books

Penetration Testing: A Hands-On Introduction to Hacking

The Practice of Network Security Monitoring: Understanding Incident Detection and Response

Industrial Automation and Control Systems Security Principles

Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions

Malware Analyst’s Cookbook

Learn Windows PowerShell in a Month of Lunches

favorite talks

2018

From Workstation to Domain Admin – Why Secure Administration Isn’t Secure

2014

How not to suck at pen testing John Strand

con videos

Administraitor.video

Black Hat

Iron Geek

whitepapers

2017

Smashing The Stack For Fun And Profit (2017)

2016

Hack Back! A DIY Guide (2016)

FLEXIDIE by Leopard Boy and Decepticons (2016)

2015

Rocking the pocket book: Hacking chemical plants for competition and extortion (2015)

podcasts

Risky.biz

Defensive Security

Brakeing Down Security

Brakeing Down Incident Response

SANS Stormcast

Darknet Diaries

Pauls Security Weekly

sites

pentestmonkey

IPVoid

Shodan

VirusTotal

IntelTechniques

Exploit-DB

twitter

@swiftonsecurity

@x0rz

@PyroTek3

@Carlos_Perez

@HackingDave

@subTee

@malwareunicorn

@Laughing_Mantis

@bettersafetynet

@dafthack

@mattifestation

@troyhunt

@tinkersec

@ippsec

@silviocesare

ctf

Hack the Box

Over the Wire

CTF365

Hacking Lab

Hack This Site

Exploit Exercises

Hack.me

Google Gruyere

root me

training

FedVTE

SANS

frameworks

NIST SP800

MITRE ATT&CK

OWASP

CIS Critical Security Controls

ISO 27001

PCI DSS

OSSTMM