├── .all-contributorsrc ├── .github ├── auto_assign.yml ├── pull_request_template.md └── workflows │ ├── cd.yaml │ └── ci.yml ├── .gitignore ├── .markdownlint.json ├── .mlc_config.json ├── LICENSE ├── README.md ├── archive.md ├── assets └── purpleteam.png ├── code-of-conduct.md └── contributing.md /.all-contributorsrc: -------------------------------------------------------------------------------- 1 | { 2 | "files": [ 3 | "README.md" 4 | ], 5 | "imageSize": 100, 6 | "commit": false, 7 | "contributors": [ 8 | { 9 | "login": "brootware", 10 | "name": "Oaker Min", 11 | "avatar_url": "https://avatars.githubusercontent.com/u/7734956?v=4", 12 | "profile": "https://brootware.github.io", 13 | "contributions": [ 14 | "infra", 15 | "maintenance", 16 | "doc", 17 | "code" 18 | ] 19 | }, 20 | { 21 | "login": "IAmCoder", 22 | "name": "Michael Paul Coder", 23 | "avatar_url": "https://avatars.githubusercontent.com/u/1631870?v=4", 24 | "profile": "https://lucidcode.com", 25 | "contributions": [ 26 | "doc" 27 | ] 28 | } 29 | ], 30 | "contributorsPerLine": 7, 31 | "projectName": "cyber-security-university", 32 | "projectOwner": "brootware", 33 | "repoType": "github", 34 | "repoHost": "https://github.com", 35 | "skipCi": true 36 | } 37 | -------------------------------------------------------------------------------- /.github/auto_assign.yml: -------------------------------------------------------------------------------- 1 | # REF: https://probot.github.io/apps/auto-assign/ 2 | 3 | # Set to true to add reviewers to pull requests 4 | addReviewers: true 5 | 6 | # Set to true to add assignees to pull requests 7 | addAssignees: "author" 8 | 9 | # A list of reviewers to be added to pull requests (GitHub user name) 10 | reviewers: 11 | - brootware 12 | 13 | # A list of keywords to be skipped the process that add reviewers if pull requests include it 14 | #skipKeywords: 15 | # - wip 16 | 17 | # A number of reviewers added to the pull request 18 | # Set 0 to add all the reviewers (default: 0) 19 | numberOfReviewers: 0 20 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | # Description 2 | 3 | _Please include a summary of the resource you're suggesting below:_ 4 | 5 | # Checklist 6 | 7 | _Please make sure you reviewed the checklist and comply with each requirement:_ 8 | 9 | * [ ] My code follows the [contribution guidelines](../contributing.md) of this project 10 | * [ ] This resource is free and focuses on learn by doing style of learning 11 | * [ ] This pull request has a title in the format `Add Name of Resource`: 12 | * ✅ Add `ctf-practice` 13 | * ❌ Update readme.md 14 | 15 | > ⚠️ PLEASE NOTE - Do not expect a prompt review for your PR unless you have truthfully went over contribution guidelines, filled the PR description correctly AND most importantly your changes are passing linters in [GitHub Actions pipeline](https://github.com/brootware/cyber-security-university/blob/main/.github/workflows/ci.yml). 16 | -------------------------------------------------------------------------------- /.github/workflows/cd.yaml: -------------------------------------------------------------------------------- 1 | name: "CD-pages" 2 | on: 3 | push: 4 | branches: 5 | - main 6 | jobs: 7 | Website_Deployment: 8 | runs-on: ubuntu-latest 9 | steps: 10 | - name: Cancel Previous Runs 11 | uses: styfle/cancel-workflow-action@0.9.1 12 | with: 13 | access_token: ${{ secrets.GITHUB_TOKEN }} 14 | 15 | - uses: actions/checkout@v2 16 | with: 17 | fetch-depth: 0 18 | 19 | - name: Run linters 20 | run: npx awesome-lint 21 | 22 | - name: Copy latest README 23 | run: | 24 | cp README.md index.md 25 | 26 | - name: Push latest index.md 27 | uses: dmnemec/copy_file_to_another_repo_action@main 28 | env: 29 | API_TOKEN_GITHUB: ${{ secrets.GITHUB_TOKEN }} 30 | with: 31 | source_file: "index.md" 32 | destination_repo: "brootware/cyber-security-university" 33 | destination_branch: "gh-pages" 34 | user_email: "brootware@outlook.com" 35 | user_name: "AwesomeCyberBot" 36 | commit_message: "🤖 Updating website with latest content 📜" 37 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: "CI" 3 | on: 4 | push: 5 | branches: [dev] 6 | pull_request: 7 | branches: [main] 8 | schedule: 9 | # Run everyday at 9:00 AM (See https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07) 10 | - cron: "0 9 * * *" 11 | 12 | env: 13 | DISABLE_TELEMETRY: 1 14 | 15 | jobs: 16 | markdown-link-check: 17 | name: Broken Links 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@v3 22 | with: 23 | submodules: recursive 24 | - name: Run link check 25 | uses: gaurav-nelson/github-action-markdown-link-check@v1 26 | with: 27 | config-file: ".mlc_config.json" 28 | 29 | awesome-lint: 30 | name: Awesome Lint 31 | runs-on: ubuntu-latest 32 | steps: 33 | - uses: actions/checkout@v2 