Free Training Resources for Cybersecurity and IT Students and Professionals

I will try to keep this list up-to-date with training resources for different areas that could benefit students and professionals of cybersecurity and IT

a year ago   •   23 min read

By 0xBEN
Table of contents

Recommended Learning Path for Beginners

Nobody is born with knowledge of any of this material. If you encounter someone very skilled, know that they've likely been practicing for a long time. It didn't come to them overnight, I can promise you.

It may seem like there's a mountain of materials to learn. There are no shortcuts, so try to enjoy the climb. As long as you keep learning a little bit at a time, you will learn enough that more things will start making sense. The investment of your time will be worth it.

ℹ️
You do not need to be an expert in all of these domains. The idea is to build confidence with a broad understanding of these topics.
⚠️
If English is not your native language, you might consider slowing the video speed and enabling subtitles (if available), as some of the speakers may talk a bit quickly.



Systems Administration

1.  Foundational Knowledge

💡
Highly Recommended Viewing

This is a series of brief videos that will introduce you to the technical metamorphosis of computers and their various parts. Very good stuff!

13:35
12:16
12:02
11:23
12:58



2.  Interactive Introduction to Computer Systems

Go through a gamified and engaging series of lessons that will introduce you to the hardware and software aspects of computer systems.

Introduction to IT | Codecademy
Take your first steps into the world of IT, or Information Technology! Introduction to IT will teach you about core IT subjects.



3.  Systems Administration Crash Course by Google

Playlist
Playlist



4.  Introduction to Virtual Machines and VirtualBox

15:34



5.  If You Want to Go Further...

⚠️
These are optional additions to the learning path

Professor Messer's A+ Videos


Please Note!

This is not a recommendation to get the certification unless needed for a job! You can just watch the videos. I linked the Professor Messer A+ content, because it will introduce you to:

  • Hardware concepts
  • Operating systems concepts
  • Troubleshooting methodology (which is useful to build analytical skills)

Professor Messer's A+ Training Course Part 1
Professor Messer's A+ Training Course Part 2





Computer Networking

1.  Foundational Knowledge

Here you will be introduced to the history and metamorphosis of the technology that makes up computer networks and the larger Internet.

12:19
11:57



2.  Complete Networking Course by Google

Playlist



3.  Hands-On Networking Labs with GNS3

Labs | Pacific Cybersecurity

I'd recommend doing the lab in this order as some of the concepts may be difficult for complete beginners:

  • Steps 1, 2, 3
  • Then, steps 6, 7, 8, 9

If you're feeling ambitious, you could do the entire lab, but there are some concepts that may be best saved for later.



4.  If You Want to Go Further...

⚠️
These are optional additions to the learning path

Professor Messer's Network+ Videos


Please Note!

This is not a recommendation to get the certification unless needed for a job! The networking course by Google linked above should cover almost everything you need to know.

Professor Messer's Network+ Training Videos





Web

1.  Foundational Knowledge

Here, you will be introduced to the history and metamorphosis of the technology that makes up the World Wide Web.

11:36



2.  How DNS Works

The Domain Name System (DNS) is a core component to the functionality of the web and web servers.

6:04



3.  HTTP and HTML 101

HTTP is the protocol used between web browser and web servers to transfer data back and forth. HTML is the markup language that instructs browsers on how that data should be displayed on the page.

7:06



4.  Learn About the Web Interactively

While TryHackMe is a cybersecurity training platform, this free module is an informational module that will help you learn about the web technologies in a gamified manner.

TryHackMe | Web Fundamentals
Learn how the web works!





Programming

1.  Foundational Knowledge

Here you will have the opportunity to learn about the fundamental concepts in programming in a gamified manner. This entire module is interactive, so take it in small chunks at a time and have fun with it.

Learn How to Code | Codecademy
New to coding? Start here and learn programming fundamentals that can be helpful for any language you learn.



2.  Learn PowerShell Interactively

ℹ️
Shameless plug, this is a PowerShell series written by me

This is a mini-series on my blog that will introduce you to programming fundamentals with PowerShell. PowerShell makes a great introductory language if you have a Windows computer, cause you can just get started without having to install any additional software packages.

