Cybersecurity Resources
Table of contents
- Introduction
- Keeping up to date
- Favorite tools
- Malware samples
- Books
- Awesome lists
- YouTube channels
- Podcasts
- Brazilian portuguese resources section [Bonus]
1. Introduction
This is my personal list of resources, so I am frequently updating it, trying to keep it short and simple (I promise). The main goal is to maintain everything I need to use in my daily basis as a malware analyst. I love to learn from other people, see what they do, what they use, so I believe you can benefit from this as well.
If you have suggestions, check my contact list here and just hit me up! Thanks and enjoy.
2. Keeping up to date
There is a TL;DR section below. I got you covered ;)
As a malware analyst, I need to keep myself up to date with what’s happening in the cyberspace. Almost every day I can find something interesting or useful to read. Here are some of the most frequent examples I come across:
- a recent threat disclosed
- a new vulnerability discovered
- an organization hit by some
/(Black|Lock|Bit|Crypt|Dark)/g
ransomware group - a new technique used by a malware to bypass something
To get all that, I need to check every day in cyber security blogs, vendors, and news outlets. Usually, news outlets replicate publications from vendors, researchers and cybersecurity companies that published that information earlier. So, when it’s related to a malware, I prefer to read directly from the original publication. Other than that, like vulnerabilities, security patches, cyber attacks, etc, I like to check the news outlets because they summarize everything, ask experts, and points out the key takeaways in a clear way.
Hopefully, I don’t need to access each website and look for all articles. For that, I like to use a news aggregator called Feedly. I have been using Feedly for several years and I still use, the free version. Not only for cyber security related things but also for anything else: politics, economics, technology, ordinary news, and so on. The first thing I do is open Feedly and read the headlines, opening the original publication in another tab. That’s it!
I exported my Feedly’s Security folder containing all my subscriptions in the OPML format. You can use it (get here) to import into your own Feedly.
<TL;DR> Feedly.com as a news aggregator Import my latest exported Feedly OPML file
- News outlets: BleepingComputer The Hacker News ZDNet SecurityAffairs Security Week ThreatPost Packet Storm Security Dark Reading
- Vendors/Governmental Agencies Appgate AT&T Check Point Research CISA Cisco Talos Crowdstrike Cyber Reason FireEye (Mandiant) F-Secure Labs Flashpoint G-DATA Google TAG MalwareBytes Microsoft Security Blog Proofpoint Qualys Security SecureList (Kaspersky) Sophos Labs SpiderLabs (Trustwave) ThreatFabric TrendMicro Unit42 VirusTotal blog WeLiveSecurity (ESET)
</TL;DR>
3. Favorite Tools
Note that some of them are not malware analysis related but I find them useful, so they are part of my toolset.
VMs (Virtual Machines)
Kali Linux (for malware servers’ content discovery and [REDACTED]) REMNux (for Reverse Engineering, ready-to-use tools, and ELF analysis) Windows machines (for malware analysis)
Online
Any.run ASCII To Hex CyberChef Malpedia Malware Bazaar Regex101 VirusTotal (Enterprise)
Multi-platform
DIE (Detect It Easy) Fiddler Ghidra Wireshark x64dbg
Windows
FileGrab HxD (Hex editor) SysInternals
Linux
sudo apt-get install bless
- binwalk
sudo apt-get install binwalk
- foremost
4. Malware Samples
I will post here only free resources so it can be available for anyone.
MalwareBazaar VX Undeground Malshare VirusShare - You need to request for an account. It not difficult to obtain one. Just send them an email.
5. Books
For malware analysis, this is THE BOOK: Practical Malware Analysis. You can learn the methodologies, techniques, tools, etc, used to analyze Desktop malware samples.
I’m an enthusiast of darknet and I have a history as a blue teamer working against the cybercrime, so this book was very pleasant to read: American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road.
6. Awesome Lists
An Awesome List is a curated list of resources - hosted in Github repositories - about a specific topic. Everyone can create an awesome list following a guideline, or contributing to the existing ones.
What I most like about them, is that they contain useful resources covering specific topics and their respectives sub-topics. We can find pretty much anything on them, since lists of lists, tools, blog posts, (free/paid) courses, YouTube channels, lectures, articles, and so on.
Below there are some awesome lists related with malware analysis: android-security-awesome awesome-appsec awesome-hacking awesome-incident-response awesome-infosec awesome-malware-analysis awesome-security awesome-threat-intelligence
7. Youtube channels
Here is a list of channels I enjoy and really learn from: Collin Hardy (cybercdh) IppSec John Hammond LiveOverflow Malware Analysis For Hedgehogs Marcus Hutchins (MalwareTech) OALabs
8. Podcasts
Podcasts are nice to listen while you do things that doesn’t need to use your brain too much. This is what I like: CPradio CyberWire Daily Darknet Diaries Malicious Life The Privacy, Security, & OSINT Show Appgate Zero Trust Thirty
9. Brazilian-portuguese resources
Pra vc que não manja de inglês trate de aprender. Felizmente, o material abaixo é tão bom quanto os gringos.
CMDControle - Free courses about the MITRE frameworks ATT&CK and DETT&CT. Daniel Donda - YouTube channel about cybersecurity in pt-br. Hackers Brasil - Podcast Cyber Morning Call - Podcast Mente Binaria - an awesome project to provide solid knowledge about cybersecurity fundamentals. YouTube channel Discord - to chat and meet other people. Forum - to ask more detailed questions. Trainings - awesome free courses. safesrc channel - Security and technology news.
That’s it! I hope you enjoyed it.
Back to the top