34 | with: 35 | fetch-depth: 0 36 | - run: npx awesome-lint 37 | 38 | # markdown-lint: 39 | # name: Markdown Lint 40 | # runs-on: ubuntu-latest 41 | # steps: 42 | # - name: Checkout 43 | # uses: actions/checkout@v3 44 | # with: 45 | # submodules: recursive 46 | 47 | # - uses: articulate/actions-markdownlint@v1.1.0 48 | # with: 49 | # # markdownlint config file 50 | # config: ".markdownlint.json" 51 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .dccache 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /.markdownlint.json: -------------------------------------------------------------------------------- 1 | { 2 | "default": true, 3 | "MD003": { 4 | "style": "atx" 5 | }, 6 | "MD004": { 7 | "style": "asterisk" 8 | }, 9 | "MD013": { 10 | "code_blocks": false, 11 | "tables": false, 12 | "line_length": 400 13 | }, 14 | "MD025": false, 15 | "MD033": { 16 | "allowed_elements": [ 17 | "details", 18 | "summary", 19 | "p", 20 | "img", 21 | "br", 22 | "i", 23 | "a" 24 | ] 25 | }, 26 | "MD046": false 27 | } -------------------------------------------------------------------------------- /.mlc_config.json: -------------------------------------------------------------------------------- 1 | { 2 | "ignorePatterns": [ 3 | { 4 | "pattern": "^https://github.com/brootware/Cyber-Security-University/generate" 5 | }, 6 | { 7 | "pattern": "^https://play.picoctf.org/practice/challenge/*" 8 | }, 9 | { 10 | "pattern": "^https://skerritt.blog/free-rooms/" 11 | }, 12 | { 13 | "pattern": "^https://x.com/brootware" 14 | } 15 | ], 16 | "timeout": "20s", 17 | "retryOn429": true, 18 | "retryCount": 5, 19 | "fallbackRetryDelay": "30s", 20 | "aliveStatusCodes": [200, 403, 429, 0] 21 | } -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Creative Commons Legal Code 2 | 3 | CC0 1.0 Universal 4 | 5 | CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE 6 | LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN 7 | ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS 8 | INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES 9 | REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS 10 | PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM 11 | THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED 12 | HEREUNDER. 13 | 14 | Statement of Purpose 15 | 16 | The laws of most jurisdictions throughout the world automatically confer 17 | exclusive Copyright and Related Rights (defined below) upon the creator 18 | and subsequent owner(s) (each and all, an "owner") of an original work of 19 | authorship and/or a database (each, a "Work"). 20 | 21 | Certain owners wish to permanently relinquish those rights to a Work for 22 | the purpose of contributing to a commons of creative, cultural and 23 | scientific works ("Commons") that the public can reliably and without fear 24 | of later claims of infringement build upon, modify, incorporate in other 25 | works, reuse and redistribute as freely as possible in any form whatsoever 26 | and for any purposes, including without limitation commercial purposes. 27 | These owners may contribute to the Commons to promote the ideal of a free 28 | culture and the further production of creative, cultural and scientific 29 | works, or to gain reputation or greater distribution for their Work in 30 | part through the use and efforts of others. 31 | 32 | For these and/or other purposes and motivations, and without any 33 | expectation of additional consideration or compensation, the person 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she 35 | is an owner of Copyright and Related Rights in the Work, voluntarily 36 | elects to apply CC0 to the Work and publicly distribute the Work under its 37 | terms, with knowledge of his or her Copyright and Related Rights in the 38 | Work and the meaning and intended legal effect of CC0 on those rights. 39 | 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be 41 | protected by copyright and related or neighboring rights ("Copyright and 42 | Related Rights"). Copyright and Related Rights include, but are not 43 | limited to, the following: 44 | 45 | i. the right to reproduce, adapt, distribute, perform, display, 46 | communicate, and translate a Work; 47 | ii. moral rights retained by the original author(s) and/or performer(s); 48 | iii. publicity and privacy rights pertaining to a person's image or 49 | likeness depicted in a Work; 50 | iv. rights protecting against unfair competition in regards to a Work, 51 | subject to the limitations in paragraph 4(a), below; 52 | v. rights protecting the extraction, dissemination, use and reuse of data 53 | in a Work; 54 | vi. database rights (such as those arising under Directive 96/9/EC of the 55 | European Parliament and of the Council of 11 March 1996 on the legal 56 | protection of databases, and under any national implementation 57 | thereof, including any amended or successor version of such 58 | directive); and 59 | vii. other similar, equivalent or corresponding rights throughout the 60 | world based on applicable law or treaty, and any national 61 | implementations thereof. 