Online Reading
I like to use Inoreader to organise my online reading, sorting feeds into specific categories. Rules can be created to - for example - trigger a Microsoft Teams webhook when an article matching a specific criteria is added. One potential use case is creating a Teams channel for tracking vulnerabilities in products that you use.
In addition to RSS feeds, some other valuable information aggregators are:
Newcomers to the industry may also find Curated Intel’s CTI Fundamentals repository useful. It offers an extensive list of blog posts, whitepapers and presentations to help guide and support your learning.
Twitter Lists
The following are lists which are strictly curated to improve signal:noise ratio. All of these are also available to be followed on my profile. It’s advised that you supplement these with a set of muted words that further filter out undesirable content.
I highly recommend TweetDeck as a web client or Nitter as an alternative. Nitter also offers an RSS export of feeds that can be ingested into your RSS reader of choice.
Books
Cyber Intelligence
- Intelligence-Driven Incident Response by Scott J. Roberts and Rebekah Brown
- Open Source Intelligence Techniques by Michael Bazzell
- Operationalizing Threat Intelligence by Kyle Wilhoit and Joseph Opacki
Malware Analysis
- Malware Analyst’s Cookbook by Michael Ligh
- Practical Malware Analysis by Michael Sikorski
Reverse Engineering
- Practical Reverse Engineering by Bruce Dang
- The Art of Memory Forensics by Michael Ligh, Andrew Case, Jamie Levy and Aaron Walters
- Windows Internals (Part 1) by Mark Russinovich
- Windows Internals (Part 2) by Mark Russinovich
Exploit Development
- Hacking: The Art of Exploitation by John Erickson
Development
- C A Software Engineering Approach by Peter A. Darnell and Philip E. Margolis
- Learn Python the Hard Way by Zed Shaw
- Violent Python by TJ O’Connor
Detection Engineering
- The Practice of Network Security Monitoring: Understanding Incident Detection and Response by Richard Bejtlich
Red Teaming
- Red Team: How to Succeed By Thinking Like the Enemy by Micah Zenko
- Red Team Development and Operations: A practical guide by Joe Vest and James Tubberville
- Red Teams and Counterterrorism Training by Stephen Sloan
- The Red Team Handbook by The University of Foreign Military and Cultural Studies
Physical Security
- A Burglar’s Guide to the City by Geoff Manaugh
Social Engineering
- Social Engineering: The Art of Human Hacking by Christopher Hadnagy
- The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Analytical Techniques
- A Rulebook for Arguments by Anthony Weston
- Psychology of Intelligence Analysis by Richards J. Heuer Jr.
Warfare Studies
- Deciphering Sun Tzu: How to Read The Art of War by Derek Yuen
- Dirty Wars: The World Is a Battlefield by Jeremy Scahill
- Silent Warfare: Understanding the World of Intelligence by Abram Shulsky and Gary Schmitt
- Terrorism and Counterintelligence: How Terrorist Groups Elude Detection by Blake Mobley
- Tolkachev, A Worthy Successor to Penkovsky by Barry Royden
Finance
- Business Adventures by John Brooks
- One Up On Wall Street by Peter Lynch
- The Art and Science of Technical Analysis by Adam Grimes
- Trading Wisdom: 50 lessons every trader should know by Cheds
Training
- Attack Detection Fundamentals by @FSecureLabs
- Blue Team Labs Online by @BlueLabsOnline
- Courses & Certifications by @offsectraining
- Exploit Writing by @corelanc0d3r
- MalDev Academy by @mr.d0x and @NUL0x4C
- Red Team Ops by @zeropointsecltd
- Reverse Engineering Workshops by @malwareunicorn
- The Beginner Malware Analysis Course by @0verfl0w_
- Zero2Automated: The Advanced Malware Analysis Course by @0verfl0w_ and @VK_Intel
Podcasts
- Bellingcat Podcast
- Darknet Diaries
- Red Team Podcast
- Recorded Future
- SpyCast
- The Privacy, Security, & OSINT Show
- The Underworld Podcast
Channels
Infosec
- Colin Hardy
- FIRST
- hasherezade
- IppSec
- LiveOverflow
- MalwareAnalysisForHedgehogs
- OALabs
- Raphael Mudge
- SANS Digital Forensics and Incident Response
- Virus Bulletin