Learning Resources General

Getting Started Linux Computer Science

The ultimate list of lists on breaking into infosec
s3ctur's breaking into infosec
5 year plan to success in Infosec
ImmersiveLabs - Practical in-browser fundamentals
Github Education pack (Must have a .edu email)
So you want to be a hacker
Literally all you ACTUALLY need
Linux Journey GA Tech OMSCS on Udacity
OTW: Bandit Crash Course Computer Science
Linux Survival, Linux tutorial Open Source School - CompSci
Linux Documentation Project: Guides OSTEP - OS Internals, paging, concurrency
Breakdown of Commandline inputs
The Bash Guide
Kali Linux Revealed

USE THE TABS AT THE BOTTOM TO ACCESS THE REST OF THE RESOURCES
Curated by NetsecFocus, join us here!
 Learning Resources Offense

Network Pentesting WebApp Pentesting Exploit Dev Privilege escalation Wireless Pentesting Cloud Pentesting Public exploits

FSU Pentesting Course
CNS320 - Intro to pentesting
Awesome Penetration Testing
OffSec Workflow [1]
Windows Exploit Suggester
Awesome OSINT
MobileApp-Pentest-Cheatsheet
http://opensecuritytraining.info/Training.html
rmusser's infosec Reference
Creating a Windows domain and hacking it
All things Active Directory
Awesome Red Teaming
Python Pentesting Tools
Mobile App Pentest Cheatsheet
Web App Challenges Mindmap
NetSparker SQLi Cheat Sheet
dow-j WebApp Cheat Sheet
Security Idiots Guide to Web Pentesting
SQL Filer Evasion and Obfuscation Techniques
Troy Hunt OWASP Top 10 for .net developers
Vulnerable Web Apps/Labwork
Mutillidae, OWASP Top 10
Audi-1's SQLi Labs
Juice Shop, Javascript OWASP targets
Web App Testing Mindmap
Classes/Guides
Modern Binary Exploitation
Corelan, BOF
Windows Heap Exploitation
Windows exploitation series
Azeria, intro to writing ARM Assembly
Coursera, Software Security
LegendofR4ndom
http://opensecuritytraining.info/Training.html
Introduction to Malware Analysis
Youtube
GynvaelEN
Live Overflow Channel
Windows: exploiting folder permissions Advanced Wireless Network Attacks 2018 Introduction to Pentesting in AWS Exploit DB
Windows: Privilege Escalation Fundamentals SANS Wireless Pentesting Tips and Resources Security Focus
Windows: Windows-Exploit-Suggester WPA PKMID Attacks IoT and HW security
Windows: Privilege Escalation Commands Binary Ninja and ARM
Windows: Practical Windows Privilege Escalation Azeria-Labs ARM tutorials
Windows: Blind Files
Linux: Basic Linux Privilege Escalation Hardware Arm RE/Exploit dev
Linux: linuxprivchecker.py
Linux: LinEnum Phantasmthewhite's MIFARE & RFID series Root-me ARM challenges
Linux: Blind Files scund00r's Proxmark 3 Cheat Sheet ARM exploit challenges
MySQL Root to System Root with UDF scund00r's RFID Thief guide Reverse Engineering for Beginners
UAC Bypass List, hfiref0x ESP-RFID-Tool Azeria Labs
Escape rbash
Cheatsheet for Spawing TTY Shells Cloud Pentesting Challenges
Sploitspren's Windows Priv-Esc guide flaws.cloud
flaws2.cloud/

Pentesting Workshops
Windows/Linux Priv Esc Workshop
 Learning Resources
Bash
G0tmi1k OS scripts for bash (Examples)
Bash Guide to Beginners
Bash Hackers Wiki page
Bash Academy (Exercises)
Cmdchallenge (Bash Challenges)
Programming
Python Powershell Go Misc Resources C/C++ PHP Assembly
So you want to be a Python expert? Underthewire, overthewire for powershell SentDex - Practical Go Quandl: Free Data Samples Learning C++ learn PHP Getting started with Arduino/AVR
Sentdex Python Tutorials Mick Douglas, Powershell for Forensics Google's official intro Commandline-Kungfu: Bash/Python/PS C++ tutorial (from cprograming) github.com/code-tutorials/assembly-intro NASM tutorial
Beginner's Cheat Sheet Introduction to Powershell for Security Go by Example Code Academy
Intermediate Cheat Sheet/Reference Page Windows Powershell Cookbook List of Go Libraries, etc UCI Machine Learning Data Sets
Interactive/Advanced Cheat Sheet/Resource Page Excercism GoLang Exercises Kevin Chai's datasets
Excercism Python Exercises Data Science Central
r/datasets
Open Data (Italian)
NASA datasets
Registry of Open Data on AWS
Pew Research (pewpewpew)
Kaggle
Wikipedia
Learning Resources Defense