62 | 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention 64 | of, applicable law, Affirmer hereby overtly, fully, permanently, 65 | irrevocably and unconditionally waives, abandons, and surrenders all of 66 | Affirmer's Copyright and Related Rights and associated claims and causes 67 | of action, whether now known or unknown (including existing as well as 68 | future claims and causes of action), in the Work (i) in all territories 69 | worldwide, (ii) for the maximum duration provided by applicable law or 70 | treaty (including future time extensions), (iii) in any current or future 71 | medium and for any number of copies, and (iv) for any purpose whatsoever, 72 | including without limitation commercial, advertising or promotional 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each 74 | member of the public at large and to the detriment of Affirmer's heirs and 75 | successors, fully intending that such Waiver shall not be subject to 76 | revocation, rescission, cancellation, termination, or any other legal or 77 | equitable action to disrupt the quiet enjoyment of the Work by the public 78 | as contemplated by Affirmer's express Statement of Purpose. 79 | 80 | 3. Public License Fallback. Should any part of the Waiver for any reason 81 | be judged legally invalid or ineffective under applicable law, then the 82 | Waiver shall be preserved to the maximum extent permitted taking into 83 | account Affirmer's express Statement of Purpose. In addition, to the 84 | extent the Waiver is so judged Affirmer hereby grants to each affected 85 | person a royalty-free, non transferable, non sublicensable, non exclusive, 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the 88 | maximum duration provided by applicable law or treaty (including future 89 | time extensions), (iii) in any current or future medium and for any number 90 | of copies, and (iv) for any purpose whatsoever, including without 91 | limitation commercial, advertising or promotional purposes (the 92 | "License"). The License shall be deemed effective as of the date CC0 was 93 | applied by Affirmer to the Work. Should any part of the License for any 94 | reason be judged legally invalid or ineffective under applicable law, such 95 | partial invalidity or ineffectiveness shall not invalidate the remainder 96 | of the License, and in such case Affirmer hereby affirms that he or she 97 | will not (i) exercise any of his or her remaining Copyright and Related 98 | Rights in the Work or (ii) assert any associated claims and causes of 99 | action with respect to the Work, in either case contrary to Affirmer's 100 | express Statement of Purpose. 101 | 102 | 4. Limitations and Disclaimers. 103 | 104 | a. No trademark or patent rights held by Affirmer are waived, abandoned, 105 | surrendered, licensed or otherwise affected by this document. 106 | b. Affirmer offers the Work as-is and makes no representations or 107 | warranties of any kind concerning the Work, express, implied, 108 | statutory or otherwise, including without limitation warranties of 109 | title, merchantability, fitness for a particular purpose, non 110 | infringement, or the absence of latent or other defects, accuracy, or 111 | the present or absence of errors, whether or not discoverable, all to 112 | the greatest extent permissible under applicable law. 113 | c. Affirmer disclaims responsibility for clearing rights of other persons 114 | that may apply to the Work or any use thereof, including without 115 | limitation any person's Copyright and Related Rights in the Work. 116 | Further, Affirmer disclaims responsibility for obtaining any necessary 117 | consents, permissions or other rights required for any use of the 118 | Work. 119 | d. Affirmer understands and acknowledges that Creative Commons is not a 120 | party to this document and has no duty or obligation with respect to 121 | this CC0 or use of the Work. 122 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Awesome Cyber Security University [![Awesome](https://awesome.re/badge.svg)](https://awesome.re) 2 | 3 | > A curated list of awesome and free educational resources that focuses on learn by doing. 4 | 5 |
6 | 7 |
8 | Because education should be free. 9 |
10 | 11 | 12 |