PowerShell as Your First Programming Language
In this post, I discuss why PowerShell makes a great first programming language



3.  Learn Python Interactively

This is a very high-quality, free course on Udacity which will take you through the fundamentals of programming with Python. If you pick up here after my PowerShell course, you'll see a lot of the same concepts, just different ways of doing them with Python.

Free Intro to Python Course | Free Courses | Udacity
Take Udacity’s free Intro to Python course, designed for beginners, and get an introduction to programming and the Python language. Learn online with Udacity.



4.  A Deeper Look into Programming

While this course is not interactive in nature, it is free and VERY informative. You'll gain a better understanding of computer numbering systems and the ways programs can control hardware, networking, and more.

🔗
https://www.udemy.com/course/programming-101/





Systems Administration Resources

Core Systems Concepts

  • Storage
  • CPU
  • Memory
  • Boot procedure
  • System internals
  • Core directories
  • Filesystem hierarchy
  • Windows Registry
  • Event and audit logs



Terminals

Linux

  • Bash
  • Zsh
  • PowerShell

Windows

  • PowerShell
  • cmd.exe (Legacy)



Common Command Line Operations

Create, delete, modify files and directories

ls , mkdir , cd , touch , nano , cp , mv , rm , vim , Get-ChildItem , New-Item , Copy-Item , Move-Item , Rename-Item , Remove-Item



Manipulating file contents and text streams

grep , cat , sed , awk , tr , cut , paste

PowerShell: -split , -replace , -join



Managing processes and services

ps , kill , systemctl , service , strace , Get-Process , Stop-Process , Get-Service , Stop-Service , Restart-Service



Installing and uninstalling packages

apt , yum , pkg , pacman , zypper , winget , Install-Package , Uninstall-Package



Downloading files and interacting with the web

wget , curl , Invoke-WebRequest , Invoke-RestMethod , [System.Net.WebClient]::DownloadFile()



Cheat Sheets

tldr InBrowser.App
tldr InBrowser.App is an offline-capable PWA for tldr-pages. Fully runs in your browser. Zero API latency.
explainshell.com - match command-line arguments to their help text
match command-line arguments to their help text
PowerShell Commands Library | PDQ
We’re passionate about PowerShell. We believe it’s quickly becoming a necessity for carrying out day-to-day systems administrative tasks. To help our users write scripts to automate their daily work, we’ve compiled a list of common PowerShell commands.
PowerShell commands - PowerShell - SS64.com
Linux, Bash, and System Administration Cheat Sheet
cheat sheet for Linux/Bash/System Administration
Crontab.guru - The cron schedule expression editor
An easy to use editor for crontab schedules.



Free Systems Training

Hands-On Labs

Proxmox VE 7: Converting a Laptop into a Bare Metal Server
In this post, we will take a look at an in-detail process of setting up a Proxmox home lab on a bare metal server.
Building a Security Lab in VirtualBox
In this post, we we will take a look at an in-detail process of setting up an entry-level cybersecurity lab using VirtualBox



Linux

Linux Essentials
Home | Linux Journey
Linux Server Management and Security
Offered by University of Colorado System. Whether you are accessing a bank website, Netflix or your home router, chances are that your ... Enroll for free.
GitHub - trimstray/test-your-sysadmin-skills: A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A. - GitHub - trimstray/test-your-sysadmin-skills: A collection of Linux S...



Windows

Windows Server deployment, configuration, and administration - Training
Windows Server deployment, configuration, and administration



General Systems Overview

GitHub - kahun/awesome-sysadmin: A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP. - GitHub - kahun/awesome-sysadmin: A curated list of amazingly awesome open source sysadmin resources ins...
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other reso...





