Cybersecurity
Cybersecurity involves securing IT systems against external threats. There are 3 categories of people:
- β¬ White hats: hackers that follow the rules, try to benefit others
- π«οΈ Grey hats: hackers that are usually not following the rules, but often benefiting others (take down malicious websites)
- β¬ Black hats: criminals/hackers. See blackhat.com.
π White hats are also called Ethical hackers.
Terminology
This section regroups common terms used in red and blue teams.
- Vulnerability/weakness: a failure/flaw in a system
- Exploits: code that makes use of a vulnerability to gain access to a machine, install malware, steal data...
- 0 Day/Zero day: an unknown vulnerability that was just discovered
- CTF (Capture The Flag): a training exercise to help students learn about cybersecurity, by solving challenges and capturing the flag.
- Advanced Persistent Threat (APT): a hacker wants to remain as long as possible within an infected network. They are using backdoors, and keep updating the code to avoid being discovered.
Some well-known malware types (source)
- ransomware π: locks your system and asks for a ransom.
- adware π°: they hide and show ads in the browser. They may monitor the user to show relevant ads.
- spyware π΅οΈ: they hide, monitor users, and steal credentials...
- trojan horse π : they are programs pretending to do something, while actually performing some malicious activities.
- cryptojacking βοΈ: hides and mines currencies on your computer.
- virus π: attached to a program, replicates itself, and spreads.
Famous attacks
| Classification | Notes |
|---|---|
| Estonia (2007) DDOS |
The first major attack against a country. A Russian group used botnets from 87 countries to attack Estonian banks/... |
| Stuxnet (2010) SCADA |
The first attack aimed at SCADA systems. An infected USB key was connected to a computer on the internal network. One of the 3 viruses of the "olympic games" along DuQu, and Flame. Supposedly made by the NSA and Iran. |
| Mirai botnet (2016) DDoS |
... |
| WannaCry (2017) Ransomware |
Use a vulnerability in Windows. The exploit was created by the NSA and stolen by hackers in 2013. The NSA notified Microsoft when this virus was released so that they patch it. Used in 2017 by North Korea, infected 200 000 computers. Auto-replicating virus, asking for a ransom. The NSA added a kill switch to the exploit, allowing anyone knowing it to stop the propagation. |
| SolarWinds (2020) Supply-chain |
... |
Learn π
Theoretical π¨
- TryHackMe (a.k.a. THM): many free courses, enjoyable/gratifying
- academy.hackthebox.com: not many "free" courses, and they are mixing too many subjects in one course (sort of MOOCs)
Practical π«
- HackTheBox (HTB)
- root me
- TryHackMe (THM)
- OverTheWire/UnderTheWire
- vulnhub
- capturetheflag.withgoogle.com
- List of CTFs websites
- attackdefense
- virtualhackinglabs
- pwnable.kr
Bug bounty programs π° (bug bounty programs list)
Some companies are giving bounties to ethical hackers that detected exploits in their infrastructures.
- bounty.github.com (GitHub)
- huntr.dev (open-source repositories)
- BugBountyHunter.com
- intigriti.com
- zerodayinitiative
- ssd-disclosure
News π°
Not tested π» - may be either theoretical, practical, or both.
- hackerone.com
- PortSwigger
- rapid7
- codered.eccouncil.org
- hackerrank
- sans.org: cyberaces
- Red Team Nation
- cybr.com
- academy.tcm-sec.com
- appsec-labs.com
- pentesterlab
- cybertalents
- crowdstrike
- cybersecurityeducation.org
- securityawareness
- bugbountyhunter training
- notsosecure
- cyberhack
- application.security
- securecodewarrior
- Udemy, Coursera...
Websites π
HackTheBox Write-Ups
TryHackMe Write-Ups
Useful bits of knowledge π±
Still at human scale and useful to learn some topics.
- 0xrick, mikadmin (20 or so)
- tbhaxor.com (150 articles or so)
Blogs π
This is a list of blogs that I want to check out one day. There are too many piling up, so I filter them and keep the most interesting ones.
π» To-do π»
Stuff that I found, but never read/used yet.