13 | 14 | ## Contents 15 | 16 | * [About](#about) 17 | * [Introduction and Pre-Security](#introduction-and-pre-security) - (Completed/In Progress) 18 | * [Free Beginner Red Team Path](#free-beginner-red-team-path) - (Add your badge here. The badge code is hidden in this repo) 19 | * [Free Beginner Blue Team Path](#free-beginner-blue-team-path) - (Add your badge here. The badge code is hidden in this repo) 20 | * [Bonus CTF practice and Latest CVEs](#bonus-ctf-practice-and-latest-cves) - (Completed/In Progress) 21 | * [Bonus Windows](#bonus-windows) - (Completed/In Progress) 22 | * [Extremely Hard Rooms to do](#extremely-hard-rooms-to-do) - (Completed/In Progress) 23 | 24 | 32 | 33 | ## About 34 | 35 | Cyber Security University is A curated list of awesome and free educational resources that focus on learning by doing. 36 | 37 | There are 6 parts to this. 38 | 1. Introduction and Pre-security 39 | 2. Free Beginner Red Team Path 40 | 3. Free Beginner Blue Team Path 41 | 4. Bonus practices 42 | 5. Latest CVEs 43 | 6. Extremely Hard rooms 44 | The tasks are linear in nature of the difficulty. So it's recommended to do it in order. But you can still jump around and skip some rooms If you find that you are already familiar with the concepts. 45 | 46 | 47 | As you go through the curriculum, you will find completion badges that are hidden within this [`README.md`](https://github.com/brootware/Cyber-Security-University/blob/main/README.md) for both red and blue team path completion badges. You can copy the HTML code for them and add it to the content page below once you have completed them. 48 | 49 | 50 | [↑](#contents) 51 | 52 | ## Contributing 53 | 54 | Pull requests are welcome with the condition that the resource should be free! Please read the [contribution guide in the wiki](https://github.com/brootware/Cyber-Security-University/wiki) if you wish to add tools or resources. 55 | 56 | ## Introduction and Pre-Security 57 | 58 | ### Level 1 - Intro 59 | 60 | 61 | * [OpenVPN]() - Learn how to connect to a virtual private network using OpenVPN. 62 | * [Welcome]() - Learn how to use a TryHackMe room to start your upskilling in cyber security. 63 | * [Intro to Researching]() - A brief introduction to research skills for pentesting. 64 | * [Linux Fundamentals 1]() - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal. 65 | * [Linux Fundamentals 2]() - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal. 66 | * [Linux Fundamentals 3]() - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal. 67 | * [Pentesting fundamentals]() - Fundamentals of penetration testing. 68 | * [Principles of security]() - Principles of security. 69 | * [Red Team Engagements]() - Intro to red team engagements. 70 | * [Hip Flask](https://tryhackme.com/room/hipflask) - An in-depth walkthrough covering pentest methodology against a vulnerable server. 71 | * [Practice Linux Commands](https://labex.io/courses/linux-basic-commands-practice-online) - A free course with 41 hands-on labs to practice and master the most commonly used Linux commands. 72 | 73 | 74 | **Introductory CTFs to get your feet wet** 75 | 76 | * [Google Dorking]() - Explaining how Search Engines work and leveraging them into finding hidden content! 77 | * [Osint]() - Intro to Open Source Intelligence. 78 | * [Shodan.io]() - Learn about Shodan.io and how to use it for device enumeration. 79 | 80 | 81 | [↑](#contents) 82 | 83 | ## Free Beginner Red Team Path 84 | 85 | ### Level 2 - Tooling 86 | 87 | * [Tmux]() - Learn to use tmux, one of the most powerful multi-tasking tools on linux. 88 | * [Nmap,Curl and Netcat]() - Get experience with Nmap, Curl and Netcat for network communications. 89 | * [Web Scanning]() - Learn the basics of automated web scanning. 90 | * [Sublist3r]() - Learn how to find subdomains with Sublist3r. 91 | * [Metasploit]() - An introduction to the main components of the Metasploit Framework. 92 | * [Hydra]() - Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials. 93 | * [Linux Privesc]() - Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available. 94 | * [Red Team Fundamentals]() - Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements. 95 | * [Red Team Recon]() - Learn how to use DNS, advanced searching, Recon-ng, and Maltego to collect information about your target. 96 | * [Nmap Tutorials](https://labex.io/tutorials/quick-start-with-nmap-free-tutorials-400132) - Learn and practice the basics of network scanning using Nmap. 97 | 98 | 99 | **Red Team Intro CTFs** 100 | 101 | * [Vulnversity]() - Learn about active recon, web app attacks and privilege escalation. 102 | * [Blue]() - Deploy & hack into a Windows machine, leveraging common misconfigurations issues. 103 | * [Simple CTF]() - Beginner level CTF. 104 | * [Bounty Hacker]() - A space cowboy-themed boot to root machine. 105 | 106 | 107 | [↑](#contents) 108 | 109 | ### Level 3 - Crypto & Hashes with CTF practice 110 | 111 | * [Crack the hash]() - Cracking hash challenges. 