https://abs.twimg.com/emoji/v2/... draggable="false" alt="📚" title="Books" aria-label="Emoji: Books"> tl;dr sec #31
* @shehackspurple& #39;s online learning platform
* Free #AWS/ #Azure security course by @appseccouk
* Tools for continuous cloud and container security
* A VM with 8 C2 frameworks to play with
* ZAP GitHub Action
* Use @fridadotre w/ Burp https://tldrsec.com/blog/tldr-sec-031">https://tldrsec.com/blog/tldr...

Support security content creators! https://abs.twimg.com/emoji/v2/... draggable="false" alt="🌈" title="Rainbow" aria-label="Emoji: Rainbow">https://abs.twimg.com/emoji/v2/... draggable="false" alt="💰" title="Money bag" aria-label="Emoji: Money bag">

Check out @shehackspurple teaching #DevSecOps, #AppSec, and cloud security: https://www.shehackspurple.dev/ 

https://www.shehackspurple.dev/">... href="https://twitter.com/DanielMiessler">@DanielMiessler& #39;s newsletter: https://danielmiessler.com/subscribe/ 

https://danielmiessler.com/subscribe... href="https://twitter.com/lancinimarco">@lancinimarco writing about cloud security: https://www.buymeacoffee.com/marcolancini ">https://www.buymeacoffee.com/marcolanc...

Marco Lancini

Hi, I'm Marco Lancini. I'm a Security Engineer, mainly interested in cloud native technologies, and devops.

https://www.shehackspurple.dev/

https://abs.twimg.com/emoji/v2/... draggable="false" alt="🛠️" title="Hammer and wrench" aria-label="Emoji: Hammer and wrench">Instrumentation tooling

Brida, a Burp extension that bridges @Burp_Suite and @fridadotre by @apps3c
https://techblog.mediaservice.net/2020/04/brida-0-4-is-out/

Web">https://techblog.mediaservice.net/2020/04/b... interface to manipulate Android Java classes and methods at runtime by @mobilesecurity_ https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security">https://github.com/m0bilesec...

Massive list of open source tools from @RSAConference 2020
https://www.rsaconference.com/rsac-programs/open-source-tools

C">https://www.rsaconference.com/rsac-prog... experts panel AMA including my friend @RCS
https://news.ycombinator.com/item?id=22865357

ZAP">https://news.ycombinator.com/item... baseline scan GitHub Action https://www.zaproxy.org/blog/2020-04-09-automate-security-testing-with-zap-and-github-actions/">https://www.zaproxy.org/blog/2020...

Great site by @Cloudflare that gives a nice overview of BGP security, including a 1-click button to check if your ISP is doing BGP securely (it& #39;s probably not)
https://isbgpsafeyet.com/ 

Concise">https://isbgpsafeyet.com/">... overview of TLS 1.3 security benefits by @netflix https://netflixtechblog.com/how-netflix-brings-safer-and-faster-streaming-experience-to-the-living-room-on-crowded-networks-78b8de7f758c">https://netflixtechblog.com/how-netfl...

@HashiCorp Enforcing S3 Security Best Practices Using Terraform & Sentinel
https://medium.com/hashicorp-engineering/enforcing-aws-s3-security-best-practice-using-terraform-sentinel-ddcd181ff4b7

Identify">https://medium.com/hashicorp... vulns in containers, images, hosts & repositories using @deepfence& #39;s Runtime Threat Mapper
https://github.com/deepfence/ThreatMapper">https://github.com/deepfence...

@appseccouk cloud traininghttps://abs.twimg.com/emoji/v2/... draggable="false" alt="🔥" title="Fire" aria-label="Emoji: Fire"> https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training">https://github.com/appsecco/...

Play with 8 different command & control frameworks with the Slingshot C2 Matrix VM #redteam
https://howto.thec2matrix.com/slingshot-c2-matrix-edition

https://howto.thec2matrix.com/slingshot... href="https://twitter.com/MDSecLabs">@MDSecLabs on abusing legacy Firefox functionality to achieve command execution in enterprise environments
https://www.mdsec.co.uk/2020/04/abusing-firefox-in-enterprise-environments/">https://www.mdsec.co.uk/2020/04/a...

https://howto.thec2matritwitter.com/slingshot-c2-matrix-edition

Slingshot C2 Matrix Edition

Virtual Machine image to try some of the most popular command and control frameworks

https://howto.thec2matritwitter.com/slingshot-c2-matrix-edition

If you liked this thread, check out tl;dr sec, a weekly-ish newsletter I send out with:

https://abs.twimg.com/emoji/v2/... draggable="false" alt="📚" title="Books" aria-label="Emoji: Books"> Summaries of great security talks
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🛠️" title="Hammer and wrench" aria-label="Emoji: Hammer and wrench"> The latest tools and useful blog posts
https://abs.twimg.com/emoji/v2/... draggable="false" alt="🧪" title="Test tube" aria-label="Emoji: Test tube"> My various research projects

Thanks for reading, have a great day! https://abs.twimg.com/emoji/v2/... draggable="false" alt="😎" title="Smiling face with sunglasses" aria-label="Emoji: Smiling face with sunglasses">