Networking Resources

Core Networking Concepts



Networking Tools

IP Configuration

  • ip address , ip neighbor , ip link
  • Get-NetAdapter
  • Get-NetIPConfig or ipconfig
  • Get-NetIPAddress
  • Get-NetNeighbor
  • IP Subnet Calculator



Host Discovery

  • ping
  • arp-scan
  • nmap



Packet Capture and Analysis

  • Wireshark and tshark
  • tcpdump



Sockets

  • netcat or nc
  • socat
  • netstat or ss



DNS Troubleshooting

  • nslookup or dig
  • /etc/resolv.conf
  • Resolve-DnsName
  • Get-DnsClientServerAddress
  • Get-DnsClientCache
  • DNS Dumpster
  • MXToolbox



Remote Connectivity

  • OpenVPN
  • Wireguard
  • IPsec
  • ssh
  • scp
  • plink.exe



Firewalls

  • netsh
  • iptables
  • pf



Proxies

  • proxychains
  • Burp (or ZAP)



Free Networking Training

Hands-On Labs

Labs | Pacific Cybersecurity



NAT



Subnetting

Quick Subnetting - All in your head!
This probably isn’t new for most of you guys, but I thought I’d share what my book taught me. It makes subnetting quick and easy to figure out in seconds.



DNS



Encapsulation

What is the OSI Model? Computer Networking for Beginners
In this article, you will learn about the core concepts of the Open Systems Interconnections (OSI) model in a simple and easy way. As a developer, it’s a good idea to learn how things work “under the hood”. That way you understand what your code and the tools you use



Proxies



Cryptography



Tor



General Networking Overview

Computer Networking: a Top Down Approach
Check out the links under the "Resources (for everyone)" tab
Networking for Web Developers | Free Courses | Udacity
Take Udacity’s Networking for Web Developers course and learn how the internet works. Explore the underpinnings of the net with tools like traceroute, tcpdump, and nc.
Computer Networking | Free Courses | Udacity
Sign up for Udacity’s Computer Networking course, an advanced Computer Networking program that delves into the latest concepts and tools used by the CN industry.
Well-Known TCP/IP Port Numbers, Service Names & Protocols [Comprehensive Reference]
A comprehensive list of commonly used network port numbers and a description of service provided by each.
GitHub - nyquist/awesome-networking: Curated list of awesome computer networking resources
Curated list of awesome computer networking resources - GitHub - nyquist/awesome-networking: Curated list of awesome computer networking resources
GitHub - friskfrysefrugt/awesome-networking: A curated inexhaustive list of network utilities
A curated inexhaustive list of network utilities. Contribute to friskfrysefrugt/awesome-networking development by creating an account on GitHub.





Web Resources

Core Web Concepts

  • HTTP methods and headers
  • Web servers
  • Proxies
  • Directories and files
  • HTML
  • CSS
  • JavaScript
  • Databases
  • Inputs and parameters



Web Tools

CLI HTTP Clients

  • curl
  • wget
  • Invoke-WebRequest
  • Invoke-RestMethod

DOM Inspection

  • Browser developer tools (F12 key)

Content Discovery

  • gobuster
  • feroxbuster

Brute Force

  • hydra
  • ffuf

HTTP Proxies

  • Burp
  • ZAP

Web Stack Analyzers

  • Wappalyzer



Free Web Training

Web Development

Learn HTML | Codecademy
Start at the beginning by learning HTML basics — an important foundation for building and editing web pages.
HTML & CSS Courses & Tutorials | Codecademy
HTML is the foundation of all web pages. It defines the structure of a page, while CSS defines its style. HTML and CSS are the beginning of everything you need to know to make your first web page! Learn both and start creating amazing websites.
Learn JavaScript | Codecademy
Learn how to use JavaScript — a powerful and flexible programming language for adding website interactivity.
Learn SQL | Codecademy
In this SQL course, you’ll learn how to manage large datasets and analyze real data using the standard data management language.
Learn Node.js | Codecademy
Learn about the different components of a web application’s back-end and explore the Node.js JavaScript runtime environment.



Web Server Administration

GitHub - trimstray/nginx-admins-handbook: How to improve NGINX performance, security, and other important things.
How to improve NGINX performance, security, and other important things. - GitHub - trimstray/nginx-admins-handbook: How to improve NGINX performance, security, and other important things.