112 | * [Agent Sudo]() - You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth. 113 | * [The Cod Caper]() - A guided room taking you through infiltrating and exploiting a Linux system. 114 | * [Ice]() - Deploy & hack into a Windows machine, exploiting a very poorly secured media server. 115 | * [Lazy Admin]() - Easy linux machine to practice your skills. 116 | * [Basic Pentesting]() - This is a machine that allows you to practice web app hacking and privilege escalation. 117 | * [Bypassing UAC](https://tryhackme.com/room/bypassinguac) - Learn common ways to bypass User Account Control (UAC) in Windows hosts. 118 | 119 | 120 | [↑](#contents) 121 | 122 | ### Level 4 - Web 123 | 124 | * [OWASP top 10]() - Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks. 125 | * [Inclusion]() - A beginner-level LFI challenge. 126 | * [Injection]() - Walkthrough of OS Command Injection. Demonstrate OS Command Injection and explain how to prevent it on your servers. 127 | * [Juiceshop]() - This room uses the OWASP juice shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities. 128 | * [Overpass]() - What happens when some broke CompSci students make a password manager. 129 | * [Year of the Rabbit]() - Can you hack into the Year of the Rabbit box without falling down a hole. 130 | * [DevelPy]() - Boot2root machine for FIT and bsides Guatemala CTF. 131 | * [Jack of all trades]() - Boot-to-root originally designed for Securi-Tay 2020. 132 | * [Bolt](https://tryhackme.com/room/bolt) - Bolt themed machine to root into. 133 | 134 | 135 | [↑](#contents) 136 | 137 | ### Level 5 - Reverse Engineering & Pwn 138 | 139 | * [Windows x64 Assembly]() - Introduction to x64 Assembly on Windows. 140 | * [CC Ghidra]() - This room teaches the basics of ghidra. 141 | * [CC Radare2]() - This room teaches the basics of radare2. 142 | * [Reverse Engineering]() - This room focuses on teaching the basics of assembly through reverse engineering. 143 | * [Reversing ELF]() - Room for beginner Reverse Engineering CTF players. 144 | * [Dumping Router Firmware]() - Reverse engineering router firmware. 145 | * [Intro to pwntools]() - Introduction to popular pwn tools framework. 146 | * [Pwnkit: CVE-2021-4034]() - Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package. 147 | 148 | 149 | [↑](#contents) 150 | 151 | ### Level 6 - PrivEsc 152 | 153 | * [Sudo Security Bypass]() - A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series. 154 | * [Sudo Buffer Overflow]() - A tutorial room exploring CVE-2019-18634 in the Unix Sudo Program. Room Two in the SudoVulns Series. 155 | * [Windows Privesc Arena]() - Students will learn how to escalate privileges using a very vulnerable Windows 7 VM. 156 | * [Linux Privesc Arena]() - Students will learn how to escalate privileges using a very vulnerable Linux VM. 157 | * [Windows Privesc]() - Students will learn how to escalate privileges using a very vulnerable Windows 7 VM. 158 | * [Blaster]() - Metasploit Framework to get a foothold. 159 | * [Ignite]() - A new start-up has a few security issues with its web server. 160 | * [Kenobi]() - Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation. 161 | * [Capture the flag]() - Another beginner-level CTF challenge. 162 | * [Pickle Rick]() - Rick and Morty themed LFI challenge. 163 | 164 | > Congratulations! If you have finished until here. You deserve a badge! Put this in your writeups or git profile. You can continue doing the below CTFs. 165 | 166 |
167 | Click here to get your red team badge! 168 | 169 | 170 | 171 |
172 | 173 | 174 | [↑](#contents) 175 | 176 | ## Free Beginner Blue Team Path 177 | 178 | ### Level 1 - Tools 179 | 180 | * [Introduction to digital forensics](https://tryhackme.com/room/introdigitalforensics) - Intro to Digital Forensics. 181 | * [Windows Fundamentals]() - Intro to Windows. 182 | * [Nessus]() - Intro to nessus scan. 183 | * [Mitre]() - Intro to Mitre attack framework. 184 | * [IntroSIEM](https://tryhackme.com/room/introtosiem) - Introduction to SIEM. 185 | * [Yara]() - Intro to yara for malware analysis. 186 | * [OpenVAS]() - Intro to openvas. 187 | * [Intro to Honeypots]() - Intro to honeypots. 188 | * [Volatility]() - Intro to memory analysis with volatility. 189 | * [Red Line]() - Learn how to use Redline to perform memory analysis and scan for IOCs on an endpoint. 190 | * [Autopsy]() - Use Autopsy to investigate artifacts from a disk image. 191 | 192 | 193 | [↑](#contents) 194 | 195 | ### Level 2 - Security Operations, Incident Response & Threat Hunting 196 | 197 | * [Investigating Windows]() - Investigating Windows. 198 | * [Juicy Details]() - A popular juice shop has been breached! Analyze the logs to see what had happened. 199 | * [Carnage]() - Apply your analytical skills to analyze the malicious network traffic using Wireshark. 