| Organization / Provider | Notable Certifications / Courses |
|---|---|
| 0xDarkvortex | Red team & malware dev courses |
| Altered Security | CREST CRT, practical pentest tracks |
| BC Security | Red team & Empire-focused courses |
| CompTIA | Security+, PenTest+, CySA+ |
| Constructing Defense | Defensive & blue team labs |
| Cyberwarfare live | Live red team training |
| CloudBreach | Cloud pentest courses |
| eLearnSecurity (INE) | eJPT, eCPPT, eWPTX, eCXD |
joaovarelas
joaovarelas
/ cybersec-providers.md
Created
November 30, 2025 14:36
Cybersecurity Certifications - Training Providers
joaovarelas
/ devsecops-and-secure-sdlc-references-standards.md
Last active
November 2, 2025 11:26
DevSecOps & SDLC Security - References and Standards
- Summary: The NIST Secure Software Development Framework (SSDF) offers a set of practices to help organizations develop secure software. The framework emphasizes integrating security throughout the software lifecycle, from planning to response. It is structured into four key phases:
- Prepare the Organization
- Protect the Software
- Produce the Software
- Respond to Security Vulnerabilities
https://csrc.nist.gov/projects/ssdf
GOVERN (GV): The organization's cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored
Organizational Context (GV.OC): The circumstances - mission, stakeholder expectations, dependencies, and legal, regulatory, and contractual requirements - surrounding the organization's cybersecurity risk management decisions are understood
- GV.OC-01: The organizational mission is understood and informs cybersecurity risk management
- GV.OC-02: Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered
- GV.OC-03: Legal, regulatory, and contractual requirements regarding cybersecurity - including privacy and civil liberties obligations - are understood and managed
- GV.OC-04: Critical objectives, capabilities, and services that external stakeholders depend on or expect from the organization are understood and
joaovarelas
/ AV-EDR-Lab-Environment-Setup.md
Last active
February 12, 2025 09:37
AV/EDR Lab Environment Setup
Credits c5pider
This may be helpful…, It was previously share but i have added few more things
- An example of things that can be used to emulate certain features that paid edrs have:
- SACL - sysmon
- https://detect.fyi/sysmon-a-viable-alternative-to-edr-44d4fbe5735a?gi=eb4475ea6b3d
joaovarelas
/ extend-win-updates-pause.ps1
Created
January 14, 2025 11:39
Extend Win Update pause interval for 10 years.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "FlightSettingsMaxPauseDays" -Value 3654 -Type DWord |
joaovarelas
/ pwdlist.txt
Last active
February 12, 2025 10:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1 | |
| 12 | |
| 123 | |
| 1234 | |
| 12345 | |
| 123456 | |
| 1234567 | |
| 12345678 | |
| 123456789 |
A comprehensive directory of industry-standard solutions, vendors, and technologies powering modern organizations, data centers, and businesses.
Foundational hardware and virtualization layers for data centers.
| Category | Industry Leaders & Solutions |
|---|
joaovarelas
/ iso-27001-controls-annex-a.tsv
Last active
September 4, 2024 10:23
ISO 27001 Annex A - Controls
We can make this file beautiful and searchable if this error is corrected: It looks like row 7 should actually have 4 columns, instead of 1 in line 6.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Category Number Title Description | |
| Organizational 5.1 Policies for information security Information security policy and topic-specific policies shall be defined, approved by management, published, communicated to and acknowledged by relevant personnel and relevant interested parties, and reviewed at planned intervals and if significant changes occur. | |
| Organizational 5.2 Information security roles and responsibilities Information security roles and responsibilities shall be defined and allocated according to the organization needs. | |
| Organizational 5.3 Segregation of duties Conflicting duties and conflicting areas of responsibility shall be segregated. | |
| Organizational 5.4 Management responsibilities Management shall require all personnel to apply information security in accordance with the established information security policy, topic-specific policies and procedures of the organization. | |
| Organizational 5.5 Contact with authorities The organization shall establish and maintain contact with relevant authorities. | |
| Org |
joaovarelas
/ xfreerdp-config.txt
Last active
February 12, 2025 10:25
xFreeRdp Redirect Sound and Microphone via RDP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Settings > Advanced | |
| Redirect Local Audio Output: sys:pulse,quality:high | |
| Redirect Local Microphone: sys:pulse,format:1,quality:high | |
| USB Device Redirection: id:13d3:56XX |
joaovarelas
/ Dockerfile
Last active
September 18, 2024 12:10
Nessus Docker image to deploy offline containers.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM debian:stable-slim | |
| COPY Nessus-10.8.3-ubuntu1604_amd64.deb . | |
| COPY all-2.0.tar.gz . | |
| RUN apt -y update && \ | |
| apt -y install curl dpkg expect systemctl && \ | |
| apt install -y Nessus-10.8.3-ubuntu1604_amd64.deb && \ | |
| rm -f Nessus-10.8.3-ubuntu1604_amd64.deb && \ |
NewerOlder