Find here some resources you'll need to start your SSI journey... or survive through it ! Feel free to contribute if you've got resources of your own.

USTHB-ssi-resources.md

USTHB SSI Resources

Feel free to leave a comment or contribute if you think there's a way to improve this gist !

Table of Matters

• Technical Sheet
• Links
• CTF Websites
• Books
• Certifications
• TryHackMe Walkthrough

📌 Technical Sheet

All the technical information you need to know about the masters will be found in this technical sheet.

📌 Links

• EMD Subjects SSI 2020/2021 (S1)
• EMD Subjects SSI 2020/2021 (S2)
• Summary: Systeme d'exploitation
• SSI EMD Subjects (S1)
• SSI EMD Subjects + Correction Complexite algorithmique

📌 CTF Websites

Beginner Friendly

• overthewire
• picoctf
• tryhackme
• tryhackme: advent of cyber

Other

• root-me
• pwn.college
• hackthebox
• ctftime

📌 Books

Big thanks to Shellmates for this incredible collection of books !

Cryptography

• Serious Cryptography: A Practical Introduction to Modern Encryption

Binary Exploitation/Pwn

• Hacking- The Art of Exploitation (2nd ed. 2008) - Erickson

Penetration Testing/Red Teaming:

• Advanced Penetration Testing
• The Hacker Playbook Vol 2
• The Hacker Playbook Vol 3

Information Security (non-technical)

• Cyberjutsu: Cybersecurity for the Modern Ninja

Reverse Engineering/Malware Analysis

• Practical Malware Analysis

Web Application Security

• A Bug Hunter's Diary
• Real World Bug Hunting
• Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities

Android

• Android Security Internals

Social Engineering

• The Art of Deception
• Social Engineering: The Art of Human Hacking

Lock Picking

• Practical Lock Picking: A Physical Penetration Tester's Training Guide
• Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks

Safe Cracking

• Safe cracking for everyone (Jared Dygart)

Programming/Scripting for Offensive Security

• Black Hat Go: Programming for Hackers and Pentesters
• Gray Hat Python
• Black Hat Python

IoT Hacking

• Abusing the Internet of things: Blackouts, Freakouts, and Stakeouts

Hardware Hacking

• The Car Hacker's Handbook
• The Hardware Hacker: Adventures in Making and Breaking Hardware
• Hacking the Xbox: An Introduction to Reverse Engineering
• Hardware Hacking: Have Fun While Voiding Your Warranty

Programming (Python)

• Learn Python The Hard Way 3rd Edition

📌 Certifications

Beginner :

1. CompTIA - IT Fundamentals.
2. CompTIA – A+
3. Cisco - CCNA (Cisco Certified Network Associate).
4. CompTIA - Security+
5. CompTIA - Server+
6. CompTIA - Network+

Medium :

7. EC-Council - CEH (Certified Ethical Hacker).
8. EC-Council - CHFI (Computer Hacking Forensic Investigator).
9. GIAC - GCIH (GIAC Certified Incident Handler).
10. GIAC - GSEC (GIAC Security Essentials).
11. GIAC - GISP (GIAC Information Security Professional).
12. Microsoft – MCSA Windows Server 2021 (Microsoft Certified Solutions Associate)

Advanced :

13. CSA - CCSK (Certificate of Cloud Security Knowledge).
14. Cisco – CCNP (Cisco Certified Network Professional).
15. Cisco – CCDP (Cisco Certified Design Professional).
16. CompTIA - CySA+ (Cybersecurity Analyst).
17. ISACA - CISA (Certified Information Systems Auditor).
18. (ISC)² - CSSLP (Certified Secure Software Lifecycle Professional).
19. Microsoft - MCSE Server Infrastructure (Microsoft Certified Solutions Expert).
20. GIAC - GSLC (GIAC Security Leadership Certification).

Expert:

21. Cisco - CCIE (Cisco Certified Internetwork Expert).
22. Cisco – 600-199 SCYBER (Securing Cisco Networks with Threat Detection and Analysis).
23. CompTIA - CASP (Advanced Security Practitioner).
24. ISACA - CGEIT (Certified in the Governance of Enterprise IT).
25. ISACA - CISM (Certified Information Security Manager).
26. (ISC)² - CISSP (Certified Information Systems Security Professional).
27. Mile2 - CPTE (Certified Penetration Testing Engineer)

📌 TryHackMe Walkthrough

A friend of mine showed me this walkthrough on https://tryhackme.com/resources/blog/free_path, thanks $p54B$ for drawing my attention toward it !

