IT Training Resources
Last updated
Last updated
I haven't tested all the labs, but when I do, I'll update this page with my review.
To begin I got asubscription which is not too expensive (about 300$ a year). Their staff is always online (on slack ) and available for questions. There is plenty of introductory content on different security topics. I currently do the Pentesting Career path and watch some introductions on other topics too (SOC analysis, network security, etc...).
The DevSecOps Fundamentals are really good and lets you create your own pipeline on your local computer. The Docker Intro is very complete too and has detailed explanation of how docker works. Unfortunately docker security is left out in this video.
covers different IT fields not only security. It is around 24$/month and highly recommended from friends. I don't have experience with it yet.
Last but not least, another online learning platfom is well known because they partner up with popular universities such as harvard, berkeley, or the MIT. Search for the keyword edx on linkedin, you'll see it's wideley spread. The courses are based on a lot of text and some videos. The content quality really depends on the lecturer and publisher. There are different universities providing courses on this platform. Some are outdated. I did some Introductions to kubernetes from the linux foundation on this platform. It was a lot to read but included lot's of hands-on material that I could just copy on my own personal computer.
EC-Council Code Red
Another course library from one of the biggest IT Security certification company, EC-Council. I didn't try yet but the content looks promosing. More on
I am new to it, but this academy is awesome. They structured the labs into different attack vectors. Lab access is via browser. Access is around 250$/year. Visit
You can earn badges for some of the labs played.They now offer bootcamps in a price range between 300-500$, time 4-5 weeks.
They have good labs for testing container security. Browser-based.
I learn a lot by just watching the video streams of programming or hacking sessions of my team on discord.
On github there are plenty curated lists of tools and learning projects. Once you've started learning you might consider get more practical. Check out these tools:
I would recommend that you test different pentesting OS. Install VirtualBox with kali, parrot and blackarch. You could also dual boot a pentesting distro on your laptop. I personally work directly with kali linux on an old robust thinkpad and have a seperate macbook pro for training videos, surfing or doing non-security related things.
From It Test Engineer to DevSecOps Engineer
Type
Subject
Name & Link
Time & Planning
Hours
Price (in $)
Review
hands-on lab
Web App Security
About 200 free labs for using BurbSuite with different web app attack vectors. Apprentice Labs: 47, Practitioner Labs: 123, Expert Labs: 27 I estimated large, 1h per Lab and some buffer
200
0
Really good for learning vulnerabilities. The hints to resolve the puzzles are very good. You can even walktrough each assignment just for learning purposes.
training
Web App Security
7h Videos
7
0
Very detailed. One would maybe skip the first three which only explains installation and user interface.
training
Web App Security
2 days remote conference - next: 25 -26 may
16
500
membership
Large library with introductive content: videos & online labs (browser). They have a slack chat and mentors are very active & supportive. 1 year membership The career paths are very interesting because they cover a lot of subjects, so you get introduced to everything. You will need to get more training on the subjects though. I've registered for the following classes/courses:
300
Cybrary has a lot of network and official cyber security engineering content. Labs are good, but tests are sometimes covering the wrong content.
training
Pentesting
-- Cybrary Training: Pentester Career Path
Covers networking, ethical hacking, many hacking tools, scanner, python for hackers, kali linux and some methodologies/theory, forensics
160
0
The nmap course is really good and detailed. you learn really every command and how the different scan techniques differ from each other.
training
DevOps
- Cybrary Training: Intro to docker
For beginners docker, dockerfile, docker-compose and portainer
5
0
Unfortunately docker security is not covered but good overview of docker, dockerfile, docker-compose and portaine
training
DevSecOps
-- Cybrary Training: DevSecOps Fundamentals
5h training
5
0
Highly recommend. Covers a complete DevSecOps pipeline from installation to configuration to monitoring.
