Goosint Cybersecurity Learning

A curated list of amazing tools and resources related to cybersecurity learning and practicing platforms.

Most of the tools are completely free, but some you need to pay to get the certificate. Enjoy them! 🧙‍♂️

Table of Contents

• Cybersecurity Courses
• Cybersecurity Practical Platforms
  • Attack and Defense
  • Attack
  • Defense
  • General Cybersecurity Training
  • OSINT and Cryptography

↑ Credits

Goosint is a personal project that started out in May 2023 as initially for sharing amazing, free, and ready-to-use Open-source intelligence (OSINT) tools for cybersecurity specialists. At the end of 2023, the plateform has expanded to cover other topics in the field of peoples’ safety in France, and Information Security in general. In February 2025, I decided to migrate my website, goosint.com, with +300 resources curated for almost 2 years to github.com and make it more collaborative.

↑ Contributing

If you want to add other tools or have any suggestions to improve this project, you can contact me here.

PS. I still need to work on a proper contribution process in github. Please give me some time 🤠.

↑ Cybersecurity Courses

Free and paid courses covering cybersecurity fundamentals, certifications, and advanced topics.

• Introduction to Cybersecurity (Palo Alto) - 1.8 hours - Beginner.
• Cybersecurity Basics (edX) - 2 hours - Beginner.
• Intro to Cybersecurity (Udacity) - 24 courses - Beginner.
• Preparation to Certified in Cybersecurity℠ (ISC2) - Self-paced - Beginner.
• Cybersecurity Courses (Cisco) - 7 courses (+200 hours) - Beginner.
• Information Security (OpenLearn) - 10 hours - Beginner.
• Cybersecurity Courses (OpenClassRoom) - 20 courses - Beginner.
• Cybersecurity for All by Maryland (Coursera) - 20 courses - Beginner.
• Cybersecurity Courses (LinkedIn) - Self-paced - Beginner.
• French Agency Cybersecurity Courses (ANSSI) - Self-paced - Beginner.
• America’s Agency Cybersecurity Courses (CISA) - Self-paced - Beginner.
• Introduction to Cybersecurity by Tandon School - 60 hours - Intermediate.
• Professional Cybersecurity Certificate by Google - 7 hours/week for 6 months - Intermediate.
• Professional Cybersecurity Certificate by Microsoft - 10 hours/week for 6 months - Intermediate.
• Web Security Academy (PortSwigger) - At your own speed - Advanced.
• Cybersecurity Essentials (EC-Council) - 5 courses - Intermediate.
• Introduction to Splunk - At your own speed - Intermediate.
• Introduction to Qualys - At your own speed - Intermediate.
• Introduction to Tenable - At your own speed - Intermediate.
• Cyber Threat Intelligence 101 (ArcX) - 4 hours - Intermediate.
• Cyber Threat Intelligence (CrowdSec) - 8 courses - Intermediate.
• Introduction to Privacy Framework (NIST) - 3–4 hours - Intermediate.
• Introduction to Risk Management Framework (NIST) - 4 courses - Intermediate.
• Cyber Talent Kids - Kids - Beginner.

↑ Cybersecurity Practical Platforms

Practical platforms for attack, defense, and general cybersecurity skills.

↑ Attack and Defense

Platforms to practice both offensive and defensive cybersecurity skills.

• TryHackMe - Interactive labs for learning cybersecurity.
• Hack The Box - Real-world penetration testing challenges.
• Academy Hack The Box - Cybersecurity training with hands-on labs.
• OWASP Juice Shop - A vulnerable web app for security testing.
• The Black Side - Offensive and defensive security challenges.
• KC7 Cyber - Training for ethical hacking and blue team operations.
• PWN College - Advanced cybersecurity education and CTF challenges.

↑ Attack

Platforms focused on ethical hacking and penetration testing.

• Hack This Site - Online ethical hacking challenges.
• 247 CTF - Capture the Flag (CTF) hacking challenges.
• TryCrackMe - Hacking challenges for skill development.
• Root ME - Cybersecurity challenges and exercises.
• PentestLab by Seela - Penetration testing practice environment.
• Red Labs Platform - Red team training simulations.
• Hackviser - Ethical hacking and penetration testing.
• Practice OWASP top 10 - Learn common web vulnerabilities.
• vAPI: vulnerable API - API security testing challenges.
• G&J Shop: vulnerable shop - Web application security practice.
• PortSwigger Labs - Web security testing playground.
• crAPI: vulnerable API - API exploitation challenges.
• bWAPP: vulnerable Web App - Web application security training.

↑ Defense

Platforms focused on cyber defense and blue team operations.

• BlueTeamLabs - Blue team training and threat hunting.
• LetsDefend - SOC analyst training and exercises.
• BlueTeamsLabs Online - Cyber defense simulations and incident response.
• CyberDefenders - Hands-on blue team challenges.

↑ General Cybersecurity Training

Hands-on learning platforms for various cybersecurity topics.

• Cybrary - Online cybersecurity courses and labs.
• Hackropole - French cybersecurity training platform.
• ImmersiveLabs - Interactive cybersecurity skills training.
• Veracode Labs - Application security labs.

↑ OSINT and Cryptography

Platforms specialized in OSINT and cryptography challenges.

• OSINTOPIA - Open-source intelligence (OSINT) challenges.
• CryptoHack - Cryptography challenges and puzzles.

↑ License

This work is licensed under CC BY-NC-SA 4.0. In other words, share generously but provide attribution to the authors (e.g, credit: goosint.com).

Sincerely, Khalil B.