s0cm0nkey/Security-Reference-Guide

## description: Curated cyber security resources for SOC analysts, pentesters, DFIR practitioners, threat intelligence analysts, AppSec teams, and security learners. # All of the Best Links and Resources on Cyber Security  I'm the s0cm0nkey: a security analyst, threat hunter, pentester, researcher, and CTF enthusiast. By day, I run a SOC team and teach cyber security. By night, I play CTFs, hack things, and eat a professional volume of tacos. Ping me any time. I love to talk about all things security. [https://s0cm0nkey.github.io/](https://s0cm0nkey.github.io/) s0cm0nkey@protonmail.com @s0cm0nkeysec @s0cm0nkey@infosec.exchange Check out my online course with Applied Network Defense: Command Line Essentials for Security Analysts!\ [https://www.networkdefense.co/courses/cli/](https://www.networkdefense.co/courses/cli/) ### What is this? There are so many security guides, tools, and writeups floating around the internet that it is hard to know where they all are and which ones are worth your time. I built this reference guide by leaning into my true skill in security: _finding other people's hard work_. This is a curated set of resources I have found useful across cyber security: defensive operations, offensive testing, DFIR, cloud, engineering fundamentals, privacy, and training. Each page should give enough context to help you choose the right resource without turning into a textbook. ## How to use this guide If you are new or trying to jump into a specific role, start with the guided paths and resource index: {% content-ref url="start-here.md" %} [start-here.md](start-here.md) {% endcontent-ref %} {% content-ref url="resource-index.md" %} [resource-index.md](resource-index.md) {% endcontent-ref %} * **Red** is for authorized offensive operations, testing methodology, exploitation, and red/purple team resources. * **Blue** is for defensive operations, detection, hardening, packet analysis, and DFIR. * **Yellow** is for supporting engineering fundamentals: cloud, containers, logging architecture, code, CLI, networking, sysadmin, and AI/ML. * **Grey** is for privacy, Tor, PGP, and OPSEC references. * **Training** is the home for courses, labs, books, CTFs, certifications, and Awesome lists. {% hint style="info" %} Note: These are my personal notes and links curated for public use. The notes and comments are not all of my own. If someone has written something better than I, I will use it and link to their work. I do not claim any copyright or creative content. {% endhint %} {% hint style="danger" %} Warning: Do not use any of the mentioned tools referenced here for illegal, unethical, or questionable purposes. These tools are for legitimate/approved testing and research only. {% endhint %} **Mentions:** {% embed url="https://labs.detectify.com/2021/08/24/hakluke-list-resources-for-beginner-hackers-2021/" %} **Other Publications:** [Logging strategy](https://www.deepwatch.com/blog/logging-strategy/) - also referenced in the Security Logging section. [https://s0cm0nkey.gitbook.io/port-scanner-shootout](https://s0cm0nkey.gitbook.io/port-scanner-shootout)

标签：后端开发