Security Courses

The best courses for learning all about creating good security solutions are open. So cc-by licensed. Some courses are targeted on IT architects, some are developed for software developers or system administrators. Good training material for training end users on awareness is also available in open format (cc-by-sa). So instead of creating yet another training or course, why not making existing training resources better?

Computer Networks: A Systems Approach

Great resource for learning all about network security. For starters and full professionals. Sources of this book are on https://github.com/SystemsApproach/book Created by Larry Peterson and Bruce Davie. Read the latest version of this book on: https://book.systemsapproach.org/index.html

Digitally Aware

Basic Security Awareness Training. Slides are available in Dutch and in English on the github repository (https://github.com/radicallyopensecurity/Digitally-Aware). Basic slides in English are available on: https://awareness.radicallyopensecurity.com/Awareness%20Training-1-0-beta-gh.pdf

Malware Analysis

Developed and used by RPISEC to teach Malware Analysis. Free to use and to improve. See: https://github.com/RPISEC/Malware

MITRE:Cyber Threat Intelligence Training

Great cyber threat intelligence (CTI) for everyone who is active in a large (governmental)organisation.

The training contains five modules that consist of videos and exercises. This training was designed to be completed in approximately 4 hours, and may be completed solo or as a team. All training material can be found at: https://attack.mitre.org/resources/training/cti/

Open-Source Phishing Framework

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Download the toolkit from: https://github.com/Ne0nd0g/gophish More info on: https://getgophish.com/

OWASP Juice Shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application. This application can be used in security trainings or awareness trainings. The Juice Shop encompasses vulnerabilities from the OWASP Top Ten along with many other security flaws as present in many real world applications… So hack the Shop on: http://owasp-juice.shop

Security awareness base course

Nice awareness training. Created by the an Italian Govermental organisation. Note you need to install Hugo first in order to launch te course. See: https://github.com/teamdigitale/security-awareness

The Fuzzing Book

Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. You can interact with chapters as Jupyter Notebooks. Great open book to spend some time on. Git repository can be found on: https://github.com/uds-se/fuzzingbook/ But check the nice looking website on: https://www.fuzzingbook.org/

The Cyber Law Toolkit

The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The toolkit consists of hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis. Check: https://cyberlaw.ccdcoe.org/wiki/Main_Page

Wargames

The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. All OSS with the code on Github. Check it out and play! http://overthewire.org/wargames/