Trainings


Here is a list of some free trainings and courses about information security I found while browsing the Web. I hope it will help you to get a better understanding of the various field of information security.

Note: This section is constantly evolving. Last update: October 16, 2019.

Modern Binary Exploitation

Modern Binary Exploitation (MBE) is a free course developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute. It covers basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux-based userland binary exploitation. It also focus on protections found on modern systems and the techniques used to defeat them. This course come with a large number of labs that I’ll explain in this write-up.

Malware Analysis

Malware Analysis is a free course developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run soley by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills in reverse engineering, malicious behaviour, malware, and anti-analysis techniques.

Hack Night

Developed from the materials of NYU Tandon’s old Penetration Testing and Vulnerability Analysis course, Hack Night is a sobering introduction to offensive security. A lot of complex technical content is covered including, source code auditing, web security, application security and reverse engineering.

Offensive Computer Security

Developed by the Florida State University Computer Science Department, the Offensive Computer Security class vision is to fill the common gaps left by most University level security courses, by giving students a deep technical perspective of how things are attacked and hacked.

RE101

RE101 is a free workshop provided by Amanda Rousseau (@malwareunicorn). This workshop provides the fundamentals of reversing engineering (RE) Windows malware using a hands-on experience with RE tools and techniques. It will teach you RE terms and processes, followed by creating a basic x86 assembly program, and reviewing RE tools and malware techniques. The course will conclude by participants performing hands-on malware analysis that consists of Triage, Static, and Dynamic analysis.

Bugcrowd University

Bugcrowd University is a free and open source project to help level-up our security researchers. It includes content modules to help our researchers find the most critical and prevalent bugs that impact our customers. Each module will have slide content, videos, and labs for researchers to master the art of bug hunting.

Heap Exploitation

Heap Exploitation is a short book wrote for people who want to understand the internals of heap memory, particularly the implementation of glibc’s malloc and free procedures, and also for security researchers who want to get started in the field of heap exploitation.

ROP Emporium

ROP Emporium helps you to learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering and bug-hunting.

SQLi Labs

SQLi Labs provides multiple workshops to experients various SQL Injections type.

Web Security Academy

The Web Security Academy contains free training on cybersecurity topics, including security vulnerabilities, techniques for finding and exploiting security flaws, and defensive measures for avoiding them.