The Hacker Roadmap: Resources to Begin Your Journey

Obviously, this list isn’t exhaustive and I haven’t gone through all of these myself, so if anyone has experience with one of the links listed, or has another (quality) source of learning that was not mentioned, please share it in a comment below. If it seems like a worthwhile study tool, I’ll add it to this article.

 

I just wanted to provide a starting list for those who are like me and wishes there were more sites that brought together the many great training tools out there to one place.

There are so many resources out there, it’s sometimes hard to sort through what’s actually worthy of your time.

 

This article is especially helpful for those who don’t even know where to begin looking for information or what they should be looking for.

 

I expect this list to get much larger over time, so keep this page bookmarked for the next time you get bored and want to learn some new aspect about security, and once again, please contribute!

 

Let’s start with the free ones:

 

General Hand’s-on/informational experience for various topics

  • https://picoctf.com/: This CTF (“Capture the Flag” for those who might not know) is meant for high schoolers, but I felt it was a great way for me to start learning hacking concepts. It’s also fun as it video-gamifies the challenges.
  • https://www.vulnhub.com/: This is a great site that puts together the many legally ‘breakable, hackable & exploitable’ items out there on the internet for you to become fully immersed in security concepts.
  • https://www.hackthissite.org/: Provides many challenges of varying categories where you can learn to hack in a safe and legal environment.
  • https://ringzer0team.com: I’ve never used this one, but the site description describes it as a “CTF [that] offers you tons of challenges designed to test and improve your hacking skills through hacking challenges”. I’ve had this site recommended to me by several other cyber security enthusiasts.
  • http://www.enigmagroup.org/: It looks like they’ve changed the layout of the site since I last used their resources, but this is a great site for learning all about web application security.
  • http://overthewire.org/wargames/: I’d start with the Bandit exercises just to get a good idea of how the Linux command line works and how commands can be tailored to specific needs using different flags.
  • http://opensecuritytraining.info/Training.html: This site has training for many different topics for beginners to those with a lot more experience under their belts. Pick one that looks interesting to you and work through the materials they have.

 

Video Series

 

Metasploit

 

Create a web scraper

 

Just Plain Interesting

  • http://webkay.robinlinus.com/: This page is really eye-opening as it shows you how much your web browser can know about you without even needing your permission. It is also eerily accurate (although it was unable to guess some of my hardware specs accurately…), so definitely try this if you’re bored or just curious like me.

 

Agree with them or not, these are documents that are pretty well known to those interested in hacking or to the IT community in general

 

$ Training that costs $

 

More Resource Lists (May contain duplicate resources to this page, but they have a lot of quality stuff to look at. I’m just listing the links so I don’t have to rewrite what’s already on another website and also to give them credit for compiling their resources)

 

Of course, the Internet is full of resources, so like I said, this is in no way meant to be exhaustive. But now there’s no excuse not to start. So pick a resource that looks interesting, and begin your journey towards becoming an expert!

(If you have other topics in security/hacking you’d like to see sources for, comment below and I’ll see what I can do. Thanks!)

css.php