Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/infosec-shinobi/awesome-cybersecurity-practice

A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field.
https://github.com/infosec-shinobi/awesome-cybersecurity-practice

List: awesome-cybersecurity-practice

Last synced: 3 months ago
JSON representation

A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field.

Host: GitHub
URL: https://github.com/infosec-shinobi/awesome-cybersecurity-practice
Owner: infosec-shinobi
Created: 2023-11-11T15:59:38.000Z (12 months ago)
Default Branch: main
Last Pushed: 2023-11-17T04:07:25.000Z (12 months ago)
Last Synced: 2024-05-22T19:01:26.969Z (6 months ago)
Homepage:
Size: 2.93 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

ultimate-awesome - awesome-cybersecurity-practice - A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field. (Other Lists / PowerShell Lists)

README

        # awesome-cybersecurity-practice

A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field. If you need assistance figuring out what to learn next, you can leverage this [mind map](https://roadmap.sh/cyber-security) of cybersecurity topics to pick.

## Holiday Challenges

* [https://tryhackme.com/r/christmas](https://tryhackme.com/r/christmas) - annual cyber challenge

* [https://adventofcode.com/](https://adventofcode.com/) - annual coding challenge

* [Sans Holiday Hack Challenge](https://www.sans.org/mlp/holiday-hack-challenge-2023/)

## Active Directory

* [https://adsecurity.org/](https://adsecurity.org/) - learn all things AD security

* [https://github.com/Orange-Cyberdefense/GOAD](https://github.com/Orange-Cyberdefense/GOAD)

## Blogs

* [https://www.blackhillsinfosec.com/blog/](https://www.blackhillsinfosec.com/blog/)

* [https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/](https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/)

* [https://blog.alexellis.io/](https://blog.alexellis.io/)

* [https://www.darkoperator.com/](https://www.darkoperator.com/)

## Books

* Always check your local library for free resources. A lot of libraries offer access to the Libby app which gets you access to a lot of audiobooks and ebooks. They also often offer access to services like oreilly online and linkedin learning videos

* [https://nostarch.com/](https://nostarch.com/)

* [https://www.oreilly.com/](https://www.oreilly.com/)

* [https://www.humblebundle.com/books](https://www.humblebundle.com/books)

## Certificates

* [https://pauljerimy.com/security-certification-roadmap/](https://pauljerimy.com/security-certification-roadmap/) - Cert roadmap for piking a certificate

* [https://www.isc2.org/landing/1mcc](https://www.isc2.org/landing/1mcc) - Free entry level training and cert from ISC^2

* [https://www.sans.org/](https://www.sans.org/)

## Coding

* [https://www.codewars.com/](https://www.codewars.com/)

* [https://leetcode.com/](https://leetcode.com/)

* [https://exercism.org/](https://exercism.org/)

* [https://automatetheboringstuff.com/](https://automatetheboringstuff.com/)

* [https://code.golf/](https://code.golf/)

## Conferences

* [https://queencitycon.org/](https://queencitycon.org/)

* [https://grrcon.com/](https://grrcon.com/)

* [https://defcon.org/](https://defcon.org/)

* [https://blackhat.com/](https://blackhat.com/)

* [https://www.bsidescolumbus.com/](https://www.bsidescolumbus.com/)

## CTFs

* [https://microcorruption.com](https://microcorruption.com) - Focused on embedded devices

* [https://ctf101.org/](https://ctf101.org/) - site for helping you understand components in a ctf and how one might start to tackle them

* [https://picoctf.com/](https://picoctf.com/) - educational ctf

* [https://ringzer0ctf.com/home](https://ringzer0ctf.com/home)

* [https://parrot-ctfs.com/](https://parrot-ctfs.com/)

* [https://online.pwntilldawn.com/Account/Login?ReturnUrl=%2f](https://online.pwntilldawn.com/Account/Login?ReturnUrl=%2f)

* [https://echoctf.red/](https://echoctf.red/)

* [https://ctftime.org/](https://ctftime.org/)

## General CompSci

* [https://teachyourselfcs.com/](https://teachyourselfcs.com/)

* [https://missing.csail.mit.edu/](https://missing.csail.mit.edu/)

* [https://www.opsschool.org/](https://www.opsschool.org/)

## Hands-on Exercises

### Online General

* [http://overthewire.org/](http://overthewire.org/)

* [https://www.hackthebox.com/](https://www.hackthebox.com/)

* [https://kc7cyber.com/](https://kc7cyber.com/)

* [https://www.academy.attackiq.com/](https://www.academy.attackiq.com/)

* [https://tryhackme.com/](https://tryhackme.com/)

* [https://cyberdefenders.org/blueteam-ctf-challenges/](https://cyberdefenders.org/blueteam-ctf-challenges/)