200 | * [Squid Game]() - Squid game-themed CTF. 201 | * [Splunk Boss of the SOC V1]() - Part of the Blue Primer series, learn how to use Splunk to search through massive amounts of information. 202 | * [Splunk Boss of the SOC V2]() - Splunk analysis vol 2. 203 | * [Splunk Boss of the SOC V3]() - Splunk analysis vol 3. 204 | * [Hunt Conti with Splunk](https://tryhackme.com/room/contiransomwarehgh) - An Exchange server was compromised with ransomware. Use Splunk to investigate how the attackers compromised the server. 205 | * [Hunting for Execution Tactic](https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-3) - Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT&CK Tactic of Execution (TA0002). 206 | * [Hunting for Credential Access](https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-5) - Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT&CK Tactic of Credential Access (TA0006). 207 | * [Hunting for Persistence Access](https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-2) - Join Cyborg Security's team of threat hunting instructors for a fun and hands-on-keyboard threat hunting workshop covering the topic of adversarial persistence (TA0003). 208 | * [Hunting for Defense Evation](https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-4) - Join Cyborg Security's expert threat hunters as they dive into the interesting MITRE ATT&CK Tactic of Defense Evasion (TA0005). 209 | 210 | 211 | [↑](#contents) 212 | 213 | 214 | ### Level 3 - Beginner Forensics, Threat Intel & Cryptography 215 | 216 | * [Threat Intelligence 101]() - Introduction to Cyber Threat Intelligence. 217 | * [Threat Intelligence Tools]() - Explore different OSINT tools used to conduct security threat assessments and investigations. 218 | * [Martryohka doll]() - Beginner file analysis challenge. 219 | * [The Glory of the Garden]() - Beginner image analysis challenge. 220 | * [Packets Primer]() - Beginner packet analysis challenge. 221 | * [Wireshark doo doo doo]() - Beginner packet analysis challenge. 222 | * [Wireshark two two two]() - Beginner packet analysis challenge. 223 | * [Trivial flag transfer protocol]() - Beginner packet analysis challenge. 224 | * [What Lies within]() - Beginner decoding analysis challenge. 225 | * [Illumination]() - Medium level forensics challenge. 226 | * [Emo]() - Medium level forensics challenge. 227 | * [Obsecure]() - Medium level forensics challenge. 228 | * [Intel101 Challenge]() - Medium level Threat Intel challenge. 229 | * [Introduction to Cryptohack]() - Medium level cryptography challenge. 230 | 231 | 232 | [↑](#contents) 233 | 234 | ### Level 4 - Memory & Disk Forensics 235 | 236 | * [Sleuthkit Intro]() - Medium level disk forensics challenge. 237 | * [Reminiscent]() - Medium level disk forensics challenge. 238 | * [Hunter - Windows Disk Image Forensics]() - Medium level disk forensics challenge. 239 | * [Spotlight - Mac Disk Image Forensics]() - Medium level disk forensics challenge. 240 | * [Ulysses - Linux Disk Image Forensics]() - Medium level disk forensics challenge. 241 | * [Banking Troubles - Windows Memory Image Forensics]() - Medium level memory forensics challenge. 242 | * [Detect Log4J]() - Medium level disk forensics challenge. 243 | 244 | 245 | [↑](#contents) 246 | 247 | ### Level 5 - Malware and Reverse Engineering 248 | 249 | * [History of Malware]() - Intro to malware history. 250 | * [Malware Introduction]() - Intro to malware. 251 | * [Basic Malware Reverse Engineering]() - Intro to malware RE. 252 | * [Intro Windows Reversing]() - Intro to Windows RE. 253 | * [Windows x64 Assembly]() - Introduction to x64 Assembly on Windows. 254 | * [JVM reverse engineering]() - Learn Reverse Engineering for Java Virtual Machine bytecode. 255 | * [Get PDF (Malicious Document)]() - Reversing PDF malware. 256 | 257 | > Congratulations! If you have finished until here. You deserve a badge! Put this in your writeups or git profile. You can continue doing the below CTFs. 258 | 259 |
260 | Click here to get your blue team badge! 261 | 262 | 263 | 264 |
265 | 266 | 267 | [↑](#contents) 268 | 269 | ## Bonus CTF practice and Latest CVEs 270 | 271 | * [Bandit]() - Aimed at absolute beginners and teaches the basics of remote server access. 272 | * [Natas]() - Teaches the basics of serverside web-security. 273 | * [Post Exploitation Basics]() - Learn the basics of post-exploitation and maintaining access with mimikatz, bloodhound, powerview and msfvenom. 274 | * [Smag Grotto]() - An obsecure boot to root machine. 275 | * [Dogcat]() - I made a website where you can look at pictures of dogs and/or cats! Exploit a PHP application via LFI and break out of a docker container. 276 | * [Buffer Overflow Prep]() - Practice stack-based buffer overflows. 