Cyber Security Education π π΅οΈ π
Because Education should be free.
What is this?
Cyber Security University is a curated list of free educational resources that focuses on learn by doing.
There are 6 parts to this. Introduction and Pre-security, Free Beginner Red Team Path, Free Beginner Blue Team Path, Bonus practices/latest CVEs and Extremely Hard rooms to do. The tasks are linear in nature of difficulty. So itβs recommended to do in order. But you can still jump around and skip some rooms If you find that you are already familiar with the concepts.
(I will be adding more blue team contents in as and when I am free. So do keep an eye out for them.)
If you want to keep track of your progress, you can fork this repo on github and follow the instructions.
https://github.com/brootware/Cyber-Security-University
You will find the html code for below badges hidden in the repo.
This blog post is mainly to keep track and be accountable for myself.
β Introduction and Pre-Security
β Level 1 - Intro
- OpenVPN
- Welcome
- Intro to Researching
- Linux Fundamentals 1
- Linux Fundamentals 2
- Linux Fundamentals 3
- Pentesting fundamentals
- Principles of security
- Introduction to defensive security
- Red Team Engagements
- Crash Course Pentesting
Introductory CTFs to get your feet wet
β Free-Beginner-Red-Team-Path
β Level 2 - Tooling
- Tmux
- Nmap
- Web Scanning
- Sublist3r
- Metasploit
- Hydra
- Linux Privesc
- Web Scanning
- Red Team Fundamentals
- Red Team Recon
Red Team Intro CTFs
β Level 3 - Crypto & Hashes with CTF practice
β Level 4 - Web
- OWASP top 10
- Inclusion
- Injection
- Vulnversity
- Basic Pentesting
- Juiceshop
- Ignite
- Overpass
- Year of the Rabbit
- DevelPy
- Jack of all trades
- Bolt
β Level 5 - Reverse Engineering & Pwn
- Intro to x86 64
- CC Ghidra
- CC Radare2
- CC Steganography
- Reverse Engineering
- Reversing ELF
- Dumping Router Firmware
- Intro to pwntools
- Pwnkit: CVE-2021-4034
β Level 6 - PrivEsc
- Sudo Security Bypass
- Sudo Buffer Overflow
- Windows Privesc Arena
- Linux Privesc Arena
- Windows Privesc
- Blaster
- Ignite
- Kenobi
- Capture the flag
- Pickle Rick
- Insecure Kubernetes
- The Great Escape (docker)
This is where you might find the hidden badge in the repo
β Free-Beginner-Blue-Team-Path
β Level 1 - Tools
β Level 2 - Security Operations & Incident Response
- Investigating Windows
- Juicy Details
- Carnage
- Squid Game
- Splunk Boss of the SOC V1
- Splunk Boss of the SOC V2
- Splunk Boss of the SOC V3
β Level 3 - Beginner Forensics & Cryptography
- Martryohka doll
- Glory of the Garden
- Packets Primer
- Wireshark doo doo doo
- Wireshark two two two
- Trivial flag transfer protocol
- What Lies within
- Illumination
- Emo
- Obsecure
- Bucket - Cloud Security Forensics
- Introduction to Cryptohack
β Level 4 - Memory & Disk Forensics
- Sleuthkit Intro
- Reminiscent
- Hunter - Windows Disk Image Forensics
- Spotlight - Mac Disk Image Forensics
- Ulysses - Linux Disk Image Forensics
- Banking Troubles - Windows Memory Image Forensics
- Detect Log4J
β Level 5 - Malware and Reverse Engineering
- History of Malware
- Malware Introduction
- Basic Malware Reverse Engineering
- Intro Windows Reversing
- Windows x64 Assembly
- JVM reverse engineering
- Get PDF (Malicious Document)
This is where you might find the hidden badge in the repo.
