In the dynamic and ever-evolving world of cybersecurity, continuous learning is not just an option; it's a necessity. As you embark on this exciting journey through our Cybersecurity Program, we understand the importance of supplementing your studies with a variety of external resources. This guide is meticulously crafted to be your compass in navigating the vast ocean of knowledge in the cybersecurity domain.
SQL Tutorial
SQL Tutorial
The website "SQLZoo" (sqlzoo.net) is an online tutorial platform focused on teaching SQL, the Structured Query Language used for managing and manipulating databases. The website's main feature is its comprehensive SQL Tutorial, designed to guide users through learning SQL step by step.
TryHackMe Resources
TryHackMe Resources
Tryhackme is a fantastic and CyberSec industry recognized platform that will challenge you to use your resourcefulness and research skills to solve the problems presented to you. Depending on your learning preferences there are many resources out there to use to walkthrough rooms
Explain Shell
Your best friend to make Linux Manual pages more readable and understand why commands are being entered.
Youtube Channels - THM Walkthroughs
Explore Top YouTube Channels: Check out these highly recommended YouTube channels for excellent TryHackMe walkthroughs. These creators offer clear, detailed explanations and step-by-step guides to help you master various challenges on TryHackMe.
Tools (Web)
Tools (Web)
In the world of cybersecurity and development, the following tools can significantly streamline tasks and improve efficiency.
Revshells: A powerful tool that generates customizable commands to open ports and force communication with a target machine. It’s particularly useful for tasks like exploiting vulnerabilities (e.g., CVE-HTB-2023-40582), enabling users to create effective reverse shells through preset configurations.
CyberChef: Known as the "Swiss Army knife" for cybersecurity tasks, CyberChef offers an all-in-one platform for functions like encryption, hashing, encoding, and more. It’s particularly popular for quickly solving complex problems that would typically require multiple separate tools, making it invaluable for cybersecurity practitioners.
CrackStation: A dedicated hash-cracking tool that allows users to quickly crack password hashes. While CyberChef offers similar functionality, CrackStation is a more direct solution for hash cracking, especially when speed is a priority.
CodersTool: A versatile toolset that includes features like an SQL Query Visualizer and Syntax Checker. Though not cybersecurity-focused, it provides practical utilities for developers working with databases and SQL queries, making it a useful tool for programming tasks.
User Preference AI: AI services like Grok, Gemini, and OpenAI are great for providing quick programming clarifications and assistance. However, over-reliance on these tools can hinder learning, so it’s important to use them as aids, not crutches, in developing problem-solving skills.
Applications
Applications
Markdown Formatting: Obsidian is a powerful note-taking and knowledge management tool designed to help users organize and connect their thoughts. It uses a markdown-based system, allowing you to create and link notes in a networked format, which helps visualize relationships between ideas. With its flexible structure, Obsidian is popular among writers, researchers, and anyone who needs to manage complex information. The tool is highly customizable, offering plugins and themes to enhance functionality, and works entirely offline, ensuring privacy and control over your data. It Is completely modular for the purpose of taking notes, and it's freemium. It allows easy publishing/importing of notes into places like Github that also support markdown.
Virtual Machines: Virtual Box & VM Ware are two other popular options for hosting virtual machines. They are most well known with their own pros and cons. Generally, most cybersecurity acolytes will have to use or host a vm on their own dedicated hardware at some point to complete a task or capture a flag down the line.
Training Grounds & Pentesting Sites
Training Grounds & Pentesting Sites
If you're looking to enhance your skills in cybersecurity and penetration testing, there are several excellent online platforms that offer comprehensive training and certification programs. These websites provide a range of courses, from beginner to advanced levels, covering topics such as ethical hacking, threat analysis, network security, and more. Whether you're just starting out or looking to specialize in penetration testing, these resources can help you develop the expertise needed to succeed in the field.
TryCyber: It's a good SoC training simulations. Very forgiving with newbies, would still recommend to not use any of the automated assistance for competency testing. Helps ease anxiety with expectations on the job while being free.
Federal Virtual Training Environment. Free of charge (besides registration) education from the federal govt. with some stipulation depending on your profession or other criteria as a citizen with provided courses.
bWAPP: It's a site posing as a buggy web application, with it being susceptible to over 100 web vulnerabilities. It's a cool little punching bag for users to test out them.
Hack The Box: It's a very well known flag/box site for portfolio work and certifications. Offers real challenges as well as some unique upskilling coursework. Not Free, has a trial. Unfortunately, CVE related flags are not available on lower subscription tiers. Not recommended for beginners
OffSec: It's a well known site as well with certifications, very expensive too. Cool thing is that you can have a play account that has 3 hours worth of free time that gets reloaded daily. Unfortunately, you have a limited selection with just a play-tier account and no access to web-based vm machines, and assumes you're able to connect with the flags via your own vpn/vm machine for many of the flags. Not recommended for beginners, maybe only intermediate and up.
Codecademy: There’s plenty of sites like this, but I find CA’s approach to language learning better than most and that they have actually good projects that require the user to think through and utilize their knowledge of the lessons. It’s hard to find good guided programming projects that don’t explicitly hold your hand like in the real world.
General Resources
General Resources
Start here to explore various resources that will enhance your general knowledge in cybersecurity and help you navigate challenges more effectively.
Youtube Channels
Title | Descriptions |
Covers cybersecurity news, tutorials, and general tech knowledge | |
Known for in-depth TryHackMe and HackTheBox walkthroughs | |
Offers networking and cybersecurity tutorials. | |
Provides hands-on hacking tutorials and cybersecurity training | |
Focuses on white-hat hacking tutorials and tips | |
Covers networking, cybersecurity, and general IT topics |
PentesterLab Bootcamp
A great starting point for practical, hands-on penetration testing training. The bootcamp guides you through the basics to more advanced topics in a structured manner.
Intro Program Lessons
Ideal for beginners looking to learn programming fundamentals. Offers interactive lessons in various programming languages.
Python
Web Security Fundamentals
Learn the essentials of web security with interactive labs and exercises. Perfect for those looking to understand the core principles of securing web applications.