Resources

A/V Club

• liso’s security feeds
• Risky Business Podcast

Assembly

• Assembly - Skull Security Wiki
• Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration

Books

• Dealers of Lightning
• How Not to Network a Nation
• Masters of Doom
• The Cuckoo’s Egg
• The Friendly Orange Glow
• The Master Switch
• The Victorian Internet
• Where the Wizards Stay Up Late

Bug Bounties

• Bugcrowd
• HackerOne

Cloud

• A Penetration Tester’s Guide to the Azure Cloud
• Cloud IP Ranges
• Head in the Clouds
• Head in the Clouds: Google Compute

Community

• c0wsec

Cryptography

• Crypto 101
• Matasano Crypto Challenges

General Security

• Open Security Training

Getting Started (or Getting Better) in Infosec

• Deep Work and the 30-hour Method
• The Paradox of Choice - Learning new skills in infosec without getting overwhelmed.
• The Process of Mastering a Skill

Git

• CodeAcademy Git Training
• Oh, Shit, Git!
• Common Git Commands and Best Practices
• Git Visualization Tool
• Git Commit Message Best Practices

Hands-On Skills Development

• Bugcrowd University - Skills development for web testing.
• Hack the Box - Great mix of web/network/crypto/etc. CTF
• Offensive Security Certified Professional - The (punishing) gold standard for security testing certifications.
• OverTheWire
• PentesterLab - Mini-courses for mainly web app testing.
• Pentestit - Network penetration testing challenges.
• PortSwigger Academy - AppSec learning from the creators of Burp.
• RingZer0 Team Online CTF
• TryHackMe - Byte-sized gamified lessons with real-world cyber security scenarios

Hands-On Skills Development for High School Students

• Canadian Cyber Defence Challenge
• CyberPatriot
• CyberTitan
• HSCTF
• PicoCTF/CanHack
• PACTF

Interview Questions

• Red Team/Pentest Interview Questions

Malware Analysis

• Malware Unicorn - Reverse Engineering Malware 101
• MalwareTech - Beginner Malware Reversing Challenges
• OA Research
• Open Analysis Live
• Practical Malware Analysis
• The Art of Memory Forensics

OSINT

• Gathering Open-Source Intelligence

Penetration Testing

• Advanced Penetration Testing with Cybrary
• Advanced Penetration Testing
• Penetration Testing with Kali Linux

Personal Security

• The Motherboard Guide To Not Getting Hacked

PowerShell

• Getting Started with Microsoft PowerShell

Python

• Learn Python the Hard Way

Red Teaming

• A Journey Into a Red Team
• Advanced Threat Tactics
• How Do I Prepare to Join a Red Team
• Red Team Infrastructure Wiki
• Red Teaming in the EDR Age
• Threat Gets A Vote: Applying a Threat Based Approach to Security Testing

Reverse Engineering

• Hacking the Xbox - An Introduction to Reverse Engineering - PDF (Free from No Starch)
• Practical Reverse Engineering

Teacher Resources (High School)

• CodeHS Cyber Security
• Hacker High School Lessons
• Netacad Cyber Security Essentials - Keep an eye out for ICTC Educator training sessions
• Bev Facey Cyber Defence Resources and challenges collection

Web Application Hacking

• Burp Suite Essentials
• Don’t Cross Me: Same-Origin Policy and all the Cross Vulns - Great explanation of same-origin policy and the vulns that crush it.
• Google Gruyere: Web Application Exploits and Defenses
• Hack this Site
• OWASP Juice Shop
• OWASP Testing Guide v4 Table of Contents
• PortSwigger Academy - From the people that brought you Burp and WAHH, some top-notch (free) online web security training.
• The Bug Hunter’s Methodology v3
• The Web Application Hacker’s Handbook
• Web Vulnerabilities and the People Who Love Them - Great intro to web vulns :)

Wireless

• hostapd-mana wiki
• PEAP: Pwned Extensible Authentication Protocol
• Practical and Improved MitM with Mana
• W1F1