Free Resources for Incident Response Professionals
To help make your tough job a bit easier.
External Resources
This is a list of external resources for your reference. None of these links is affiliated with us in any way, but we respect their work and their contribution to the IT Security community. You will find a mixture of offensive and defensive resources on this page, since to do either well-requires knowledge of both.
Learning Resources
Need to brush up on Linux? Try https://linuxjourney.com/
Want help understanding a Linux command? https://explainshell.com/
Interested to explore coding? Check out https://www.codecademy.com/
Want to review the basics of different types of attacks? Here’s some lessons for you
https://www.hacksplaining.com/exercises
How would you like to learn more about Metasploit and help out a great charity? Go here to find out https://www.offensive-security.com/metasploit-unleashed/
Need some more information on Windows Event Logs https://www.ultimatewindowssecurity.com/securitylog/default.aspx
How about some free PowerShell video training direct from Microsoft?
https://mva.microsoft.com/en-US/training-courses/getting-started-with-microsoft-powershell-8276
https://mva.microsoft.com/en-US/training-courses/whats-new-in-powershell-v5-16434
For great sample policies and procedures, look here:
https://www.incidentresponse.com/resources/policies-plans/
Looking for great video training in digital forensics? Check out https://www.youtube.com/13cubed
Free Digital Forensics and Incident Response Tools
Capture the Flag and Other Challenges
Like capture the flag and similarly challenging games? You must check these out:
https://holidayhackchallenge.com/past-challenges/
https://overthewire.org/wargames/
http://captf.com/practice-ctf/
Blue team more your things? Check out these challenges to hone your skills https://www.amanhardikar.com/mindmaps/ForensicChallenges.html
Pentesting
Want to learn more about web application pentesting? Check out https://www.owasp.org (a good overview of their projects is here https://www.owasp.org/images/0/01/Owasp_Dev_Guide.pdf) and also explore https://pentesterlab.com/
Need some good wordlists for password cracking? Try:
https://wiki.skullsecurity.org/passwords
https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm
Other
And here’s some other sites with great information for continuing your journey into penetration testing and incident response:
- https://pen-testing.sans.org/blog
- https://digital-forensics.sans.org/blog
- https://cyber-defense.sans.org/blog
- https://securityweekly.com/
- http://opensecuritytraining.info/Training.html
- http://blog.commandlinekungfu.com/
- https://www.ultimatewindowssecurity.com/securitylog/default.aspx
- http://unctad.org/en/pages/dtl/sti_and_icts/ict4d-legislation/ecom-global-legislation.aspx
- https://www.unodc.org/cld/v3/cybrepo/legdb/index.html?lng=en
- https://www.iana.org/domains/root/db
- https://www.whois.com/whois
- https://www.iana.org/whois
- https://www.forwarddefense.com/en/article/references-pdf
- https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474
- https://blogs.technet.microsoft.com/ash/2016/03/02/windows-10-device-guard-and-credential-guard-demystified/
- https://www.slideshare.net/erikvanbuggenhout/windows-10-credentialguard-vs-mimikatz-sec599
- https://www.sans.org/webcasts/purple-team-updates-sec599-107810
- https://www.sans.org/webcasts/kolide-osquery-build-solid-queries-packs-incident-detection-threat-hunting-108790
- https://www.youtube.com/user/davisrichardg
- https://tisiphone.net/2015/08/18/giac-testing