Leaderboard

IMO this is only a mind map of passive reconnaissance resources. And that's only half of the first step of Lockheed Martin's cyber killchain. Not to diminish the usefulness of the link at all. As far as passive reconnaissance goes the resources mentioned look quite comprehensive. You could, for example, prepare an initial dossier report to hand off to another active recon team so they could map the company profile to a network topology. This step is indispensable for a large APT, but to say that this covers all the steps is an exaggeration. Because it throws in links to malware analysis resources, and exploit archives, one could get confused about this link and think it was appropriately covering all the resources, but it's by no means its strong point. Again, I don't intend to diminish the usefulness of this link at all! Passive information gathering is the most important step to a large scale APT, yet it's the most glossed over subject in every security course! If you check out Sparc FLOW's "how to hack like a god" and some of his other books, he actually gives some emphasis on casing your target. AND NO WONDER! His books are actually just case studies!