InfoSec resources

A list of helpful cybersecurity / infosec resources


List of InfoSec resources

I get this question a lot so I compiled a big list that I can just link people to directly.

Where to start?


CTFs


If you are new, you should start with high school level and eventually level up to college level.

  • https://ctftime.org – Find CTFs and write-ups
  • https://picoctf.com/ (high school level)
  • NSA Codebreaker challenge
  • CSAW RED (high school level) – Formerly known as CSAW HSF
  • CSAW CTF (college level)
  • HackTheBox – I never did this, but it’s popular

Binary Exploitation


Game hacking and reversing


  • Pointers for REAL dummies – This is how I finally understood pointers when I was 12 years old. GREAT guide and it will teach you about C and what is memory.
  • Fl33p’s CS:S bunnyhop hack tutorial (YT) – A bit outdated but this is what helped me finally understand how to use a debugger and Cheat Engine and Visual Studio. The explanations are not 100% accurate but most importantly it is really beginner friendly for noobs
  • godbolt.org Compiler Explorer – Good to learn what code looks like when it gets compiled
  • Reverse Engineering Stack Exchange – Good place to figure out how to do something in IDA Pro.
  • osdev wiki – Has some outdated or inaccurate info, but usually a good starting point.

Discord servers


Remember to be nice, don’t be rude or annoying, etc. Act like an adult.

DISCLAIMER: I DO NOT ENDORSE any of these servers personally, their administrators, or any of the discussion that may occur in them. I deny any particular knowledge or awareness of the day-to-day occurrences and contents of conversations on these servers. In other words, this is simply a list of some well-known, popular infosec related servers. The views, opinions, and speech of the participants or administrators on the servers below bear NO REFLECTION whatsoever on my own personal opinions, values, or beliefs. This list is provided as a USEFUL RESOURCE only. 

Blogs (in no particular order)


DISCLAIMER: I DO NOT ENDORSE the personal character of any of the listed authors. The blogs listed below are chosen SOLELY based on the merits and quality of the publications and research ONLY. In other words, this is simply a list of well-known infosec authors. The views, opinions, and writing of the blogs below or their authors bear NO REFLECTION whatsoever on my own personal opinions, values, or beliefs. This list is provided as a USEFUL RESOURCE only.

Other InfoSec newsletters, zines, and publications


Favorite Tools


I am a Windows user so I mainly use Windows tools. Sorry Linux users.

Must-have, essential tools

Other handy tools


Hex-Rays plugins


x64dbg plugins


Lectures and slides


Reference materials


  • Intel Manual volume 3 – they say that every question you have is answered somewhere in this book. the question is where to find it. and also how to understand it. since this shit is not easy nor fun to read. sometimes if you ask some stupid question people will tell you to go read the intel manual. it’s an advanced way to tell people to fuck off.
  • Hacker’s Delight – bit hacking tricks, you see them used by compilers often. Division constants
  • Dragon Book – popular compilers textbook
  • SSA book – resource for advanced topics on single static assignment form in compilers