β Bonus CTF practice and Latest CVEs
- Post Exploitation Basics
- Smag Grotto
- Inclusion
- Dogcat
- LFI basics
- Buffer Overflow Prep
- Overpass
- Break out the cage
- Lian Yu
- Insecure Kubernetes
- The Great Escape (docker)
- Solr Exploiting Log4j
- Spring4Shell
- Most Recent threats
β Bonus Windows
β Extremely-Hard-Rooms-to-do
- Ra
- Ra2
- Osiris
- CCT2019
- Set
- Theseus
- IronCorp
- Carpe Diem 1
- Borderlands
- Jeff
- Year of the Owl
- Anonymous Playground
- EnterPrize
- Racetrack Bank
- Python Playground
β Markdown-Version
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# [β](#what-is-this) Introduction and Pre-Security
## [β](#what-is-this) Level 1 - Intro
- [ ] [OpenVPN](<https://tryhackme.com/room/openvpn>)
- [ ] [Welcome](<https://tryhackme.com/jr/welcome>)
- [ ] [Intro to Researching](<https://tryhackme.com/room/introtoresearch>)
- [ ] [Linux Fundamentals 1](<https://tryhackme.com/room/linuxfundamentalspart1>)
- [ ] [Linux Fundamentals 2](<https://tryhackme.com/room/linuxfundamentalspart2>)
- [ ] [Linux Fundamentals 3](<https://tryhackme.com/room/linuxfundamentalspart3>)
- [ ] [Pentesting fundamentals](<https://tryhackme.com/room/pentestingfundamentals>)
- [ ] [Principles of security](<https://tryhackme.com/room/principlesofsecurity>)
- [ ] [Introduction to defensive security](<https://tryhackme.com/room/defensivesecurity>)
- [ ] [Red Team Engagements](<https://tryhackme.com/room/redteamengagements>)
- [ ] [Crash Course Pentesting](<https://tryhackme.com/room/ccpentesting>)
**Introductory CTFs to get your feet wet**
- [ ] [Google Dorking](<https://tryhackme.com/room/googledorking>)
- [ ] [OHsint](<https://tryhackme.com/room/ohsint>)
- [ ] [Shodan.io](<https://tryhackme.com/room/shodan>)
# [β](#what-is-this) Free-Beginner-Red-Team-Path
## [β](#what-is-this) Level 2 - Tooling
- [ ] [Tmux](<https://tryhackme.com/room/rptmux>)
- [ ] [Nmap](<https://tryhackme.com/room/rpnmap>)
- [ ] [Web Scanning](<https://tryhackme.com/room/rpwebscanning>)
- [ ] [Sublist3r](<https://tryhackme.com/room/rpsublist3r>)
- [ ] [Metasploit](<https://tryhackme.com/room/rpmetasploit>)
- [ ] [Hydra](<https://tryhackme.com/room/hydra>)
- [ ] [Linux Privesc](<https://tryhackme.com/room/linuxprivesc>)
- [ ] [Web Scanning](<https://tryhackme.com/room/rpwebscanning>)
- [ ] [Red Team Fundamentals](<https://tryhackme.com/room/redteamfundamentals>)
- [ ] [Red Team Recon](<https://tryhackme.com/room/redteamrecon>)
**Red Team Intro CTFs**
- [ ] [Vulnversity -](<https://tryhackme.com/room/vulnversity>)
- [ ] [Blue -](<https://tryhackme.com/room/blue>)
- [ ] [Simple CTF](<https://tryhackme.com/room/easyctf>)
- [ ] [Bounty Hacker](<https://tryhackme.com/room/cowboyhacker>)
## [β](#what-is-this) Level 3 - Crypto & Hashes with CTF practice
- [ ] [Crack the hash](<https://tryhackme.com/room/crackthehash>)
- [ ] [Agent Sudo](<https://tryhackme.com/room/agentsudoctf>)
- [ ] [The Cod Caper](<https://tryhackme.com/room/thecodcaper>)
- [ ] [Ice](<https://tryhackme.com/room/ice>)
- [ ] [Lazy Admin](<https://tryhackme.com/room/lazyadmin>)
- [ ] [Basic Pentesting](<https://tryhackme.com/room/basicpentestingjt>)
