I am writing this thread for the people that is interested in Red Team and Pen-Testing. These are some of the sites I read to further my education and people I follow on youtube and twitch. https://itsfoss.com/best-kali-linux-tools/ (Links to an external site.) Kali tools to learn https://hkh4cks.com/blog/2018/01/22/common-enumeration-tools/ (Links to an external site.) enumeration tools and arguments http://dfir.org/?q=node/8 (Links to an external site.) Recommended books to read , many topics to choose from https://www.aditiconsulting.com/11-important-interview-questions-for-network-penetration-testers/ (Links to an external site.) important interview questions https://www.edureka.co/blog/interview-questions/cybersecurity-interview-questions/ (Links to an external site.) interview questions https://resources.infosecinstitute.com/top-30-penetration-tester-pentester-interview-questions-and-answers-for-2019/#gref (Links to an external site.) and more interview questions https://thehackermaker.com/learning-resources/ (Links to an external site.) some training websites and books to read https://www.hackingtutorials.org/ (Links to an external site.) tutorials to watch and learn http://www.xss-game.appspot.com/level1 (Links to an external site.) test your XSS skills here https://netsec.ws/?p=309 (Links to an external site.)Linux Privilege Escalation Scripts https://www.upwork.com/search/profiles/?nbs=1&q=pen-testing (Links to an external site.) once you get some mad skills, you can sell yourself here and build up your resume in the process. https://netsec.ws/?p=331 (Links to an external site.) Creating Metasploit Payloads https://www.instagram.com/648hrk/ (Links to an external site.) this guy always has some crazy videos to learn from https://hackingsecuritytools.blogspot.com/2019/05/cross-site-scripting-xss-complete-tutorial-guide.html (Links to an external site.) XSS training guide http://breakthesecurity.cysecurity.org/category/hacking-tutorials (Links to an external site.) hacking tutorials http://breakthesecurity.cysecurity.org/2010/12/hacking-website-using-sql-injection-step-by-step-guide.html (Links to an external site.) SQL injection training guide https://ired.team/offensive-security-experiments/offensive-security-cheetsheets/sql-injection-xss-playground (Links to an external site.) SQLInjection and XSS Playground, click the links on the left side of the page to get more articles to learn from https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ (Links to an external site.) Basic Linux Priv ESC http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet (Links to an external site.) Reverse Shell Cheatsheet https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/ (Links to an external site.) Windows Priv ESC methods for pen testers https://www.jb51.net/tools/xss.htm (Links to an external site.) XSS Cheat Sheet https://nmap.org/nsedoc/categories/vuln.html (Links to an external site.) Nmap Scripts and explanation https://www.vulnhub.com/resources/ (Links to an external site.) training sites, books, VPNs, and more https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview# (Links to an external site.) planning on taking the OSCP ? these boxes from HTB are very similar https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ (Links to an external site.) https://www.hackingarticles.in/penetration-testing/ (Links to an external site.) Raj Chandels blog has so much free information to give. There is a wealth of knowledge just on this website, no need to go anywhere else really. Make sure you go threw the 4 tabs: CTF Challenges; Web Penetration Testing; Red Teaming; Penetration Testing Paid web sites I use: https://www.elearnsecurity.com/# (Links to an external site.) this web site has certifications to prep you for your pen testing career. I would use this site before attempting to take the OSCP. The OSCP is the golden ticket to get you past the HR department, but there is more knowledge in the eLearning training. https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/ (Links to an external site.) OSCP is the golden ticket to get your application looked at. This is by means no easy test, but you can do it if you put the time in. There are plenty of write ups about this 24hr exam , you will just have to comb the web to find them. This is a entry level certification, but first lets get you some training to prep for this and your future career. https://overthewire.org/wargames/ (Links to an external site.) Start off with Bandit , this site will train you and help you succeed as a pen tester. There is many levels to each game and as you go from one level to the next it gets harder. Train and learn what they have to offer. Stuck ? youtube is your best friend https://www.hackthebox.eu/ (Links to an external site.) you think you are ready to test your mad skills ? you can either pay the $12 dollars a month for all the retired boxes or you hack into there server and get your invite code. I will give you one tid bit of advice........... Once you get your Base64 code decrypted you will