Practice Environments

• Free
  • https://overthewire.org/wargames/
  • https://ics-cert-training.inl.gov/learn
  • https://fedvte.usalearning.gov/public_fedvte.php
  • https://github.com/bugcrowd/bugcrowd_university
  • https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html
  • https://live.splunk.com/splunk-security-dataset-project
  • https://www.dfir.training/tools-sw-hw
  • https://www.springboard.com/resources/learning-paths/cybersecurity-foundations/
  • https://www.cyberaces.org/courses.html
• Partially Free
• Paid
  • https://cyberwarfare.live/
• YouTube
  • Building an infosec IT Home Lab: https://www.youtube.com/watch?v=yDWug2zhjyA&list=PLyJqGMYm0vnP9sgEGRxmhUKFQVVz68Cbh
  • Home Lab Cyber Range series: https://www.youtube.com/watch?v=F1GnwLplxHA&list=PLyJqGMYm0vnOdiXf0XfpjtPTiTWLD4Zso
  • IppSec: https://www.youtube.com/c/ippsec/playlists
  • OSCP: https://www.youtube.com/watch?v=2DqdPcbYcy8&list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf
  • OSWE: https://www.youtube.com/watch?v=NMGsnPSm8iw&list=PLidcsTyj9JXKTnpphkJ310PVVGF-GuZA0

Practice

• Free
  • https://pentesterlab.com/exercises
  • https://hack.me/
• Partially Free
  • https://www.hackthebox.eu/
  • https://cyberdefenders.org/
  • https://www.hackthissite.org/
  • https://tryhackme.com/
• Paid

• Cloud
  • CloudGoat: https://github.com/RhinoSecurityLabs/cloudgoat
    • https://github.com/appsecco/attacking-cloudgoat2
    • https://rhinosecuritylabs.com/aws/cloudgoat-vulnerable-design-aws-environment/
    • https://rhinosecuritylabs.com/aws/introducing-cloudgoat-2/
    • https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/
    • https://medium.com/@rzepsky
      • https://medium.com/@rzepsky/playing-with-cloudgoat-part-1-hacking-aws-ec2-service-for-privilege-escalation-4c42cc83f9da
      • https://medium.com/@rzepsky/playing-with-cloudgoat-part-2-fooling-cloudtrail-and-getting-persistence-access-6a1257bb3f7c
      • https://medium.com/@rzepsky/playing-with-cloudgoat-part-3-using-aws-lambda-for-privilege-escalation-and-exploring-a-lightsail-4a48688335fa
      • https://medium.com/@rzepsky/playing-with-cloudgoat-part-4-security-nuances-of-aws-glue-codebuild-and-s3-services-cc67fb88cc46
      • https://medium.com/@rzepsky/playing-with-cloudgoat-part-5-hacking-aws-with-pacu-6abe1cf5780d
      • https://medium.com/securing/data-leaks-from-aws-ec2-how-can-bob-reveal-alices-secrets-bd6fbe389966