Security tools and resources

Learn

• Awesome AppSec - curated list of resources for learning about application security
• Damn Vulnerable Web App (DVWA) - a vulnerable web application used for security training
• OWASP Juice Shop - a vulnerable web application used for security training
• OWASP Node Goat - a vulnerable web application used for security training with tutorials
• XCS100: Introduction to Web Security - a free introductory course to web security by Stanford University
• Offensive Security

News

• Insecure.org – offers security news and other security resources
• OWASP Top 10 - the top 10 web application security risks according to the Open Web Application Security Project (OWASP)
• SecLists.org – archive of the most common security mailing lists

Tools

• Kali Linux - a operating system focused on penetration testing and bundled with thousands of security tools
• SecTools.org – the top 100 network security tools
• Nmap.org – host of the Nmap security scanner and its documentation