Courses and documentation

Always be on the lookout for discounts on courses and platforms that host machines. Usually it's around thanksgiving, black friday, christmas, boxing day, back to school (end of summer or early fall), for first time users... Some platforms offer discounts for students and veterans.

ex. TCM security around November/thanksgiving : GOBBLEGOBBLE25 (for 2025)

SECTIONS: General, Web apps, OSINT, AI, Cloud, Mobile apps and phones, IoT

These platforms can be useful in learning about both offensive and defensive security:

Cybrary: an online learning platform offering cybersecurity and IT courses, ranging from beginner to advanced topics. ($ + FREE)

TCM Security: offers professional training in cybersecurity (offensive and defensive security, programming languages, job search...) with free YouTube courses available. ($ + FREE)

EC-Council Code Red: subscription-based learning platform for cyber professionals created by EC-Council, the leader in cyber security training. Has content on offensive and defensive security. ($ + FREE)

Hack The Box Academy: an online cybersecurity training platform provided by Hack The Box, offering interactive, guided courses and learning paths to help users develop their cybersecurity skills through hands-on practice with real-world scenarios, covering a range of skill levels from beginner to advanced. They also offer blue team (defensive) training. The offer their own certifications. ($ + Free)

Security Creators: a page listing cybersecurity related content creators (tutorials, podcasts, walkthroughs, courses...) created by By ZetaTwo . (FREE)

INE: offers online training and certification courses in cybersecurity, ethical hacking, networking, cloud management, data science and other IT skills, with practical labs and exams. ($)

YouTube channels. (FREE)

Check out Daniel Kelley's resources for more.

Web apps

Hacksplaining: interactive tutorials to help individuals learn and understand web security concepts and common vulnerabilities. (FREE)

APIsec University: offers specialized courses focused on API security and pentesting, helping professionals learn to secure APIs and develop safe applications. (FREE)

OWASP Top Ten: a list of the ten most critical web application security risks, offering detailed guidelines for secure coding and development. The list is updated every year. (FREE)

OSINT

OSINTOPIA (FR): a platform offering educational content on OSINT tools and methodologies, challenging activities, a collaborative community, and practical resources to enhance learning and skills development in open-source intelligence. (FREE)

OSINT Dojo: a variety of resources for learning and practicing open-source intelligence (OSINT), including guides, tools, and tutorials to enhance investigative skills. (FREE)

AI

Hack:

Ai For ethical hackers

Learn how to hack and use AI

AI Red Teaming 101 – Full Course

Webinar: A Guide to AI Red Teaming

Protect:

Building ‍Security into AI

Defending AI

Cloud

Hack:

Hacking GCP - Mini-series

Learn AWS Pentesting

Protect:

NIST SP 800-210

CSA Security Guidance

Azure / Google / AWS

Mobile apps and phones:

Hack:

The Complete Mobile Ethical Hacking Course

Mobile Application Penetration Testing

Protect:

NIST SP 800-124r2

Demystifying Mobile Forensics

Google Android Vulnerability Classes PDF

IoT (Internet of Things)

Hack:

Guide to IoT and Hardware Hacking

IoT & Hardware Hacking

Matt Brown on YouTube

Anyone can hack IoT- Beginner’s Guide to Hacking Your First IoT Device - Andrew Bellini

Protect:

ManySecured: Securing the IoT

How to Protect IoT Networks & Devices

NIST's Cybersecurity for IoT Program

Securing the Internet of Things(IoT)