Learning

Advanced pentesting platform with machines, challenges and a structured Academy with courses from beginner to expert.

Danish cybersecurity platform with hands-on labs and exercises. Focuses on practical learning in network security and hacking.

Beginner-friendly platform with guided learning rooms covering hacking, networking and defence. Perfect for starting from scratch.

Classic war games for learning Linux, bash and security concepts via the terminal. Bandit is the perfect first step for absolute beginners.

Danish cybersecurity learning platform with courses and workshops aimed at both beginners and experienced security professionals.

Free, in-depth course platform from the creators of Burp Suite. Covers everything in web application security with labs and explanations.

Practically focused courses in ethical hacking and pentesting. Known for the Practical Ethical Hacking course and affordable pricing.

Hands-on platform focused on web application security. Exercises built around real vulnerabilities such as SQL injection, XSS, XXE and deserialisation.

Classic open source practice app with vulnerabilities across difficulty levels. Perfect for practising SQL injection, brute force, file inclusion and command injection locally.

Interactive and visual platform that explains common attack types step by step. Ideal introduction to OWASP Top 10 for both developers and security professionals.

The most comprehensive guide to testing web application security. Covers everything from authentication and session management to API security and encryption.

Developer-focused security learning with lessons on vulnerable code in real programming languages. Covers injection, XXE, SSRF, insecure deserialization and much more.

Deliberately vulnerable web application designed to teach about security flaws in practice. Run locally and learn by exploiting OWASP Top 10 vulnerabilities in a safe environment.

The largest public database of exploits and vulnerable software. Maintained by Offensive Security and used by penetration testers to find known CVE exploits.

Curated list of Unix binaries that can be used to escalate privileges, bypass restrictions or establish reverse shells. Indispensable during Linux privilege escalation.

Comprehensive wiki with techniques, tricks and cheatsheets for penetration testing and CTF. Covers network, Active Directory, cloud, web and much more — used by professionals worldwide.

The Windows equivalent of GTFOBins. A collection of Windows binaries, scripts and libraries that can be abused by attackers to evade detection and escalate privileges.

The world's most recognised penetration testing course from Offensive Security. Hands-on lab environment focused on practical exploitation, privilege escalation and report writing.

Open GitHub repository with a huge collection of payloads and bypasses for use during penetration testing. Covers everything from SQLi and XSS to SSRF, XXE and file upload bypasses.

Globally recognised knowledge base of attack techniques and tactics used by threat actors. An indispensable reference for threat modelling and SOC work.

Open source project with guidelines, documentation and resources on web security. OWASP Top 10 is the standard reference for web vulnerabilities.

YouTube channel with detailed walkthroughs of Hack The Box machines. One of the best ways to learn pentesting methodology.

YouTube channel and blog with in-depth videos on CTF solutions, reverse engineering and bug bounty. Excellent for understanding low-level security.

Jack Rhysiders prisvindende podcast om sande historier fra den mørke side af internettet — hackers, datalæk, cyberkriminalitet og statssponserede angreb. En af de bedste introer til infosec.

Daglig 5-minutters podcast fra SANS Internet Storm Center med de seneste trusler, sårbarheder og sikkerhedsnyheder. Perfekt til at holde sig opdateret på daglig basis.

Podcast fra Cybereason der fortæller de sande historier bag store cyberangreb og sikkerhedshændelser. Dybtgående research og velfortalt narrativ om APT-grupper og cyberkriminalitet.

Ugentlig podcast med Patrick Gray der interviewer de mest indflydelsesrige stemmer i sikkerhedsindustrien. Fokus på aktuelle hændelser, politik og trends i cybersikkerhed.

Langvarig ugentlig podcast med Steve Gibson og Leo Laporte der går i dybden med tekniske sikkerhedsemner — kryptering, protokoller, sårbarheder og aktuelle angreb.

Ugentlig podcast med Graham Cluley og Carole Theriault der dækker de seneste cybersikkerhedsnyheder med humor og indsigt. God blanding af seriøst indhold og underholdning.