• To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!

Introducing the Cyber Cache!

Jump to latest Follow Reply
Rick Butler

Rick Butler

Well-known member
    • Aug 8, 2019
    2,377
    7
    4,349
    130,826
    Colorado Springs, CO
    www.intellitec.edu
    #1
    So I've been talking about setting this up for a while, so I finally got it started.

    The Cyber Cache is a CIN Resource where you can find things for your courses that are CySA / PenTest related. Of course, even I can't come up with a completely exhaustive list, so if you have something that didn't make the list, DM the link(s) over to me and I'll add it to the list. Every once in a while, I'll curate the list to make sure links don't end up broken. But the idea is for us to have a neat place to put this kind of stuff.

    Eventually, we might do one of these Caches for different things for each exam. But for the moment, I wanted to start with this.

    Since a lot of this came from Teresa Nash's CySA TTT, she gets the first shoutout.

    So, let's get this built up!

    /r
     
    • Like
    • Wow
    Reactions: Joel M, Billy L, XValentine and 8 others
    #6
    Rick Butler said:
    So I've been talking about setting this up for a while, so I finally got it started.

    The Cyber Cache is a CIN Resource where you can find things for your courses that are CySA / PenTest related. Of course, even I can't come up with a completely exhaustive list, so if you have something that didn't make the list, DM the link(s) over to me and I'll add it to the list. Every once in a while, I'll curate the list to make sure links don't end up broken. But the idea is for us to have a neat place to put this kind of stuff.

    Eventually, we might do one of these Caches for different things for each exam. But for the moment, I wanted to start with this.

    Since a lot of this came from Teresa Nash's CySA TTT, she gets the first shoutout.

    So, let's get this built up!

    /r
    Click to expand...
    Thanks Rick for this
     
    #10
    • Like
    Reactions: XValentine, Brian Ford, NATUNA and 3 others
    #11
    • Like
    Reactions: Lee McWhorter and Rick Butler
    #13
    Lee McWhorter said:
    Here's a few additions I like. :)

    Vulnerable VMs and CTFs
    Vulnhub: https://www.vulnhub.com/
    Metasploitable 2: https://docs.rapid7.com/metasploit/metasploitable-2/
    Metasploitable 3: https://github.com/rapid7/metasploitable3

    Software:
    VirtualBox: https://www.virtualbox.org/
    GNS3: https://www.gns3.com/

    My Docker images for use in GNS3: https://hub.docker.com/u/tleemcjr

    Lee
    Click to expand...
    I was kinda wondering when you were gonna chime in, Lee. List has been updated with all your wonderful toys. Many thanks, my dude.
     
    • Like
    Reactions: XValentine and Lee McWhorter
    #15
    Here are a few other resources:

    ISAC

    MEMBER ISACS | natlcouncilofisacs

    www.nationalisacs.org www.nationalisacs.org

    CISA

    Home Page | CISA

    Cybersecurity and Infrastructure Security Agency: America's Cyber Defense Agency
    us-cert.cisa.gov us-cert.cisa.gov

    Alienvault (threat intelligence)

    LevelBlue - Open Threat Exchange

    Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
    otx.alienvault.com

    MISP (Open source Threat Intelligence)
    misp-project.org

    MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing

    MISP Threat Intelligence & Sharing
    misp-project.org misp-project.org

    Whois Lookup (DNS lookup)

    Whois Lookup, Domain Availability & IP Search - DomainTools

    Research domain ownership with Whois Lookup: Get ownership info, IP address history, rank, traffic, SEO & more. Find available domains & domains for sale.
    whois.domaintools.com whois.domaintools.com

    Robtex (DNS lookup)
    www.robtex.com

    Welcome to Robtex!

    www.robtex.com www.robtex.com

    ThreatCrowd (Threat - DNS lookup)

    Threat Crowd | Threatcrowd.org Open Source Threat Intelligence

    threatcrowd.org threatcrowd.org

    Virustotal (malware analysis)

    VirusTotal

    VirusTotal
    www.virustotal.com www.virustotal.com

    Hybrid Analysis (malware analysis)

    Free Automated Malware Analysis Service - powered by Falcon Sandbox

    Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.
    hybrid-analysis.com hybrid-analysis.com

    CrackStation (Hash cracking)

    CrackStation - Online Password Hash Cracking - MD5, SHA1, Linux, Rainbow Tables, etc.

