February 22, 2020

1608 words 8 mins read



An organized list of resources including tools, blog-posts and how-to tutorials compiled and created by SCSP community members.

repo name scspcommunity/Cyber-Sec-Resources
repo link https://github.com/scspcommunity/Cyber-Sec-Resources
language Python
size (curr.) 24856 kB
stars (curr.) 59
created 2019-12-11

Cyber Security Resources by SCSP

An organized list of resources including tools, blog-posts and how-to tutorials compiled and created by Seasoned Cyber Security Professionals community members.

Follow us on Facebook YouTube

Table of Contents

Content By SCSP


Network Analysis

  • Nmap Network Scanning by Gordon Fyodor Lyon
  • Wireshark Network Analysis by Laura Chappell
  • Practical Packet Analysis by Chris Sanders

Social Engineering

  • Ghost in the Wires - My Adventures as the World’s Most Wanted Hacker by Kevin Mitnick, William L. Simon
  • No Tech Hacking by Johnny Long & Jack Wiles
  • The Art of Deception by Kevin D. Mitnick & William L. Simon
  • Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy

Malware Analysis

  • Malware analysis cookbook - tools and techniques for fighting malicious code by Michael Ligh
  • The Art of Memory Forensics by Michael Hale Ligh
  • Practical Malware Analysis by Michael Sikorski & Andrew Honig

Mobile Application

  • Android Hacker’s Handbook by Joshua J. Drake
  • The Mobile Application Hacker’s Handbook by Dominic Chell
  • iOS Hacker’s Handbook by Charlie Miller
  • OWASP Mobile Security Testing Guide (MSTG)
  • Exploiting Androids for Fun and Profit
  • SEI CERT Android Secure Coding Standard
  • Android Security Internals
  • Android Cookbook
  • Android Security Cookbook
  • Android Malware and Analysis
  • Android Security: Attacks and Defenses
  • Hacking and Securing iOS Applications: Stealing Data, Hijacking Software, and How to Prevent It
  • iOS Penetration Testing
  • iOS App Security, Penetration Testing, and Development
  • Hacking iOS Applications a detailed testing guide
  • Develop iOS Apps (Swift)
  • iOS Programming Cookbook

Web Application

  • The Web Application Hackers Handbook by Dafydd Stuttard
  • Hacking Web Apps: Detecting and Preventing Web Application Security Problems by Mike Shema
  • The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski
  • The Basics of Web Hacking: Tools and Techniques to Attack the Web by Josh Pauli
  • Web Penetration Testing with Kali Linux by Joseph Muniz & Aamir Lakhani
  • Web Application Security, A Beginner’s Guide by Bryan Sullivan

Penetration Testing

  • Penetration Testing - A Hands-On Introduction to Hacking by Georgia Weidman
  • The Basics of Hacking and Penetration Testing by Patrick Engebretson
  • Advanced Penetration Testing by Wil Allsopp
  • Metasploit: The Penetration Tester’s Guide by David Kennedy
  • The Art of Exploitation by Jon Erickson
  • The Hacker Playbook: Practical Guide To Penetration Testing by Peter Kim

Reverse Engineering

  • Practical Reverse Engineering by Bruce Dang
  • Reverse Engineering for Beginners by Dennis Yurichev
  • The IDA Pro Book by Chris Eagle


  • Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff & Jonathan Ham
  • The Art of Memory Forensics by Michael Ligh, Andrew Case, Jamie Levy, and AAron Walters


  • Cryptography Engineering Principles Practical Applications

Python for Hackers

  • Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz
  • Violent Python by TJ O’Connor

Linux Basics

Interview Questions

Basics of Web and Networks


An overview of what is the World Wide Web and how it works.

https://www.tutorialspoint.com/web_developers_guide/web_basic_concepts.htm https://developers.google.com/web/fundamentals/security/ http://www.alphadevx.com/a/7-The-Basics-of-Web-Technologies http://www.cs.kent.edu/~svirdi/Ebook/wdp/ch01.pdf


HyperText Transfer Protocol is must to understand while learning Web Application Security. You must learn how an application communicates with its end users and the servers it is hosted on. From these links you can HTTP Protocols, HTTP Requests, Response, Status Codes, Encoding/Decoding, HTTP with a security perspective e.g SOP, Cookies, MIEM etc. These will be helpful to you later on with Web application testing.

