- include references to commonly used tools (e.g.
john,hashcat,tsharketc just so beginners know where to start)
General bash/intro:
- OverTheWire Wargames
- SmashTheStack
- CodeAcademy: command line
- Learn to Hack
- Open-source cybersecurity learning
- Embedded Security CTF
Crypto:
Web Exploits:
Reversing:
- Lena tutorials for reversing
- Reverse Engineering for Beginners (free ebook)
- BiW reversing - Tutorials
- BiW reversing - Crackmes
- OpenRCE - Articles
Libraries (the info depot kind):
- VX Heaven virus library
- PLASMA hardware identification library
- Sandpile x86 processor information
- Open-source hardware IP cores
- FPGA CPUs and MISCs
There are a lot of powerful, free tools online which you can easily use instead of having to download or learn software packages. Really helpful if you're rushed for time and can't go looking around for the best software to install or how to use it.
- SSL/cert checker (for use in open-source google-fu challenges). Parts of this website will also show the
opensslcommands used so you can learn what's happening - Another ssl checker. Much deeper than the previous one (notable benefit: shows the size of the cert chain)
- Retargetable Decompiler: a powerful decompiler and disassembler for executables. Works quite well (files under 10MB) and can show disassembled executable as code or branch diagrams
- ODA - the online disassembler: a binary disassembler that is a good resource for reversing on the go
- Keep in mind Kali Linux has a few wordlists included at
/usr/share/wordlists/ - Good repos for more wordlists
- Cracked password hashdumps
- Vulnerable virtual machines that give you a hands on approach to learning digital security. Similar to actual competitions with the added benefit that you can do them at your own leisure.