Introducing the Cyber Cache!

So I've been talking about setting this up for a while, so I finally got it started.

The Cyber Cache is a CIN Resource where you can find things for your courses that are CySA / PenTest related. Of course, even I can't come up with a completely exhaustive list, so if you have something that didn't make the list, DM the link(s) over to me and I'll add it to the list. Every once in a while, I'll curate the list to make sure links don't end up broken. But the idea is for us to have a neat place to put this kind of stuff.

Eventually, we might do one of these Caches for different things for each exam. But for the moment, I wanted to start with this.

Since a lot of this came from Teresa Nash's CySA TTT, she gets the first shoutout.

So, let's get this built up!

/r
 

Patrick Asamago

Well-known member
Oct 2, 2021
410
407
So I've been talking about setting this up for a while, so I finally got it started.

The Cyber Cache is a CIN Resource where you can find things for your courses that are CySA / PenTest related. Of course, even I can't come up with a completely exhaustive list, so if you have something that didn't make the list, DM the link(s) over to me and I'll add it to the list. Every once in a while, I'll curate the list to make sure links don't end up broken. But the idea is for us to have a neat place to put this kind of stuff.

Eventually, we might do one of these Caches for different things for each exam. But for the moment, I wanted to start with this.

Since a lot of this came from Teresa Nash's CySA TTT, she gets the first shoutout.

So, let's get this built up!

/r
Thanks Rick for this
 
Here's a few additions I like. :)

Vulnerable VMs and CTFs
Vulnhub: https://www.vulnhub.com/
Metasploitable 2: https://docs.rapid7.com/metasploit/metasploitable-2/
Metasploitable 3: https://github.com/rapid7/metasploitable3

Software:
VirtualBox: https://www.virtualbox.org/
GNS3: https://www.gns3.com/

My Docker images for use in GNS3: https://hub.docker.com/u/tleemcjr

Lee
I was kinda wondering when you were gonna chime in, Lee. List has been updated with all your wonderful toys. Many thanks, my dude.
 
Thank you Rick B. Amazing list and resource. I look forward to my CC Espresso, Fedora Latte and a Server+ Calzone.
Thanks for that, Hod! Hope you and yours are able to make use of it. And if you have any additions, get 'em over to me and I'll get them added. /r
 

Jarrel

Well-known member
  • Feb 17, 2020
    350
    1
    522
    Australia
    www.jarrelrivera.com
    Here are a few other resources:

    ISAC

    CISA

    Alienvault (threat intelligence)

    MISP (Open source Threat Intelligence)

    Whois Lookup (DNS lookup)

    Robtex (DNS lookup)

    ThreatCrowd (Threat - DNS lookup)

    Virustotal (malware analysis)

    Hybrid Analysis (malware analysis)

    CrackStation (Hash cracking)

    GTFO Bins (for security bypass)

    Payloads All The Things (various payloads)
     
    Here are a few other resources:

    ISAC

    CISA

    Alienvault (threat intelligence)

    MISP (Open source Threat Intelligence)

    Whois Lookup (DNS lookup)

    Robtex (DNS lookup)

    ThreatCrowd (Threat - DNS lookup)

    Virustotal (malware analysis)

    Hybrid Analysis (malware analysis)

    CrackStation (Hash cracking)

    GTFO Bins (for security bypass)

    Payloads All The Things (various payloads)
    Added them. Thanks for that!
     

    Patrick Asamago

    Well-known member
    Oct 2, 2021
    410
    407
    Here are a few other resources:

    ISAC

    CISA

    Alienvault (threat intelligence)

    MISP (Open source Threat Intelligence)

    Whois Lookup (DNS lookup)

    Robtex (DNS lookup)

    ThreatCrowd (Threat - DNS lookup)

    Virustotal (malware analysis)

    Hybrid Analysis (malware analysis)

    CrackStation (Hash cracking)

    GTFO Bins (for security bypass)

    Payloads All The Things (various payloads)
    Thank you
     
    • Like
    Reactions: Jarrel

    Tess Sluijter

    Well-known member
    Apr 1, 2020
    376
    1
    535
    the Netherlands
    www.kilala.nl
    For people who would like to practice and learn individual vulnerabilities in web apps, instead of tackling a whole DVWA or JuiceShop, there's SKF Labs.

    -> https://github.com/blabla1337/skf-labs

    Every vulnerability on that list has its own, dedicated Docker container for practice. Plus a walkthrough.
     

    Patrick Asamago

    Well-known member
    Oct 2, 2021
    410
    407