Web Security

Web Security Academy: Free Online Training from PortSwigger
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.
OffSec’s Exploit Database Archive
The GHDB is an index of search queries (we call them dorks) used to find publicly available information, intended for pentesters and security researchers.



Search Engine Cheat Sheets

Google Search Operators: 40 Commands to Know in 2023 (Improve Research, Competitive Analysis, and SEO)
Google search operators are your secret tools to get enhanced info you can use for SEO, content research, & more. Get the full list here!



General Web Overview

The Web In Depth
Hacker101 is a free class for web security. Whether you’re a programmer with an interest in bug bounties or a seasoned security professional, Hacker101 has something to teach you.
HTTP request methods - HTTP | MDN
HTTP defines a set of request methods to indicate the desired action to be performed for a given resource. Although they can also be nouns, these request methods are sometimes referred to as HTTP verbs. Each of them implements a different semantic, but some common features are shared by a group of t…
List of HTTP header fields - Wikipedia





Programming Resources

Core Programming Concepts

  • Object-oriented programming (OOP)
  • Data types
  • Variables
  • Flow logic (if/else)
  • Loops
  • Functions
  • Source code review
  • Modifying exploits



REPL

  • Read
    • An interpreter reads your input
  • Evaluate
    • An interpreter executes (evaluates) your instructions
  • Print
    • An interpreter prints any output or errors
  • Loop
    • An interpreter loops back to repeat the process

Programming Languages with a REPL:

  • Python
  • PowerShell
  • JavaScript (Node.js)
💡
Learning to code first with a REPL as a beginner can be highly beneficial, as you can run and change your code on the fly without waiting for a compiler or debugger, so you get instant feedback on your input



Free Programming Training

Compiled & Scripting Languages

Example Scripting Languages

  • Bash
  • JavaScript
  • PowerShell
  • Python
  • Ruby

Example Compiled Languages

  • C
  • C++
  • C#
  • Java



Hands-On Learning

Exercism
Learn, practice and get world-class mentoring in over 50 languages. 100% free.



Language-Specific Training

Bash

Shell Scripting Tutorial
This tutorial is written to help people understand some of the basics of shell script programming (aka shell scripting), and hopefully to introduce some of the possibilities of simple but powerful programming available under the Bourne shell. As such, it has been written as a basis for one-on-one or…
Learn Shell - Free Interactive Shell Tutorial
learnshell.org is a free interactive Shell tutorial for people who want to learn Shell, fast.



PowerShell

PowerShell as Your First Programming Language
In this post, I discuss why PowerShell makes a great first programming language
Automate administrative tasks by using PowerShell - Training
PowerShell provides a large set of commands with which you can automate your tasks, like user management, CI/CD, managing cloud resources and much more. There’s also testing capabilities via Pester and third-party modules you can install on your system, to extend your list of commands.
Wargames – UTW
Learn PowerShell interactively through a series of challenges



Python

Free Intro to Python Course | Free Courses | Udacity
Take Udacity’s free Intro to Python course, designed for beginners, and get an introduction to programming and the Python language. Learn online with Udacity.
Learn Python - Free Interactive Python Tutorial
learnpython.org is a free interactive Python tutorial for people who want to learn Python, fast.



L337 Coding Challenges

Codewars - Achieve mastery through coding practice and developer mentorship
A coding practice website for all programming levels – Join a community of over 3 million developers and improve your coding skills in over 55 programming languages!
HackerRank - Online Coding Tests and Technical Interviews
HackerRank is the market-leading technical assessment and remote interview solution for hiring developers. Start hiring at the pace of innovation!





