Skip to content

Instantly share code, notes, and snippets.

@dalenunns
Last active December 28, 2022 12:51
  • Star 15 You must be signed in to star a gist
  • Fork 6 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save dalenunns/8c59f1c7ac969286562c5e8d747231c1 to your computer and use it in GitHub Desktop.
A list of resources on how to be a hacker/pentester/security person - from #infosec on zatech.slack.com

Howto be a Hacker/Pentester/Security person - List of resources

I've just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)

HypnZA's commonly shared list (in the correct order):

  1. https://www.hacksplaining.com
  2. https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
  3. Watch Ippsec's HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos) https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/videos?sort=da&view=0&flow=grid https://www.hackthebox.eu/

From my own list, I reccommend:

  1. LiveOverflows stuff on YouTube https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
  2. Azeria Labs - https://azeria-labs.com/
  3. Hardware Security Resources - Great list of mostly hardware related info http://www.sp3ctr3.me/hardware-security-resources/

A great intro course is this one on Udemy https://www.udemy.com/course/practical-ethical-hacking A great free online web security course is this one https://portswigger.net/web-security

Shadowrizla suggested this awesome document filled with tons of resources. https://docs.google.com/spreadsheets/d/12bT8APhWsL-P8mBtWCYu4MLftwG1cPmIL25AEBtXDno/edit?usp=sharing

If you run out of stuff the Awesome Hacking list has tons of Awesome lists you can go look at
https://github.com/Hack-with-Github/Awesome-Hacking

The Pentesting certification to have at the moment is an OSCP
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

You can read a nice writeup on what its like to get by HypnZA
https://www.hypn.za.net/blog/2018/05/27/thoughts-on-offensive-securitys-oscp-certification-in-2018-pre-exam/
https://www.hypn.za.net/blog/2018/06/06/thoughts-on-oscp-certification-and-the-exam/

Conferences:

In South Africa there are currently only two community Security Conferences (That I know about)
http://www.0xcon.co.za/ in JHB
http://www.bsidescapetown.co.za in Cape Town
https://www.dc2711.co.za/ in JHB

Local Meetups:

DC2744 (Gardenroute) - http://www.dc2744.org/
DC2711 (Johannesburg) - https://twitter.com/defcon2711
DC2751 (Bloemfontein) - https://twitter.com/dc2751g
0xc0ffee (Cape Town) - https://0xc0ffee-cpt.co.za/ - Currently on hold until in-person events are happening again.
0xc0ffee (Johannesburg) - https://twitter.com/0xc0ffee_jhb
Hack The Box SA Meetup - https://www.meetup.com/Hack-The-Box-Meetup-South-Africa/ OWASP Cape Town - https://www.meetup.com/OWASP-Cape-Town-Chapter-Meetup/

Local Chats / CTF:

Hack South - https://discord.gg/hacksouth

Local Cybersecurity Events / News:

Hack South's website for updates about local cybersecurity events - https://hacksouth.africa/

Additional Resources:

Awesome Firmware Security & Other Helpful Documents - https://github.com/PreOS-Security/awesome-firmware-security The book of secret knowledge (thanks @Shadowrizla) https://github.com/trimstray/the-book-of-secret-knowledge

Some Infosec related discords:

Infosec Book Club: https://discord.gg/fgstndv
The CyberSec Lounge: https://disboard.org/server/join/509544906335715349
Infosec Community: https://discord.gg/bw8DzNn
Whitehat Hacking: https://discord.gg/dCu7n6J
HackerSploit: https://discordapp.com/invite/j3dH7tK
HackTheBox: https://discord.gg/2NJt27j
Offsec: https://discord.gg/E9PHD3s
Below 0day: https://discord.gg/nUQP75w
Reverse Engineering: https://discord.gg/yYsqmWC
Hacker One: https://discord.gg/tUdxjy6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment