I’m not going to spend a lot of time building this section out because my focus is on DFIR, however, I do think that learning some hacking helps to better detect and defend.
For this category, “Beginner” assumes that you have a general understanding of the four core training categories listed on the home page.
|Name & Direct Link||Platform||For Beginners||Hands-On Component||Proof of Completion||Topics|
|Hackers Arise||Hackers Arise||Various Ethical Hacking Tutorials (Wireless, Password Cracking, Evading AV, Anti-Forensics, WebApp Hacking, Bluetooth Hacking, etc)|
|SecurityTube||SecurityTube||Various Ethical Hacking Videos|
|Free Short Course: Pen Testing||Charles Sturt University||Yes||Yes - Certificate of Completion||Scoping, Enumeration and Vulnerability Scanning, Exploitation and Password Cracking, Report Writing and Risk Analysis|
|Kali Linux Revealed||Offensive Security||Linux Fundamentals, Installing Kali, Configuring Kali, Debian Package Management, Kali Linux in the Enterprise, Intro to Security Assessments|
|Metasploit Unleashed||Offensive Security||Metasploit Architecture, Exploits, Payloads, Databases, Meterpreter, Nessus, Password Sniffing, Python Extension, Privilege Escalation, Packet Sniffing, Pivoting, Making a Log Entry, Timestomp, Keylogging, John the Ripper, Maintaining Access, Backdoors, and more.|
|WebSecurity Academy||PortSwigger||Yes||Web Cache Poisoning, Information Disclosure, XXE Injection, XSS, SQL Injection, CSRF, HTTP Request Smuggling, OS Command Injection, Directory Traversal, Access Control Vulnerabilities, Authentication, Business Logic, Vulnerabilities and more.|
|HackerSploit||YouTube - HackerSploit||Yes - Some things such as the Penetration Testing Bootcamp and How to Set Up a Pentesting Lab.||Kali Linux, BlackArch Linux, Metasploitable, Python for Penetration Testing, Burp Suite, OWASP Juice Shop, Recon-ng, Arch Linux, Network Sniffing & Spoofing, NMAP, VulnHub, HTB, TryHackMe, OpenVAS, Bug Bounty|
|Hack The Box, HTB Academy & Hacking Battlegrounds||Hack The Box||Yes - HTB Academy has training modules for beginners. Hacking Battlegrounds and Hack The Box require you to hack your way in to be able to create an account.||Yes||Hacking (I hear they also have some forensics challenges but you have to hack your way in to do them).|
|Offensive Software Exploitation (OSE) Course||GitHub - ashemery||Yes||PE Format, DLLS, Bug Hunting, Fuzzing, Buffer Overflows, Metasploit, Mitigation Techniques, Egghunter, Post Exploitation, x86 and x64 Assembly, Reverse Engineering.|
|Hacking Techniques and Intrusion Detection||Open Security Training - Ali Hadi||Yes||Social Engineering, Physical Pentesting, Backtrack Basics, Scoping, Recon, Footprinting, Fingerprinting, Scanning, Software Exploitation, Client Side Attacks, Post Exploitation, Metasploit|
|INE Starter Pass (Penetration Testing)||INE||Yes||Yes||Yes||Burp Suite, HTTP Protocols, Wireshark, TCP, UDP, Programming, OSINT, NMAP, Vulnerability Assessment, Nessus, XSS, SQL Injections, Google Hacking, Malware, Web Attacks, System Attacks, Network Attacks, Metasploit|