Maxwell CTI
Search
CTRL + K
Maxwell CTI
Search
CTRL + K
AWS Practitioner
Amazon Course
AWS Definitions
Cloud Computing
EC2
IT resources
Module 0 - Course Overview
Module 1 - Introduction
Module 2 - Compute in the Cloud
Career Growth
Discord Comments and Job Hunting
Jon Hatch's Guide to Job Hunting
Definitions and Topics
AAA
Adversary
APT
backdoor
baselining
Bell-LaPadula Model
Berkeley Packet Filter Syntax
Biba Integrity Model
Business Continuity and Disaster Recovery Guide
C2
CIA Triad
CSIRT
DLP
EDR
Email harvesting
EQL
FOSS
GRC
Incident Response Plan
Indicators of Compromise
Kerberoasting
LAPS
Lateral movement
LLMNR
Look-alike domains
Malware
mDNS
NBT-NS
NDR
OSINT
OWASP
Password spraying
PII
Principle of Least Privilege
Privileged Access Management
Privileged Identity Management
Remote Shell
Rules of Engagement
SDLC
SID
SIEM
STRIDE
Subdomain Enumeration
Threat Modeling
TTPs
UEBA
VAD
vulnerability
XDR
Zero-day
Security Frameworks
Attack Surface Management
ASM Resources
Diamond Model
THM - Diamond Model
LM Cyber Kill Chain
Breaking the Kill Chain
KC Resources
THM - LM Cyber Kill chain
MITRE ATT&CK
ATT&CK Resources
MITRE ATT&CK Workshop
MITRE ATT&CK
NIST
NIST 800-53
800-53R5
NIST CSF
CSF Resources
NIST CSF
FISMA
Mermaid - NIST CSF
NIST Frameworks and SPs Overview
NIST SP 800-37
Unified Kill Chain
THM - Unified Kill Chain
SOC 2 Type II
Tool Deep-Dives
Linux
column
cut
deb-get
dpkg
Formatting Drives on Linux
fstab
grep
less
Linux Data Streams
Linux
lnav
lsblk
lsof
Named Pipe
PATH Variable
R core
Remmina
sed
ss
Ubuntu spin-up script
Upgrade vs Dist-Upgrade
vi
which
xrdp
Metasploit
Meterpreter
msfvenom
OSINT
crt-sh
dirb
ffuf
Gobuster
Google Dorking
Shodan
Sublist3r
Wappalyzer
Proxmox
Adding drives to Proxmox
Adding Network Ports
Changing Proxmox Server Name and Domain
Exporting VMs to run with QEMU
Mounting USB Drives in ProxMox
Networks
Proxmox PVE admin guide
Removing root
Python
Python Introduction
Python
SSH
OpenSSH
SSH
Wazuh
Wazuh
Windows
Active Directory
cmd.exe
LDP
NET
netstat
PowerShell
RDP
Sysmon
tasklist
Windows Firewall
Windows
WMI
wmic
Wireshark
Guides
Capture Traffic with Wireshark
Changing the Wireshark display
Dumpcap
GeoIP Databases
PCAP vs PCAPNG
Reading Information from the display
TCP Details
Wireshark Filters
Malware Traffic Analysis
Tutorials
00 - Getting Setup
2019-09-25 - Examining Trickbot Infections
Udemy - Chris Greer
S00 - Course Overview
S01-02 - Introduction
S03 - Configuring Wireshark
S04 - Filtering Traffic
S05 - Capturing Packets
S06 - Anatomy of a Packet
S07 - Practical IP Analysis
S08 - UDP Analysis
S09 - Practical TCP Analysis
S10 - Troubleshooting with Wireshark
Other resources
7zip
Atomic Red Team
BLUESPAWN
Certipy
DeepBlueCLI
Elastic Stack
Git
LAN turtle
LogonTracer
MITRE Engage
Netcat
Nikto
Nuclei
OpenEDR
Path Traversal
Purple Knight
Responder
Rubeus
SIDR
Velociraptor
Volatility
Webinars and Training
BHIS One-Offs
For the Love of the Windows Search Index with Alissa Torres
BlackHills MITRE
BHIS-I2S-lab-BLUESPAWN
BlackHills SOC Core
Labs
00-BHIS-SOCC-lab-Config
01-BHIS-SOCC-lab-LinuxHostConfig
BHIS-SOCC-lab-DeepBlueCLI
BHIS-SOCC-lab-FirewallLog
BHIS-SOCC-lab-LinuxCLI
BHIS-SOCC-lab-MemoryForensics
BHIS-SOCC-lab-Sysmon
BHIS-SOCC-lab-tcpdump
BHIS-SOCC-lab-WindowsCLI
Disable Windows Memory Integrity
Topics
SOCC01 - Networking and PCAPs
SOCC02 - Linux
SOCC03 - Windows Endpoint Management
SOCC04 - Server Log Analysis
SOCC05 - Memory Forensics
SOCC06 - Egress Traffic Analysis
SOCC07 - User and Entity Behavior Analytics
SOCC08 - Endpoint Protection
BHIS SOCC Notes Overview
Additional BHIS Courses or Videos
Maxwell CTI
Resources and Communities
mDNS
mDNS
Multicast DNS
resolves hostnames on "small" networks that don't have a name server.
Metadata
Sources
Multicast DNS - Wikipedia
Tags
#defs_sec