## [β](#what-is-this) Level 4 - Web
- [ ] [OWASP top 10](<https://tryhackme.com/room/owasptop10>)
- [ ] [Inclusion](<https://tryhackme.com/room/inclusion>)
- [ ] [Injection](<https://tryhackme.com/room/injection>)
- [ ] [Vulnversity](<https://tryhackme.com/room/vulnversity>)
- [ ] [Basic Pentesting](<https://tryhackme.com/room/basicpentestingjt>)
- [ ] [Juiceshop](<https://tryhackme.com/room/owaspjuiceshop>)
- [ ] [Ignite](<https://tryhackme.com/room/ignite>)
- [ ] [Overpass](<https://tryhackme.com/room/overpass>)
- [ ] [Year of the Rabbit](<https://tryhackme.com/room/yearoftherabbit>)
- [ ] [DevelPy](<https://tryhackme.com/room/bsidesgtdevelpy>)
- [ ] [Jack of all trades](<https://tryhackme.com/room/jackofalltrades>)
- [ ] [Bolt](<https://tryhackme.com/room/bolt>)
## [β](#what-is-this) Level 5 - Reverse Engineering & Pwn
- [ ] [Intro to x86 64](<https://tryhackme.com/room/introtox8664>)
- [ ] [CC Ghidra](<https://tryhackme.com/room/ccghidra>)
- [ ] [CC Radare2](<https://tryhackme.com/room/ccradare2>)
- [ ] [CC Steganography](<https://tryhackme.com/room/ccstego>)
- [ ] [Reverse Engineering](<https://tryhackme.com/room/reverseengineering>)
- [ ] [Reversing ELF](<https://tryhackme.com/room/reverselfiles>)
- [ ] [Dumping Router Firmware](<https://tryhackme.com/room/rfirmware>)
- [ ] [Intro to pwntools](<https://tryhackme.com/room/introtopwntools>)
- [ ] [Pwnkit: CVE-2021-4034](<https://tryhackme.com/room/pwnkit>)
## [β](#what-is-this) Level 6 - PrivEsc
- [ ] [Sudo Security Bypass](<https://tryhackme.com/room/sudovulnsbypass>)
- [ ] [Sudo Buffer Overflow](<https://tryhackme.com/room/sudovulnsbof>)
- [ ] [Windows Privesc Arena](<https://tryhackme.com/room/windowsprivescarena>)
- [ ] [Linux Privesc Arena](<https://tryhackme.com/room/linuxprivescarena>)
- [ ] [Windows Privesc](<https://tryhackme.com/room/windows10privesc>)
- [ ] [Blaster](<https://tryhackme.com/room/blaster>)
- [ ] [Ignite](<https://tryhackme.com/room/ignite>)
- [ ] [Kenobi](<https://tryhackme.com/room/kenobi>)
- [ ] [Capture the flag](<https://tryhackme.com/room/c4ptur3th3fl4g>)
- [ ] [Pickle Rick](<https://tryhackme.com/room/picklerick>)
- [ ] [Insecure Kubernetes](https://tryhackme.com/room/insekube)
- [ ] [The Great Escape (docker)](https://tryhackme.com/room/thegreatescape)
> This is where you might find the hidden badge in the repo
# [β](#what-is-this) Free-Beginner-Blue-Team-Path
## [β](#what-is-this) Level 1 - Tools
- [ ] [Windows Fundamentals](<https://tryhackme.com/room/windowsfundamentals1xbx>)
- [ ] [Nessus](<https://tryhackme.com/room/rpnessusredux>)
- [ ] [Mitre](<https://tryhackme.com/room/mitre>)
- [ ] [Yara](<https://tryhackme.com/room/yara>)
- [ ] [OpenVAS](<https://tryhackme.com/room/openvas>)
- [ ] [Intro to Honeypots](<https://tryhackme.com/room/introductiontohoneypots>)
- [ ] [Volatility](<https://tryhackme.com/room/bpvolatility>)
- [ ] [Red Line](<https://tryhackme.com/room/btredlinejoxr3d>)
- [ ] [Autopsy](<https://tryhackme.com/room/autopsy2ze0>)
## [β](#what-is-this) Level 2 - Security Operations & Incident Response
- [ ] [Investigating Windows](<https://tryhackme.com/room/investigatingwindows>)
