* @shehackspurple& #39;s online learning platform
* Free #AWS/ #Azure security course by @appseccouk
* Tools for continuous cloud and container security
* A VM with 8 C2 frameworks to play with
* ZAP GitHub Action
* Use @fridadotre w/ Burp https://tldrsec.com/blog/tldr-sec-031">https://tldrsec.com/blog/tldr...
Support security content creators!
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🌈" title="Rainbow" aria-label="Emoji: Rainbow">
https://abs.twimg.com/emoji/v2/... draggable="false" alt="💰" title="Money bag" aria-label="Emoji: Money bag">
Check out @shehackspurple teaching #DevSecOps, #AppSec, and cloud security: https://www.shehackspurple.dev/
https://www.shehackspurple.dev/">... href="https://twitter.com/DanielMiessler">@DanielMiessler& #39;s newsletter: https://danielmiessler.com/subscribe/
https://danielmiessler.com/subscribe... href="https://twitter.com/lancinimarco">@lancinimarco writing about cloud security: https://www.buymeacoffee.com/marcolancini ">https://www.buymeacoffee.com/marcolanc...
Check out @shehackspurple teaching #DevSecOps, #AppSec, and cloud security: https://www.shehackspurple.dev/
https://www.shehackspurple.dev/">... href="https://twitter.com/DanielMiessler">@DanielMiessler& #39;s newsletter: https://danielmiessler.com/subscribe/
https://danielmiessler.com/subscribe... href="https://twitter.com/lancinimarco">@lancinimarco writing about cloud security: https://www.buymeacoffee.com/marcolancini ">https://www.buymeacoffee.com/marcolanc...
Brida, a Burp extension that bridges @Burp_Suite and @fridadotre by @apps3c
https://techblog.mediaservice.net/2020/04/brida-0-4-is-out/
Web">https://techblog.mediaservice.net/2020/04/b... interface to manipulate Android Java classes and methods at runtime by @mobilesecurity_ https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security">https://github.com/m0bilesec...
Massive list of open source tools from @RSAConference 2020
https://www.rsaconference.com/rsac-programs/open-source-tools
C">https://www.rsaconference.com/rsac-prog... experts panel AMA including my friend @RCS
https://news.ycombinator.com/item?id=22865357
ZAP">https://news.ycombinator.com/item... baseline scan GitHub Action https://www.zaproxy.org/blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/">https://www.zaproxy.org/blog/2020...
https://www.rsaconference.com/rsac-programs/open-source-tools
C">https://www.rsaconference.com/rsac-prog... experts panel AMA including my friend @RCS
https://news.ycombinator.com/item?id=22865357
ZAP">https://news.ycombinator.com/item... baseline scan GitHub Action https://www.zaproxy.org/blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/">https://www.zaproxy.org/blog/2020...
Great site by @Cloudflare that gives a nice overview of BGP security, including a 1-click button to check if your ISP is doing BGP securely (it& #39;s probably not)
https://isbgpsafeyet.com/
Concise">https://isbgpsafeyet.com/">... overview of TLS 1.3 security benefits by @netflix https://netflixtechblog.com/how-netflix-brings-safer-and-faster-streaming-experience-to-the-living-room-on-crowded-networks-78b8de7f758c">https://netflixtechblog.com/how-netfl...
https://isbgpsafeyet.com/
Concise">https://isbgpsafeyet.com/">... overview of TLS 1.3 security benefits by @netflix https://netflixtechblog.com/how-netflix-brings-safer-and-faster-streaming-experience-to-the-living-room-on-crowded-networks-78b8de7f758c">https://netflixtechblog.com/how-netfl...
@HashiCorp Enforcing S3 Security Best Practices Using Terraform & Sentinel
https://medium.com/hashicorp-engineering/enforcing-aws-s3-security-best-practice-using-terraform-sentinel-ddcd181ff4b7
Identify">https://medium.com/hashicorp... vulns in containers, images, hosts & repositories using @deepfence& #39;s Runtime Threat Mapper
https://github.com/deepfence/ThreatMapper">https://github.com/deepfence...
@appseccouk cloud training
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🔥" title="Fire" aria-label="Emoji: Fire"> https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training">https://github.com/appsecco/...
https://medium.com/hashicorp-engineering/enforcing-aws-s3-security-best-practice-using-terraform-sentinel-ddcd181ff4b7
Identify">https://medium.com/hashicorp... vulns in containers, images, hosts & repositories using @deepfence& #39;s Runtime Threat Mapper
https://github.com/deepfence/ThreatMapper">https://github.com/deepfence...
@appseccouk cloud training
Play with 8 different command & control frameworks with the Slingshot C2 Matrix VM #redteam
https://howto.thec2matrix.com/slingshot-c2-matrix-edition
https://howto.thec2matrix.com/slingshot... href="https://twitter.com/MDSecLabs">@MDSecLabs on abusing legacy Firefox functionality to achieve command execution in enterprise environments
https://www.mdsec.co.uk/2020/04/abusing-firefox-in-enterprise-environments/">https://www.mdsec.co.uk/2020/04/a...
https://howto.thec2matrix.com/slingshot-c2-matrix-edition
https://howto.thec2matrix.com/slingshot... href="https://twitter.com/MDSecLabs">@MDSecLabs on abusing legacy Firefox functionality to achieve command execution in enterprise environments
https://www.mdsec.co.uk/2020/04/abusing-firefox-in-enterprise-environments/">https://www.mdsec.co.uk/2020/04/a...
If you liked this thread, check out tl;dr sec, a weekly-ish newsletter I send out with:
https://abs.twimg.com/emoji/v2/... draggable="false" alt="📚" title="Books" aria-label="Emoji: Books"> Summaries of great security talks
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🛠️" title="Hammer and wrench" aria-label="Emoji: Hammer and wrench"> The latest tools and useful blog posts
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🧪" title="Test tube" aria-label="Emoji: Test tube"> My various research projects
Thanks for reading, have a great day!
https://abs.twimg.com/emoji/v2/... draggable="false" alt="😎" title="Smiling face with sunglasses" aria-label="Emoji: Smiling face with sunglasses">
Thanks for reading, have a great day!