# Useful Resources

These are a bunch of resources and trainings I've come across. Some I've used, some I've not. Some are free, some are not. They're in no particular order nor do I have any affiliation with these.

<details>

<summary>Resources</summary>

**Blogs**

* [BC Security](https://www.bc-security.org/blog) *(PowerShell Empire maintainers)*
* [Linuxize](https://linuxize.com/) *(Linux blog and tutorials)*
* [Pentestlab](https://pentestlab.blog/) *(blog)*
* [Rasta Mouse](https://rastamouse.me/) *(blog)*
* [Recipe for Root](https://rootrecipe.medium.com/) *(my friend's blog)*
* [TJnull OSCP Prep](https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html) *(blog)*

**Cloud**

* [Cloud Resume Challenge](https://cloudresumechallenge.dev/)
* [AWS Well-Architected Labs](https://wellarchitectedlabs.com/)
* [AWS Skill Builder](https://explore.skillbuilder.aws/learn/signin)
* [Azure Citadel](https://www.azurecitadel.com/) *(hands-on exercises for Azure/Azure DevOps)*
* [Microsoft Learn Azure Labs](https://microsoftlearning.github.io/AZ-104-MicrosoftAzureAdministrator/) *(contains labs removed from MS Learn courses)*
* [Azure Security Best Practices](https://docs.microsoft.com/en-us/security/compass/compass) *(videos from Microsoft)*
* [Azure Well-Architected Framework](https://docs.microsoft.com/en-us/azure/architecture/framework/)
* [PwnedLabs](https://pwnedlabs.io/)

**Coding, Scripting, WebDev**

* [GitHub / Git tutorials](https://docs.github.com/en/get-started/quickstart/hello-world)
* [VS Code Getting Started](https://code.visualstudio.com/docs/?dv=win)
* [HTML Character Reference Chart](https://dev.w3.org/html5/html-author/charref)
* [mdn web docs](https://developer.mozilla.org/en-US/docs/Web) *(Mozilla Developer Guides)*
* [HTML Validator](https://validator.w3.org/#validate_by_input)
* [Dan's Tools](https://www.cleancss.com/) *(webdev tools and more)*
* [CSS Specificity Calculator](https://specificity.keegan.st/)
* [Color Picker](https://htmlcolorcodes.com/)
* [W3 Schools](https://www.w3schools.com/)
* [The Odin Project](https://www.theodinproject.com/)
* [codewars](https://www.codewars.com/)
* [Under the Wire](https://underthewire.tech/)
* [Python Docs](https://www.python.org/doc/)

**Pentesting & Red Teaming**

* [Active Directory Pentest Mindmap](https://www.xmind.net/m/5dypm8/)
* [Active Directory Security](https://adsecurity.org/) *(go-to resource for AD)*
* [CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat) *(AWS Vulnerable Cloud lab)*
* [GTFOBins](https://gtfobins.github.io/) *(Unix binary abuse)*
* [GTFOBins - LOLBAS](https://lolbas-project.github.io/) *(Windows binary abuse)*
* [HackTricks](https://book.hacktricks.xyz/welcome/readme)
* [OWASP Web Security Testing Guide](https://owasp.org/www-project-web-security-testing-guide/)
* [PenTest.WS](https://pentest.ws/) *(pentesting toolset)*
* [PowerView.ps1 Cheat Sheet](https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993)
* [PrivEsc Blog](https://sirensecurity.io/blog/home/) *(click menu for Linux, Windows, or Red teaming)*
* [PrivEsc Mindmap](https://c0nd4.medium.com/oscp-privilege-escalation-guide-4b3623f57d71) *(Linux and Windows)*
* [PTES](http://www.pentest-standard.org/index.php/Main_Page) *(Standard for conducting pentest engagements)*
* [Red Teaming Experiments](https://www.ired.team/) *(similar to HackTricks)*
* [WADComs](https://wadcoms.github.io/#+Enumeration) *(like GTFOBins for Active Directory)*

**Security**

* [Botnet Builder](https://byob.dev/guide)
* [CTF Tracker](https://ctftime.org/ctfs)
* [Fuzzy Security](http://www.fuzzysecurity.com/index.html)
* [MalwareBazaar](https://bazaar.abuse.ch/) *(malware samples)*
* [TCM Security GitHub](https://github.com/TCM-Course-Resources)

**Threat & Vulnerability Intel**

* [CVE](https://www.cve.org/)
* [Microsoft Security Intel](https://www.microsoft.com/security/blog/microsoft-security-intelligence/)
* [NVD](https://nvd.nist.gov/) *(NIST National Vulnerability Database)*
* [Symantec Security Center](https://www.broadcom.com/support/security-center)
* [VulnDB](https://vulndb.cyberriskanalytics.com/)

