Interested in learning more about security? Here are some awesome resources to help get you started!
Bug Bounties/Code Auditing
Capture the Flag (CTF)
- CTF Field Guide, a resource guide to all of the categories listed here, to toolkit creation, and to careers in the security field.
- CTF Time, a site which lists upcoming Capture the Flag events, as well as teams and their statistics.
- PicoCTF, a beginner-friendly CTF hosted by Carnegie Mellon CyLab (try CTFs from previous years).
CTF Event Archives
- Cryptopals, a no-knowledge-necessary site with cryptographic challenges, similar to the well-known Euler projects
- Khan Academy’s Cryptography Series, a video-lecture series for beginning cryptography.
- Learn Cryptography, a site to teach you cryptography from the ground up.
- Understanding glibc malloc
- MallocInternals (has tcache stuff)
- Azeria Labs Heap Exploitation, a lab for learning the basics and exploits of ARM Assembly.
- IDA Pro (from one of our Spring 2019 meetings)
- John Hammond, a very beginner-oriented channel with guides and live streamed CTFs.
- LiveOverflow, a slightly less beginner-oriented channel with guides and live streamed CTFs.
- Over The Wire, various types of wargames.
- Bandit: Introduction to the Shell (useful even to those experienced with a Unix shell)
- Leviathan: Introduction
- Krypton: Cryptography
- Narnia: Source code auditing
- Behemoth: Source code auditing
- Utumno: Source code auditing
- Manpages: Source code auditing
- Natas: Web vulnerabilities
- Maze: Debugging/Reversing
- Semtex: Various
- Vortex: Shellcode
- Drifter: Shellcode
- microcorruption, Embedded security using assembly code.
- Smash The Stack
- hackthebox.eu, hack into living machines seeking user & root privileges
- Exploit Exercises