A little learning is a dangerous thing

Collection of resources on a variety of topics that I’ve found useful over the years (Continuously updated).

Tools - Meta Packages

  • Kali Linux
    • Linux Distribution full of various security tools useful for penetration testing
  • Remnux
    • Linux Distribution with a number of security tools, useful for DFIR.
  • Flare VM
    • Metapackage for Windows DFIR tools
  • Pentesters Framework
    • Python Script to auto-magically handle installing and managing various security tools (mostly for pentesting)

Security Sources for Practice (CTFs, ect.)**

  • Hack the Box
    • Capture the Flag site with vpn access to vulnerable network, crackme challenges, and reversing challenges.
  • Pico CTF
  • Vulnhub
    • Website with a ton of vulnerable virtual machines for you to practice on
  • Metasploitable
    • Virtual Machine with many vulnerabilities that have exploits available in metasploit.
  • TryHackMe

Windows Tools

  • Windows VMs
    • Variety of windows virtual machines. They stop working after 30 days so create a snap shot and just revert. Password is Passw0rd!
  • SysInternals
    • Suite of useful windows tools.
  • SysMon
    • Part of the sysinternals suite. A tool to add more robust logging for windows. Especially useful with a good config and logs being sent to a log management system like ELK, Splunk, etc.
    • Good Sysmon Config
  • Process Hacker
    • Like task manager in windows but more useful.


Twitter: Security Professionals

  • @arstechnica
  • @briankrebs
  • @chrisjohnriley
  • @cyb3rops
  • @darkreading
  • @exploitdb
  • @gcluley
  • @g0tmi1k
  • @hdmoore
  • @jeremiahg
  • @LG_Cyber
  • @mcAfee_labs
  • @nakedsecurity
  • @owasp
  • @pentestmonkey
  • @pwnallthethings
  • @robertmlee
  • @scadahacker
  • @schneierblog
  • @seclists
  • @securityweek
  • @sophoslabs
  • @threatpost
  • @trendlabs
  • @tripwire
  • @vcuinfosec

News Sources

  • Nuzzel
    • I’m use twitter combined with Nuzzel as a pretty effective notification system for cyber news. Nuzzel connects to your twitter account and notifies you when 3 (adjustable threshold) or more people that you follow retweet the same thing.
  • Unsupervised Learning
    • Bi-Weekly Newsletter for the top security news and technical news
  • Cyberscoop = Daily Threat Reports —-

Pentesting Resources

You Tube

Other Security Blogs


  • Hacking: The Art of Exploitation
  • The Art of Memory Forensics
  • Practical Malware Analysis