need to refresh your HTB screen or as I did opened 2 HTB windows and put the Base 64 code into the new, fresh window. Ok Now onto YouTube people I follow or some that I follow: https://www.youtube.com/user/elithecomputerguy/videos (Links to an external site.) Eli the computer Guy, a lot of great training videos https://www.youtube.com/user/NetworkChuck/videos?pbjreload=10 (Links to an external site.) CCNA guru https://www.youtube.com/user/professormesser/videos (Links to an external site.) Professor Messer cant say enough about this gentleman, he also has free monthly live training classes for Sec+, and A+ just go to his website and join in for free. This is your goto guy for comptia training https://www.youtube.com/user/ConfigTerm/videos (Links to an external site.) David Bombal - Cisco Guru among other things https://www.youtube.com/user/Ceophreak/videos (Links to an external site.) CEOS3C Linux training and application training https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g/videos (Links to an external site.) Null Byte some interesting training videos for the pen tester https://www.youtube.com/channel/UCPeJcqbi8v46Adk59plaaXg (Links to an external site.) Burp training for the Web APP Pen Testing https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q/videos (Links to an external site.) Hackersploit great training videos for hackers https://www.youtube.com/user/zaidsabeeh/videos (Links to an external site.) Zaid great instructor and has great videos https://www.youtube.com/user/cristivlad25/videos (Links to an external site.) Cristi has a lot of great videos for the Pen tester, and he is always adding new videos weekly. Add him on Linkedin https://www.youtube.com/user/saintdrug/videos (Links to an external site.) Black Hat Ethical Hacking , great videos for applications you will use during hacking https://www.youtube.com/channel/UC31jVeFdiPWsxMRqhXapRGQ/videos (Links to an external site.) Injection, this guy was coding for a long time before he started hacking, he is a little hard to follow sometimes, but you can learn from his videos https://www.youtube.com/channel/UCCZDt7MuC3Hzs6IH4xODLBw/videos (Links to an external site.) Nahamsec has videos for the hacker https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/videos (Links to an external site.) IppSec , this guy is great, great videos, you can learn a lot from this guy if you are pursuing ethical hacking or pen testing. Add him on Linkedin Ok if you have not heard of Bug Bounty Hunting you are falling behind. Bug Bounty is where you testing company programs to find vulnerabilities before it hits the market. You may or may not know when coders are given a project they do not have a lot of time to implement security functions. So now companies send there software to bug bounty hunters and you try to hack it. If you find a vulnerability, you write it up and submit it and get paid $$$$$. There was one guy that made his first million within 2 years of bug hunting. There is a picture online where 6 people is standing together where they all have earned a million plus due to bug hunting. The main one I follow is Bugcrowd. https://www.youtube.com/channel/UCo1NHk_bgbAbDBc4JinrXww/videos (Links to an external site.) they walk you threw and answer a lot of questions on there training videos https://www.youtube.com/channel/UCQN2DsjnYH60SFBIA6IkNwg/videos (Links to an external site.) STOK , this guy here, Jeff Spicoli from fast times at ridgemont high made over. he reminds me of him so much it is just to funny. But STOK makes a career on Bug Hunting and has gotten paid a lot of money. https://www.synack.com/red-team/ (Links to an external site.) Once you think you have mad skills in either hacking or bug hunting apply to this corporation and excel in your career. These are top notch people in the game Ok I have saved the best for last. The Cyber Mentor . He has a ton of great training videos to learn from including Buffer over Flows, Linux for ethical hackers, to pen testing for noobs and zero to hero. He also has free live classes on twitch every wed night at 8pm Eastern. The last free training he was doing is Web APP Pen Testing. This is something you might think about studying on now. I would say 99.9% of businesses has a web page, so the need of web app pen testing will explode within time. Get a head of the power curve. If you are new to the game start with Pen Testing for Noobs , he will hold your hand and walk you threw each stage of the hacking methodology. Next I would go with Zero-to-Hero training videos. Should be 16 of them and finally Web App pen testing. This guy is the greatest, he will talk with you and answer all your questions about anything you can think of. Add him on Linkedin, twitch, and twitter. Go to his website and subscribe to his emails, you will get texts when he goes live. He will either has a live class like Active Directory hacking, or who knows what or he might just be playing Overwatch and answer your questions for the 2 or so hours. https://www.youtube.com/channel/UC0ArlFuFYMpEewyRBzdLHiw/videos