Cyber Security Training (That doesn’t suck)
Cyber Security is a career that involves the practitioner to be in always learning mode. Spend your time and money wisely with these hand picked security resources.
Each of these resources have either been used by one of our team or has been been a recommendation from someone we know.
Cyber Security Training Courses
Many of these courses are costly, especially if you are paying out of your own pocket. The primary advantage of a training course from the big 3 providers (SANS, Offensive-Security, eLearnSecurity) is that you get a lot of learning packed into a minimal amount of time. All have included labs that force you to make sure you understand the content.
Provider | Course | Cert | Focus | Notes |
---|---|---|---|---|
SANS | SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling | GCIH | DFIR Pentest | A gentle introduction to hacker tools and techniques with a focus on Incident Handling. Identify an incident, securely handle forensic evidence and use a structured methodology to work through the incident. Great for people with a technical background but little experience in hacking techniques and cyber security. |
SANS | SEC401: Security Essentials Bootcamp Style | GSEC | Basics | Suitable for anyone wanting to understand cyber security concepts, useful for non-technical backgrounds moving into roles that interact with cyber security professionals. |
SANS | FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics | GCFA | DFIR | Digging deep into digital forensics and evidence collection. Understand the techniques and tools from the operating system to memory analysis and the network layer. |
SANS | SEC560: Network Penetration Testing and Ethical Hacking | GPEN | Pentest | A popular course for those getting started with penetration testing or working in government cyber security roles (good training budgets!). In depth knowledge of tools and techniques - jamming a lot of content into a one week course. Finishes up with a high quality CTF on day 6 to apply the new knowledge. |
SANS | SEC545: Cloud Security Architecture and Operations | Cloud | I have no knowledge of this course but recommend it based on experience with other SANS courses. Having played in the AWS, Azure & GCP sandboxes messing up security is easier than you would expect. Professional cyber security training within cloud environments is going to be huge over the next few years. A focus on keeping these environments secure is going to be essential for any cloud operations team. | |
SANS | SEC503: Intrusion Detection In-Depth | GCIA | DFIR | Solid content from a course that has been around since Intrusion Detection Systems (IDS) were the new kids on the block. Learn to write custom Snort Rules and get an understanding of network traffic analysis. |
SANS | SEC542: Web App Penetration Testing and Ethical Hacking | GWAPT | Web App Pentest | Strong overview of common web application attacks and penetration testing. Get a broad range of knowledge and tools across this rapidly changing discipline. |
SANS | SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking | GXPN | Exploit Dev Pentest | In depth course on more advanced attack techniques than those covered in SEC560. Also has a deep focus on exploit writing from simple to buffer overflows to more advanced chained attacks. |
Offensive Security | PWK: Penetration Testing with Kali | OSCP | Pentest | Popular and well regarded technical penetration testing course. Has a 24 hour exam that is known to really test the students understanding (try harder!). Made by the folks who maintain the Kali Linux Distro. |
Offensive Security | AWAE: Advanced Web Attacks and Exploitation | OSWE | Web App Pentest | Going in depth on the web application side of things this is often taken after completing the OSCP or for those with web application as a focus. |
Offensive Security | AWE: Advanced Windows Exploitation | OSEE | Exploit Dev | Want to write exploits for Windows. Dive into low level windows exploit development with this advanced course. Not recommended for noobs or those without low level programming skills. |
eLearnSecurity | eJPT: eLearnSecurity Junior Penetration Tester | eJPT | Pentest | A solid first step into the world of penetration testing. With a broad range of topics covered and a dedicated lab environment for testing those new skills. |
eLearnSecurity | eCPPT: eLearnSecurity Certified Professional Penetration Tester | eCPPT | Pentest | eLearnSecurity has recently been acquired by INE and the courses have been released in a new version. I have worked through the original penetration testing course and found it to be comprehensive and well presented. It comes in at a much more reasonable price than the equivalent SANS courses. |
PortSwigger | Web Security Academy FREE | Web App Pentest | From the creators of BurpSuite and the Web Application Hackers Handbook this web application security courses covers a lot of ground. Pretty sure this course would be worthwhile simply based on prior works. | |
Active Counter Measures | Threat Hunting Training Course FREE | Threat Hunting | A Free course that comes from an experienced and knowledgeable team. | |
ATT&CK | Using ATT&CK for Cyber Threat Intelligence Training FREE | Threat Hunting | A number of training modules from the ATT&CK team on performing cyber threat intelligence analysis using ATT&CK-mapped data. | |
CoreLan | BOOTCAMP: CoreLan Exploit Development | Exploit Dev | Learn exploit development from the experts. Well regarded and highly technical - if you want to write exploits for modern Windows you should check this one out. | |
Applied Network Defence | Various Blue Team focused Courses | Blue Team | Recommended training on open source tools and techniques for Blue Teams. Short courses on OSQuery, Threat Hunting, ELK, Zeek and Packet Analysis. |
Online Training Labs and Cyber Ranges
Capture the Flag (CTF) events and online Cyber Ranges (labs) are a great way to hone cyber security skills in areas that you may not touch everyday in your work. A well put together CTF should be fun and challenging for a wide range of abilities.
