- Assembly - Skull Security Wiki
- Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
- Dealers of Lightning
- How Not to Network a Nation
- Masters of Doom
- The Cuckoo’s Egg
- The Friendly Orange Glow
- The Master Switch
- The Victorian Internet
- Where the Wizards Stay Up Late
- A Penetration Tester’s Guide to the Azure Cloud
- Cloud IP Ranges
- Head in the Clouds
- Head in the Clouds: Google Compute
Getting Started (or Getting Better) in Infosec
- Deep Work and the 30-hour Method
- The Paradox of Choice - Learning new skills in infosec without getting overwhelmed.
- The Process of Mastering a Skill
- CodeAcademy Git Training
- Oh, Shit, Git!
- Common Git Commands and Best Practices
- Git Visualization Tool
- Git Commit Message Best Practices
Hands-On Skills Development
- Bugcrowd University - Skills development for web testing.
- Hack the Box - Great mix of web/network/crypto/etc. CTF
- Offensive Security Certified Professional - The (punishing) gold standard for security testing certifications.
- PentesterLab - Mini-courses for mainly web app testing.
- Pentestit - Network penetration testing challenges.
- PortSwigger Academy - AppSec learning from the creators of Burp.
- RingZer0 Team Online CTF
Hands-On Skills Development for High School Students
- Malware Unicorn - Reverse Engineering Malware 101
- MalwareTech - Beginner Malware Reversing Challenges
- OA Research
- Open Analysis Live
- Practical Malware Analysis
- The Art of Memory Forensics
- Advanced Penetration Testing with Cybrary
- Advanced Penetration Testing
- Penetration Testing with Kali Linux
- A Journey Into a Red Team
- Advanced Threat Tactics
- How Do I Prepare to Join a Red Team
- Red Team Infrastructure Wiki
- Red Teaming in the EDR Age
- Threat Gets A Vote: Applying a Threat Based Approach to Security Testing
- Hacking the Xbox - An Introduction to Reverse Engineering - PDF (Free from No Starch)
- Practical Reverse Engineering
Teacher Resources (High School)
- CodeHS Cyber Security
- Hacker High School Lessons
- Netacad Cyber Security Essentials - Keep an eye out for ICTC Educator training sessions
- Bev Facey Cyber Defence Resources and challenges collection
Web Application Hacking
- Burp Suite Essentials
- Don’t Cross Me: Same-Origin Policy and all the Cross Vulns - Great explanation of same-origin policy and the vulns that crush it.
- Google Gruyere: Web Application Exploits and Defenses
- Hack this Site
- OWASP Juice Shop
- OWASP Testing Guide v4 Table of Contents
- PortSwigger Academy - From the people that brought you Burp and WAHH, some top-notch (free) online web security training.
- The Bug Hunter’s Methodology v3
- The Web Application Hacker’s Handbook
- Web Vulnerabilities and the People Who Love Them - Great intro to web vulns :)