My last 10 year’s material collection on offensive & defensive security, GRC, risk management, technical security guidelines and much more.
FYI – This repo is a collection of my contents
I have been writing contents occasionally throughout my career at various places. I decided to collect, organize and share everything here. Hence created this repo. A few of the content might not be relevant now as they are of 2012 and 2013, but I decided to add them here. Knowing them might populate new ideas to anyone’s brain, so good to add it here as FYI.
List of contents:
- Defensive Security:
- Risk-based Vulnerability Management Approach
- YouTube Talk – External attack surface management in Blue team
- SOC monitoring mindmap
- External attack surface management
- Shadow IT + Threat intelligence architecture
- VM program key factors
- Email security mindmap
- Threat intelligence feeds collection
- Vulnerability management tips
- Webinar – Building a vulnerability management program for your organization
- Building a threat intelligence division for your organization – 1
- Building a threat intelligence division for your organization – 2
- Building a threat intelligence division for your organization – 3
- Building a threat intelligence division for your organization – 4
- Fool the network hunters
- Application security maturity assessment in blue team
- Building a vulnerability management program for your organization
- Vulnerability Management end-to-end workflow diagram
- Vulnerability Management Program Key Factors
- Shadow IT + Threat Intel – Architecture Overview for Blue team
- iOS device security for SOC team
- Practical Browser Forensics Checklist
- DevSecOps risk assessment framework
- DevSecOps 201 checklist
- Incident management maturity assessment
- Vulnerability management tips
- Network architecture review checklist
- Threat hunting methodology
- AV EDR solution selection criteria
- Threat intel feed sources mindmap
- Data driven threat modeling case study – customer PII/PHI
- Offensive Security:
- A complete web application pentest checklist
- Marcomino – Malicious Macros Checklist
- Frogy – My own subdomain enumeration tool
- Bucketbunny – Automation for open s3 bucket pocs for pentest/bugbounty/red-teamingsl
- Puttly – script to test PUT method with verification of uploaded file
- Network VAPT checklist
- Dirty C0w Vulnerability Demo (CVE-2016-5195) – A privilege escalation vulnerability in the Linux Kernel
- Windows Command Injection Vulnerability for a Command Shell
- Powered e-Commerce Application Pentesting
- SSH Pentest checklist
- Bug-bounty Tips & Motivation
- Mobile Security (Android/iOS/hardware OS):
- iOS Application Security – xCON Switch – Enable/Disable Detection without removing xCON Application from Cydia
- Android OS phone security hardening guide
- Android Application Security – Using hmacSHA256 Encryption For Tamper Proof Request & Response
- Xiaomi’s Analytics Application Security & Privacy Concern
- Android Application Hardening Checklist For Developers
- Android Kiosk Browser Lock down Security Testing Checklist
- Android Application Backup Vulnerabiility Testing
- Android Anti Java Hooking – Adding Layer to your SSL pinning and Root detection
- Blocking Adwares on Android – Protect against malwares and privacy
- Messeging Apps Privacy Factors to Consider
- Risk Management/GRC/Compliance:
- General Cybersecurity:
- How to successfully break into Cybersecurity?
- Diversity in Cybersecurity – Video Interview
- Diversity in Cybersecurity Mindmap
- 21 myths in the cybersecurity world
- My talk on gender diversity for InfosecGirls community
- Malware/EDR solutuon evaluation criteria for purchase
- Cyber tranTransparency
- Security management challanges over the year
- Securing remote workspace during COVID-19
- Security awareness program maturity
- Security management challenges over the years
- Hindi Language – How to be safe from online scams
- 21+1 myths in Cybersecurity world
- Cryptocurrency:
Warning/Disclaimer: Read the detailed disclaimer at my blog –
https://github.com/iamthefrogy/Disclaimer-Warning/blob/main/README.md
Leave a Reply