List of Awesome macOS Red Teaming Resources.

As more and more companies begin to adopt macOS as a daily office solution, we often encounter macOS operating system during our Pentest/Red Teaming process. How to hacking macOS, how to achieve Persistence under macOS, and using this as a starting point Lateral Movement to DC is a topic worth research.

This list is for anyone who wants to learn about Red Teaming for macOS but has no starting point.

You can help by sending Pull Requests to add more information.

Click to download

WHAT’S THE DIFFERENCE?

The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries.

The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks.

At the same time, many organizations have begun reviewing and revising their security best practices in advance of suffering a debilitating cyber attack. Based on extensive use of CrowdStrike’s next-generation endpoint protection platform to detect and prevent sophisticated attacks against large organizations, CrowdStrike’s in-house team of security experts, adversary hunters, intelligence analysts and incident responders have pooled their knowledge to produce this valuable guidebook and checklist for proactively enhancing your corporate information security procedures while avoiding common mistakes and pitfalls.

Click to download

As the Federal Government continues to adopt increasingly cutting-edge technologies and embrace large changes to existing Information Technology (IT) infrastructure, containers have become a growing topic of discussion throughout agencies. Some agencies already have budding containerization practices, other agencies are in the process of preparing for and building container capabilities and skills, and still others are early in the maturation process.

This guide provides a basic overview of container technologies to educate agencies that have limited to no containerization maturity. It will help agencies make informed and intelligent decisions on adopting container technologies. Intended as a “Container Readiness Guide,” the reader will first find an overview of container technology and references to external resources for additional learning to set a baseline of terms, definitions, and types of technologies.

Click to download

Over the past year the world has borne witness to a burgeoning cybercrime economy and the rapid rise of cybercrime services. We have watched this global market grow in both complexity and fervency. We’ve seen the cyberattack landscape becoming increasingly sophisticated as cybercriminals continue—and even escalate—their activity in times of crisis. New levels of supply chain and ransomware attacks were a powerful reminder that we must all work together, and in new ways, to protect the cybersecurity of the planet.

We see transparency and information sharing as essential to the protection of the ecosystem. Knowledge brings power, and to that end, security professionals need diverse and timely insights into the threats they are defending against.

Microsoft serves billions of customers globally, allowing us to aggregate security data from a broad and diverse spectrum of companies, organizations, and consumers. Informed by over 24 trillion security signals per day, our unique position helps us generate a high-fidelity picture of the current state of cybersecurity, including indicators that help us predict what attackers will do next. Our goal in creating the Microsoft Digital Defense Report is to bring together integrated data and insights from more teams, across more areas of Microsoft than ever before. We will share what we’re seeing to help the global community strengthen the defense of the digital ecosystem, and we will include actionable learnings that companies, governments, and consumers can use to further secure individuals and environments.

Click to download

Singapore launched our first Singapore Cybersecurity Strategy in 2016 (‘Strategy 2016’), which helped lay the foundations of our cybersecurity efforts today. As our strategic and technological environment has changed significantly over the past five years, we have reviewed and refreshed our cybersecurity strategy to address new and emerging cyber-threats.

With a robust cybersecurity workforce and a vibrant cybersecurity ecosystem as key enablers, the Singapore Cybersecurity Strategy 2021 (‘Strategy 2021’) lays out our plans to strengthen the security and resilience of our digital infrastructure and enable a safer cyberspace to support our digital way of life. It also articulates how Singapore could play an outsized role in the digital domain despite being a small country, to support an open, secure, stable, accessible, peaceful, and interoperable cyberspace.

Click to download