Essential Resources for BlueTeam in Cyber Security

By /

Table of Contents

Learning/skills upgrade platforms

  1. Lets defend: https://www.letsdefend.io/
  2. Cyberdeenders : https://cyberdefenders.org/
  3. Tryhackme: https://tryhackme.com/
  4. Hackthebox : https://www.hackthebox.com/
  5. blueteamlabs : https://blueteamlabs.online/
  6. TCM SEC: https://academy.tcm-sec.com/p/security-operations-soc-101

Certifications

  1. OffSec : SOC – 200 [OSDA]
  2. cyber Defenders: CCD
  3. Microsoft: Security Operations Analyst Associate

Digital Forensics Incident Response

Disk and Memory Forensics Tools

  1. Encase
  2. FTK
  3. Sleuth Kit/Autopsy
  4. Volatility

Network Forensics Tools

  1. Wireshark
  2. NetworkMiner

Incident Response Platforms

  1. TheHive
  2. MISP (Malware Information Sharing Platform)
  3. Cortex

Log Analysis Tools

  1. Splunk
  2. ELK Stack (Elasticsearch, Logstash, Kibana

Malware Analysis

  1. IDA Pro
  2. Ghidra
  3. Cuckoo Sandbox
  4. any.run

Endpoint Detection and Response (EDR)

  1. CrowdStrike Falcon
  2. Carbon Black

Mobile Forensics Tools

  1. Cellebrite UFED
  2. Oxygen Forensic Suite

Threat Intelligence

Commercial Threat Intelligence Platforms

  1. Recorded Future
  2. FireEye Threat Intelligence
  3. IBM X-Force Exchange
  4. Anomali ThreatStream
  5. ThreatConnect

Open Source Threat Intelligence Tools

  1. MISP (Malware Information Sharing Platform)
  2. Open Threat Exchange (OTX)
  3. CIRCL Passive DNS

Threat Intelligence Feeds

  1. AlienVault OTX
  2. VirusTotal
  3. Abuse.ch
  4. Palo Alto Networks AutoFocus

Analysis and Enrichment Tools

  1. Maltego
  2. PassiveTotal
  3. DomainTools

Threat Intelligence Automation and Orchestration

  1. SOAR (Security Orchestration, Automation, and Response)
  2. STIX/TAXII

Threat Intelligence Communities and Sharing Platforms

  1. Information Sharing and Analysis Centers (ISACs)
  2. FS-ISAC
  3. Health-ISAC

Threat Intelligence Enrichment Tools

  1. GreyNoise
  2. Shodan
  3. Have I Been Pwned

Threat Intelligence Reporting and Visualization

  1. Kibana (ELK Stack)
  2. Threat Intelligence Platforms (TIPs)

Other Useful Tools

  1. YARA
  2. Sysinternals Suite

when I find good resources or if you find good resources mentioned in the comments I’ll update the blog

Thanks for Reading

2 thoughts on “Essential Resources for BlueTeam in Cyber Security”

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top