Resources
3 min read
Published at: Mar 25, 2023 (Updated at: Dec 8, 2023)
Here you will find all the cybersecurity resources you could ever wish for!
Foreword
This is a collection of resources with relevancy to either IT or cybersecurity - where I've either heard good about the site or tried/use the site myself. If you have any additional suggestions for resources feel free to send them to me.
News & Podcasts
| Source | Explanation |
|---|---|
| Newsnow | A Great summary of current top stories within cybersecurity. |
| SANS ISC StormCast | SANS short daily podcast with new relevant things happening in the field. |
| Darknet Diaries | An amazing podcast with stories of real events withing information security. |
| Critical Thinking - Bug Bounty Podcast | A podcast with focus on bug bounties, how to find new attack vectors, and talking about news withing bug bounty. |
Distributions
| Distro | Explanation |
|---|---|
| Kali | Well known distribution for Offensive security. |
| Kali Purple | New Kali distribution directed at purple teaming (NOTE: very early in development). |
| SIFT Workstation | SANS DFIR Digital Forensics and Incident Response Linux distribution. |
| Ubuntu Server | Ubuntu distribution for self-hosting. |
| FLARE VM | Windows distribution for malware analysis and reverse engineering. |
Cybersecurity
Practice
| Resource | Explanation |
|---|---|
| TryHackMe | Very popular website for practicing both red- and blue methods with everything from complete beginner to advanced. |
| HackTheBox | In my experience similar to TryHackMe but generally a bit more difficult - thus if you have less experience start with TryHackMe. |
| PentesterLabs | Well known platform for practicing penetration testing. |
| Portswigger | The creators of Burp Suite - good introductory web hacking. |
| Metasploitable 1, 2, 3 | Good offline practice for common vulnerabilities. |
| picoCTF | A bunch of shorter CTF-styled challanges from beginner to advanced. |
| CTFlearn | Similar to picoCTF. |
| OverTheWire | A ton of different challenges with varying difficulty. |
| VulnHub | A community driven site sponsored by Offensive Security and host the VM's urself. |
| RootMe | Another good site to practice offensive methods and ctf. |
| Juice Shop | A vulnerable website made by OWASP with increasing difficulty. |
Tools & Cheat Sheets
| Tool | Explanation |
|---|---|
| CyberChef | The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis. |
| Virustotal | Scan files, urls and more and see if they are malicious. |
| urlscan | Scan urls to see if they are malicious and more details about the website. |
| ViewDNS.info | See detailed DNS info. |
| Payload All The Things | A list of useful payloads and bypasses for Web Application Security. |
| Active Directory Exploitation Cheat Sheet | Common enumeration and attack methods against Active Directory. |
| LOLBAS | Living Off The Land Tools that are installed on a default installation which you can make use of binaries, scripts and libraries for Windows. |
| GTFOBins | Same as LOLBAS but for UNIX-binaries. |
| Hacking Tools Cheat Sheet | Pretty self-explanatory. |
Write-ups
| Resource | Explanation |
|---|---|
| Hailstorm Security | This blog - has writeups for a bunch of different challanges |
| HTB Writeups | Writeups for a lot of HackTheBox challenges. |
| 0xRick's Blog | ... and a few more. |
| CTF Writeups | Writeups for HackTheBox, TryHackMe, CTFLearn etc. |
| 0range Wh1spers | Active blog for with a bunch of ctf writeups. |
| 0xBen | ... same as the above. |
Other resources
| Resource | Explanation |
|---|---|
| ENISA Cybersecurity Role Profiles | ENISA's released document on different roles in cybersecurity and its tasks and key skills. |
| Pluralsight | A platform with many courses for just about everything, however quite expensive but watch for sales. |
Programming
| Resource | Explanation |
|---|---|
| Codecademy | A lot of hands on training in different programming languages, a lot for free. |
| Selenium | Web automation with python. |
| RegexLearn | Website to learn regular expressions. |
| RegExr | Website to test and learn regex in real time and with great detail. |
Home server
| Resource | Explanation |
|---|---|
| Docker tutorial | You will most likely be in contact with docker - so here's a guide to better understand it. |
| Yacht | Container manager, you can also find templates here and here. |
| Cloudflare Registrar | Register domain for cheap and with many free features - such as tunnelling. |
Give suggestions on other resources
If you want to share your favourite resource that I've missed, the best way to do so is either to send me an email or by commenting on a relevant post! Thank you for your engagement, and I hope the resources above gave you some inspiration!