**Tools**

* [ADRecon.ps1](https://github.com/sense-of-security/ADRecon) *(AD enumeration tool)*
* [Browser Plugin Security Scanner](https://crxcavator.io/) *(DUO Security)*
* [Converters](https://www.rapidtables.com/convert/number/index.html) *(Hex > ASCII and more)*
* [Hash En/Decoder](https://hashes.com/en/decrypt/hash)
* [MacOS Payload Generator](https://github.com/D00MFist/Mystikal)
* [OpenDNS](https://www.opendns.com/)
* [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings)
* [PowerShell Empire GitHub](https://github.com/BC-SECURITY/Empire)

**Other**

* [Awesome List](https://asmen.icopy.site/) *(references for everything)*
* [CyberChef](https://gchq.github.io/CyberChef/)
* [Hash Type Cheat Sheet](https://hashcat.net/wiki/doku.php?id=example_hashes)
* [Linux File/Directory Cheat Sheet](https://www.thegeekdiary.com/linux-file-directory-permissions-cheat-sheet/)
* [MITRE Engage](https://engage.mitre.org/tools/) *(Frameworks and Resources)*
* [Mess with DNS](https://messwithdns.net/) *(DNS tutorial)*
* [Ports & Protocols Cheat Sheet](http://www.vmaxx.net/techinfo/ports.htm)
* [Random vulnerable lab generator](https://github.com/cliffe/SecGen)
* [Red Team Infrastructure](https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki) *(IaC lab)*
* \_\_[Rex Egg](http://www.rexegg.com/) *(Regex tutorial)*
* \_\_[Training roadmaps](https://roadmap.sh/roadmaps)

</details>

<details>

<summary>Training Platforms</summary>

* [TryHackMe](https://tryhackme.com/dashboard)
* [HackTheBox](https://www.google.com/url?sa=t\&rct=j\&q=\&esrc=s\&source=web\&cd=\&cad=rja\&uact=8\&ved=2ahUKEwjW44P-xJb4AhV-mIQIHSiyAWMQFnoECBkQAQ\&url=https%3A%2F%2Fwww.hackthebox.com%2F\&usg=AOvVaw0PVHn4XV1bDTqGHH0aqRYz)
* [Virtual Hacking Labs](https://www.virtualhackinglabs.com/my-account/)
* [Pentester Academy](https://www.pentesteracademy.com/topics)
* [Offensive Security](https://www.offensive-security.com/discounts/?utm_source=adwords\&utm_term=offsec%20learn%20one\&utm_campaign=\&utm_medium=ppc\&hsa_mt=b\&hsa_ad=596347555600\&hsa_net=adwords\&hsa_src=g\&hsa_kw=offsec%20learn%20one\&hsa_tgt=kwd-1421207311862\&hsa_cam=14656666481\&hsa_acc=7794287291\&hsa_ver=3\&hsa_grp=134239408737\&gclid=Cj0KCQjwqPGUBhDwARIsANNwjV4puSP1RM-cTAqHR3QWx86wKT7y86eIqnShydY_uSVvZg2GvwwAKRoaAozAEALw_wcB)
* [Zero Point Security](https://training.zeropointsecurity.co.uk/courses/red-team-ops)
* [Black Hills Security (Antisyphon)](https://www.antisyphontraining.com/course-catalog/)
* [Pentesterlab.com](https://pentesterlab.com/exercises)
* [PortSwigger WebSecurity Academy](https://portswigger.net/web-security)
* [OWASP Juice Shop](https://juice-shop.herokuapp.com/#/) *(*[*GitHub link*](https://github.com/juice-shop/juice-shop) *if you prefer to download)*
* [Hacksplaining](https://www.hacksplaining.com/lessons)
* [Cloud Academy](https://cloudacademy.com/)
* [ACloudGuru](https://acloudguru.com/) *(merging with pluralsight)*
* [INE](https://ine.com/)
* [CBT Nuggets](https://www.cbtnuggets.com/login?r=/learn)
* [Cybrary.IT](https://www.cybrary.it/)
* [Pluralsight](https://www.pluralsight.com)
* [eLearnSecurity](https://elearnsecurity.com/) *(available on INE as a subscription)*
* [Frontend Masters](https://frontendmasters.com/)
* [Codecademy](https://www.codecademy.com/)
* [Team Treehouse](https://teamtreehouse.com)
* [freeCodeCamp](https://www.google.com/url?sa=t\&rct=j\&q=\&esrc=s\&source=web\&cd=\&cad=rja\&uact=8\&ved=2ahUKEwj154Ovx5b4AhUBgIQIHQOjAwcQFnoECCQQAQ\&url=https%3A%2F%2Fwww.freecodecamp.org%2F\&usg=AOvVaw2O9Sbs3zh9NHmRpWZrEZt-)
* [Fullstackopen](https://fullstackopen.com/en/)
* [App Academy](https://www.appacademy.io/)
* [Microsoft Learn](https://docs.microsoft.com/en-us/learn/)

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.techwithtyler.dev/other/resources.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.