Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/infosec-shinobi/awesome-cybersecurity-practice
A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field.
https://github.com/infosec-shinobi/awesome-cybersecurity-practice
List: awesome-cybersecurity-practice
Last synced: 16 days ago
JSON representation
A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field.
- Host: GitHub
- URL: https://github.com/infosec-shinobi/awesome-cybersecurity-practice
- Owner: infosec-shinobi
- Created: 2023-11-11T15:59:38.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2023-11-17T04:07:25.000Z (about 1 year ago)
- Last Synced: 2024-05-22T19:01:26.969Z (7 months ago)
- Homepage:
- Size: 2.93 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- ultimate-awesome - awesome-cybersecurity-practice - A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field. (Other Lists / PowerShell Lists)
README
# awesome-cybersecurity-practice
A curated list of resources that can be leveraged to enhance and/or keep your skill set up in the cybersecurity field. If you need assistance figuring out what to learn next, you can leverage this [mind map](https://roadmap.sh/cyber-security) of cybersecurity topics to pick.
## Holiday Challenges
* [https://tryhackme.com/r/christmas](https://tryhackme.com/r/christmas) - annual cyber challenge
* [https://adventofcode.com/](https://adventofcode.com/) - annual coding challenge
* [Sans Holiday Hack Challenge](https://www.sans.org/mlp/holiday-hack-challenge-2023/)## Active Directory
* [https://adsecurity.org/](https://adsecurity.org/) - learn all things AD security
* [https://github.com/Orange-Cyberdefense/GOAD](https://github.com/Orange-Cyberdefense/GOAD)## Blogs
* [https://www.blackhillsinfosec.com/blog/](https://www.blackhillsinfosec.com/blog/)
* [https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/](https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/)
* [https://blog.alexellis.io/](https://blog.alexellis.io/)
* [https://www.darkoperator.com/](https://www.darkoperator.com/)## Books
* Always check your local library for free resources. A lot of libraries offer access to the Libby app which gets you access to a lot of audiobooks and ebooks. They also often offer access to services like oreilly online and linkedin learning videos
* [https://nostarch.com/](https://nostarch.com/)
* [https://www.oreilly.com/](https://www.oreilly.com/)
* [https://www.humblebundle.com/books](https://www.humblebundle.com/books)## Certificates
* [https://pauljerimy.com/security-certification-roadmap/](https://pauljerimy.com/security-certification-roadmap/) - Cert roadmap for piking a certificate
* [https://www.isc2.org/landing/1mcc](https://www.isc2.org/landing/1mcc) - Free entry level training and cert from ISC^2
* [https://www.sans.org/](https://www.sans.org/)## Coding
* [https://www.codewars.com/](https://www.codewars.com/)
* [https://leetcode.com/](https://leetcode.com/)
* [https://exercism.org/](https://exercism.org/)
* [https://automatetheboringstuff.com/](https://automatetheboringstuff.com/)
* [https://code.golf/](https://code.golf/)## Conferences
* [https://queencitycon.org/](https://queencitycon.org/)
* [https://grrcon.com/](https://grrcon.com/)
* [https://defcon.org/](https://defcon.org/)
* [https://blackhat.com/](https://blackhat.com/)
* [https://www.bsidescolumbus.com/](https://www.bsidescolumbus.com/)## CTFs
* [https://microcorruption.com](https://microcorruption.com) - Focused on embedded devices
* [https://ctf101.org/](https://ctf101.org/) - site for helping you understand components in a ctf and how one might start to tackle them
* [https://picoctf.com/](https://picoctf.com/) - educational ctf
* [https://ringzer0ctf.com/home](https://ringzer0ctf.com/home)
* [https://parrot-ctfs.com/](https://parrot-ctfs.com/)
* [https://online.pwntilldawn.com/Account/Login?ReturnUrl=%2f](https://online.pwntilldawn.com/Account/Login?ReturnUrl=%2f)
* [https://echoctf.red/](https://echoctf.red/)
* [https://ctftime.org/](https://ctftime.org/)## General CompSci
* [https://teachyourselfcs.com/](https://teachyourselfcs.com/)
* [https://missing.csail.mit.edu/](https://missing.csail.mit.edu/)
* [https://www.opsschool.org/](https://www.opsschool.org/)## Hands-on Exercises
### Online General
* [http://overthewire.org/](http://overthewire.org/)
* [https://www.hackthebox.com/](https://www.hackthebox.com/)
