Clone of https://github.com/rmusser01/Infosec_Reference .
For those who would prefer to not be tracked by MS.
blueteamexfiltrationforensicshackinghacking-simulatorinformation-securityinfosecinfosec-referencelinuxmitre-attack-dbosxpenetration-testingpentestingprivilege-escalationred-teamreferencesreverse-engineeringwindows
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 KiB
14 KiB
Classes & Training
Table of Contents
- General Security Classes
- General Sources/Repositories of Classes
- Incident Response and Forensics Training
- Penetration Testing Training
- Programming Classes/Training
- Reverse Engineering Classes/Training
- Exploitation Development Training
- UEFI/BIOS Training
- Web Security Focused Training
- Wireless
- Resources for instructors/Trainers
https://maxkersten.nl/binary-analysis-course/
Classes & Training
- HEADS UP
- These classes are all focused on computer/information security. If you're looking for online courses to learn material other than the mentioned, check out "coursera.com", Standford's online classes or MIT's online courses.
- Coursera
- MIT OpenCourseware
- Standford
- Udemy
- General Sources/Repository of Classes
- Hackr.io
- Share and discover the best programming tutorials and courses online.
- Open Security Training
- Class Central
- Search engine for MooCs
- Hackr.io
- General Classes
- Learning How to Learn
- Free Coursera Course
- About this course: This course gives you easy access to the invaluable learning techniques used by experts in art, music, literature, math, science, sports, and many other disciplines. We’ll learn about the how the brain uses two very different learning modes and how it encapsulates (“chunks”) information. We’ll also cover illusions of learning, memory techniques, dealing with procrastination, and best practices shown by research to be most effective in helping you master tough subjects.
- ENISA CERT Exercises and Training
- ENISA CERT Exercises and training material was introduced in 2008, in 2012 and 2013 it was complemented with new exercise scenarios containing essential material for success in the CERT community and in the field of information security. In this page you will find the ENISA CERT Exercise material, containing Handbook for teachers, Toolset for students and Virtual Image to support hands on training sessions.
- SEEDLabs
- People learn from mistakes. In security education, we study mistakes that lead to software vulnerabilities. Studying mistakes from the past not only help students understand why systems are vulnerable, why a "seemly-benign" mistake can turn into a disaster, and why many security mechanisms are needed. More importantly, it also helps students learn the common patterns of vulnerabilities, so they can avoid making similar mistakes in the future. Moreover, using vulnerabilities as case studies, students can learn the principles of secure design, secure programming, and security testing.
- Teach Yourself Computer Science
- Technical Development Guide - Google
- OSS University - Computer Science
- Path to a free self-taught education in Computer Science!
- cs-video-courses
- List of Computer Science courses with video lectures.
- Learning How to Learn
- Cryptography
- Coursera Cryptography
- Matsano Crypto Challenges
- Go through a series of increasingly difficult challenges while learning all about cryptography. Expected knowledge level: You passed 9th grade math and you have 0 knowledge of crypto.
- A Graduate Course in Applied Cryptography - Dan Boneh and Victor Shoup
- Version 0.3 - posted Dec. 9, 2016
- Data Science
- Exploit Development Training
- exrs - Binary Exploitation/Reverse Engineering Challenge training
- Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
- BFH Exploiting & Defense Course - Dobin Rutishauser
- Modern Binary Exploitation - CSCI 4968 - Spring '15
- The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux based userland binary exploitation. It will then transitionin to protections found on modern systems(Canaries, DEP, ASLR, RELRO, FortifySource, etc) and the techniques used to defeat them.Time permitting, the course will also cover other subjects in exploitation including kernel land and Windows based exploitation.
- armpwn
- Repository to train/learn memory corruption exploitation on the ARM platform. This is the material of a workshop I prepared for my CTF Team.
- BinTut
- Dynamic or live demonstration of classical exploitation techniques of typical memory corruption vulnerabilities, from debugging to payload generation and exploitation, for educational purposes
- CNIT 127: Exploit Development - samsclass
- exrs - Binary Exploitation/Reverse Engineering Challenge training
- Incident Response/Forensics/NSM Training
- Mobile Application Security
- Mobile Security Trainings
- Mobile security trainings based on android
- Mobile Security Trainings
- Penetration Testing
- Pentester Lab
- PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.