https://www.w3.org/Protocols/ https://www.w3schools.com/whatis/whatis_http.asp https://www.tutorialspoint.com/http/http_status_codes.htm https://www.tutorialspoint.com/http/http_url_encoding.htm https://www.tutorialspoint.com/http/http_requests.htm https://www.tutorialspoint.com/http/http_responses.htm https://www.hacker101.com/sessions/web_in_depth


A basic understanding of networking is important for anyone who’s into cybersecurity.

https://commotionwireless.net/docs/cck/networking/learn-networking-basics/ https://commotionwireless.net/docs/cck/networking/learn-networking-basics/ https://www.slideshare.net/variwalia/basic-to-advanced-networking-tutorials https://www.cisco.com/c/en/us/solutions/small-business/resource-center/networking/networking-basics.html http://www.penguintutor.com/linux/basic-network-reference https://www.utilizewindows.com/list-of-common-network-port-numbers/ https://code.tutsplus.com/tutorials/an-introduction-to-learning-and-using-dns-records–cms-24704 https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-terminology-interfaces-and-protocols

Programming Resources


https://www.w3schools.com/html https://www.codecademy.com/learn/learn-html https://learn.shayhowe.com/advanced-html-css https://htmldog.com/guides/html/advanced


https://www.w3schools.com/php/ https://stackify.com/learn-php-tutorials/ https://www.codecademy.com/learn/learn-php https://www.guru99.com/php-tutorials.html https://www.codecademy.com/learn/paths/web-development


https://www.youtube.com/watch?v=PkZNo7MFNFg https://www.codecademy.com/learn/introduction-to-javascript https://learnjavascript.today/ https://www.thebalancecareers.com/learn-javascript-online-2071405

SQL(Structured Query Language):

https://www.youtube.com/watch?v=HXV3zeQKqGY https://www.w3schools.com/sql/ https://www.codecademy.com/learn/learn-sql http://www.sqlcourse.com/


https://www.youtube.com/watch?v=vLnPwxZdW4Y https://www.learncpp.com/ https://www.codecademy.com/learn/learn-c-plus-plus https://www.sololearn.com/Course/CPlusPlus/ https://www.learn-c.org/ https://www.youtube.com/watch?v=KJgsSFOSQv0


https://www.codecademy.com/learn/learn-java https://www.geeksforgeeks.org/java-how-to-start-learning-java/ https://www.learnjavaonline.org/ https://www.youtube.com/watch?v=grEKMHGYyns


https://realpython.com/ https://docs.python.org/3/tutorial/ https://drive.google.com/drive/u/0/folders/0ByWO0aO1eI_MT1E1NW91VlJ2TVk?fbclid=IwAR35WNZwBQudINaZ10I5ZA2YDQdtNXSEwRyEiLEK91_csJ7ekN1ut7AQNeQ


https://www.tutorialspoint.com/unix/shell_scripting.htm https://www.learnshell.org/ https://medium.com/quick-code/top-tutorials-to-learn-shell-scripting-on-linux-platform-c250f375e0e5


https://www.learnrubyonline.org/ https://www.codecademy.com/learn/learn-ruby


https://tour.golang.org/welcome/1 https://www.udemy.com/learn-go-the-complete-bootcamp-course-golang/

Resources and Write-ups

Exploit Development Resources


(Coming Soon)

SIEM Solutions

How-to Tutorials

Capture The Flag Walk-throughs

Online Labs for Practice

Vulnerable Virtual Machines

  • Damn Vulnerable Web Application (DVWA) Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is vulnerable to multiple web attacks.
  • OWASP Broken Web Applications Project Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection of vulnerable web applications that people can practice their skills on.
  • WebGoat WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons.
  • OWASP Security Shepherd The OWASP Security Shepherd project is a web and mobile application security training platform.
  • Vulnhub A collection of vulnerable machines to practice on. You can download the vulnerable vms on your system and learn pentesting
  • Hack the box A collection of vulnerable machines and challenges

Vulnerability Databases

List of resources containing known list of exploits and common vulnerabilities found in softwares, OS, Mobile applications, CMS etc.

SCSP Seminar Presentations Slides

(Coming Soon)

comments powered by Disqus