277 | * [Break out the cage]() - Help Cage bring back his acting career and investigate the nefarious going on of his agent. 278 | * [Lian Yu]() - A beginner-level security challenge. 279 | * [Insecure Kubernetes]() - Exploiting Kubernetes by leveraging a Grafana LFI vulnerability. 280 | * [The Great Escape (docker)]() - Escaping docker container. 281 | * [Solr Exploiting Log4j]() - Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun. 282 | * [Spring4Shell]() - Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework. 283 | * [Most Recent threats]() - Learn about the latest industry threats. Get hands-on experience identifying, exploiting, and mitigating critical vulnerabilities. 284 | 285 | 286 | [↑](#contents) 287 | 288 | ## Bonus Windows 289 | 290 | * [Attacktive Directory]() - Learn about 99% of Corporate networks that run off of AD. 291 | * [Retro]() - Breaking out of the retro-themed box. 292 | * [Blue Print]() - Hack into this Windows machine and escalate your privileges to Administrator. 293 | * [Anthem]() - Exploit a Windows machine in this beginner-level challenge. 294 | * [Relevant]() - Penetration Testing Challenge. 295 | 296 | 297 | [↑](#contents) 298 | 299 | ## Extremely Hard Rooms to do 300 | 301 | * [Ra]() - You have found WindCorp's internal network and their Domain Controller. Pwn the network. 302 | * [CCT2019]() - Legacy challenges from the US Navy Cyber Competition Team 2019 Assessment sponsored by US TENTH Fleet. 303 | * [Theseus]() - The first installment of the SuitGuy series of very hard challenges. 304 | * [IronCorp]() - Get access to Iron Corp's system. 305 | * [Carpe Diem 1]() - Recover your client's encrypted files before the ransomware timer runs out. 306 | * [Borderlands]() - Compromise a perimeter host and pivot through this network. 307 | * [Jeff]() - Hack into Jeff's web server. 308 | * [Year of the Owl](https://tryhackme.com/room/yearoftheowl) - Owl-themed boot to root machine. 309 | * [Anonymous Playground]() - Want to become part of Anonymous? They have a challenge for you. 310 | * [EnterPrize]() - Enterprise-themed network to hack into. 311 | * [Racetrack Bank]() - It's time for another heist. 312 | * [Python Playground]() - Use python to pwn this room. 313 | 314 | 315 | [↑](#contents) 316 | 317 | ## Footnotes 318 | 319 | **Inspired by** 320 | 321 | ### Contributors & stargazers ✨ 322 | 323 | 324 | [![All Contributors](https://img.shields.io/badge/all_contributors-2-orange.svg?style=flat-square)](#contributors-) 325 | 326 | 327 | Special thanks to everyone who forked or starred the repository ❤️ 328 | 329 | [![Stargazers repo roster for @brootware/awesome-cyber-security-university](https://reporoster.com/stars/dark/brootware/awesome-cyber-security-university)](https://github.com/brootware/awesome-cyber-security-university/stargazers) 330 | 331 | [![Forkers repo roster for @brootware/awesome-cyber-security-university](https://reporoster.com/forks/dark/brootware/awesome-cyber-security-university)](https://github.com/brootware/awesome-cyber-security-university/network/members) 332 | 333 | Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)): 334 | 335 | 336 | 337 | 338 | 339 | 340 | 341 | 342 | 343 |

Oaker Min
🚇 🚧 📖 💻
Michael Paul Coder
📖
344 | 345 | 346 | 347 | 348 | 349 | 350 | This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind are welcome! 351 | 352 | 353 | [↑](#contents) 354 | -------------------------------------------------------------------------------- /archive.md: -------------------------------------------------------------------------------- 1 | # Archived 2 | 3 | The following markdown is the place for archived, old, deleted, costs money or unmaintained projects that used to be listed on the main README.md. 4 | 5 | --- 6 | 7 | * [Introduction to defensive security]() - Intro to defensive security. 8 | * [CC Steganography]() 9 | * [LFI basics]() 10 | * [Ra2]() 11 | * [Osiris]() 12 | * [Set]() 13 | 14 | 15 | 16 | -------------------------------------------------------------------------------- /assets/purpleteam.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/brootware/awesome-cyber-security-university/72aff7079ce1baff20c9c403c3e204ac3a7b9d8b/assets/purpleteam.png -------------------------------------------------------------------------------- /code-of-conduct.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as 6 | contributors and maintainers pledge to making participation in our project and 7 | our community a harassment-free experience for everyone, regardless of age, body 8 | size, disability, ethnicity, gender identity and expression, level of experience, 9 | nationality, personal appearance, race, religion, or sexual identity and 10 | orientation. 