Useful resources for CTFs.
! = Recommended
!! = Must Read
- Hacking: The Art of Exploitation, 2nd Edition (!!)
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes (!)
- A Guide to Kernel Exploitation: Attacking the Core
- The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (!!)
- The Browser Hacker's Handbook
- Cryptography Engineering: Design Principles and Practical Applications
- Introduction to Modern Cryptography
- The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
- Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
- Black Hat Python: Python Programming for Hackers and Pentesters
- A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
- Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
- The Tangled Web: A Guide to Securing Modern Web Applications
- The Art of Software Security Assessment
- Red Team Field Manual
- Modern Binary Exploitation (RPI)
- Offensive Computer Security (Florida State)
- SEEDLabs (Syracuse)
- ISIS Hack Night (NYU Poly)
- Network Security (Stonybrook)
- Computer Systems Security (MIT)
- Computer Security (Berkeley)
- Open Security Training
- Lena's Reversing for Newbies
- Learn Operating Systems Online
Someone else runs these machines and gave YOU permission to exploit them to proceed to the next level. Start at level0 and proceed to become a 1337 hacker.
Download a VM and hack away at it on your own machine. Perfect for those rare times you don't have internet but need to hack something.
Reversing challenges that you can download and reverse engineer to your hearts desire.
Attack / Defend style challenges aren't typically hosted online. But these ones are.
Remember when you were an aspiring computer nerd and said "I want to be a game developer!" well, this is sort of like that except for hackers.
The World Wide Web, where "wide" describes the size of the security holes.
Do large prime numbers really wet your whistle? Ever dream of having a key exchange with Diffie and Hellman? Does RSA make your toes tingle? These are for you.
Various collections of challenges that don't cleanly fit in one category
- Google Gruyere
- Pwnable (Defunct?)
- Backdoor (Jeopardy)
- Microcorruption (Embedded)
- Starfighter
- Counterhack
- Hellbound Hackers
- RingZer0
- W3Challs
- Robert Graham
- Michal Zalewski
- Dan Kaminsky
- Matthew Green
- Bruce Schneier
- Moxie Marlinspike
- Steve Bellovin
- NCC Group
- Breaking Malware
- CTF Introduction and Information
- Malloc Exploitation
- Smashing The Stack For Fun and Profit(!!)
- Modern Stack Smashing
- Stack Canaries
- Global Offset Table Hijacking
- Reverse Engineering for Beginners
- Learn Python the Hard Way
- Corelan Security Articles
- Metasploit Unleashed
- Pentester Lab, Web app penetration testing
- ARM memory corruption
- CTFTime Scoreboard & Writeups
- CTF Writeups Repo
- Captf CTF/Wargame List