* [https://kc7cyber.com/](https://kc7cyber.com/)
* [https://www.academy.attackiq.com/](https://www.academy.attackiq.com/)
* [https://tryhackme.com/](https://tryhackme.com/)
* [https://cyberdefenders.org/blueteam-ctf-challenges/](https://cyberdefenders.org/blueteam-ctf-challenges/)
* [https://attackdefense.com/](https://attackdefense.com/)
* [https://pwn.college/](https://pwn.college/)
* [https://cmdchallenge.com/](https://cmdchallenge.com/)
* [https://blueteamlabs.online/](https://blueteamlabs.online/)### Cloud
* [https://hackingthe.cloud/](https://hackingthe.cloud/)
#### AWS
* [https://github.com/RhinoSecurityLabs/cloudgoat](https://github.com/RhinoSecurityLabs/cloudgoat) - Deploy vulnerable aws resources
* [https://bigiamchallenge.com/challenge/1](https://bigiamchallenge.com/challenge/1) - AWS IAM Challenges
* [http://flaws.cloud/](http://flaws.cloud/) - Vulnerable aws infra
* [http://flaws2.cloud/](http://flaws2.cloud/) - Vulnerable aws infra
* [https://awssecworkshops.com/workshops/](https://awssecworkshops.com/workshops/)
* [https://workshops.aws/](https://workshops.aws/)### Containers/K8s
* [https://eksclustergames.com/](https://eksclustergames.com/) - k8s ctf via wiz hosted on aws eks
* [https://killercoda.com/killer-shell-ckad](https://killercoda.com/killer-shell-ckad)
* [https://github.com/kelseyhightower/kubernetes-the-hard-way](https://github.com/kelseyhightower/kubernetes-the-hard-way)
* [https://github.com/madhuakula/kubernetes-goat](https://github.com/madhuakula/kubernetes-goat)### Infra
* [https://github.com/splunk/attack_range](https://github.com/splunk/attack_range) - Tool for creating local or cloud based vulnerable infra
* [https://www.vulnhub.com/](https://www.vulnhub.com/) - vulnerable vms## Online Courses
* [https://www.cybrary.it/](https://www.cybrary.it/) - Cyber focused video courses
* [https://samsclass.info/](https://samsclass.info/) - Open sourced college courses
* [https://opensecuritytraining.info/Welcome.html](https://opensecuritytraining.info/Welcome.html) - Open sourced security training
* [https://portswigger.net/web-security](https://portswigger.net/web-security)
* [https://devopswithkubernetes.com/](https://devopswithkubernetes.com/)
* [https://ocw.mit.edu/](https://ocw.mit.edu/)
* [https://www.cybrary.it/](https://www.cybrary.it/)## Mentoring
* [https://nationalcyberleague.org/](https://nationalcyberleague.org/)
* [https://www.uscyberpatriot.org/](https://www.uscyberpatriot.org/)
* [https://www.nationalccdc.org/](https://www.nationalccdc.org/)## News
* [https://thehackernews.com/search/label/hacking%20news](https://thehackernews.com/search/label/hacking%20news)
## Newsletters
* [https://cloudseclist.com/](https://cloudseclist.com/)
* Weekly newsletter focused on all things cloud native. Variety of topics including blue, red, and purple tactics.
* [https://danielmiessler.com/](https://danielmiessler.com/)
* Weekly
* [https://tldrsec.com/](https://tldrsec.com/)
* Weekly newsletter with stories that cover a wide range of thing broken down into categories which makes it easy for skimming... Usually includes a few new tools or tutorials to research and try out.
* [https://www.sans.org/newsletters/newsbites/](https://www.sans.org/newsletters/newsbites/)
* Sans sponsored newsletter that delivers weekly security news
* [https://www.zetter-zeroday.com/](https://www.zetter-zeroday.com/)
* For fans of research journalism, Kim uses this platform to publish in progress work## Subreddits
* [https://www.reddit.com/r/blueteamsec/](https://www.reddit.com/r/blueteamsec/)
* [https://www.reddit.com/r/digitalforensics/](https://www.reddit.com/r/digitalforensics/)
* [https://www.reddit.com/r/AskNetsec/](https://www.reddit.com/r/AskNetsec/)
* [https://www.reddit.com/r/ComputerSecurity/](https://www.reddit.com/r/ComputerSecurity/)
* [https://www.reddit.com/r/cybersecurity/](https://www.reddit.com/r/cybersecurity/)
* [https://www.reddit.com/r/hacking/](https://www.reddit.com/r/hacking/)
* [https://www.reddit.com/r/InfoSecNews/](https://www.reddit.com/r/InfoSecNews/)
* [https://www.reddit.com/r/netsec/](https://www.reddit.com/r/netsec/)
* [https://www.reddit.com/r/securityCTF/](https://www.reddit.com/r/securityCTF/)
* [https://www.reddit.com/r/computerforensics/](https://www.reddit.com/r/computerforensics/)
* [https://www.reddit.com/r/OSINT/](https://www.reddit.com/r/OSINT/)