This is a compilation of resources that aided me (and still do) in my studies. When I started in 2012 there weren’t so many tutorials/MOOCs and whatnot as there are now. Some of them I have covered in my first Octopress post

I will be updating this list and I will also try to keep it short, for sanity reasons :–)

Last updated on June 17th 2018

Online courses

• Introduction to Computer Science and Programming Using Python
• CS50x Introduction to Computer Science
• Python for Everybody Specialization
• Udacity
• Saylor Academy
• Open Source Society University
• Khan Academy
• MIT Open Courseware
• Microsoft Virtual Academy
• RPISEC Malware Analysis
• From Newbie To Windows Security Pro
• Learning Exploitation with Offensive Computer Security 2.0

Tutorials

• Metasploit Unleashed
• C++
• Irongeek.com
• pentestmonkey
• DrapsTV
• The Legend of Random
• Lena’s Reversing for Newbies
• TiGa’s Video Tutorial Series on IDA Pro
• IppSec
• Tradecraft Security Weekly
• Red Team tips

Security training

• Cybrary
• PentesterAcademy
• PentesterLab
• OpenSecurityTraining
• Social-Engineer
• Security Tube
• Binary Auditing
• Corelan exploit writing tutorials
• Advanced Threat Tactics
• Hacker101

Hands-on challenges

• VunlHub
• OverTheWire
• ExploitExercises
• Under The Wire
• CTF Time
• The Honeynet Project
• Smash The Stack
• Network Forensics Puzzles
• HackThisSite
• Enigma Group
• We Chall
• HackThis!!
• PentestIt
• Root Me
• Hack The Box

Books

• Violent Python
• Penetration Testing: A Hands-On Introduction to Hacking
• Black Hat Python
• The Hacker Playbook: Practical Guide To Penetration Testing
• The Hacker Playbook 2: Practical Guide To Penetration Testing
• The Hacker Playbook 3: Practical Guide To Penetration Testing
• Gray Hat Python
• Hacking: The Art of Exploitation
• RTFM: Red Team Field Manual
• BTFM: Blue Team Field Manual
• SQL Injection Attacks and Defense
• The Web Application Hacker’s Handbook
• Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
• The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
• Stealing the Network
• Web Hacking 101 (you can get it free from HackerOne)

Tools collections

• Python tools for penetration testers
• PwnWiki
• Kali Linux Tools Listing
• My collection of bookmarked resources

Linux

• linux-training
• Linux audit
• CertDepot

Misc security resources

• Phrack Magazine
• Getting started in pentesting collection
• Public pentesting reports
• DFIR Training
• AccessData training resources
• interview questions for red teaming/pentesting

Checklists

• OWASP Cheat Sheets
• SANS checklists
• C Programming Substance Guidelines
• Linux workstation security checklist
• PacketLife Cheat Sheets
• SANS Posters – print, learn, execute
• AuditShark

Forums

• TechExams
• JollyFrogs OSCP tale – incredibly comprehensive resource on studying for OSCP
• Bug Bounty Forum

Blogs

• Basic Linux Privilege Escalation
• Windows Privilege Escalation Fundamentals
• Detectify
• bluescreenofjeff.com – a blog about penetration testing and red teaming
• Red Teams
• Red Team Journal
• Tutorials by zseano
• RedTeam Blog
• Imminent Threat Solutions Digicom

Bug bounty

• the unofficial HackerOne disclosure timeline
• Bug Bounty Reference
• bugcrowd researcher resources
• Hacking Resources