Welcome to Cyber Insight Newsletter:
Ghufran Ashiq
Network Engineer || Cyber Security Analyst || Risk Assessment || ISO\IEC 27001 LA || CIS Controls || Nerwork Security || Threat Hunting || CCNA || Microsoft Specialist
Your Cybersecurity Training Companion!
Dear LinkedIn Connections,
Welcome to the inaugural edition of Cyber Insight Newsletter! We are excited to embark on this journey together as we dive into the world of cybersecurity training.
In the upcoming newsletters, here's what you can expect:
Blue Team Training:
Gain access to exclusive resources and tutorials focused on defensive cybersecurity strategies,
incident response, and threat intelligence to fortify your organization's defenses
Network Discovery and Mapping
Nmap???? ?????????????????Network scanner
Nuclei ??????????????????????Vulnerability scanner
Masscan ?????????????????Fast network scanner.
Angry IP ??????????????????Scanner IP/port scanner
ZMap ?????????????????????Large network scanner
Shodan ??????????????????Internet facing asset search engine
?Vulnerability Management
?OpenVAS Open-source vulnerability scanner
Nessus Essentials Vulnerability scanner
Nexpose Vulnerability management tool
HackerOne Bug Bounty Management Platform
Security Monitoring
Sysmon System Monitor for Windows
Kibana Data visualization and exploration
Logstash Data collection and processing
parsedmarc Email DMARC data visualisation
Phishing Catcher Phishing catcher using Certstream
maltrail Malicious traffic detection system
Autoruns ToWinEventLog Windows AutoRuns Event Parser
procfilter YARA-integrated process denial?framework
Threat Tools and Techniques
?Unprotect Project Malware evasion techniques knowledge base
chainsaw ? Fast Windows Forensic Artefacts Searcher
freq ? Domain generation algorithm malware detection
yarGen YARA rule generator
EmailAnalyzer Suspicious emails analyser
VCG Code security scanning tool
?Threat Intelligence
Maltego Threat Intelligence Platform
MISP Malware Information Sharing Platform
ThreatConnect Threat data aggregation
Incident Response Planning
NIST Cybersecurity Framework
Incident Response Plan Framework for incident response
Ransomware Response Plan Framework for ransomware response
Malware Detection and Analysis
VirusTotal Malicious IOC Sharing Platform
IDA Malware disassembler and debugger
?Ghidra Malware reverse engineering tool
?Recuva File recovery
Data Recovery
Extundelete ? Ext3 or ext4 partition recovery
TestDisk ? Data Recovery
SANS ????? SIFT Forensic toolkit
领英推荐
Digital Forensics
The Sleuth Kit Disk images analysis tools
Autopsy Digital forensics platform
Red Team Training:
Explore advanced techniques, tools, and case studies to
sharpen your offensive security skills, penetration testing prowess, and threat emulation capabilities.
Here is the list we cover in coming sessions:
Red Tem Tool
1.Reconnaissance
OWASP ,Amass ,Sn1per ,theHarvester ,Recon-ng5 ,Meltego Ce 4,social engineer tool kit,nikto 2,shodan,Spiderfoot,EyeWitness,Gobuster,Resources Development,MSFVenoGDB
2.initial access with
Aircrack-ng,luckystrike,wifi-Pympkin,Gophish ,sqlmap ,king phisher,bash Buny
3.Attack Execution
marco_pack,Dount,Unicorn
4.Attack Perisistence
Empire ,Impacket ,pwncat
5.privilege escalation
Rubeus,UacMe,SharpUp,Certify.Pass--NG ,SWeetPatato
6.Defense Evasion
ProxyChains ,Invoke-Obfuscation,Veil
7.Credentials Access
Mimikatz 2,Hashcat,Responder,Cain & Abel ,John the Ripper ,The Hydra,LaZagane
8.Discovery
BloodHound,Seatbelt ,Kismet,AdRecon
9.Lateral Movememt
Mimikat2 ,PsExec,WMIOps,CracksMapExec,Infection Monkey
10.Comand and Control
Covenant,Pupy,Empiry,Merlin,PoshC2,Silver
?
11.ATT&CK -Exfiltration
Dnscat2,CloakifyFactory,PowerShell-Rat
12.attack impact,slowloris ,low orbit ,lon cannon ,caldera
GRC Resources:
Dive into insights into Governance, Risk, and Compliance (GRC) frameworks, regulations, and best practices to effectively manage cybersecurity risks and ensure regulatory compliance.
Here is the list we cover in coming sessions:
GRC Resources:
1. Governance, Risk, and Compliance (GRC) software platforms
2. NIST Cybersecurity Framework
3. ISO/IEC 27001: Information Security Management System (ISMS)
4. COBIT (Control Objectives for Information and Related Technologies)
5. PCI DSS (Payment Card Industry Data Security Standard)
6. HIPAA (Health Insurance Portability and Accountability Act) compliance tools
7. GDPR (General Data Protection Regulation) compliance solutions
8. ITIL (Information Technology Infrastructure Library) framework
9. CSA (Cloud Security Alliance) Cloud Controls Matrix (CCM)
10. FAIR (Factor Analysis of Information?Risk)?framework
Stay tuned for our upcoming editions, where we'll be delving deeper into each of these areas, providing you with valuable study materials and resources to enhance your cybersecurity expertise.
Subscribe now to join us on this exciting journey towards cybersecurity mastery!
#Cyberseurity #Infosec #pentesting
Warm regards,
Ghufran Ashiq
?
Follow Us on LinkedIn Button