Youtube channels:

• Colin Hardy: https://www.youtube.com/channel/UCND1KVdVt8A580SjdaS4cZg
• OALabs: https://www.youtube.com/channel/UC--DwaiMV-jtO-6EvmKOnqg
• MalwareAnalysisForHedgehogs: https://www.youtube.com/channel/UCVFXrUwuWxNlm6UNZtBLJ-A
• 0xf0x: https://www.youtube.com/channel/UCCnZXAoXRb6GDLjuFo0dmIg
• DissectMalware: https://www.youtube.com/channel/UClshOnMPENbBSAG3KNRnlHw
• Guided Hacking: https://www.youtube.com/channel/UCCMi6F5Ac3kQDfffWXQGZDw
• Honeynet Project: https://www.youtube.com/channel/UCudh0pRD6Fniu9X2hasGK8w
• Josh Stroschein: https://www.youtube.com/channel/UCI8zwug_Lv4_-KPT62oeDUA
• maddiestone: https://www.youtube.com/channel/UCTbTMfVyCfs9p8SPsi3xEZQ
• PacketBomb : https://www.youtube.com/channel/UC6lijopn1t2ETukUSLDDqMA
• Rezky Wulandari: https://www.youtube.com/channel/UC3Z6Aus0YnD6GgRWH-eKzKA
• Sean Gambles: https://www.youtube.com/c/s3anuk/videos
• webpwnized: https://www.youtube.com/channel/UCPeJcqbi8v46Adk59plaaXg
• hasherezade: https://www.youtube.com/channel/UCNWVswPNgn5kutPNa5sprkg
• Lukas Stefanko: https://www.youtube.com/channel/UCg08SXtXlfADk4yAODpShfQ
• Paul Chin: https://www.youtube.com/channel/UCuQbZ4Uv3ecBHsbFhd2BjIw
• Ring Zero Labs: https://www.youtube.com/channel/UCTZCTzlZQF_7WnouKc-Ym_Q
• KirbiflinTV: https://www.youtube.com/channel/UCKnHdBvDXj9Zl15g28XwqMQ

Books:

• Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code: https://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033
• Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software: https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
• The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory: https://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098
• The Ghidra Book: The Definitive Guide: https://www.amazon.com/Ghidra-Book-Definitive-Guide

RSS feeds:

• OA LABS: https://oalabs.openanalysis.net/rss/
• Noah. 的 Twitter: https://rsshub.app/twitter/user/_qaz_qaz?
• herrcore 的 Twitter: https://rsshub.app/twitter/user/herrcore
• sean 的 Twitter: https://rsshub.app/twitter/user/seanmw
• MalwareHunterTeam 的 Twitter: https://rsshub.app/twitter/user/malwrhunterteam
• Colin Hardy 的 Twitter: https://rsshub.app/twitter/user/cybercdh
• nullteilerfrei: https://blag.nullteilerfrei.de/feed/
• malwology: https://malwology.com/feed/
• 0xEvilC0de.com: https://feeds.feedburner.com/0xevilc0de
• Infosec for Breakfast: https://pwnage.io/feed.xml
• Objective-See's Blog: https://objective-see.com/rss.xml
• MalwareBytes Labs: https://blog.malwarebytes.com/feed/
• bl4ckh0l3z: https://twitter.com/bl4ckh0l3z

Sites/blogs:

• Dynamic Malware Analysis in the Modern Era—A State of the Art Survey: https://dl.acm.org/doi/fullHtml/10.1145/3329786
• Phrack: http://www.phrack.org/
• MalwareTech: https://www.malwaretech.com/
• Daring Joker: https://daringjoker.wordpress.com/
• WeLiveSecurity: https://www.welivesecurity.com/category/malware/
• Andrea Fortuna's Blog: https://www.andreafortuna.org/category/cybersecurity
• SentinelOne: https://labs.sentinelone.com/
• CLARK: https://clark.center/
• Security In Bits: https://www.securityinbits.com/
• Malware Traffic Analysis: https://www.malware-traffic-analysis.net/
• hasherezade's 1001 nights: https://hshrzd.wordpress.com/ (https://speakerdeck.com/hshrzd)
• Tuts 4 You: https://forum.tuts4you.com/
• MalwareBytes: https://blog.malwarebytes.com/category/threat-analysis/
• MalwareTips Community: https://malwaretips.com/
• PC Matic Malware Research's on TechTalk: https://techtalk.pcmatic.com/2017/10/04/debugging-unpacking-malicious-software/
  https://techtalk.pcmatic.com/2017/11/29/unpacking-malware-part-2-reconstructing-import-address-table/
  https://techtalk.pcmatic.com/2017/11/30/running-dll-files-malware-analysis/
  https://techtalk.pcmatic.com/2017/09/24/all-about-hooking/
• VX Underground: https://vxug.fakedoma.in
  https://github.com/vxunderground/
• LifeInHex: https://lifeinhex.com/
• Fumik0_'s box: https://fumik0.com/

Datasets:

• Kaggle: https://www.kaggle.com/search?q=malware

Emulation:

• Binee: https://github.com/carbonblack/binee
• Qiling: https://www.qiling.io/

Cheat-sheets:

• Tips for Reverse-Engineering Malicious Code: https://zeltser.com/media/docs/reverse-engineering-malicious-code-tips.pdf
• Malware Analysis and Reverse-Engineering Cheat Sheet: https://zeltser.com/media/docs/malware-analysis-cheat-sheet.pdf
• Nmap Cheat Sheet: https://cdn.comparitech.com/wp-content/uploads/2019/06/Nmap-Cheat-Sheet-1.jpg
• Microsoft Win32 API: https://docs.microsoft.com/en-us/windows/win32/api/

Anti RE:

• Anti-Debug Tricks: https://anti-debug.checkpoint.com
• Anti-Reversing: https://www.anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf

Xor:

• Known Plain Text Attack: http://jon.glass/blog/Unxoring-a-rat/
• UnXor left to right vs right to left: https://gitlab.com/antonio.godinho/ma-locky-simple/-/snippets/2022587

RE CTFs:

• MalwareTech Beginner Malware Reversing Challenges: https://www.malwaretech.com/beginner-malware-reversing-challenges
• Cracks: https://crackmes.one/
• A reversing tutorial for newbies by lena151: https://www.youtube.com/playlist?list=PLcFUp5WYCxVYeR7AgsmjzGW6PjamaY6JO
• Beginner Malware Reversing Challenges: https://www.malwaretech.com/beginner-malware-reversing-challenges

Training:

• FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques: https://www.sans.org/course/reverse-engineering-malware-malware-analysis-tools-techniques
• GIAC Reverse Engineering Malware (GREM): https://www.giac.org/certification/reverse-engineering-malware-grem

Free Training:

• Fortinet: https://www.fortinet.com/training/cybersecurity-professionals
• PortSwigger: https://portswigger.net/web-security
• OPEN SECURITY TRAINING.INFO: http://opensecuritytraining.info/Training.html
• Malware Analysis - CSCI 4976: https://github.com/RPISEC/Malware
• Modern Binary Exploitation - CSCI 4968: https://github.com/RPISEC/MBE

Mobile:

• adb tools: https://developer.android.com/studio/releases/platform-tools
• Genymotion: https://www.genymotion.com/fun-zone
• dex2jar: https://github.com/pxb1988/dex2jar
• MobSF: https://github.com/MobSF/Mobile-Security-Framework-MobSF
• apktool: https://ibotpeaches.github.io/Apktool/
• Frida: https://frida.re/docs/android/

ELK:

• ELK (Setup on Ubuntu 20.04): https://gitlab.com/-/snippets/2001211

Others:

• MIASM: https://github.com/cea-sec/miasm (example: https://github.com/eset/malware-research/blob/master/chachaddos/decrypt_second_stage.py)

Reports/ Research Papers:

• ESET Threat Report Q22020: https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf
• Growth and Commoditization of Remote Access Trojans: https://static1.squarespace.com/static/59f343f3c027d8a07cc2f2a0/t/5f6486df9680f86a6fcf487d/1600423648304/WACCO_2020-VALEROS-GARCIA.pdf
• Reverse Engineering for Beginners: https://beginners.re/RE4B-EN.pdf (Code: https://beginners.re/src/, Challenges: https://challenges.re/)

Firmware:

• UEFI: https://labs.sentinelone.com/moving-from-common-sense-knowledge-about-uefi-to-actually-dumping-uefi-firmware/

Others:

• Honeynet: https://www.honeynet.org/
• Mitre ATT&CK: https://attack.mitre.org/
• JPMinty Mitre ATT&CK MindMaps: https://raw.githubusercontent.com/JPMinty/MindMaps/master/MITRE%20ATT%26CK/PNG/MITRE%20ATT%26CK%20March%202020%20-%20Dark.png
• Cyber Kill Chain: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html
• ASCII Table: https://www.profdavis.net/ascii_table.pdf

Awesome list:

• Awesome Machine Learning for Cyber Security: https://github.com/jivoi/awesome-ml-for-cybersecurity
• Awesome Cybersecurity Blue Team: https://github.com/fabacab/awesome-cybersecurity-blueteam
• Free_CyberSecurity_Professional_Development_Resources: https://github.com/gerryguy311/Free_CyberSecurity_Professional_Development_Resources
• Awesome Incident Response: https://github.com/meirwah/awesome-incident-response
• Awesome Infosec: https://github.com/onlurking/awesome-infosec
• My Infosec Awesome: https://github.com/pe3zx/my-infosec-awesome
• InfoSec-Resources4All: https://github.com/DoGByTe-ZN/infosec-resources4all
• Awesome Social Engineering: https://github.com/v2-dev/awesome-social-engineering
• Information security / Hacking for noobs: https://github.com/tkisason/getting-started-in-infosec
• Awesome Malware Analysis: https://github.com/rshipp/awesome-malware-analysis

Programming Language Specifications/helpers:

Assembly Knowledge Resources:

• Jasmin - Practice Assembly
• Using Jasmin to Run x86 Assembly Code
• Compiler Explorer
• (Small list) 80x86 Instructions
• YASM
• SensePost crash course in x86 assembly

File Formats:

• http://kaitai.io/
• https://ide.kaitai.io/

Exploits:

Threat Hunting:

• TH Playbook
• MISP
• MISP user documentation
• MISP Virtual Machines
• The Hive
• The Hive - Cortex
• OpenCTI

Open Source Intelligence:

Virtual Machines:

• REMnux: A Linux Toolkit for Malware Analysis: https://remnux.org/
• Flare-VM: https://github.com/fireeye/flare-vm

Hardening VM:

• Byte Atlas: https://byte-atlas.blogspot.com/2017/02/hardening-vbox-win7x64.html
• PAFish: https://github.com/a0rtega/pafish
• Amtivmdetection: https://github.com/nsmfoo/antivmdetection (Prowling blog: https://blog.prowling.nu/2013/08/modifying-virtualbox-settings-for.html)
• VBoxHardenedLoader: https://github.com/hfiref0x/VBoxHardenedLoader

Tools (Windows Analysis machine):

Extra Tools (Analysis machine):

Tools (Linux Gateway machine):

Honeypots:

Unpacking:

Boilerplate (up for investigation):

• https://koodous.com
• https://github.com/JPMinty/theZoo
• https://bitbucket.org/kao/myauttoexe/src/master/
• http://infocon.hackingand.coffee/
• https://hshrzd.wordpress.com/how-to-start/
• https://mitmproxy.org/
• https://www.youtube.com/playlist?list=PLhx7-txsG6t6n_E2LgDGqgvJtCHPL7UFu
• https://beta.virusbay.io/
• https://tracker.fumik0.com/learning