Welcome back guys!!! This post is for free courses, rooms and roadmap for CTFs (Step by Step Approach)
#Content is divided into "levels" and the Links are "Coloured" , Click on the coloured links to view the content.
if you face any problem contact @CyberDemon , @CyberGod and our other staff and admins.
Level 1 - Intro
- OpenVPN - Learn how to connect to a virtual private network using OpenVPN.
- Welcome - Learn how to use a TryHackMe room to start your upskilling in cyber security.
- Intro to Researching - A brief introduction to research skills for pentesting.
- Linux Fundamentals 1 - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal.
- Linux Fundamentals 2 - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal.
- Linux Fundamentals 3 - Embark on the journey of learning the fundamentals of Linux. Learn to run some of the first essential commands on an interactive terminal.
- Pentesting fundamentals - Fundamentals of penetration testing.
- Principles of security - Principles of security.
- Red Team Engagements - Intro to red team engagements.
- Hip Flask - An in-depth walkthrough covering pentest methodology against a vulnerable server.
- Google Dorking - Explaining how Search Engines work and leveraging them into finding hidden content!
- Osint - Intro to Open Source Intelligence.
- Shodan.io - Learn about Shodan.io and how to use it for device enumeration.
Level 2 - Tooling
- Tmux - Learn to use tmux, one of the most powerful multi-tasking tools on linux.
- Nmap - Get experience with Nmap, a powerful network scanning tool.
- Web Scanning - Learn the basics of automated web scanning.
- Sublist3r - Learn how to find subdomains with Sublist3r.
- Metasploit - An introduction to the main components of the Metasploit Framework.
- Hydra - Learn about and use Hydra, a fast network logon cracker, to bruteforce and obtain a website's credentials.
- Linux Privesc - Practice your Linux Privilege Escalation skills on an intentionally misconfigured Debian VM with multiple ways to get root! SSH is available.
- Red Team Fundamentals - Learn about the basics of a red engagement, the main components and stakeholders involved, and how red teaming differs from other cyber security engagements.
- Red Team Recon - Learn how to use DNS, advanced searching, Recon-ng, and Maltego to collect information about your target.
- Vulnversity - Learn about active recon, web app attacks and privilege escalation.
- Blue - Deploy & hack into a Windows machine, leveraging common misconfigurations issues.
- Simple CTF - Beginner level CTF.
- Bounty Hacker - A space cowboy-themed boot to root machine.
Level 3 - Crypto & Hashes with CTF practice
- Crack the hash - Cracking hash challenges.
- Agent Sudo - You found a secret server located under the deep sea. Your task is to hack inside the server and reveal the truth.
- The Cod Caper - A guided room taking you through infiltrating and exploiting a Linux system.
- Ice - Deploy & hack into a Windows machine, exploiting a very poorly secured media server.
- Lazy Admin - Easy linux machine to practice your skills.
- Basic Pentesting - This is a machine that allows you to practice web app hacking and privilege escalation.
- Bypassing UAC - Learn common ways to bypass User Account Control (UAC) in Windows hosts.
Level 4 - Web
- OWASP top 10 - Learn about and exploit each of the OWASP Top 10 vulnerabilities; the 10 most critical web security risks.
- Inclusion - A beginner-level LFI challenge.
- Injection - Walkthrough of OS Command Injection. Demonstrate OS Command Injection and explain how to prevent it on your servers.
- Juiceshop - This room uses the OWASP juice shop vulnerable web application to learn how to identify and exploit common web application vulnerabilities.
- Overpass - What happens when some broke CompSci students make a password manager.
- Year of the Rabbit - Can you hack into the Year of the Rabbit box without falling down a hole.
- DevelPy - Boot2root machine for FIT and bsides Guatemala CTF.
- Jack of all trades - Boot-to-root originally designed for Securi-Tay 2020.
- Bolt - Bolt themed machine to root into.
Level 5 - Reverse Engineering & Pwn
- Intro to x86 64 - This room teaches the basics of x86-64 assembly language.
- CC Ghidra - This room teaches the basics of ghidra.
- CC Radare2 - This room teaches the basics of radare2.
- Reverse Engineering - This room focuses on teaching the basics of assembly through reverse engineering.
- Reversing ELF - Room for beginner Reverse Engineering CTF players.
- Dumping Router Firmware - Reverse engineering router firmware.
- Intro to pwntools - Introduction to popular pwn tools framework.
- Pwnkit: CVE-2021-4034 - Interactive lab for exploiting and remediating Pwnkit (CVE-2021-4034) in the Polkit package.
Level 6 - PrivEsc
- Sudo Security Bypass - A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series.
- Sudo Buffer Overflow - A tutorial room exploring CVE-2019-18634 in the Unix Sudo Program. Room Two in the SudoVulns Series.
- Windows Privesc Arena - Students will learn how to escalate privileges using a very vulnerable Windows 7 VM.
- Linux Privesc Arena - Students will learn how to escalate privileges using a very vulnerable Linux VM.
- Windows Privesc - Students will learn how to escalate privileges using a very vulnerable Windows 7 VM.
- Blaster - Metasploit Framework to get a foothold.
- Ignite - A new start-up has a few security issues with its web server.
- Kenobi - Walkthrough on exploiting a Linux machine. Enumerate Samba for shares, manipulate a vulnerable version of proftpd and escalate your privileges with path variable manipulation.
- Capture the flag - Another beginner-level CTF challenge.
- Pickle Rick - Rick and Morty themed LFI challenge.
Thats All for now enjoy HACKING AND CTFS -- TEAM HELLOFHACKERS!!!!!
Here is the FULL Link: https://github.com/brootware/awesome-cyber-security-university