importance of real-time threat detection. 69 | 70 | Leadership and Coordination: 71 | 15. Communication Skills: 72 | - Develop effective communication skills for both technical and non-technical audiences. 73 | 74 | 16. Team Coordination: 75 | - Understand how to lead and coordinate Red and Blue Team activities. 76 | - Foster collaboration and information sharing. 77 | 78 | 17. Policy and Compliance: 79 | - Gain knowledge of cybersecurity policies and compliance standards. 80 | - Ensure that security measures align with organizational policies. 81 | 82 | 18. Training and Awareness: 83 | - Provide training to team members and raise cybersecurity awareness across the organization. 84 | 85 | -------------------------------------------------------------------------------- /Red Team/Penetration Tester/PEN.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING PENETRATION TESTING 2 | 3 | ![Penetration Tester](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/ca415e10-89ff-467c-8dce-b6e395633b89) 4 | 5 | 6 | OR USE THE PDF :) 7 | 8 | [Penetration Tester.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13063679/Penetration.Tester.pdf) 9 | 10 | 11 | # Our guide to becoming an Penetration Tester 12 | 13 | 14 | Networking Fundamentals: A strong understanding of network protocols, architectures, and the OSI model. 15 | 16 | Operating Systems: Proficiency in various operating systems, especially Linux and Windows. 17 | 18 | Programming and Scripting: Knowledge of scripting languages like Python, Bash, or PowerShell 19 | for automation and tool development. 20 | 21 | Web Application Security: Expertise in identifying and exploiting web application 22 | vulnerabilities, including SQL injection, XSS, CSRF, etc. 23 | 24 | Network Security: Understanding of network security concepts, firewalls, intrusion detection systems, and VPNs. 25 | 26 | Vulnerability Assessment: Ability to scan and assess systems for vulnerabilities using tools like Nessus, OpenVAS, or Qualys. 27 | 28 | Wireless Security: Knowledge of wireless network security and the ability to conduct Wi-Fi penetration testing. 29 | 30 | Cryptography: Understanding of cryptographic principles and their application in securing data and communications. 31 | 32 | Reverse Engineering: Ability to analyze and reverse engineer software and malware to identify vulnerabilities. 33 | 34 | Exploit Development: Proficiency in developing and understanding exploits for known vulnerabilities. 35 | 36 | Social Engineering: Knowledge of social engineering techniques to test human vulnerabilities. 37 | Penetration Testing Frameworks: Familiarity with tools and frameworks like Metasploit, Burp Suite, and Nmap. 38 | 39 | Web and Mobile App Testing: Experience in testing both web and mobile applications for security flaws. 40 | 41 | Cloud Security: Understanding of cloud platforms (AWS, Azure, GCP) and their security considerations. 42 | 43 | IoT Security: Knowledge of securing Internet of Things (IoT) devices and networks. 44 | Physical Security: Understanding physical security assessments, including access control and surveillance systems. 45 | 46 | Report Writing: Ability to document findings and produce clear and comprehensive penetration test reports. 47 | 48 | Legal and Compliance Knowledge: Understanding of laws, regulations, and compliance requirements related to cybersecurity. 49 | 50 | Continuous Learning: A commitment to staying updated on the latest threats, vulnerabilities, and security trends. 51 | 52 | Communication and Collaboration: Strong communication skills to interact with clients and collaborate with security teams. 53 | 54 | Problem-Solving: The ability to think critically, identify security issues, and devise effective solutions. 55 | 56 | Ethics and Professionalism: Adherence to ethical hacking guidelines and maintaining professionalism in all engagements. 57 | 58 | Certifications: Relevant certifications like CEH, OSCP, CISSP, or CompTIA Security+ for credibility and knowledge validation. 