Everything you need to start your cyber security journey. Curated platforms, tools and learning material from our members.
The best places to practice your skills, from beginner-friendly guided challenges to competitive ranked arenas.
Guided learning paths with browser-based VMs. Perfect for beginners. Start with the "Pre-Security" and "Complete Beginner" paths.
Beginner FriendlyRealistic penetration testing labs and challenges. The "Starting Point" machines are great for beginners, then move to ranked boxes.
IntermediateFree CTF platform by Carnegie Mellon. Excellent jeopardy-style challenges covering crypto, forensics, web, binary and more.
Beginner FriendlySSH-based wargames that teach Linux, networking and security fundamentals. Start with "Bandit" to learn the command line.
Beginner FriendlyThe global CTF event calendar. Find upcoming competitions, team rankings and writeups from past events.
All LevelsFree interactive labs for web security. Covers SQL injection, XSS, CSRF, SSRF and more. Industry-standard training from the makers of Burp Suite.
Web SecurityThe tools we use in sessions and competitions. All free and open source.
Debian-based distro pre-loaded with hundreds of security tools. The industry standard for penetration testing.
kali.orgWeb application security testing toolkit. Intercept, modify and replay HTTP requests. Community edition is free.
portswigger.netNetwork protocol analyser. Capture and inspect traffic in real time. Essential for network forensics challenges.
wireshark.orgNSA's open-source reverse engineering framework. Decompile binaries, analyse malware, solve RE challenges.
ghidra-sre.orgPassword cracking tool supporting hundreds of hash formats. Pair with wordlists like rockyou.txt for CTF challenges.
openwall.com/johnGCHQ's "Cyber Swiss Army Knife". Encode, decode, encrypt, hash and analyse data in the browser. A CTF essential.
CyberChefVideos, courses and reading material to build your foundations.
CTF walkthroughs, malware analysis and security tutorials. One of the best cyber security YouTubers for hands-on learning.
YouTubeDeep dives into binary exploitation, web security and CTF techniques. Excellent for understanding the "why" behind vulnerabilities.
YouTubeDetailed Hack The Box walkthroughs. Watch these after attempting a box yourself to learn new techniques and approaches.
YouTubeThe definitive list of the most critical web application security risks. Essential reading for anyone interested in web security.
ReferencePast session materials, CTF writeups, challenge files and tools built by our members. Everything is open source.
Visit DMUHackers on GitHub