Endpoints and DFIR Network Security Monitoring (NSM) RE and Malware Analysis Threat Intelligence

About DFIR
ISC Event Log analysis, IR
13Cubed Forensics videos/playlist
Hunting Attacker Activity: Lateral Movement
Opensecurity Slides and Videos
Where to start, blog
Shimcache Artifacts
Forensic Challenges Mindmap
Aggregate Blog List
Meirwah's Awesome Incident Response list
Hardening
All Things Active Directory
CID Audit Scripts
BSD - Securing Linux
Malware-Traffic-Analysis.net, PCAP Analysis Sam Bowne walks through the PMA Basic Threat Intelligence Resource repo
Securitywizardry's Packet Header Crib Sheets Zerltser's Cheat Sheets
Securitywizardry's Analysis Cheat Sheets StillzTech Malware Series
Packetlife TCPDump & Wireshark Cheat Sheets Malware Unicorn's Malware Analysis
PCAPr, benign PCAP samples [Github] Awesome Reversing list
Detecting packet fragmentation at the IDS (PDF Warning)
Lena
Art of Disassembly
RE4B, Dennis Yurichev
SecurityXploded
DrFu
LegendofR4ndom
Revesing on MacOS
Crypton: Exposing Malware's Deepest Secrets (PDF)
RPISEC - Malware Specialist Systems
r/ReverseEngineering
Awesome Industrial Control System Security
ICS CERT Training
SANS ICS Kill Chain
DTSR Podcast Dragos - Sergio
https://dragos.com/blog.html
SCADA Hacker
DTSR Podcast Dragos Robert M Lee
The Air Gap: SCADA's Enduring Security Myth
SANS Reading Room ISC/SCADA
Hacking Exposed Industrial Control Systems
Learning Resources
Tutorials & guides
Hash Identifier guide by @vcsec
Stick figure guide to AES
Sample hashes
https://www.crypto101.io/
Crypto
Challenges Tools
Cryptopals - Crypto challenges GCQH CyberChef Tools
Mystery Twister - Crypto challenges psypanda's hashID
id0 - Crypto implementation challenges RSA CTF Tools
Hashkiller
CTF tools (Category: crypto)
 Learning Resources Books

Defense Attack Scripting Programming Social Engineering Cryptography

Endpoints and DFIR NETWORK BASH C/C++ Social Engineering: The Art of Human Hacking Handbook of Applied Cryptography
Incident Response & Computer Forensics, Third Edition Advanced Penetration Testing The Linux Commandline Complete Introduction C Programming Language (2nd Edition) Social Engineer's Playbook An Introduction to Mathematical Cryptography
The Art of Memory Forensics Penetration Testing: A Hands On Introduction Linux Commandline and Shell Scripting Bible A Crash Course in C Building an Information Security Awareness Program Cryptography Engineering - Niels Ferguson
Troubleshooting with the Windows Sysinternals Tools Hacking: The Art of Exploitation Shell & Bash Scripting: Ultimate Beginner's Guide The C++ Programming Language Everyday Cryptography - Keith Martin
Blue Team Handbook: Incident Response Edition The Hacker Playbook 2 Linux Sysadmin Handbook C++ crash course for C programmers Cryptography and Network Security Principles - William Stallings
Blue Team Field Manual (BTFM) The Hacker Playbook 3 Practical Cryptograph - Niels Ferguson
Practical Forensic Imaging The Shellcoder's Handbook
Designing and Building Security Operations Center Complete Guide to Shodan POWERSHELL GoLang
How to Develop and Implement a Security Master Plan Hacking Exposed Industrial Control Systems Powershell in a Month of Lunches Blackhat Go
Ransomware: Defending Against Digital Extortion RTFM: Red Team Field Manual Windows Powershell Cookbook
Offensive Countermeasures: The Art of Active Defense Hacking: The Art of Exploitation
Security Metrics: Replacing Fear, Uncertainty, and Doubt PYTHON
Windows Internals Part 1-7th Edition Python Crash Course
Automate the Boring Stuff with Python
Network Security Monitoring (NSM) WEB APPs Black Hat Python LISTS History
Wireshark 101, Laura Chappel The Tangled Web Violent Python SANS Recommend Security Books GCHQ - Richard Aldrich
TCP/IP Illustrated, Vol 1 The Web Application Hacker's Handbook Learn Python3 the Hard Way The Code Book - Simon Singh
The Practice of Network Security Monitoring Bug Hunter's Diary The Self Taught Programmer
Practical Packet Analysis, 3rd Edition Understanding Network Hacks
Network Forensics: Tracking Hackers Through Cyberspace Security Automation with Ansible 2
Network Programmability and Automation: Skills for
Defensive Security Handbook Binary/Malware Analysis, RE, & Exploit Dev the Next-Generation Network Engineer
Network Security Assessment Practical Malware Analysis
Malware Analyst's Cookbook
The Art of Computer Virus Research and Defense IRON PYTHON
The Rootkit Arsenal Iron Python in Action
Rootkits, Subverting the Windows Kernel
The Shellcoder's Handbook
Learning Resources Blogs

