• Subscribe to the low volume list for updates.

Cyber Security Training (That doesn’t suck)

An overview of high quality Cyber Security Training. There are many excellent Free, and Commercial Resources, Online Courses, and Labs available.

Cyber Security is a career that involves the practitioner to be in always learning mode. Spend your time and money wisely with these hand picked security resources.

Each of these resources have either been used by one of our team or has been been a recommendation from someone we know.

Cyber Security Training Courses

Many of these courses are costly, especially if you are paying out of your own pocket. The primary advantage of a training course from the big 3 providers (SANS, Offensive-Security, eLearnSecurity) is that you get a lot of learning packed into a minimal amount of time. All have included labs that force you to make sure you understand the content.

Provider Course Cert Focus Notes
SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling GCIH DFIR Pentest A gentle introduction to hacker tools and techniques with a focus on Incident Handling. Identify an incident, securely handle forensic evidence and use a structured methodology to work through the incident. Great for people with a technical background but little experience in hacking techniques and cyber security.
SANS SEC401: Security Essentials Bootcamp Style GSEC Basics Suitable for anyone wanting to understand cyber security concepts, useful for non-technical backgrounds moving into roles that interact with cyber security professionals.
SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics GCFA DFIR Digging deep into digital forensics and evidence collection. Understand the techniques and tools from the operating system to memory analysis and the network layer.
SANS SEC560: Network Penetration Testing and Ethical Hacking GPEN Pentest A popular course for those getting started with penetration testing or working in government cyber security roles (good training budgets!). In depth knowledge of tools and techniques - jamming a lot of content into a one week course. Finishes up with a high quality CTF on day 6 to apply the new knowledge.
SANS SEC545: Cloud Security Architecture and Operations   Cloud I have no knowledge of this course but recommend it based on experience with other SANS courses. Having played in the AWS, Azure & GCP sandboxes messing up security is easier than you would expect. Professional cyber security training within cloud environments is going to be huge over the next few years. A focus on keeping these environments secure is going to be essential for any cloud operations team.
SANS SEC503: Intrusion Detection In-Depth GCIA DFIR Solid content from a course that has been around since Intrusion Detection Systems (IDS) were the new kids on the block. Learn to write custom Snort Rules and get an understanding of network traffic analysis.
SANS SEC542: Web App Penetration Testing and Ethical Hacking GWAPT Web App Pentest Strong overview of common web application attacks and penetration testing. Get a broad range of knowledge and tools across this rapidly changing discipline.
SANS SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking GXPN Exploit Dev Pentest In depth course on more advanced attack techniques than those covered in SEC560. Also has a deep focus on exploit writing from simple to buffer overflows to more advanced chained attacks.
Offensive Security PWK: Penetration Testing with Kali OSCP Pentest Popular and well regarded technical penetration testing course. Has a 24 hour exam that is known to really test the students understanding (try harder!). Made by the folks who maintain the Kali Linux Distro.
Offensive Security AWAE: Advanced Web Attacks and Exploitation OSWE Web App Pentest Going in depth on the web application side of things this is often taken after completing the OSCP or for those with web application as a focus.
Offensive Security AWE: Advanced Windows Exploitation OSEE Exploit Dev Want to write exploits for Windows. Dive into low level windows exploit development with this advanced course. Not recommended for noobs or those without low level programming skills.
eLearnSecurity eJPT: eLearnSecurity Junior Penetration Tester eJPT Pentest A solid first step into the world of penetration testing. With a broad range of topics covered and a dedicated lab environment for testing those new skills.
eLearnSecurity eCPPT: eLearnSecurity Certified Professional Penetration Tester eCPPT Pentest eLearnSecurity has recently been acquired by INE and the courses have been released in a new version. I have worked through the original penetration testing course and found it to be comprehensive and well presented. It comes in at a much more reasonable price than the equivalent SANS courses.
PortSwigger Web Security Academy FREE   Web App Pentest From the creators of BurpSuite and the Web Application Hackers Handbook this web application security courses covers a lot of ground. Pretty sure this course would be worthwhile simply based on prior works.
Active Counter Measures Threat Hunting Training Course FREE   Threat Hunting A Free course that comes from an experienced and knowledgeable team.
ATT&CK Using ATT&CK for Cyber Threat Intelligence Training FREE   Threat Hunting A number of training modules from the ATT&CK team on performing cyber threat intelligence analysis using ATT&CK-mapped data.
CoreLan BOOTCAMP: CoreLan Exploit Development   Exploit Dev Learn exploit development from the experts. Well regarded and highly technical - if you want to write exploits for modern Windows you should check this one out.
Applied Network Defence Various Blue Team focused Courses   Blue Team Recommended training on open source tools and techniques for Blue Teams. Short courses on OSQuery, Threat Hunting, ELK, Zeek and Packet Analysis.

