Infosec resources, collected from many different sources. I've personally found these resources helpful and/or interesting. So, have added them to this document for myself and others to make use of. (Resources I've used to help further my journey in infosec. So mainly aimed at the newer hackers, but the veteran hackers might find something useful as well.)
- Captf.com - Extensive list of CTFs available online and to download.
I've had a few interviews in the past where they've asked if I follow any blogs, so having a few to talk about is always useful and you learn at the same time!
- GracefulSecurity - Holly's approach, to blog writing, is second to none! Definitely worth adding to your bookmarks!
- ZeroSec - Definitely a must read for those just starting out! Andy's blog is probably the most beginner friendly I've ever seen. He's even published a book, I'll mention it again down below but, Breaking into Information Security: Learning the Ropes 101.
- AppSecBloke - Mixing learning with conference writeups, Mike's blog is another great one to add to the list!
- MintyNet - More of a follow-along blog, than a "this is how you do this" blog, but still just as amazing and worth the occasional visit. Ian often posts updates of his car-in-a-box, yes you read that correctly! Ian has taken a Peugeot 208 and stuck, practically, everything but the engine in there. Even then though, he's replicated it using LEDs. It's an awesome piece of kit, by an guy that really knows his stuff! Just maybe don't let him borrow your car for too long!
Just accounts that I follow, there's plenty more to be found. Often they'll post '#FF', Follow Friday, another way to find more amazing accounts! Although you might think to yourself "I don't use twitter, I don't need it" it's worth it. Often the first place to learn of big hacks, and new vulnerabilities, and it's free... Just make an account, and see where it goes, you don't have to post anything.
- @LargeCardinal - Mark's probably the most knowledgable guy I know. He's definitely a must follow!
- @mintynet - Ian is the creator of the car in a box, and boy is it a piece of kit! His knowledge of car hacking is second to none and definitely worthy of a follow!
- @HollyGraceful - Her account, like her blog (GracefulSecurity), is full of knowledge and definitely worth a follow.
- @ZephrFish - Andy is so down to earth and helpful! He often posts about his blog and book, so you won't miss any updates.
- @Ministraitor - Cooper, Cooper is a one of a kind (in a good way!). He's the resident conference videographer. You'll find him and most conferences, and the ones you can't make it to? Oh, he'll already have uploaded the videos by the end of the day, usually!
- [TBH by this point I gave up thinking of a description of each one... But they're all equally as amazing!]
- @Scott_Helme
- @LewisArdern
- @MalwareTechBlog
- @thegrugq
- @malwareunicorn
- @drjessicabarker
- @_Freakyclown_
- @Fox0x01
- @cybergibbons
- @JayHarris_Sec
- @azeria_labs
- @FoxOnSecurity
- @LiveOverflow
- @AppSecBloke
Although some of these may no longer be students, I will have met them as students, so still class them as such (If you're on this list and wish to be moved, give us a shout :-))
- @_GarethP
- @LauraWhit9
- @charlieamber94
- @InfosecChlobo
- @_Tibbles__
- @Casual_Unknown
- @freya_schofield
- @ah_aamir
- @CuPcakeN1njA
- @enusecDan
- @TheHairyJ
- @hela_luc
- @cybecsecurity
- @kieczkowska
- @SynAckJack
- @gor_zilla
- @calgary__
- @WillGoard
You'll often find that there's a number of student run meetings (societies) and professionally run groups. Practically every university, that runs a security degree, has a hacking society. If not, start one! It's a great way to meet like minded students, makes networking tons easier, and looks great on your CV! If you're not a student - that doesn't necessarily you can't go, it just means that there might be a few hoops to jump through first. Groups run by professionals are just as good of an experience, if not better! They're organised and attended by students and professionals alike, these may seem scary but, if you join a society first, you'll likely find that some of them attend as well! These are also great placees to find others going to conferences, they'll usually be more than happy for you to "tag along" with them!
- Leeds Hack Soc (Leeds Beckett) - Website - @leedsehs
- Abertay Hackers (Abertay University, Dundee) - Website - @AbertayHackers
- EnuSec (Edinburgh Napier) - Website - @_enusec_
- SigInt (University of Edinburgh) - Website - @siginthq
- GreHackers (University of Greenwich) - Website - @Gre_Hackers
- BUCSS (Bournemouth University) - Website - @_BUCSS
- DMU Hackers (De Montfort University) - Website - @dmuhackers
- AFNOM (University of Birmingham) - Website - @UoB_afnom
- HackSoc (University of York) - Website - @HackSoc N.B. if you know of any I've missed, let me know and I'll add them.
These seem to be fairly illusive, so here's the few I know of. There's plenty more, just run a Google search and you'll find something!
- Leeds - DC151 - @_dc151
- Manchester - Manchester Grey Hats - @mcrgreyhats
- Glasgow - DC44141 - @DC44141
- Sheffield - DC44114 - @dc44114
- London - DC4420 - @dc4420
- Exeter - DC441392 - @dc441392
- administraitor.video - Does the name ring any bells? Cooper's videos not only get uploaded to the conference's YouTube channel, but also to his website. Meaning they're all in one place, making it easy to watch one after another and, before you know it, it's 7am and your alarm's going off...
Conferences are a great way to meet people! Yes it may be scary at first, but we're all nice people really... Well most of us are! Ask questions, talk about your projects and get advice, and learn about other people's projects it can often give you a great idea to add to your, already long, list!
They're everywhere! I guarantee if you Google your town and BSides, there'll be one there or, if not, one won't be too far away!
- BSides Leeds | @BSidesLeeds - Obviously the best one! Not that I'm bias or anything... ;)
- BSides Manchester | @BSidesMCR
Just to name a couple, obviously there's plenty more!
-
SteelCon | @Steel_Con - A bit more expensive than the other two, but 100% worth it! All the money from tickets goes straight back into the conference. From swag bags to other stuff, I tend to pay the most attention to the swag bags!
-
Securi-Tay | @AbertayHackers - Unfortunately, there's no Taylor Swift just cold weather... A student run conference in Dundee (Scotland), great for those still finding their feet. Just a forewarning, you'll likely hear legal tender mentioned, alot.
There's so many more! Cybersecurity Conferences is a great website to see what's coming up.
Probably the only none technical part of this guide, keep your personal and professional feelings separate. What I mean by this is, if you go for an interview, for example, and, for whatever reason, you're unsuccessful let it go. Forget about it, if you see them at a conference or a meetup say hi, have a drink with them, pretend it never happened. It's not personal, it's just business! It's the same with personal feelings. It's a tight community, you will see that person again, be it at a conference or work-related. Again, put it behind you, get the work done and carry on! If it's at a conference and you don't want to be near them, it's simple, DON'T. Just be civil and move on, there's plenty of other people to talk and hang around with! Just whatever you do, avoid the alcohol, especially if it's a "big thing". You really don't want to have an argument infront of potential future employers (alcohol really can bring out the worst in you, and it'll always be at the worst time possible)!