Information Security Cheat Sheet


This is a recollection of links and resources I have found / been told about over the years. I developed this post in the hope to map out good resources in the indurstry, facilitating the spread of knowledge, no matter the skill level.

If any errors are spotted, or any links need adding / updating / removing. Please contact me via Twitter @SecGus (https://twitter.com/SecGus).

Personal Contributions


CTF Pages


The King Of CTF Pages-https://ctftime.org/
247CTF -https://247ctf.com
HackTheBox -https://hackthebox.eu/
RootMe -https://root-me.org/
0x0539 -https://0x0539.net/
Laptop Hacking Coffee -https://ctf.laptophackingcoffee.org/
pwnable tw -http://pwnable.tw/(Only BinExp)
pwnable kr -http://pwnable.kr/(Only BinExp)
PicoCTF -https://picoctf.com/(Beginner friendly)
reversing kr -http://reversing.kr/
The Stereotyped Challenges -https://chall.stypr.com/
SDSLabs CTF -https://backdoor.sdslabs.co/

Payload Cheat Sheets


PayloadsAllTheThings -https://github.com/swisskyrepo/PayloadsAllTheThings
BurpSuite XSS Cheat Sheet -https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

OSCP Preparation


Sam’s Review / Guide -https://coffeejunkie.me/OSCP-Exam-Overview/
R4J Buffer Overflow -https://github.com/r4j0x00/oscp-like-stack-buffer-overflow
Computerphile BoF Explanation -https://www.youtube.com/watch?v=1S0aBV-Waeo
g0tm1lk Linux Priv Esc Cheat Sheet -https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
Windows Priv Esc -https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Windows Priv Esc (built around OSCP) -https://sushant747.gitbooks.io/total-oscp-guide/privilege_escalation_windows.html

SAST Practice Pages


Secure Code Warrior -https://securecodewarrior.com/
ExploitDB (May require imagination) -https://www.exploit-db.com/

All Around Practical Learning (non-competitive)


OWASP Juice Shop -https://owasp.org/www-project-juice-shop/
Pentester Labs -https://pentesterlab.com/
OverTheWire -https://overthewire.org/(Beginner friendly)
Pentester Academy -https://www.pentesteracademy.com/
PortSwigger Labs -https://portswigger.net/web-security
OverTheWire -http://www.overthewire.org/
CTFLearn -http://ctflearn.com/
VulnHub -http://vulnhub.com/
Hacker101 -https://www.hacker101.com/
OSINTme -https://osintme.com/

All Around Theory Learning (non-competitive)


OWASP -https://owasp.org/
BurpSuite Research -https://portswigger.net/research
HumbleBundle Cyber Security Books -https://www.humblebundle.com/books/cybersecurity-2020-wiley-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_4
Free SANS courses for the fundamentals -https://www.cyberaces.org/courses.html

Relevant Blogs / Podcasts


Security Weekly -https://securityweekly.com/category-shows/application-security-weekly/
Darknet Diaries -https://darknetdiaries.com/
TheManyHatsClub -https://themanyhats.club/
0x00Sec (Community Blog) -https://0x00sec.org/
Secret Club -https://secret.club/
g0tm1lk -https://blog.g0tmi1k.com/
Cybering -https://cybering.cc/

Twitch Hacking Channels (English)


TheBlindHacker -https://www.twitch.tv/theblindhacker
GeoHotz -https://www.twitch.tv/georgehotz
LiveOverflow -https://www.twitch.tv/LiveOverflow

Twitch Hacking Channels (Spanish)


S4vitar -https://www.twitch.tv/s4vitaar

Youtube Channels Pentesting (English)


HackerSploit -https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q
IppSec -https://youtube.com/ippsec
TheCyberMentor -https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw
LiveOverflow -https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
Computerphile -https://www.youtube.com/user/Computerphile

Youtube Channels Pentesting (Spanish)


Victor Garcia -https://www.youtube.com/channel/UCjNHFaBm_0-Mo749MB3A9cQ
S4vitar -https://www.youtube.com/channel/UCNHWpNqiM8yOQcHXtsluD7Q
Julio Ureña -https://www.youtube.com/channel/UC2o1vzpUIvgf0VMJIMKZ_rQ

Relevant Discord Servers and Communities


TheManyHatsClub -https://discord.gg/infosec
ThugCrowd -https://thugcrowd.com/
LaptopHackingCoffee -https://laptophackingcoffee.org/doku.php?id=start
HackTheBox -https://discord.gg/hRXnCFA
0x00Sec -https://discord.gg/PHM9Wak(https://0x00sec.org)
John Hammond Discord -https://discord.gg/Kgtnfw4
ReSwitched -https://discordapp.com/invite/ZdqEhed
ur-hackr -https://ur-hackr.com/

Companies Offering Certificate


ELearnSecurity -https://elearnsecurity.com/
Pentester Academy -https://www.pentesteracademy.com/
Offensive Security -https://www.offensive-security.com/
HackTheBox -https://hackthebox.eu/

Other Relevant Links


The Cybrary -https://www.cybrary.it/
CyberFirst -https://www.ncsc.gov.uk/cyberfirst/
Mind Map Everything -https://www.amanhardikar.com/mindmaps.html
Events around London -https://medium.com/@securestep9/cybersecurity-infosec-appsec-meetups-events-in-london-3688c4a42ea6
Razvi’s List of Hacking Sites -https://razvioverflow.github.io/starthacking
Peerlyst -https://www.peerlyst.com/
CTFs for beginners -https://twitter.com/JenF3rr_/status/1208577793359003648
HackerOne Bugbounty page -https://hackerone.com/
Using Twitter for InfoSec -https://dev.to/vickilanger/that-s-it-that-s-the-tweet-send-3e0h
CVE feed from the mitre -https://cve.mitre.org/

#ref.https://hackmd.io/@Chivato/SkKfAjuV8

+ Recent posts