Learning and Training Mainly Offensive Mainly Defensive General Security & News NSF user blogs

The Magic of Learning Harmjoy: Powershell & Pentesting Malware don't need coffee: Attack Breakdowns SANS Internet Storm Center: News, Breakdowns, learnin'
Pentesting & Cheatsheet ShadowTalk by Digital Shadows Irongeek's site, Sec Con recordings
Ministraitor's Security Con videos
Learning Resources CTF

Offensive Wargames and CTFs Self Hosted Labs General Labs Building Video Walkthroughs HackTheBox

CTF Field Guide Audi's SQLi Labs Building an Effective Active Directory Lab GynvaelEN Hack The Box :: Penetration Testing Labs
Wargame: OTW Bandit Sliim's Pentest Labs Open Source Network Simulators Live Overflow: General RE and CTF
Wargame: OTW Natas Juice Shop, Javascript OWASP targets Whole-network VPN and pfsense Vulnhub Brainpan - Trogdor stream Retired Box Walkthroughs
Wargame: OTW Leviatioan Vulnerable By Design ~ VulnHub Building Virtual Machine Labs (Book) NetsecFocus CTF Walkthroughs Ippsec's Youtube Channel
Wargame: OTW Narnia Splunk Boss of the SOC (Blue Team) Ippsec: Archived HTB and SANS Holiday 0xdf
pwnable kr r00k: Vulnhub, HTB, SANS Holiday epi
Microcorruption, Exercise/CTF
Root-me.org
WeChall: lots of wargames
http://captf.com/practice-ctf/
crackmes.de - RE challenges
crackmes.one - .de mirror
microcorruption.com Hosted MSP430 RE

DFIR Challenges and CTFs

Pico CTF
CTF List
PicoCTF 2017 Writeups
aboutDFIR CTF Challenges
https://ctf.wcsc.usf.edu/
https://ringzer0team.com/
https://www.netresec.com/?page=pcapfiles
DEFCON DFIR Challenges
PCAPs of ine-the-wild EKs, etc
A collection of DFIR Challenges
Learning Resources OffSec

Other Resources OSCP/PWK Prep Pentesting Report Examples

Logging Like a Lumberjack A Llama's guide to OSCP Prep Public Pentesting Reports
Learning how to learn NiiConsulting, from Newbie to OSCP
Offsec OSCP exam guide
OSCP-like VM YouTube playlist

OSWE/AWAE Prep

wetw0rk's prep guide

Learning Resources Vetting in progress

For Defense > Hardening (or wherever, just thought of these when looking there)
https://github.com/CISOfy/lynis
https://github.com/future-architect/vuls

OSCP like vulnhub VMS

http://www.abatchy.com/2017/02/oscp-like-vulnhub-vms.html

Windows priv esc

https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/

Binary exploitation
https://github.com/RPISEC/MBE

Book
Network Secuirty Assessment - 3rd Edition

Offense
https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/

powershell training
https://www.youtube.com/watch?v=6fbotSZeFkQ&list=PL-giMT7sGCVJQIgB06ock6ptjKvSc-rXc

Malware Analysis and Incident Response

https://postmodernsecurity.com/2015/09/11/malware-analysis-and-incident-response-tools-for-the-frugal-and-lazy/

Live map of hacking conferences:

http://www.hackermaps.org/
Learning Resources Notes

[1] https://workflowy.com/s/FgBl.6qcAQUUqWM