This is a collection of all the best resources I’ve learnt from and used in the past year of my cyber security learning.
This is in no means a complete list, and will be updated consistently when I come across new content, or simply remember platforms I used to use.
I’ll try and sort this collection of resources into a few key sections:
- General Hacking
Linux Journey - So much incredible content on Linux, gets into the nitty gritty about processes etc.
TryHackMe Fundamentals - Good for getting to grips with the command line
By far the best way to learn Linux is to install it as your daily operating system. Force yourself to use the command line, and stack overflow the shit out of it™
Watch this space
CryptoHack - The best platform I’ve come across for cryptography so far.
Crypto101 - A great book, if you pair this with the platform above, it will give you a great overall understanding.
Cipher Challenge - This one comes from the Cipher Challenge, run by the University of Southampton, it has multiple slides introducing some basic concepts, and a 60-page long handbook.
Crypto Pals - I can’t explain it better than they can, definitely worth checking the site out.
“An Introduction to Mathematical Cryptography 2014” - Note: this is not free, but quite the opposite. However, I was lucky enough to get an old copy off a friend, and there’s no way I can leave this one out. The content is great, so if you want to pursue cryptography further, this book is a good place to start.
Nightmare - literally - A course on Binary Exploitation based around CTF challenges.
Ir0nstone Notes - Notes from a student, definitely worth checking out!
ROPEmporium - A collection of challenges on return-oriented programming.
PWN College - A good course, although it requires some understanding to start.
Portswigger Labs - How could I make a resource list and leave portswigger out, the web academy is simply the best I’ve seen for people wanting to learn more on Web Exploitation.
PwnFunction - PwnFunction has a great collection of very clear videos explaining some web exploitation techniques, if you find videos easier to digest.
Rana Khalil - Rana Khalil is amazing at explaining in depth SQL injection, and she’s regularly producing more content, so watch this space!
TCM Security - A great course which covers many topics, and is incredibly cheap for the content you’re getting. Note that Heath regularly does discounts on his twitter, so it’s definitely worth watching out for that.
INE eJPT Course - INE has made their course for the eJPT certification (paid certification) completely free. It has some great content, and is very beginner focused. I believe labs are included for free, but it’s worth noting the certification isn’t.
HackTheBox - Some very challenging boot2root machines and challenges, and they’re also branching out with their academy, which has regular updates to content: https://academy.hackthebox.eu. The academy has some great content, and they are rapidly expanding their free and paid for material.
TryHackMe - A great place to start with Cyber Security, they have loads of walkthrough and challenges around multiple areas in cyber security. Completely free for a large proportion of the content, although there is a subscriber feature.
RangeForce - Lots of free content, covers much more than just pentesting content.
OverTheWire - A large selection of challenges focusing on different areas, such as Linux, Web etc.
SANS - SANS is great. They have such a wide variety of free content, from cheatsheets to free conferences.
Cyber Aces - Also developed by SANS, it’s an online course of the basics, for free, of course ;)
Nickapic Notes - Another massive collection of notes, all created with love, by Nickapic.
John Hammond - John Hammond makes great informative and entertaining content on YouTube.
IppSec - IppSec has countless retired HackTheBox machines, and more on his channel. He’s great to watch, even if you don’t follow along, as you can just feel the intelligence leaking in.
VBScrub - VbScrub has some brilliant videos on Active Directory, and focuses on Windows content, primarily through the HackTheBox platform.
LiveOverflow - Live Overflow, has over 300 videos which range from technical to vlog-like.
Professor Messer - Professor Messer, for all your networking needs.
Tib3rius - Tib3rius is great for OSCP content, specifically Windows PrivEsc.
Heath Adams - The Cyber Mentor, mentioned before for PEH course.
A collection of collections of much better resources than I have here. TL/DR: Ignore everything above, visit these.