Here's a collection of resources that I've found helpful myself through my career, and hopefully you will as well.
Environment Hardening / Configuration
- https://docs.microsoft.com/en-us/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server
- https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/controlled-folders?view=o365-worldwide
Detection
- https://detect-respond.blogspot.com/2013/03/the-pyramid-of-pain.html
- https://www.malwarearchaeology.com/cheat-sheets
- https://github.com/Neo23x0/sigma
- https://github.com/Neo23x0/auditd/blob/master/audit.rules
- https://github.com/dnif/content
- https://github.com/OTRF
- https://github.com/panther-labs/panther-analysis
- https://github.com/microsoft/Microsoft-365-Defender-Hunting-Queries
- https://github.com/sophoslabs/IoCs
- https://github.com/FalconForceTeam/FalconFriday
- https://research.splunk.com/detections/
- https://github.com/chronicle/detection-rules
- https://github.com/elastic/detection-rules
Tools
- https://canarytokens.org
- https://threathunterplaybook.com/
- https://www.crowdstrike.com/blog/crowdstrike-releases-digital-forensics-and-incident-response-tracker/
- https://gchq.github.io/CyberChef/
- https://github.com/mattnotmax/cyberchef-recipes
Education
- https://www.networkdefense.io/library/
- https://www.sandflysecurity.com/blog/
- https://attack.mitre.org/
- https://d3fend.mitre.org/
- https://www.thec2matrix.com/
- https://thedfirreport.com/