Oregon State University Security Club

Interested in learning more about security? Here are some awesome resources to help get you started!

If you know of a site that isn’t on this list, please contact us via our web form or on Discord.


Bug Bounties/Code Auditing

Capture the Flag (CTF)

  • CTF Field Guide, a resource guide to all of the categories listed here, to toolkit creation, and to careers in the security field.
  • CTF Time, a site which lists upcoming Capture the Flag events, as well as teams and their statistics.
  • PicoCTF, a beginner-friendly CTF hosted by Carnegie Mellon CyLab (try CTFs from previous years).

CTF Event Archives


Heap Exploitation


  • IDA Pro (from one of our Spring 2019 meetings)

YouTube Channels

  • John Hammond, a very beginner-oriented channel with guides and live streamed CTFs.
  • LiveOverflow, a slightly less beginner-oriented channel with guides and live streamed CTFs.


  • Over The Wire, various types of wargames.
    • Bandit:  Introduction to the Shell (useful even to those experienced with a Unix shell)
    • Leviathan:  Introduction
    • Krypton:  Cryptography
    • Narnia:  Source code auditing
    • Behemoth:  Source code auditing
    • Utumno:  Source code auditing
    • Manpages:  Source code auditing
    • Natas:  Web vulnerabilities
    • Maze:  Debugging/Reversing
    • Semtex:  Various
    • Vortex:  Shellcode
    • Drifter:  Shellcode
  • microcorruption, Embedded security using assembly code.
  • Smash The Stack
  •, hack into living machines seeking user & root privileges