RESOURCES AND SOURCES
This is a non-curated list of sources and resources that helped me get started with hacking and infosec in general. This is by no means a guideline or set path for success in the industry. If you have any questions, reach me on Twitter @Cerbersec.
YouTube
- Ippsec - For all your awesome HackTheBox walkthroughs
- Kindredsec - Malware analysis, HackTheBox walkthroughs
- Colin Hardy - Malware analysis
- TheCyberMentor - Networking, penetration testing, Buffer overflows, Linux for beginners and much more
- LiveOverflow - Binary exploitation and CTF’s
- MalwareAnalysisForHedgehogs - Malware analysis
- Open SecurityTraining - Malware analysis, reverse engineering
- 0verfl0w_ - Malware Analysis
- Michael Gillespie - Malware analysis
- Guided Hacking - Malware analysis, binary exploitation, reverse engineering, HackTheBox walkthroughs
Twitch
- Cyber_Insecurity - AMA’s, podcasts, tech talks and the like
Platforms
- HackTheBox - Penetration testing labs
- Vulnhub - Vulnerable Virtual Machines
- HackerOne - Bug Bounty platform
Subreddits
- r/netsec - Please don’t pollute
- r/netsecstudents
- r/blackhat
- r/malware
- r/redteamsec
- r/liveoverflow
- r/hackthebox
Capture The Flag
- CTFTime - Capture The Flag platform
Cheatsheets
- Red Teaming cheatsheets - Cheatsheets useful for: pentesting, OSCP, CTF’s
- Pentestmonkey - Pentest goldmine, cheatsheets, tools and more
- Windows Privesc Guide
- Linux Privesc Guide
- GTFOBins - Curated list of exploitable Linux binaries
- The Hackers Choice Tips & Tricks - Huge collection of useful commands, one-liners and more
Github repositories
- SecLists - Huge collection of wordlists
- Awesome OSCP - OSCP related resources
- DotStackBufferoverflowGood - Windows 32 stack bufferoverflow project by Justin Steven
- Just Another Linux Enumeration Script JALESC - Awesome enumeration script made by Kindredsec
- Impacket - Collection of Python classes for working with network protocols
- PayloadsAllTheThings - List of useful payloads and bypass for Web Application Security and Pentest/CTF
Paid courses
- Practical Ethical Hacking - TheCyberMentor - Udemy course on penetration testing
- Penetration testing with Kali Linux - Offensive Security - The official OSCP certification course
- The Beginner Malware Analysis Course - Beginner/introductory malware analysis course by 0verfl0w_
- Zero 2 Automated - Malware analysis/reverse engineering
Offensive Security Certified Professional (OSCP) Specific
- OSCP Goldmine
- OSCP Like HackTheBox boxes List by TJnull
- Awesome OSCP - OSCP related resources
Books
- allitebooks - Collection of IT related eBooks
- libgen.is - Collection of books, access with a VPN!
- Grey hat hacking 3rd edition
- Hacking - The Art of Exploitation 2nd edition
- Practical Reverse Engineering
- Reversing - Secrets of Reverse Engineering
- The Shellcoders Handbook
- The Web Application Hacker’s Handbook