- Offensive Security https://www.offensive-security.com/
- Pentester Academy http://www.pentesteracademy.com/
- Pentester Lab https://pentesterlab.com/
- TechNet Virtual Labs at MSDN https://technet.microsoft.com/en-us/virtuallabs?id=NTkHaAS3VmA
- Veronis https://www.varonis.com/learn/web-security-fundamentals/
- Easy CTF https://easyctf.com/ and https://github.com/easyctf (includes writeups)
- Pico CTF http://picoctf.com
- Natas https://overthewire.org/wargames/natas/
- Ice CTF https://icec.tf
- more here https://www.reddit.com/r/AskNetsec/comments/3hfx61/extremely_newbie_friendly_ctfs/
- The Web Application Hacker's Handbook http://mdsec.net/wahh/
- humber bundle for hackers
- hacker's playbook
- https://www.reddit.com/r/securityCTF
- https://www.reddit.com/r/netsec
- https://www.reddit.com/r/asknetsec
- Smashing the Stack for Fun and Profit by Aleph One http://insecure.org/stf/smashstack.html
- Varonis 6 part guide to pentesting https://blog.varonis.com/varonis-six-part-guide-to-penetration-testing/