Free Cybersecurity training: my own list of materials
There is a lot a material about Cybersecurity free available online.
Yet, all too often this contents are rarely of high quality.
In this post i want to share my own shortlist of (in my view) good quality online training courses.
Hope it’s helpful!
In the 1980’s, Cliff Stoll discovered a $0.75 accounting error on the computer systems he managed at Lawrence Berkeley Laboratory.from https://chrissanders.org/training/cuckoosegg/
This small discovery would eventually lead him on the year-long pursuit of a group of five KGB sponsored hackers who managed to access numerous US government and military networks. His story has inspired countless people to pursue the profession of information security.
The Cuckoo’s Egg Decompiled is a free online course, developed by Chris Sanders and recorded live online from Nov 2017 through Jan 2018 , available for free as an entry-level course for those who are exploring information security and want an introduction to various security concepts.
SANS (known for a very high quality training), has published some introductory training content on a platform called “Cyber Aces”: not especially focused on cybersecurity, but a great source of information about Operating Systems, Networking, and Systems Administration.
Cybrary hosts a lot of courses center around Development and Information Security.
Access to the training videos is free, however the access to labs that accompany the training is a paid services.
Open security training is a great resource full of Information Security specific training.
The site hasn’t been updated since 2015, but a lot of material is still really useful.
OpenSecurityTraining.info is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long.http://opensecuritytraining.info/
All material is licensed with an open license like CreativeCommons, allowing anyone to use the material however they see fit, so long as they share modified works back to the community.
Udemy provide access to a wide variety of classes and training materials, with a lot of contents about cybersecurity.
Free contents are often brief or very base courses, however the cost of pay courses isn’t really expensive.
Amanda Rousseau developed two free classes (but only the first is currently available) that details malware analysis, triage, and reverse engineering:
This workshop provides the fundamentals of reversing engineering (RE) Windows malware using a hands-on experience with RE tools and techniques. You will be introduced to RE terms and processes, followed by creating a basic x86 assembly program, and reviewing RE tools and malware techniques. The course will conclude by participants performing hands-on malware analysis that consists of Triage, Static, and Dynamic analysis.https://sites.google.com/secured.org/malwareunicorn/reverse-engineering/re101
The workshop consists of 3 preparation assignments and 5 sessions.https://www.begin.re/the-workshop
Workshop Prerequisites: a Windows machine (virtual or not). Some knowledge in computer architecture (may help but not mandatory).
Most importantly – the will to learn.
This online training is provided by Offensive Security.
The course provides the basics on how to utilize the metasploit framework, and serves as a sort of guide to the framework.
The Metasploit Unleashed (MSFU) course is provided free of charge by Offensive Security in order to raise awareness for underprivileged children in East Africa. If you enjoy this free ethical hacking course, we ask that you make a donation to the Hackers For Charitynon-profit 501(c)(3) organization. A sum of $9.00 will feed a child for a month, so any contribution makes a difference.https://www.offensive-security.com/metasploit-unleashed/
Rensselaer Polytechnic Institute published a set of courses dedicated to vulnerability research, reverse engineering, and binary exploitation.
All course materials are free and avilable on this GitHub repository.
The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux-based userland binary exploitation. It will then transition into protections found on modern systems (Canaries, DEP, ASLR, RELRO, Fortify Source, etc) and the techniques used to defeat them. Time permitting, the course will also cover other subjects in exploitation including kernel-land and Windows based exploitation.https://github.com/RPISEC/MBE