- [ ] [Juicy Details](<https://tryhackme.com/room/juicydetails>)
- [ ] [Carnage](<https://tryhackme.com/room/c2carnage>)
- [ ] [Squid Game](<https://tryhackme.com/room/squidgameroom>)
- [ ] [Splunk Boss of the SOC V1](<https://tryhackme.com/room/bpsplunk>)
- [ ] [Splunk Boss of the SOC V2](<https://cyberdefenders.org/blueteam-ctf-challenges/16>)
- [ ] [Splunk Boss of the SOC V3](<https://cyberdefenders.org/blueteam-ctf-challenges/8>)
## [β](#what-is-this) Level 3 - Beginner Forensics & Cryptography
- [ ] [Martryohka doll](<https://play.picoctf.org/practice/challenge/129?category=4&page=1&solved=0>)
- [ ] [Glory of the Garden](<https://play.picoctf.org/practice/challenge/44?category=4&page=1&solved=0>)
- [ ] [Packets Primer](<https://play.picoctf.org/practice/challenge/286?category=4&page=2&solved=0>)
- [ ] [Wireshark doo doo doo](<https://play.picoctf.org/practice/challenge/115?category=4&page=1&solved=0>)
- [ ] [Wireshark two two two](<https://play.picoctf.org/practice/challenge/110?category=4&page=1&solved=0>)
- [ ] [Trivial flag transfer protocol](<https://play.picoctf.org/practice/challenge/103?category=4&page=1&solved=0>)
- [ ] [What Lies within](<https://play.picoctf.org/practice/challenge/74?category=4&page=2&solved=0>)
- [ ] [Illumination](<https://app.hackthebox.com/challenges/illumination>)
- [ ] [Emo](<https://app.hackthebox.com/challenges/emo>)
- [ ] [Obsecure](<https://app.hackthebox.com/challenges/obscure>)
- [ ] [Bucket - Cloud Security Forensics](<https://cyberdefenders.org/blueteam-ctf-challenges/84>)
- [ ] [Introduction to Cryptohack](<https://cryptohack.org/courses/intro/course_details/>)
## [β](#what-is-this) Level 4 - Memory & Disk Forensics
- [ ] [Sleuthkit Intro](<https://play.picoctf.org/practice/challenge/301?category=4&page=2&solved=0>)
- [ ] [Reminiscent](<https://app.hackthebox.com/challenges/reminiscent>)
- [ ] [Hunter - Windows Disk Image Forensics](<https://cyberdefenders.org/blueteam-ctf-challenges/32>)
- [ ] [Spotlight - Mac Disk Image Forensics](<https://cyberdefenders.org/blueteam-ctf-challenges/34>)
- [ ] [Ulysses - Linux Disk Image Forensics](<https://cyberdefenders.org/blueteam-ctf-challenges/41>)
- [ ] [Banking Troubles - Windows Memory Image Forensics](<https://cyberdefenders.org/blueteam-ctf-challenges/43>)
- [ ] [Detect Log4J](<https://cyberdefenders.org/blueteam-ctf-challenges/86>)
## [β](#what-is-this) Level 5 - Malware and Reverse Engineering
- [ ] [History of Malware](<https://tryhackme.com/room/historyofmalware>)
- [ ] [Malware Introduction](<https://tryhackme.com/room/malmalintroductory>)
- [ ] [Basic Malware Reverse Engineering](<https://tryhackme.com/room/basicmalwarere>)
- [ ] [Intro Windows Reversing](<https://tryhackme.com/room/windowsreversingintro>)
- [ ] [Windows x64 Assembly](<https://tryhackme.com/room/win64assembly>)
- [ ] [JVM reverse engineering](<https://tryhackme.com/room/jvmreverseengineering>)
- [ ] [Get PDF (Malicious Document)](<https://cyberdefenders.org/blueteam-ctf-challenges/47>)
> This is where you might find the hidden badge in the repo.
