Skip to content

Further reading Hacking

Ethical hacking is a huge subject, and there are a lot of nice resources available to help you practice your skills, and learn new techniques.

I have compiled a list of resources that we have found useful.

Comsec

Cyber Security training on the Web

Quite a few sites lets us look at this. While they can give some great material, the downside is the often have a subscription model. However, the subscriptions don't tend to "Lock" content away, just restrict the amount of material you can go through in a session.

Try Hack Me

https://tryhackme.com/

I would recommend this to anyone starting out. It has an excellent set of tutorials around getting started with hacking, with plenty of practical examples and materials.

Hack the Box

https://www.hackthebox.eu/

One of the more established sites, hack the box gives people the chance to try to exploit "boot 2 root" style machines. The downside of HTB is it expects you to have some idea of what you are doing, which means it can be less accessible for new hackers.

They are addressing this with their new academy, (and the material looks really good), but that's another heavy subscription model.

Portswigger Academy.

https://portswigger.net/web-security

From the folks who brought you Burp Suite, and the Web applications hackers handbook. This Doesn't really focus on hacking machines (in the boot to root sense), but has some excellent documentation and examples on topics around security.

If you want to learn about web hacking topics like SQL injection, and play with examples starting from easy to insane around these topics its a great resource. I spend a great day sharpening my skills on SQLi and learnt a few new tricks.

Other Challenges

Some other fun things that I have played with.

A lot of these are Wargames (similar to the Linux Trainer), where you will connect to a sever over SSH, solve a challenge, and work through the levels.

Over The Wire

https://overthewire.org/wargames/

Has a selection of Linux based wargames, looking at using the command like to do awesome things.

Under the Wire

https://underthewire.tech/wargames

Like over the wire, but for Powershell.

IO.netgarage

Binexp / stack smashing / weirdness in way C handles things, what's not to like.

https://io.netgarage.org/

Back to top