A collection of info and links to various useful cybersecurity resources
CIS Benchmarks (https://www.cisecurity.org/cis-benchmarks)
Microsoft Certificate Services Simple Install Guide OR Detailed Install Guide
Microsoft 802.1x RADIUS/NPS Guidance (https://github.com/Xorlent/Cybersec-Links/blob/main/Microsoft-NPS.md)
Other Tips (https://github.com/Xorlent/Cybersec-Links/blob/main/Helpful-Tips.md)
Microsoft MCM/SCCM hardening guidance (https://github.com/subat0mik/Misconfiguration-Manager)
OpenEDR, free cloud-based EDR (https://www.openedr.com)
Wazuh, free on-premise EDR (https://wazuh.com/platform/)
Quad9 filtered DNS (https://www.quad9.net)
Hagezi DNS filter lists (https://github.com/hagezi/dns-blocklists)
AbuseIPDB (https://www.abuseipdb.com)
RPC Firewall, from the fine folks at Zero Networks (https://github.com/zeronetworks/rpcfirewall)
Library of vulnerable Windows driver hashes. Load these into your EDR for detection - the results can be a real eye-opener.
Win32 app isolation - Experimental (https://github.com/microsoft/win32-app-isolation)
Malware Bazaar sample lookup (https://bazaar.abuse.ch/browse/)
Windows Blue Team security pack (https://github.com/OsbornePro/BTPS-SecPack)
Windows Sysmon Configurator (https://github.com/olafhartong/sysmon-modular) - Link to Microsoft Sysmon
Canary Tokens (https://docs.canarytokens.org/guide/getting-started.html)
RITA (https://www.activecountermeasures.com/free-tools/rita/) - you can convert PCAP files or use a mirror port for real-time analysis
AD Certificate Services auditor (https://github.com/GhostPack/PSPKIAudit)
Bloodhound/Sharphound AD auditor (https://github.com/BloodHoundAD)
Purple Knight AD auditor (https://www.purple-knight.com)
OpenVAS vulnerability scanner (https://openvas.org)
CrowdStrike AzureAD/O365 security auditor (https://www.crowdstrike.com/resources/community-tools/crt-crowdstrike-reporting-tool-for-azure/)
Project Discovery Nuclei (https://github.com/projectdiscovery/nuclei)
BeEF, the Browser Exploitation Framework - putting this here until I make a red team category (https://github.com/beefproject/beef)
Securonix Threat Sweeper / IOCs (https://github.com/Securonix/AutonomousThreatSweeper)
Sigcheck by Sysinternals (https://learn.microsoft.com/en-us/sysinternals/downloads/sigcheck)
Cloudflare Page Shield (https://blog.cloudflare.com/making-content-security-policies-csps-easy-with-page-shield/)
Enzoic Free and Simple Web Password Hygiene (https://docs.enzoic.com/enzoic-api-developer-documentation/password-strength-meter/example)
Simply Static - Convert a Wordpress site to 100% static Cloudflare Pages site! (https://wordpress.org/plugins/simply-static/)
Darknet Diaries (https://darknetdiaries.com)
Hacked (https://pod.link/1049420219)
BHIS, Talkin' About Infosec News (https://www.blackhillsinfosec.com/podcasts/)
Malicious Life (https://www.cybereason.com/blog/category/podcasts)
Security Now (https://www.grc.com/securitynow.htm)
Cyberwire Daily (https://thecyberwire.com/podcasts/daily-podcast)
Down the Security Rabbithole (https://chartable.com/podcasts/down-the-security-rabbithole)
Enzoic Password Hygiene for Active Directory (https://www.enzoic.com/active-directory-password-monitoring/)
Silverfort Identity Protection (https://www.silverfort.com/product/)