Useful resources
For reference and inspiration
- Security controls: 18 CIS Controls & Resources
- Security risks for Web applications: OWASP Top Ten
- Adversary tactics and techniques: MITRE ATT&CK
Vulnerability databases
- CVE Details (cvedetails.com)
- National Vulnerability Database (NIST)
Demos
- Fingerprinting: Cover Your Tracks (Electronic Frontier Foundation – EFF)
- SQL Injection: SQL Injection demo (codingame.com)
Miscellaneous
- Is it Worth the Time? (xkcd)