# [β](#what-is-this) Bonus CTF practice and Latest CVEs
- [ ] [Post Exploitation Basics](<https://tryhackme.com/room/postexploit>)
- [ ] [Smag Grotto](<https://tryhackme.com/room/smaggrotto>)
- [ ] [Inclusion](<https://tryhackme.com/room/inclusion>)
- [ ] [Dogcat](<https://tryhackme.com/room/dogcat>)
- [ ] [LFI basics](<https://tryhackme.com/room/lfibasics>)
- [ ] [Buffer Overflow Prep](<https://tryhackme.com/room/bufferoverflowprep>)
- [ ] [Overpass](<https://tryhackme.com/room/overpass>)
- [ ] [Break out the cage](<https://tryhackme.com/room/breakoutthecage1>)
- [ ] [Lian Yu](<https://tryhackme.com/room/lianyu>)
- [ ] [Insecure Kubernetes](<https://tryhackme.com/room/insekube>)
- [ ] [The Great Escape (docker)](<https://tryhackme.com/room/thegreatescape>)
- [ ] [Solr Exploiting Log4j](<https://tryhackme.com/room/solar>)
- [ ] [Spring4Shell](<https://tryhackme.com/room/spring4shell>)
- [ ] [Most Recent threats](<https://tryhackme.com/module/recent-threats>)
# [β](#what-is-this) Bonus Windows
- [ ] [Attacktive Directory](<https://tryhackme.com/room/attacktivedirectory>)
- [ ] [Retro](<https://tryhackme.com/room/retro>)
- [ ] [Blue Print](<https://tryhackme.com/room/blueprint>)
- [ ] [Anthem](<https://tryhackme.com/room/anthem>)
- [ ] [Relevant](<https://tryhackme.com/room/relevant>)
# [β](#what-is-this) Extremely-Hard-Rooms-to-do
- [ ] [Ra](<https://tryhackme.com/room/ra>)
- [ ] [Ra2](<https://tryhackme.com/room/ra2>)
- [ ] [Osiris](<https://tryhackme.com/room/osiris>)
- [ ] [CCT2019](<https://tryhackme.com/room/cct2019>)
- [ ] [Set](<https://tryhackme.com/room/set>)
- [ ] [Theseus](<https://tryhackme.com/room/theseus>)
- [ ] [IronCorp](<https://tryhackme.com/room/ironcorp>)
- [ ] [Carpe Diem 1](<https://tryhackme.com/room/carpediem1>)
- [ ] [Borderlands](<https://tryhackme.com/room/borderlands>)
- [ ] [Jeff](<https://tryhackme.com/room/jeff>)
- [ ] [Year of the Owl](<https://tryhackme.com/room/yearoftheowl>)
- [ ] [Anonymous Playground](<https://tryhackme.com/room/anonymousplayground>)
- [ ] [EnterPrize](<https://tryhackme.com/room/enterprize>)
- [ ] [Racetrack Bank](<https://tryhackme.com/room/racetrackbank>)
- [ ] [Python Playground](<https://tryhackme.com/room/pythonplayground>)
β Source and Credits
βInspired by
This post is licensed under CC BY 4.0 by the author.