🦚 Level 1 - Intro

• OpenVPN https://tryhackme.com/room/openvpn
• Welcome https://tryhackme.com/jr/welcome
• Intro to Researching https://tryhackme.com/room/introtoresearch
• Learn Linux https://tryhackme.com/room/zthlinux
• Crash Course Pentesting https://tryhackme.com/room/ccpentesting Introductory CTFs to get your feet wet
• Google Dorking https://tryhackme.com/room/googledorking
• OHsint https://tryhackme.com/room/ohsint
• Shodan.io https://tryhackme.com/room/shodan

🦚 Level 2 - Tooling

• Tmux https://tryhackme.com/room/rptmux
• Nmap https://tryhackme.com/room/rpnmap
• Web Scanning https://tryhackme.com/room/rpwebscanning
• Sublist3r https://tryhackme.com/room/rpsublist3r
• Metasploit https://tryhackme.com/room/rpmetasploit
• Hydra https://tryhackme.com/room/hydra
• Linux Privesc https://tryhackme.com/room/linuxprivesc
• Web Scanning https://tryhackme.com/room/rpwebscanning More introductory CTFs
• Vulnversity - https://tryhackme.com/room/vulnversity
• Blue - https://tryhackme.com/room/blue
• Simple CTF https://tryhackme.com/room/easyctf
• Bounty Hacker https://tryhackme.com/room/cowboyhacker

🦚 Level 3 - Crypto & Hashes with CTF practice

• Crack the hash https://tryhackme.com/room/crackthehash
• Agent Sudo https://tryhackme.com/room/agentsudoctf
• The Cod Caper https://tryhackme.com/room/thecodcaper
• Ice https://tryhackme.com/room/ice
• Lazy Admin https://tryhackme.com/room/lazyadmin
• Basic Pentesting https://tryhackme.com/room/basicpentestingjt

🦚 Level 4 - Web

• OWASP top 10 https://tryhackme.com/room/owasptop10
• Inclusion https://tryhackme.com/room/inclusion
• Injection https://tryhackme.com/room/injection
• Vulnversity https://tryhackme.com/room/vulnversity
• Basic Pentesting https://tryhackme.com/room/basicpentestingjt
• Juiceshop https://tryhackme.com/room/owaspjuiceshop
• Ignite https://tryhackme.com/room/ignite
• Overpass https://tryhackme.com/room/overpass
• Year of the Rabbit https://tryhackme.com/room/yearoftherabbit
• DevelPy https://tryhackme.com/room/bsidesgtdevelpy
• Jack of all trades https://tryhackme.com/room/jackofalltrades
• Bolt https://tryhackme.com/room/bolt

🦚 Level 5 - Reverse Engineering

• Intro to x86 64 https://tryhackme.com/room/introtox8664
• CC Ghidra https://tryhackme.com/room/ccghidra
• CC Radare2 https://tryhackme.com/room/ccradare2
• CC Steganography https://tryhackme.com/room/ccstego
• Reverse Engineering https://tryhackme.com/room/reverseengineering
• Reversing ELF https://tryhackme.com/room/reverselfiles
• Dumping Router Firmware https://tryhackme.com/room/rfirmware

🦚 Level 6 - PrivEsc

• Sudo Security Bypass https://tryhackme.com/room/sudovulnsbypass
• Sudo Buffer Overflow https://tryhackme.com/room/sudovulnsbof
• Windows Privesc Arena https://tryhackme.com/room/windowsprivescarena
• Linux Privesc Arena https://tryhackme.com/room/linuxprivescarena
• Windows Privesc https://tryhackme.com/room/windows10privesc
• Blaster https://tryhackme.com/room/blaster
• Ignite https://tryhackme.com/room/ignite
• Kenobi https://tryhackme.com/room/kenobi
• Capture the flag https://tryhackme.com/room/c4ptur3th3fl4g
• Pickle Rick https://tryhackme.com/room/picklerick

🦚 Level 7 - CTF practice

• Post Exploitation Basics https://tryhackme.com/room/postexploit
• Smag Grotto https://tryhackme.com/room/smaggrotto
• Inclusion https://tryhackme.com/room/inclusion
• Dogcat https://tryhackme.com/room/dogcat
• LFI basics https://tryhackme.com/room/lfibasics
• Buffer Overflow Prep https://tryhackme.com/room/bufferoverflowprep
• Overpass https://tryhackme.com/room/overpass
• Break out the cage https://tryhackme.com/room/breakoutthecage1
• Lian Yu https://tryhackme.com/room/lianyu