Security Resources

Cyber Security Awareness

CISA Cyber Security Awareness Program – The CISA Cybersecurity Awareness Program is a national public awareness effort that increases the understanding of cyber threats and empowers the American public to be safer and more secure online. It encourages Americans to view Internet safety as a shared responsibility–at home, in the workplace, and in our communities.

Security / Risk Frameworks

MITRE ATT&CK – MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge.

Web Security

Open Web Application Security Project (OWASP)

Curated Lists

Awesome Security – A collection of awesome software, libraries, documents, books, resources and cool stuff about security.


Video On Demand

Cybrary – Cybrary is a cybersecurity and IT workforce development platform. Its ecosystem of people, companies, content, and technologies converge to create an ever-growing catalog of online courses and experiential tools that provide IT and cybersecurity learning opportunities to anyone, anywhere, anytime.

Pluralsight – At Pluralsight, we believe everyone should have the opportunity to create progress through technology and develop the skills of tomorrow. With assessments, learning paths and courses authored by industry experts, our platform helps businesses and individuals benchmark expertise across roles, speed up release cycles and build reliable, secure products.

INE – At INE, it is our mission to give IT and digital learning students access to the world’s best resources, allowing them to achieve their training goals. As a result, we have carefully cultivated the industry’s most in-depth course materials focused on Networking, Cloud, Data Science, and Cyber Security training.

PentesterAcademy – Since 2011, we’ve trained thousands of clients in over 130+ countries worldwide, ranging from independent professionals to Fortune 500 companies and law enforcement agencies. We’re proud to have helped our students advance careers, acquire new skills and strengthen their clients’ security infrastructure.

ITPRO.TV – Join a community of IT learners who access 5,800+ hours of IT skills and training courses, and interact with each other and subject matter experts to better themselves, their organizations and their careers.

FedVTE – The Federal Virtual Training Environment (FedVTE) provides free online cybersecurity training to federal, state, local, tribal, and territorial government employees, federal contractors, and US military veterans.

Hands on Labs

Codewars – Codewars is a collective effort by its users. They are creators – authoring kata to teach various techniques, solving kata with solutions that enlighten others, and commenting with constructive feedback. The leaders among them moderate the content and community.

Offensive Security Proving Grounds – Offensive Security Proving Grounds (PG) are a modern network for practicing penetration testing skills on exploitable, real-world vectors.

VulnHub – Goal: To provide materials that allows anyone to gain practical ‘hands-on’ experience in digital security, computer software & network administration.

TryHackMe – TryHackMe is an online platform that teaches cyber security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers, encorporating guides and challenges to cater for different learning styles.

Web Security Academy – The Web Security Academy is a free online training center for web application security. It includes content from PortSwigger’s in-house research team, experienced academics, and our founder Dafydd Stuttard – author of The Web Application Hacker’s Handbook. Unlike a textbook, the Academy is constantly updated. It also includes interactive labs where you can put what you learn to the test. If you want to improve your knowledge of hacking, or you’d like to become a bug bounty hunter or pentester, you’re in the right place.

Hack The Box – Hack The Box is a massive hacking playground, and infosec community of over 886k platform members who learn, hack, play, exchange ideas and methodologies. An online cybersecurity training platform that allows individuals, businesses, universities, and all kinds of organizations all around the world to level up their offensive and defensive security skills through a fully gamified and engaging learning environment.

Pentester Academy Red Team Labs – Red Team Labs are designed to provide a platform for security professionals to understand, analyze and practice threats and attacks against a modern network infrastructure.

Modular Courses

Security Blue Team – Here at Security Blue Team we’re passionate about cybersecurity training. We want to ensure our students learn relevant and useful skills which can immediately be used in the real world. We work with industry experts, including SOC Managers, Senior Security Analysts, Incident Responders, and more to help develop training that is applicable to modern security operation

TCM Security – TCM Security is a veteran-owned cybersecurity company focused on providing top of the line penetration testing, security training, and compliance services.

Hack The Box Academy – HTB Academy is cybersecurity learning the HTB way! An effort to gather everything we have learned over the years, meet our community’s needs and create a “University for Hackers,” where our users can learn step-by-step the cybersecurity theory and get ready for the training playground of HTB, our labs. All the way from guided to exploratory learning, learn how to hack and develop the hacking mindset that will enable you to assess and create secure systems. HTB Academy’s goal is to provide a highly interactive and streamlined learning process to allow users to have fun while learning. Students are presented with material in digestible chunks with examples of commands and their output throughout, not just theory. Target hosts are provided so students can reproduce the materials presented in each section for themselves. There are hands-on exercises that serve as “checkpoints”, and skills assessments to test students’ understanding of the Module content.

Hardware Hacking

HackerBoxes – HackerBoxes deliver interesting and exciting gear for exploring and learning electronics and computer technology.  HackerBox Hackers are electronics hobbyists, makers, hackers, and computer enthusiasts. We are the dreamers of dreams. We connect through social media to create a community of experience, support, and new ideas.

ADABox – Curated Adafruit products, unique collectibles, and exclusive discounts. New editions delivered each season. Make outside the box!

Podcasts, Blogs, Content Creators

YouTube Content Creators*

*Vetted Hacker YouTube Content Creators based on Heath Adams (The Cyber Mentor/ CEO TCM Security) video:

John Hammond –
HackerSploit –
IppSec –
PwnFunction –
Nahamsec –
InsiderPhD –
Conda –
Stefan Rows –
Rana Khalil –
Joe Helle –
cwinfosec –
Farah Hawa –
DC CyberSec –
Infinite Logins –
codingo –
thehackerish –
Hacksplained –
hakluke –