This is list of tools and resources that can be helpful in expanding your knowledge in cybersecurity.
Virtualization
Virtualization allows you to stand up multiple Virtual Machines (VMs) on multiple operating systems and practice your new skills. You can create snapshots of VMs and revert back to them at any time if you break something. With the proper precautions such as an a air-gapped sandbox network, you can unleash and study malware without the fear of compromising your other devices.
VMware vSphere
VMware vSphere is a bare metal hypervisor that can be downloaded for free with some limitation.
VMware Users Group
VMUG or VMware Users Group, offers two membership tiers. The free tier provides access to news and training while the $200 annually advantage tier offers 365 day licenses to a variety of VMware software including vSphere and vCenter.
Microsoft Hyper V
Microsoft Hyper-V Server 2019 is a windows based virtualization environment for a bare metal installation. It has an unlimited evaluation window. Hyper-V is also built into Windows 10.
Proxmox
Proxmox is a bare metal hypervisor that integrates the KVM hypervisor and Linux Containers (LXC). It is published under the free software license GNU AGPL v3.
Virtual Private Server
A Virtual Private Server (VPS) is a cloud based virtual machine. There are several providers that will host a VPS. Amazon AWS, Microsoft Azure, Google Compute Engine, Linode, and Digital Ocean are some of the biggest providers. Many more are available.
VMware Workstation & Fusion
VMware Workstation Player is a virtualization environment for Windows or Linux. It allows one virtual machine with a free license for non-commercial use. VMware Fusion is a virtualization environment for Mac. This also has free license option of non-commercial use.
VirtualBox
VirtualBox is a virtualization environment that runs on Windows, Linux, Mac, and Solaris hosts. It is Open Source Software under the terms of the GNU General Public License (GPL) version 2.
KVM
KVM or Kernel-based Virtual Machine, is an open source Linux based x86 hypervisor
Xen Project
The Xen Project is an open source virtualization project backed by several large industry leaders. It is one of the Linux Foundation Projects.
Open Source Intelligence
Open Source Intelligence (OSINT) is data that is collected on a target through publicly available resources.
OSINT Framework
OSINT Framework is a collection of tools for collecting open source intelligence.
Bellingcat Guides
Bellingcat’s guides provide a variety of information useful to OSINT analysis geolocation, flight tracking, blockchain analysis and more.
Google Dorking/Hacking
Google Dorking is a method to utilize Google search to the fullest extent possible. It allows the user to narrow their search and target specific information.
Networking
Networks are how computers communicate. Understanding networking is a critical skill in cyber security.
OSINT Framework
Cisco Packet Tracer is a network simulation tool. It allows the simulation of a variety of networks, devices and traffic.
EVE-NG
EVE-NG is another vendor agnostic network emulation tool based on KVM virtualization. It includes a free tier license.
Forensics
Digital Forensics is the process used to collect evidence of digital crime. The techniques used in digital forensics focus on the preservation of evidence to help understand the nature of a cyber attack or crime.
SIFT Workstation
The SIFT Workstation provided by SANS is a collection of free and open-source incident response and forensic tools built on Ubuntu Linux. It is designed to perform detailed digital forensic examinations. It can be downloaded as a VM image or an ISO file. It can also be installed on Windows Subsystem for Linux (WSL).
Cape V2 Sandbox
Cape Sandbox is an open source software environment for the automated analysis of suspicious files.
Online Labs
Online labs provide a student with the opportunity to test new tools and skills in a safe environment. There are a variety of resources available. Some have objectives such as learning Linux commands, others focus on core penetration testing skills.
Hack the Box
Hack the Box is a penetration testing training environment. It offers a variety of labs for different skill levels in a game like environment. It is designed in the capture the flag style and has free and paid tiers.
Try Hack Me
Try Hack Me is learning platform with free and paid tiers. It is organized around several learning paths including “Complete Beginner” It includes game like scoring.
Over the Wire: Wargames
Over the Wire provides a variety of boxes each with several levels that teach specific skills. You connect to each over SSH and try to find the password to the next level.
Hack this Site
Hack this Site is a website with a variety of hacking missions built around different specialty areas that come in a variety of difficulty levels.