This page contains links to couple of interesting training resources, tools and other material useful for Incident Response, Penetration Testing, Malware Analysis and other security-related activities.
Although I’ve placed it here mainly for myself and students of my security courses, if you find it useful, it is also accessible through the easily remembered URL csirt.xyz.
Security Monitoring and Incident Response
- Standards and Best Practices
- ENISA Good Practice Guide for Incident Management
- NIST Computer Security Incident Handling Guide (SP 800-61r2)
- SIM3: Security Incident Management Maturity Model
- SOC-CMM
- Handbook for Computer Security Incident Response Teams (CSIRTs)
- Reference Security Incident Taxonomy (RSIT) (current version)
- FIRST CSIRT/PSIRT Services Framework
- MaGMa Use Case Framework
- Traffic Light Protocol (TLP)
- Incident Response Hierarchy of Needs
- Training Resources
- Collections of resources
- Tools
- Misc
Threat Hunting
- Methodologies and Best Practices
- Collections of resources
- Training Resources
- Misc
Penetration Testing
- Methodologies and Best Practices
- OWASP Web Security Testing Guide (WSTG) v4.2
- Open Source Security Testing Methodology Manual (OSSTMM) v3
- Open Source Security Testing Methodology Manual (OSSTMM) v2.1
- Information Systems Security Assessment Framework (ISSAF) v0.2.1
- Penetration Testing Execution Standard (PTES)
- NIST Technical Guide to Information Security Testing and Assessment (SP 800-115)
- FedRAMP Penetration Test Guidance v2.0
- CREST - A guide for running an effective Penetration Testing programme
- Training Resources
-
Collections of resources
Malware Analysis
- Training Resources
- Collections of resources
Application Security
- Standards and Best Practices
- Avoiding the Top 10 Software Security Design Flaws
- CVSS - Common Vulnerability Scoring System v3.1
- NIST Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy (SP 800-37r2)
- NIST Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems (SP 800-160 Vol. 1)
- OWASP Application Security Verification Standard
- OWASP SAMM - Software Assurance Maturity Model
- OWASP Secure Coding Practices Quick Reference Guide
- OWASP Top 10 - 2017
- SEI Secure Design Patterns