Provider | Name | Cost | Focus | Notes |
---|---|---|---|---|
SANS | Netwars Continuous | Pentest DFIR | Netwars is a highly polished CTF where you can progress through harder and harder challenges finding flags and gaining knowledge. Presented well enough that it feels more like a game than learning! A number of FREE 48 hour challenges have been on offer to the community since the lock downs of 2020. | |
SANS | Holiday Hack | FREE | Pentest DFIR | Another offering from SANS this very popular CTF runs over the Christmas / New Year period and is available for Free. It can be lot of fun and you might even learn a few things. |
HackTheBox | Hack The Box | FREE + | Pentest DFIR | Technical challenges based on a box (virtual machine) where the aim is to gain access and find a flag. Very well regarded and popular. High amount of Free content along with additional challenges for a small subscription. |
Google Gruyere | FREE | Web App | A google hosted web app for testing various vulnerabilities. Has been around for a long time but still covers a good deal of common web bugs. | |
PentesterLab | PentesterLab | Pentest | A challenge based CTF where you work through a number of challenges and earn badges. Some FREE challenges or can get a subscription for monthly or yearly fee. | |
HackerOne | HackerOne CTF | FREE | Web App | A serious of web application testing challenges from the Bug Bounty crew at HackerOne. |
Cyber Security Based Linux Distributions
Whether you are on the job, working in your lab or training, these Linux based Cyber Security distributions will save you time.
Essentially a collection of preinstalled hacking tools. Which one is your proffered choice?
Provider | Name | Notes |
---|---|---|
SANS | Slingshot Linux | A distribution similar in focus to Kali Linux this one has been developed by SANS. Often a pre-requisite for use with the training material in the SANS courses. |
SANS | Kali Linux | Without a doubt, the most well-known penetration testing Linux distribution. The history of this distro can be traced back to Linux hobbyists of ages past (knoppix -> whoppix -> whax -> backtrack -> kali). Developed and maintained by Offensive Security. |
SANS | SIFT Linux | Another distribution maintained by SANS and used in their courses. This one is interesting for those who usually stick to Kali as it contains many different tools due to its focus on DFIR (forensics and incident response). |
NA | Tails Linux | A privacy focused distribution. Its primary goal is sending all the traffic from the virtual machine through the Tor anonymization network. Mozilla and the Tor project have been sponsors in the past. It is supported by various non-profit groups. |
Free Cyber Security Resources
Performing Cyber Security research can seem like an endless rabbit hole of links.
Here are some high quality resources to explore.
Resource | Notes |
---|---|
ippsec Youtube Channel | ippsec makes high-quality walk-through's of Hack The Box challenges. Great to watch not only the solution but his methodology for working through issues. He shows the kind of troubleshooting and breadth of knowledge used by experienced penetration testers. Don't forget ippsec.rocks an index of the videos. |
OWASP Testing Guide | A comprehensive guide to web application testing. Highly detailed and well presented. You can really step through the web application testing process. In addition, there is a great checklist that can be used in conjunction with a web application test. |
C2 Matrix | A matrix of Command and Control software for Red Team Operations and Adversary Training. |
APT Notes | Dig into the techniques of advanced adversaries (APT) and the Incident Response Team that investigate them. Compilation of published reports from hundreds of intrusions. |
CSIRT Training from the Europen Union | Various training on Incident Response both from operational and legal / procedural perspectives. |
Raphael Mudge Presents Red Team Techniques | Various videos on lateral movement and post exploitation operations using Cobalt Strike. These techniques can be applied with other post exploitation tools and frameworks. An interesting insight for those who usually work in the Blue Team space. |
Free Learning from the BugCrowd Team | Presentation's and tutorials on various web application and bug bounty focused testing. |
Bug Bounty Writeups from HackerOne | Bug Bounty write ups are an underrated resource when it comes to learning. Step through the process of someone who found a vulnerability and scored a bounty. Great for understanding complicated chained vulnerabilities. |
HackTricks | An excellent compilation of hacking tricks and tips from recon to exploitation and lateral movement. Highly recommended. Similar to the popular Red Team Field Manual (RTFM), Blue Team Field Manual (BTFM), Purple Team Field Manual (PTFM), and the Operator Handbook hard copy books. |
DetectionLab | Build a configured Cyber Security Training Lab with a few commands. Uses Vagrant to deploy a Windows 2016 Active Directory, Windows 10, and Linux host. Splunk, OSquery, Windows Event Forwarding and Velociraptor are all configured. It is crazy good! No need to hunt down iso's and spend days getting everything up and running. The number 1 reason to learn a bit of Vagrant. |
Open Source Security Tools for Blue Teams | Our own hand picked list of 20 Open Source Tools for Blue Teams. Powerful tools for defenders of networks and systems. |
Awesome Lists are Awesome! Here is selection of the best I have found in the Cyber |
|
Keep Learning
Have a training recommendation, resource or a comment? Get in Contact
The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.
Gene Spafford