- FSU Offensive Security 2014
- Florida State University Offensive Security 2014 Class materials
- FSU Offensive Security 2013
- Florida State University Offensive Security 2013 Class materials
- HackSplaining
- Security training aimed towards developers. Free.
- Pentester Lab
- Programming Classes/Courses
- asm - 0xAX
- Learning assembly for linux-x64
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- This class serves as a foundation for the follow on Intermediate level x86 class. It teaches the basic concepts and describes the hardware that assembly code deals with. It also goes over many of the most common assembly instructions. Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations.
- Win32 ASM tutorials - Iczelion
- Network Examples - knorrie
- Linux networking examples and tutorials
- Low-Level Programming University
- This page is for beginners who want to be low-level programmers. I'm inspired by google-interview-university. I'd like to share my experience and show a roadmap to becoming a low-level programmer because I have found that these skills are not as common as they once were. In addition, many students and beginners ask me how they could become low-level programmers and Linux kernel engineers.
- InfosecPosh101
- A repository of Labs and other information for learning how PowerShell can help with infosec
- asm - 0xAX
- Regular Expressions
- RegEx Crossword
- Learn RegEx through crosswords
- RegEx Crossword
- Reverse Engineering
- Binary Auditing Training - Thorsten Schneider
- The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses!
- exrs - Binary Exploitation/Reverse Engineering Challenge training
- Exercises for learning Reverse Engineering and Exploitation. All binaries for these challenges are ELF 64-bit LSB executable, x86-64.
- mammon_'s tales to his grandson - Reverse Engineering
- Software Modeling and Verification - Static Analysis
- The Life of Binaries
- Topics include but are not limited to:
- Scanning and tokenizing source code.
- Parsing a grammar.
- Different targets for x86 assembly object files generation. (E.g. relocatable vs. position independent code).
- Linking object files together to create a well-formed binary.
- Detailed descriptions of the high level similarities and low level differences between the Windows PE and Linux ELF binary formats. (NOTE: we didn't get to this in the class where the video was recorded, but the materials are in the slides)
- How an OS loads a binary into memory and links it on the fly before executing it.
- Along the way we discuss the relevance of security at different stages of a binary’s life, from the tricks that can be played by a malicious compiler, to how viruses really work, to the way which malware “packers” duplicate OS process execution functionality, to the benefit of a security-enhanced OS loader which implements address space layout randomization (ASLR).
- Topics include but are not limited to:
- Introduction to Reverse Engineering Software - Dartmouth
- CSCI 4974 / 6974 Hardware Reverse Engineering
- Binary Auditing Training - Thorsten Schneider
- Machine Learning
- UEFI/BIOS Training
- Web Security Focused Training
- Google Gruyere - Web Application Exploits and Defenses
- Professionally Evil Web App Pen Testing 101 Course - secureideas
- OWASP Broken Web Applications Project
- OWASP Broken Web Applications Project is a collection of vulnerable web applications that is distributed on a Virtual Machine.
- OWASP Juiceshop
- hacker101
- Hacker101 is structured as a set of video lessons -- some covering multiple topics, some covering a single one -- and can be consumed in two different ways. You can either watch them in the order produced as in a normal class (§ Sessions), or you can watch individual videos (§ Vulnerabilities). If you're new to security, we recommend the former; this provides a guided path through the content and covers more than just individual bugs.
- Security_Ninjas_AppSec_Training
- OpenDNS application security training program. This hands-on training lab consists of 10 fun real world like hacking exercises, corresponding to each of the OWASP Top 10 vulnerabilities. Hints and solutions are provided along the way. Although the backend for this is written in PHP, vulnerabilities would remain the same across all web based languages, so the training would still be relevant even if you don’t actively code in PHP.
- Wireless
- Dissecting Industrial Wireless Implementations - DEF CON 25
- RFID INFOSEC
- RFID INFOSEC is designed to teach undergraduate students about radio frequency identification (RFID) information systems security (INFOSEC). It provides a system-wide description of a RFID system using a layered reference model that describes the tag, media interface, reader, network, middleware, and application layers. In addition, it addresses RFID security and privacy threats, risks, and mitigation techniques. These materials include lesson plans, slides, homework, laboratories, and assessment rubrics organized into modules.
- Resources for Instructors and Trainers
- How To Give A Digital Security Training
- LevelUP
- Resources for the global digital safety training community.
- Be a Better Trainer
- Teaching Evil - Chris Niemira
- The Distribution of Users’ Computer Skills: Worse Than You Think