Getting into InfoSec and Cybersecurity



A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.

Getting into Cybersecurity

A concentrated list of Cybersecurity resources to help anyone interested in learning more about cybersecurity. Link to GoVanguard’s full list of tools and resources is located at the bottom of the page.

Cybersecurity: What It Is and Why It Matters

Free Online Courses to Get Started

Informative Cybersecurity YouTube Channels

Help With Coding

Help With Linux

Web Application Hacking Guides

Hacking References and Cheatsheets

Hacking Books

Pentesting References

Hands-on Training and Practice Exercises

  • OWASP security knowledge framework – OWASP security knowledge framework labs exercises complete with write-ups.
  • Hacker101 CTF – Webapp CTF style exercises.
  • XSS Exercises – Webapp Cross-site scripting (XSS) bug hunting exercises.
  • Rapid7 Metsploitable – Metasploitable is essentially a penetration testing lab in a box, available as a VMware virtual machine (VMX).
  • OWASP WebGoat – WebGoat is an insecure application that allows the testing of vulnerabilities commonly found in Java-based applications that use common and popular open source components.
  • Gruyere – Gruyere is a web application that has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution.
  • OWASP Damn Vulnerable Web Sockets (DVWS) – Vulnerable web application which works on web sockets for client-server communication.
  • OWASP NodeGoat – Includes Node.js web applications for learning the OWASP top 10.
  • OWASP SecurityShepard – Web and mobile application security training platform.
  • OWASP Juice Shop – JavaScript based intentionally insecure web application.
  • CPTE Courseware Kit – Paid Official training kit for CPTE exam.
  • OSCP-like Vulnhub VMs – Intentionally vulnerable VMs resembling OSCP.
  • Over the Wire: Natas – Web application challenges.
  • Hack the Box – Online pentesting labs with Windows VMs.
  • Hack This Site – Web application security exercises.
  • RopeyTasks – Simple deliberately vulnerable web application.
  • Railsgoat – A vulnerable version of Rails that follows the OWASP Top 10.
  • TryHackMe

TryHackMe Beginner Paths (Online platform for learning cyber security, using hands-on exercises and labs)

Fun Web-Based Tools to Tinker With

Cybersecurity News Websites

Darknet Diaries Hacking Episodes to Pique Your Interest

Cybersecurity Podcasts

Detailed GoVanguard Cybersecurity Resources

The Cybersecurity is a github repository by GoVanguard