As some of you
might know, I’m heavily into the infosec topic and try to pick up as much as I
can from this community. By the time I spend on it, I discovered a lot of websites
that helped me dive into infosec. So here they are, my most used infosec
websites!
Cisco
Talos Blog
The Cisco
Talos Intelligence Group is a Cisco associated group of researchers that hunt
down and observe threats, offers whole drilldowns of malware and hosts
webinars. They also upload two Podcasts, “Talos Takes” and “Beers with Talos”. Talos
Takes is the perfect five-minute roundup of varying topics in infosec and Beers
with Talos is exactly what the name promises: a casual funny round of security
experts, hanging out and talking about what is up on their radar. Personally, I
love waking up on a Saturday and listen to the newest Beers with Talos episode
while drinking my first coffee of the day. I can also only recommend the weakly
threat-newsletter! If you don’t have a lot of time to read security news
(although it is an important part in infosec) this is the place to go to know
everything you need.
https://blog.talosintelligence.com/
Try Hack
Me
This is the
perfect platform if you come with no infosec skill and want to build it up from
scratch. The beginner labs start from the very bottom ground and while it does
help to have basic understanding in information technology, the Try Hack Me
rooms generally have a very guiding nature. Most of the labs also provide VM’s
that can be deployed to practice on the topic and work out the quiz-answers to
finish the room. Some rooms can be accessed for free while for others a premium
subscription is needed. So far, for money reasons, I only have a free account,
but I still have a lot of rooms on my agenda bevor I need to upgrade to premium.
https://tryhackme.com
Hack The
Box
HTB is
another learning- and playing ground for rising hackers. Next to the academy,
what is really like the Try Hack Me platform but a little more challenging, they
also provide “machines”. These are constantly changing challenges that are cycling
through the platform and are designed to be done like an endless CTF-tournament.
If you want to sign up for this part of the HTB-platform, the first challenge starts
right there: you need to hack your way in to access the invite-code needed. By side
of the academy and the machines, HTB also hosts various CTF-tournaments on
their CTF-platform. Having fun in the HTB cosmos is the perfect thing if you
have at least a basic level in IT and search for almost endless challenges
and fun!
https://www.hackthebox.eu/
https://academy.hackthebox.eu/
https://app.hackthebox.eu
https://ctf.hackthebox.eu/
Virus
Total – and almost every other threat-database
If blue-teaming
is a thing to you, rich databases of threats and malware that was discovered
recently is one of your main tools. Virus Total is an excellent example for a
good resource to run searches if you came along something suspicious. You can
search by URL, IP-address, domain or Hash and also run scans on URLs or submit malicious
files to the DB. Virus Total can give you an overview of if the file was
flagged malicious by AV-software and details other users discovered. A more
advanced DB but under the same scope is the MITRE ATT&CK framework which
provides a mass of information about threat-actors and their tactics and techniques.
https://www.virustotal.com/gui/
https://attack.mitre.org/