59 | -------------------------------------------------------------------------------- /Blue Team/Cybersecurity Operations & Security Manager/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | 2 | { 3 | "podcasts": [ 4 | { 5 | "title": "Darknet Diaries", 6 | "link": "https://darknetdiaries.com/" 7 | }, 8 | { 9 | "title": "Risky Biz", 10 | "link": "https://risky.biz/" 11 | }, 12 | { 13 | "title": "Security Now", 14 | "link": "https://www.grc.com/securitynow.htm" 15 | }, 16 | { 17 | "title": "Hacking Humans", 18 | "link": "https://thecyberwire.com/podcasts/hacking-humans" 19 | }, 20 | { 21 | "title": "Unsupervised Learning", 22 | "link": "https://danielmiessler.com/podcast/" 23 | }, 24 | { 25 | "title": "The Social Engineering Podcast", 26 | "link": "https://www.social-engineer.org/category/podcast/" 27 | }, 28 | { 29 | "title": "7 Minute Security", 30 | "link": "https://7ms.us/" 31 | }, 32 | { 33 | "title": "Smashing Security", 34 | "link": "https://www.smashingsecurity.com/" 35 | }, 36 | { 37 | "title": "Down the Security Rabbithole", 38 | "link": "https://rabbithole.security.com/" 39 | }, 40 | { 41 | "title": "Complete Privacy and Security Podcast", 42 | "link": "https://inteltechniques.com/podcast.html" 43 | }, 44 | { 45 | "title": "Defensive Security", 46 | "link": "https://defensivesecurity.org/" 47 | }, 48 | { 49 | "title": "Troy Hunt’s Podcast", 50 | "link": "https://www.troyhunt.com/tag/security/" 51 | }, 52 | { 53 | "title": "Cyber Security Cafe", 54 | "link": "https://beverlyroche.com/" 55 | }, 56 | { 57 | "title": "Task Force 7 Podcast", 58 | "link": "https://www.taskforce7radio.com/" 59 | }, 60 | { 61 | "title": "Defending Digital Podcast", 62 | "link": "https://defendingdigital.com/" 63 | }, 64 | { 65 | "title": "The Information Security Forum", 66 | "link": "https://www.securityforum.org/" 67 | }, 68 | { 69 | "title": "The Swansea Cyber Law and Security Podcast", 70 | "link": "https://www.swansea.ac.uk/law/research/podcasts/" 71 | }, 72 | { 73 | "title": "The Application Security Podcast", 74 | "link": "https://www.securityjourney.com/resources/application-security-podcast/" 75 | } 76 | ], 77 | 78 | "books": [ 79 | { 80 | "title": "Hacking: The Art of Exploitation", 81 | "author": "Jon Erickson", 82 | "rating": "4.2/5.0", 83 | "buy_link": "https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441" 84 | }, 85 | { 86 | "title": "The Cybersecurity Manager's Guide", 87 | "author": "Todd Barnum", 88 | "buy_link": "https://www.oreilly.com/library/view/the-cybersecurity-managers/9781492076209/" 89 | }, 90 | { 91 | "title": "Cybersecurity Operations Handbook", 92 | "author": "John W. Rittinghouse and William M. Hancock", 93 | "buy_link": "https://www.sciencedirect.com/book/9781555583064/cybersecurity-operations-handbook" 94 | }, 95 | { 96 | "title": "Certified Cyber Security Operations Manager", 97 | "author": "Unknown", 98 | "buy_link": "https://www.amazon.com/Certified-Cyber-Security-Operations-Manager/dp/1734064056" 99 | } 100 | ] 101 | } 102 | -------------------------------------------------------------------------------- /Blue Team/Cloud Security Analyst/Books & Podcasts.json: -------------------------------------------------------------------------------- 1 | { 2 | "Books": [ 3 | { 4 | "Title": "Securing the Cloud: Cloud Computer Security Techniques and Tactics", 5 | "Authors": ["Vic (J.R.) Winkler"], 6 | "Link": "https://www.amazon.com/Securing-Cloud-Computer-Security-Techniques/dp/0470589875" 7 | }, 8 | { 9 | "Title": "Cloud Native Security", 10 | "Authors": ["Chris Binnie", "Rory McCune"], 11 | "Link": "https://www.amazon.com/Cloud-Native-Security-Chris-Binnie/dp/1492057515" 12 | }, 13 | { 14 | "Title": "Mastering Azure Security", 15 | "Authors": ["Mustafa Toroman", "Tom Janetscheck"], 16 | "Link": "https://www.packtpub.com/product/mastering-azure-security/9781789611787" 17 | }, 18 | { 19 | "Title": "Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance", 20 | "Authors": ["Tim Mather", "Subra Kumaraswamy", "Shahed Latif"], 21 | "Link": "https://www.amazon.com/Cloud-Security-Privacy-Enterprise-Compliance/dp/0596802765" 22 | }, 23 | { 24 | "Title": "The Cloud Security Ecosystem: Technical, Legal, Business, and Management Issues", 25 | "Authors": ["Ryan Ko", "Kim-Kwang Raymond Choo"], 26 | "Link": "https://www.amazon.com/Cloud-Security-Ecosystem-Technical-Management/dp/1119966602" 27 | }, 28 | { 29 | "Title": "Cloud Computing Security: Foundations and Challenges", 30 | "Authors": ["John R. Vacca"], 31 | "Link": "https://www.amazon.com/Cloud-Computing-Security-Foundations-Challenges/dp/1439827376" 32 | }, 33 | { 34 | "Title": "Practical Cloud Security: A Guide for Secure Design and Deployment", 35 | "Authors": ["Chris Dotson"], 36 | "Link": "https://www.amazon.com/Practical-Cloud-Security-Secure-Deployment/dp/1492057019" 37 | }, 38 | { 39 | "Title": "Cloud Security Automation", 40 | "Authors": ["Prashant Priyam"], 41 | "Link": "https://www.amazon.com/Cloud-Security-Automation-Prashant-Priyam-ebook/dp/B08MTGQVQT" 42 | }, 43 | { 44 | "Title": "Cloud Security and Governance: Who’s on Your Cloud?", 45 | "Authors": ["Sumner Blount", "Rob Zanella"], 46 | "Link": "https://www.amazon.com/Cloud-Security-Governance-Whos-Your/dp/1119548575" 47 | } 48 | ], 49 | "Podcasts": [ 50 | { 51 | "Title": "BriefingsDirect", 52 | "Link": "https://www.briefingsdirect.com/", 53 | "Authors": ["BriefingsDirect"] 54 | }, 55 | { 56 | "Title": "Cloud Security Podcast", 57 | "Link": "https://www.cloudsecuritypodcast.tv/", 58 | "Authors": ["Cloud Security Podcast"] 59 | }, 60 | { 61 | "Title": "Deloitte On Cloud", 62 | "Link": "https://www2.deloitte.com/us/en/pages/consulting/topics/cloud-podcast.html", 63 | "Authors": ["Deloitte On Cloud"] 64 | }, 65 | { 66 | "Title": "Intel Chip-Chat", 67 | "Link": "https://www.intel.com/content/www/us/en/it-management/chip-chat-library.html", 68 | "Authors": ["Intel Chip-Chat"] 69 | }, 70 | { 71 | "Title": "Purple Squad Security", 72 | "Link": "https://purplesquadsec.com/", 73 | "Authors": ["Purple Squad Security"] 74 | }, 75 | { 76 | "Title": "The Shared Security Podcast", 77 | "Link": "https://sharedsecurity.net/podcast-episodes/", 78 | "Authors": ["The Shared Security Podcast"] 79 | } 80 | ] 81 | } 82 | -------------------------------------------------------------------------------- /Blue Team/Malware Analyst/MAL.md: -------------------------------------------------------------------------------- 1 | # ROADMAP TO MASTERING MALWARE ANALYSIS 2 | ![Malware Analyst](https://github.com/d3vobed/EverythingCyb3R/assets/66479041/dd166915-0abb-4abf-8adf-645a53c01d8e) 3 | 4 | 5 | 6 | OR USE THE PDF ;) 7 | 8 | [Malware Analyst.pdf](https://github.com/d3vobed/EverythingCyb3R/files/13626052/Malware.Analyst.pdf) 9 | 10 | 11 | 12 | # Our roadmap to becoming a Malware Analyst 13 | 14 | Learn Basic IT Skills: 15 | 16 | Gain proficiency in basic IT skills, including operating systems (Windows, Linux), networking concepts, and system administration. 17 | 18 | Programming Languages: 19 | 20 | Learn programming languages commonly used in malware analysis, such as Python, C, and Assembly. This will help you understand and write scripts to analyze malicious code. 21 | 22 | Networking: 23 | 24 | Deepen your understanding of networking protocols and concepts. Malware often communicates over networks, so understanding how data is transmitted is crucial. 25 | 26 | Security Concepts: 27 | 28 | Study fundamental security concepts, including cryptography, access control, and security policies. Familiarize yourself with common security frameworks. 29 | 30 | Operating System Internals: 31 | 32 | Gain knowledge of operating system internals, particularly Windows. Understand how processes, memory, and file systems work, as malware often exploits vulnerabilities in these areas. 33 | 34 | Reverse Engineering: 35 | 36 | Learn reverse engineering techniques and tools. This involves dissecting and understanding the functionality of malware. IDA Pro and OllyDbg are popular tools for this. 37 | 38 | Malware Analysis Tools: 39 | 40 | Familiarize yourself with malware analysis tools like Wireshark (for network analysis), Process Monitor, and Process Explorer (for system activity monitoring), and various antivirus tools. 41 | 42 | Behavioral Analysis: 43 | 44 | Learn how to conduct behavioral analysis to understand how malware behaves in different environments. This includes monitoring changes to the file system, registry, and network traffic. 45 | 46 | Static and Dynamic Analysis: 47 | 48 | Master both static analysis (examining the code without executing it) and dynamic analysis (observing the behavior of the malware in a controlled environment). This helps in identifying and understanding different types of malware. 49 | 50 | Stay Updated: 51 | 52 | Keep abreast of the latest malware threats, attack vectors, and security trends. Follow reputable blogs, forums, and attend conferences to stay informed. 53 | 54 | Build a Portfolio: 55 | 56 | Create a portfolio showcasing your practical experience. Document analyses you've conducted and any tools or scripts you've developed. 57 | 58 | Certifications: 59 | 60 | Consider obtaining relevant certifications such as Certified Malware Analyst (CMA) or Certified Reverse Engineering Analyst (CREA) to validate your skills. 61 | 62 | Networking: 63 | 64 | Connect with professionals in the field. Attend industry conferences, join online forums, and participate in malware analysis communities. 65 | 66 | Apply for Internships or Entry-level Positions: 67 | 68 | Gain hands-on experience by applying for internships or entry-level positions in cybersecurity or incident response teams. 69 | --------------------------------------------------------------------------------