    Crackstation is the most effective hash cracking service. We crack: MD5, SHA1, SHA2, WPA, and much more...
    crackstation.net

    GTFO Bins (for security bypass)

    GTFOBins

    gtfobins.github.io gtfobins.github.io

    Payloads All The Things (various payloads)
    github.com

    GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
    github.com github.com
     
    • Like
    Reactions: XValentine, Brian Ford, Hod Berman and 2 others
    #16
    Jarrel said:
    Here are a few other resources:

    ISAC

    MEMBER ISACS | natlcouncilofisacs

    www.nationalisacs.org www.nationalisacs.org

    CISA

    Home Page | CISA

    Cybersecurity and Infrastructure Security Agency: America's Cyber Defense Agency
    us-cert.cisa.gov us-cert.cisa.gov

    Alienvault (threat intelligence)

    LevelBlue - Open Threat Exchange

    Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
    otx.alienvault.com

    MISP (Open source Threat Intelligence)
    misp-project.org

    MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing

    MISP Threat Intelligence & Sharing
    misp-project.org misp-project.org

    Whois Lookup (DNS lookup)

    Whois Lookup, Domain Availability & IP Search - DomainTools

    Research domain ownership with Whois Lookup: Get ownership info, IP address history, rank, traffic, SEO & more. Find available domains & domains for sale.
    whois.domaintools.com whois.domaintools.com

    Robtex (DNS lookup)
    www.robtex.com

    Welcome to Robtex!

    www.robtex.com www.robtex.com

    ThreatCrowd (Threat - DNS lookup)

    Threat Crowd | Threatcrowd.org Open Source Threat Intelligence

    threatcrowd.org threatcrowd.org

    Virustotal (malware analysis)

    VirusTotal

    VirusTotal
    www.virustotal.com www.virustotal.com

    Hybrid Analysis (malware analysis)

    Free Automated Malware Analysis Service - powered by Falcon Sandbox

    Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.
    hybrid-analysis.com hybrid-analysis.com

    CrackStation (Hash cracking)

    CrackStation - Online Password Hash Cracking - MD5, SHA1, Linux, Rainbow Tables, etc.

    Crackstation is the most effective hash cracking service. We crack: MD5, SHA1, SHA2, WPA, and much more...
    crackstation.net

    GTFO Bins (for security bypass)

    GTFOBins

    gtfobins.github.io gtfobins.github.io

    Payloads All The Things (various payloads)
    github.com

    GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
    github.com github.com
    Click to expand...
    Added them. Thanks for that!
     
    • Like
    Reactions: Hod Berman and Jarrel
    #18
    Jarrel said:
    Here are a few other resources:

    ISAC

    MEMBER ISACS | natlcouncilofisacs

    www.nationalisacs.org www.nationalisacs.org

    CISA

    Home Page | CISA

    Cybersecurity and Infrastructure Security Agency: America's Cyber Defense Agency
    us-cert.cisa.gov us-cert.cisa.gov

    Alienvault (threat intelligence)

    LevelBlue - Open Threat Exchange

    Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
    otx.alienvault.com

    MISP (Open source Threat Intelligence)
    misp-project.org

    MISP Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing

    MISP Threat Intelligence & Sharing
    misp-project.org misp-project.org

    Whois Lookup (DNS lookup)

    Whois Lookup, Domain Availability & IP Search - DomainTools

    Research domain ownership with Whois Lookup: Get ownership info, IP address history, rank, traffic, SEO & more. Find available domains & domains for sale.
    whois.domaintools.com whois.domaintools.com

    Robtex (DNS lookup)
    www.robtex.com

    Welcome to Robtex!

    www.robtex.com www.robtex.com

    ThreatCrowd (Threat - DNS lookup)

    Threat Crowd | Threatcrowd.org Open Source Threat Intelligence

    threatcrowd.org threatcrowd.org

    Virustotal (malware analysis)

    VirusTotal

    VirusTotal
    www.virustotal.com www.virustotal.com

    Hybrid Analysis (malware analysis)

    Free Automated Malware Analysis Service - powered by Falcon Sandbox

    Submit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.
    hybrid-analysis.com hybrid-analysis.com

    CrackStation (Hash cracking)

    CrackStation - Online Password Hash Cracking - MD5, SHA1, Linux, Rainbow Tables, etc.

    Crackstation is the most effective hash cracking service. We crack: MD5, SHA1, SHA2, WPA, and much more...
    crackstation.net

    GTFO Bins (for security bypass)

    GTFOBins

    gtfobins.github.io gtfobins.github.io

    Payloads All The Things (various payloads)
    github.com

    GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings
    github.com github.com
    Click to expand...
    Thank you
     
    • Like
    Reactions: Jarrel
    #20
    You must log in or register to reply here.
    Top Bottom
    Back
    Jump to latest Follow Reply
    Jump to latest Follow Reply
    Home
    Media
    Resources
    Menu