Online Training Labs and Cyber Ranges

Capture the Flag (CTF) events and online Cyber Ranges (labs) are a great way to hone cyber security skills in areas that you may not touch everyday in your work. A well put together CTF should be fun and challenging for a wide range of abilities.

Provider Name Cost Focus Notes
SANS Netwars Continuous Pentest DFIR Netwars is a highly polished CTF where you can progress through harder and harder challenges finding flags and gaining knowledge. Presented well enough that it feels more like a game than learning! A number of FREE 48 hour challenges have been on offer to the community since the lock downs of 2020.
SANS Holiday Hack FREE Pentest DFIR Another offering from SANS this very popular CTF runs over the Christmas / New Year period and is available for Free. It can be lot of fun and you might even learn a few things.
HackTheBox Hack The Box FREE + Pentest DFIR Technical challenges based on a box (virtual machine) where the aim is to gain access and find a flag. Very well regarded and popular. High amount of Free content along with additional challenges for a small subscription.
Google Google Gruyere FREE Web App A google hosted web app for testing various vulnerabilities. Has been around for a long time but still covers a good deal of common web bugs.
PentesterLab PentesterLab Pentest A challenge based CTF where you work through a number of challenges and earn badges. Some FREE challenges or can get a subscription for monthly or yearly fee.
HackerOne HackerOne CTF FREE Web App A serious of web application testing challenges from the Bug Bounty crew at HackerOne.

Cyber Security Based Linux Distributions

Whether you are on the job, working in your lab or training, these Linux based Cyber Security distributions will save you time.
Essentially a collection of preinstalled hacking tools. Which one is your proffered choice?

Provider Name Notes
SANS Slingshot Linux A distribution similar in focus to Kali Linux this one has been developed by SANS. Often a pre-requisite for use with the training material in the SANS courses.
SANS Kali Linux Without a doubt the most well known penetration testing Linux distribution. The history of this distro can be traced back to Linux hobbyists of ages past (knoppix -> whoppix -> whax -> backtrack -> kali). Developed and maintained by Offensive Security.
SANS SIFT Linux Another distribution maintained by SANS and used in their courses this one is interesting for those who usually stick to Kali as it contains many different tools due to its focus on DFIR (forensics and incident response).
NA Tails Linux A privacy focused distribution that has a primary goal of sending all the traffic from the virtual machine through the Tor anonymization network. Mozilla and the Tor project have been sponsors in the past, it is supported by various non-profit groups.

Free Cyber Security Resources

Performing Cyber Security research can seem like an endless rabbit hole of links.

Here are some high quality resources to explore.

Resource Notes
ippsec Youtube Channel ippsec makes high quality walk through's of Hack The Box challenges. Great to watch not only the solution but his methodology for working through issues. Shows the kind of troubleshooting and breadth of knowledge used by experienced penetration testers. Don't forget ippsec.rocks an index of the videos.
OWASP Testing Guide A comprehensive guide to web application testing. Highly detailed and well presented you can really step through the web application testing process. In addition there is a great check list that can be used in conjunction with a web application test.
C2 Matrix A matrix of Command and Control software for Red Team Operations and Adversary Training.
APT Notes Dig into the techniques of advanced adversaries (APT) and the Incident Response Team that investigate them. Compilation of published reports from hundreds of intrusions.
CSIRT Training from the Europen Union Various training on Incident Response both from operational and legal / procedural perspectives.
Raphael Mudge Presents Red Team Techniques Various videos on lateral movement and post exploitation operations using Cobalt Strike. These techniques can be applied with other post exploitation tools and frameworks. An interesting insight for those who usually work in the Blue Team space.
Free Learning from the BugCrowd Team Presentation's and tutorials on various web application and bug bounty focused testing.
Bug Bounty Writeups from HackerOne Bug Bounty write ups are an underrated resource when it comes to learning. Step through the process of someone who found a vulnerability and scored a bounty. Great for understanding complicated chained vulnerabilities.
Awesome Lists are Awesome!
Here is selection of the best I have found in the Cyber

Keep Learning

Demand for skilled cyber security professionals is only going one way. Whether you are getting started in the field or have a solid background there should be something in these Cyber Security Resources for you to keep improving.

Have a training recommendation, resource or a comment? Get in Contact

The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards.

Gene Spafford