Last Updated: 5/22/23
This page contains all the resources I found useful or that look interesting for different topics in security. I’ll update this page periodically as I find new things.
Malware Analysis
Books
- Practical Malware Analysis
- The Art of Memory Forensics
- Practical Binary Analysis
- Malware Analyst’s Cookbook
Practice and/or Courses
- Zero2Automated
- Reverse Engineering 101 by Malware Unicorn
- Reverse Engineering 102 by Malware Unicorn
- Practical Malware Analysis by Sam Bowne (Undergrad Course @ City College of San Francisco)
- Malware Analysis (Graduate Course @ University of Cincinnati)
- Open Security Training 2
- Malware Traffic Analysis
Extras
- [Blog] c3rb3ru5d3d53c/Malware Hell - Malware Analysis for Beginners
- [Blog] c3rb3ru5d3d53c/Malware Hell - Malware Analysis and RE Workflow
- [Blog] [Exploit Reversing] (https://exploitreversing.com/)
- [Tool] REmnux
- [Tool] Cuckoo Sandbox
- [Tool] FLARE VM
- [Tool] CAPEv2
- [Tool] Binary Refinery
- [Tool] Unprotect Project
- [Website] theZoo
- [Website] VirusBay
- [Website] VirusShare
- [Website] MalwareBazaar
- [Website] vx-underground
- [Youtube Channel] OALabs
- [Youtube Channel] c3rb3ru5d3d53c/Malware Hell
Reverse Engineering
Books
Practice and/or Courses
- Reverse Engineering for Beginners Challenges
- Microcorruption
- Pwnable.kr
- Lena’s Reversing for Newbies
- CrackMes
- Begin.re
- Open Security Training 2
- Flare-On CTF
- Z0F’s RE Course on TryHackMe
Extras
- [Blog] Secret Club
- [Blog] Reverse Engineering a Router
- Series of blog posts walking through how to reverse engineer a Huawei HG533 router
- [Youtube] Reverse Engineering with Ghidra
- Playlist of lectures from HackadayU’s course “Reverse Engineering with Ghidra”
- [Blog] Windows Internals
Vulnerability Research/Exploit Development
Books
Practice and/or Courses
- Pwnable.kr
- Pwnable.xyz
- Exploit.Education
- ROP Emporium
- Nightmare Challenges
- HackSysExtremeVulnerableDriver
- pwn.college
- Fuzzing101
- Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities
- Offensive Security and Reverse Engineering Course
Extras
- [Website] ir0nstone BinEXP Notes
- [Website] DayZeroSec: CTFs to Real-World
- [Blog] h0mbre’s blog
- [Blog] Connor McGarr’s blog
- [Blog] chompie’s blog
- [Blog] Project Zero Blog
- [Blog] HN Security - Automating binary vulnerability discovery with Ghidra and Semgrep
- [Video] LiveOverflow’s Sudo Vulnerability Series
- [Video] PinkDraconian’s Pwn Zero to Hero Series
- [Video] CryptoCat’s Intro to Binary Exploitation Series
- [Blog] Alex Plaskett: Demystifying Security Research
- [YouTube Channel] areyou1or0
- [Blog] Survey of Security Mitigations and Architecture
- [Blog] Jack Halon: Chrome Browser Exploitation Series
Hardware Hacking
Books
Practice and/or Courses
- Hardware Hacking Bootcamp (Paid Course) - Haven’t taken this, but looks good.
Extras
- [Blog] Wrongbaud’s Blog
- [YouTube Channel] Flashback Team
- [Video] BusesCanFly - Hardware Hacking for the Masses
- [Reference] Hardware All The Things
Pentesting
Books
Practice and/or Courses
- Sektor7 (Paid Course)
- HackTheBox
- TryHackMe
- Practical Ethical Hacking by Heath Adams (Paid Course)
- Penetration Testing with Kali (PWK/OSCP) (Paid Course)
Extras
Blue Team Stuff
Practice and/or Courses
- CyberDefenders
- SIEM, Threat Hunting, PCAP, Reverse Engineering, Memory Forensics
- Blue Team Labs Online (Free and Paid)
- Incident Response, Digital Forensics, and Threat Hunting.
- Blue Team Level 1
- Security Fundamentals, Phishing Analysis, Threat Intel, Digital Forensics, SIEM, Incident Response
Bug Bounties and Web Stuff
Books
- A Bug Hunter’s Diary
- The Web Application Hacker’s Handbook 2
- Real World Bug Hunting
- Bug Bounty Bootcamp
Practice and/or Courses
- PortSwigger Web Security Academy
- Hacker101
- PentesterLab (Paid subscription)
- BugBountyHunter (Free and Paid)
Extras
- OWASP Web Security Testing Guide
- PayloadsAllTheThings
- HackerOne (Public/Private)
- BugCrowd (Public/Private)
- Synack Red Team (Private)
- Bug Bounty Hunter Methodology v3
- List of Bug Bounty Writeups