Useful Resources

Blogs

• BC Security (PowerShell Empire maintainers)

• Linuxize (Linux blog and tutorials)

• Pentestlab (blog)

• Rasta Mouse (blog)

• Recipe for Root (my friend's blog)

• TJnull OSCP Prep (blog)

Cloud

• Cloud Resume Challenge

• AWS Well-Architected Labs

• AWS Skill Builder

• Azure Citadel (hands-on exercises for Azure/Azure DevOps)

• Microsoft Learn Azure Labs (contains labs removed from MS Learn courses)

• Azure Security Best Practices (videos from Microsoft)

• Azure Well-Architected Framework

• PwnedLabs

Coding, Scripting, WebDev

• GitHub / Git tutorials

• VS Code Getting Started

• HTML Character Reference Chart

• mdn web docs (Mozilla Developer Guides)

• HTML Validator

• Dan's Tools (webdev tools and more)

• CSS Specificity Calculator

• Color Picker

• W3 Schools

• The Odin Project

• codewars

• Under the Wire

• Python Docs

Pentesting & Red Teaming

• Active Directory Pentest Mindmap

• Active Directory Security (go-to resource for AD)

• CloudGoat (AWS Vulnerable Cloud lab)

• GTFOBins (Unix binary abuse)

• GTFOBins - LOLBAS (Windows binary abuse)

• HackTricks

• OWASP Web Security Testing Guide

• PenTest.WS (pentesting toolset)

• PowerView.ps1 Cheat Sheet

• PrivEsc Blog (click menu for Linux, Windows, or Red teaming)

• PrivEsc Mindmap (Linux and Windows)

• PTES (Standard for conducting pentest engagements)

• Red Teaming Experiments (similar to HackTricks)

• WADComs (like GTFOBins for Active Directory)

Security

• Botnet Builder

• CTF Tracker

• Fuzzy Security

• MalwareBazaar (malware samples)

• TCM Security GitHub

Threat & Vulnerability Intel

• CVE

• Microsoft Security Intel

• NVD (NIST National Vulnerability Database)

• Symantec Security Center

• VulnDB

Tools

• ADRecon.ps1 (AD enumeration tool)

• Browser Plugin Security Scanner (DUO Security)

• Converters (Hex > ASCII and more)

• Hash En/Decoder

• MacOS Payload Generator

• OpenDNS

• PayloadsAllTheThings

• PowerShell Empire GitHub

Other

• Awesome List (references for everything)

• CyberChef

• Hash Type Cheat Sheet

• Linux File/Directory Cheat Sheet

• MITRE Engage (Frameworks and Resources)

• Mess with DNS (DNS tutorial)

• Ports & Protocols Cheat Sheet

• Random vulnerable lab generator

• Red Team Infrastructure (IaC lab)

• __Rex Egg (Regex tutorial)

• __Training roadmaps

• TryHackMe

• HackTheBox

• Virtual Hacking Labs

• Pentester Academy

• Offensive Security

• Zero Point Security

• Black Hills Security (Antisyphon)

• Pentesterlab.com

• PortSwigger WebSecurity Academy

• OWASP Juice Shop (GitHub link if you prefer to download)

• Hacksplaining

• Cloud Academy

• ACloudGuru (merging with pluralsight)

• INE

• CBT Nuggets

• Cybrary.IT

• Pluralsight

• eLearnSecurity (available on INE as a subscription)

• Frontend Masters

• Codecademy

• Team Treehouse

• freeCodeCamp

• Fullstackopen

• App Academy

• Microsoft Learn