Cyber Security Topics Profile picture
Oct 22, 2022 21 tweets 6 min read Read on X
Most people suck at finding platforms to learn & practice #ReadTeam operations and #Pentesting.
But not anymore.

Here are 20 splendid websites to find practice methods for your information security knowledge easily:
#1
Name: Vuln Machines
Service: Videos and Labs
Link: vulnmachines.com
#2
Name: Checkmarx
Service: Interactive Learning
Link: checkmarx.com
#3
Name: RangeForce
Service: Interactive Exercises
Link: rangeforce.com
#4
Name: Vuln Hub
Service: Written Content and Labs.
Link: vulnhub.com
#5
Name: TCM Security
Service: Interactive Learning.
Link: tcm-sec.com
#6
Name: HackXpert
Service: Written Content and Labs.
Link: hackxpert.com/index.php
#7
Name: OverTheWire
Service: Written Content and Labs.
Link: overthewire.org/wargames/
#8
Name: Hack The Box
Service: Written Content and Labs.
Link: hackthebox.com
#9
Name: CyberSecLabs
Service: Written Content and Labs.
Link: cyberseclabs.co.uk
#10
Name: Pentester Academy
Service: Written Content and Labs.
Link: pentesteracademy.com
#11
Name: Bug Bounty Reports Explained YouTube
Service: Videos.
Link: youtube.com/c/bugbountyrep…
#12
Name: Web Security Academy
Service: Written Content and Labs.
Link: portswigger.net/web-security
#13
Name: Securibee's Infosec Resources
Service: Written Content.
Link: securib.ee/beelog/informa…
#14
Name: Jhaddix Bug Bounty Repository
Service: Written Content.
Link: github.com/jhaddix/tbhm
#15
Name: Zseano's Free Bug Bounty Methodology
Service: Free Ebook.
Link: bugbountyhunter.com/methodology/zs…
#16
Name: NahamSec's Bug Bounty Beginner Repository
Service: Written Content.
Link: nahamsec.com/getting-starte…
#17
Name: Kontra Application Security Training
Service: Interactive Learning.
Link: application.security
#18
Name: Root Me
Service: Challenges.
Link: root-me.org/?lang=en
#19
Name: InsiderPhD YouTube
Service: Videos.
Link: youtube.com/channel/UCPiN9…
#20
Name: EchoCTF
Service: Online Training
Link: echoctf.red

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Cyber Security Topics

Cyber Security Topics Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Mawg0ud

May 23, 2023
Combining the strengths of

‘Deep Learning’ + ‘Malware Analysis’

is a formidable cybersecurity strategy.

I gathered 10 neural networks effective researches works in this scope to detect and understand complex malware in data science: 🧵👇

(1/11) Image
(2/11)
• Name: Deep learning based Sequential model for malware analysis using Windows exe API Calls

• API-based Windows dataset development. This dataset on GitHub benefits and advances malware detection research.

• Link: peerj.com/articles/cs-28…
(3/11)
• Name: Deep Learning Techniques for Behavioral Malware Analysis in Cloud IaaS

• This work compares the performance characteristics of several deep learning models to online virus detection in cloud IaaS.

• Link: link.springer.com/chapter/10.100…
Read 11 tweets
Jan 4, 2023
Life cheat codes I learnt in my 30's I hoped if I knew in my 20's 🧵
Nothing meaningful in life comes without constant, hard labor; "easy" and "success" are not pals.
A simple request is often the only thing standing between you and your desires.
Read 24 tweets
Oct 19, 2022
15 effective websites for pentesting research:

Thread🧵👇

#cybersecurity #cybersecuritytips #infosec #hacking #bugbountytips #infosecurity
1. #SecurityTrails
Numerous DNS records.
Link: lnkd.in/dXMTMmWs
2. ExploitDB
collection of past expolitations.
Link: lnkd.in/dTAXTUQa
Read 16 tweets
Oct 17, 2022
Another new idea for #PenetrationTesting and #Bug-hunting:

Tester:
Enhance the force of #vulnerabilities by doing things like
I discovered a free #URL that leads somewhere else.
Put this in my report and move on ?
To the contrary, changing the #payload allowed me to transform it into a reflected #XSS #vulnerability. Is this the final question?
Obviously not if I have any hope of carrying on.
This web app used #JWT tokens that were transmitted in the bearer header, and for some reason, there were three more cookies that also contained this token.
Only two of them were secure with #HTTP Only.
Just a wild guess.
Read 5 tweets
Oct 16, 2022
Here's a list of free #PenetrationTesting and #RedTeam Labs you may set up in your own home to enhance your #hacking abilities :
1) Red Team Attack Lab
A simulated setting where red teams can practice exploiting #vulnerabilities in various operating systems.
lnkd.in/ernefQv8
2) Capsulecorp Pentest
#Capsulecorp is a lightweight virtual infrastructure operated using Vagrant and Ansible. One #Linux attacking system running #Xubuntu is included, along with four #Windows 2019 servers hosting a variety of #exploitable services.

lnkd.in/eYfGmNBe
Read 10 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(