Are you so in love with cybersecurity and CTFs that you want to increase your skills outside of class? Here's a list of resources that you can access to learn on your own! If there are others that you're aware of, let us know in the Slack workspace, and we'll add it here!
- CTFtime
- This resource is first because it's the most important - this webpage has an extensive list of virtual CTFs happening all around the world. This is where we determine which CTF to participate in each month. If you would like to try one on your own or at your own time, you can find one here! Each CTF is different, and some are more difficult than others.
- TryHackMe
- Try Hack Me contains challenges and online walkthroughs of all topics that you can practice your hacking skills on. 11/10 would recommend spending time here regularly.
- Hack.me
- This is another resource with on-demand CTF challenges that focus a lot on web exploitation.
- RingZer0 CTF
- This contains on-demand CTF challenges that you can do, but beware because they're tough!
- HackTheBox
- Similar to Try Hack Me, Hack the Box has several different boxes where you can challenge yourself and learn new skills.
- OverTheWire.org Wargames
- This contains a list of a dozen different cyber wargames you can play to learn skills. Bandit is the first and easiest, and is intended for those who are interested in cybersecurity but haven't used a Linux environment before. Natas is web exploitation-focused. They range in difficulty, and you can only move on to the next level after completing the first one.
- CryptoHack
- On-demand CTF challenges focusing on cryptography.
- CTFlearn
- On-demand CTF challenges perfect for beginners. You can choose from a variety of categories and difficulties, and remember, always look in the comments!
- RedTiger
- A branch of OverTheWire, RedTiger has 10 levels focused specifically on SQL injection in a PHP environment
- CTF Github Repo of Tools
- This is a GitHub repo put together by someone else that contains another extensive list of tools that can aid in CTF and cybersecurity challenges - like, extensive...
- Steganography Cheatsheet
- On a steg challenge and you're stuck? This provides a few unique methods to attack steganography problems that may help you.
- BurpSuite
- Burpsuite is one of the best tools for solving Web-focused challenges in CTF's.
- Default Credentials
- This contains a very comprehensive list of default credentials for almost everything out there.
- XSS Filter Evasion Cheat-sheet
- This contains a list of various methods to bypass XSS filters.
- CTF 101
- This provides an overview of a lot of CTF concepts, methods, and challenges that you'll come across or need doing these competitions.
- INE Pentesting Student Course
- This is one of my favorite online resources. Put on by eLearningSecurity, this is a completely free course all about pentesting that covers many of the topics we will be covering, and it prepares you to take the eJPT (eJunior Pentesting) certification afterwards.
- List of Common Ciphers
- This is a list of ciphers commonly used in the world, so if you come across a cryptography challenge that you're unfamiliar with, feel free to peruse this list and see if it's one of these!
- SQL Injection
- This is an amazing resource that PortSwigger (who made Burp Suite) put out about different types of SQL injection and how they work.
- Pentest Wiki
- Interested in learning some pentesting skills? This wiki has a bunch of great resources to get you started on the Pentesting process.
- Password Manager study
- This isn't really CTF-related, but I love it! This is a study done on Password Managers where they compared and contrasted different Password Managers and can help you determine which ones are best.
- Cybersecurity TEDtalks
- This is a link to 12 cybersecurity-focused TED talks that you can watch whenever you'd like.
- Cybersecurity Career Descriptions
- Only vaguely related to CTFs, this link is an excellent source for learning about the similarities and differences in cybersecurity careers.
- SANS CISO Mindmap
- This resource, provided by SANS, provides a visual of what a CISO needs to keep in mind, and also the major functions of a Security Operations Center (SOC).
- Docker Curriculm
- This is a great introduction into Docker.
- Github Student Developer Pack
- This is a great resource that is accessible through your .edu account.