* [https://attackdefense.com/](https://attackdefense.com/)

* [https://pwn.college/](https://pwn.college/)

* [https://cmdchallenge.com/](https://cmdchallenge.com/)

* [https://blueteamlabs.online/](https://blueteamlabs.online/)

### Cloud

* [https://hackingthe.cloud/](https://hackingthe.cloud/)

#### AWS

* [https://github.com/RhinoSecurityLabs/cloudgoat](https://github.com/RhinoSecurityLabs/cloudgoat) - Deploy vulnerable aws resources

* [https://bigiamchallenge.com/challenge/1](https://bigiamchallenge.com/challenge/1) - AWS IAM Challenges

* [http://flaws.cloud/](http://flaws.cloud/) - Vulnerable aws infra

* [http://flaws2.cloud/](http://flaws2.cloud/) - Vulnerable aws infra

* [https://awssecworkshops.com/workshops/](https://awssecworkshops.com/workshops/)

* [https://workshops.aws/](https://workshops.aws/)

### Containers/K8s

* [https://eksclustergames.com/](https://eksclustergames.com/) - k8s ctf via wiz hosted on aws eks

* [https://killercoda.com/killer-shell-ckad](https://killercoda.com/killer-shell-ckad)

* [https://github.com/kelseyhightower/kubernetes-the-hard-way](https://github.com/kelseyhightower/kubernetes-the-hard-way)

* [https://github.com/madhuakula/kubernetes-goat](https://github.com/madhuakula/kubernetes-goat)

### Infra

* [https://github.com/splunk/attack_range](https://github.com/splunk/attack_range) - Tool for creating local or cloud based vulnerable infra

* [https://www.vulnhub.com/](https://www.vulnhub.com/) - vulnerable vms

## Online Courses

* [https://www.cybrary.it/](https://www.cybrary.it/) - Cyber focused video courses

* [https://samsclass.info/](https://samsclass.info/) - Open sourced college courses

* [https://opensecuritytraining.info/Welcome.html](https://opensecuritytraining.info/Welcome.html) - Open sourced security training

* [https://portswigger.net/web-security](https://portswigger.net/web-security)

* [https://devopswithkubernetes.com/](https://devopswithkubernetes.com/)

* [https://ocw.mit.edu/](https://ocw.mit.edu/)

* [https://www.cybrary.it/](https://www.cybrary.it/)

## Mentoring

* [https://nationalcyberleague.org/](https://nationalcyberleague.org/)

* [https://www.uscyberpatriot.org/](https://www.uscyberpatriot.org/)

* [https://www.nationalccdc.org/](https://www.nationalccdc.org/)

## News

* [https://thehackernews.com/search/label/hacking%20news](https://thehackernews.com/search/label/hacking%20news)

## Newsletters

* [https://cloudseclist.com/](https://cloudseclist.com/)

  * Weekly newsletter focused on all things cloud native. Variety of topics including blue, red, and purple tactics.

* [https://danielmiessler.com/](https://danielmiessler.com/)

  * Weekly 

* [https://tldrsec.com/](https://tldrsec.com/)

  * Weekly newsletter with stories that cover a wide range of thing broken down into categories which makes it easy for skimming... Usually includes a few new tools or tutorials to research and try out.

* [https://www.sans.org/newsletters/newsbites/](https://www.sans.org/newsletters/newsbites/)

  * Sans sponsored newsletter that delivers weekly security news

* [https://www.zetter-zeroday.com/](https://www.zetter-zeroday.com/)

  * For fans of research journalism, Kim uses this platform to publish in progress work

## Subreddits

* [https://www.reddit.com/r/blueteamsec/](https://www.reddit.com/r/blueteamsec/)

* [https://www.reddit.com/r/digitalforensics/](https://www.reddit.com/r/digitalforensics/)

* [https://www.reddit.com/r/AskNetsec/](https://www.reddit.com/r/AskNetsec/)

* [https://www.reddit.com/r/ComputerSecurity/](https://www.reddit.com/r/ComputerSecurity/)

* [https://www.reddit.com/r/cybersecurity/](https://www.reddit.com/r/cybersecurity/)

* [https://www.reddit.com/r/hacking/](https://www.reddit.com/r/hacking/)

* [https://www.reddit.com/r/InfoSecNews/](https://www.reddit.com/r/InfoSecNews/)

* [https://www.reddit.com/r/netsec/](https://www.reddit.com/r/netsec/)

* [https://www.reddit.com/r/securityCTF/](https://www.reddit.com/r/securityCTF/)

* [https://www.reddit.com/r/computerforensics/](https://www.reddit.com/r/computerforensics/)

* [https://www.reddit.com/r/OSINT/](https://www.reddit.com/r/OSINT/)