I am in hiring mode again at the moment for my Red Team, and this time have had more junior InfoSec applicants, and people who have little to no experience expressing an interest.
Sadly, we don’t have the time to fully invest in complete new comers to Adversarial Threat Emulation activities, especially with the potential implications of “learning” on live production systems. So I thought I would put this page together with learning resources, both free and paid that people who are learning / what to get in the industry can utilise. Both to find out if its something they would actually enjoying doing day in and out, and to get some foundational useable skills under their belt to be able to make it through hiring programs and being a strong contributor to the team they join.
If you have suggested resources, please add a comment with information and I can add to the list over time.
Thanks and happy learning.
Free Resources
– Mubix Metasploit Minute – Informative Video Playlist on Metasploit Techniques
– Raphael Mudge Cobalt Strike – Informative Video Playlists related to Cobalt Strike
– Pentest Labs – Free Resources – Various online Penetration Tester related training
– Hak5 YouTube – Great Show covering Hacking News, Tools, Techniques, etc
– Security Tube – Aggregation of security videos and some MegaPrimers for various tools.
Paid Resources
– Offensive Security – Penetration Testing with Kali Linux – OSCP
– Offensive Security – Advanced Web Attacks and Exploitation – OSWE
– Offensive Security – Cracking the Perimeter – OSCE
– Offensive Security – Advanced Windows Exploitation – OSEE
– Offensive Security – Wireless Attacks – OSWP
– eLearn Security – Various online Cyber Security Related Training offerings
– Pentest Labs Pro – Paid Resources – Various online Penetration Tester related training
– Pentester Academy – Various online Penetration Tester Related Training offerings
– Zero Point Security – Offensive Security Training (RastaLabs and Certified Red Team Operator)