training
Security Basics
-- Cybrary Training: Certified Information Systems Security Professional (CISSP)
Course | 9 Items Total time: 18h 15m
18
0
training
Pentesting
2 hours 9 minutes
3
0
training
DevSecOps
-- Cybrary Training: Configure Azure Kubernetes Service (AKS) Security
1 hours online
1
0
training
DevSecOps
-- Cybrary Training:Intro to Docker
7hrs & demo
7
Very good overview of docker, docker compose basic commands, portainer
training
DevOps
10-12 Hours of Course Material
12
0
training
DevOps
The Linux Foundation: Introduction to Kubernetes
20-36 hours of Course Material Exam: 12h Length: 4-5 weeks, 2-3 hours/week
36
0
training
DevOps
The Linux Foundation: Introduction to cloud infra
50 Hours of Course Material 14 Weeks of Free Access to Online Course
50
0
training
Security Basics
50 Hours of Course Material 14 Weeks of Free Access to Online Course
50
0
hands-on lab
Unix Basics Lab
34 Levels. Find the password for the next level using unix commands I estimated 10 hours to complete it if you need to research every single level and the associated commands
10
0
I did not finish all of them, stucked at level 23 so far
hands-on lab
Hacking Lab
Tryhackme is a platform with virtual machines that need to be solved through walkthroughs, which is very good for beginners and normal CTFs where you self must hack into the machines.
?
?
hands-on lab
Hacking Lab
Rootme is another page for online hosted virtual machines to hack.
?
?
hands-on lab
Hacking Lab
Vulnhub has machines to download and then to hack
?
?
hands-on lab
Hacking Lab
Hackthebox has online machines to hack, but there are very limited in the free version.
?
0
hands-on lab
Hacking Lab
This site seems to be a community platform
?
0
hands-on lab
Hacking Lab
free site with videos and CTFs
?
0
hands-on lab
Hacking Lab
This site has a lot of binaries for forensic learning.
?
?
hands-on lab
Hacking Lab
?
?
?
hands-on lab
Hacking Lab
?
?
?
hands-on lab
Hacking Lab
?
?
?
Certification
DevSecOps
20-36 hours of Course Material Exam: 12h 1 month 1-3h/day
36
800
Labs are awesome and not too hard. You instantly use what youv'e learned durigng the course. I prepared for it with the DevSecOps Fundamentals course and Docker Intro on cybrary.it Team & Support all the time. They'll schedule 2 zoom calls with you to support your learning objective.
Certification
DevOps
35 Hours of Course Material 12 Months of Access to Online Course
35
300
Certification
DevSecOps
26-30 Hours of Course Material 12 Months of Access to Online Course Exam: 2h
30
300
Certification
Pentesting
17+ hours of video 30/60/90 days of lab access One exam attempt mim 1 month 1-3 months
40
1000
Certification
Pentesting
10-hour video series PDF course guide (410+ pages) Private labs Active student forums Access to virtual lab environment
?
1300
Certification
Pentesting
One Year Access to the CEH E-courseware Six months access to EC-Council's official Online lab environment (i-Labs) 40 hours, you get 12 months access to the official EC-Council e-courseware, 12 months access to the pre-recorded videos, 6 months access to the ilabs and also the exam voucher is included in the package. 1h/day, finished in 3 months
90
1813
In addition to the online classes, popular tools have their own online labs. BurbSuite for instance launched their web security academy in order to learn WebAppSecurity hands-on with their tool named BurbSuite. The community edition is just fine for learning about web security. OWASP Zap published videos on .
Become fluent in Linux basic commands with the wargame "bandit" at . There are also different older hacking games to play. Don't forget to support the platform.
If you are stuck, find the write-up for each level here: I stuck at level 24 and I compared my solution with the one from the write-up and they are the same. It still doesn't work. So there is a chance that the game is broken.
Train yourself using one of the online hacking CTF platforms listed below in my personal training list. The most recommended one is that I personally use. Find a team on reddit and join their discord channel. Let you guide by the team members. You can play the CTF's together. Hackthebox also hosts live hacking events that you can join on their twitch channel
A good list of upcoming CTF's is available on
a distro simulation a DevSecOps environment that you can use in a vm as a playground.
a DevSecOps Vulnerability Management tool
I follow: bulls eye from hackingpassion.com, hackernoon.com, Carlos from
A Starters Guide to Pentesting with OWASP
Ethical Hacking 1x1 from freeCodeCamp. Old, but still useful.