Online Reading

I like to use Inoreader to organise my online reading, sorting feeds into specific categories. Rules can be created to - for example - trigger a Microsoft Teams webhook when an article matching a specific criteria is added. One potential use case is creating a Teams channel for tracking vulnerabilities in products that you use.

• Geopolitical News
• Infosec Reading
• Vulnerability Tracking

In addition to RSS feeds, the APT & CyberCriminal Campaign Collection GitHub repo can save you a lot of time. Clone a local copy of it and keep it sync’d!

Newcomers to the industry may also find my Threat Intelligence learning resource useful. It offers a summary of the basics and an extensive list of blog posts, whitepapers and presentations to help guide and support your learning.

Twitter Lists

Ensure that you make these Private lists. I highly recommend Tweeten as a desktop client and TweetDeck as a web client.

• Cryptocurrency
• Defensive Intel
• Geopolitical Intel
• Offensive Intel

Books

• Practical Malware Analysis by Michael Sikorski
• Malware Analyst’s Cookbook by Michael Ligh
• Practical Reverse Engineering by Bruce Dang
• Windows Internals (Part 1) by Mark Russinovich
• Windows Internals (Part 2) by Mark Russinovich
• The Art of Memory Forensics by Michael Ligh, Andrew Case, Jamie Levy and Aaron Walters
• Hacking: The Art of Exploitation by John Erickson
• Violent Python by TJ O’Connor
• The Practice of Network Security Monitoring: Understanding Incident Detection and Response by Richard Bejtlich
• Open Source Intelligence Techniques by Michael Bazzell
• Intelligence-Driven Incident Response by Scott J. Roberts and Rebekah Brown
• A Rulebook for Arguments by Anthony Weston
• A Burglar’s Guide to the City by Geoff Manaugh
• Terrorism and Counterintelligence: How Terrorist Groups Elude Detection by Blake Mobley
• Allen Dulles’s 73 Rules of Spycraft by James Srodes
• Tolkachev, A Worthy Successor to Penkovsky by Barry Royden
• Silent Warfare: Understanding the World of Intelligence by Abram Shulsky and Gary Schmitt
• Deciphering Sun Tzu: How to Read The Art of War by Derek Yuen
• Red Team: How to Succeed By Thinking Like the Enemy by Micah Zenko
• The Red Team Handbook by The University of Foreign Military and Cultural Studies
• Red Teams and Counterterrorism Training by Stephen Sloan
• Dirty Wars: The World Is a Battlefield by Jeremy Scahill
• Social Engineering: The Art of Human Hacking by Christopher Hadnagy
• The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
• Business Adventures by John Brooks
• Trading Wisdom: 50 lessons every trader should know by Cheds
• One Up On Wall Street by Peter Lynch

Training

• Reverse Engineering Workshops by @malwareunicorn
• The Beginner Malware Analysis Course by @0verfl0w_
• Zero2Automated: The Advanced Malware Analysis Course by @0verfl0w_ and @VK_Intel
• Attack Detection Fundamentals by @FSecureLabs
• Exploit Writing by @corelanc0d3r

Podcasts

• Red Team Podcast
• Adversarial Conversations
• Darknet Diaries
• Defensive Security Podcast
• Collective Intelligence
• Recorded Future
• State of the Hack
• The Privacy, Security, & OSINT Show
• The Underworld Podcast
• Bellingcat Podcast

Channels

Infosec

• SANS Digital Forensics and Incident Response
• FIRST
• OALabs
• Virus Bulletin
• hasherezade
• IppSec
• MalwareTech
• Colin Hardy
• LiveOverflow
• MalwareAnalysisForHedgehogs
• Raphael Mudge

Locksport

• Bosnianbill
• Lock Noob
• LockPickingLawyer
• Michael Maynard