Cybersecurity-Docs

📂 Indice de Documentos

• Gestão de Segurança
  • Gestão de Segurança de Informação
  • CVSS 3.1 - Documento
  • Cyber Security Evaluation Tool (CSET) - CISA
  • CVSS Calculator 3.1
  • Guia de Aplicação CVSS
  • Análise de Risco
  • CIS Critical Security Controls® v8
  • CIS Benchmarks de Configurações Seguras e Mitigação
  • CISA Guide Implementing Number Matching in MFA Applications
  • NIST SP 800-63 - Digital Identity Guidelines
  • NIST SP 800-63B - Authentication and Lifecycle Management
  • NIST SP 800-30 - Guide for Conducting Risk Assessments
  • NIST SP 800-40 - Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology
• Industrial Control Systems
  • Design and Configuration of IPS, IDS and SIEM in ICS
• Malwares
  • Investigação de Malware em Rede com Wireshark
• Hardening
  • Boas Práticas de Hardening em Endpoints
  • Práticas Comuns de Hardening de EDR em Windows
  • LOLBin
  • Atualização de Patches
  • DevSec Hardening Framework
• AAA Framework / IAM
  • IDPro
  • OWASP Authentication Cheat Sheet
  • OWASP Password Storage Cheat Sheet
  • OWASP Choosing and Using Security Questions Cheat Sheet
• Modelos de Ameaça
  • STRIDE Framework
  • PASTA Framework
  • Trike Framework
  • VAST Framework
• Redes e Servidores
  • Perfilamento de Servidores
  • Análise de Anomalia de Rede
  • Firewall Essentials
  • FortiGate VPN with Azure
  • OWASP Web Security Testing Guide: Testing for Authentication
  • Guia do Usuário Wireshark
  • Documentação Tcpdump
  • Tutorial Tcdump
• SOC
  • SOC Automation Lab Guide
  • integration of Sysmon with Wazuh SIEM
  • Wazuh
  • Integração Wazuh com Powershell
  • Instalação Wazhu em VM Ubuntu
  • Blue Team Tools
  • Laboratório SIEM CyberBlue
  • BloodHound
  • Purple Knight
  • Cymulate
  • Suricata
  • Documentação Suricata
  • Criação de Regras do Suricata
  • Joe sandbox
  • Any.Run
  • Cuckoo Sandbox
  • Hybrid Analysis
  • ATT&CK Navigator
  • MITRE ATT&CK Framework
  • Syslog Protocol RFC
  • Timestamp RFC
  • Procmon
  • Procexp
  • Análise de Registros Importantes do Windows
  • Cyber Kill Chain - Lockheed Martin
• Threat Hunting / Intelligence
  • IntelTechniques
  • Whois
  • Whois BR
  • Consulta certificados SSL
  • Virus Total
  • Censys
  • Shodan
  • Urlscan
  • Amass
  • Urlhaus Database
  • Knock Subdomain Scan
  • MITTRE ATT&CK
  • FOFA
  • The Threat Hunting Project
  • TAG - Threat Analysis Group - Google
  • Malware Bazaar
  • Jotti VirusScan
  • Auto Reputation - Automação de Análise de IP e Domínio com IA
  • Threat Hunting com Suricata
  • MISP Threat Sharing
  • Flowsint
  • Joe sandbox
  • Any.Run
  • Cuckoo Sandbox
  • Hybrid Analysis
  • Data Breach Investigations Report - Verizon
  • Awesome Threat Intelligence
  • APT & Cybercriminals Campaign Collection
• Resposta à Incidentes
  • Plano de Respostas à Incidentes - ACSC
  • Ransonware Playbook - CCCS
  • Modelos de Playbooks - SC3
  • Manuseio de vulnerabilidade e diretrizes relacionadas - JPCERT/CC
  • NIST 800-61 - Computer Security Incident Handling Guide
  • NIST SP 800-61 Rev. 2 - Computer Security Incident Handling Guide
  • NIST SP 800-61 Rev. 3 - Incident Response Recommendations and Considerations for Cybersecurity Risk Management
  • Guia de Investigação Inicial de Incidente
  • Delienamento de Severidade e Extenção de um Incidente
  • Documentação OpenIOC
  • Documentação YARA
  • Crowdstrike Incident Response Tracker Template
  • SOC Incident Response Playbook
  • VERIS

This site is open source. Improve this page.