Security Resources
Curated collection of cybersecurity tools, learning resources, and references for security professionals
Security Resources Hub
A curated collection of tools, references, and learning materials that have shaped my 15+ years in cybersecurity. Updated regularly as I discover new resources.
🛠️ Essential Security Tools
Network Security
🔍 Scanning & Discovery
Vulnerability Management
🎯 Scanning & Assessment
SIEM & Log Analysis
📊 Open Source SIEM
- Wazuh - Unified XDR and SIEM
- Elastic Security - Elastic Stack for security
- Graylog - Log management platform
- SIEMonster - Affordable SIEM
🔎 Log Analysis Tools
- HELK - Hunting ELK stack
- Sigma - Generic signature format
- Chainsaw - Windows event log analysis
- Uncoder.io - Query translator
Incident Response
🚨 IR Toolkit
Memory Analysis
- Volatility - Memory forensics
- MemProcFS - Memory process file system
- Rekall - Memory analysis framework
Forensics Tools
- The Sleuth Kit - Disk forensics
- Plaso - Timeline generation
- DFIR ORC - Forensic artifact collection
📚 Learning Resources
Getting Started in Security
🎯 Beginner Path
- Fundamentals
- Professor Messer Security+ - Free video course
- Cybrary - Free cybersecurity training
- Hands-On Practice
- TryHackMe - Guided security challenges
- HackTheBox - Pentesting labs
- Build Projects
- Set up a home SIEM with Wazuh
- Create a honeypot with Raspberry Pi
- Build a vulnerability scanner
Continuous Learning
📰 News & Updates
🎙️ Podcasts
📺 YouTube Channels
Training Platforms
🎓 Online Training
Free/Affordable
- Professor Messer - CompTIA training
- SANS Cyber Ranges - Free challenges
- PortSwigger Academy - Web security
- PicoCTF - Beginner CTF
Premium
- Offensive Security - OSCP, OSEP
- SANS - Industry gold standard
- TCM Security - Practical courses
- PentesterLab - Web pentesting
🏛️ Frameworks & Standards
Security Frameworks
📋 Essential Frameworks
- NIST Cybersecurity Framework
- Official Site - Identify, Protect, Detect, Respond, Recover
- MITRE ATT&CK
- ATT&CK Matrix - Adversary tactics and techniques
- CIS Controls
- CIS Controls v8 - Prioritized security actions
- Zero Trust Architecture
- NIST SP 800-207 - Never trust, always verify
Compliance Standards
🏛️ Government
- FedRAMP - Federal cloud security
- DISA STIGs - Security technical guides
- NIST 800-53 - Security controls
- CDM - Continuous diagnostics
🤖 AI & Security Resources
AI Security Tools
🧠 AI/ML Security
Defensive Tools
- ART - Adversarial Robustness Toolbox
- CleverHans - Adversarial examples library
- Rebuff - Prompt injection detection
Resources
- OWASP LLM Top 10
- AI Village - AI security community
- AI Supply Chain Security
🏠 Homelab Resources
Getting Started
🔧 Homelab Essentials
Virtualization
- Proxmox VE - Type 1 hypervisor
- VMware Workstation - Desktop virtualization
- VirtualBox - Free, cross-platform
Networking
- pfSense Docs - Firewall setup
- Pi-hole - DNS sinkhole
- GNS3 - Network simulation
🎯 Career Resources
Certification Paths
🏆 Recommended Cert Paths
Entry Level
CompTIA A+ → Network+ → Security+
Blue Team
CySA+ → GCIH → GNFA → GCFA
Red Team
PenTest+ → OSCP → OSEP → OSEE
Cloud Security
AWS CCP → AWS SAA → AWS Security Specialty
Job Hunting
💼 Job Boards
- Indeed - General job board
- ClearanceJobs - Cleared positions
- USAJobs - Federal positions
- CyberSeek - Career pathways
🤝 Communities
- r/cybersecurity - Reddit community
- InfoSec Discord - Chat community
- Local BSides conferences
- Meetup - Local groups
📖 Recommended Books
Essential Reading
Fundamentals
- The Web Application Hacker's Handbook
- Network Security Through Data Analysis
- Applied Cryptography
Incident Response
- The Art of Memory Forensics
- Incident Response & Computer Forensics
- Blue Team Field Manual
Leadership
- The Phoenix Project
- Tribe of Hackers
- The Cuckoo's Egg
🔄 Stay Updated
This page is updated monthly with new tools and resources I discover.
Have a resource that should be included? Found a broken link?
Suggest a Resource