Recursos Adicionales de Aprendizaje Taller Cyberseguridad UTEC

Transcript

1. Recursos Taller Cyberseguridad

2. Libros Windows • Windows Internals (partes 1 y 2)– Mark

   Russinovich • Serie Inside Out • Windows Registry Troubleshooting Linux • How Linux Works: What Every Superuser Should Know - Brian Ward • Linux: The Complete Reference – Richard Petersen • Linux Kernel Development – Robert Love • The LDP

3. Online • Open Security Training • Cybrary • Computer Security

   Student • European Union Agency for Network and Information Security - ENISA • Securitytube

4. Docker • docker pull kalilinux/kali-linux-docker official Kali Linux • docker

   pull owasp/zap2docker-stable - official OWASP ZAP • docker pull citizenstig/dvwa - Damn Vulnerable Web Application (DVWA) • docker pull wpscanteam/vulnerablewordpress - Vulnerable WP Installation • docker pull opendns/security-ninjas - Security Ninjas • docker pull ismisepaul/securityshepherd - OWASP Security Shepherd • docker pull danmx/docker-owasp-webgoat - OWASP WebGoat Project • docker-compose build && docker-compose up - OWASP NodeGoat • docker pull citizenstig/nowasp - OWASP Web Pen-Test Practice Application • docker pull bkimminich/juice-shop - OWASP Juice Shop

5. Distros y Repositorios • Kali • ArchStrike • BlackArch •

   NST - Network Security Toolkit • Pentoo • BackBox • Parrot • Buscador • Fedora Security Lab

6. Pen-testing • Metasploit Unleashed - Curso de Metasploit de Offensive

   Security • PTES - Penetration Testing Execution Standard • OWASP - Open Web Application Security Project • PENTEST-WIKI - Libreria gratuita de conocimiento para pentesters Vulnerability Assessment Framework - Penetration Testing Framework. • XSS-Payloads - Documentacion, juegos, payloads y mas recursos

7. Desarrollo de exploits • www.vividmachines.com/shellcode/shellcode.html - Tutoriales para la escritura

   de shellcode • www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part- 1-stack-based-overflows/ - Escritura de exploits

8. OSINT • OSINT Framework - Herramientas OSINT desagregadas por categoría

   • Intel Techniques - Coleccion de herramientas OSINT • NetBootcamp OSINT Tools - Links de OSINT e interfaces a servicios web como pastes o como graph search de FB

9. Ingenieria Social y herramientas • Social Engineering Framework • SET

   • KingPhisher