https://github.com/GoVanguard/Getting-into-InfoSec-and-Cybersecurity

A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.

Getting into Cybersecurity

A concentrated list of Cybersecurity resources to help anyone interested in learning more about cybersecurity. Link to GoVanguard’s full list of tools and resources is located at the bottom of the page.

Cybersecurity: What It Is and Why It Matters

• A Long Day with No Cybersecurity
• What is Cyber Security?
• Internet of Things: The Relationship Between IoT and Security
• Internet of Things: IoT Research Methodology
• Former NSA Hacker Reveals 5 Ways To Protect Yourself Online

Free Online Courses to Get Started

• Professor Messer’s CompTIA N10-007 Network+ Course
• Professor Messer’s SY0-601 CompTIA Security+ Course
• Complete Ethical Hacking Course By HackerSploit Part1 of 126
• Cyber Mentor: Ethical Hacking in 12 Hours - Full Course - Learn to Hack!
• Portswigger WebAcademy
• TryHackMe Introductory Learning Path

Informative Cybersecurity YouTube Channels

• Motasem Hamdan - Hacking guides.
• Loi Liang Yang - Hacking guides.
• Null Byte - Hacking guides and concepts.
• Computerphile - Information security concepts.
• Thenewboston - Programming and hacking guides.
• Hak5 - Hacking tools, guides and concepts.
• Schuyler Towne channel - Lockpicking videos and security talks.
• bosnianbill - lockpicking videos.

Help With Coding

• Batch Tutorials By John Hammond
• Python Tutorials By Corey Schafer
• Online regex tester and debugger: PHP, PCRE, Python, Golang and JavaScript
• Top 10 Ways to Teach Yourself to Code
• Codeacademy
• The Python Tutorial
• Automate the Boring Stuff (Python)

Help With Linux

• Chapter 1. GNU/Linux tutorials
• The Debian Administrator's Handbook
• Kali Linux Revealed
• Parrot OS Doc
• How Linux Works: What every superuser should know
• Linux Administration Bootcamp: Go from beginner to advanced
• Linux Fundamentals Part I
• Linux Fundamentals Part II
• Linux Fundamentals Part III

Web Application Hacking Guides

• OWASP Web Security Testing Guide
• OWASP security knowledge framework
• Awesome Hacking Resources
• Webpage hacking CTF Exercises And Educational Video Guides
• Hacker101 Video Walkthroughs By Master Ward
• Beginner Web Application Hacking (Full Course)

Hacking References and Cheatsheets

• XSS Cheat Sheet
• LFI Cheat Sheet
• Reverse Shell Cheat Sheet
• SQL Injection Cheat Sheet
• Nmap Cheat Sheet
• Pentest Recon And Enu Cheatsheet
• Metasploit Payload Cheatsheet
• Multiple Cheatsheets By Andrewjkerr
• Subnet Cheat Sheet Subnet Cheat Sheet – 24 Subnet Mask, 30, 26, 27, 29, and other IP Address CIDR Network References

Hacking Books

• Violent Python
• The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
• The Hacker Playbook 3: Practical Guide to Penetration Testing

Pentesting References

• Awesome Pentest Guide
• PTES Penetration Testing Execution Technical Guidelines
• SecTools.Org Top Network Security Tools
• Hack Tricks

Hands-on Training and Practice Exercises

• OWASP security knowledge framework - OWASP security knowledge framework labs exercises complete with write-ups.
• Hacker101 CTF - Webapp CTF style exercises.
• XSS Exercises - Webapp Cross-site scripting (XSS) bug hunting exercises.
• Rapid7 Metsploitable - Metasploitable is essentially a penetration testing lab in a box, available as a VMware virtual machine (VMX).
• OWASP WebGoat - WebGoat is an insecure application that allows the testing of vulnerabilities commonly found in Java-based applications that use common and popular open source components.
• Gruyere - Gruyere is a web application that has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution.
• OWASP Damn Vulnerable Web Sockets (DVWS) - Vulnerable web application which works on web sockets for client-server communication.
• OWASP NodeGoat - Includes Node.js web applications for learning the OWASP top 10.
• OWASP SecurityShepard - Web and mobile application security training platform.
• OWASP Juice Shop - JavaScript based intentionally insecure web application.
• CPTE Courseware Kit - Paid Official training kit for CPTE exam.
• OSCP-like Vulnhub VMs - Intentionally vulnerable VMs resembling OSCP.
• Over the Wire: Natas - Web application challenges.
• Hack the Box - Online pentesting labs with Windows VMs.
• Hack This Site - Web application security exercises.
• RopeyTasks - Simple deliberately vulnerable web application.
• Railsgoat - A vulnerable version of Rails that follows the OWASP Top 10.
• TryHackMe

TryHackMe Beginner Paths (Online platform for learning cyber security, using hands-on exercises and labs)

• Web Fundamentals Path
• Complete Beginner Path
• Pre-Security Path

Fun Web-Based Tools to Tinker With

• Free People Finder
• dnstwist- scan for phishing domains
• Lookup Any Device Connected to the Internet
• Public SSL/TLS Certificate Logs
• Website Technology Profiler

Cybersecurity News Websites

• Cybersecurity and Infrastructure Security Agency
• Krebs on Security
• Cyber News
• The Register
• Cyber News
• Dark Reading
• Daniel Messler Monthly Newsletter

Darknet Diaries Hacking Episodes to Pique Your Interest

• Jeremy From Marketing
• No Parking
• Mini-Stories:Vol 1
• The Pizza Problem

Cybersecurity Podcasts

• Darknet Diaries
• Defense in Depth
• CyberHub
• Black Hills InfoSec
• Cybersecurity Heroes

Detailed GoVanguard Cybersecurity Resources

• List of Tools Utilized by GoVanguard for Security Testing
• The Full GoVanguard InfoSec Encyclopedia