Recommended Learning

Reading Materials

Useful Repositories

• berzerk0/Probable-Wordlists
• swisskyrepo/PayloadsAllTheThings
• carpedm20/awesome-hacking#readme

Online Documentation

• Docker Security Best Practices
• Microsoft Guide to Threat Modeling
• Microsoft Patterns and Practices: Improving Web Application Security: Threats and Countermeasures
• Microsoft Security Engineering: Secure Software Developement Lifecycle
• OWASP Guide to Cryptography
• OWASP Testing Guide V4
• OWASP Threat Modeling Guide

Treeware

• Applied Cryptography: Protocols, Algorithms and Source Code in C 20th Anniversary Edition
• Writing Secure Code, Second Edition (Developer Best Practices)

Pleasurable Reading

• [amazon] Beyond Fear by Bruce Schneier
• [amazon] The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh

Podcasts

• .NET Rocks
• Pauls Security Weekly
• Application Security Weekly
• Fireside with LEI
• Hacked
• Malicious Life
• 2600 - Off the Hook
• 2600 - Off the Wall
• The Social Engineer Podcast
• DevSecOps Podcast
• Down the Security Rabbithole Podcast
• Welcome to Nightvale

Training

Training Sites

• Cybrary
• [pluralsight] Troy Hunts Catalog
• CTF Feild Guide
• Pentesting Labs
• Jim Kurose - Wireshark Labs

Sam Browne

Sam Browne has been a fantastic resource in the community and usually if I am diving into a topic he is one of the first places that I go to look for intro material into the subject. I have had to opportunity now to take two separate classes with him at DEFCON and his contribution to the community and open education is truly something to be in awe of.

• Old Classes Index
• CNIT 126: Malware Analysis
• CNIT 128: Hacking Mobile Devices

Interesting Youtube

• Tess Schrodinger - Cryptography Codes and Secret Writing
• AppSec Village - Youtube
• Modern Problem Solving

Tutorials

• Kontra Labs
• Excess XSS

Chall

These are challenge sites that are designed to sharpen your skills and present you with problems and help you to develop the skills to address those problems.

• WeChall - A Collection of Chall Sites
• Hack the Box
• Hack this Site
• Hack This
• Game of Hacks - Spot the Vuln in Code
• Damn Vulnerable iOS App
• BwApps Vulnerable Web Application
• Hellbound Hackers
• Cydefe CTF
• CTF Listing
• VulnHub - Community Submitted Vulnerable VMs
• Pentest it labs
• MicroCorruption Embedded Security CTF
• OverTheWire CTF
• Smash the Stack Wargames
• Cryptopals