Cybersecurity Resources

Red

Offense Cheat Sheets

HackTricks - HackTricks
Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.
Introduction - The Hacker Recipes
GTFOBins
LOLBAS
WADComs
GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory. - GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common ...
GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A list of useful payloads and bypass for Web Application Security and Pentest/CTF - GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and ...
Reverse Shell Cheat Sheet | pentestmonkey



Offense Collections

Infosec_Reference | An Information Security Reference That Doesn’t Suck!
Free resource for anyone interested in learning more about Information Security.
Massive collection of various infosec references
GitHub - yeyintminthuhtut/Awesome-Red-Teaming: List of Awesome Red Teaming Resources
List of Awesome Red Teaming Resources. Contribute to yeyintminthuhtut/Awesome-Red-Teaming development by creating an account on GitHub.
Cybersec Cheat Sheets in all Flavors! (Huge List Inside)
by u/HeyGuyGuyGuy in cybersecurity



Offense Training Platforms

Hacking Training For The Best
From beginners to experts, this is where hackers level up! Join today and learn how to hack.
Limited free plan
TryHackMe | Cyber Security Training
An online platform for learning and teaching cyber security, all through your browser.
Limited free plan
Proving Grounds: Virtual Pentesting Labs | Offensive Security
Explore the virtual penetration testing training practice labs offered by Offensive Security. Now available for individuals, teams, and organizations.
Limited free plan
Vulnerable By Design ~ VulnHub
VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Host your own vulnerable VMs
picoCTF - CMU Cybersecurity Competition
picoCTF is a free computer security education program with original content built on a capture-the-flag framework created by security and privacy experts at Carnegie Mellon University.
247CTF - The game never stops
247CTF is a security learning environment where hackers can test their abilities across a number of different Capture The Flag (CTF) challenge categories including web, cryptography, networking, reversing and exploitation.
Web Security Academy: Free Online Training from PortSwigger
The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.
Hacker101 CTF
The Hacker101 CTF is a game designed to let you learn to hack in a safe, rewarding environment. Hacker101 is a free educational site for hackers, run by HackerOne.
unescape() room
🔗
Pwnable.kr — Variety of interactive security challenges



Blue

Defense Frameworks

MITRE ATT&CK®
Cybersecurity Framework Components
The Introduction to the Components of the Framework page presents readers with an overview of the main components of the Framework for Im
Cyber Kill Chain®
Developed by Lockheed Martin, the Cyber Kill Chain® framework is part of the Intelligence Driven Defense® model for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective.



Defense Cheat Sheets

GitHub - chrisjd20/Blue-Team-Cheat-Sheets: Blue Team Cheat Sheats
Blue Team Cheat Sheats. Contribute to chrisjd20/Blue-Team-Cheat-Sheets development by creating an account on GitHub.
Blue Team Tips
What are the best recommendations to a completely vulnerable, easily pwnable network? Where do you start? what tools? what logging? #DFIR #BlueTeamTips
Threat Hunting & Detection techniques
Enabling your Windows logs



Defense Collections

Infosec_Reference | An Information Security Reference That Doesn’t Suck!
Free resource for anyone interested in learning more about Information Security.
Massive collection of various infosec references
SANS Blue Team Operations
Check out the "Primers", "Tools", "TCP/IP", and "Pocket Guides" menus!
GitHub - fabacab/awesome-cybersecurity-blueteam: 🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams. - GitHub - fabacab/awesome-cybersecurity-blueteam: 🛡️ A curated collection of awe...
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other reso...
GitHub - SoulSec/resource-threat-hunting: Repository resource for threat hunter
Repository resource for threat hunter. Contribute to SoulSec/resource-threat-hunting development by creating an account on GitHub.
GitHub - hslatman/awesome-threat-intelligence: A curated list of Awesome Threat Intelligence resources
A curated list of Awesome Threat Intelligence resources - GitHub - hslatman/awesome-threat-intelligence: A curated list of Awesome Threat Intelligence resources
Free Resources - Blue Team Blog
Large list of free cybersecurity resources regurarly updated
Cybersec Cheat Sheets in all Flavors! (Huge List Inside)
by u/HeyGuyGuyGuy in cybersecurity



Defense Training Platforms

CyberDefenders - Blue Team Training Platform
Blue team training platform for SOC analysts, threat hunters, DFIR, and security blue teams to advance CyberDefense skills.
LetsDefend - Blue Team Training Platform
Online soc analyst and incident response training platform for blue team members
Limited free plan
Blue Team Labs Online
A gamified platform for cyber defenders to test and showcase their skills
Limited free plan
Crackmes
Binary Analysis Practice

Spread the word

Keep reading