Howto be a Hacker/Pentester/Security person - List of resources


A list of resources for anyone interested in becoming a Hacker/Pentester/Security person.

Based on my gist available on github.


I’ve just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)

HypnZA’s commonly shared list (in the correct order):

  1. https://www.hacksplaining.com
  2. https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
  3. Watch Ippsec’s HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos) https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/videos?sort=da&view=0&flow=grid https://www.hackthebox.eu/

From my own list, I reccommend:

  1. LiveOverflows stuff on YouTube https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
  2. Azeria Labs - https://azeria-labs.com/
  3. Hardware Security Resources - Great list of mostly hardware related info http://www.sp3ctr3.me/hardware-security-resources/

Shadowrizla suggested this awesome document filled with tons of resources. https://docs.google.com/spreadsheets/d/12bT8APhWsL-P8mBtWCYu4MLftwG1cPmIL25AEBtXDno/edit?usp=sharing

If you run out of stuff the Awesome Hacking list has tons of Awesome lists you can go look at
https://github.com/Hack-with-Github/Awesome-Hacking

The Pentesting certification to have at the moment is an OSCP
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

You can read a nice writeup on what its like to get by HypnZA
https://www.hypn.za.net/blog/2018/05/27/thoughts-on-offensive-securitys-oscp-certification-in-2018-pre-exam/
https://www.hypn.za.net/blog/2018/06/06/thoughts-on-oscp-certification-and-the-exam/

Conferences:

In South Africa there are currently only two community Security Conferences (That I know about)
http://www.0xcon.co.za/ in JHB
http://www.bsidescapetown.co.za in Cape Town

Local Meetups:

DC2744 (Gardenroute) - http://www.dc2744.org/
DC2711 (Johannesburg) - https://twitter.com/defcon2711
DC2751 (Bloemfontein) - https://twitter.com/dc2751g
0xc0ffee (Cape Town) - https://0xc0ffee-cpt.co.za/
0xc0ffee (Johannesburg) - https://twitter.com/0xc0ffee_jhb

OWASP Cape Town - https://www.meetup.com/OWASP-Cape-Town-Chapter-Meetup/

Additional Resources:

Awesome Firmware Security & Other Helpful Documents - https://github.com/PreOS-Security/awesome-firmware-security

See also

DigitalOcean Referral Badge