11 | 12 | ## Our Standards 13 | 14 | Examples of behavior that contributes to creating a positive environment 15 | include: 16 | 17 | * Using welcoming and inclusive language 18 | * Being respectful of differing viewpoints and experiences 19 | * Gracefully accepting constructive criticism 20 | * Focusing on what is best for the community 21 | * Showing empathy towards other community members 22 | 23 | Examples of unacceptable behavior by participants include: 24 | 25 | * The use of sexualized language or imagery and unwelcome sexual attention or 26 | advances 27 | * Trolling, insulting/derogatory comments, and personal or political attacks 28 | * Public or private harassment 29 | * Publishing others' private information, such as a physical or electronic 30 | address, without explicit permission 31 | * Other conduct which could reasonably be considered inappropriate in a 32 | professional setting 33 | 34 | ## Our Responsibilities 35 | 36 | Project maintainers are responsible for clarifying the standards of acceptable 37 | behavior and are expected to take appropriate and fair corrective action in 38 | response to any instances of unacceptable behavior. 39 | 40 | Project maintainers have the right and responsibility to remove, edit, or 41 | reject comments, commits, code, wiki edits, issues, and other contributions 42 | that are not aligned to this Code of Conduct, or to ban temporarily or 43 | permanently any contributor for other behaviors that they deem inappropriate, 44 | threatening, offensive, or harmful. 45 | 46 | ## Scope 47 | 48 | This Code of Conduct applies both within project spaces and in public spaces 49 | when an individual is representing the project or its community. Examples of 50 | representing a project or community include using an official project e-mail 51 | address, posting via an official social media account, or acting as an appointed 52 | representative at an online or offline event. Representation of a project may be 53 | further defined and clarified by project maintainers. 54 | 55 | ## Enforcement 56 | 57 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 58 | reported by contacting the project maintainer at [twitter](https://x.com/brootware). All 59 | complaints will be reviewed and investigated and will result in a response that 60 | is deemed necessary and appropriate to the circumstances. The project maintainer is 61 | obligated to maintain confidentiality with regard to the reporter of an incident. 62 | Further details of specific enforcement policies may be posted separately. 63 | 64 | Project maintainers who do not follow or enforce the Code of Conduct in good 65 | faith may face temporary or permanent repercussions as determined by other 66 | members of the project's leadership. 67 | 68 | ## Attribution 69 | 70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 71 | available at [http://contributor-covenant.org/version/1/4][version] 72 | 73 | [homepage]: http://contributor-covenant.org 74 | [version]: http://contributor-covenant.org/version/1/4/ 75 | -------------------------------------------------------------------------------- /contributing.md: -------------------------------------------------------------------------------- 1 | # Contribution Guidelines 2 | 3 | Please note that this project is released with a 4 | [Contributor Code of Conduct](./code-of-conduct.md). By participating in this 5 | project you agree to abide by its terms. 6 | 7 | --- 8 | 9 | Please ensure your pull request adheres to the following guidelines: 10 | 11 | * Search previous suggestions before making a new one, as yours may be a duplicate. 12 | * Suggested packages should be tested and documented. 13 | * Make an individual pull request for each suggestion. This can be ignored if packages share common theme or functionality, in that case can be in bulk. 14 | * Use the following format: ```[PACKAGE](LINK) - DESCRIPTION.``` 15 | * New categories, or improvements to the existing categorization are welcome. 16 | * Keep descriptions short and simple, but descriptive. 17 | * End all descriptions with a full stop/period. 18 | * Check your spelling and grammar. 19 | * Make sure your text editor is set to remove trailing whitespace. 20 | 21 | Thank you for your suggestions! 22 | 23 | ## Updating your PR 24 | 25 | A lot of times, making a PR adhere to the standards above can be difficult. 26 | If the maintainers notice anything that we'd like changed, we'll ask you to 27 | edit your PR before we merge it. There's no need to open a new PR, just edit 28 | the existing one. If you're not sure how to do that, 29 | [here is a guide](https://github.com/RichardLitt/knowledge/blob/master/github/amending-a-commit-guide.md) 30 | on the different ways you can update your PR so that we can merge it. 31 | --------------------------------------------------------------------------------