I recently undertook a 50 day profressional training package designed to train students in Cyberspace Operations. The course was deviced into three modules - a Blue Module, a Red Module and a Combined (Red vs Blue) Module. The course was excellent and presented a wide range of topics within Cyber Security. Throughout the course I looked up additional resources to further my learning and I have decided to compile them on my Github. These learning resources are useful for students who are looking to undertake the course as a form of pre-reading (you are not expected to know everything prior to the course! but a brief overview of the topics will allow you to excel and get more out of it). These learning resources are also useful for students who have completed the course and wish to continue their learning in certain topics and expand the knowledge gained from the course.
Also available are links to the tools used during the course. This will allow students who have completed the course to download the open source tools used and continue their training. The Tools and Learning Resources pages will be actively maintained via my Github. However, for those who cannot access my Github page the learning resources are detailed below (correct as at the date of this post).
Blue Module
Cyber 101
- The OSI Model’s Seven Layers Defined and Functions Explained
- The Layers of the OSI Model Illustrated
- Introduction to Information Security
- Confidentiality, integrity, and availability (CIA triad)
- STRIDE
- A Beginner’s Guide to Cyberwarfare
- What it’s like to run a Russian hacking ring
- Verizon’s 2017 Data Breach Investigations Report
- ABC Four Corners – HACKED!
- ABC Four Corners – Power and Influence
- ACSC Threat Report 2017 - Australian Cyber Security Centre
- ASD Essential Eight Explained
- Have I Been Pwned?
- Central Ops
- Shodan.io
Intrusion Analysis and Detection
- Linux Commands
- Cisco Internetworking Basics
- Basic Internetworking
- Top 5 Network Routing Protocols Explained
- The TCP Handshake
- An overview of the SSL or TLS handshake
- How Does SSL/TLS Work?
- The Cyber Kill Chain
- Deconstructing The Cyber Kill Chain
- Yara Documentation
- Yara User’s Manual v1.6
Wireless Security
- Introduction to Kali Linux
- Wireless Security Protocols: WEP, WPA, and WPA2
- How To Hack WPA/WPA2 Wi-Fi With Kali Linux & Aircrack-ng
- RTL-SDR.com
Reverse Engineering
- x86 Instruction Set Reference
- x86 Assembly Guide
- C Programming Tutorial
- Complete Tour of PE and ELF
- Malware Unicorn’s Reverse Engineering Malware Workshops
- Basic Reverse Engineering with Immunity Debugger
Digital Forensics
- How Computer Forensics Works
- Best of Computer Forensics Tutorials
- File Systems Overview
- Overview of FAT, HPFS, and NTFS File Systems
Cyber Deception
- Honeypots: The sweet spot in network security
- Know your Enemy: Tracking Botnets
- The Honeynet Project
- Best Tools to Perform Steganography
Red Module
Introduction to Penetration Testing
- Penetration Test - Wikipedia
- The Penetration Testing Execution Standard
- Getting Started with Web Application Penetration Testing
- Pen-Test Monkey Cheat Sheets
- Metasploit Unleashed
- Google Dorks/Google Hacking
- SecLists - The Pentesters Companion
Introduction to Python Scripting
Tactical Cyber Techniques
- Windows PowerShell Basics
- PowerShell Owners Manual
- Safer Shellcode Implants
- How to use PowerShell Empire
- Metasploit Unleashed
- How to use MSFVenom
- SSH Port Forwarding/Tunneling
- GNU Privacy Guard
Introduction to Exploit Development
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- X86 Assembly/X86 Architecture
- X86 Assembly/X86 Instructions
- Modern Binary Exploitation
- Buffer Overflows for Dummies - SANS Whitepaper
- Stack Based Overflows: Detect & Exploit
- Windows Exploit Development
- Exploit writing tutorial - Corelan
Red vs Blue - Collective Module
Computer Network Operations
Network Security Operations
- Security Focus
- Ultimate Guide to Installing Security Onion with Snort and Snorby
- Windows AppLocker
- Structured Threat Information eXpression (STIX)
- Trusted Automated eXchange of Indicator Information (TAXII)
- Cyber Observable eXpression (CybOX)
- How STIX, TAXII and CybOX Can Help With Standardizing Threat Information
- Snort Users Manaual
- Packet Life
- Blue Team Training Toolkit
Red vs Blue Activity
- Red team versus blue team: How to run an effective simulation
- Teaching Network Security Through Live Exercises
- Blue Team Defender Guide
- CTF Field Guide
- Splunk
- Splunk Education
Additional Material
General Information Security/Cyber Sites
- Cybrary
- Hackers Handbook
- Null-Byte
- SANS Blogs
- SecurityTube
- OffensiveComputerSecurity
- CS 642: Intro to Computer Security
- Hacksplaining
Cheat Sheets
- Penetration Testing Tools
- NetBIOS Scan
- Reverse Shell
- nmap
- Linux Commands
- Metasploit
- Google Hacking Database
- Netcat
- Wireshark Filters
- Scapy
- tcpdump
- Common Ports
- IPv4 Subnetting
- PowerShell Empire
- PowerSploit
- Security Onion
- Remnux Malware Analysis
- Reverse Engineering
- VIM
- DFIR Linux Shell Survival Guide
- Powershell
- Windows Command Line
YouTube Channels
Vulnerable OS/CTF Challenges
Blogs
Privilege Escalation
- Reach the root
- Basic linux privilege escalation
- Windows Privilege Escalation
- Privilege escalation for Windows and Linux
- Windows Privilege Escalation Fundamentals
- RootHelper
Malware Analysis
Exploits
Online News Sources
Books
- Red Team Field Manual
- Blue Team Field Manual
- The Hacker Playbook 2: Practical Guide To Penetration Testing
- Red Team: How to Succeed By Thinking Like the Enemy
- Automate the Boring Stuff with Python
- Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
- Gray Hat Python: Python Programming for Hackers and Reverse Engineers
- Free Security eBooks from PacktPub
- Free Security eBooks from Hack with Github